From be414e4476371567a824099767b6c91a0123d626 Mon Sep 17 00:00:00 2001 From: Fabio Alessandrelli Date: Mon, 1 Apr 2019 02:14:42 +0200 Subject: Revert "Update libwebsockets to 3.1 (plus UWP patch)" This reverts commit 90210c48627692d281554d6185b5db17a86c852a. --- thirdparty/README.md | 12 +- thirdparty/libwebsockets/core/alloc.c | 92 + thirdparty/libwebsockets/core/context.c | 1962 ++++++ thirdparty/libwebsockets/core/libwebsockets.c | 3479 +++++++++ thirdparty/libwebsockets/core/output.c | 320 + thirdparty/libwebsockets/core/pollfd.c | 616 ++ thirdparty/libwebsockets/core/private.h | 1770 +++++ thirdparty/libwebsockets/core/service.c | 987 +++ thirdparty/libwebsockets/event-libs/poll/poll.c | 43 + thirdparty/libwebsockets/event-libs/poll/private.h | 23 + thirdparty/libwebsockets/event-libs/private.h | 74 + thirdparty/libwebsockets/include/libwebsockets.h | 435 -- .../include/libwebsockets/lws-adopt.h | 185 - .../include/libwebsockets/lws-callbacks.h | 807 --- .../libwebsockets/include/libwebsockets/lws-cgi.h | 103 - .../include/libwebsockets/lws-client.h | 231 - .../include/libwebsockets/lws-context-vhost.h | 927 --- .../libwebsockets/include/libwebsockets/lws-dbus.h | 90 - .../include/libwebsockets/lws-diskcache.h | 185 - .../include/libwebsockets/lws-esp32.h | 226 - .../libwebsockets/include/libwebsockets/lws-fts.h | 214 - .../include/libwebsockets/lws-genhash.h | 171 - .../include/libwebsockets/lws-genrsa.h | 190 - .../libwebsockets/include/libwebsockets/lws-http.h | 685 -- .../libwebsockets/include/libwebsockets/lws-jwk.h | 110 - .../libwebsockets/include/libwebsockets/lws-jws.h | 101 - .../libwebsockets/include/libwebsockets/lws-lejp.h | 262 - .../libwebsockets/include/libwebsockets/lws-logs.h | 224 - .../include/libwebsockets/lws-lwsac.h | 191 - .../libwebsockets/include/libwebsockets/lws-misc.h | 836 --- .../include/libwebsockets/lws-network-helper.h | 105 - .../libwebsockets/lws-plugin-generic-sessions.h | 74 - .../include/libwebsockets/lws-protocols-plugins.h | 229 - .../include/libwebsockets/lws-purify.h | 81 - .../libwebsockets/include/libwebsockets/lws-ring.h | 305 - .../include/libwebsockets/lws-service.h | 215 - .../include/libwebsockets/lws-sha1-base64.h | 93 - .../libwebsockets/include/libwebsockets/lws-spa.h | 140 - .../include/libwebsockets/lws-stats.h | 75 - .../include/libwebsockets/lws-threadpool.h | 231 - .../include/libwebsockets/lws-timeout-timer.h | 164 - .../include/libwebsockets/lws-tokenize.h | 136 - .../libwebsockets/include/libwebsockets/lws-vfs.h | 269 - .../include/libwebsockets/lws-write.h | 235 - .../include/libwebsockets/lws-writeable.h | 225 - .../include/libwebsockets/lws-ws-close.h | 124 - .../include/libwebsockets/lws-ws-ext.h | 197 - .../include/libwebsockets/lws-ws-state.h | 92 - .../libwebsockets/include/libwebsockets/lws-x509.h | 177 - thirdparty/libwebsockets/include/lws_config.h | 195 - thirdparty/libwebsockets/ipv6_fixes.diff | 20 +- thirdparty/libwebsockets/lib/core/adopt.c | 414 -- thirdparty/libwebsockets/lib/core/alloc.c | 92 - thirdparty/libwebsockets/lib/core/connect.c | 287 - thirdparty/libwebsockets/lib/core/context.c | 1865 ----- thirdparty/libwebsockets/lib/core/dummy-callback.c | 611 -- thirdparty/libwebsockets/lib/core/libwebsockets.c | 3986 ----------- thirdparty/libwebsockets/lib/core/output.c | 323 - thirdparty/libwebsockets/lib/core/pollfd.c | 566 -- thirdparty/libwebsockets/lib/core/private.h | 1573 ----- thirdparty/libwebsockets/lib/core/service.c | 1114 --- .../libwebsockets/lib/event-libs/poll/poll.c | 43 - .../libwebsockets/lib/event-libs/poll/private.h | 23 - thirdparty/libwebsockets/lib/event-libs/private.h | 74 - thirdparty/libwebsockets/lib/lws_config_private.h | 145 - thirdparty/libwebsockets/lib/misc/base64-decode.c | 241 - thirdparty/libwebsockets/lib/misc/getifaddrs.c | 270 - thirdparty/libwebsockets/lib/misc/getifaddrs.h | 80 - thirdparty/libwebsockets/lib/misc/lejp.c | 753 -- thirdparty/libwebsockets/lib/misc/sha-1.c | 296 - thirdparty/libwebsockets/lib/plat/unix/private.h | 169 - thirdparty/libwebsockets/lib/plat/unix/unix-caps.c | 85 - thirdparty/libwebsockets/lib/plat/unix/unix-fds.c | 54 - thirdparty/libwebsockets/lib/plat/unix/unix-file.c | 172 - thirdparty/libwebsockets/lib/plat/unix/unix-init.c | 97 - thirdparty/libwebsockets/lib/plat/unix/unix-misc.c | 83 - thirdparty/libwebsockets/lib/plat/unix/unix-pipe.c | 62 - .../libwebsockets/lib/plat/unix/unix-service.c | 204 - .../libwebsockets/lib/plat/unix/unix-sockets.c | 263 - .../libwebsockets/lib/plat/windows/private.h | 148 - .../libwebsockets/lib/plat/windows/windows-fds.c | 76 - .../libwebsockets/lib/plat/windows/windows-file.c | 185 - .../libwebsockets/lib/plat/windows/windows-init.c | 110 - .../libwebsockets/lib/plat/windows/windows-misc.c | 108 - .../libwebsockets/lib/plat/windows/windows-pipe.c | 46 - .../lib/plat/windows/windows-service.c | 194 - .../lib/plat/windows/windows-sockets.c | 288 - thirdparty/libwebsockets/lib/roles/h1/ops-h1.c | 1040 --- thirdparty/libwebsockets/lib/roles/h1/private.h | 27 - .../lib/roles/http/client/client-handshake.c | 1066 --- .../libwebsockets/lib/roles/http/client/client.c | 1274 ---- thirdparty/libwebsockets/lib/roles/http/header.c | 529 -- .../lib/roles/http/lextable-strings.h | 104 - thirdparty/libwebsockets/lib/roles/http/lextable.h | 838 --- thirdparty/libwebsockets/lib/roles/http/private.h | 277 - .../libwebsockets/lib/roles/http/server/fops-zip.c | 668 -- .../lib/roles/http/server/lejp-conf.c | 1036 --- .../libwebsockets/lib/roles/http/server/parsers.c | 1168 ---- .../libwebsockets/lib/roles/http/server/server.c | 2743 -------- .../libwebsockets/lib/roles/listen/ops-listen.c | 188 - thirdparty/libwebsockets/lib/roles/pipe/ops-pipe.c | 97 - thirdparty/libwebsockets/lib/roles/private.h | 315 - .../lib/roles/raw-file/ops-raw-file.c | 108 - .../libwebsockets/lib/roles/raw-skt/ops-raw-skt.c | 233 - .../libwebsockets/lib/roles/ws/client-parser-ws.c | 607 -- thirdparty/libwebsockets/lib/roles/ws/client-ws.c | 634 -- thirdparty/libwebsockets/lib/roles/ws/ops-ws.c | 2021 ------ thirdparty/libwebsockets/lib/roles/ws/private.h | 164 - thirdparty/libwebsockets/lib/roles/ws/server-ws.c | 874 --- .../libwebsockets/lib/tls/mbedtls/lws-genhash.c | 202 - .../libwebsockets/lib/tls/mbedtls/lws-genrsa.c | 329 - .../libwebsockets/lib/tls/mbedtls/mbedtls-client.c | 245 - .../libwebsockets/lib/tls/mbedtls/mbedtls-server.c | 699 -- thirdparty/libwebsockets/lib/tls/mbedtls/ssl.c | 509 -- .../tls/mbedtls/wrapper/include/internal/ssl3.h | 44 - .../mbedtls/wrapper/include/internal/ssl_cert.h | 55 - .../mbedtls/wrapper/include/internal/ssl_code.h | 124 - .../tls/mbedtls/wrapper/include/internal/ssl_dbg.h | 190 - .../tls/mbedtls/wrapper/include/internal/ssl_lib.h | 30 - .../mbedtls/wrapper/include/internal/ssl_methods.h | 121 - .../mbedtls/wrapper/include/internal/ssl_pkey.h | 86 - .../mbedtls/wrapper/include/internal/ssl_stack.h | 52 - .../mbedtls/wrapper/include/internal/ssl_types.h | 303 - .../mbedtls/wrapper/include/internal/ssl_x509.h | 110 - .../tls/mbedtls/wrapper/include/internal/tls1.h | 58 - .../mbedtls/wrapper/include/internal/x509_vfy.h | 116 - .../lib/tls/mbedtls/wrapper/include/openssl/ssl.h | 1833 ----- .../tls/mbedtls/wrapper/include/platform/ssl_pm.h | 61 - .../mbedtls/wrapper/include/platform/ssl_port.h | 46 - .../lib/tls/mbedtls/wrapper/library/ssl_cert.c | 87 - .../lib/tls/mbedtls/wrapper/library/ssl_lib.c | 1736 ----- .../lib/tls/mbedtls/wrapper/library/ssl_methods.c | 81 - .../lib/tls/mbedtls/wrapper/library/ssl_pkey.c | 239 - .../lib/tls/mbedtls/wrapper/library/ssl_stack.c | 74 - .../lib/tls/mbedtls/wrapper/library/ssl_x509.c | 354 - .../lib/tls/mbedtls/wrapper/platform/ssl_pm.c | 907 --- .../lib/tls/mbedtls/wrapper/platform/ssl_port.c | 29 - thirdparty/libwebsockets/lib/tls/private.h | 286 - thirdparty/libwebsockets/lib/tls/tls-client.c | 153 - thirdparty/libwebsockets/lib/tls/tls-server.c | 388 -- thirdparty/libwebsockets/lib/tls/tls.c | 505 -- thirdparty/libwebsockets/libwebsockets.h | 7346 ++++++++++++++++++++ thirdparty/libwebsockets/lws_config.h | 195 + thirdparty/libwebsockets/lws_config_private.h | 145 + thirdparty/libwebsockets/misc/base64-decode.c | 242 + thirdparty/libwebsockets/misc/getifaddrs.c | 270 + thirdparty/libwebsockets/misc/getifaddrs.h | 80 + thirdparty/libwebsockets/misc/lejp.c | 753 ++ thirdparty/libwebsockets/misc/sha-1.c | 300 + thirdparty/libwebsockets/plat/lws-plat-unix.c | 982 +++ thirdparty/libwebsockets/plat/lws-plat-win.c | 852 +++ thirdparty/libwebsockets/roles/h1/ops-h1.c | 701 ++ thirdparty/libwebsockets/roles/h1/private.h | 27 + .../roles/http/client/client-handshake.c | 1284 ++++ .../libwebsockets/roles/http/client/client.c | 1243 ++++ thirdparty/libwebsockets/roles/http/header.c | 421 ++ .../libwebsockets/roles/http/lextable-strings.h | 108 + thirdparty/libwebsockets/roles/http/lextable.h | 838 +++ thirdparty/libwebsockets/roles/http/private.h | 258 + .../libwebsockets/roles/http/server/access-log.c | 182 + .../libwebsockets/roles/http/server/fops-zip.c | 668 ++ .../libwebsockets/roles/http/server/lejp-conf.c | 993 +++ .../libwebsockets/roles/http/server/parsers.c | 1137 +++ .../libwebsockets/roles/http/server/server.c | 2765 ++++++++ thirdparty/libwebsockets/roles/listen/ops-listen.c | 177 + thirdparty/libwebsockets/roles/pipe/ops-pipe.c | 81 + thirdparty/libwebsockets/roles/private.h | 282 + thirdparty/libwebsockets/roles/raw/ops-raw.c | 223 + .../libwebsockets/roles/ws/client-parser-ws.c | 605 ++ thirdparty/libwebsockets/roles/ws/client-ws.c | 629 ++ thirdparty/libwebsockets/roles/ws/ops-ws.c | 1994 ++++++ thirdparty/libwebsockets/roles/ws/private.h | 164 + thirdparty/libwebsockets/roles/ws/server-ws.c | 836 +++ thirdparty/libwebsockets/tls/mbedtls/lws-genhash.c | 202 + thirdparty/libwebsockets/tls/mbedtls/lws-genrsa.c | 329 + .../libwebsockets/tls/mbedtls/mbedtls-client.c | 240 + .../libwebsockets/tls/mbedtls/mbedtls-server.c | 694 ++ thirdparty/libwebsockets/tls/mbedtls/ssl.c | 518 ++ .../tls/mbedtls/wrapper/include/internal/ssl3.h | 44 + .../mbedtls/wrapper/include/internal/ssl_cert.h | 55 + .../mbedtls/wrapper/include/internal/ssl_code.h | 124 + .../tls/mbedtls/wrapper/include/internal/ssl_dbg.h | 190 + .../tls/mbedtls/wrapper/include/internal/ssl_lib.h | 30 + .../mbedtls/wrapper/include/internal/ssl_methods.h | 121 + .../mbedtls/wrapper/include/internal/ssl_pkey.h | 86 + .../mbedtls/wrapper/include/internal/ssl_stack.h | 52 + .../mbedtls/wrapper/include/internal/ssl_types.h | 303 + .../mbedtls/wrapper/include/internal/ssl_x509.h | 110 + .../tls/mbedtls/wrapper/include/internal/tls1.h | 58 + .../mbedtls/wrapper/include/internal/x509_vfy.h | 116 + .../tls/mbedtls/wrapper/include/openssl/ssl.h | 1833 +++++ .../tls/mbedtls/wrapper/include/platform/ssl_pm.h | 61 + .../mbedtls/wrapper/include/platform/ssl_port.h | 46 + .../tls/mbedtls/wrapper/library/ssl_cert.c | 87 + .../tls/mbedtls/wrapper/library/ssl_lib.c | 1736 +++++ .../tls/mbedtls/wrapper/library/ssl_methods.c | 81 + .../tls/mbedtls/wrapper/library/ssl_pkey.c | 239 + .../tls/mbedtls/wrapper/library/ssl_stack.c | 74 + .../tls/mbedtls/wrapper/library/ssl_x509.c | 354 + .../tls/mbedtls/wrapper/platform/ssl_pm.c | 907 +++ .../tls/mbedtls/wrapper/platform/ssl_port.c | 29 + thirdparty/libwebsockets/tls/private.h | 281 + thirdparty/libwebsockets/tls/tls-client.c | 150 + thirdparty/libwebsockets/tls/tls-server.c | 382 + thirdparty/libwebsockets/tls/tls.c | 522 ++ thirdparty/libwebsockets/uwp_fixes.diff | 14 +- thirdparty/libwebsockets/win32helpers/getopt.c | 306 +- .../libwebsockets/win32helpers/getopt_long.c | 480 +- .../libwebsockets/win32helpers/gettimeofday.c | 70 +- 209 files changed, 46652 insertions(+), 51149 deletions(-) create mode 100644 thirdparty/libwebsockets/core/alloc.c create mode 100644 thirdparty/libwebsockets/core/context.c create mode 100644 thirdparty/libwebsockets/core/libwebsockets.c create mode 100644 thirdparty/libwebsockets/core/output.c create mode 100644 thirdparty/libwebsockets/core/pollfd.c create mode 100644 thirdparty/libwebsockets/core/private.h create mode 100644 thirdparty/libwebsockets/core/service.c create mode 100644 thirdparty/libwebsockets/event-libs/poll/poll.c create mode 100644 thirdparty/libwebsockets/event-libs/poll/private.h create mode 100644 thirdparty/libwebsockets/event-libs/private.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-adopt.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-callbacks.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-cgi.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-client.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-context-vhost.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-dbus.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-diskcache.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-esp32.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-fts.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-genhash.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-genrsa.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-http.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-jwk.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-jws.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-lejp.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-logs.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-lwsac.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-misc.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-network-helper.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-plugin-generic-sessions.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-protocols-plugins.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-purify.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-ring.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-service.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-sha1-base64.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-spa.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-stats.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-threadpool.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-timeout-timer.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-tokenize.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-vfs.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-write.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-writeable.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-ws-close.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-ws-ext.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-ws-state.h delete mode 100644 thirdparty/libwebsockets/include/libwebsockets/lws-x509.h delete mode 100644 thirdparty/libwebsockets/include/lws_config.h delete mode 100644 thirdparty/libwebsockets/lib/core/adopt.c delete mode 100644 thirdparty/libwebsockets/lib/core/alloc.c delete mode 100644 thirdparty/libwebsockets/lib/core/connect.c delete mode 100644 thirdparty/libwebsockets/lib/core/context.c delete mode 100644 thirdparty/libwebsockets/lib/core/dummy-callback.c delete mode 100644 thirdparty/libwebsockets/lib/core/libwebsockets.c delete mode 100644 thirdparty/libwebsockets/lib/core/output.c delete mode 100644 thirdparty/libwebsockets/lib/core/pollfd.c delete mode 100644 thirdparty/libwebsockets/lib/core/private.h delete mode 100644 thirdparty/libwebsockets/lib/core/service.c delete mode 100644 thirdparty/libwebsockets/lib/event-libs/poll/poll.c delete mode 100644 thirdparty/libwebsockets/lib/event-libs/poll/private.h delete mode 100644 thirdparty/libwebsockets/lib/event-libs/private.h delete mode 100644 thirdparty/libwebsockets/lib/lws_config_private.h delete mode 100644 thirdparty/libwebsockets/lib/misc/base64-decode.c delete mode 100644 thirdparty/libwebsockets/lib/misc/getifaddrs.c delete mode 100644 thirdparty/libwebsockets/lib/misc/getifaddrs.h delete mode 100644 thirdparty/libwebsockets/lib/misc/lejp.c delete mode 100644 thirdparty/libwebsockets/lib/misc/sha-1.c delete mode 100644 thirdparty/libwebsockets/lib/plat/unix/private.h delete mode 100644 thirdparty/libwebsockets/lib/plat/unix/unix-caps.c delete mode 100644 thirdparty/libwebsockets/lib/plat/unix/unix-fds.c delete mode 100644 thirdparty/libwebsockets/lib/plat/unix/unix-file.c delete mode 100644 thirdparty/libwebsockets/lib/plat/unix/unix-init.c delete mode 100644 thirdparty/libwebsockets/lib/plat/unix/unix-misc.c delete mode 100644 thirdparty/libwebsockets/lib/plat/unix/unix-pipe.c delete mode 100644 thirdparty/libwebsockets/lib/plat/unix/unix-service.c delete mode 100644 thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c delete mode 100644 thirdparty/libwebsockets/lib/plat/windows/private.h delete mode 100644 thirdparty/libwebsockets/lib/plat/windows/windows-fds.c delete mode 100644 thirdparty/libwebsockets/lib/plat/windows/windows-file.c delete mode 100644 thirdparty/libwebsockets/lib/plat/windows/windows-init.c delete mode 100644 thirdparty/libwebsockets/lib/plat/windows/windows-misc.c delete mode 100644 thirdparty/libwebsockets/lib/plat/windows/windows-pipe.c delete mode 100644 thirdparty/libwebsockets/lib/plat/windows/windows-service.c delete mode 100644 thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c delete mode 100644 thirdparty/libwebsockets/lib/roles/h1/ops-h1.c delete mode 100644 thirdparty/libwebsockets/lib/roles/h1/private.h delete mode 100644 thirdparty/libwebsockets/lib/roles/http/client/client-handshake.c delete mode 100644 thirdparty/libwebsockets/lib/roles/http/client/client.c delete mode 100644 thirdparty/libwebsockets/lib/roles/http/header.c delete mode 100644 thirdparty/libwebsockets/lib/roles/http/lextable-strings.h delete mode 100644 thirdparty/libwebsockets/lib/roles/http/lextable.h delete mode 100644 thirdparty/libwebsockets/lib/roles/http/private.h delete mode 100644 thirdparty/libwebsockets/lib/roles/http/server/fops-zip.c delete mode 100644 thirdparty/libwebsockets/lib/roles/http/server/lejp-conf.c delete mode 100644 thirdparty/libwebsockets/lib/roles/http/server/parsers.c delete mode 100644 thirdparty/libwebsockets/lib/roles/http/server/server.c delete mode 100644 thirdparty/libwebsockets/lib/roles/listen/ops-listen.c delete mode 100644 thirdparty/libwebsockets/lib/roles/pipe/ops-pipe.c delete mode 100644 thirdparty/libwebsockets/lib/roles/private.h delete mode 100644 thirdparty/libwebsockets/lib/roles/raw-file/ops-raw-file.c delete mode 100644 thirdparty/libwebsockets/lib/roles/raw-skt/ops-raw-skt.c delete mode 100644 thirdparty/libwebsockets/lib/roles/ws/client-parser-ws.c delete mode 100644 thirdparty/libwebsockets/lib/roles/ws/client-ws.c delete mode 100644 thirdparty/libwebsockets/lib/roles/ws/ops-ws.c delete mode 100644 thirdparty/libwebsockets/lib/roles/ws/private.h delete mode 100644 thirdparty/libwebsockets/lib/roles/ws/server-ws.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/lws-genhash.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-client.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-server.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/ssl.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl3.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_cert.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_code.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_dbg.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_lib.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_methods.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_pkey.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_stack.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_types.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_x509.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/tls1.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/x509_vfy.h delete mode 100755 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/openssl/ssl.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_pm.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_port.h delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_cert.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_lib.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_methods.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_pkey.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_stack.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_x509.c delete mode 100755 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_pm.c delete mode 100644 thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_port.c delete mode 100644 thirdparty/libwebsockets/lib/tls/private.h delete mode 100644 thirdparty/libwebsockets/lib/tls/tls-client.c delete mode 100644 thirdparty/libwebsockets/lib/tls/tls-server.c delete mode 100644 thirdparty/libwebsockets/lib/tls/tls.c create mode 100644 thirdparty/libwebsockets/libwebsockets.h create mode 100644 thirdparty/libwebsockets/lws_config.h create mode 100644 thirdparty/libwebsockets/lws_config_private.h create mode 100644 thirdparty/libwebsockets/misc/base64-decode.c create mode 100644 thirdparty/libwebsockets/misc/getifaddrs.c create mode 100644 thirdparty/libwebsockets/misc/getifaddrs.h create mode 100644 thirdparty/libwebsockets/misc/lejp.c create mode 100644 thirdparty/libwebsockets/misc/sha-1.c create mode 100644 thirdparty/libwebsockets/plat/lws-plat-unix.c create mode 100644 thirdparty/libwebsockets/plat/lws-plat-win.c create mode 100644 thirdparty/libwebsockets/roles/h1/ops-h1.c create mode 100644 thirdparty/libwebsockets/roles/h1/private.h create mode 100644 thirdparty/libwebsockets/roles/http/client/client-handshake.c create mode 100644 thirdparty/libwebsockets/roles/http/client/client.c create mode 100644 thirdparty/libwebsockets/roles/http/header.c create mode 100644 thirdparty/libwebsockets/roles/http/lextable-strings.h create mode 100644 thirdparty/libwebsockets/roles/http/lextable.h create mode 100644 thirdparty/libwebsockets/roles/http/private.h create mode 100644 thirdparty/libwebsockets/roles/http/server/access-log.c create mode 100644 thirdparty/libwebsockets/roles/http/server/fops-zip.c create mode 100644 thirdparty/libwebsockets/roles/http/server/lejp-conf.c create mode 100644 thirdparty/libwebsockets/roles/http/server/parsers.c create mode 100644 thirdparty/libwebsockets/roles/http/server/server.c create mode 100644 thirdparty/libwebsockets/roles/listen/ops-listen.c create mode 100644 thirdparty/libwebsockets/roles/pipe/ops-pipe.c create mode 100644 thirdparty/libwebsockets/roles/private.h create mode 100644 thirdparty/libwebsockets/roles/raw/ops-raw.c create mode 100644 thirdparty/libwebsockets/roles/ws/client-parser-ws.c create mode 100644 thirdparty/libwebsockets/roles/ws/client-ws.c create mode 100644 thirdparty/libwebsockets/roles/ws/ops-ws.c create mode 100644 thirdparty/libwebsockets/roles/ws/private.h create mode 100644 thirdparty/libwebsockets/roles/ws/server-ws.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/lws-genhash.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/lws-genrsa.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/mbedtls-client.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/mbedtls-server.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/ssl.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl3.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_cert.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_code.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_dbg.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_lib.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_methods.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_pkey.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_stack.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_types.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_x509.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/tls1.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/x509_vfy.h create mode 100755 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/openssl/ssl.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_pm.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_port.h create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_cert.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_lib.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_methods.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_pkey.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_stack.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_x509.c create mode 100755 thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_pm.c create mode 100644 thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_port.c create mode 100644 thirdparty/libwebsockets/tls/private.h create mode 100644 thirdparty/libwebsockets/tls/tls-client.c create mode 100644 thirdparty/libwebsockets/tls/tls-server.c create mode 100644 thirdparty/libwebsockets/tls/tls.c (limited to 'thirdparty') diff --git a/thirdparty/README.md b/thirdparty/README.md index b4a9b83331..bc820634bb 100644 --- a/thirdparty/README.md +++ b/thirdparty/README.md @@ -265,17 +265,17 @@ changes are marked with `// -- GODOT --` comments. ## libwebsockets - Upstream: https://github.com/warmcat/libwebsockets -- Version: 3.1.0 +- Version: 3.0.1 - License: LGPLv2.1 + static linking exception File extracted from upstream source: -- From `lib/` into `thirdparty/libwebsockets/lib`: +- From `lib/` into `thirdparty/libwebsockets`: - Everything from `core` - - From `event-libs` only the `poll` subfolder and the `private.h` header - - From `misc` only `base64-decode.c`, `getifaddrs.c`, `getifaddrs.h`, `lejp.c`, and `sha-1.c` (and the `private.h` header) - - From `plat` everything from `unix` and `windows` (and the `private.h` header) + - From `event-libs` only the `poll` subfolder + - From `misc` only `base64-decode.c`, `getifaddrs.c`, `getifaddrs.h`, `lejp.c`, and `sha-1.c` + - From `plat` only `lws-plat-unix.c` and `lws-plat-win.c` - From `roles` only `private.h`, `h1`, `http`, `listen`, `pipe`, `raw`, `ws` - - From `roles/http` exclude `minilex.c` and the `compression` subfolder + - From `roles/http` exclude `minilex.c` - From `roles/http/server` exclude `access-log.c`, `lws-spa.c`, `ranges.c`, and `rewrite.c` - From `roles/ws` exclude `ext` folder. - From `tls` exclude `openssl` folder. diff --git a/thirdparty/libwebsockets/core/alloc.c b/thirdparty/libwebsockets/core/alloc.c new file mode 100644 index 0000000000..f169fc3767 --- /dev/null +++ b/thirdparty/libwebsockets/core/alloc.c @@ -0,0 +1,92 @@ +#include "core/private.h" + +#if defined(LWS_PLAT_OPTEE) + +#define TEE_USER_MEM_HINT_NO_FILL_ZERO 0x80000000 + +void *__attribute__((weak)) + TEE_Malloc(uint32_t size, uint32_t hint) +{ + return NULL; +} +void *__attribute__((weak)) + TEE_Realloc(void *buffer, uint32_t newSize) +{ + return NULL; +} +void __attribute__((weak)) + TEE_Free(void *buffer) +{ +} + +void *lws_realloc(void *ptr, size_t size, const char *reason) +{ + return TEE_Realloc(ptr, size); +} + +void *lws_malloc(size_t size, const char *reason) +{ + return TEE_Malloc(size, TEE_USER_MEM_HINT_NO_FILL_ZERO); +} + +void lws_free(void *p) +{ + TEE_Free(p); +} + +void *lws_zalloc(size_t size, const char *reason) +{ + void *ptr = TEE_Malloc(size, TEE_USER_MEM_HINT_NO_FILL_ZERO); + if (ptr) + memset(ptr, 0, size); + return ptr; +} + +void lws_set_allocator(void *(*cb)(void *ptr, size_t size, const char *reason)) +{ + (void)cb; +} +#else + +static void *_realloc(void *ptr, size_t size, const char *reason) +{ + if (size) { +#if defined(LWS_WITH_ESP32) + lwsl_notice("%s: size %lu: %s (free heap %d)\n", __func__, + (unsigned long)size, reason, (unsigned int)esp_get_free_heap_size() - (int)size); +#else + lwsl_debug("%s: size %lu: %s\n", __func__, + (unsigned long)size, reason); +#endif +#if defined(LWS_PLAT_OPTEE) + return (void *)TEE_Realloc(ptr, size); +#else + return (void *)realloc(ptr, size); +#endif + } + if (ptr) + free(ptr); + + return NULL; +} + +void *(*_lws_realloc)(void *ptr, size_t size, const char *reason) = _realloc; + +void *lws_realloc(void *ptr, size_t size, const char *reason) +{ + return _lws_realloc(ptr, size, reason); +} + +void *lws_zalloc(size_t size, const char *reason) +{ + void *ptr = _lws_realloc(NULL, size, reason); + if (ptr) + memset(ptr, 0, size); + return ptr; +} + +void lws_set_allocator(void *(*cb)(void *ptr, size_t size, const char *reason)) +{ + _lws_realloc = cb; +} +#endif diff --git a/thirdparty/libwebsockets/core/context.c b/thirdparty/libwebsockets/core/context.c new file mode 100644 index 0000000000..7be004df33 --- /dev/null +++ b/thirdparty/libwebsockets/core/context.c @@ -0,0 +1,1962 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +#ifndef LWS_BUILD_HASH +#define LWS_BUILD_HASH "unknown-build-hash" +#endif + +const struct lws_role_ops *available_roles[] = { +#if defined(LWS_ROLE_H2) + &role_ops_h2, +#endif +#if defined(LWS_ROLE_H1) + &role_ops_h1, +#endif +#if defined(LWS_ROLE_WS) + &role_ops_ws, +#endif + NULL +}; + +const struct lws_event_loop_ops *available_event_libs[] = { +#if defined(LWS_WITH_POLL) + &event_loop_ops_poll, +#endif +#if defined(LWS_WITH_LIBUV) + &event_loop_ops_uv, +#endif +#if defined(LWS_WITH_LIBEVENT) + &event_loop_ops_event, +#endif +#if defined(LWS_WITH_LIBEV) + &event_loop_ops_ev, +#endif + NULL +}; + +static const char *library_version = LWS_LIBRARY_VERSION " " LWS_BUILD_HASH; + +/** + * lws_get_library_version: get version and git hash library built from + * + * returns a const char * to a string like "1.1 178d78c" + * representing the library version followed by the git head hash it + * was built from + */ +LWS_VISIBLE const char * +lws_get_library_version(void) +{ + return library_version; +} + +int +lws_role_call_alpn_negotiated(struct lws *wsi, const char *alpn) +{ +#if defined(LWS_WITH_TLS) + if (!alpn) + return 0; + + lwsl_info("%s: '%s'\n", __func__, alpn); + + LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) + if (ar->alpn && !strcmp(ar->alpn, alpn) && ar->alpn_negotiated) + return ar->alpn_negotiated(wsi, alpn); + LWS_FOR_EVERY_AVAILABLE_ROLE_END; +#endif + return 0; +} + +static const char * const mount_protocols[] = { + "http://", + "https://", + "file://", + "cgi://", + ">http://", + ">https://", + "callback://" +}; + +LWS_VISIBLE void * +lws_protocol_vh_priv_zalloc(struct lws_vhost *vhost, + const struct lws_protocols *prot, int size) +{ + int n = 0; + + /* allocate the vh priv array only on demand */ + if (!vhost->protocol_vh_privs) { + vhost->protocol_vh_privs = (void **)lws_zalloc( + vhost->count_protocols * sizeof(void *), + "protocol_vh_privs"); + if (!vhost->protocol_vh_privs) + return NULL; + } + + while (n < vhost->count_protocols && &vhost->protocols[n] != prot) + n++; + + if (n == vhost->count_protocols) { + n = 0; + while (n < vhost->count_protocols && + strcmp(vhost->protocols[n].name, prot->name)) + n++; + + if (n == vhost->count_protocols) + return NULL; + } + + vhost->protocol_vh_privs[n] = lws_zalloc(size, "vh priv"); + return vhost->protocol_vh_privs[n]; +} + +LWS_VISIBLE void * +lws_protocol_vh_priv_get(struct lws_vhost *vhost, + const struct lws_protocols *prot) +{ + int n = 0; + + if (!vhost || !vhost->protocol_vh_privs || !prot) + return NULL; + + while (n < vhost->count_protocols && &vhost->protocols[n] != prot) + n++; + + if (n == vhost->count_protocols) { + n = 0; + while (n < vhost->count_protocols && + strcmp(vhost->protocols[n].name, prot->name)) + n++; + + if (n == vhost->count_protocols) { + lwsl_err("%s: unknown protocol %p\n", __func__, prot); + return NULL; + } + } + + return vhost->protocol_vh_privs[n]; +} + +static const struct lws_protocol_vhost_options * +lws_vhost_protocol_options(struct lws_vhost *vh, const char *name) +{ + const struct lws_protocol_vhost_options *pvo = vh->pvo; + + if (!name) + return NULL; + + while (pvo) { + if (!strcmp(pvo->name, name)) + return pvo; + pvo = pvo->next; + } + + return NULL; +} + +/* + * inform every vhost that hasn't already done it, that + * his protocols are initializing + */ +LWS_VISIBLE int +lws_protocol_init(struct lws_context *context) +{ + struct lws_vhost *vh = context->vhost_list; + const struct lws_protocol_vhost_options *pvo, *pvo1; + struct lws wsi; + int n, any = 0; + + if (context->doing_protocol_init) + return 0; + + context->doing_protocol_init = 1; + + memset(&wsi, 0, sizeof(wsi)); + wsi.context = context; + + lwsl_info("%s\n", __func__); + + while (vh) { + wsi.vhost = vh; + + /* only do the protocol init once for a given vhost */ + if (vh->created_vhost_protocols || + (vh->options & LWS_SERVER_OPTION_SKIP_PROTOCOL_INIT)) + goto next; + + /* initialize supported protocols on this vhost */ + + for (n = 0; n < vh->count_protocols; n++) { + wsi.protocol = &vh->protocols[n]; + if (!vh->protocols[n].name) + continue; + pvo = lws_vhost_protocol_options(vh, + vh->protocols[n].name); + if (pvo) { + /* + * linked list of options specific to + * vh + protocol + */ + pvo1 = pvo; + pvo = pvo1->options; + + while (pvo) { + lwsl_debug( + " vhost \"%s\", " + "protocol \"%s\", " + "option \"%s\"\n", + vh->name, + vh->protocols[n].name, + pvo->name); + + if (!strcmp(pvo->name, "default")) { + lwsl_info("Setting default " + "protocol for vh %s to %s\n", + vh->name, + vh->protocols[n].name); + vh->default_protocol_index = n; + } + if (!strcmp(pvo->name, "raw")) { + lwsl_info("Setting raw " + "protocol for vh %s to %s\n", + vh->name, + vh->protocols[n].name); + vh->raw_protocol_index = n; + } + pvo = pvo->next; + } + + pvo = pvo1->options; + } + +#if defined(LWS_WITH_TLS) + any |= !!vh->tls.ssl_ctx; +#endif + + /* + * inform all the protocols that they are doing their + * one-time initialization if they want to. + * + * NOTE the wsi is all zeros except for the context, vh + * + protocol ptrs so lws_get_context(wsi) etc can work + */ + if (vh->protocols[n].callback(&wsi, + LWS_CALLBACK_PROTOCOL_INIT, NULL, + (void *)pvo, 0)) { + lws_free(vh->protocol_vh_privs[n]); + vh->protocol_vh_privs[n] = NULL; + lwsl_err("%s: protocol %s failed init\n", __func__, + vh->protocols[n].name); + } + } + + vh->created_vhost_protocols = 1; +next: + vh = vh->vhost_next; + } + + context->doing_protocol_init = 0; + + if (!context->protocol_init_done) + lws_finalize_startup(context); + + context->protocol_init_done = 1; + + if (any) + lws_tls_check_all_cert_lifetimes(context); + + return 0; +} + +LWS_VISIBLE int +lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason, + void *user, void *in, size_t len) +{ + struct lws_ssl_info *si; +#ifdef LWS_WITH_CGI + struct lws_cgi_args *args; +#endif +#if defined(LWS_WITH_CGI) || defined(LWS_WITH_HTTP_PROXY) + char buf[512]; + int n; +#endif + + switch (reason) { +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + case LWS_CALLBACK_HTTP: +#ifndef LWS_NO_SERVER + if (lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL)) + return -1; + + if (lws_http_transaction_completed(wsi)) +#endif + return -1; + break; +#if !defined(LWS_NO_SERVER) + case LWS_CALLBACK_HTTP_FILE_COMPLETION: + if (lws_http_transaction_completed(wsi)) + return -1; + break; +#endif + + case LWS_CALLBACK_HTTP_WRITEABLE: +#ifdef LWS_WITH_CGI + if (wsi->reason_bf & (LWS_CB_REASON_AUX_BF__CGI_HEADERS | + LWS_CB_REASON_AUX_BF__CGI)) { + n = lws_cgi_write_split_stdout_headers(wsi); + if (n < 0) { + lwsl_debug("AUX_BF__CGI forcing close\n"); + return -1; + } + if (!n) + lws_rx_flow_control( + wsi->http.cgi->stdwsi[LWS_STDOUT], 1); + + if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__CGI_HEADERS) + wsi->reason_bf &= + ~LWS_CB_REASON_AUX_BF__CGI_HEADERS; + else + wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__CGI; + break; + } + + if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__CGI_CHUNK_END) { + if (!wsi->http2_substream) { + memcpy(buf + LWS_PRE, "0\x0d\x0a\x0d\x0a", 5); + lwsl_debug("writing chunk term and exiting\n"); + n = lws_write(wsi, (unsigned char *)buf + + LWS_PRE, 5, LWS_WRITE_HTTP); + } else + n = lws_write(wsi, (unsigned char *)buf + + LWS_PRE, 0, + LWS_WRITE_HTTP_FINAL); + + /* always close after sending it */ + return -1; + } +#endif +#if defined(LWS_WITH_HTTP_PROXY) + if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__PROXY) { + char *px = buf + LWS_PRE; + int lenx = sizeof(buf) - LWS_PRE; + + /* + * our sink is writeable and our source has something + * to read. So read a lump of source material of + * suitable size to send or what's available, whichever + * is the smaller. + */ + wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__PROXY; + if (!lws_get_child(wsi)) + break; + if (lws_http_client_read(lws_get_child(wsi), &px, + &lenx) < 0) + return -1; + break; + } +#endif + break; + +#if defined(LWS_WITH_HTTP_PROXY) + case LWS_CALLBACK_RECEIVE_CLIENT_HTTP: + assert(lws_get_parent(wsi)); + if (!lws_get_parent(wsi)) + break; + lws_get_parent(wsi)->reason_bf |= LWS_CB_REASON_AUX_BF__PROXY; + lws_callback_on_writable(lws_get_parent(wsi)); + break; + + case LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ: + assert(lws_get_parent(wsi)); + n = lws_write(lws_get_parent(wsi), (unsigned char *)in, + len, LWS_WRITE_HTTP); + if (n < 0) + return -1; + break; + + case LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP: { + unsigned char *p, *end; + char ctype[64], ctlen = 0; + + p = (unsigned char *)buf + LWS_PRE; + end = p + sizeof(buf) - LWS_PRE; + + if (lws_add_http_header_status(lws_get_parent(wsi), + HTTP_STATUS_OK, &p, end)) + return 1; + if (lws_add_http_header_by_token(lws_get_parent(wsi), + WSI_TOKEN_HTTP_SERVER, + (unsigned char *)"libwebsockets", + 13, &p, end)) + return 1; + + ctlen = lws_hdr_copy(wsi, ctype, sizeof(ctype), + WSI_TOKEN_HTTP_CONTENT_TYPE); + if (ctlen > 0) { + if (lws_add_http_header_by_token(lws_get_parent(wsi), + WSI_TOKEN_HTTP_CONTENT_TYPE, + (unsigned char *)ctype, ctlen, &p, end)) + return 1; + } + + if (lws_finalize_http_header(lws_get_parent(wsi), &p, end)) + return 1; + + *p = '\0'; + n = lws_write(lws_get_parent(wsi), + (unsigned char *)buf + LWS_PRE, + p - ((unsigned char *)buf + LWS_PRE), + LWS_WRITE_HTTP_HEADERS); + if (n < 0) + return -1; + + break; } + +#endif + +#ifdef LWS_WITH_CGI + /* CGI IO events (POLLIN/OUT) appear here, our default policy is: + * + * - POST data goes on subprocess stdin + * - subprocess stdout goes on http via writeable callback + * - subprocess stderr goes to the logs + */ + case LWS_CALLBACK_CGI: + args = (struct lws_cgi_args *)in; + switch (args->ch) { /* which of stdin/out/err ? */ + case LWS_STDIN: + /* TBD stdin rx flow control */ + break; + case LWS_STDOUT: + /* quench POLLIN on STDOUT until MASTER got writeable */ + lws_rx_flow_control(args->stdwsi[LWS_STDOUT], 0); + wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI; + /* when writing to MASTER would not block */ + lws_callback_on_writable(wsi); + break; + case LWS_STDERR: + n = lws_get_socket_fd(args->stdwsi[LWS_STDERR]); + if (n < 0) + break; + n = read(n, buf, sizeof(buf) - 2); + if (n > 0) { + if (buf[n - 1] != '\n') + buf[n++] = '\n'; + buf[n] = '\0'; + lwsl_notice("CGI-stderr: %s\n", buf); + } + break; + } + break; + + case LWS_CALLBACK_CGI_TERMINATED: + lwsl_debug("LWS_CALLBACK_CGI_TERMINATED: %d %" PRIu64 "\n", + wsi->http.cgi->explicitly_chunked, + (uint64_t)wsi->http.cgi->content_length); + if (!wsi->http.cgi->explicitly_chunked && + !wsi->http.cgi->content_length) { + /* send terminating chunk */ + lwsl_debug("LWS_CALLBACK_CGI_TERMINATED: ending\n"); + wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI_CHUNK_END; + lws_callback_on_writable(wsi); + lws_set_timeout(wsi, PENDING_TIMEOUT_CGI, 3); + break; + } + return -1; + + case LWS_CALLBACK_CGI_STDIN_DATA: /* POST body for stdin */ + args = (struct lws_cgi_args *)in; + args->data[args->len] = '\0'; + n = lws_get_socket_fd(args->stdwsi[LWS_STDIN]); + if (n < 0) + return -1; + n = write(n, args->data, args->len); + if (n < args->len) + lwsl_notice("LWS_CALLBACK_CGI_STDIN_DATA: " + "sent %d only %d went", n, args->len); + return n; +#endif +#endif + case LWS_CALLBACK_SSL_INFO: + si = in; + + (void)si; + lwsl_notice("LWS_CALLBACK_SSL_INFO: where: 0x%x, ret: 0x%x\n", + si->where, si->ret); + break; + + default: + break; + } + + return 0; +} + +/* list of supported protocols and callbacks */ + +static const struct lws_protocols protocols_dummy[] = { + /* first protocol must always be HTTP handler */ + + { + "http-only", /* name */ + lws_callback_http_dummy, /* callback */ + 0, /* per_session_data_size */ + 0, /* rx_buffer_size */ + 0, /* id */ + NULL, /* user */ + 0 /* tx_packet_size */ + }, + /* + * the other protocols are provided by lws plugins + */ + { NULL, NULL, 0, 0, 0, NULL, 0} /* terminator */ +}; + +#ifdef LWS_PLAT_OPTEE +#undef LWS_HAVE_GETENV +#endif + +static void +lws_vhost_destroy2(struct lws_vhost *vh); + +LWS_VISIBLE struct lws_vhost * +lws_create_vhost(struct lws_context *context, + const struct lws_context_creation_info *info) +{ + struct lws_vhost *vh = lws_zalloc(sizeof(*vh), "create vhost"), + **vh1 = &context->vhost_list; + const struct lws_http_mount *mounts; + const struct lws_protocols *pcols = info->protocols; + const struct lws_protocol_vhost_options *pvo; +#ifdef LWS_WITH_PLUGINS + struct lws_plugin *plugin = context->plugin_list; +#endif + struct lws_protocols *lwsp; + int m, f = !info->pvo; + char buf[20]; +#if !defined(LWS_WITHOUT_CLIENT) && defined(LWS_HAVE_GETENV) + char *p; +#endif + int n; + + if (!vh) + return NULL; + +#if LWS_MAX_SMP > 1 + pthread_mutex_init(&vh->lock, NULL); +#endif + + if (!pcols) + pcols = &protocols_dummy[0]; + + vh->context = context; + if (!info->vhost_name) + vh->name = "default"; + else + vh->name = info->vhost_name; + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + vh->http.error_document_404 = info->error_document_404; +#endif + + if (info->options & LWS_SERVER_OPTION_ONLY_RAW) + lwsl_info("%s set to only support RAW\n", vh->name); + + vh->iface = info->iface; +#if !defined(LWS_WITH_ESP32) && \ + !defined(OPTEE_TA) && !defined(WIN32) + vh->bind_iface = info->bind_iface; +#endif + + for (vh->count_protocols = 0; + pcols[vh->count_protocols].callback; + vh->count_protocols++) + ; + + vh->options = info->options; + vh->pvo = info->pvo; + vh->headers = info->headers; + vh->user = info->user; + + LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) + if (ar->init_vhost) + if (ar->init_vhost(vh, info)) + return NULL; + LWS_FOR_EVERY_AVAILABLE_ROLE_END; + + + if (info->keepalive_timeout) + vh->keepalive_timeout = info->keepalive_timeout; + else + vh->keepalive_timeout = 5; + + if (info->timeout_secs_ah_idle) + vh->timeout_secs_ah_idle = info->timeout_secs_ah_idle; + else + vh->timeout_secs_ah_idle = 10; + +#if defined(LWS_WITH_TLS) + + vh->tls.alpn = info->alpn; + vh->tls.ssl_info_event_mask = info->ssl_info_event_mask; + + if (info->ecdh_curve) + lws_strncpy(vh->tls.ecdh_curve, info->ecdh_curve, + sizeof(vh->tls.ecdh_curve)); + + /* carefully allocate and take a copy of cert + key paths if present */ + n = 0; + if (info->ssl_cert_filepath) + n += (int)strlen(info->ssl_cert_filepath) + 1; + if (info->ssl_private_key_filepath) + n += (int)strlen(info->ssl_private_key_filepath) + 1; + + if (n) { + vh->tls.key_path = vh->tls.alloc_cert_path = lws_malloc(n, "vh paths"); + if (info->ssl_cert_filepath) { + n = (int)strlen(info->ssl_cert_filepath) + 1; + memcpy(vh->tls.alloc_cert_path, info->ssl_cert_filepath, n); + vh->tls.key_path += n; + } + if (info->ssl_private_key_filepath) + memcpy(vh->tls.key_path, info->ssl_private_key_filepath, + strlen(info->ssl_private_key_filepath) + 1); + } +#endif + + /* + * give the vhost a unified list of protocols including the + * ones that came from plugins + */ + lwsp = lws_zalloc(sizeof(struct lws_protocols) * (vh->count_protocols + + context->plugin_protocol_count + 1), + "vhost-specific plugin table"); + if (!lwsp) { + lwsl_err("OOM\n"); + return NULL; + } + + m = vh->count_protocols; + memcpy(lwsp, pcols, sizeof(struct lws_protocols) * m); + + /* for compatibility, all protocols enabled on vhost if only + * the default vhost exists. Otherwise only vhosts who ask + * for a protocol get it enabled. + */ + + if (context->options & LWS_SERVER_OPTION_EXPLICIT_VHOSTS) + f = 0; + (void)f; +#ifdef LWS_WITH_PLUGINS + if (plugin) { + + while (plugin) { + for (n = 0; n < plugin->caps.count_protocols; n++) { + /* + * for compatibility's sake, no pvo implies + * allow all protocols + */ + if (f || lws_vhost_protocol_options(vh, + plugin->caps.protocols[n].name)) { + memcpy(&lwsp[m], + &plugin->caps.protocols[n], + sizeof(struct lws_protocols)); + m++; + vh->count_protocols++; + } + } + plugin = plugin->list; + } + } +#endif + + if ( +#ifdef LWS_WITH_PLUGINS + (context->plugin_list) || +#endif + context->options & LWS_SERVER_OPTION_EXPLICIT_VHOSTS) + vh->protocols = lwsp; + else { + vh->protocols = pcols; + lws_free(lwsp); + } + + vh->same_vh_protocol_list = (struct lws **) + lws_zalloc(sizeof(struct lws *) * vh->count_protocols, + "same vh list"); +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + vh->http.mount_list = info->mounts; +#endif + +#ifdef LWS_WITH_UNIX_SOCK + if (LWS_UNIX_SOCK_ENABLED(context)) { + lwsl_notice("Creating Vhost '%s' path \"%s\", %d protocols\n", + vh->name, vh->iface, vh->count_protocols); + } else +#endif + { + switch(info->port) { + case CONTEXT_PORT_NO_LISTEN: + strcpy(buf, "(serving disabled)"); + break; + case CONTEXT_PORT_NO_LISTEN_SERVER: + strcpy(buf, "(no listener)"); + break; + default: + lws_snprintf(buf, sizeof(buf), "port %u", info->port); + break; + } + lwsl_notice("Creating Vhost '%s' %s, %d protocols, IPv6 %s\n", + vh->name, buf, vh->count_protocols, + LWS_IPV6_ENABLED(vh) ? "on" : "off"); + } + mounts = info->mounts; + while (mounts) { + (void)mount_protocols[0]; + lwsl_info(" mounting %s%s to %s\n", + mount_protocols[mounts->origin_protocol], + mounts->origin, mounts->mountpoint); + + /* convert interpreter protocol names to pointers */ + pvo = mounts->interpret; + while (pvo) { + for (n = 0; n < vh->count_protocols; n++) { + if (strcmp(pvo->value, vh->protocols[n].name)) + continue; + ((struct lws_protocol_vhost_options *)pvo)-> + value = (const char *)(lws_intptr_t)n; + break; + } + if (n == vh->count_protocols) + lwsl_err("ignoring unknown interp pr %s\n", + pvo->value); + pvo = pvo->next; + } + + mounts = mounts->mount_next; + } + + vh->listen_port = info->port; +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + vh->http.http_proxy_port = 0; + vh->http.http_proxy_address[0] = '\0'; +#endif +#if defined(LWS_WITH_SOCKS5) + vh->socks_proxy_port = 0; + vh->socks_proxy_address[0] = '\0'; +#endif + +#if !defined(LWS_WITHOUT_CLIENT) + /* either use proxy from info, or try get it from env var */ +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + /* http proxy */ + if (info->http_proxy_address) { + /* override for backwards compatibility */ + if (info->http_proxy_port) + vh->http.http_proxy_port = info->http_proxy_port; + lws_set_proxy(vh, info->http_proxy_address); + } else +#endif + { +#ifdef LWS_HAVE_GETENV + p = getenv("http_proxy"); + if (p) + lws_set_proxy(vh, p); +#endif + } +#endif +#if defined(LWS_WITH_SOCKS5) + /* socks proxy */ + if (info->socks_proxy_address) { + /* override for backwards compatibility */ + if (info->socks_proxy_port) + vh->socks_proxy_port = info->socks_proxy_port; + lws_set_socks(vh, info->socks_proxy_address); + } else { +#ifdef LWS_HAVE_GETENV + p = getenv("socks_proxy"); + if (p) + lws_set_socks(vh, p); +#endif + } +#endif + + vh->ka_time = info->ka_time; + vh->ka_interval = info->ka_interval; + vh->ka_probes = info->ka_probes; + + if (vh->options & LWS_SERVER_OPTION_STS) + lwsl_notice(" STS enabled\n"); + +#ifdef LWS_WITH_ACCESS_LOG + if (info->log_filepath) { + vh->log_fd = lws_open(info->log_filepath, + O_CREAT | O_APPEND | O_RDWR, 0600); + if (vh->log_fd == (int)LWS_INVALID_FILE) { + lwsl_err("unable to open log filepath %s\n", + info->log_filepath); + goto bail; + } +#ifndef WIN32 + if (context->uid != -1) + if (chown(info->log_filepath, context->uid, + context->gid) == -1) + lwsl_err("unable to chown log file %s\n", + info->log_filepath); +#endif + } else + vh->log_fd = (int)LWS_INVALID_FILE; +#endif + if (lws_context_init_server_ssl(info, vh)) { + lwsl_err("%s: lws_context_init_server_ssl failed\n", __func__); + goto bail1; + } + if (lws_context_init_client_ssl(info, vh)) { + lwsl_err("%s: lws_context_init_client_ssl failed\n", __func__); + goto bail1; + } + lws_context_lock(context); + n = _lws_vhost_init_server(info, vh); + lws_context_unlock(context); + if (n < 0) { + lwsl_err("init server failed\n"); + goto bail1; + } + + + while (1) { + if (!(*vh1)) { + *vh1 = vh; + break; + } + vh1 = &(*vh1)->vhost_next; + }; + + /* for the case we are adding a vhost much later, after server init */ + + if (context->protocol_init_done) + if (lws_protocol_init(context)) { + lwsl_err("%s: lws_protocol_init failed\n", __func__); + goto bail1; + } + + return vh; + +bail1: + lws_vhost_destroy(vh); + lws_vhost_destroy2(vh); + + return NULL; + +#ifdef LWS_WITH_ACCESS_LOG +bail: + lws_free(vh); +#endif + + return NULL; +} + +LWS_VISIBLE int +lws_init_vhost_client_ssl(const struct lws_context_creation_info *info, + struct lws_vhost *vhost) +{ + struct lws_context_creation_info i; + + memcpy(&i, info, sizeof(i)); + i.port = CONTEXT_PORT_NO_LISTEN; + + return lws_context_init_client_ssl(&i, vhost); +} + +LWS_VISIBLE void +lws_cancel_service_pt(struct lws *wsi) +{ + lws_plat_pipe_signal(wsi); +} + +LWS_VISIBLE void +lws_cancel_service(struct lws_context *context) +{ + struct lws_context_per_thread *pt = &context->pt[0]; + short m = context->count_threads; + + if (context->being_destroyed1) + return; + + lwsl_info("%s\n", __func__); + + while (m--) { + if (pt->pipe_wsi) + lws_plat_pipe_signal(pt->pipe_wsi); + pt++; + } +} + +int +lws_create_event_pipes(struct lws_context *context) +{ + struct lws *wsi; + int n; + + /* + * Create the pt event pipes... these are unique in that they are + * not bound to a vhost or protocol (both are NULL) + */ + + for (n = 0; n < context->count_threads; n++) { + if (context->pt[n].pipe_wsi) + continue; + + wsi = lws_zalloc(sizeof(*wsi), "event pipe wsi"); + if (!wsi) { + lwsl_err("Out of mem\n"); + return 1; + } + wsi->context = context; + lws_role_transition(wsi, 0, LRS_UNCONNECTED, &role_ops_pipe); + wsi->protocol = NULL; + wsi->tsi = n; + wsi->vhost = NULL; + wsi->event_pipe = 1; + wsi->desc.sockfd = LWS_SOCK_INVALID; + context->pt[n].pipe_wsi = wsi; + context->count_wsi_allocated++; + + if (lws_plat_pipe_create(wsi)) + /* + * platform code returns 0 if it actually created pipes + * and initialized pt->dummy_pipe_fds[]. If it used + * some other mechanism outside of signaling in the + * normal event loop, we skip treating the pipe as + * related to dummy_pipe_fds[], adding it to the fds, + * etc. + */ + continue; + + wsi->desc.sockfd = context->pt[n].dummy_pipe_fds[0]; + lwsl_debug("event pipe fd %d\n", wsi->desc.sockfd); + + if (context->event_loop_ops->accept) + context->event_loop_ops->accept(wsi); + + if (__insert_wsi_socket_into_fds(context, wsi)) + return 1; + } + + return 0; +} + +void +lws_destroy_event_pipe(struct lws *wsi) +{ + lwsl_info("%s\n", __func__); + __remove_wsi_socket_from_fds(wsi); + + if (wsi->context->event_loop_ops->wsi_logical_close) { + wsi->context->event_loop_ops->wsi_logical_close(wsi); + lws_plat_pipe_close(wsi); + return; + } + + if (wsi->context->event_loop_ops->destroy_wsi) + wsi->context->event_loop_ops->destroy_wsi(wsi); + lws_plat_pipe_close(wsi); + wsi->context->count_wsi_allocated--; + lws_free(wsi); +} + +LWS_VISIBLE struct lws_context * +lws_create_context(const struct lws_context_creation_info *info) +{ + struct lws_context *context = NULL; + struct lws_plat_file_ops *prev; +#ifndef LWS_NO_DAEMONIZE + int pid_daemon = get_daemonize_pid(); +#endif + int n; +#if defined(__ANDROID__) + struct rlimit rt; +#endif + + + + lwsl_info("Initial logging level %d\n", log_level); + lwsl_info("Libwebsockets version: %s\n", library_version); +#if defined(GCC_VER) + lwsl_info("Compiled with %s\n", GCC_VER); +#endif + +#ifdef LWS_WITH_IPV6 + if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DISABLE_IPV6)) + lwsl_info("IPV6 compiled in and enabled\n"); + else + lwsl_info("IPV6 compiled in but disabled\n"); +#else + lwsl_info("IPV6 not compiled in\n"); +#endif + + lwsl_info(" LWS_DEF_HEADER_LEN : %u\n", LWS_DEF_HEADER_LEN); + lwsl_info(" LWS_MAX_PROTOCOLS : %u\n", LWS_MAX_PROTOCOLS); + lwsl_info(" LWS_MAX_SMP : %u\n", LWS_MAX_SMP); + lwsl_info(" sizeof (*info) : %ld\n", (long)sizeof(*info)); +#if defined(LWS_WITH_STATS) + lwsl_info(" LWS_WITH_STATS : on\n"); +#endif + lwsl_info(" SYSTEM_RANDOM_FILEPATH: '%s'\n", SYSTEM_RANDOM_FILEPATH); +#if defined(LWS_WITH_HTTP2) + lwsl_info(" HTTP2 support : available\n"); +#else + lwsl_info(" HTTP2 support : not configured\n"); +#endif + if (lws_plat_context_early_init()) + return NULL; + + context = lws_zalloc(sizeof(struct lws_context), "context"); + if (!context) { + lwsl_err("No memory for websocket context\n"); + return NULL; + } + +#if defined(LWS_WITH_TLS) +#if defined(LWS_WITH_MBEDTLS) + context->tls_ops = &tls_ops_mbedtls; +#else + context->tls_ops = &tls_ops_openssl; +#endif +#endif + + if (info->pt_serv_buf_size) + context->pt_serv_buf_size = info->pt_serv_buf_size; + else + context->pt_serv_buf_size = 4096; + +#if defined(LWS_ROLE_H2) + role_ops_h2.init_context(context, info); +#endif + +#if LWS_MAX_SMP > 1 + pthread_mutex_init(&context->lock, NULL); +#endif + +#if defined(LWS_WITH_ESP32) + context->last_free_heap = esp_get_free_heap_size(); +#endif + + /* default to just the platform fops implementation */ + + context->fops_platform.LWS_FOP_OPEN = _lws_plat_file_open; + context->fops_platform.LWS_FOP_CLOSE = _lws_plat_file_close; + context->fops_platform.LWS_FOP_SEEK_CUR = _lws_plat_file_seek_cur; + context->fops_platform.LWS_FOP_READ = _lws_plat_file_read; + context->fops_platform.LWS_FOP_WRITE = _lws_plat_file_write; + context->fops_platform.fi[0].sig = NULL; + + /* + * arrange a linear linked-list of fops starting from context->fops + * + * platform fops + * [ -> fops_zip (copied into context so .next settable) ] + * [ -> info->fops ] + */ + + context->fops = &context->fops_platform; + prev = (struct lws_plat_file_ops *)context->fops; + +#if defined(LWS_WITH_ZIP_FOPS) + /* make a soft copy so we can set .next */ + context->fops_zip = fops_zip; + prev->next = &context->fops_zip; + prev = (struct lws_plat_file_ops *)prev->next; +#endif + + /* if user provided fops, tack them on the end of the list */ + if (info->fops) + prev->next = info->fops; + + context->reject_service_keywords = info->reject_service_keywords; + if (info->external_baggage_free_on_destroy) + context->external_baggage_free_on_destroy = + info->external_baggage_free_on_destroy; + + context->time_up = time(NULL); + context->pcontext_finalize = info->pcontext; + + context->simultaneous_ssl_restriction = + info->simultaneous_ssl_restriction; + +#ifndef LWS_NO_DAEMONIZE + if (pid_daemon) { + context->started_with_parent = pid_daemon; + lwsl_info(" Started with daemon pid %d\n", pid_daemon); + } +#endif +#if defined(__ANDROID__) + n = getrlimit ( RLIMIT_NOFILE,&rt); + if (-1 == n) { + lwsl_err("Get RLIMIT_NOFILE failed!\n"); + return NULL; + } + context->max_fds = rt.rlim_cur; +#else + context->max_fds = getdtablesize(); +#endif + + if (info->count_threads) + context->count_threads = info->count_threads; + else + context->count_threads = 1; + + if (context->count_threads > LWS_MAX_SMP) + context->count_threads = LWS_MAX_SMP; + + context->token_limits = info->token_limits; + + context->options = info->options; + + /* + * set the context event loops ops struct + * + * after this, all event_loop actions use the generic ops + */ + +#if defined(LWS_WITH_POLL) + context->event_loop_ops = &event_loop_ops_poll; +#endif + + if (lws_check_opt(context->options, LWS_SERVER_OPTION_LIBUV)) +#if defined(LWS_WITH_LIBUV) + context->event_loop_ops = &event_loop_ops_uv; +#else + goto fail_event_libs; +#endif + + if (lws_check_opt(context->options, LWS_SERVER_OPTION_LIBEV)) +#if defined(LWS_WITH_LIBEV) + context->event_loop_ops = &event_loop_ops_ev; +#else + goto fail_event_libs; +#endif + + if (lws_check_opt(context->options, LWS_SERVER_OPTION_LIBEVENT)) +#if defined(LWS_WITH_LIBEVENT) + context->event_loop_ops = &event_loop_ops_event; +#else + goto fail_event_libs; +#endif + + if (!context->event_loop_ops) + goto fail_event_libs; + + lwsl_info("Using event loop: %s\n", context->event_loop_ops->name); + +#if defined(LWS_WITH_TLS) + time(&context->tls.last_cert_check_s); + if (info->alpn) + context->tls.alpn_default = info->alpn; + else { + char *p = context->tls.alpn_discovered, first = 1; + + LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) { + if (ar->alpn) { + if (!first) + *p++ = ','; + p += lws_snprintf(p, + context->tls.alpn_discovered + + sizeof(context->tls.alpn_discovered) - + 2 - p, "%s", ar->alpn); + first = 0; + } + } LWS_FOR_EVERY_AVAILABLE_ROLE_END; + + context->tls.alpn_default = context->tls.alpn_discovered; + } + + lwsl_info("Default ALPN advertisment: %s\n", context->tls.alpn_default); +#endif + + if (info->timeout_secs) + context->timeout_secs = info->timeout_secs; + else + context->timeout_secs = AWAITING_TIMEOUT; + + context->ws_ping_pong_interval = info->ws_ping_pong_interval; + + lwsl_info(" default timeout (secs): %u\n", context->timeout_secs); + + if (info->max_http_header_data) + context->max_http_header_data = info->max_http_header_data; + else + if (info->max_http_header_data2) + context->max_http_header_data = + info->max_http_header_data2; + else + context->max_http_header_data = LWS_DEF_HEADER_LEN; + + if (info->max_http_header_pool) + context->max_http_header_pool = info->max_http_header_pool; + else + context->max_http_header_pool = context->max_fds; + + if (info->fd_limit_per_thread) + context->fd_limit_per_thread = info->fd_limit_per_thread; + else + context->fd_limit_per_thread = context->max_fds / + context->count_threads; + + /* + * Allocate the per-thread storage for scratchpad buffers, + * and header data pool + */ + for (n = 0; n < context->count_threads; n++) { + context->pt[n].serv_buf = lws_malloc(context->pt_serv_buf_size, + "pt_serv_buf"); + if (!context->pt[n].serv_buf) { + lwsl_err("OOM\n"); + return NULL; + } + + context->pt[n].context = context; + context->pt[n].tid = n; + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + context->pt[n].http.ah_list = NULL; + context->pt[n].http.ah_pool_length = 0; +#endif + lws_pt_mutex_init(&context->pt[n]); + } + + lwsl_info(" Threads: %d each %d fds\n", context->count_threads, + context->fd_limit_per_thread); + + if (!info->ka_interval && info->ka_time > 0) { + lwsl_err("info->ka_interval can't be 0 if ka_time used\n"); + return NULL; + } + + +#if defined(LWS_WITH_PEER_LIMITS) + /* scale the peer hash table according to the max fds for the process, + * so that the max list depth averages 16. Eg, 1024 fd -> 64, + * 102400 fd -> 6400 + */ + context->pl_hash_elements = + (context->count_threads * context->fd_limit_per_thread) / 16; + context->pl_hash_table = lws_zalloc(sizeof(struct lws_peer *) * + context->pl_hash_elements, "peer limits hash table"); + context->ip_limit_ah = info->ip_limit_ah; + context->ip_limit_wsi = info->ip_limit_wsi; +#endif + + lwsl_info(" mem: context: %5lu B (%ld ctx + (%ld thr x %d))\n", + (long)sizeof(struct lws_context) + + (context->count_threads * context->pt_serv_buf_size), + (long)sizeof(struct lws_context), + (long)context->count_threads, + context->pt_serv_buf_size); +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + lwsl_info(" mem: http hdr rsvd: %5lu B (%u thr x (%u + %lu) x %u))\n", + (long)(context->max_http_header_data + + sizeof(struct allocated_headers)) * + context->max_http_header_pool * context->count_threads, + context->count_threads, + context->max_http_header_data, + (long)sizeof(struct allocated_headers), + context->max_http_header_pool); +#endif + n = sizeof(struct lws_pollfd) * context->count_threads * + context->fd_limit_per_thread; + context->pt[0].fds = lws_zalloc(n, "fds table"); + if (context->pt[0].fds == NULL) { + lwsl_err("OOM allocating %d fds\n", context->max_fds); + goto bail; + } + lwsl_info(" mem: pollfd map: %5u\n", n); + + if (info->server_string) { + context->server_string = info->server_string; + context->server_string_len = (short) + strlen(context->server_string); + } + +#if LWS_MAX_SMP > 1 + /* each thread serves his own chunk of fds */ + for (n = 1; n < (int)info->count_threads; n++) + context->pt[n].fds = context->pt[n - 1].fds + + context->fd_limit_per_thread; +#endif + + if (lws_plat_init(context, info)) + goto bail; + + if (context->event_loop_ops->init_context) + if (context->event_loop_ops->init_context(context, info)) + goto bail; + + + if (context->event_loop_ops->init_pt) + for (n = 0; n < context->count_threads; n++) { + void *lp = NULL; + + if (info->foreign_loops) + lp = info->foreign_loops[n]; + + if (context->event_loop_ops->init_pt(context, lp, n)) + goto bail; + } + + if (lws_create_event_pipes(context)) + goto bail; + + lws_context_init_ssl_library(info); + + context->user_space = info->user; + + /* + * if he's not saying he'll make his own vhosts later then act + * compatibly and make a default vhost using the data in the info + */ + if (!lws_check_opt(info->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) + if (!lws_create_vhost(context, info)) { + lwsl_err("Failed to create default vhost\n"); + for (n = 0; n < context->count_threads; n++) + lws_free_set_NULL(context->pt[n].serv_buf); +#if defined(LWS_WITH_PEER_LIMITS) + lws_free_set_NULL(context->pl_hash_table); +#endif + lws_free_set_NULL(context->pt[0].fds); + lws_plat_context_late_destroy(context); + lws_free_set_NULL(context); + return NULL; + } + + lws_context_init_extensions(info, context); + + lwsl_info(" mem: per-conn: %5lu bytes + protocol rx buf\n", + (unsigned long)sizeof(struct lws)); + + strcpy(context->canonical_hostname, "unknown"); + lws_server_get_canonical_hostname(context, info); + + context->uid = info->uid; + context->gid = info->gid; + +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) + memcpy(context->caps, info->caps, sizeof(context->caps)); + context->count_caps = info->count_caps; +#endif + + /* + * drop any root privs for this process + * to listen on port < 1023 we would have needed root, but now we are + * listening, we don't want the power for anything else + */ + if (!lws_check_opt(info->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) + lws_plat_drop_app_privileges(info); + + /* expedite post-context init (eg, protocols) */ + lws_cancel_service(context); + +#if defined(LWS_WITH_SELFTESTS) + lws_jws_selftest(); +#endif + + return context; + +bail: + lws_context_destroy(context); + + return NULL; + +fail_event_libs: + lwsl_err("Requested event library support not configured, available:\n"); + { + const struct lws_event_loop_ops **elops = available_event_libs; + + while (*elops) { + lwsl_err(" - %s\n", (*elops)->name); + elops++; + } + } + lws_free(context); + + return NULL; +} + +LWS_VISIBLE LWS_EXTERN void +lws_context_deprecate(struct lws_context *context, lws_reload_func cb) +{ + struct lws_vhost *vh = context->vhost_list, *vh1; + struct lws *wsi; + + /* + * "deprecation" means disable the context from accepting any new + * connections and free up listen sockets to be used by a replacement + * context. + * + * Otherwise the deprecated context remains operational, until its + * number of connected sockets falls to zero, when it is deleted. + */ + + /* for each vhost, close his listen socket */ + + while (vh) { + wsi = vh->lserv_wsi; + if (wsi) { + wsi->socket_is_permanently_unusable = 1; + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "ctx deprecate"); + wsi->context->deprecation_pending_listen_close_count++; + /* + * other vhosts can share the listen port, they + * point to the same wsi. So zap those too. + */ + vh1 = context->vhost_list; + while (vh1) { + if (vh1->lserv_wsi == wsi) + vh1->lserv_wsi = NULL; + vh1 = vh1->vhost_next; + } + } + vh = vh->vhost_next; + } + + context->deprecated = 1; + context->deprecation_cb = cb; +} + +LWS_VISIBLE LWS_EXTERN int +lws_context_is_deprecated(struct lws_context *context) +{ + return context->deprecated; +} + +void +lws_vhost_destroy1(struct lws_vhost *vh) +{ + const struct lws_protocols *protocol = NULL; + struct lws_context_per_thread *pt; + int n, m = vh->context->count_threads; + struct lws_context *context = vh->context; + struct lws wsi; + + lwsl_info("%s\n", __func__); + + if (vh->being_destroyed) + return; + + vh->being_destroyed = 1; + + /* + * Are there other vhosts that are piggybacking on our listen socket? + * If so we need to hand the listen socket off to one of the others + * so it will remain open. If not, leave it attached to the closing + * vhost and it will get closed. + */ + + if (vh->lserv_wsi) + lws_start_foreach_ll(struct lws_vhost *, v, + context->vhost_list) { + if (v != vh && + !v->being_destroyed && + v->listen_port == vh->listen_port && + ((!v->iface && !vh->iface) || + (v->iface && vh->iface && + !strcmp(v->iface, vh->iface)))) { + /* + * this can only be a listen wsi, which is + * restricted... it has no protocol or other + * bindings or states. So we can simply + * swap it to a vhost that has the same + * iface + port, but is not closing. + */ + assert(v->lserv_wsi == NULL); + v->lserv_wsi = vh->lserv_wsi; + vh->lserv_wsi = NULL; + if (v->lserv_wsi) + v->lserv_wsi->vhost = v; + + lwsl_notice("%s: listen skt from %s to %s\n", + __func__, vh->name, v->name); + break; + } + } lws_end_foreach_ll(v, vhost_next); + + /* + * Forcibly close every wsi assoicated with this vhost. That will + * include the listen socket if it is still associated with the closing + * vhost. + */ + + while (m--) { + pt = &context->pt[m]; + + for (n = 0; (unsigned int)n < context->pt[m].fds_count; n++) { + struct lws *wsi = wsi_from_fd(context, pt->fds[n].fd); + if (!wsi) + continue; + if (wsi->vhost != vh) + continue; + + lws_close_free_wsi(wsi, + LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY, + "vh destroy" + /* no protocol close */); + n--; + } + } + + /* + * destroy any pending timed events + */ + + while (vh->timed_vh_protocol_list) + lws_timed_callback_remove(vh, vh->timed_vh_protocol_list); + + /* + * let the protocols destroy the per-vhost protocol objects + */ + + memset(&wsi, 0, sizeof(wsi)); + wsi.context = vh->context; + wsi.vhost = vh; + protocol = vh->protocols; + if (protocol && vh->created_vhost_protocols) { + n = 0; + while (n < vh->count_protocols) { + wsi.protocol = protocol; + protocol->callback(&wsi, LWS_CALLBACK_PROTOCOL_DESTROY, + NULL, NULL, 0); + protocol++; + n++; + } + } + + /* + * remove vhost from context list of vhosts + */ + + lws_start_foreach_llp(struct lws_vhost **, pv, context->vhost_list) { + if (*pv == vh) { + *pv = vh->vhost_next; + break; + } + } lws_end_foreach_llp(pv, vhost_next); + + /* add ourselves to the pending destruction list */ + + vh->vhost_next = vh->context->vhost_pending_destruction_list; + vh->context->vhost_pending_destruction_list = vh; +} + +static void +lws_vhost_destroy2(struct lws_vhost *vh) +{ + const struct lws_protocols *protocol = NULL; + struct lws_context *context = vh->context; + struct lws_deferred_free *df; + int n; + + lwsl_info("%s: %p\n", __func__, vh); + + /* if we are still on deferred free list, remove ourselves */ + + lws_start_foreach_llp(struct lws_deferred_free **, pdf, + context->deferred_free_list) { + if ((*pdf)->payload == vh) { + df = *pdf; + *pdf = df->next; + lws_free(df); + break; + } + } lws_end_foreach_llp(pdf, next); + + /* remove ourselves from the pending destruction list */ + + lws_start_foreach_llp(struct lws_vhost **, pv, + context->vhost_pending_destruction_list) { + if ((*pv) == vh) { + *pv = (*pv)->vhost_next; + break; + } + } lws_end_foreach_llp(pv, vhost_next); + + /* + * Free all the allocations associated with the vhost + */ + + protocol = vh->protocols; + if (protocol) { + n = 0; + while (n < vh->count_protocols) { + if (vh->protocol_vh_privs && + vh->protocol_vh_privs[n]) { + lws_free(vh->protocol_vh_privs[n]); + vh->protocol_vh_privs[n] = NULL; + } + protocol++; + n++; + } + } + if (vh->protocol_vh_privs) + lws_free(vh->protocol_vh_privs); + lws_ssl_SSL_CTX_destroy(vh); + lws_free(vh->same_vh_protocol_list); + + if (context->plugin_list || + (context->options & LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) + lws_free((void *)vh->protocols); + + LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) + if (ar->destroy_vhost) + ar->destroy_vhost(vh); + LWS_FOR_EVERY_AVAILABLE_ROLE_END; + +#ifdef LWS_WITH_ACCESS_LOG + if (vh->log_fd != (int)LWS_INVALID_FILE) + close(vh->log_fd); +#endif + +#if defined (LWS_WITH_TLS) + lws_free_set_NULL(vh->tls.alloc_cert_path); +#endif + +#if LWS_MAX_SMP > 1 + pthread_mutex_destroy(&vh->lock); +#endif + +#if defined(LWS_WITH_UNIX_SOCK) + if (LWS_UNIX_SOCK_ENABLED(context)) { + n = unlink(vh->iface); + if (n) + lwsl_info("Closing unix socket %s: errno %d\n", + vh->iface, errno); + } +#endif + /* + * although async event callbacks may still come for wsi handles with + * pending close in the case of asycn event library like libuv, + * they do not refer to the vhost. So it's safe to free. + */ + + lwsl_info(" %s: Freeing vhost %p\n", __func__, vh); + + memset(vh, 0, sizeof(*vh)); + lws_free(vh); +} + +int +lws_check_deferred_free(struct lws_context *context, int force) +{ + struct lws_deferred_free *df; + time_t now = lws_now_secs(); + + lws_start_foreach_llp(struct lws_deferred_free **, pdf, + context->deferred_free_list) { + if (force || + lws_compare_time_t(context, now, (*pdf)->deadline) > 5) { + df = *pdf; + *pdf = df->next; + /* finalize vh destruction */ + lwsl_notice("deferred vh %p destroy\n", df->payload); + lws_vhost_destroy2(df->payload); + lws_free(df); + continue; /* after deletion we already point to next */ + } + } lws_end_foreach_llp(pdf, next); + + return 0; +} + +LWS_VISIBLE void +lws_vhost_destroy(struct lws_vhost *vh) +{ + struct lws_deferred_free *df = lws_malloc(sizeof(*df), "deferred free"); + + if (!df) + return; + + lws_vhost_destroy1(vh); + + /* part 2 is deferred to allow all the handle closes to complete */ + + df->next = vh->context->deferred_free_list; + df->deadline = lws_now_secs(); + df->payload = vh; + vh->context->deferred_free_list = df; +} + +/* + * When using an event loop, the context destruction is in three separate + * parts. This is to cover both internal and foreign event loops cleanly. + * + * - lws_context_destroy() simply starts a soft close of all wsi and + * related allocations. The event loop continues. + * + * As the closes complete in the event loop, reference counting is used + * to determine when everything is closed. It then calls + * lws_context_destroy2(). + * + * - lws_context_destroy2() cleans up the rest of the higher-level logical + * lws pieces like vhosts. If the loop was foreign, it then proceeds to + * lws_context_destroy3(). If it the loop is internal, it stops the + * internal loops and waits for lws_context_destroy() to be called again + * outside the event loop (since we cannot destroy the loop from + * within the loop). That will cause lws_context_destroy3() to run + * directly. + * + * - lws_context_destroy3() destroys any internal event loops and then + * destroys the context itself, setting what was info.pcontext to NULL. + */ + +/* + * destroy the actual context itself + */ + +static void +lws_context_destroy3(struct lws_context *context) +{ + struct lws_context **pcontext_finalize = context->pcontext_finalize; + struct lws_context_per_thread *pt; + int n; + + for (n = 0; n < context->count_threads; n++) { + pt = &context->pt[n]; + + if (context->event_loop_ops->destroy_pt) + context->event_loop_ops->destroy_pt(context, n); + + lws_free_set_NULL(context->pt[n].serv_buf); + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + while (pt->http.ah_list) + _lws_destroy_ah(pt, pt->http.ah_list); +#endif + } + + lws_free(context); + lwsl_info("%s: ctx %p freed\n", __func__, context); + + if (pcontext_finalize) + *pcontext_finalize = NULL; +} + +/* + * really start destroying things + */ + +void +lws_context_destroy2(struct lws_context *context) +{ + struct lws_vhost *vh = NULL, *vh1; +#if defined(LWS_WITH_PEER_LIMITS) + uint32_t nu; +#endif + int n; + + lwsl_info("%s: ctx %p\n", __func__, context); + + context->being_destroyed2 = 1; + + if (context->pt[0].fds) + lws_free_set_NULL(context->pt[0].fds); + + /* + * free all the per-vhost allocations + */ + + vh = context->vhost_list; + while (vh) { + vh1 = vh->vhost_next; + lws_vhost_destroy2(vh); + vh = vh1; + } + + /* remove ourselves from the pending destruction list */ + + while (context->vhost_pending_destruction_list) + /* removes itself from list */ + lws_vhost_destroy2(context->vhost_pending_destruction_list); + + + lws_stats_log_dump(context); + + lws_ssl_context_destroy(context); + lws_plat_context_late_destroy(context); + +#if defined(LWS_WITH_PEER_LIMITS) + for (nu = 0; nu < context->pl_hash_elements; nu++) { + lws_start_foreach_llp(struct lws_peer **, peer, + context->pl_hash_table[nu]) { + struct lws_peer *df = *peer; + *peer = df->next; + lws_free(df); + continue; + } lws_end_foreach_llp(peer, next); + } + lws_free(context->pl_hash_table); +#endif + + if (context->external_baggage_free_on_destroy) + free(context->external_baggage_free_on_destroy); + + lws_check_deferred_free(context, 1); + +#if LWS_MAX_SMP > 1 + pthread_mutex_destroy(&context->lock); +#endif + + if (context->event_loop_ops->destroy_context2) + if (context->event_loop_ops->destroy_context2(context)) { + context->finalize_destroy_after_internal_loops_stopped = 1; + return; + } + + if (!context->pt[0].event_loop_foreign) + for (n = 0; n < context->count_threads; n++) + if (context->pt[n].inside_service) + return; + + lws_context_destroy3(context); +} + +/* + * Begin the context takedown + */ + +LWS_VISIBLE void +lws_context_destroy(struct lws_context *context) +{ + volatile struct lws_foreign_thread_pollfd *ftp, *next; + volatile struct lws_context_per_thread *vpt; + struct lws_context_per_thread *pt; + struct lws_vhost *vh = NULL; + struct lws wsi; + int n, m; + + if (!context) + return; + + if (context->finalize_destroy_after_internal_loops_stopped) { + if (context->event_loop_ops->destroy_context2) + context->event_loop_ops->destroy_context2(context); + + lws_context_destroy3(context); + + return; + } + + if (context->being_destroyed1) { + if (!context->being_destroyed2) { + lws_context_destroy2(context); + + return; + } + lwsl_info("%s: ctx %p: already being destroyed\n", + __func__, context); + + lws_context_destroy3(context); + return; + } + + lwsl_info("%s: ctx %p\n", __func__, context); + + m = context->count_threads; + context->being_destroyed = 1; + context->being_destroyed1 = 1; + context->requested_kill = 1; + + memset(&wsi, 0, sizeof(wsi)); + wsi.context = context; + +#ifdef LWS_LATENCY + if (context->worst_latency_info[0]) + lwsl_notice("Worst latency: %s\n", context->worst_latency_info); +#endif + + while (m--) { + pt = &context->pt[m]; + vpt = (volatile struct lws_context_per_thread *)pt; + + ftp = vpt->foreign_pfd_list; + while (ftp) { + next = ftp->next; + lws_free((void *)ftp); + ftp = next; + } + vpt->foreign_pfd_list = NULL; + + for (n = 0; (unsigned int)n < context->pt[m].fds_count; n++) { + struct lws *wsi = wsi_from_fd(context, pt->fds[n].fd); + if (!wsi) + continue; + + if (wsi->event_pipe) + lws_destroy_event_pipe(wsi); + else + lws_close_free_wsi(wsi, + LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY, + "ctx destroy" + /* no protocol close */); + n--; + } + lws_pt_mutex_destroy(pt); + } + + /* + * inform all the protocols that they are done and will have no more + * callbacks. + * + * We can't free things until after the event loop shuts down. + */ + if (context->protocol_init_done) + vh = context->vhost_list; + while (vh) { + struct lws_vhost *vhn = vh->vhost_next; + lws_vhost_destroy1(vh); + vh = vhn; + } + + lws_plat_context_early_destroy(context); + + /* + * We face two different needs depending if foreign loop or not. + * + * 1) If foreign loop, we really want to advance the destroy_context() + * past here, and block only for libuv-style async close completion. + * + * 2a) If poll, and we exited by ourselves and are calling a final + * destroy_context() outside of any service already, we want to + * advance all the way in one step. + * + * 2b) If poll, and we are reacting to a SIGINT, service thread(s) may + * be in poll wait or servicing. We can't advance the + * destroy_context() to the point it's freeing things; we have to + * leave that for the final destroy_context() after the service + * thread(s) are finished calling for service. + */ + + if (context->event_loop_ops->destroy_context1) { + context->event_loop_ops->destroy_context1(context); + + return; + } + + lws_context_destroy2(context); +} diff --git a/thirdparty/libwebsockets/core/libwebsockets.c b/thirdparty/libwebsockets/core/libwebsockets.c new file mode 100644 index 0000000000..58f00226f6 --- /dev/null +++ b/thirdparty/libwebsockets/core/libwebsockets.c @@ -0,0 +1,3479 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +#ifdef LWS_HAVE_SYS_TYPES_H +#include +#endif + +#ifdef LWS_WITH_IPV6 +#if defined(WIN32) || defined(_WIN32) +#include +#include +#else +#include +#endif +#endif + +int log_level = LLL_ERR | LLL_WARN | LLL_NOTICE; +static void (*lwsl_emit)(int level, const char *line) +#ifndef LWS_PLAT_OPTEE + = lwsl_emit_stderr +#endif + ; +#ifndef LWS_PLAT_OPTEE +static const char * const log_level_names[] = { + "ERR", + "WARN", + "NOTICE", + "INFO", + "DEBUG", + "PARSER", + "HEADER", + "EXTENSION", + "CLIENT", + "LATENCY", + "USER", + "?", + "?" +}; +#endif + +int lws_open(const char *__file, int __oflag, ...) +{ + va_list ap; + int n; + + va_start(ap, __oflag); + if (((__oflag & O_CREAT) == O_CREAT) +#if defined(O_TMPFILE) + || ((__oflag & O_TMPFILE) == O_TMPFILE) +#endif + ) + /* last arg is really a mode_t. But windows... */ + n = open(__file, __oflag, va_arg(ap, uint32_t)); + else + n = open(__file, __oflag); + va_end(ap); + + lws_plat_apply_FD_CLOEXEC(n); + + return n; +} + +#if defined (_DEBUG) +void lwsi_set_role(struct lws *wsi, lws_wsi_state_t role) +{ + wsi->wsistate = (wsi->wsistate & (~LWSI_ROLE_MASK)) | role; + + lwsl_debug("lwsi_set_role(%p, 0x%x)\n", wsi, wsi->wsistate); +} + +void lwsi_set_state(struct lws *wsi, lws_wsi_state_t lrs) +{ + wsi->wsistate = (wsi->wsistate & (~LRS_MASK)) | lrs; + + lwsl_debug("lwsi_set_state(%p, 0x%x)\n", wsi, wsi->wsistate); +} +#endif + +signed char char_to_hex(const char c) +{ + if (c >= '0' && c <= '9') + return c - '0'; + + if (c >= 'a' && c <= 'f') + return c - 'a' + 10; + + if (c >= 'A' && c <= 'F') + return c - 'A' + 10; + + return -1; +} + +void +__lws_free_wsi(struct lws *wsi) +{ + if (!wsi) + return; + + /* + * Protocol user data may be allocated either internally by lws + * or by specified the user. We should only free what we allocated. + */ + if (wsi->protocol && wsi->protocol->per_session_data_size && + wsi->user_space && !wsi->user_space_externally_allocated) + lws_free(wsi->user_space); + + lws_buflist_destroy_all_segments(&wsi->buflist); + lws_free_set_NULL(wsi->trunc_alloc); + lws_free_set_NULL(wsi->udp); + + if (wsi->vhost && wsi->vhost->lserv_wsi == wsi) + wsi->vhost->lserv_wsi = NULL; + + // lws_peer_dump_from_wsi(wsi); + + if (wsi->role_ops->destroy_role) + wsi->role_ops->destroy_role(wsi); + +#if defined(LWS_WITH_PEER_LIMITS) + lws_peer_track_wsi_close(wsi->context, wsi->peer); + wsi->peer = NULL; +#endif + + /* since we will destroy the wsi, make absolutely sure now */ + +#if defined(LWS_WITH_OPENSSL) + __lws_ssl_remove_wsi_from_buffered_list(wsi); +#endif + __lws_remove_from_timeout_list(wsi); + + if (wsi->context->event_loop_ops->destroy_wsi) + wsi->context->event_loop_ops->destroy_wsi(wsi); + + wsi->context->count_wsi_allocated--; + lwsl_debug("%s: %p, remaining wsi %d\n", __func__, wsi, + wsi->context->count_wsi_allocated); + + lws_free(wsi); +} + +void +lws_dll_add_front(struct lws_dll *d, struct lws_dll *phead) +{ + if (d->prev) + return; + + /* our next guy is current first guy */ + d->next = phead->next; + /* if there is a next guy, set his prev ptr to our next ptr */ + if (d->next) + d->next->prev = d; + /* our prev ptr is first ptr */ + d->prev = phead; + /* set the first guy to be us */ + phead->next = d; +} + +/* situation is: + * + * HEAD: struct lws_dll * = &entry1 + * + * Entry 1: struct lws_dll .pprev = &HEAD , .next = Entry 2 + * Entry 2: struct lws_dll .pprev = &entry1 , .next = &entry2 + * Entry 3: struct lws_dll .pprev = &entry2 , .next = NULL + * + * Delete Entry1: + * + * - HEAD = &entry2 + * - Entry2: .pprev = &HEAD, .next = &entry3 + * - Entry3: .pprev = &entry2, .next = NULL + * + * Delete Entry2: + * + * - HEAD = &entry1 + * - Entry1: .pprev = &HEAD, .next = &entry3 + * - Entry3: .pprev = &entry1, .next = NULL + * + * Delete Entry3: + * + * - HEAD = &entry1 + * - Entry1: .pprev = &HEAD, .next = &entry2 + * - Entry2: .pprev = &entry1, .next = NULL + * + */ + +void +lws_dll_remove(struct lws_dll *d) +{ + if (!d->prev) /* ie, not part of the list */ + return; + + /* + * remove us + * + * USp <-> us <-> USn --> USp <-> USn + */ + + /* if we have a next guy, set his prev to our prev */ + if (d->next) + d->next->prev = d->prev; + + /* set our prev guy to our next guy instead of us */ + if (d->prev) + d->prev->next = d->next; + + /* we're out of the list, we should not point anywhere any more */ + d->prev = NULL; + d->next = NULL; +} + +void +__lws_remove_from_timeout_list(struct lws *wsi) +{ + lws_dll_lws_remove(&wsi->dll_timeout); +} + +void +lws_remove_from_timeout_list(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + lws_pt_lock(pt, __func__); + __lws_remove_from_timeout_list(wsi); + lws_pt_unlock(pt); +} + +void +lws_dll_dump(struct lws_dll_lws *head, const char *title) +{ + int n = 0; + + (void)n; + lwsl_notice("%s: %s (head.next %p)\n", __func__, title, head->next); + + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, head->next) { + struct lws *wsi = lws_container_of(d, struct lws, dll_hrtimer); + + (void)wsi; + + lwsl_notice(" %d: wsi %p: %llu\n", n++, wsi, + (unsigned long long)wsi->pending_timer); + } lws_end_foreach_dll_safe(d, d1); +} + +void +__lws_set_timer_usecs(struct lws *wsi, lws_usec_t usecs) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + struct lws_dll_lws *dd = &pt->dll_head_hrtimer; + struct timeval now; + struct lws *wsi1; + int bef = 0; + + lws_dll_lws_remove(&wsi->dll_hrtimer); + + if (usecs == LWS_SET_TIMER_USEC_CANCEL) + return; + + gettimeofday(&now, NULL); + wsi->pending_timer = ((now.tv_sec * 1000000ll) + now.tv_usec) + usecs; + + /* + * we sort the hrtimer list with the earliest timeout first + */ + + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + pt->dll_head_hrtimer.next) { + dd = d; + wsi1 = lws_container_of(d, struct lws, dll_hrtimer); + + if (wsi1->pending_timer >= wsi->pending_timer) { + /* d, dprev's next, is >= our time */ + bef = 1; + break; + } + } lws_end_foreach_dll_safe(d, d1); + + if (bef) { + /* + * we go before dd + * DDp <-> DD <-> DDn --> DDp <-> us <-> DD <-> DDn + */ + /* we point forward to dd */ + wsi->dll_hrtimer.next = dd; + /* we point back to what dd used to point back to */ + wsi->dll_hrtimer.prev = dd->prev; + /* DDp points forward to us now */ + dd->prev->next = &wsi->dll_hrtimer; + /* DD points back to us now */ + dd->prev = &wsi->dll_hrtimer; + } else { + /* + * we go after dd + * DDp <-> DD <-> DDn --> DDp <-> DD <-> us <-> DDn + */ + /* we point forward to what dd used to point forward to */ + wsi->dll_hrtimer.next = dd->next; + /* we point back to dd */ + wsi->dll_hrtimer.prev = dd; + /* DDn points back to us */ + if (dd->next) + dd->next->prev = &wsi->dll_hrtimer; + /* DD points forward to us */ + dd->next = &wsi->dll_hrtimer; + } + +// lws_dll_dump(&pt->dll_head_hrtimer, "after set_timer_usec"); +} + +LWS_VISIBLE void +lws_set_timer_usecs(struct lws *wsi, lws_usec_t usecs) +{ + __lws_set_timer_usecs(wsi, usecs); +} + +lws_usec_t +__lws_hrtimer_service(struct lws_context_per_thread *pt) +{ + struct timeval now; + struct lws *wsi; + lws_usec_t t; + + gettimeofday(&now, NULL); + t = (now.tv_sec * 1000000ll) + now.tv_usec; + + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + pt->dll_head_hrtimer.next) { + wsi = lws_container_of(d, struct lws, dll_hrtimer); + + /* + * if we met one in the future, we are done, because the list + * is sorted by time in the future. + */ + if (wsi->pending_timer > t) + break; + + lws_set_timer_usecs(wsi, LWS_SET_TIMER_USEC_CANCEL); + + /* it's time for the timer to be serviced */ + + if (wsi->protocol && + wsi->protocol->callback(wsi, LWS_CALLBACK_TIMER, + wsi->user_space, NULL, 0)) + __lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "timer cb errored"); + } lws_end_foreach_dll_safe(d, d1); + + /* return an estimate how many us until next timer hit */ + + if (!pt->dll_head_hrtimer.next) + return LWS_HRTIMER_NOWAIT; + + wsi = lws_container_of(pt->dll_head_hrtimer.next, struct lws, dll_hrtimer); + + gettimeofday(&now, NULL); + t = (now.tv_sec * 1000000ll) + now.tv_usec; + + if (wsi->pending_timer < t) + return 0; + + return wsi->pending_timer - t; +} + +void +__lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + time_t now; + + time(&now); + + lwsl_debug("%s: %p: %d secs\n", __func__, wsi, secs); + wsi->pending_timeout_limit = secs; + wsi->pending_timeout_set = now; + wsi->pending_timeout = reason; + + if (!reason) + lws_dll_lws_remove(&wsi->dll_timeout); + else + lws_dll_lws_add_front(&wsi->dll_timeout, &pt->dll_head_timeout); +} + +LWS_VISIBLE void +lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + if (secs == LWS_TO_KILL_SYNC) { + lws_remove_from_timeout_list(wsi); + lwsl_debug("synchronously killing %p\n", wsi); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "to sync kill"); + return; + } + + if (secs == LWS_TO_KILL_ASYNC) + secs = 0; + + lws_pt_lock(pt, __func__); + __lws_set_timeout(wsi, reason, secs); + lws_pt_unlock(pt); +} + +int +lws_timed_callback_remove(struct lws_vhost *vh, struct lws_timed_vh_protocol *p) +{ + lws_start_foreach_llp(struct lws_timed_vh_protocol **, pt, + vh->timed_vh_protocol_list) { + if (*pt == p) { + *pt = p->next; + lws_free(p); + + return 0; + } + } lws_end_foreach_llp(pt, next); + + return 1; +} + +LWS_VISIBLE LWS_EXTERN int +lws_timed_callback_vh_protocol(struct lws_vhost *vh, const struct lws_protocols *prot, + int reason, int secs) +{ + struct lws_timed_vh_protocol *p = (struct lws_timed_vh_protocol *) + lws_malloc(sizeof(*p), "timed_vh"); + + if (!p) + return 1; + + p->protocol = prot; + p->reason = reason; + p->time = lws_now_secs() + secs; + p->next = vh->timed_vh_protocol_list; + + vh->timed_vh_protocol_list = p; + + return 0; +} + +static void +lws_remove_child_from_any_parent(struct lws *wsi) +{ + struct lws **pwsi; + int seen = 0; + + if (!wsi->parent) + return; + + /* detach ourselves from parent's child list */ + pwsi = &wsi->parent->child_list; + while (*pwsi) { + if (*pwsi == wsi) { + lwsl_info("%s: detach %p from parent %p\n", __func__, + wsi, wsi->parent); + + if (wsi->parent->protocol) + wsi->parent->protocol->callback(wsi, + LWS_CALLBACK_CHILD_CLOSING, + wsi->parent->user_space, wsi, 0); + + *pwsi = wsi->sibling_list; + seen = 1; + break; + } + pwsi = &(*pwsi)->sibling_list; + } + if (!seen) + lwsl_err("%s: failed to detach from parent\n", __func__); + + wsi->parent = NULL; +} + +int +lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p) +{ +// if (wsi->protocol == p) +// return 0; + const struct lws_protocols *vp = wsi->vhost->protocols, *vpo; + + if (wsi->protocol && wsi->protocol_bind_balance) { + wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_DROP_PROTOCOL, + wsi->user_space, NULL, 0); + wsi->protocol_bind_balance = 0; + } + if (!wsi->user_space_externally_allocated) + lws_free_set_NULL(wsi->user_space); + + lws_same_vh_protocol_remove(wsi); + + wsi->protocol = p; + if (!p) + return 0; + + if (lws_ensure_user_space(wsi)) + return 1; + + if (p > vp && p < &vp[wsi->vhost->count_protocols]) + lws_same_vh_protocol_insert(wsi, (int)(p - vp)); + else { + int n = wsi->vhost->count_protocols; + int hit = 0; + + vpo = vp; + + while (n--) { + if (p->name && vp->name && !strcmp(p->name, vp->name)) { + hit = 1; + lws_same_vh_protocol_insert(wsi, (int)(vp - vpo)); + break; + } + vp++; + } + if (!hit) + lwsl_err("%s: %p is not in vhost '%s' protocols list\n", + __func__, p, wsi->vhost->name); + } + + if (wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_BIND_PROTOCOL, + wsi->user_space, NULL, 0)) + return 1; + + wsi->protocol_bind_balance = 1; + + return 0; +} + +void +__lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char *caller) +{ + struct lws_context_per_thread *pt; + struct lws *wsi1, *wsi2; + struct lws_context *context; + int n; + + lwsl_info("%s: %p: caller: %s\n", __func__, wsi, caller); + + if (!wsi) + return; + + lws_access_log(wsi); + + context = wsi->context; + pt = &context->pt[(int)wsi->tsi]; + lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_CLOSE, 1); + +#if !defined(LWS_NO_CLIENT) + + lws_free_set_NULL(wsi->client_hostname_copy); + /* we are no longer an active client connection that can piggyback */ + lws_dll_lws_remove(&wsi->dll_active_client_conns); + + /* + * if we have wsi in our transaction queue, if we are closing we + * must go through and close all those first + */ + if (wsi->vhost) { + if ((int)reason != -1) + lws_vhost_lock(wsi->vhost); + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + wsi->dll_client_transaction_queue_head.next) { + struct lws *w = lws_container_of(d, struct lws, + dll_client_transaction_queue); + + __lws_close_free_wsi(w, -1, "trans q leader closing"); + } lws_end_foreach_dll_safe(d, d1); + + /* + * !!! If we are closing, but we have pending pipelined transaction + * results we already sent headers for, that's going to destroy sync + * for HTTP/1 and leave H2 stream with no live swsi. + * + * However this is normal if we are being closed because the transaction + * queue leader is closing. + */ + lws_dll_lws_remove(&wsi->dll_client_transaction_queue); + if ((int)reason !=-1) + lws_vhost_unlock(wsi->vhost); + } +#endif + + /* if we have children, close them first */ + if (wsi->child_list) { + wsi2 = wsi->child_list; + while (wsi2) { + wsi1 = wsi2->sibling_list; + wsi2->parent = NULL; + /* stop it doing shutdown processing */ + wsi2->socket_is_permanently_unusable = 1; + __lws_close_free_wsi(wsi2, reason, "general child recurse"); + wsi2 = wsi1; + } + wsi->child_list = NULL; + } + + if (wsi->role_ops == &role_ops_raw_file) { + lws_remove_child_from_any_parent(wsi); + __remove_wsi_socket_from_fds(wsi); + wsi->protocol->callback(wsi, wsi->role_ops->close_cb[0], + wsi->user_space, NULL, 0); + goto async_close; + } + + wsi->wsistate_pre_close = wsi->wsistate; + +#ifdef LWS_WITH_CGI + if (wsi->role_ops == &role_ops_cgi) { + /* we are not a network connection, but a handler for CGI io */ + if (wsi->parent && wsi->parent->http.cgi) { + + if (wsi->cgi_channel == LWS_STDOUT) + lws_cgi_remove_and_kill(wsi->parent); + + /* end the binding between us and master */ + wsi->parent->http.cgi->stdwsi[(int)wsi->cgi_channel] = NULL; + } + wsi->socket_is_permanently_unusable = 1; + + goto just_kill_connection; + } + + if (wsi->http.cgi) + lws_cgi_remove_and_kill(wsi); +#endif + +#if !defined(LWS_NO_CLIENT) + lws_client_stash_destroy(wsi); +#endif + + if (wsi->role_ops == &role_ops_raw_skt) { + wsi->socket_is_permanently_unusable = 1; + goto just_kill_connection; + } +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + if (lwsi_role_http(wsi) && lwsi_role_server(wsi) && + wsi->http.fop_fd != NULL) + lws_vfs_file_close(&wsi->http.fop_fd); +#endif + + if (lwsi_state(wsi) == LRS_DEAD_SOCKET) + return; + + if (wsi->socket_is_permanently_unusable || + reason == LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY || + lwsi_state(wsi) == LRS_SHUTDOWN) + goto just_kill_connection; + + switch (lwsi_state_PRE_CLOSE(wsi)) { + case LRS_DEAD_SOCKET: + return; + + /* we tried the polite way... */ + case LRS_WAITING_TO_SEND_CLOSE: + case LRS_AWAITING_CLOSE_ACK: + case LRS_RETURNED_CLOSE: + goto just_kill_connection; + + case LRS_FLUSHING_BEFORE_CLOSE: + if (wsi->trunc_len) { + lws_callback_on_writable(wsi); + return; + } + lwsl_info("%p: end LRS_FLUSHING_BEFORE_CLOSE\n", wsi); + goto just_kill_connection; + default: + if (wsi->trunc_len) { + lwsl_info("%p: LRS_FLUSHING_BEFORE_CLOSE\n", wsi); + lwsi_set_state(wsi, LRS_FLUSHING_BEFORE_CLOSE); + __lws_set_timeout(wsi, + PENDING_FLUSH_STORED_SEND_BEFORE_CLOSE, 5); + return; + } + break; + } + + if (lwsi_state(wsi) == LRS_WAITING_CONNECT || + lwsi_state(wsi) == LRS_H1C_ISSUE_HANDSHAKE) + goto just_kill_connection; + + if (!wsi->told_user_closed && lwsi_role_http(wsi) && + lwsi_role_server(wsi)) { + if (wsi->user_space && wsi->protocol && + wsi->protocol_bind_balance) { + wsi->protocol->callback(wsi, + LWS_CALLBACK_HTTP_DROP_PROTOCOL, + wsi->user_space, NULL, 0); + wsi->protocol_bind_balance = 0; + } + } + + /* + * signal we are closing, lws_write will + * add any necessary version-specific stuff. If the write fails, + * no worries we are closing anyway. If we didn't initiate this + * close, then our state has been changed to + * LRS_RETURNED_CLOSE and we will skip this. + * + * Likewise if it's a second call to close this connection after we + * sent the close indication to the peer already, we are in state + * LRS_AWAITING_CLOSE_ACK and will skip doing this a second time. + */ + + if (wsi->role_ops->close_via_role_protocol && + wsi->role_ops->close_via_role_protocol(wsi, reason)) + return; + +just_kill_connection: + + if (wsi->role_ops->close_kill_connection) + wsi->role_ops->close_kill_connection(wsi, reason); + + lws_remove_child_from_any_parent(wsi); + n = 0; + + if (!wsi->told_user_closed && wsi->user_space && + wsi->protocol_bind_balance) { + lwsl_debug("%s: %p: DROP_PROTOCOL %s\n", __func__, wsi, + wsi->protocol->name); + wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_DROP_PROTOCOL, + wsi->user_space, NULL, 0); + wsi->protocol_bind_balance = 0; + } + + if ((lwsi_state(wsi) == LRS_WAITING_SERVER_REPLY || + lwsi_state(wsi) == LRS_WAITING_CONNECT) && !wsi->already_did_cce) + wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_CONNECTION_ERROR, + wsi->user_space, NULL, 0); + + /* + * Testing with ab shows that we have to stage the socket close when + * the system is under stress... shutdown any further TX, change the + * state to one that won't emit anything more, and wait with a timeout + * for the POLLIN to show a zero-size rx before coming back and doing + * the actual close. + */ + if (wsi->role_ops != &role_ops_raw_skt && !lwsi_role_client(wsi) && + lwsi_state(wsi) != LRS_SHUTDOWN && + lwsi_state(wsi) != LRS_UNCONNECTED && + reason != LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY && + !wsi->socket_is_permanently_unusable) { + +#if defined(LWS_WITH_TLS) + if (lws_is_ssl(wsi) && wsi->tls.ssl) { + n = 0; + switch (__lws_tls_shutdown(wsi)) { + case LWS_SSL_CAPABLE_DONE: + case LWS_SSL_CAPABLE_ERROR: + case LWS_SSL_CAPABLE_MORE_SERVICE_READ: + case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: + case LWS_SSL_CAPABLE_MORE_SERVICE: + break; + } + } else +#endif + { + lwsl_info("%s: shutdown conn: %p (sock %d, state 0x%x)\n", + __func__, wsi, (int)(long)wsi->desc.sockfd, + lwsi_state(wsi)); + if (!wsi->socket_is_permanently_unusable && + lws_socket_is_valid(wsi->desc.sockfd)) { + wsi->socket_is_permanently_unusable = 1; + n = shutdown(wsi->desc.sockfd, SHUT_WR); + } + } + if (n) + lwsl_debug("closing: shutdown (state 0x%x) ret %d\n", + lwsi_state(wsi), LWS_ERRNO); + + /* + * This causes problems on WINCE / ESP32 with disconnection + * when the events are half closing connection + */ +#if !defined(_WIN32_WCE) && !defined(LWS_WITH_ESP32) + /* libuv: no event available to guarantee completion */ + if (!wsi->socket_is_permanently_unusable && + lws_socket_is_valid(wsi->desc.sockfd) && + lwsi_state(wsi) != LRS_SHUTDOWN && + context->event_loop_ops->periodic_events_available) { + __lws_change_pollfd(wsi, LWS_POLLOUT, LWS_POLLIN); + lwsi_set_state(wsi, LRS_SHUTDOWN); + __lws_set_timeout(wsi, PENDING_TIMEOUT_SHUTDOWN_FLUSH, + context->timeout_secs); + + return; + } +#endif + } + + lwsl_debug("%s: real just_kill_connection: %p (sockfd %d)\n", __func__, + wsi, wsi->desc.sockfd); + +#ifdef LWS_WITH_HTTP_PROXY + if (wsi->http.rw) { + lws_rewrite_destroy(wsi->http.rw); + wsi->http.rw = NULL; + } +#endif + /* + * we won't be servicing or receiving anything further from this guy + * delete socket from the internal poll list if still present + */ + __lws_ssl_remove_wsi_from_buffered_list(wsi); + __lws_remove_from_timeout_list(wsi); + lws_dll_lws_remove(&wsi->dll_hrtimer); + + /* don't repeat event loop stuff */ + if (wsi->told_event_loop_closed) + return; + + /* checking return redundant since we anyway close */ + if (wsi->desc.sockfd != LWS_SOCK_INVALID) + __remove_wsi_socket_from_fds(wsi); + else + lws_same_vh_protocol_remove(wsi); + + lwsi_set_state(wsi, LRS_DEAD_SOCKET); + lws_buflist_destroy_all_segments(&wsi->buflist); + lws_dll_lws_remove(&wsi->dll_buflist); + + if (wsi->role_ops->close_role) + wsi->role_ops->close_role(pt, wsi); + + /* tell the user it's all over for this guy */ + + if (lwsi_state_est_PRE_CLOSE(wsi) && !wsi->told_user_closed && + wsi->role_ops->close_cb[lwsi_role_server(wsi)]) { + const struct lws_protocols *pro = wsi->protocol; + + if (!wsi->protocol) + pro = &wsi->vhost->protocols[0]; + + if (!wsi->upgraded_to_http2 || !lwsi_role_client(wsi)) + /* + * The network wsi for a client h2 connection shouldn't + * call back for its role: the child stream connections + * own the role. Otherwise h2 will call back closed + * one too many times as the children do it and then + * the closing network stream. + */ + pro->callback(wsi, + wsi->role_ops->close_cb[lwsi_role_server(wsi)], + wsi->user_space, NULL, 0); + wsi->told_user_closed = 1; + } + +async_close: + wsi->socket_is_permanently_unusable = 1; + + if (wsi->context->event_loop_ops->wsi_logical_close) + if (wsi->context->event_loop_ops->wsi_logical_close(wsi)) + return; + + __lws_close_free_wsi_final(wsi); +} + +void +__lws_close_free_wsi_final(struct lws *wsi) +{ + int n; + + if (lws_socket_is_valid(wsi->desc.sockfd) && !lws_ssl_close(wsi)) { + n = compatible_close(wsi->desc.sockfd); + if (n) + lwsl_debug("closing: close ret %d\n", LWS_ERRNO); + + wsi->desc.sockfd = LWS_SOCK_INVALID; + } + + /* outermost destroy notification for wsi (user_space still intact) */ + if (wsi->vhost) + wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_WSI_DESTROY, + wsi->user_space, NULL, 0); + +#ifdef LWS_WITH_CGI + if (wsi->http.cgi) { + + for (n = 0; n < 3; n++) { + if (wsi->http.cgi->pipe_fds[n][!!(n == 0)] == 0) + lwsl_err("ZERO FD IN CGI CLOSE"); + + if (wsi->http.cgi->pipe_fds[n][!!(n == 0)] >= 0) + close(wsi->http.cgi->pipe_fds[n][!!(n == 0)]); + } + + lws_free(wsi->http.cgi); + } +#endif + + __lws_free_wsi(wsi); +} + + +void +lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char *caller) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + lws_pt_lock(pt, __func__); + __lws_close_free_wsi(wsi, reason, caller); + lws_pt_unlock(pt); +} + +/* lws_buflist */ + +int +lws_buflist_append_segment(struct lws_buflist **head, const uint8_t *buf, + size_t len) +{ + struct lws_buflist *nbuf; + int first = !*head; + void *p = *head; + int sanity = 1024; + + assert(buf); + assert(len); + + /* append at the tail */ + while (*head) { + if (!--sanity || head == &((*head)->next)) { + lwsl_err("%s: corrupt list points to self\n", __func__); + return -1; + } + head = &((*head)->next); + } + + lwsl_info("%s: len %u first %d %p\n", __func__, (uint32_t)len, first, p); + + nbuf = (struct lws_buflist *) + lws_malloc(sizeof(**head) + len, __func__); + if (!nbuf) { + lwsl_err("%s: OOM\n", __func__); + return -1; + } + + nbuf->len = len; + nbuf->pos = 0; + nbuf->next = NULL; + + p = (void *)nbuf->buf; + memcpy(p, buf, len); + + *head = nbuf; + + return first; /* returns 1 if first segment just created */ +} + +static int +lws_buflist_destroy_segment(struct lws_buflist **head) +{ + struct lws_buflist *old = *head; + + assert(*head); + *head = (*head)->next; + old->next = NULL; + lws_free(old); + + return !*head; /* returns 1 if last segment just destroyed */ +} + +void +lws_buflist_destroy_all_segments(struct lws_buflist **head) +{ + struct lws_buflist *p = *head, *p1; + + while (p) { + p1 = p->next; + p->next = NULL; + lws_free(p); + p = p1; + } + + *head = NULL; +} + +size_t +lws_buflist_next_segment_len(struct lws_buflist **head, uint8_t **buf) +{ + if (!*head) { + if (buf) + *buf = NULL; + + return 0; + } + + if (!(*head)->len && (*head)->next) + lws_buflist_destroy_segment(head); + + if (!*head) { + if (buf) + *buf = NULL; + + return 0; + } + + assert((*head)->pos < (*head)->len); + + if (buf) + *buf = (*head)->buf + (*head)->pos; + + return (*head)->len - (*head)->pos; +} + +int +lws_buflist_use_segment(struct lws_buflist **head, size_t len) +{ + assert(*head); + assert(len); + assert((*head)->pos + len <= (*head)->len); + + (*head)->pos += len; + if ((*head)->pos == (*head)->len) + lws_buflist_destroy_segment(head); + + if (!*head) + return 0; + + return (int)((*head)->len - (*head)->pos); +} + +void +lws_buflist_describe(struct lws_buflist **head, void *id) +{ + struct lws_buflist *old; + int n = 0; + + if (*head == NULL) + lwsl_notice("%p: buflist empty\n", id); + + while (*head) { + lwsl_notice("%p: %d: %llu / %llu (%llu left)\n", id, n, + (unsigned long long)(*head)->pos, + (unsigned long long)(*head)->len, + (unsigned long long)(*head)->len - (*head)->pos); + old = *head; + head = &((*head)->next); + if (*head == old) { + lwsl_err("%s: next points to self\n", __func__); + break; + } + n++; + } +} + +/* ... */ + +LWS_VISIBLE LWS_EXTERN const char * +lws_get_urlarg_by_name(struct lws *wsi, const char *name, char *buf, int len) +{ + int n = 0, sl = (int)strlen(name); + + while (lws_hdr_copy_fragment(wsi, buf, len, + WSI_TOKEN_HTTP_URI_ARGS, n) >= 0) { + + if (!strncmp(buf, name, sl)) + return buf + sl; + + n++; + } + + return NULL; +} + +#if !defined(LWS_WITH_ESP32) +LWS_VISIBLE int +interface_to_sa(struct lws_vhost *vh, const char *ifname, + struct sockaddr_in *addr, size_t addrlen) +{ + int ipv6 = 0; +#ifdef LWS_WITH_IPV6 + ipv6 = LWS_IPV6_ENABLED(vh); +#endif + (void)vh; + + return lws_interface_to_sa(ipv6, ifname, addr, addrlen); +} +#endif + +#ifndef LWS_PLAT_OPTEE +static int +lws_get_addresses(struct lws_vhost *vh, void *ads, char *name, + int name_len, char *rip, int rip_len) +{ + struct addrinfo ai, *res; + struct sockaddr_in addr4; + + rip[0] = '\0'; + name[0] = '\0'; + addr4.sin_family = AF_UNSPEC; + +#ifdef LWS_WITH_IPV6 + if (LWS_IPV6_ENABLED(vh)) { + if (!lws_plat_inet_ntop(AF_INET6, + &((struct sockaddr_in6 *)ads)->sin6_addr, + rip, rip_len)) { + lwsl_err("inet_ntop: %s", strerror(LWS_ERRNO)); + return -1; + } + + // Strip off the IPv4 to IPv6 header if one exists + if (strncmp(rip, "::ffff:", 7) == 0) + memmove(rip, rip + 7, strlen(rip) - 6); + + getnameinfo((struct sockaddr *)ads, sizeof(struct sockaddr_in6), + name, name_len, NULL, 0, 0); + + return 0; + } else +#endif + { + struct addrinfo *result; + + memset(&ai, 0, sizeof ai); + ai.ai_family = PF_UNSPEC; + ai.ai_socktype = SOCK_STREAM; +#if !defined(LWS_WITH_ESP32) + if (getnameinfo((struct sockaddr *)ads, + sizeof(struct sockaddr_in), + name, name_len, NULL, 0, 0)) + return -1; +#endif + + if (getaddrinfo(name, NULL, &ai, &result)) + return -1; + + res = result; + while (addr4.sin_family == AF_UNSPEC && res) { + switch (res->ai_family) { + case AF_INET: + addr4.sin_addr = + ((struct sockaddr_in *)res->ai_addr)->sin_addr; + addr4.sin_family = AF_INET; + break; + } + + res = res->ai_next; + } + freeaddrinfo(result); + } + + if (addr4.sin_family == AF_UNSPEC) + return -1; + + if (lws_plat_inet_ntop(AF_INET, &addr4.sin_addr, rip, rip_len) == NULL) + return -1; + + return 0; +} + + +LWS_VISIBLE const char * +lws_get_peer_simple(struct lws *wsi, char *name, int namelen) +{ + socklen_t len, olen; +#ifdef LWS_WITH_IPV6 + struct sockaddr_in6 sin6; +#endif + struct sockaddr_in sin4; + int af = AF_INET; + void *p, *q; + + wsi = lws_get_network_wsi(wsi); + + if (wsi->parent_carries_io) + wsi = wsi->parent; + +#ifdef LWS_WITH_IPV6 + if (LWS_IPV6_ENABLED(wsi->vhost)) { + len = sizeof(sin6); + p = &sin6; + af = AF_INET6; + q = &sin6.sin6_addr; + } else +#endif + { + len = sizeof(sin4); + p = &sin4; + q = &sin4.sin_addr; + } + + olen = len; + if (getpeername(wsi->desc.sockfd, p, &len) < 0 || len > olen) { + lwsl_warn("getpeername: %s\n", strerror(LWS_ERRNO)); + return NULL; + } + + return lws_plat_inet_ntop(af, q, name, namelen); +} +#endif + +LWS_VISIBLE void +lws_get_peer_addresses(struct lws *wsi, lws_sockfd_type fd, char *name, + int name_len, char *rip, int rip_len) +{ +#ifndef LWS_PLAT_OPTEE + socklen_t len; +#ifdef LWS_WITH_IPV6 + struct sockaddr_in6 sin6; +#endif + struct sockaddr_in sin4; + struct lws_context *context = wsi->context; + int ret = -1; + void *p; + + rip[0] = '\0'; + name[0] = '\0'; + + lws_latency_pre(context, wsi); + +#ifdef LWS_WITH_IPV6 + if (LWS_IPV6_ENABLED(wsi->vhost)) { + len = sizeof(sin6); + p = &sin6; + } else +#endif + { + len = sizeof(sin4); + p = &sin4; + } + + if (getpeername(fd, p, &len) < 0) { + lwsl_warn("getpeername: %s\n", strerror(LWS_ERRNO)); + goto bail; + } + + ret = lws_get_addresses(wsi->vhost, p, name, name_len, rip, rip_len); + +bail: + lws_latency(context, wsi, "lws_get_peer_addresses", ret, 1); +#endif + (void)wsi; + (void)fd; + (void)name; + (void)name_len; + (void)rip; + (void)rip_len; + +} + +LWS_EXTERN void * +lws_vhost_user(struct lws_vhost *vhost) +{ + return vhost->user; +} + +LWS_EXTERN void * +lws_context_user(struct lws_context *context) +{ + return context->user_space; +} + +LWS_VISIBLE struct lws_vhost * +lws_vhost_get(struct lws *wsi) +{ + return wsi->vhost; +} + +LWS_VISIBLE struct lws_vhost * +lws_get_vhost(struct lws *wsi) +{ + return wsi->vhost; +} + +LWS_VISIBLE const struct lws_protocols * +lws_protocol_get(struct lws *wsi) +{ + return wsi->protocol; +} + +LWS_VISIBLE const struct lws_udp * +lws_get_udp(const struct lws *wsi) +{ + return wsi->udp; +} + +LWS_VISIBLE struct lws * +lws_get_network_wsi(struct lws *wsi) +{ + if (!wsi) + return NULL; + +#if defined(LWS_WITH_HTTP2) + if (!wsi->http2_substream && !wsi->client_h2_substream) + return wsi; + + while (wsi->h2.parent_wsi) + wsi = wsi->h2.parent_wsi; +#endif + + return wsi; +} + +LWS_VISIBLE LWS_EXTERN const struct lws_protocols * +lws_vhost_name_to_protocol(struct lws_vhost *vh, const char *name) +{ + int n; + + for (n = 0; n < vh->count_protocols; n++) + if (!strcmp(name, vh->protocols[n].name)) + return &vh->protocols[n]; + + return NULL; +} + +LWS_VISIBLE int +lws_callback_all_protocol(struct lws_context *context, + const struct lws_protocols *protocol, int reason) +{ + struct lws_context_per_thread *pt = &context->pt[0]; + unsigned int n, m = context->count_threads; + struct lws *wsi; + + while (m--) { + for (n = 0; n < pt->fds_count; n++) { + wsi = wsi_from_fd(context, pt->fds[n].fd); + if (!wsi) + continue; + if (wsi->protocol == protocol) + protocol->callback(wsi, reason, wsi->user_space, + NULL, 0); + } + pt++; + } + + return 0; +} + +LWS_VISIBLE int +lws_callback_all_protocol_vhost_args(struct lws_vhost *vh, + const struct lws_protocols *protocol, int reason, + void *argp, size_t len) +{ + struct lws_context *context = vh->context; + struct lws_context_per_thread *pt = &context->pt[0]; + unsigned int n, m = context->count_threads; + struct lws *wsi; + + while (m--) { + for (n = 0; n < pt->fds_count; n++) { + wsi = wsi_from_fd(context, pt->fds[n].fd); + if (!wsi) + continue; + if (wsi->vhost == vh && (wsi->protocol == protocol || + !protocol)) + wsi->protocol->callback(wsi, reason, + wsi->user_space, argp, len); + } + pt++; + } + + return 0; +} + +LWS_VISIBLE int +lws_callback_all_protocol_vhost(struct lws_vhost *vh, + const struct lws_protocols *protocol, int reason) +{ + return lws_callback_all_protocol_vhost_args(vh, protocol, reason, NULL, 0); +} + +LWS_VISIBLE LWS_EXTERN int +lws_callback_vhost_protocols(struct lws *wsi, int reason, void *in, int len) +{ + int n; + + for (n = 0; n < wsi->vhost->count_protocols; n++) + if (wsi->vhost->protocols[n].callback(wsi, reason, NULL, in, len)) + return 1; + + return 0; +} + +LWS_VISIBLE LWS_EXTERN int +lws_callback_vhost_protocols_vhost(struct lws_vhost *vh, int reason, void *in, + size_t len) +{ + int n; + struct lws *wsi = lws_zalloc(sizeof(*wsi), "fake wsi"); + + wsi->context = vh->context; + wsi->vhost = vh; + + for (n = 0; n < wsi->vhost->count_protocols; n++) { + wsi->protocol = &vh->protocols[n]; + if (wsi->protocol->callback(wsi, reason, NULL, in, len)) { + lws_free(wsi); + return 1; + } + } + + lws_free(wsi); + + return 0; +} + +LWS_VISIBLE LWS_EXTERN void +lws_set_fops(struct lws_context *context, const struct lws_plat_file_ops *fops) +{ + context->fops = fops; +} + +LWS_VISIBLE LWS_EXTERN lws_filepos_t +lws_vfs_tell(lws_fop_fd_t fop_fd) +{ + return fop_fd->pos; +} + +LWS_VISIBLE LWS_EXTERN lws_filepos_t +lws_vfs_get_length(lws_fop_fd_t fop_fd) +{ + return fop_fd->len; +} + +LWS_VISIBLE LWS_EXTERN uint32_t +lws_vfs_get_mod_time(lws_fop_fd_t fop_fd) +{ + return fop_fd->mod_time; +} + +LWS_VISIBLE lws_fileofs_t +lws_vfs_file_seek_set(lws_fop_fd_t fop_fd, lws_fileofs_t offset) +{ + lws_fileofs_t ofs; + + ofs = fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, offset - fop_fd->pos); + + return ofs; +} + + +LWS_VISIBLE lws_fileofs_t +lws_vfs_file_seek_end(lws_fop_fd_t fop_fd, lws_fileofs_t offset) +{ + return fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, fop_fd->len + + fop_fd->pos + offset); +} + + +const struct lws_plat_file_ops * +lws_vfs_select_fops(const struct lws_plat_file_ops *fops, const char *vfs_path, + const char **vpath) +{ + const struct lws_plat_file_ops *pf; + const char *p = vfs_path; + int n; + + *vpath = NULL; + + /* no non-platform fops, just use that */ + + if (!fops->next) + return fops; + + /* + * scan the vfs path looking for indications we are to be + * handled by a specific fops + */ + + while (p && *p) { + if (*p != '/') { + p++; + continue; + } + /* the first one is always platform fops, so skip */ + pf = fops->next; + while (pf) { + n = 0; + while (n < (int)LWS_ARRAY_SIZE(pf->fi) && pf->fi[n].sig) { + if (p >= vfs_path + pf->fi[n].len) + if (!strncmp(p - (pf->fi[n].len - 1), + pf->fi[n].sig, + pf->fi[n].len - 1)) { + *vpath = p + 1; + return pf; + } + + n++; + } + pf = pf->next; + } + p++; + } + + return fops; +} + +LWS_VISIBLE LWS_EXTERN lws_fop_fd_t LWS_WARN_UNUSED_RESULT +lws_vfs_file_open(const struct lws_plat_file_ops *fops, const char *vfs_path, + lws_fop_flags_t *flags) +{ + const char *vpath = ""; + const struct lws_plat_file_ops *selected; + + selected = lws_vfs_select_fops(fops, vfs_path, &vpath); + + return selected->LWS_FOP_OPEN(fops, vfs_path, vpath, flags); +} + + +/** + * lws_now_secs() - seconds since 1970-1-1 + * + */ +LWS_VISIBLE LWS_EXTERN unsigned long +lws_now_secs(void) +{ + struct timeval tv; + + gettimeofday(&tv, NULL); + + return tv.tv_sec; +} + +LWS_VISIBLE LWS_EXTERN int +lws_compare_time_t(struct lws_context *context, time_t t1, time_t t2) +{ + if (t1 < context->time_discontiguity) + t1 += context->time_fixup; + + if (t2 < context->time_discontiguity) + t2 += context->time_fixup; + + return (int)(t1 - t2); +} + +LWS_VISIBLE lws_sockfd_type +lws_get_socket_fd(struct lws *wsi) +{ + if (!wsi) + return -1; + return wsi->desc.sockfd; +} + +#ifdef LWS_LATENCY +void +lws_latency(struct lws_context *context, struct lws *wsi, const char *action, + int ret, int completed) +{ + unsigned long long u; + char buf[256]; + + u = time_in_microseconds(); + + if (!action) { + wsi->latency_start = u; + if (!wsi->action_start) + wsi->action_start = u; + return; + } + if (completed) { + if (wsi->action_start == wsi->latency_start) + sprintf(buf, + "Completion first try lat %lluus: %p: ret %d: %s\n", + u - wsi->latency_start, + (void *)wsi, ret, action); + else + sprintf(buf, + "Completion %lluus: lat %lluus: %p: ret %d: %s\n", + u - wsi->action_start, + u - wsi->latency_start, + (void *)wsi, ret, action); + wsi->action_start = 0; + } else + sprintf(buf, "lat %lluus: %p: ret %d: %s\n", + u - wsi->latency_start, (void *)wsi, ret, action); + + if (u - wsi->latency_start > context->worst_latency) { + context->worst_latency = u - wsi->latency_start; + strcpy(context->worst_latency_info, buf); + } + lwsl_latency("%s", buf); +} +#endif + +LWS_VISIBLE int +lws_rx_flow_control(struct lws *wsi, int _enable) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + int en = _enable; + + // h2 ignores rx flow control atm + if (lwsi_role_h2(wsi) || wsi->http2_substream || + lwsi_role_h2_ENCAPSULATION(wsi)) + return 0; // !!! + + lwsl_info("%s: %p 0x%x\n", __func__, wsi, _enable); + + if (!(_enable & LWS_RXFLOW_REASON_APPLIES)) { + /* + * convert user bool style to bitmap style... in user simple + * bool style _enable = 0 = flow control it, = 1 = allow rx + */ + en = LWS_RXFLOW_REASON_APPLIES | LWS_RXFLOW_REASON_USER_BOOL; + if (_enable & 1) + en |= LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT; + } + + lws_pt_lock(pt, __func__); + + /* any bit set in rxflow_bitmap DISABLEs rxflow control */ + if (en & LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT) + wsi->rxflow_bitmap &= ~(en & 0xff); + else + wsi->rxflow_bitmap |= en & 0xff; + + if ((LWS_RXFLOW_PENDING_CHANGE | (!wsi->rxflow_bitmap)) == + wsi->rxflow_change_to) + goto skip; + + wsi->rxflow_change_to = LWS_RXFLOW_PENDING_CHANGE | !wsi->rxflow_bitmap; + + lwsl_info("%s: %p: bitmap 0x%x: en 0x%x, ch 0x%x\n", __func__, wsi, + wsi->rxflow_bitmap, en, wsi->rxflow_change_to); + + if (_enable & LWS_RXFLOW_REASON_FLAG_PROCESS_NOW || + !wsi->rxflow_will_be_applied) { + en = __lws_rx_flow_control(wsi); + lws_pt_unlock(pt); + + return en; + } + +skip: + lws_pt_unlock(pt); + + return 0; +} + +LWS_VISIBLE void +lws_rx_flow_allow_all_protocol(const struct lws_context *context, + const struct lws_protocols *protocol) +{ + const struct lws_context_per_thread *pt = &context->pt[0]; + struct lws *wsi; + unsigned int n, m = context->count_threads; + + while (m--) { + for (n = 0; n < pt->fds_count; n++) { + wsi = wsi_from_fd(context, pt->fds[n].fd); + if (!wsi) + continue; + if (wsi->protocol == protocol) + lws_rx_flow_control(wsi, LWS_RXFLOW_ALLOW); + } + pt++; + } +} + +int +lws_broadcast(struct lws_context *context, int reason, void *in, size_t len) +{ + struct lws_vhost *v = context->vhost_list; + struct lws wsi; + int n, ret = 0; + + memset(&wsi, 0, sizeof(wsi)); + wsi.context = context; + + while (v) { + const struct lws_protocols *p = v->protocols; + wsi.vhost = v; + + for (n = 0; n < v->count_protocols; n++) { + wsi.protocol = p; + if (p->callback && + p->callback(&wsi, reason, NULL, in, len)) + ret |= 1; + p++; + } + v = v->vhost_next; + } + + return ret; +} + +LWS_VISIBLE extern const char * +lws_canonical_hostname(struct lws_context *context) +{ + return (const char *)context->canonical_hostname; +} + +LWS_VISIBLE LWS_EXTERN const char * +lws_get_vhost_name(struct lws_vhost *vhost) +{ + return vhost->name; +} + +LWS_VISIBLE LWS_EXTERN int +lws_get_vhost_port(struct lws_vhost *vhost) +{ + return vhost->listen_port; +} + +LWS_VISIBLE LWS_EXTERN void * +lws_get_vhost_user(struct lws_vhost *vhost) +{ + return vhost->user; +} + +LWS_VISIBLE LWS_EXTERN const char * +lws_get_vhost_iface(struct lws_vhost *vhost) +{ + return vhost->iface; +} + +int user_callback_handle_rxflow(lws_callback_function callback_function, + struct lws *wsi, + enum lws_callback_reasons reason, void *user, + void *in, size_t len) +{ + int n; + + wsi->rxflow_will_be_applied = 1; + n = callback_function(wsi, reason, user, in, len); + wsi->rxflow_will_be_applied = 0; + if (!n) + n = __lws_rx_flow_control(wsi); + + return n; +} + +#if !defined(LWS_WITHOUT_CLIENT) +LWS_VISIBLE int +lws_set_proxy(struct lws_vhost *vhost, const char *proxy) +{ + char *p; + char authstring[96]; + + if (!proxy) + return -1; + + /* we have to deal with a possible redundant leading http:// */ + if (!strncmp(proxy, "http://", 7)) + proxy += 7; + + p = strrchr(proxy, '@'); + if (p) { /* auth is around */ + + if ((unsigned int)(p - proxy) > sizeof(authstring) - 1) + goto auth_too_long; + + lws_strncpy(authstring, proxy, p - proxy + 1); + // null termination not needed on input + if (lws_b64_encode_string(authstring, lws_ptr_diff(p, proxy), + vhost->proxy_basic_auth_token, + sizeof vhost->proxy_basic_auth_token) < 0) + goto auth_too_long; + + lwsl_info(" Proxy auth in use\n"); + + proxy = p + 1; + } else + vhost->proxy_basic_auth_token[0] = '\0'; + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + lws_strncpy(vhost->http.http_proxy_address, proxy, + sizeof(vhost->http.http_proxy_address)); + + p = strchr(vhost->http.http_proxy_address, ':'); + if (!p && !vhost->http.http_proxy_port) { + lwsl_err("http_proxy needs to be ads:port\n"); + + return -1; + } else { + if (p) { + *p = '\0'; + vhost->http.http_proxy_port = atoi(p + 1); + } + } + + lwsl_info(" Proxy %s:%u\n", vhost->http.http_proxy_address, + vhost->http.http_proxy_port); +#endif + return 0; + +auth_too_long: + lwsl_err("proxy auth too long\n"); + + return -1; +} +#endif + +#if defined(LWS_WITH_SOCKS5) +LWS_VISIBLE int +lws_set_socks(struct lws_vhost *vhost, const char *socks) +{ + char *p_at, *p_colon; + char user[96]; + char password[96]; + + if (!socks) + return -1; + + vhost->socks_user[0] = '\0'; + vhost->socks_password[0] = '\0'; + + p_at = strrchr(socks, '@'); + if (p_at) { /* auth is around */ + if ((unsigned int)(p_at - socks) > (sizeof(user) + + sizeof(password) - 2)) { + lwsl_err("Socks auth too long\n"); + goto bail; + } + + p_colon = strchr(socks, ':'); + if (p_colon) { + if ((unsigned int)(p_colon - socks) > (sizeof(user) + - 1) ) { + lwsl_err("Socks user too long\n"); + goto bail; + } + if ((unsigned int)(p_at - p_colon) > (sizeof(password) + - 1) ) { + lwsl_err("Socks password too long\n"); + goto bail; + } + + lws_strncpy(vhost->socks_user, socks, p_colon - socks + 1); + lws_strncpy(vhost->socks_password, p_colon + 1, + p_at - (p_colon + 1) + 1); + } + + lwsl_info(" Socks auth, user: %s, password: %s\n", + vhost->socks_user, vhost->socks_password ); + + socks = p_at + 1; + } + + lws_strncpy(vhost->socks_proxy_address, socks, + sizeof(vhost->socks_proxy_address)); + + p_colon = strchr(vhost->socks_proxy_address, ':'); + if (!p_colon && !vhost->socks_proxy_port) { + lwsl_err("socks_proxy needs to be address:port\n"); + return -1; + } else { + if (p_colon) { + *p_colon = '\0'; + vhost->socks_proxy_port = atoi(p_colon + 1); + } + } + + lwsl_info(" Socks %s:%u\n", vhost->socks_proxy_address, + vhost->socks_proxy_port); + + return 0; + +bail: + return -1; +} +#endif + +LWS_VISIBLE const struct lws_protocols * +lws_get_protocol(struct lws *wsi) +{ + return wsi->protocol; +} + + +int +lws_ensure_user_space(struct lws *wsi) +{ + if (!wsi->protocol) + return 0; + + /* allocate the per-connection user memory (if any) */ + + if (wsi->protocol->per_session_data_size && !wsi->user_space) { + wsi->user_space = lws_zalloc( + wsi->protocol->per_session_data_size, "user space"); + if (wsi->user_space == NULL) { + lwsl_err("%s: OOM\n", __func__); + return 1; + } + } else + lwsl_debug("%s: %p protocol pss %lu, user_space=%p\n", __func__, + wsi, (long)wsi->protocol->per_session_data_size, + wsi->user_space); + return 0; +} + +LWS_VISIBLE void * +lws_adjust_protocol_psds(struct lws *wsi, size_t new_size) +{ + ((struct lws_protocols *)lws_get_protocol(wsi))->per_session_data_size = + new_size; + + if (lws_ensure_user_space(wsi)) + return NULL; + + return wsi->user_space; +} + +LWS_VISIBLE int +lwsl_timestamp(int level, char *p, int len) +{ +#ifndef LWS_PLAT_OPTEE + time_t o_now = time(NULL); + unsigned long long now; + struct tm *ptm = NULL; +#ifndef WIN32 + struct tm tm; +#endif + int n; + +#ifndef _WIN32_WCE +#ifdef WIN32 + ptm = localtime(&o_now); +#else + if (localtime_r(&o_now, &tm)) + ptm = &tm; +#endif +#endif + p[0] = '\0'; + for (n = 0; n < LLL_COUNT; n++) { + if (level != (1 << n)) + continue; + now = time_in_microseconds() / 100; + if (ptm) + n = lws_snprintf(p, len, + "[%04d/%02d/%02d %02d:%02d:%02d:%04d] %s: ", + ptm->tm_year + 1900, + ptm->tm_mon + 1, + ptm->tm_mday, + ptm->tm_hour, + ptm->tm_min, + ptm->tm_sec, + (int)(now % 10000), log_level_names[n]); + else + n = lws_snprintf(p, len, "[%llu:%04d] %s: ", + (unsigned long long) now / 10000, + (int)(now % 10000), log_level_names[n]); + return n; + } +#else + p[0] = '\0'; +#endif + + return 0; +} + +#ifndef LWS_PLAT_OPTEE +static const char * const colours[] = { + "[31;1m", /* LLL_ERR */ + "[36;1m", /* LLL_WARN */ + "[35;1m", /* LLL_NOTICE */ + "[32;1m", /* LLL_INFO */ + "[34;1m", /* LLL_DEBUG */ + "[33;1m", /* LLL_PARSER */ + "[33m", /* LLL_HEADER */ + "[33m", /* LLL_EXT */ + "[33m", /* LLL_CLIENT */ + "[33;1m", /* LLL_LATENCY */ + "[30;1m", /* LLL_USER */ +}; + +LWS_VISIBLE void lwsl_emit_stderr(int level, const char *line) +{ + char buf[50]; + static char tty = 3; + int n, m = LWS_ARRAY_SIZE(colours) - 1; + + if (!tty) + tty = isatty(2) | 2; + lwsl_timestamp(level, buf, sizeof(buf)); + + if (tty == 3) { + n = 1 << (LWS_ARRAY_SIZE(colours) - 1); + while (n) { + if (level & n) + break; + m--; + n >>= 1; + } + fprintf(stderr, "%c%s%s%s%c[0m", 27, colours[m], buf, line, 27); + } else + fprintf(stderr, "%s%s", buf, line); +} +#endif + +LWS_VISIBLE void _lws_logv(int filter, const char *format, va_list vl) +{ + char buf[256]; + int n; + + if (!(log_level & filter)) + return; + + n = vsnprintf(buf, sizeof(buf) - 1, format, vl); + (void)n; + /* vnsprintf returns what it would have written, even if truncated */ + if (n > (int)sizeof(buf) - 1) + n = sizeof(buf) - 1; + if (n > 0) + buf[n] = '\0'; + + lwsl_emit(filter, buf); +} + +LWS_VISIBLE void _lws_log(int filter, const char *format, ...) +{ + va_list ap; + + va_start(ap, format); + _lws_logv(filter, format, ap); + va_end(ap); +} + +LWS_VISIBLE void lws_set_log_level(int level, + void (*func)(int level, const char *line)) +{ + log_level = level; + if (func) + lwsl_emit = func; +} + +LWS_VISIBLE int lwsl_visible(int level) +{ + return log_level & level; +} + +LWS_VISIBLE void +lwsl_hexdump_level(int hexdump_level, const void *vbuf, size_t len) +{ + unsigned char *buf = (unsigned char *)vbuf; + unsigned int n, m, start; + char line[80]; + char *p; + + if (!lwsl_visible(hexdump_level)) + return; + + if (!len) + return; + + if (!vbuf) + return; + + _lws_log(hexdump_level, "\n"); + + for (n = 0; n < len;) { + start = n; + p = line; + + p += sprintf(p, "%04X: ", start); + + for (m = 0; m < 16 && n < len; m++) + p += sprintf(p, "%02X ", buf[n++]); + while (m++ < 16) + p += sprintf(p, " "); + + p += sprintf(p, " "); + + for (m = 0; m < 16 && (start + m) < len; m++) { + if (buf[start + m] >= ' ' && buf[start + m] < 127) + *p++ = buf[start + m]; + else + *p++ = '.'; + } + while (m++ < 16) + *p++ = ' '; + + *p++ = '\n'; + *p = '\0'; + _lws_log(hexdump_level, "%s", line); + (void)line; + } + + _lws_log(hexdump_level, "\n"); +} + +LWS_VISIBLE void +lwsl_hexdump(const void *vbuf, size_t len) +{ +#if defined(_DEBUG) + lwsl_hexdump_level(LLL_DEBUG, vbuf, len); +#endif +} + +LWS_VISIBLE int +lws_is_ssl(struct lws *wsi) +{ +#if defined(LWS_WITH_TLS) + return wsi->tls.use_ssl & LCCSCF_USE_SSL; +#else + (void)wsi; + return 0; +#endif +} + +#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) +LWS_VISIBLE lws_tls_conn* +lws_get_ssl(struct lws *wsi) +{ + return wsi->tls.ssl; +} +#endif + +LWS_VISIBLE int +lws_partial_buffered(struct lws *wsi) +{ + return !!wsi->trunc_len; +} + +LWS_VISIBLE lws_fileofs_t +lws_get_peer_write_allowance(struct lws *wsi) +{ + if (!wsi->role_ops->tx_credit) + return -1; + return wsi->role_ops->tx_credit(wsi); +} + +LWS_VISIBLE void +lws_role_transition(struct lws *wsi, enum lwsi_role role, enum lwsi_state state, + struct lws_role_ops *ops) +{ +#if defined(_DEBUG) + const char *name = "(unset)"; +#endif + wsi->wsistate = role | state; + if (ops) + wsi->role_ops = ops; +#if defined(_DEBUG) + if (wsi->role_ops) + name = wsi->role_ops->name; + lwsl_debug("%s: %p: wsistate 0x%x, ops %s\n", __func__, wsi, + wsi->wsistate, name); +#endif +} + +LWS_VISIBLE struct lws_plat_file_ops * +lws_get_fops(struct lws_context *context) +{ + return (struct lws_plat_file_ops *)context->fops; +} + +LWS_VISIBLE LWS_EXTERN struct lws_context * +lws_get_context(const struct lws *wsi) +{ + return wsi->context; +} + +LWS_VISIBLE LWS_EXTERN int +lws_get_count_threads(struct lws_context *context) +{ + return context->count_threads; +} + +LWS_VISIBLE LWS_EXTERN void * +lws_wsi_user(struct lws *wsi) +{ + return wsi->user_space; +} + +LWS_VISIBLE LWS_EXTERN void +lws_set_wsi_user(struct lws *wsi, void *data) +{ + if (wsi->user_space_externally_allocated) + wsi->user_space = data; + else + lwsl_err("%s: Cannot set internally-allocated user_space\n", + __func__); +} + +LWS_VISIBLE LWS_EXTERN struct lws * +lws_get_parent(const struct lws *wsi) +{ + return wsi->parent; +} + +LWS_VISIBLE LWS_EXTERN struct lws * +lws_get_child(const struct lws *wsi) +{ + return wsi->child_list; +} + +LWS_VISIBLE LWS_EXTERN void +lws_set_parent_carries_io(struct lws *wsi) +{ + wsi->parent_carries_io = 1; +} + +LWS_VISIBLE LWS_EXTERN void * +lws_get_opaque_parent_data(const struct lws *wsi) +{ + return wsi->opaque_parent_data; +} + +LWS_VISIBLE LWS_EXTERN void +lws_set_opaque_parent_data(struct lws *wsi, void *data) +{ + wsi->opaque_parent_data = data; +} + +LWS_VISIBLE LWS_EXTERN int +lws_get_child_pending_on_writable(const struct lws *wsi) +{ + return wsi->parent_pending_cb_on_writable; +} + +LWS_VISIBLE LWS_EXTERN void +lws_clear_child_pending_on_writable(struct lws *wsi) +{ + wsi->parent_pending_cb_on_writable = 0; +} + + +LWS_EXTERN int +__lws_rx_flow_control(struct lws *wsi) +{ + struct lws *wsic = wsi->child_list; + + // h2 ignores rx flow control atm + if (lwsi_role_h2(wsi) || wsi->http2_substream || + lwsi_role_h2_ENCAPSULATION(wsi)) + return 0; // !!! + + /* if he has children, do those if they were changed */ + while (wsic) { + if (wsic->rxflow_change_to & LWS_RXFLOW_PENDING_CHANGE) + __lws_rx_flow_control(wsic); + + wsic = wsic->sibling_list; + } + + /* there is no pending change */ + if (!(wsi->rxflow_change_to & LWS_RXFLOW_PENDING_CHANGE)) + return 0; + + /* stuff is still buffered, not ready to really accept new input */ + if (lws_buflist_next_segment_len(&wsi->buflist, NULL)) { + /* get ourselves called back to deal with stashed buffer */ + lws_callback_on_writable(wsi); + return 0; + } + + /* now the pending is cleared, we can change rxflow state */ + + wsi->rxflow_change_to &= ~LWS_RXFLOW_PENDING_CHANGE; + + lwsl_info("rxflow: wsi %p change_to %d\n", wsi, + wsi->rxflow_change_to & LWS_RXFLOW_ALLOW); + + /* adjust the pollfd for this wsi */ + + if (wsi->rxflow_change_to & LWS_RXFLOW_ALLOW) { + if (__lws_change_pollfd(wsi, 0, LWS_POLLIN)) { + lwsl_info("%s: fail\n", __func__); + return -1; + } + } else + if (__lws_change_pollfd(wsi, LWS_POLLIN, 0)) + return -1; + + return 0; +} + +LWS_EXTERN int +lws_check_utf8(unsigned char *state, unsigned char *buf, size_t len) +{ + static const unsigned char e0f4[] = { + 0xa0 | ((2 - 1) << 2) | 1, /* e0 */ + 0x80 | ((4 - 1) << 2) | 1, /* e1 */ + 0x80 | ((4 - 1) << 2) | 1, /* e2 */ + 0x80 | ((4 - 1) << 2) | 1, /* e3 */ + 0x80 | ((4 - 1) << 2) | 1, /* e4 */ + 0x80 | ((4 - 1) << 2) | 1, /* e5 */ + 0x80 | ((4 - 1) << 2) | 1, /* e6 */ + 0x80 | ((4 - 1) << 2) | 1, /* e7 */ + 0x80 | ((4 - 1) << 2) | 1, /* e8 */ + 0x80 | ((4 - 1) << 2) | 1, /* e9 */ + 0x80 | ((4 - 1) << 2) | 1, /* ea */ + 0x80 | ((4 - 1) << 2) | 1, /* eb */ + 0x80 | ((4 - 1) << 2) | 1, /* ec */ + 0x80 | ((2 - 1) << 2) | 1, /* ed */ + 0x80 | ((4 - 1) << 2) | 1, /* ee */ + 0x80 | ((4 - 1) << 2) | 1, /* ef */ + 0x90 | ((3 - 1) << 2) | 2, /* f0 */ + 0x80 | ((4 - 1) << 2) | 2, /* f1 */ + 0x80 | ((4 - 1) << 2) | 2, /* f2 */ + 0x80 | ((4 - 1) << 2) | 2, /* f3 */ + 0x80 | ((1 - 1) << 2) | 2, /* f4 */ + + 0, /* s0 */ + 0x80 | ((4 - 1) << 2) | 0, /* s2 */ + 0x80 | ((4 - 1) << 2) | 1, /* s3 */ + }; + unsigned char s = *state; + + while (len--) { + unsigned char c = *buf++; + + if (!s) { + if (c >= 0x80) { + if (c < 0xc2 || c > 0xf4) + return 1; + if (c < 0xe0) + s = 0x80 | ((4 - 1) << 2); + else + s = e0f4[c - 0xe0]; + } + } else { + if (c < (s & 0xf0) || + c >= (s & 0xf0) + 0x10 + ((s << 2) & 0x30)) + return 1; + s = e0f4[21 + (s & 3)]; + } + } + + *state = s; + + return 0; +} + +LWS_VISIBLE LWS_EXTERN int +lws_parse_uri(char *p, const char **prot, const char **ads, int *port, + const char **path) +{ + const char *end; + static const char *slash = "/"; + + /* cut up the location into address, port and path */ + *prot = p; + while (*p && (*p != ':' || p[1] != '/' || p[2] != '/')) + p++; + if (!*p) { + end = p; + p = (char *)*prot; + *prot = end; + } else { + *p = '\0'; + p += 3; + } + *ads = p; + if (!strcmp(*prot, "http") || !strcmp(*prot, "ws")) + *port = 80; + else if (!strcmp(*prot, "https") || !strcmp(*prot, "wss")) + *port = 443; + + if (*p == '[') + { + ++(*ads); + while (*p && *p != ']') + p++; + if (*p) + *p++ = '\0'; + } + else + { + while (*p && *p != ':' && *p != '/') + p++; + } + if (*p == ':') { + *p++ = '\0'; + *port = atoi(p); + while (*p && *p != '/') + p++; + } + *path = slash; + if (*p) { + *p++ = '\0'; + if (*p) + *path = p; + } + + return 0; +} + +#if defined(LWS_WITHOUT_EXTENSIONS) + +/* we need to provide dummy callbacks for internal exts + * so user code runs when faced with a lib compiled with + * extensions disabled. + */ + +LWS_VISIBLE int +lws_extension_callback_pm_deflate(struct lws_context *context, + const struct lws_extension *ext, + struct lws *wsi, + enum lws_extension_callback_reasons reason, + void *user, void *in, size_t len) +{ + (void)context; + (void)ext; + (void)wsi; + (void)reason; + (void)user; + (void)in; + (void)len; + + return 0; +} + +LWS_EXTERN int +lws_set_extension_option(struct lws *wsi, const char *ext_name, + const char *opt_name, const char *opt_val) +{ + return -1; +} +#endif + +LWS_EXTERN int +lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port, + const char *iface) +{ +#ifdef LWS_WITH_UNIX_SOCK + struct sockaddr_un serv_unix; +#endif +#ifdef LWS_WITH_IPV6 + struct sockaddr_in6 serv_addr6; +#endif + struct sockaddr_in serv_addr4; +#ifndef LWS_PLAT_OPTEE + socklen_t len = sizeof(struct sockaddr_storage); +#endif + int n; +#if !defined(LWS_WITH_ESP32) + int m; +#endif + struct sockaddr_storage sin; + struct sockaddr *v; + +#ifdef LWS_WITH_UNIX_SOCK + if (LWS_UNIX_SOCK_ENABLED(vhost)) { + v = (struct sockaddr *)&serv_unix; + n = sizeof(struct sockaddr_un); + bzero((char *) &serv_unix, sizeof(serv_unix)); + serv_unix.sun_family = AF_UNIX; + if (!iface) + return -1; + if (sizeof(serv_unix.sun_path) <= strlen(iface)) { + lwsl_err("\"%s\" too long for UNIX domain socket\n", + iface); + return -1; + } + strcpy(serv_unix.sun_path, iface); + if (serv_unix.sun_path[0] == '@') + serv_unix.sun_path[0] = '\0'; + + } else +#endif +#if defined(LWS_WITH_IPV6) && !defined(LWS_WITH_ESP32) + if (LWS_IPV6_ENABLED(vhost)) { + v = (struct sockaddr *)&serv_addr6; + n = sizeof(struct sockaddr_in6); + bzero((char *) &serv_addr6, sizeof(serv_addr6)); + if (iface) { + m = interface_to_sa(vhost, iface, + (struct sockaddr_in *)v, n); + if (m == LWS_ITOSA_NOT_USABLE) { + lwsl_info("%s: netif %s: Not usable\n", + __func__, iface); + return m; + } + if (m == LWS_ITOSA_NOT_EXIST) { + lwsl_info("%s: netif %s: Does not exist\n", + __func__, iface); + return m; + } + serv_addr6.sin6_scope_id = lws_get_addr_scope(iface); + } + + serv_addr6.sin6_family = AF_INET6; + serv_addr6.sin6_port = htons(port); + } else +#endif + { + v = (struct sockaddr *)&serv_addr4; + n = sizeof(serv_addr4); + bzero((char *) &serv_addr4, sizeof(serv_addr4)); + serv_addr4.sin_addr.s_addr = INADDR_ANY; + serv_addr4.sin_family = AF_INET; +#if !defined(LWS_WITH_ESP32) + + if (iface) { + m = interface_to_sa(vhost, iface, + (struct sockaddr_in *)v, n); + if (m == LWS_ITOSA_NOT_USABLE) { + lwsl_info("%s: netif %s: Not usable\n", + __func__, iface); + return m; + } + if (m == LWS_ITOSA_NOT_EXIST) { + lwsl_info("%s: netif %s: Does not exist\n", + __func__, iface); + return m; + } + } +#endif + serv_addr4.sin_port = htons(port); + } /* ipv4 */ + + /* just checking for the interface extant */ + if (sockfd == LWS_SOCK_INVALID) + return 0; + + n = bind(sockfd, v, n); +#ifdef LWS_WITH_UNIX_SOCK + if (n < 0 && LWS_UNIX_SOCK_ENABLED(vhost)) { + lwsl_err("ERROR on binding fd %d to \"%s\" (%d %d)\n", + sockfd, iface, n, LWS_ERRNO); + return -1; + } else +#endif + if (n < 0) { + lwsl_err("ERROR on binding fd %d to port %d (%d %d)\n", + sockfd, port, n, LWS_ERRNO); + return -1; + } + +#ifndef LWS_PLAT_OPTEE + if (getsockname(sockfd, (struct sockaddr *)&sin, &len) == -1) + lwsl_warn("getsockname: %s\n", strerror(LWS_ERRNO)); + else +#endif +#if defined(LWS_WITH_IPV6) + port = (sin.ss_family == AF_INET6) ? + ntohs(((struct sockaddr_in6 *) &sin)->sin6_port) : + ntohs(((struct sockaddr_in *) &sin)->sin_port); +#else + { + struct sockaddr_in sain; + memcpy(&sain, &sin, sizeof(sain)); + port = ntohs(sain.sin_port); + } +#endif + + return port; +} + +LWS_VISIBLE LWS_EXTERN int +lws_get_vhost_listen_port(struct lws_vhost *vhost) +{ + return vhost->listen_port; +} + +#if defined(LWS_WITH_IPV6) +LWS_EXTERN unsigned long +lws_get_addr_scope(const char *ipaddr) +{ + unsigned long scope = 0; + +#ifndef WIN32 + struct ifaddrs *addrs, *addr; + char ip[NI_MAXHOST]; + unsigned int i; + + getifaddrs(&addrs); + for (addr = addrs; addr; addr = addr->ifa_next) { + if (!addr->ifa_addr || + addr->ifa_addr->sa_family != AF_INET6) + continue; + + getnameinfo(addr->ifa_addr, + sizeof(struct sockaddr_in6), + ip, sizeof(ip), + NULL, 0, NI_NUMERICHOST); + + i = 0; + while (ip[i]) + if (ip[i++] == '%') { + ip[i - 1] = '\0'; + break; + } + + if (!strcmp(ip, ipaddr)) { + scope = if_nametoindex(addr->ifa_name); + break; + } + } + freeifaddrs(addrs); +#else + PIP_ADAPTER_ADDRESSES adapter, addrs = NULL; + PIP_ADAPTER_UNICAST_ADDRESS addr; + ULONG size = 0; + DWORD ret; + struct sockaddr_in6 *sockaddr; + char ip[NI_MAXHOST]; + unsigned int i; + int found = 0; + + for (i = 0; i < 5; i++) + { + ret = GetAdaptersAddresses(AF_INET6, GAA_FLAG_INCLUDE_PREFIX, + NULL, addrs, &size); + if ((ret == NO_ERROR) || (ret == ERROR_NO_DATA)) { + break; + } else if (ret == ERROR_BUFFER_OVERFLOW) + { + if (addrs) + free(addrs); + addrs = (IP_ADAPTER_ADDRESSES *)malloc(size); + } else + { + if (addrs) + { + free(addrs); + addrs = NULL; + } + lwsl_err("Failed to get IPv6 address table (%d)", ret); + break; + } + } + + if ((ret == NO_ERROR) && (addrs)) { + adapter = addrs; + while (adapter && !found) { + addr = adapter->FirstUnicastAddress; + while (addr && !found) { + if (addr->Address.lpSockaddr->sa_family == + AF_INET6) { + sockaddr = (struct sockaddr_in6 *) + (addr->Address.lpSockaddr); + + lws_plat_inet_ntop(sockaddr->sin6_family, + &sockaddr->sin6_addr, + ip, sizeof(ip)); + + if (!strcmp(ip, ipaddr)) { + scope = sockaddr->sin6_scope_id; + found = 1; + break; + } + } + addr = addr->Next; + } + adapter = adapter->Next; + } + } + if (addrs) + free(addrs); +#endif + + return scope; +} +#endif + +#if !defined(LWS_NO_SERVER) + +LWS_EXTERN struct lws * +lws_create_adopt_udp(struct lws_vhost *vhost, int port, int flags, + const char *protocol_name, struct lws *parent_wsi) +{ + lws_sock_file_fd_type sock; + struct addrinfo h, *r, *rp; + struct lws *wsi = NULL; + char buf[16]; + int n; + + memset(&h, 0, sizeof(h)); + h.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */ + h.ai_socktype = SOCK_DGRAM; + h.ai_protocol = IPPROTO_UDP; + h.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; + + lws_snprintf(buf, sizeof(buf), "%u", port); + n = getaddrinfo(NULL, buf, &h, &r); + if (n) { + lwsl_info("%s: getaddrinfo error: %s\n", __func__, + gai_strerror(n)); + goto bail; + } + + for (rp = r; rp; rp = rp->ai_next) { + sock.sockfd = socket(rp->ai_family, rp->ai_socktype, + rp->ai_protocol); + if (sock.sockfd >= 0) + break; + } + if (!rp) { + lwsl_err("%s: unable to create INET socket\n", __func__); + goto bail1; + } + + if ((flags & LWS_CAUDP_BIND) && bind(sock.sockfd, rp->ai_addr, +#if defined(_WIN32) + (int)rp->ai_addrlen +#else + rp->ai_addrlen +#endif + ) == -1) { + lwsl_err("%s: bind failed\n", __func__); + goto bail2; + } + + wsi = lws_adopt_descriptor_vhost(vhost, LWS_ADOPT_RAW_SOCKET_UDP, sock, + protocol_name, parent_wsi); + if (!wsi) + lwsl_err("%s: udp adoption failed\n", __func__); + +bail2: + if (!wsi) + close((int)sock.sockfd); +bail1: + freeaddrinfo(r); + +bail: + return wsi; +} + +#endif + + + +static const char *hex = "0123456789ABCDEF"; + +LWS_VISIBLE LWS_EXTERN const char * +lws_sql_purify(char *escaped, const char *string, int len) +{ + const char *p = string; + char *q = escaped; + + while (*p && len-- > 2) { + if (*p == '\'') { + *q++ = '\''; + *q++ = '\''; + len --; + p++; + } else + *q++ = *p++; + } + *q = '\0'; + + return escaped; +} + +LWS_VISIBLE LWS_EXTERN const char * +lws_json_purify(char *escaped, const char *string, int len) +{ + const char *p = string; + char *q = escaped; + + if (!p) { + escaped[0] = '\0'; + return escaped; + } + + while (*p && len-- > 6) { + if (*p == '\"' || *p == '\\' || *p < 0x20) { + *q++ = '\\'; + *q++ = 'u'; + *q++ = '0'; + *q++ = '0'; + *q++ = hex[((*p) >> 4) & 15]; + *q++ = hex[(*p) & 15]; + len -= 5; + p++; + } else + *q++ = *p++; + } + *q = '\0'; + + return escaped; +} + +LWS_VISIBLE LWS_EXTERN void +lws_filename_purify_inplace(char *filename) +{ + while (*filename) { + + if (*filename == '.' && filename[1] == '.') { + *filename = '_'; + filename[1] = '_'; + } + + if (*filename == ':' || + *filename == '/' || + *filename == '\\' || + *filename == '$' || + *filename == '%') + *filename = '_'; + + filename++; + } +} + +LWS_VISIBLE LWS_EXTERN const char * +lws_urlencode(char *escaped, const char *string, int len) +{ + const char *p = string; + char *q = escaped; + + while (*p && len-- > 3) { + if (*p == ' ') { + *q++ = '+'; + p++; + continue; + } + if ((*p >= '0' && *p <= '9') || + (*p >= 'A' && *p <= 'Z') || + (*p >= 'a' && *p <= 'z')) { + *q++ = *p++; + continue; + } + *q++ = '%'; + *q++ = hex[(*p >> 4) & 0xf]; + *q++ = hex[*p & 0xf]; + + len -= 2; + p++; + } + *q = '\0'; + + return escaped; +} + +LWS_VISIBLE LWS_EXTERN int +lws_urldecode(char *string, const char *escaped, int len) +{ + int state = 0, n; + char sum = 0; + + while (*escaped && len) { + switch (state) { + case 0: + if (*escaped == '%') { + state++; + escaped++; + continue; + } + if (*escaped == '+') { + escaped++; + *string++ = ' '; + len--; + continue; + } + *string++ = *escaped++; + len--; + break; + case 1: + n = char_to_hex(*escaped); + if (n < 0) + return -1; + escaped++; + sum = n << 4; + state++; + break; + + case 2: + n = char_to_hex(*escaped); + if (n < 0) + return -1; + escaped++; + *string++ = sum | n; + len--; + state = 0; + break; + } + + } + *string = '\0'; + + return 0; +} + +LWS_VISIBLE LWS_EXTERN int +lws_finalize_startup(struct lws_context *context) +{ + struct lws_context_creation_info info; + + info.uid = context->uid; + info.gid = context->gid; + +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) + memcpy(info.caps, context->caps, sizeof(info.caps)); + info.count_caps = context->count_caps; +#endif + + if (lws_check_opt(context->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) + lws_plat_drop_app_privileges(&info); + + return 0; +} + +int +lws_snprintf(char *str, size_t size, const char *format, ...) +{ + va_list ap; + int n; + + if (!size) + return 0; + + va_start(ap, format); + n = vsnprintf(str, size, format, ap); + va_end(ap); + + if (n >= (int)size) + return (int)size; + + return n; +} + +char * +lws_strncpy(char *dest, const char *src, size_t size) +{ + strncpy(dest, src, size - 1); + dest[size - 1] = '\0'; + + return dest; +} + + +LWS_VISIBLE LWS_EXTERN int +lws_is_cgi(struct lws *wsi) { +#ifdef LWS_WITH_CGI + return !!wsi->http.cgi; +#else + return 0; +#endif +} + +const struct lws_protocol_vhost_options * +lws_pvo_search(const struct lws_protocol_vhost_options *pvo, const char *name) +{ + while (pvo) { + if (!strcmp(pvo->name, name)) + break; + + pvo = pvo->next; + } + + return pvo; +} + +void +lws_sum_stats(const struct lws_context *ctx, struct lws_conn_stats *cs) +{ + const struct lws_vhost *vh = ctx->vhost_list; + + while (vh) { + + cs->rx += vh->conn_stats.rx; + cs->tx += vh->conn_stats.tx; + cs->h1_conn += vh->conn_stats.h1_conn; + cs->h1_trans += vh->conn_stats.h1_trans; + cs->h2_trans += vh->conn_stats.h2_trans; + cs->ws_upg += vh->conn_stats.ws_upg; + cs->h2_upg += vh->conn_stats.h2_upg; + cs->h2_alpn += vh->conn_stats.h2_alpn; + cs->h2_subs += vh->conn_stats.h2_subs; + cs->rejected += vh->conn_stats.rejected; + + vh = vh->vhost_next; + } +} + +const char * +lws_cmdline_option(int argc, const char **argv, const char *val) +{ + int n = (int)strlen(val), c = argc; + + while (--c > 0) { + + if (!strncmp(argv[c], val, n)) { + if (!*(argv[c] + n) && c < argc - 1) { + /* coverity treats unchecked argv as "tainted" */ + if (!argv[c + 1] || strlen(argv[c + 1]) > 1024) + return NULL; + return argv[c + 1]; + } + + return argv[c] + n; + } + } + + return NULL; +} + +#ifdef LWS_WITH_SERVER_STATUS + +LWS_EXTERN int +lws_json_dump_vhost(const struct lws_vhost *vh, char *buf, int len) +{ +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + static const char * const prots[] = { + "http://", + "https://", + "file://", + "cgi://", + ">http://", + ">https://", + "callback://" + }; +#endif + char *orig = buf, *end = buf + len - 1, first = 1; + int n = 0; + + if (len < 100) + return 0; + + buf += lws_snprintf(buf, end - buf, + "{\n \"name\":\"%s\",\n" + " \"port\":\"%d\",\n" + " \"use_ssl\":\"%d\",\n" + " \"sts\":\"%d\",\n" + " \"rx\":\"%llu\",\n" + " \"tx\":\"%llu\",\n" + " \"h1_conn\":\"%lu\",\n" + " \"h1_trans\":\"%lu\",\n" + " \"h2_trans\":\"%lu\",\n" + " \"ws_upg\":\"%lu\",\n" + " \"rejected\":\"%lu\",\n" + " \"h2_upg\":\"%lu\",\n" + " \"h2_alpn\":\"%lu\",\n" + " \"h2_subs\":\"%lu\"" + , + vh->name, vh->listen_port, +#if defined(LWS_WITH_TLS) + vh->tls.use_ssl & LCCSCF_USE_SSL, +#else + 0, +#endif + !!(vh->options & LWS_SERVER_OPTION_STS), + vh->conn_stats.rx, vh->conn_stats.tx, + vh->conn_stats.h1_conn, + vh->conn_stats.h1_trans, + vh->conn_stats.h2_trans, + vh->conn_stats.ws_upg, + vh->conn_stats.rejected, + vh->conn_stats.h2_upg, + vh->conn_stats.h2_alpn, + vh->conn_stats.h2_subs + ); +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + if (vh->http.mount_list) { + const struct lws_http_mount *m = vh->http.mount_list; + + buf += lws_snprintf(buf, end - buf, ",\n \"mounts\":["); + while (m) { + if (!first) + buf += lws_snprintf(buf, end - buf, ","); + buf += lws_snprintf(buf, end - buf, + "\n {\n \"mountpoint\":\"%s\",\n" + " \"origin\":\"%s%s\",\n" + " \"cache_max_age\":\"%d\",\n" + " \"cache_reuse\":\"%d\",\n" + " \"cache_revalidate\":\"%d\",\n" + " \"cache_intermediaries\":\"%d\"\n" + , + m->mountpoint, + prots[m->origin_protocol], + m->origin, + m->cache_max_age, + m->cache_reusable, + m->cache_revalidate, + m->cache_intermediaries); + if (m->def) + buf += lws_snprintf(buf, end - buf, + ",\n \"default\":\"%s\"", + m->def); + buf += lws_snprintf(buf, end - buf, "\n }"); + first = 0; + m = m->mount_next; + } + buf += lws_snprintf(buf, end - buf, "\n ]"); + } +#endif + if (vh->protocols) { + n = 0; + first = 1; + + buf += lws_snprintf(buf, end - buf, ",\n \"ws-protocols\":["); + while (n < vh->count_protocols) { + if (!first) + buf += lws_snprintf(buf, end - buf, ","); + buf += lws_snprintf(buf, end - buf, + "\n {\n \"%s\":{\n" + " \"status\":\"ok\"\n }\n }" + , + vh->protocols[n].name); + first = 0; + n++; + } + buf += lws_snprintf(buf, end - buf, "\n ]"); + } + + buf += lws_snprintf(buf, end - buf, "\n}"); + + return buf - orig; +} + + +LWS_EXTERN LWS_VISIBLE int +lws_json_dump_context(const struct lws_context *context, char *buf, int len, + int hide_vhosts) +{ + char *orig = buf, *end = buf + len - 1, first = 1; + const struct lws_vhost *vh = context->vhost_list; + const struct lws_context_per_thread *pt; + time_t t = time(NULL); + int n, listening = 0, cgi_count = 0; + struct lws_conn_stats cs; + double d = 0; +#ifdef LWS_WITH_CGI + struct lws_cgi * const *pcgi; +#endif + +#ifdef LWS_WITH_LIBUV + uv_uptime(&d); +#endif + + buf += lws_snprintf(buf, end - buf, "{ " + "\"version\":\"%s\",\n" + "\"uptime\":\"%ld\",\n", + lws_get_library_version(), + (long)d); + +#ifdef LWS_HAVE_GETLOADAVG + { + double d[3]; + int m; + + m = getloadavg(d, 3); + for (n = 0; n < m; n++) { + buf += lws_snprintf(buf, end - buf, + "\"l%d\":\"%.2f\",\n", + n + 1, d[n]); + } + } +#endif + + buf += lws_snprintf(buf, end - buf, "\"contexts\":[\n"); + + buf += lws_snprintf(buf, end - buf, "{ " + "\"context_uptime\":\"%ld\",\n" + "\"cgi_spawned\":\"%d\",\n" + "\"pt_fd_max\":\"%d\",\n" + "\"ah_pool_max\":\"%d\",\n" + "\"deprecated\":\"%d\",\n" + "\"wsi_alive\":\"%d\",\n", + (unsigned long)(t - context->time_up), + context->count_cgi_spawned, + context->fd_limit_per_thread, + context->max_http_header_pool, + context->deprecated, + context->count_wsi_allocated); + + buf += lws_snprintf(buf, end - buf, "\"pt\":[\n "); + for (n = 0; n < context->count_threads; n++) { + pt = &context->pt[n]; + if (n) + buf += lws_snprintf(buf, end - buf, ","); + buf += lws_snprintf(buf, end - buf, + "\n {\n" + " \"fds_count\":\"%d\",\n" + " \"ah_pool_inuse\":\"%d\",\n" + " \"ah_wait_list\":\"%d\"\n" + " }", + pt->fds_count, + pt->http.ah_count_in_use, + pt->http.ah_wait_list_length); + } + + buf += lws_snprintf(buf, end - buf, "]"); + + buf += lws_snprintf(buf, end - buf, ", \"vhosts\":[\n "); + + first = 1; + vh = context->vhost_list; + listening = 0; + cs = context->conn_stats; + lws_sum_stats(context, &cs); + while (vh) { + + if (!hide_vhosts) { + if (!first) + if(buf != end) + *buf++ = ','; + buf += lws_json_dump_vhost(vh, buf, end - buf); + first = 0; + } + if (vh->lserv_wsi) + listening++; + vh = vh->vhost_next; + } + + buf += lws_snprintf(buf, end - buf, + "],\n\"listen_wsi\":\"%d\",\n" + " \"rx\":\"%llu\",\n" + " \"tx\":\"%llu\",\n" + " \"h1_conn\":\"%lu\",\n" + " \"h1_trans\":\"%lu\",\n" + " \"h2_trans\":\"%lu\",\n" + " \"ws_upg\":\"%lu\",\n" + " \"rejected\":\"%lu\",\n" + " \"h2_alpn\":\"%lu\",\n" + " \"h2_subs\":\"%lu\",\n" + " \"h2_upg\":\"%lu\"", + listening, cs.rx, cs.tx, + cs.h1_conn, + cs.h1_trans, + cs.h2_trans, + cs.ws_upg, + cs.rejected, + cs.h2_alpn, + cs.h2_subs, + cs.h2_upg); + +#ifdef LWS_WITH_CGI + for (n = 0; n < context->count_threads; n++) { + pt = &context->pt[n]; + pcgi = &pt->http.cgi_list; + + while (*pcgi) { + pcgi = &(*pcgi)->cgi_list; + + cgi_count++; + } + } +#endif + buf += lws_snprintf(buf, end - buf, ",\n \"cgi_alive\":\"%d\"\n ", + cgi_count); + + buf += lws_snprintf(buf, end - buf, "}"); + + + buf += lws_snprintf(buf, end - buf, "]}\n "); + + return buf - orig; +} + +#endif + +#if defined(LWS_WITH_STATS) + +LWS_VISIBLE LWS_EXTERN uint64_t +lws_stats_get(struct lws_context *context, int index) +{ + if (index >= LWSSTATS_SIZE) + return 0; + + return context->lws_stats[index]; +} + +LWS_VISIBLE LWS_EXTERN void +lws_stats_log_dump(struct lws_context *context) +{ + struct lws_vhost *v = context->vhost_list; + int n, m; + + (void)m; + + if (!context->updated) + return; + + context->updated = 0; + + lwsl_notice("\n"); + lwsl_notice("LWS internal statistics dump ----->\n"); + lwsl_notice("LWSSTATS_C_CONNECTIONS: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_CONNECTIONS)); + lwsl_notice("LWSSTATS_C_API_CLOSE: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_API_CLOSE)); + lwsl_notice("LWSSTATS_C_API_READ: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_API_READ)); + lwsl_notice("LWSSTATS_C_API_LWS_WRITE: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_API_LWS_WRITE)); + lwsl_notice("LWSSTATS_C_API_WRITE: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_API_WRITE)); + lwsl_notice("LWSSTATS_C_WRITE_PARTIALS: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_WRITE_PARTIALS)); + lwsl_notice("LWSSTATS_C_WRITEABLE_CB_REQ: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_WRITEABLE_CB_REQ)); + lwsl_notice("LWSSTATS_C_WRITEABLE_CB_EFF_REQ: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_WRITEABLE_CB_EFF_REQ)); + lwsl_notice("LWSSTATS_C_WRITEABLE_CB: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_WRITEABLE_CB)); + lwsl_notice("LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN)); + lwsl_notice("LWSSTATS_C_SSL_CONNECTIONS_FAILED: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_SSL_CONNECTIONS_FAILED)); + lwsl_notice("LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED)); + lwsl_notice("LWSSTATS_C_SSL_CONNS_HAD_RX: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_SSL_CONNS_HAD_RX)); + lwsl_notice("LWSSTATS_C_PEER_LIMIT_AH_DENIED: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_PEER_LIMIT_AH_DENIED)); + lwsl_notice("LWSSTATS_C_PEER_LIMIT_WSI_DENIED: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_PEER_LIMIT_WSI_DENIED)); + + lwsl_notice("LWSSTATS_C_TIMEOUTS: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_TIMEOUTS)); + lwsl_notice("LWSSTATS_C_SERVICE_ENTRY: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_C_SERVICE_ENTRY)); + lwsl_notice("LWSSTATS_B_READ: %8llu\n", + (unsigned long long)lws_stats_get(context, LWSSTATS_B_READ)); + lwsl_notice("LWSSTATS_B_WRITE: %8llu\n", + (unsigned long long)lws_stats_get(context, LWSSTATS_B_WRITE)); + lwsl_notice("LWSSTATS_B_PARTIALS_ACCEPTED_PARTS: %8llu\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_B_PARTIALS_ACCEPTED_PARTS)); + lwsl_notice("LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY: %8llums\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY) / 1000); + if (lws_stats_get(context, LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED)) + lwsl_notice(" Avg accept delay: %8llums\n", + (unsigned long long)(lws_stats_get(context, + LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY) / + lws_stats_get(context, + LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED)) / 1000); + lwsl_notice("LWSSTATS_MS_SSL_RX_DELAY: %8llums\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_MS_SSL_RX_DELAY) / 1000); + if (lws_stats_get(context, LWSSTATS_C_SSL_CONNS_HAD_RX)) + lwsl_notice(" Avg accept-rx delay: %8llums\n", + (unsigned long long)(lws_stats_get(context, + LWSSTATS_MS_SSL_RX_DELAY) / + lws_stats_get(context, + LWSSTATS_C_SSL_CONNS_HAD_RX)) / 1000); + + lwsl_notice("LWSSTATS_MS_WRITABLE_DELAY: %8lluus\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_MS_WRITABLE_DELAY)); + lwsl_notice("LWSSTATS_MS_WORST_WRITABLE_DELAY: %8lluus\n", + (unsigned long long)lws_stats_get(context, + LWSSTATS_MS_WORST_WRITABLE_DELAY)); + if (lws_stats_get(context, LWSSTATS_C_WRITEABLE_CB)) + lwsl_notice(" Avg writable delay: %8lluus\n", + (unsigned long long)(lws_stats_get(context, + LWSSTATS_MS_WRITABLE_DELAY) / + lws_stats_get(context, LWSSTATS_C_WRITEABLE_CB))); + lwsl_notice("Simultaneous SSL restriction: %8d/%d\n", + context->simultaneous_ssl, + context->simultaneous_ssl_restriction); + + lwsl_notice("Live wsi: %8d\n", + context->count_wsi_allocated); + + context->updated = 1; + + while (v) { + if (v->lserv_wsi && + v->lserv_wsi->position_in_fds_table != LWS_NO_FDS_POS) { + + struct lws_context_per_thread *pt = + &context->pt[(int)v->lserv_wsi->tsi]; + struct lws_pollfd *pfd; + + pfd = &pt->fds[v->lserv_wsi->position_in_fds_table]; + + lwsl_notice(" Listen port %d actual POLLIN: %d\n", + v->listen_port, + (int)pfd->events & LWS_POLLIN); + } + + v = v->vhost_next; + } + + for (n = 0; n < context->count_threads; n++) { + struct lws_context_per_thread *pt = &context->pt[n]; + struct lws *wl; + int m = 0; + + lwsl_notice("PT %d\n", n + 1); + + lws_pt_lock(pt, __func__); + + lwsl_notice(" AH in use / max: %d / %d\n", + pt->http.ah_count_in_use, + context->max_http_header_pool); + + wl = pt->http.ah_wait_list; + while (wl) { + m++; + wl = wl->http.ah_wait_list; + } + + lwsl_notice(" AH wait list count / actual: %d / %d\n", + pt->http.ah_wait_list_length, m); + + lws_pt_unlock(pt); + } + +#if defined(LWS_WITH_PEER_LIMITS) + m = 0; + for (n = 0; n < (int)context->pl_hash_elements; n++) { + lws_start_foreach_llp(struct lws_peer **, peer, + context->pl_hash_table[n]) { + m++; + } lws_end_foreach_llp(peer, next); + } + + lwsl_notice(" Peers: total active %d\n", m); + if (m > 10) { + m = 10; + lwsl_notice(" (showing 10 peers only)\n"); + } + + if (m) { + for (n = 0; n < (int)context->pl_hash_elements; n++) { + char buf[72]; + + lws_start_foreach_llp(struct lws_peer **, peer, + context->pl_hash_table[n]) { + struct lws_peer *df = *peer; + + if (!lws_plat_inet_ntop(df->af, df->addr, buf, + sizeof(buf) - 1)) + strcpy(buf, "unknown"); +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + lwsl_notice(" peer %s: count wsi: %d, count ah: %d\n", + buf, df->count_wsi, + df->http.count_ah); +#else + lwsl_notice(" peer %s: count wsi: %d\n", + buf, df->count_wsi); +#endif + + if (!--m) + break; + } lws_end_foreach_llp(peer, next); + } + } +#endif + + lwsl_notice("\n"); +} + +void +lws_stats_atomic_bump(struct lws_context * context, + struct lws_context_per_thread *pt, int index, uint64_t bump) +{ + lws_pt_stats_lock(pt); + context->lws_stats[index] += bump; + if (index != LWSSTATS_C_SERVICE_ENTRY) + context->updated = 1; + lws_pt_stats_unlock(pt); +} + +void +lws_stats_atomic_max(struct lws_context * context, + struct lws_context_per_thread *pt, int index, uint64_t val) +{ + lws_pt_stats_lock(pt); + if (val > context->lws_stats[index]) { + context->lws_stats[index] = val; + context->updated = 1; + } + lws_pt_stats_unlock(pt); +} + +#endif + diff --git a/thirdparty/libwebsockets/core/output.c b/thirdparty/libwebsockets/core/output.c new file mode 100644 index 0000000000..11965a06b9 --- /dev/null +++ b/thirdparty/libwebsockets/core/output.c @@ -0,0 +1,320 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +/* + * notice this returns number of bytes consumed, or -1 + */ +int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len) +{ + struct lws_context *context = lws_get_context(wsi); + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + size_t real_len = len; + unsigned int n; + + // lwsl_hexdump_err(buf, len); + + /* + * Detect if we got called twice without going through the + * event loop to handle pending. This would be caused by either + * back-to-back writes in one WRITABLE (illegal) or calling lws_write() + * from outside the WRITABLE callback (illegal). + */ + if (wsi->could_have_pending) { + lwsl_hexdump_level(LLL_ERR, buf, len); + lwsl_err("** %p: vh: %s, prot: %s, role %s: " + "Illegal back-to-back write of %lu detected...\n", + wsi, wsi->vhost->name, wsi->protocol->name, + wsi->role_ops->name, + (unsigned long)len); + // assert(0); + + return -1; + } + + lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_WRITE, 1); + + if (!len) + return 0; + /* just ignore sends after we cleared the truncation buffer */ + if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE && !wsi->trunc_len) + return (int)len; + + if (wsi->trunc_len && (buf < wsi->trunc_alloc || + buf > (wsi->trunc_alloc + wsi->trunc_len + wsi->trunc_offset))) { + lwsl_hexdump_level(LLL_ERR, buf, len); + lwsl_err("** %p: vh: %s, prot: %s, Sending new %lu, pending truncated ...\n" + " It's illegal to do an lws_write outside of\n" + " the writable callback: fix your code\n", + wsi, wsi->vhost->name, wsi->protocol->name, + (unsigned long)len); + assert(0); + + return -1; + } + + if (!wsi->http2_substream && !lws_socket_is_valid(wsi->desc.sockfd)) + lwsl_warn("** error invalid sock but expected to send\n"); + + /* limit sending */ + if (wsi->protocol->tx_packet_size) + n = (int)wsi->protocol->tx_packet_size; + else { + n = (int)wsi->protocol->rx_buffer_size; + if (!n) + n = context->pt_serv_buf_size; + } + n += LWS_PRE + 4; + if (n > len) + n = (int)len; + + /* nope, send it on the socket directly */ + lws_latency_pre(context, wsi); + n = lws_ssl_capable_write(wsi, buf, n); + lws_latency(context, wsi, "send lws_issue_raw", n, n == len); + + /* something got written, it can have been truncated now */ + wsi->could_have_pending = 1; + + switch (n) { + case LWS_SSL_CAPABLE_ERROR: + /* we're going to close, let close know sends aren't possible */ + wsi->socket_is_permanently_unusable = 1; + return -1; + case LWS_SSL_CAPABLE_MORE_SERVICE: + /* + * nothing got sent, not fatal. Retry the whole thing later, + * ie, implying treat it was a truncated send so it gets + * retried + */ + n = 0; + break; + } + + /* + * we were already handling a truncated send? + */ + if (wsi->trunc_len) { + lwsl_info("%p partial adv %d (vs %ld)\n", wsi, n, (long)real_len); + wsi->trunc_offset += n; + wsi->trunc_len -= n; + + if (!wsi->trunc_len) { + lwsl_info("** %p partial send completed\n", wsi); + /* done with it, but don't free it */ + n = (int)real_len; + if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE) { + lwsl_info("** %p signalling to close now\n", wsi); + return -1; /* retry closing now */ + } + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) +#if !defined(LWS_WITHOUT_SERVER) + if (wsi->http.deferred_transaction_completed) { + lwsl_notice("%s: partial completed, doing " + "deferred transaction completed\n", + __func__); + wsi->http.deferred_transaction_completed = 0; + return lws_http_transaction_completed(wsi); + } +#endif +#endif + } + /* always callback on writeable */ + lws_callback_on_writable(wsi); + + return n; + } + + if ((unsigned int)n == real_len) + /* what we just sent went out cleanly */ + return n; + + /* + * Newly truncated send. Buffer the remainder (it will get + * first priority next time the socket is writable). + */ + lwsl_debug("%p new partial sent %d from %lu total\n", wsi, n, + (unsigned long)real_len); + + lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITE_PARTIALS, 1); + lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_B_PARTIALS_ACCEPTED_PARTS, n); + + /* + * - if we still have a suitable malloc lying around, use it + * - or, if too small, reallocate it + * - or, if no buffer, create it + */ + if (!wsi->trunc_alloc || real_len - n > wsi->trunc_alloc_len) { + lws_free(wsi->trunc_alloc); + + wsi->trunc_alloc_len = (unsigned int)(real_len - n); + wsi->trunc_alloc = lws_malloc(real_len - n, + "truncated send alloc"); + if (!wsi->trunc_alloc) { + lwsl_err("truncated send: unable to malloc %lu\n", + (unsigned long)(real_len - n)); + return -1; + } + } + wsi->trunc_offset = 0; + wsi->trunc_len = (unsigned int)(real_len - n); + memcpy(wsi->trunc_alloc, buf + n, real_len - n); + +#if !defined(LWS_WITH_ESP32) + if (lws_wsi_is_udp(wsi)) { + /* stash original destination for fulfilling UDP partials */ + wsi->udp->sa_pending = wsi->udp->sa; + wsi->udp->salen_pending = wsi->udp->salen; + } +#endif + + /* since something buffered, force it to get another chance to send */ + lws_callback_on_writable(wsi); + + return (int)real_len; +} + +LWS_VISIBLE int lws_write(struct lws *wsi, unsigned char *buf, size_t len, + enum lws_write_protocol wp) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + if (wsi->parent_carries_io) { + struct lws_write_passthru pas; + + pas.buf = buf; + pas.len = len; + pas.wp = wp; + pas.wsi = wsi; + + if (wsi->parent->protocol->callback(wsi->parent, + LWS_CALLBACK_CHILD_WRITE_VIA_PARENT, + wsi->parent->user_space, + (void *)&pas, 0)) + return 1; + + return (int)len; + } + + lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_LWS_WRITE, 1); + + if ((int)len < 0) { + lwsl_err("%s: suspicious len int %d, ulong %lu\n", __func__, + (int)len, (unsigned long)len); + return -1; + } + + lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_B_WRITE, len); + +#ifdef LWS_WITH_ACCESS_LOG + wsi->http.access_log.sent += len; +#endif + if (wsi->vhost) + wsi->vhost->conn_stats.tx += len; + + assert(wsi->role_ops); + if (!wsi->role_ops->write_role_protocol) + return lws_issue_raw(wsi, buf, len); + + return wsi->role_ops->write_role_protocol(wsi, buf, len, &wp); +} + +LWS_VISIBLE int +lws_ssl_capable_read_no_ssl(struct lws *wsi, unsigned char *buf, int len) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + int n = 0; + + lws_stats_atomic_bump(context, pt, LWSSTATS_C_API_READ, 1); + + if (lws_wsi_is_udp(wsi)) { +#if !defined(LWS_WITH_ESP32) + wsi->udp->salen = sizeof(wsi->udp->sa); + n = recvfrom(wsi->desc.sockfd, (char *)buf, len, 0, + &wsi->udp->sa, &wsi->udp->salen); +#endif + } else + n = recv(wsi->desc.sockfd, (char *)buf, len, 0); + + if (n >= 0) { + if (wsi->vhost) + wsi->vhost->conn_stats.rx += n; + lws_stats_atomic_bump(context, pt, LWSSTATS_B_READ, n); + + return n; + } + + if (LWS_ERRNO == LWS_EAGAIN || + LWS_ERRNO == LWS_EWOULDBLOCK || + LWS_ERRNO == LWS_EINTR) + return LWS_SSL_CAPABLE_MORE_SERVICE; + + lwsl_notice("error on reading from skt : %d\n", LWS_ERRNO); + return LWS_SSL_CAPABLE_ERROR; +} + +LWS_VISIBLE int +lws_ssl_capable_write_no_ssl(struct lws *wsi, unsigned char *buf, int len) +{ + int n = 0; + + if (lws_wsi_is_udp(wsi)) { +#if !defined(LWS_WITH_ESP32) + if (wsi->trunc_len) + n = sendto(wsi->desc.sockfd, buf, len, 0, &wsi->udp->sa_pending, wsi->udp->salen_pending); + else + n = sendto(wsi->desc.sockfd, buf, len, 0, &wsi->udp->sa, wsi->udp->salen); +#endif + } else + n = send(wsi->desc.sockfd, (char *)buf, len, MSG_NOSIGNAL); +// lwsl_info("%s: sent len %d result %d", __func__, len, n); + if (n >= 0) + return n; + + if (LWS_ERRNO == LWS_EAGAIN || + LWS_ERRNO == LWS_EWOULDBLOCK || + LWS_ERRNO == LWS_EINTR) { + if (LWS_ERRNO == LWS_EWOULDBLOCK) { + lws_set_blocking_send(wsi); + } + + return LWS_SSL_CAPABLE_MORE_SERVICE; + } + + lwsl_debug("ERROR writing len %d to skt fd %d err %d / errno %d\n", + len, wsi->desc.sockfd, n, LWS_ERRNO); + + return LWS_SSL_CAPABLE_ERROR; +} + +LWS_VISIBLE int +lws_ssl_pending_no_ssl(struct lws *wsi) +{ + (void)wsi; +#if defined(LWS_WITH_ESP32) + return 100; +#else + return 0; +#endif +} diff --git a/thirdparty/libwebsockets/core/pollfd.c b/thirdparty/libwebsockets/core/pollfd.c new file mode 100644 index 0000000000..2a632ce8ec --- /dev/null +++ b/thirdparty/libwebsockets/core/pollfd.c @@ -0,0 +1,616 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +int +_lws_change_pollfd(struct lws *wsi, int _and, int _or, struct lws_pollargs *pa) +{ +#if !defined(LWS_WITH_LIBUV) && !defined(LWS_WITH_LIBEV) && !defined(LWS_WITH_LIBEVENT) + volatile struct lws_context_per_thread *vpt; +#endif + struct lws_context_per_thread *pt; + struct lws_context *context; + int ret = 0, pa_events = 1; + struct lws_pollfd *pfd; + int sampled_tid, tid; + + if (!wsi) + return 0; + + assert(wsi->position_in_fds_table == LWS_NO_FDS_POS || + wsi->position_in_fds_table >= 0); + + if (wsi->position_in_fds_table == LWS_NO_FDS_POS) + return 0; + + if (((volatile struct lws *)wsi)->handling_pollout && + !_and && _or == LWS_POLLOUT) { + /* + * Happening alongside service thread handling POLLOUT. + * The danger is when he is finished, he will disable POLLOUT, + * countermanding what we changed here. + * + * Instead of changing the fds, inform the service thread + * what happened, and ask it to leave POLLOUT active on exit + */ + ((volatile struct lws *)wsi)->leave_pollout_active = 1; + /* + * by definition service thread is not in poll wait, so no need + * to cancel service + */ + + lwsl_debug("%s: using leave_pollout_active\n", __func__); + + return 0; + } + + context = wsi->context; + pt = &context->pt[(int)wsi->tsi]; + + assert(wsi->position_in_fds_table < (int)pt->fds_count); + +#if !defined(LWS_WITH_LIBUV) && \ + !defined(LWS_WITH_LIBEV) && \ + !defined(LWS_WITH_LIBEVENT) + /* + * This only applies when we use the default poll() event loop. + * + * BSD can revert pa->events at any time, when the kernel decides to + * exit from poll(). We can't protect against it using locking. + * + * Therefore we must check first if the service thread is in poll() + * wait; if so, we know we must be being called from a foreign thread, + * and we must keep a strictly ordered list of changes we made instead + * of trying to apply them, since when poll() exits, which may happen + * at any time it would revert our changes. + * + * The plat code will apply them when it leaves the poll() wait + * before doing anything else. + */ + + vpt = (volatile struct lws_context_per_thread *)pt; + + vpt->foreign_spinlock = 1; + lws_memory_barrier(); + + if (vpt->inside_poll) { + struct lws_foreign_thread_pollfd *ftp, **ftp1; + /* + * We are certainly a foreign thread trying to change events + * while the service thread is in the poll() wait. + * + * Create a list of changes to be applied after poll() exit, + * instead of trying to apply them now. + */ + ftp = lws_malloc(sizeof(*ftp), "ftp"); + if (!ftp) { + vpt->foreign_spinlock = 0; + lws_memory_barrier(); + ret = -1; + goto bail; + } + + ftp->_and = _and; + ftp->_or = _or; + ftp->fd_index = wsi->position_in_fds_table; + ftp->next = NULL; + + /* place at END of list to maintain order */ + ftp1 = (struct lws_foreign_thread_pollfd **) + &vpt->foreign_pfd_list; + while (*ftp1) + ftp1 = &((*ftp1)->next); + + *ftp1 = ftp; + vpt->foreign_spinlock = 0; + lws_memory_barrier(); + lws_cancel_service_pt(wsi); + + return 0; + } + + vpt->foreign_spinlock = 0; + lws_memory_barrier(); +#endif + + pfd = &pt->fds[wsi->position_in_fds_table]; + pa->fd = wsi->desc.sockfd; + lwsl_debug("%s: wsi %p: fd %d events %d -> %d\n", __func__, wsi, pa->fd, pfd->events, (pfd->events & ~_and) | _or); + pa->prev_events = pfd->events; + pa->events = pfd->events = (pfd->events & ~_and) | _or; + + if (wsi->http2_substream) + return 0; + + if (wsi->vhost && + wsi->vhost->protocols[0].callback(wsi, + LWS_CALLBACK_CHANGE_MODE_POLL_FD, + wsi->user_space, (void *)pa, 0)) { + ret = -1; + goto bail; + } + + if (context->event_loop_ops->io) { + if (_and & LWS_POLLIN) + context->event_loop_ops->io(wsi, + LWS_EV_STOP | LWS_EV_READ); + + if (_or & LWS_POLLIN) + context->event_loop_ops->io(wsi, + LWS_EV_START | LWS_EV_READ); + + if (_and & LWS_POLLOUT) + context->event_loop_ops->io(wsi, + LWS_EV_STOP | LWS_EV_WRITE); + + if (_or & LWS_POLLOUT) + context->event_loop_ops->io(wsi, + LWS_EV_START | LWS_EV_WRITE); + } + + /* + * if we changed something in this pollfd... + * ... and we're running in a different thread context + * than the service thread... + * ... and the service thread is waiting ... + * then cancel it to force a restart with our changed events + */ + pa_events = pa->prev_events != pa->events; + + if (pa_events) { + if (lws_plat_change_pollfd(context, wsi, pfd)) { + lwsl_info("%s failed\n", __func__); + ret = -1; + goto bail; + } + sampled_tid = context->service_tid; + if (sampled_tid && wsi->vhost) { + tid = wsi->vhost->protocols[0].callback(wsi, + LWS_CALLBACK_GET_THREAD_ID, NULL, NULL, 0); + if (tid == -1) { + ret = -1; + goto bail; + } + if (tid != sampled_tid) + lws_cancel_service_pt(wsi); + } + } + +bail: + return ret; +} + +#ifndef LWS_NO_SERVER +/* + * Enable or disable listen sockets on this pt globally... + * it's modulated according to the pt having space for a new accept. + */ +static void +lws_accept_modulation(struct lws_context *context, + struct lws_context_per_thread *pt, int allow) +{ + struct lws_vhost *vh = context->vhost_list; + struct lws_pollargs pa1; + + while (vh) { + if (vh->lserv_wsi) { + if (allow) + _lws_change_pollfd(vh->lserv_wsi, + 0, LWS_POLLIN, &pa1); + else + _lws_change_pollfd(vh->lserv_wsi, + LWS_POLLIN, 0, &pa1); + } + vh = vh->vhost_next; + } +} +#endif + +int +__insert_wsi_socket_into_fds(struct lws_context *context, struct lws *wsi) +{ + struct lws_pollargs pa = { wsi->desc.sockfd, LWS_POLLIN, 0 }; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + int ret = 0; + + + lwsl_debug("%s: %p: tsi=%d, sock=%d, pos-in-fds=%d\n", + __func__, wsi, wsi->tsi, wsi->desc.sockfd, pt->fds_count); + + if ((unsigned int)pt->fds_count >= context->fd_limit_per_thread) { + lwsl_err("Too many fds (%d vs %d)\n", context->max_fds, + context->fd_limit_per_thread ); + return 1; + } + +#if !defined(_WIN32) + if (wsi->desc.sockfd - lws_plat_socket_offset() >= context->max_fds) { + lwsl_err("Socket fd %d is too high (%d) offset %d\n", + wsi->desc.sockfd, context->max_fds, lws_plat_socket_offset()); + return 1; + } +#endif + + assert(wsi); + assert(wsi->event_pipe || wsi->vhost); + assert(lws_socket_is_valid(wsi->desc.sockfd)); + + if (wsi->vhost && + wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_LOCK_POLL, + wsi->user_space, (void *) &pa, 1)) + return -1; + + pt->count_conns++; + insert_wsi(context, wsi); + wsi->position_in_fds_table = pt->fds_count; + + pt->fds[wsi->position_in_fds_table].fd = wsi->desc.sockfd; + pt->fds[wsi->position_in_fds_table].events = LWS_POLLIN; + pa.events = pt->fds[pt->fds_count].events; + + lws_plat_insert_socket_into_fds(context, wsi); + + /* external POLL support via protocol 0 */ + if (wsi->vhost && + wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_ADD_POLL_FD, + wsi->user_space, (void *) &pa, 0)) + ret = -1; +#ifndef LWS_NO_SERVER + /* if no more room, defeat accepts on this thread */ + if ((unsigned int)pt->fds_count == context->fd_limit_per_thread - 1) + lws_accept_modulation(context, pt, 0); +#endif + + if (wsi->vhost && + wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_UNLOCK_POLL, + wsi->user_space, (void *)&pa, 1)) + ret = -1; + + return ret; +} + +int +__remove_wsi_socket_from_fds(struct lws *wsi) +{ + struct lws_context *context = wsi->context; + struct lws_pollargs pa = { wsi->desc.sockfd, 0, 0 }; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + struct lws *end_wsi; + int v; + int m, ret = 0; + + if (wsi->parent_carries_io) { + lws_same_vh_protocol_remove(wsi); + return 0; + } + +#if !defined(_WIN32) + if (wsi->desc.sockfd - lws_plat_socket_offset() > context->max_fds) { + lwsl_err("fd %d too high (%d)\n", wsi->desc.sockfd, + context->max_fds); + return 1; + } +#endif + + if (wsi->vhost && + wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_LOCK_POLL, + wsi->user_space, (void *)&pa, 1)) + return -1; + + lws_same_vh_protocol_remove(wsi); + + /* the guy who is to be deleted's slot index in pt->fds */ + m = wsi->position_in_fds_table; + + /* these are the only valid possibilities for position_in_fds_table */ + assert(m == LWS_NO_FDS_POS || (m >= 0 && + (unsigned int)m < pt->fds_count)); + + if (context->event_loop_ops->io) + context->event_loop_ops->io(wsi, + LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE | + LWS_EV_PREPARE_DELETION); + + lwsl_debug("%s: wsi=%p, sock=%d, fds pos=%d, end guy pos=%d, endfd=%d\n", + __func__, wsi, wsi->desc.sockfd, wsi->position_in_fds_table, + pt->fds_count, pt->fds[pt->fds_count].fd); + + if (m != LWS_NO_FDS_POS) { + + /* have the last guy take up the now vacant slot */ + pt->fds[m] = pt->fds[pt->fds_count - 1]; + /* this decrements pt->fds_count */ + lws_plat_delete_socket_from_fds(context, wsi, m); + v = (int) pt->fds[m].fd; + /* end guy's "position in fds table" is now the deletion guy's old one */ + end_wsi = wsi_from_fd(context, v); + if (!end_wsi) { + lwsl_err("no wsi for fd %d at pos %d, pt->fds_count=%d\n", + (int)pt->fds[m].fd, m, pt->fds_count); + assert(0); + } else + end_wsi->position_in_fds_table = m; + + /* deletion guy's lws_lookup entry needs nuking */ + delete_from_fd(context, wsi->desc.sockfd); + + /* removed wsi has no position any more */ + wsi->position_in_fds_table = LWS_NO_FDS_POS; + } + + /* remove also from external POLL support via protocol 0 */ + if (lws_socket_is_valid(wsi->desc.sockfd) && wsi->vhost && + wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_DEL_POLL_FD, + wsi->user_space, (void *) &pa, 0)) + ret = -1; + +#ifndef LWS_NO_SERVER + if (!context->being_destroyed && + /* if this made some room, accept connects on this thread */ + (unsigned int)pt->fds_count < context->fd_limit_per_thread - 1) + lws_accept_modulation(context, pt, 1); +#endif + + if (wsi->vhost && + wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_UNLOCK_POLL, + wsi->user_space, (void *) &pa, 1)) + ret = -1; + + return ret; +} + +int +__lws_change_pollfd(struct lws *wsi, int _and, int _or) +{ + struct lws_context *context; + struct lws_pollargs pa; + int ret = 0; + + if (!wsi || (!wsi->protocol && !wsi->event_pipe) || + wsi->position_in_fds_table == LWS_NO_FDS_POS) + return 0; + + context = lws_get_context(wsi); + if (!context) + return 1; + + if (wsi->vhost && + wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_LOCK_POLL, + wsi->user_space, (void *) &pa, 0)) + return -1; + + ret = _lws_change_pollfd(wsi, _and, _or, &pa); + if (wsi->vhost && + wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_UNLOCK_POLL, + wsi->user_space, (void *) &pa, 0)) + ret = -1; + + return ret; +} + +int +lws_change_pollfd(struct lws *wsi, int _and, int _or) +{ + struct lws_context_per_thread *pt; + int ret = 0; + + pt = &wsi->context->pt[(int)wsi->tsi]; + + lws_pt_lock(pt, __func__); + ret = __lws_change_pollfd(wsi, _and, _or); + lws_pt_unlock(pt); + + return ret; +} + +LWS_VISIBLE int +lws_callback_on_writable(struct lws *wsi) +{ + struct lws_context_per_thread *pt; + int n; + + if (lwsi_state(wsi) == LRS_SHUTDOWN) + return 0; + + if (wsi->socket_is_permanently_unusable) + return 0; + + pt = &wsi->context->pt[(int)wsi->tsi]; + + if (wsi->parent_carries_io) { +#if defined(LWS_WITH_STATS) + if (!wsi->active_writable_req_us) { + wsi->active_writable_req_us = time_in_microseconds(); + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_WRITEABLE_CB_EFF_REQ, 1); + } +#endif + n = lws_callback_on_writable(wsi->parent); + if (n < 0) + return n; + + wsi->parent_pending_cb_on_writable = 1; + return 1; + } + + lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITEABLE_CB_REQ, 1); +#if defined(LWS_WITH_STATS) + if (!wsi->active_writable_req_us) { + wsi->active_writable_req_us = time_in_microseconds(); + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_WRITEABLE_CB_EFF_REQ, 1); + } +#endif + + + if (wsi->role_ops->callback_on_writable) { + if (wsi->role_ops->callback_on_writable(wsi)) + return 1; + wsi = lws_get_network_wsi(wsi); + } + + if (wsi->position_in_fds_table == LWS_NO_FDS_POS) { + lwsl_debug("%s: failed to find socket %d\n", __func__, + wsi->desc.sockfd); + return -1; + } + + if (__lws_change_pollfd(wsi, 0, LWS_POLLOUT)) + return -1; + + return 1; +} + + +/* + * stitch protocol choice into the vh protocol linked list + * We always insert ourselves at the start of the list + * + * X <-> B + * X <-> pAn <-> pB + * + * Illegal to attach more than once without detach inbetween + */ +void +lws_same_vh_protocol_insert(struct lws *wsi, int n) +{ + if (wsi->same_vh_protocol_prev || wsi->same_vh_protocol_next) { + lws_same_vh_protocol_remove(wsi); + lwsl_notice("Attempted to attach wsi twice to same vh prot\n"); + } + + lws_vhost_lock(wsi->vhost); + + wsi->same_vh_protocol_prev = &wsi->vhost->same_vh_protocol_list[n]; + /* old first guy is our next */ + wsi->same_vh_protocol_next = wsi->vhost->same_vh_protocol_list[n]; + /* we become the new first guy */ + wsi->vhost->same_vh_protocol_list[n] = wsi; + + if (wsi->same_vh_protocol_next) + /* old first guy points back to us now */ + wsi->same_vh_protocol_next->same_vh_protocol_prev = + &wsi->same_vh_protocol_next; + + wsi->on_same_vh_list = 1; + + lws_vhost_unlock(wsi->vhost); +} + +void +lws_same_vh_protocol_remove(struct lws *wsi) +{ + /* + * detach ourselves from vh protocol list if we're on one + * A -> B -> C + * A -> C , or, B -> C, or A -> B + * + * OK to call on already-detached wsi + */ + lwsl_info("%s: removing same prot wsi %p\n", __func__, wsi); + + if (!wsi->vhost || !wsi->on_same_vh_list) + return; + + lws_vhost_lock(wsi->vhost); + + if (wsi->same_vh_protocol_prev) { + assert (*(wsi->same_vh_protocol_prev) == wsi); + lwsl_info("have prev %p, setting him to our next %p\n", + wsi->same_vh_protocol_prev, + wsi->same_vh_protocol_next); + + /* guy who pointed to us should point to our next */ + *(wsi->same_vh_protocol_prev) = wsi->same_vh_protocol_next; + } + + /* our next should point back to our prev */ + if (wsi->same_vh_protocol_next) + wsi->same_vh_protocol_next->same_vh_protocol_prev = + wsi->same_vh_protocol_prev; + + wsi->same_vh_protocol_prev = NULL; + wsi->same_vh_protocol_next = NULL; + wsi->on_same_vh_list = 0; + + lws_vhost_unlock(wsi->vhost); +} + + +LWS_VISIBLE int +lws_callback_on_writable_all_protocol_vhost(const struct lws_vhost *vhost, + const struct lws_protocols *protocol) +{ + struct lws *wsi; + + if (protocol < vhost->protocols || + protocol >= (vhost->protocols + vhost->count_protocols)) { + lwsl_err("%s: protocol %p is not from vhost %p (%p - %p)\n", + __func__, protocol, vhost->protocols, vhost, + (vhost->protocols + vhost->count_protocols)); + + return -1; + } + + wsi = vhost->same_vh_protocol_list[protocol - vhost->protocols]; + while (wsi) { + assert(wsi->protocol == protocol); + assert(*wsi->same_vh_protocol_prev == wsi); + if (wsi->same_vh_protocol_next) + assert(wsi->same_vh_protocol_next-> + same_vh_protocol_prev == + &wsi->same_vh_protocol_next); + + lws_callback_on_writable(wsi); + wsi = wsi->same_vh_protocol_next; + } + + return 0; +} + +LWS_VISIBLE int +lws_callback_on_writable_all_protocol(const struct lws_context *context, + const struct lws_protocols *protocol) +{ + struct lws_vhost *vhost; + int n; + + if (!context) + return 0; + + vhost = context->vhost_list; + + while (vhost) { + for (n = 0; n < vhost->count_protocols; n++) + if (protocol->callback == + vhost->protocols[n].callback && + !strcmp(protocol->name, vhost->protocols[n].name)) + break; + if (n != vhost->count_protocols) + lws_callback_on_writable_all_protocol_vhost( + vhost, &vhost->protocols[n]); + + vhost = vhost->vhost_next; + } + + return 0; +} diff --git a/thirdparty/libwebsockets/core/private.h b/thirdparty/libwebsockets/core/private.h new file mode 100644 index 0000000000..73748b0498 --- /dev/null +++ b/thirdparty/libwebsockets/core/private.h @@ -0,0 +1,1770 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "lws_config.h" +#include "lws_config_private.h" + +#if defined(LWS_WITH_CGI) && defined(LWS_HAVE_VFORK) + #define _GNU_SOURCE +#endif + +#if defined(__COVERITY__) && !defined(LWS_COVERITY_WORKAROUND) + #define LWS_COVERITY_WORKAROUND + typedef float _Float32; + typedef float _Float64; + typedef float _Float128; + typedef float _Float32x; + typedef float _Float64x; + typedef float _Float128x; +#endif + +#ifdef LWS_HAVE_SYS_TYPES_H + #include +#endif + +#include +#include +#include +#include +#include +#include +#include +#include + +#if defined(LWS_WITH_ESP32) + #define MSG_NOSIGNAL 0 + #define SOMAXCONN 3 +#endif + +#define STORE_IN_ROM +#include +#if LWS_MAX_SMP > 1 + #include +#endif + +#ifdef LWS_HAVE_SYS_STAT_H + #include +#endif + +#if defined(WIN32) || defined(_WIN32) + + #ifndef WIN32_LEAN_AND_MEAN + #define WIN32_LEAN_AND_MEAN + #endif + + #if (WINVER < 0x0501) + #undef WINVER + #undef _WIN32_WINNT + #define WINVER 0x0501 + #define _WIN32_WINNT WINVER + #endif + + #define LWS_NO_DAEMONIZE + #define LWS_ERRNO WSAGetLastError() + #define LWS_EAGAIN WSAEWOULDBLOCK + #define LWS_EALREADY WSAEALREADY + #define LWS_EINPROGRESS WSAEINPROGRESS + #define LWS_EINTR WSAEINTR + #define LWS_EISCONN WSAEISCONN + #define LWS_EWOULDBLOCK WSAEWOULDBLOCK + #define MSG_NOSIGNAL 0 + #define SHUT_RDWR SD_BOTH + #define SOL_TCP IPPROTO_TCP + #define SHUT_WR SD_SEND + + #define compatible_close(fd) closesocket(fd) + #define lws_set_blocking_send(wsi) wsi->sock_send_blocking = 1 + #define LWS_SOCK_INVALID (INVALID_SOCKET) + + #include + #include + #include + #include + #ifdef LWS_HAVE_IN6ADDR_H + #include + #endif + #include + #include + + #if !defined(LWS_HAVE_ATOLL) + #if defined(LWS_HAVE__ATOI64) + #define atoll _atoi64 + #else + #warning No atoll or _atoi64 available, using atoi + #define atoll atoi + #endif + #endif + + #ifndef __func__ + #define __func__ __FUNCTION__ + #endif + + #ifdef LWS_HAVE__VSNPRINTF + #define vsnprintf _vsnprintf + #endif + + /* we don't have an implementation for this on windows... */ + int kill(int pid, int sig); + int fork(void); + #ifndef SIGINT + #define SIGINT 2 + #endif + +#else /* not windows --> */ + + #include + #include + #include + #include + + #ifndef __cplusplus + #include + #endif + #include + #include + #include + + #if defined(LWS_BUILTIN_GETIFADDRS) + #include "./misc/getifaddrs.h" + #else + #if !defined(LWS_WITH_ESP32) + #if defined(__HAIKU__) + #define _BSD_SOURCE + #endif + #include + #endif + #endif + #if defined (__ANDROID__) + #include + #include + #elif defined (__sun) || defined(__HAIKU__) || defined(__QNX__) + #include + #else + #if !defined(LWS_WITH_ESP32) + #include + #endif + #endif + #include + #if !defined(LWS_WITH_ESP32) + #include + #include + #include + #include + #include + #include + #endif + #ifndef LWS_NO_FORK + #ifdef LWS_HAVE_SYS_PRCTL_H + #include + #endif + #endif + + #include + + #define LWS_ERRNO errno + #define LWS_EAGAIN EAGAIN + #define LWS_EALREADY EALREADY + #define LWS_EINPROGRESS EINPROGRESS + #define LWS_EINTR EINTR + #define LWS_EISCONN EISCONN + #define LWS_EWOULDBLOCK EWOULDBLOCK + + #define lws_set_blocking_send(wsi) + + #define LWS_SOCK_INVALID (-1) +#endif /* not windows */ + +#ifndef LWS_HAVE_BZERO + #ifndef bzero + #define bzero(b, len) (memset((b), '\0', (len)), (void) 0) + #endif +#endif + +#ifndef LWS_HAVE_STRERROR + #define strerror(x) "" +#endif + + +#define lws_socket_is_valid(x) (x != LWS_SOCK_INVALID) + +#include "libwebsockets.h" + +#include "tls/private.h" + +#if defined(WIN32) || defined(_WIN32) + #include + + #ifndef BIG_ENDIAN + #define BIG_ENDIAN 4321 /* to show byte order (taken from gcc) */ + #endif + #ifndef LITTLE_ENDIAN + #define LITTLE_ENDIAN 1234 + #endif + #ifndef BYTE_ORDER + #define BYTE_ORDER LITTLE_ENDIAN + #endif + + #undef __P + #ifndef __P + #if __STDC__ + #define __P(protos) protos + #else + #define __P(protos) () + #endif + #endif + +#else /* not windows */ + static LWS_INLINE int compatible_close(int fd) { return close(fd); } + + #include + #include + + #if defined(__APPLE__) + #include + #elif defined(__FreeBSD__) + #include + #elif defined(__linux__) + #include + #endif +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +#if defined(__QNX__) + #include + #if defined(__LITTLEENDIAN__) + #define BYTE_ORDER __LITTLEENDIAN__ + #define LITTLE_ENDIAN __LITTLEENDIAN__ + #define BIG_ENDIAN 4321 /* to show byte order (taken from gcc); for suppres warning that BIG_ENDIAN is not defined. */ + #endif + #if defined(__BIGENDIAN__) + #define BYTE_ORDER __BIGENDIAN__ + #define LITTLE_ENDIAN 1234 /* to show byte order (taken from gcc); for suppres warning that LITTLE_ENDIAN is not defined. */ + #define BIG_ENDIAN __BIGENDIAN__ + #endif +#endif + +#if defined(__sun) && defined(__GNUC__) + + #include + + #if !defined (BYTE_ORDER) + #define BYTE_ORDER __BYTE_ORDER__ + #endif + + #if !defined(LITTLE_ENDIAN) + #define LITTLE_ENDIAN __ORDER_LITTLE_ENDIAN__ + #endif + + #if !defined(BIG_ENDIAN) + #define BIG_ENDIAN __ORDER_BIG_ENDIAN__ + #endif + +#endif /* sun + GNUC */ + +#if !defined(BYTE_ORDER) + #define BYTE_ORDER __BYTE_ORDER +#endif +#if !defined(LITTLE_ENDIAN) + #define LITTLE_ENDIAN __LITTLE_ENDIAN +#endif +#if !defined(BIG_ENDIAN) + #define BIG_ENDIAN __BIG_ENDIAN +#endif + + +/* + * Mac OSX as well as iOS do not define the MSG_NOSIGNAL flag, + * but happily have something equivalent in the SO_NOSIGPIPE flag. + */ +#ifdef __APPLE__ +#define MSG_NOSIGNAL SO_NOSIGPIPE +#endif + +/* + * Solaris 11.X only supports POSIX 2001, MSG_NOSIGNAL appears in + * POSIX 2008. + */ +#ifdef __sun + #define MSG_NOSIGNAL 0 +#endif + +#ifdef _WIN32 + #ifndef FD_HASHTABLE_MODULUS + #define FD_HASHTABLE_MODULUS 32 + #endif +#endif + +#ifndef LWS_DEF_HEADER_LEN +#define LWS_DEF_HEADER_LEN 4096 +#endif +#ifndef LWS_DEF_HEADER_POOL +#define LWS_DEF_HEADER_POOL 4 +#endif +#ifndef LWS_MAX_PROTOCOLS +#define LWS_MAX_PROTOCOLS 5 +#endif +#ifndef LWS_MAX_EXTENSIONS_ACTIVE +#define LWS_MAX_EXTENSIONS_ACTIVE 1 +#endif +#ifndef LWS_MAX_EXT_OFFERS +#define LWS_MAX_EXT_OFFERS 8 +#endif +#ifndef SPEC_LATEST_SUPPORTED +#define SPEC_LATEST_SUPPORTED 13 +#endif +#ifndef AWAITING_TIMEOUT +#define AWAITING_TIMEOUT 20 +#endif +#ifndef CIPHERS_LIST_STRING +#define CIPHERS_LIST_STRING "DEFAULT" +#endif +#ifndef LWS_SOMAXCONN +#define LWS_SOMAXCONN SOMAXCONN +#endif + +#define MAX_WEBSOCKET_04_KEY_LEN 128 + +#ifndef SYSTEM_RANDOM_FILEPATH +#define SYSTEM_RANDOM_FILEPATH "/dev/urandom" +#endif + +#define LWS_H2_RX_SCRATCH_SIZE 512 + +#if defined(WIN32) || defined(_WIN32) + // Visual studio older than 2015 and WIN_CE has only _stricmp + #if (defined(_MSC_VER) && _MSC_VER < 1900) || defined(_WIN32_WCE) + #define strcasecmp _stricmp + #elif !defined(__MINGW32__) + #define strcasecmp stricmp + #endif + #define getdtablesize() 30000 +#endif + +/* + * All lws_tls...() functions must return this type, converting the + * native backend result and doing the extra work to determine which one + * as needed. + * + * Native TLS backend return codes are NOT ALLOWED outside the backend. + * + * Non-SSL mode also uses these types. + */ +enum lws_ssl_capable_status { + LWS_SSL_CAPABLE_ERROR = -1, /* it failed */ + LWS_SSL_CAPABLE_DONE = 0, /* it succeeded */ + LWS_SSL_CAPABLE_MORE_SERVICE_READ = -2, /* retry WANT_READ */ + LWS_SSL_CAPABLE_MORE_SERVICE_WRITE = -3, /* retry WANT_WRITE */ + LWS_SSL_CAPABLE_MORE_SERVICE = -4, /* general retry */ +}; + +#if defined(__clang__) +#define lws_memory_barrier() __sync_synchronize() +#elif defined(__GNUC__) +#define lws_memory_barrier() __sync_synchronize() +#else +#define lws_memory_barrier() +#endif + +/* + * + * ------ roles ------ + * + */ + +#include "roles/private.h" + +/* null-terminated array of pointers to roles lws built with */ +extern const struct lws_role_ops *available_roles[]; + +#define LWS_FOR_EVERY_AVAILABLE_ROLE_START(xx) { \ + const struct lws_role_ops **ppxx = available_roles; \ + while (*ppxx) { \ + const struct lws_role_ops *xx = *ppxx++; + +#define LWS_FOR_EVERY_AVAILABLE_ROLE_END }} + +/* + * + * ------ event_loop ops ------ + * + */ + +#include "event-libs/private.h" + +/* enums of socks version */ +enum socks_version { + SOCKS_VERSION_4 = 4, + SOCKS_VERSION_5 = 5 +}; + +/* enums of subnegotiation version */ +enum socks_subnegotiation_version { + SOCKS_SUBNEGOTIATION_VERSION_1 = 1, +}; + +/* enums of socks commands */ +enum socks_command { + SOCKS_COMMAND_CONNECT = 1, + SOCKS_COMMAND_BIND = 2, + SOCKS_COMMAND_UDP_ASSOCIATE = 3 +}; + +/* enums of socks address type */ +enum socks_atyp { + SOCKS_ATYP_IPV4 = 1, + SOCKS_ATYP_DOMAINNAME = 3, + SOCKS_ATYP_IPV6 = 4 +}; + +/* enums of socks authentication methods */ +enum socks_auth_method { + SOCKS_AUTH_NO_AUTH = 0, + SOCKS_AUTH_GSSAPI = 1, + SOCKS_AUTH_USERNAME_PASSWORD = 2 +}; + +/* enums of subnegotiation status */ +enum socks_subnegotiation_status { + SOCKS_SUBNEGOTIATION_STATUS_SUCCESS = 0, +}; + +/* enums of socks request reply */ +enum socks_request_reply { + SOCKS_REQUEST_REPLY_SUCCESS = 0, + SOCKS_REQUEST_REPLY_FAILURE_GENERAL = 1, + SOCKS_REQUEST_REPLY_CONNECTION_NOT_ALLOWED = 2, + SOCKS_REQUEST_REPLY_NETWORK_UNREACHABLE = 3, + SOCKS_REQUEST_REPLY_HOST_UNREACHABLE = 4, + SOCKS_REQUEST_REPLY_CONNECTION_REFUSED = 5, + SOCKS_REQUEST_REPLY_TTL_EXPIRED = 6, + SOCKS_REQUEST_REPLY_COMMAND_NOT_SUPPORTED = 7, + SOCKS_REQUEST_REPLY_ATYP_NOT_SUPPORTED = 8 +}; + +/* enums used to generate socks messages */ +enum socks_msg_type { + /* greeting */ + SOCKS_MSG_GREETING, + /* credential, user name and password */ + SOCKS_MSG_USERNAME_PASSWORD, + /* connect command */ + SOCKS_MSG_CONNECT +}; + +enum { + LWS_RXFLOW_ALLOW = (1 << 0), + LWS_RXFLOW_PENDING_CHANGE = (1 << 1), +}; + +struct lws_ring { + void *buf; + void (*destroy_element)(void *element); + uint32_t buflen; + uint32_t element_len; + uint32_t head; + uint32_t oldest_tail; +}; + +struct lws_protocols; +struct lws; + +struct lws_io_watcher { +#ifdef LWS_WITH_LIBEV + struct lws_io_watcher_libev ev; +#endif +#ifdef LWS_WITH_LIBUV + struct lws_io_watcher_libuv uv; +#endif +#ifdef LWS_WITH_LIBEVENT + struct lws_io_watcher_libevent event; +#endif + struct lws_context *context; + + uint8_t actual_events; +}; + +struct lws_signal_watcher { +#ifdef LWS_WITH_LIBEV + struct lws_signal_watcher_libev ev; +#endif +#ifdef LWS_WITH_LIBUV + struct lws_signal_watcher_libuv uv; +#endif +#ifdef LWS_WITH_LIBEVENT + struct lws_signal_watcher_libevent event; +#endif + struct lws_context *context; +}; + +#ifdef _WIN32 +#define LWS_FD_HASH(fd) ((fd ^ (fd >> 8) ^ (fd >> 16)) % FD_HASHTABLE_MODULUS) +struct lws_fd_hashtable { + struct lws **wsi; + int length; +}; +#endif + +struct lws_foreign_thread_pollfd { + struct lws_foreign_thread_pollfd *next; + int fd_index; + int _and; + int _or; +}; + + +#define LWS_HRTIMER_NOWAIT (0x7fffffffffffffffll) + +/* + * so we can have n connections being serviced simultaneously, + * these things need to be isolated per-thread. + */ + +struct lws_context_per_thread { +#if LWS_MAX_SMP > 1 + pthread_mutex_t lock; + pthread_mutex_t lock_stats; + pthread_t lock_owner; + const char *last_lock_reason; +#endif + + struct lws_context *context; + + /* + * usable by anything in the service code, but only if the scope + * does not last longer than the service action (since next service + * of any socket can likewise use it and overwrite) + */ + unsigned char *serv_buf; + + struct lws_dll_lws dll_head_timeout; + struct lws_dll_lws dll_head_hrtimer; + struct lws_dll_lws dll_head_buflist; /* guys with pending rxflow */ + +#if defined(LWS_WITH_TLS) + struct lws_pt_tls tls; +#endif + + struct lws_pollfd *fds; + volatile struct lws_foreign_thread_pollfd * volatile foreign_pfd_list; +#ifdef _WIN32 + WSAEVENT *events; +#endif + lws_sockfd_type dummy_pipe_fds[2]; + struct lws *pipe_wsi; + + /* --- role based members --- */ + +#if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) + struct lws_pt_role_ws ws; +#endif +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + struct lws_pt_role_http http; +#endif + + /* --- event library based members --- */ + +#if defined(LWS_WITH_LIBEV) + struct lws_pt_eventlibs_libev ev; +#endif +#if defined(LWS_WITH_LIBUV) + struct lws_pt_eventlibs_libuv uv; +#endif +#if defined(LWS_WITH_LIBEVENT) + struct lws_pt_eventlibs_libevent event; +#endif + +#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || defined(LWS_WITH_LIBEVENT) + struct lws_signal_watcher w_sigint; +#endif + + /* --- */ + + unsigned long count_conns; + unsigned int fds_count; + + volatile unsigned char inside_poll; + volatile unsigned char foreign_spinlock; + + unsigned char tid; + + unsigned char lock_depth; + unsigned char inside_service:1; + unsigned char event_loop_foreign:1; + unsigned char event_loop_destroy_processing_done:1; +}; + +struct lws_conn_stats { + unsigned long long rx, tx; + unsigned long h1_conn, h1_trans, h2_trans, ws_upg, h2_alpn, h2_subs, + h2_upg, rejected; +}; + +void +lws_sum_stats(const struct lws_context *ctx, struct lws_conn_stats *cs); + +struct lws_timed_vh_protocol { + struct lws_timed_vh_protocol *next; + const struct lws_protocols *protocol; + time_t time; + int reason; +}; + +/* + * virtual host -related context information + * vhostwide SSL context + * vhostwide proxy + * + * hierarchy: + * + * context -> vhost -> wsi + * + * incoming connection non-SSL vhost binding: + * + * listen socket -> wsi -> select vhost after first headers + * + * incoming connection SSL vhost binding: + * + * SSL SNI -> wsi -> bind after SSL negotiation + */ + + +struct lws_vhost { +#if !defined(LWS_WITHOUT_CLIENT) + char proxy_basic_auth_token[128]; +#endif +#if LWS_MAX_SMP > 1 + pthread_mutex_t lock; +#endif + +#if defined(LWS_ROLE_H2) + struct lws_vhost_role_h2 h2; +#endif +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + struct lws_vhost_role_http http; +#endif +#if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) + struct lws_vhost_role_ws ws; +#endif + +#if defined(LWS_WITH_SOCKS5) + char socks_proxy_address[128]; + char socks_user[96]; + char socks_password[96]; +#endif +#if defined(LWS_WITH_LIBEV) + struct lws_io_watcher w_accept; +#endif + struct lws_conn_stats conn_stats; + struct lws_context *context; + struct lws_vhost *vhost_next; + + struct lws *lserv_wsi; + const char *name; + const char *iface; + +#if !defined(LWS_WITH_ESP32) && !defined(OPTEE_TA) && !defined(WIN32) + int bind_iface; +#endif + const struct lws_protocols *protocols; + void **protocol_vh_privs; + const struct lws_protocol_vhost_options *pvo; + const struct lws_protocol_vhost_options *headers; + struct lws **same_vh_protocol_list; + struct lws_vhost *no_listener_vhost_list; +#if !defined(LWS_NO_CLIENT) + struct lws_dll_lws dll_active_client_conns; +#endif + +#if defined(LWS_WITH_TLS) + struct lws_vhost_tls tls; +#endif + + struct lws_timed_vh_protocol *timed_vh_protocol_list; + void *user; + + int listen_port; + +#if defined(LWS_WITH_SOCKS5) + unsigned int socks_proxy_port; +#endif + unsigned int options; + int count_protocols; + int ka_time; + int ka_probes; + int ka_interval; + int keepalive_timeout; + int timeout_secs_ah_idle; + +#ifdef LWS_WITH_ACCESS_LOG + int log_fd; +#endif + + unsigned int created_vhost_protocols:1; + unsigned int being_destroyed:1; + + unsigned char default_protocol_index; + unsigned char raw_protocol_index; +}; + +struct lws_deferred_free +{ + struct lws_deferred_free *next; + time_t deadline; + void *payload; +}; + +typedef union { +#ifdef LWS_WITH_IPV6 + struct sockaddr_in6 sa6; +#endif + struct sockaddr_in sa4; +} sockaddr46; + + +#if defined(LWS_WITH_PEER_LIMITS) +struct lws_peer { + struct lws_peer *next; + struct lws_peer *peer_wait_list; + + time_t time_created; + time_t time_closed_all; + + uint8_t addr[32]; + uint32_t hash; + uint32_t count_wsi; + uint32_t total_wsi; + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + struct lws_peer_role_http http; +#endif + + uint8_t af; +}; +#endif + +/* + * the rest is managed per-context, that includes + * + * - processwide single fd -> wsi lookup + * - contextwide headers pool + */ + +struct lws_context { + time_t last_timeout_check_s; + time_t last_ws_ping_pong_check_s; + time_t time_up; + time_t time_discontiguity; + time_t time_fixup; + const struct lws_plat_file_ops *fops; + struct lws_plat_file_ops fops_platform; + struct lws_context **pcontext_finalize; + + const struct lws_tls_ops *tls_ops; + +#if defined(LWS_WITH_HTTP2) + struct http2_settings set; +#endif +#if defined(LWS_WITH_ZIP_FOPS) + struct lws_plat_file_ops fops_zip; +#endif + struct lws_context_per_thread pt[LWS_MAX_SMP]; + struct lws_conn_stats conn_stats; +#if LWS_MAX_SMP > 1 + pthread_mutex_t lock; + int lock_depth; +#endif +#ifdef _WIN32 +/* different implementation between unix and windows */ + struct lws_fd_hashtable fd_hashtable[FD_HASHTABLE_MODULUS]; +#else + struct lws **lws_lookup; /* fd to wsi */ +#endif + struct lws_vhost *vhost_list; + struct lws_vhost *no_listener_vhost_list; + struct lws_vhost *vhost_pending_destruction_list; + struct lws_plugin *plugin_list; + struct lws_deferred_free *deferred_free_list; +#if defined(LWS_WITH_PEER_LIMITS) + struct lws_peer **pl_hash_table; + struct lws_peer *peer_wait_list; + time_t next_cull; +#endif + + void *external_baggage_free_on_destroy; + const struct lws_token_limits *token_limits; + void *user_space; + const struct lws_protocol_vhost_options *reject_service_keywords; + lws_reload_func deprecation_cb; + void (*eventlib_signal_cb)(void *event_lib_handle, int signum); + +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) + cap_value_t caps[4]; + char count_caps; +#endif + +#if defined(LWS_WITH_LIBEV) + struct lws_context_eventlibs_libev ev; +#endif +#if defined(LWS_WITH_LIBUV) + struct lws_context_eventlibs_libuv uv; +#endif +#if defined(LWS_WITH_LIBEVENT) + struct lws_context_eventlibs_libevent event; +#endif + struct lws_event_loop_ops *event_loop_ops; + + +#if defined(LWS_WITH_TLS) + struct lws_context_tls tls; +#endif + + char canonical_hostname[128]; + const char *server_string; + +#ifdef LWS_LATENCY + unsigned long worst_latency; + char worst_latency_info[256]; +#endif + +#if defined(LWS_WITH_STATS) + uint64_t lws_stats[LWSSTATS_SIZE]; + uint64_t last_dump; + int updated; +#endif +#if defined(LWS_WITH_ESP32) + unsigned long time_last_state_dump; + uint32_t last_free_heap; +#endif + + int max_fds; + int count_event_loop_static_asset_handles; + int started_with_parent; + int uid, gid; + + int fd_random; + + int count_wsi_allocated; + int count_cgi_spawned; + unsigned int options; + unsigned int fd_limit_per_thread; + unsigned int timeout_secs; + unsigned int pt_serv_buf_size; + int max_http_header_data; + int max_http_header_pool; + int simultaneous_ssl_restriction; + int simultaneous_ssl; +#if defined(LWS_WITH_PEER_LIMITS) + uint32_t pl_hash_elements; /* protected by context->lock */ + uint32_t count_peers; /* protected by context->lock */ + unsigned short ip_limit_ah; + unsigned short ip_limit_wsi; +#endif + unsigned int deprecated:1; + unsigned int being_destroyed:1; + unsigned int being_destroyed1:1; + unsigned int being_destroyed2:1; + unsigned int requested_kill:1; + unsigned int protocol_init_done:1; + unsigned int doing_protocol_init:1; + unsigned int done_protocol_destroy_cb:1; + unsigned int finalize_destroy_after_internal_loops_stopped:1; + /* + * set to the Thread ID that's doing the service loop just before entry + * to poll indicates service thread likely idling in poll() + * volatile because other threads may check it as part of processing + * for pollfd event change. + */ + volatile int service_tid; + int service_tid_detected; + + short count_threads; + short plugin_protocol_count; + short plugin_extension_count; + short server_string_len; + unsigned short ws_ping_pong_interval; + unsigned short deprecation_pending_listen_close_count; + + uint8_t max_fi; +}; + +int +lws_check_deferred_free(struct lws_context *context, int force); + +#define lws_get_context_protocol(ctx, x) ctx->vhost_list->protocols[x] +#define lws_get_vh_protocol(vh, x) vh->protocols[x] + +LWS_EXTERN void +__lws_close_free_wsi_final(struct lws *wsi); +LWS_EXTERN void +lws_libuv_closehandle(struct lws *wsi); +LWS_EXTERN int +lws_libuv_check_watcher_active(struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_plugins_init(struct lws_context * context, const char * const *d); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_plugins_destroy(struct lws_context * context); + +LWS_EXTERN void +lws_restart_ws_ping_pong_timer(struct lws *wsi); + +struct lws * +lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd); + +int +lws_jws_base64_enc(const char *in, size_t in_len, char *out, size_t out_max); + +void +lws_vhost_destroy1(struct lws_vhost *vh); + +enum { + LWS_EV_READ = (1 << 0), + LWS_EV_WRITE = (1 << 1), + LWS_EV_START = (1 << 2), + LWS_EV_STOP = (1 << 3), + + LWS_EV_PREPARE_DELETION = (1 << 31), +}; + + +#if defined(LWS_WITH_ESP32) +LWS_EXTERN int +lws_find_string_in_file(const char *filename, const char *string, int stringlen); +#endif + +#ifdef LWS_WITH_IPV6 +#define LWS_IPV6_ENABLED(vh) \ + (!lws_check_opt(vh->context->options, LWS_SERVER_OPTION_DISABLE_IPV6) && \ + !lws_check_opt(vh->options, LWS_SERVER_OPTION_DISABLE_IPV6)) +#else +#define LWS_IPV6_ENABLED(context) (0) +#endif + +#ifdef LWS_WITH_UNIX_SOCK +#define LWS_UNIX_SOCK_ENABLED(vhost) \ + (vhost->options & LWS_SERVER_OPTION_UNIX_SOCK) +#else +#define LWS_UNIX_SOCK_ENABLED(vhost) (0) +#endif + +enum uri_path_states { + URIPS_IDLE, + URIPS_SEEN_SLASH, + URIPS_SEEN_SLASH_DOT, + URIPS_SEEN_SLASH_DOT_DOT, +}; + +enum uri_esc_states { + URIES_IDLE, + URIES_SEEN_PERCENT, + URIES_SEEN_PERCENT_H1, +}; + + +#ifndef LWS_NO_CLIENT +struct client_info_stash { + char *address; + char *path; + char *host; + char *origin; + char *protocol; + char *method; + char *iface; + char *alpn; +}; +#endif + + +signed char char_to_hex(const char c); + + +struct lws_buflist { + struct lws_buflist *next; + + size_t len; + size_t pos; + + uint8_t buf[1]; /* true length of this is set by the oversize malloc */ +}; + +#define lws_wsi_is_udp(___wsi) (!!___wsi->udp) + +#define LWS_H2_FRAME_HEADER_LENGTH 9 + + +struct lws { + /* structs */ + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + struct _lws_http_mode_related http; +#endif +#if defined(LWS_ROLE_H2) + struct _lws_h2_related h2; +#endif +#if defined(LWS_ROLE_WS) + struct _lws_websocket_related *ws; /* allocated if we upgrade to ws */ +#endif + + const struct lws_role_ops *role_ops; + lws_wsi_state_t wsistate; + lws_wsi_state_t wsistate_pre_close; + + /* lifetime members */ + +#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || defined(LWS_WITH_LIBEVENT) + struct lws_io_watcher w_read; +#endif +#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBEVENT) + struct lws_io_watcher w_write; +#endif + + /* pointers */ + + struct lws_context *context; + struct lws_vhost *vhost; + struct lws *parent; /* points to parent, if any */ + struct lws *child_list; /* points to first child */ + struct lws *sibling_list; /* subsequent children at same level */ + + const struct lws_protocols *protocol; + struct lws **same_vh_protocol_prev, *same_vh_protocol_next; + + struct lws_dll_lws dll_timeout; + struct lws_dll_lws dll_hrtimer; + struct lws_dll_lws dll_buflist; /* guys with pending rxflow */ + +#if defined(LWS_WITH_PEER_LIMITS) + struct lws_peer *peer; +#endif + + struct lws_udp *udp; +#ifndef LWS_NO_CLIENT + struct client_info_stash *stash; + char *client_hostname_copy; + struct lws_dll_lws dll_active_client_conns; + struct lws_dll_lws dll_client_transaction_queue_head; + struct lws_dll_lws dll_client_transaction_queue; +#endif + void *user_space; + void *opaque_parent_data; + + struct lws_buflist *buflist; + + /* truncated send handling */ + unsigned char *trunc_alloc; /* non-NULL means buffering in progress */ + +#if defined(LWS_WITH_TLS) + struct lws_lws_tls tls; +#endif + + lws_sock_file_fd_type desc; /* .filefd / .sockfd */ +#if defined(LWS_WITH_STATS) + uint64_t active_writable_req_us; +#if defined(LWS_WITH_TLS) + uint64_t accept_start_us; +#endif +#endif + + lws_usec_t pending_timer; /* hrtimer fires */ + time_t pending_timeout_set; /* second-resolution timeout start */ + +#ifdef LWS_LATENCY + unsigned long action_start; + unsigned long latency_start; +#endif + + /* ints */ +#define LWS_NO_FDS_POS (-1) + int position_in_fds_table; + unsigned int trunc_alloc_len; /* size of malloc */ + unsigned int trunc_offset; /* where we are in terms of spilling */ + unsigned int trunc_len; /* how much is buffered */ +#ifndef LWS_NO_CLIENT + int chunk_remaining; +#endif + unsigned int cache_secs; + + unsigned int hdr_parsing_completed:1; + unsigned int http2_substream:1; + unsigned int upgraded_to_http2:1; + unsigned int h2_stream_carries_ws:1; + unsigned int seen_nonpseudoheader:1; + unsigned int listener:1; + unsigned int user_space_externally_allocated:1; + unsigned int socket_is_permanently_unusable:1; + unsigned int rxflow_change_to:2; + unsigned int conn_stat_done:1; + unsigned int cache_reuse:1; + unsigned int cache_revalidate:1; + unsigned int cache_intermediaries:1; + unsigned int favoured_pollin:1; + unsigned int sending_chunked:1; + unsigned int interpreting:1; + unsigned int already_did_cce:1; + unsigned int told_user_closed:1; + unsigned int told_event_loop_closed:1; + unsigned int waiting_to_send_close_frame:1; + unsigned int close_needs_ack:1; + unsigned int ipv6:1; + unsigned int parent_carries_io:1; + unsigned int parent_pending_cb_on_writable:1; + unsigned int cgi_stdout_zero_length:1; + unsigned int seen_zero_length_recv:1; + unsigned int rxflow_will_be_applied:1; + unsigned int event_pipe:1; + unsigned int on_same_vh_list:1; + unsigned int handling_404:1; + unsigned int protocol_bind_balance:1; + + unsigned int could_have_pending:1; /* detect back-to-back writes */ + unsigned int outer_will_close:1; + +#ifdef LWS_WITH_ACCESS_LOG + unsigned int access_log_pending:1; +#endif +#ifndef LWS_NO_CLIENT + unsigned int do_ws:1; /* whether we are doing http or ws flow */ + unsigned int chunked:1; /* if the clientside connection is chunked */ + unsigned int client_rx_avail:1; + unsigned int client_http_body_pending:1; + unsigned int transaction_from_pipeline_queue:1; + unsigned int keepalive_active:1; + unsigned int keepalive_rejected:1; + unsigned int client_pipeline:1; + unsigned int client_h2_alpn:1; + unsigned int client_h2_substream:1; +#endif + +#ifdef _WIN32 + unsigned int sock_send_blocking:1; +#endif + +#ifndef LWS_NO_CLIENT + unsigned short c_port; +#endif + unsigned short pending_timeout_limit; + + /* chars */ + + char lws_rx_parse_state; /* enum lws_rx_parse_state */ + char rx_frame_type; /* enum lws_write_protocol */ + char pending_timeout; /* enum pending_timeout */ + char tsi; /* thread service index we belong to */ + char protocol_interpret_idx; + char redirects; + uint8_t rxflow_bitmap; +#ifdef LWS_WITH_CGI + char cgi_channel; /* which of stdin/out/err */ + char hdr_state; +#endif +#ifndef LWS_NO_CLIENT + char chunk_parser; /* enum lws_chunk_parser */ +#endif +#if defined(LWS_WITH_CGI) || !defined(LWS_NO_CLIENT) + char reason_bf; /* internal writeable callback reason bitfield */ +#endif +#if defined(LWS_WITH_STATS) && defined(LWS_WITH_TLS) + char seen_rx; +#endif + uint8_t ws_over_h2_count; + /* volatile to make sure code is aware other thread can change */ + volatile char handling_pollout; + volatile char leave_pollout_active; +}; + +#define lws_is_flowcontrolled(w) (!!(wsi->rxflow_bitmap)) + +void +lws_service_do_ripe_rxflow(struct lws_context_per_thread *pt); + +LWS_EXTERN int log_level; + +LWS_EXTERN int +lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port, + const char *iface); + +#if defined(LWS_WITH_IPV6) +LWS_EXTERN unsigned long +lws_get_addr_scope(const char *ipaddr); +#endif + +LWS_EXTERN void +lws_close_free_wsi(struct lws *wsi, enum lws_close_status, const char *caller); +LWS_EXTERN void +__lws_close_free_wsi(struct lws *wsi, enum lws_close_status, const char *caller); + +LWS_EXTERN void +__lws_free_wsi(struct lws *wsi); + +LWS_EXTERN int +__remove_wsi_socket_from_fds(struct lws *wsi); +LWS_EXTERN int +lws_rxflow_cache(struct lws *wsi, unsigned char *buf, int n, int len); + +#ifndef LWS_LATENCY +static LWS_INLINE void +lws_latency(struct lws_context *context, struct lws *wsi, const char *action, + int ret, int completion) { + do { + (void)context; (void)wsi; (void)action; (void)ret; + (void)completion; + } while (0); +} +static LWS_INLINE void +lws_latency_pre(struct lws_context *context, struct lws *wsi) { + do { (void)context; (void)wsi; } while (0); +} +#else +#define lws_latency_pre(_context, _wsi) lws_latency(_context, _wsi, NULL, 0, 0) +extern void +lws_latency(struct lws_context *context, struct lws *wsi, const char *action, + int ret, int completion); +#endif + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_ws_client_rx_sm(struct lws *wsi, unsigned char c); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_parse(struct lws *wsi, unsigned char *buf, int *len); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_parse_urldecode(struct lws *wsi, uint8_t *_c); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_http_action(struct lws *wsi); + +LWS_EXTERN int +lws_b64_selftest(void); + +LWS_EXTERN int +lws_service_flag_pending(struct lws_context *context, int tsi); + +LWS_EXTERN int +lws_timed_callback_remove(struct lws_vhost *vh, struct lws_timed_vh_protocol *p); + +#if defined(_WIN32) +LWS_EXTERN struct lws * +wsi_from_fd(const struct lws_context *context, lws_sockfd_type fd); + +LWS_EXTERN int +insert_wsi(struct lws_context *context, struct lws *wsi); + +LWS_EXTERN int +delete_from_fd(struct lws_context *context, lws_sockfd_type fd); +#else +#define wsi_from_fd(A,B) A->lws_lookup[B - lws_plat_socket_offset()] +#define insert_wsi(A,B) assert(A->lws_lookup[B->desc.sockfd - lws_plat_socket_offset()] == 0); A->lws_lookup[B->desc.sockfd - lws_plat_socket_offset()]=B +#define delete_from_fd(A,B) A->lws_lookup[B - lws_plat_socket_offset()]=0 +#endif + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +__insert_wsi_socket_into_fds(struct lws_context *context, struct lws *wsi); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len); + +LWS_EXTERN void +lws_remove_from_timeout_list(struct lws *wsi); + +LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT +lws_client_connect_2(struct lws *wsi); + +LWS_VISIBLE struct lws * LWS_WARN_UNUSED_RESULT +lws_client_reset(struct lws **wsi, int ssl, const char *address, int port, + const char *path, const char *host); + +LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT +lws_create_new_server_wsi(struct lws_vhost *vhost, int fixed_tsi); + +LWS_EXTERN char * LWS_WARN_UNUSED_RESULT +lws_generate_client_handshake(struct lws *wsi, char *pkt); + +LWS_EXTERN int +lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd); + +LWS_EXTERN struct lws * +lws_client_connect_via_info2(struct lws *wsi); + + + +LWS_EXTERN void +lws_client_stash_destroy(struct lws *wsi); + +/* + * EXTENSIONS + */ + +#if defined(LWS_WITHOUT_EXTENSIONS) +#define lws_any_extension_handled(_a, _b, _c, _d) (0) +#define lws_ext_cb_active(_a, _b, _c, _d) (0) +#define lws_ext_cb_all_exts(_a, _b, _c, _d, _e) (0) +#define lws_issue_raw_ext_access lws_issue_raw +#define lws_context_init_extensions(_a, _b) +#endif + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_client_interpret_server_handshake(struct lws *wsi); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_ws_rx_sm(struct lws *wsi, char already_processed, unsigned char c); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_issue_raw_ext_access(struct lws *wsi, unsigned char *buf, size_t len); + +LWS_EXTERN void +lws_role_transition(struct lws *wsi, enum lwsi_role role, enum lwsi_state state, + struct lws_role_ops *ops); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +user_callback_handle_rxflow(lws_callback_function, struct lws *wsi, + enum lws_callback_reasons reason, void *user, + void *in, size_t len); + +LWS_EXTERN int +lws_plat_socket_offset(void); + +LWS_EXTERN int +lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd); + +LWS_EXTERN int +lws_plat_check_connection_error(struct lws *wsi); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_header_table_attach(struct lws *wsi, int autoservice); + +LWS_EXTERN int +lws_header_table_detach(struct lws *wsi, int autoservice); +LWS_EXTERN int +__lws_header_table_detach(struct lws *wsi, int autoservice); + +LWS_EXTERN void +lws_header_table_reset(struct lws *wsi, int autoservice); + +void +__lws_header_table_reset(struct lws *wsi, int autoservice); + +LWS_EXTERN char * LWS_WARN_UNUSED_RESULT +lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_hdr_simple_create(struct lws *wsi, enum lws_token_indexes h, const char *s); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_ensure_user_space(struct lws *wsi); + +LWS_EXTERN int +lws_change_pollfd(struct lws *wsi, int _and, int _or); + +#ifndef LWS_NO_SERVER + int _lws_vhost_init_server(const struct lws_context_creation_info *info, + struct lws_vhost *vhost); + LWS_EXTERN struct lws_vhost * + lws_select_vhost(struct lws_context *context, int port, const char *servername); + LWS_EXTERN int LWS_WARN_UNUSED_RESULT + lws_parse_ws(struct lws *wsi, unsigned char **buf, size_t len); + LWS_EXTERN void + lws_server_get_canonical_hostname(struct lws_context *context, + const struct lws_context_creation_info *info); +#else + #define _lws_vhost_init_server(_a, _b) (0) + #define lws_parse_ws(_a, _b, _c) (0) + #define lws_server_get_canonical_hostname(_a, _b) +#endif + +#ifndef LWS_NO_DAEMONIZE + LWS_EXTERN int get_daemonize_pid(); +#else + #define get_daemonize_pid() (0) +#endif + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +interface_to_sa(struct lws_vhost *vh, const char *ifname, + struct sockaddr_in *addr, size_t addrlen); +LWS_EXTERN void lwsl_emit_stderr(int level, const char *line); + +#if !defined(LWS_WITH_TLS) + #define LWS_SSL_ENABLED(context) (0) + #define lws_context_init_server_ssl(_a, _b) (0) + #define lws_ssl_destroy(_a) + #define lws_context_init_alpn(_a) + #define lws_ssl_capable_read lws_ssl_capable_read_no_ssl + #define lws_ssl_capable_write lws_ssl_capable_write_no_ssl + #define lws_ssl_pending lws_ssl_pending_no_ssl + #define lws_server_socket_service_ssl(_b, _c) (0) + #define lws_ssl_close(_a) (0) + #define lws_ssl_context_destroy(_a) + #define lws_ssl_SSL_CTX_destroy(_a) + #define lws_ssl_remove_wsi_from_buffered_list(_a) + #define __lws_ssl_remove_wsi_from_buffered_list(_a) + #define lws_context_init_ssl_library(_a) + #define lws_tls_check_all_cert_lifetimes(_a) + #define lws_tls_acme_sni_cert_destroy(_a) +#endif + + +#if LWS_MAX_SMP > 1 + +static LWS_INLINE void +lws_pt_mutex_init(struct lws_context_per_thread *pt) +{ + pthread_mutex_init(&pt->lock, NULL); + pthread_mutex_init(&pt->lock_stats, NULL); +} + +static LWS_INLINE void +lws_pt_mutex_destroy(struct lws_context_per_thread *pt) +{ + pthread_mutex_destroy(&pt->lock_stats); + pthread_mutex_destroy(&pt->lock); +} + +static LWS_INLINE void +lws_pt_lock(struct lws_context_per_thread *pt, const char *reason) +{ + if (pt->lock_owner == pthread_self()) { + pt->lock_depth++; + return; + } + pthread_mutex_lock(&pt->lock); + pt->last_lock_reason = reason; + pt->lock_owner = pthread_self(); + //lwsl_notice("tid %d: lock %s\n", pt->tid, reason); +} + +static LWS_INLINE void +lws_pt_unlock(struct lws_context_per_thread *pt) +{ + if (pt->lock_depth) { + pt->lock_depth--; + return; + } + pt->last_lock_reason = "free"; + pt->lock_owner = 0; + //lwsl_notice("tid %d: unlock %s\n", pt->tid, pt->last_lock_reason); + pthread_mutex_unlock(&pt->lock); +} + +static LWS_INLINE void +lws_pt_stats_lock(struct lws_context_per_thread *pt) +{ + pthread_mutex_lock(&pt->lock_stats); +} + +static LWS_INLINE void +lws_pt_stats_unlock(struct lws_context_per_thread *pt) +{ + pthread_mutex_unlock(&pt->lock_stats); +} + +static LWS_INLINE void +lws_context_lock(struct lws_context *context) +{ + pthread_mutex_lock(&context->lock); +} + +static LWS_INLINE void +lws_context_unlock(struct lws_context *context) +{ + pthread_mutex_unlock(&context->lock); +} + +static LWS_INLINE void +lws_vhost_lock(struct lws_vhost *vhost) +{ + pthread_mutex_lock(&vhost->lock); +} + +static LWS_INLINE void +lws_vhost_unlock(struct lws_vhost *vhost) +{ + pthread_mutex_unlock(&vhost->lock); +} + + +#else +#define lws_pt_mutex_init(_a) (void)(_a) +#define lws_pt_mutex_destroy(_a) (void)(_a) +#define lws_pt_lock(_a, b) (void)(_a) +#define lws_pt_unlock(_a) (void)(_a) +#define lws_context_lock(_a) (void)(_a) +#define lws_context_unlock(_a) (void)(_a) +#define lws_vhost_lock(_a) (void)(_a) +#define lws_vhost_unlock(_a) (void)(_a) +#define lws_pt_stats_lock(_a) (void)(_a) +#define lws_pt_stats_unlock(_a) (void)(_a) +#endif + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_ssl_capable_read_no_ssl(struct lws *wsi, unsigned char *buf, int len); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_ssl_capable_write_no_ssl(struct lws *wsi, unsigned char *buf, int len); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_ssl_pending_no_ssl(struct lws *wsi); + +int +lws_tls_check_cert_lifetime(struct lws_vhost *vhost); + +int lws_jws_selftest(void); + + +#ifndef LWS_NO_CLIENT +LWS_EXTERN int lws_client_socket_service(struct lws *wsi, + struct lws_pollfd *pollfd, + struct lws *wsi_conn); +LWS_EXTERN struct lws * +lws_client_wsi_effective(struct lws *wsi); +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_http_transaction_completed_client(struct lws *wsi); +#if !defined(LWS_WITH_TLS) + #define lws_context_init_client_ssl(_a, _b) (0) +#endif +LWS_EXTERN void +lws_decode_ssl_error(void); +#else +#define lws_context_init_client_ssl(_a, _b) (0) +#endif + +LWS_EXTERN int +__lws_rx_flow_control(struct lws *wsi); + +LWS_EXTERN int +_lws_change_pollfd(struct lws *wsi, int _and, int _or, struct lws_pollargs *pa); + +#ifndef LWS_NO_SERVER +LWS_EXTERN int +lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len); +#else +#define lws_server_socket_service(_b, _c) (0) +#define lws_handshake_server(_a, _b, _c) (0) +#endif + +#ifdef LWS_WITH_ACCESS_LOG +LWS_EXTERN int +lws_access_log(struct lws *wsi); +LWS_EXTERN void +lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int meth); +#else +#define lws_access_log(_a) +#endif + +LWS_EXTERN int +lws_cgi_kill_terminated(struct lws_context_per_thread *pt); + +LWS_EXTERN void +lws_cgi_remove_and_kill(struct lws *wsi); + +int +lws_protocol_init(struct lws_context *context); + +int +lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p); + +const struct lws_http_mount * +lws_find_mount(struct lws *wsi, const char *uri_ptr, int uri_len); + +/* + * custom allocator + */ +LWS_EXTERN void * +lws_realloc(void *ptr, size_t size, const char *reason); + +LWS_EXTERN void * LWS_WARN_UNUSED_RESULT +lws_zalloc(size_t size, const char *reason); + +#ifdef LWS_PLAT_OPTEE +void *lws_malloc(size_t size, const char *reason); +void lws_free(void *p); +#define lws_free_set_NULL(P) do { lws_free(P); (P) = NULL; } while(0) +#else +#define lws_malloc(S, R) lws_realloc(NULL, S, R) +#define lws_free(P) lws_realloc(P, 0, "lws_free") +#define lws_free_set_NULL(P) do { lws_realloc(P, 0, "free"); (P) = NULL; } while(0) +#endif + +char * +lws_strdup(const char *s); + +int +lws_plat_pipe_create(struct lws *wsi); +int +lws_plat_pipe_signal(struct lws *wsi); +void +lws_plat_pipe_close(struct lws *wsi); +int +lws_create_event_pipes(struct lws_context *context); + +int lws_open(const char *__file, int __oflag, ...); +void lws_plat_apply_FD_CLOEXEC(int n); + +const struct lws_plat_file_ops * +lws_vfs_select_fops(const struct lws_plat_file_ops *fops, const char *vfs_path, + const char **vpath); + +/* lws_plat_ */ +LWS_EXTERN void +lws_plat_delete_socket_from_fds(struct lws_context *context, + struct lws *wsi, int m); +LWS_EXTERN void +lws_plat_insert_socket_into_fds(struct lws_context *context, + struct lws *wsi); +LWS_EXTERN void +lws_plat_service_periodic(struct lws_context *context); + +LWS_EXTERN int +lws_plat_change_pollfd(struct lws_context *context, struct lws *wsi, + struct lws_pollfd *pfd); +LWS_EXTERN void +lws_add_wsi_to_draining_ext_list(struct lws *wsi); +LWS_EXTERN void +lws_remove_wsi_from_draining_ext_list(struct lws *wsi); +LWS_EXTERN int +lws_plat_context_early_init(void); +LWS_EXTERN void +lws_plat_context_early_destroy(struct lws_context *context); +LWS_EXTERN void +lws_plat_context_late_destroy(struct lws_context *context); +LWS_EXTERN int +lws_poll_listen_fd(struct lws_pollfd *fd); +LWS_EXTERN int +lws_plat_service(struct lws_context *context, int timeout_ms); +LWS_EXTERN LWS_VISIBLE int +_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi); +LWS_EXTERN int +lws_plat_init(struct lws_context *context, + const struct lws_context_creation_info *info); +LWS_EXTERN void +lws_plat_drop_app_privileges(const struct lws_context_creation_info *info); +LWS_EXTERN unsigned long long +time_in_microseconds(void); +LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT +lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt); +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_plat_inet_pton(int af, const char *src, void *dst); + +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_check_utf8(unsigned char *state, unsigned char *buf, size_t len); +LWS_EXTERN int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf, + lws_filepos_t *amount); + + +LWS_EXTERN void +lws_same_vh_protocol_remove(struct lws *wsi); +LWS_EXTERN void +lws_same_vh_protocol_insert(struct lws *wsi, int n); + +LWS_EXTERN int +lws_broadcast(struct lws_context *context, int reason, void *in, size_t len); + +#if defined(LWS_WITH_STATS) + void + lws_stats_atomic_bump(struct lws_context * context, + struct lws_context_per_thread *pt, int index, uint64_t bump); + void + lws_stats_atomic_max(struct lws_context * context, + struct lws_context_per_thread *pt, int index, uint64_t val); +#else + static LWS_INLINE uint64_t lws_stats_atomic_bump(struct lws_context * context, + struct lws_context_per_thread *pt, int index, uint64_t bump) { + (void)context; (void)pt; (void)index; (void)bump; return 0; } + static LWS_INLINE uint64_t lws_stats_atomic_max(struct lws_context * context, + struct lws_context_per_thread *pt, int index, uint64_t val) { + (void)context; (void)pt; (void)index; (void)val; return 0; } +#endif + +/* socks */ +void socks_generate_msg(struct lws *wsi, enum socks_msg_type type, + ssize_t *msg_len); + +#if defined(LWS_WITH_PEER_LIMITS) +void +lws_peer_track_wsi_close(struct lws_context *context, struct lws_peer *peer); +int +lws_peer_confirm_ah_attach_ok(struct lws_context *context, struct lws_peer *peer); +void +lws_peer_track_ah_detach(struct lws_context *context, struct lws_peer *peer); +void +lws_peer_cull_peer_wait_list(struct lws_context *context); +struct lws_peer * +lws_get_or_create_peer(struct lws_vhost *vhost, lws_sockfd_type sockfd); +void +lws_peer_add_wsi(struct lws_context *context, struct lws_peer *peer, + struct lws *wsi); +void +lws_peer_dump_from_wsi(struct lws *wsi); +#endif + +#ifdef LWS_WITH_HTTP_PROXY +hubbub_error +html_parser_cb(const hubbub_token *token, void *pw); +#endif + + +void +__lws_remove_from_timeout_list(struct lws *wsi); + +lws_usec_t +__lws_hrtimer_service(struct lws_context_per_thread *pt); + +void +__lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs); +int +__lws_change_pollfd(struct lws *wsi, int _and, int _or); + + +int +lws_callback_as_writeable(struct lws *wsi); +int +lws_buflist_aware_read(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_tokens *ebuf); +int +lws_buflist_aware_consume(struct lws *wsi, struct lws_tokens *ebuf, int used, + int buffered); + + +char * +lws_generate_client_ws_handshake(struct lws *wsi, char *p); +int +lws_client_ws_upgrade(struct lws *wsi, const char **cce); +int +lws_create_client_ws_object(struct lws_client_connect_info *i, struct lws *wsi); +int +lws_alpn_comma_to_openssl(const char *comma, uint8_t *os, int len); +int +lws_role_call_alpn_negotiated(struct lws *wsi, const char *alpn); +int +lws_tls_server_conn_alpn(struct lws *wsi); + +int +lws_ws_client_rx_sm_block(struct lws *wsi, unsigned char **buf, size_t len); +void +lws_destroy_event_pipe(struct lws *wsi); +void +lws_context_destroy2(struct lws_context *context); + +#ifdef __cplusplus +}; +#endif diff --git a/thirdparty/libwebsockets/core/service.c b/thirdparty/libwebsockets/core/service.c new file mode 100644 index 0000000000..6523058814 --- /dev/null +++ b/thirdparty/libwebsockets/core/service.c @@ -0,0 +1,987 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +int +lws_callback_as_writeable(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + int n, m; + + lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITEABLE_CB, 1); +#if defined(LWS_WITH_STATS) + if (wsi->active_writable_req_us) { + uint64_t ul = time_in_microseconds() - + wsi->active_writable_req_us; + + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_MS_WRITABLE_DELAY, ul); + lws_stats_atomic_max(wsi->context, pt, + LWSSTATS_MS_WORST_WRITABLE_DELAY, ul); + wsi->active_writable_req_us = 0; + } +#endif + + n = wsi->role_ops->writeable_cb[lwsi_role_server(wsi)]; + + m = user_callback_handle_rxflow(wsi->protocol->callback, + wsi, (enum lws_callback_reasons) n, + wsi->user_space, NULL, 0); + + return m; +} + +LWS_VISIBLE int +lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd) +{ + volatile struct lws *vwsi = (volatile struct lws *)wsi; + int n; + + //lwsl_notice("%s: %p\n", __func__, wsi); + + vwsi->leave_pollout_active = 0; + vwsi->handling_pollout = 1; + /* + * if another thread wants POLLOUT on us, from here on while + * handling_pollout is set, he will only set leave_pollout_active. + * If we are going to disable POLLOUT, we will check that first. + */ + wsi->could_have_pending = 0; /* clear back-to-back write detection */ + + /* + * user callback is lowest priority to get these notifications + * actually, since other pending things cannot be disordered + * + * Priority 1: pending truncated sends are incomplete ws fragments + * If anything else sent first the protocol would be + * corrupted. + */ + + if (wsi->trunc_len) { + //lwsl_notice("%s: completing partial\n", __func__); + if (lws_issue_raw(wsi, wsi->trunc_alloc + wsi->trunc_offset, + wsi->trunc_len) < 0) { + lwsl_info("%s signalling to close\n", __func__); + goto bail_die; + } + /* leave POLLOUT active either way */ + goto bail_ok; + } else + if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE) { + wsi->socket_is_permanently_unusable = 1; + goto bail_die; /* retry closing now */ + } + +#ifdef LWS_WITH_CGI + /* + * A cgi master's wire protocol remains h1 or h2. He is just getting + * his data from his child cgis. + */ + if (wsi->http.cgi) { + /* also one shot */ + if (pollfd) + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_info("failed at set pollfd\n"); + return 1; + } + goto user_service_go_again; + } +#endif + + /* if we got here, we should have wire protocol ops set on the wsi */ + assert(wsi->role_ops); + + if (!wsi->role_ops->handle_POLLOUT) + goto bail_ok; + + switch ((wsi->role_ops->handle_POLLOUT)(wsi)) { + case LWS_HP_RET_BAIL_OK: + goto bail_ok; + case LWS_HP_RET_BAIL_DIE: + goto bail_die; + case LWS_HP_RET_USER_SERVICE: + break; + default: + assert(0); + } + + /* one shot */ + + if (wsi->parent_carries_io) { + vwsi->handling_pollout = 0; + vwsi->leave_pollout_active = 0; + + return lws_callback_as_writeable(wsi); + } + + if (pollfd) { + int eff = vwsi->leave_pollout_active; + + if (!eff) { + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_info("failed at set pollfd\n"); + goto bail_die; + } + } + + vwsi->handling_pollout = 0; + + /* cannot get leave_pollout_active set after the above */ + if (!eff && wsi->leave_pollout_active) { + /* + * got set inbetween sampling eff and clearing + * handling_pollout, force POLLOUT on + */ + lwsl_debug("leave_pollout_active\n"); + if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) { + lwsl_info("failed at set pollfd\n"); + goto bail_die; + } + } + + vwsi->leave_pollout_active = 0; + } + + if (lwsi_role_client(wsi) && + !wsi->hdr_parsing_completed && + lwsi_state(wsi) != LRS_H2_WAITING_TO_SEND_HEADERS && + lwsi_state(wsi) != LRS_ISSUE_HTTP_BODY + ) + goto bail_ok; + + +#ifdef LWS_WITH_CGI +user_service_go_again: +#endif + + if (wsi->role_ops->perform_user_POLLOUT) { + if (wsi->role_ops->perform_user_POLLOUT(wsi) == -1) + goto bail_die; + else + goto bail_ok; + } + + lwsl_debug("%s: %p: non mux: wsistate 0x%x, ops %s\n", __func__, wsi, + wsi->wsistate, wsi->role_ops->name); + + vwsi = (volatile struct lws *)wsi; + vwsi->leave_pollout_active = 0; + + n = lws_callback_as_writeable(wsi); + vwsi->handling_pollout = 0; + + if (vwsi->leave_pollout_active) + lws_change_pollfd(wsi, 0, LWS_POLLOUT); + + return n; + + /* + * since these don't disable the POLLOUT, they are always doing the + * right thing for leave_pollout_active whether it was set or not. + */ + +bail_ok: + vwsi->handling_pollout = 0; + vwsi->leave_pollout_active = 0; + + return 0; + +bail_die: + vwsi->handling_pollout = 0; + vwsi->leave_pollout_active = 0; + + return -1; +} + +static int +__lws_service_timeout_check(struct lws *wsi, time_t sec) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + int n = 0; + + (void)n; + + /* + * if we went beyond the allowed time, kill the + * connection + */ + if (wsi->dll_timeout.prev && + lws_compare_time_t(wsi->context, sec, wsi->pending_timeout_set) > + wsi->pending_timeout_limit) { + + if (wsi->desc.sockfd != LWS_SOCK_INVALID && + wsi->position_in_fds_table >= 0) + n = pt->fds[wsi->position_in_fds_table].events; + + lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_TIMEOUTS, 1); + + /* no need to log normal idle keepalive timeout */ + if (wsi->pending_timeout != PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE) +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + lwsl_info("wsi %p: TIMEDOUT WAITING on %d " + "(did hdr %d, ah %p, wl %d, pfd " + "events %d) %llu vs %llu\n", + (void *)wsi, wsi->pending_timeout, + wsi->hdr_parsing_completed, wsi->http.ah, + pt->http.ah_wait_list_length, n, + (unsigned long long)sec, + (unsigned long long)wsi->pending_timeout_limit); +#if defined(LWS_WITH_CGI) + if (wsi->http.cgi) + lwsl_notice("CGI timeout: %s\n", wsi->http.cgi->summary); +#endif +#else + lwsl_info("wsi %p: TIMEDOUT WAITING on %d ", (void *)wsi, + wsi->pending_timeout); +#endif + + /* + * Since he failed a timeout, he already had a chance to do + * something and was unable to... that includes situations like + * half closed connections. So process this "failed timeout" + * close as a violent death and don't try to do protocol + * cleanup like flush partials. + */ + wsi->socket_is_permanently_unusable = 1; + if (lwsi_state(wsi) == LRS_WAITING_SSL && wsi->protocol) + wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_CONNECTION_ERROR, + wsi->user_space, + (void *)"Timed out waiting SSL", 21); + + __lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "timeout"); + + return 1; + } + + return 0; +} + +int lws_rxflow_cache(struct lws *wsi, unsigned char *buf, int n, int len) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + uint8_t *buffered; + size_t blen; + int ret = 0, m; + + /* his RX is flowcontrolled, don't send remaining now */ + blen = lws_buflist_next_segment_len(&wsi->buflist, &buffered); + if (blen) { + if (buf >= buffered && buf + len <= buffered + blen) { + /* rxflow while we were spilling prev rxflow */ + lwsl_info("%s: staying in rxflow buf\n", __func__); + + return 1; + } + ret = 1; + } + + /* a new rxflow, buffer it and warn caller */ + + m = lws_buflist_append_segment(&wsi->buflist, buf + n, len - n); + + if (m < 0) + return -1; + if (m) { + lwsl_debug("%s: added %p to rxflow list\n", __func__, wsi); + lws_dll_lws_add_front(&wsi->dll_buflist, &pt->dll_head_buflist); + } + + return ret; +} + +/* this is used by the platform service code to stop us waiting for network + * activity in poll() when we have something that already needs service + */ + +LWS_VISIBLE LWS_EXTERN int +lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi) +{ + struct lws_context_per_thread *pt = &context->pt[tsi]; + + /* Figure out if we really want to wait in poll() + * We only need to wait if really nothing already to do and we have + * to wait for something from network + */ +#if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) + /* 1) if we know we are draining rx ext, do not wait in poll */ + if (pt->ws.rx_draining_ext_list) + return 0; +#endif + + /* 2) if we know we have non-network pending data, do not wait in poll */ + + if (pt->context->tls_ops && + pt->context->tls_ops->fake_POLLIN_for_buffered) + if (pt->context->tls_ops->fake_POLLIN_for_buffered(pt)) + return 0; + + /* 3) If there is any wsi with rxflow buffered and in a state to process + * it, we should not wait in poll + */ + + lws_start_foreach_dll(struct lws_dll_lws *, d, pt->dll_head_buflist.next) { + struct lws *wsi = lws_container_of(d, struct lws, dll_buflist); + + if (lwsi_state(wsi) != LRS_DEFERRING_ACTION) + return 0; + + } lws_end_foreach_dll(d); + + return timeout_ms; +} + +/* + * POLLIN said there is something... we must read it, and either use it; or + * if other material already in the buflist append it and return the buflist + * head material. + */ +int +lws_buflist_aware_read(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_tokens *ebuf) +{ + int n, prior = (int)lws_buflist_next_segment_len(&wsi->buflist, NULL); + + ebuf->token = (char *)pt->serv_buf; + ebuf->len = lws_ssl_capable_read(wsi, pt->serv_buf, + wsi->context->pt_serv_buf_size); + + if (ebuf->len == LWS_SSL_CAPABLE_MORE_SERVICE && prior) + goto get_from_buflist; + + if (ebuf->len <= 0) + return 0; + + /* nothing in buflist already? Then just use what we read */ + + if (!prior) + return 0; + + /* stash what we read */ + + n = lws_buflist_append_segment(&wsi->buflist, (uint8_t *)ebuf->token, + ebuf->len); + if (n < 0) + return -1; + if (n) { + lwsl_debug("%s: added %p to rxflow list\n", __func__, wsi); + lws_dll_lws_add_front(&wsi->dll_buflist, &pt->dll_head_buflist); + } + + /* get the first buflist guy in line */ + +get_from_buflist: + + ebuf->len = (int)lws_buflist_next_segment_len(&wsi->buflist, + (uint8_t **)&ebuf->token); + + return 1; /* came from buflist */ +} + +int +lws_buflist_aware_consume(struct lws *wsi, struct lws_tokens *ebuf, int used, + int buffered) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + int m; + + /* it's in the buflist; we didn't use any */ + + if (!used && buffered) + return 0; + + if (used && buffered) { + m = lws_buflist_use_segment(&wsi->buflist, used); + lwsl_info("%s: draining rxflow: used %d, next %d\n", + __func__, used, m); + if (m) + return 0; + + lwsl_info("%s: removed %p from dll_buflist\n", __func__, wsi); + lws_dll_lws_remove(&wsi->dll_buflist); + + return 0; + } + + /* any remainder goes on the buflist */ + + if (used != ebuf->len) { + m = lws_buflist_append_segment(&wsi->buflist, + (uint8_t *)ebuf->token + used, + ebuf->len - used); + if (m < 0) + return 1; /* OOM */ + if (m) { + lwsl_debug("%s: added %p to rxflow list\n", __func__, wsi); + lws_dll_lws_add_front(&wsi->dll_buflist, &pt->dll_head_buflist); + } + } + + return 0; +} + +void +lws_service_do_ripe_rxflow(struct lws_context_per_thread *pt) +{ + struct lws_pollfd pfd; + + if (!pt->dll_head_buflist.next) + return; + + /* + * service all guys with pending rxflow that reached a state they can + * accept the pending data + */ + + lws_pt_lock(pt, __func__); + + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + pt->dll_head_buflist.next) { + struct lws *wsi = lws_container_of(d, struct lws, dll_buflist); + + pfd.events = LWS_POLLIN; + pfd.revents = LWS_POLLIN; + pfd.fd = -1; + + lwsl_debug("%s: rxflow processing: %p 0x%x\n", __func__, wsi, + wsi->wsistate); + + if (!lws_is_flowcontrolled(wsi) && + lwsi_state(wsi) != LRS_DEFERRING_ACTION && + (wsi->role_ops->handle_POLLIN)(pt, wsi, &pfd) == + LWS_HPI_RET_PLEASE_CLOSE_ME) + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "close_and_handled"); + + } lws_end_foreach_dll_safe(d, d1); + + lws_pt_unlock(pt); +} + +/* + * guys that need POLLIN service again without waiting for network action + * can force POLLIN here if not flowcontrolled, so they will get service. + * + * Return nonzero if anybody got their POLLIN faked + */ +int +lws_service_flag_pending(struct lws_context *context, int tsi) +{ + struct lws_context_per_thread *pt = &context->pt[tsi]; + +#if defined(LWS_WITH_TLS) + struct lws *wsi, *wsi_next; +#endif + int forced = 0; + + lws_pt_lock(pt, __func__); + + /* + * 1) If there is any wsi with a buflist and in a state to process + * it, we should not wait in poll + */ + + lws_start_foreach_dll(struct lws_dll_lws *, d, pt->dll_head_buflist.next) { + struct lws *wsi = lws_container_of(d, struct lws, dll_buflist); + + if (lwsi_state(wsi) != LRS_DEFERRING_ACTION) { + forced = 1; + break; + } + } lws_end_foreach_dll(d); + +#if defined(LWS_ROLE_WS) + forced |= role_ops_ws.service_flag_pending(context, tsi); +#endif + +#if defined(LWS_WITH_TLS) + /* + * 2) For all guys with buffered SSL read data already saved up, if they + * are not flowcontrolled, fake their POLLIN status so they'll get + * service to use up the buffered incoming data, even though their + * network socket may have nothing + */ + wsi = pt->tls.pending_read_list; + while (wsi) { + wsi_next = wsi->tls.pending_read_list_next; + pt->fds[wsi->position_in_fds_table].revents |= + pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN; + if (pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN) { + forced = 1; + /* + * he's going to get serviced now, take him off the + * list of guys with buffered SSL. If he still has some + * at the end of the service, he'll get put back on the + * list then. + */ + __lws_ssl_remove_wsi_from_buffered_list(wsi); + } + + wsi = wsi_next; + } +#endif + + lws_pt_unlock(pt); + + return forced; +} + +static int +lws_service_periodic_checks(struct lws_context *context, + struct lws_pollfd *pollfd, int tsi) +{ + struct lws_context_per_thread *pt = &context->pt[tsi]; + lws_sockfd_type our_fd = 0, tmp_fd; + struct lws *wsi; + int timed_out = 0; + time_t now; +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + struct allocated_headers *ah; + int m; +#endif + + if (!context->protocol_init_done) + if (lws_protocol_init(context)) + return -1; + + time(&now); + + /* + * handle case that system time was uninitialized when lws started + * at boot, and got initialized a little later + */ + if (context->time_up < 1464083026 && now > 1464083026) + context->time_up = now; + + if (context->last_timeout_check_s && + now - context->last_timeout_check_s > 100) { + /* + * There has been a discontiguity. Any stored time that is + * less than context->time_discontiguity should have context-> + * time_fixup added to it. + * + * Some platforms with no RTC will experience this as a normal + * event when ntp sets their clock, but we can have started + * long before that with a 0-based unix time. + */ + + context->time_discontiguity = now; + context->time_fixup = now - context->last_timeout_check_s; + + lwsl_notice("time discontiguity: at old time %llus, " + "new time %llus: +%llus\n", + (unsigned long long)context->last_timeout_check_s, + (unsigned long long)context->time_discontiguity, + (unsigned long long)context->time_fixup); + + context->last_timeout_check_s = now - 1; + } + + if (!lws_compare_time_t(context, context->last_timeout_check_s, now)) + return 0; + + context->last_timeout_check_s = now; + +#if defined(LWS_WITH_STATS) + if (!tsi && now - context->last_dump > 10) { + lws_stats_log_dump(context); + context->last_dump = now; + } +#endif + + lws_plat_service_periodic(context); + lws_check_deferred_free(context, 0); + +#if defined(LWS_WITH_PEER_LIMITS) + lws_peer_cull_peer_wait_list(context); +#endif + + /* retire unused deprecated context */ +#if !defined(LWS_PLAT_OPTEE) && !defined(LWS_WITH_ESP32) +#if !defined(_WIN32) + if (context->deprecated && !context->count_wsi_allocated) { + lwsl_notice("%s: ending deprecated context\n", __func__); + kill(getpid(), SIGINT); + return 0; + } +#endif +#endif + /* global timeout check once per second */ + + if (pollfd) + our_fd = pollfd->fd; + + /* + * Phase 1: check every wsi on the timeout check list + */ + + lws_pt_lock(pt, __func__); + + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + context->pt[tsi].dll_head_timeout.next) { + wsi = lws_container_of(d, struct lws, dll_timeout); + tmp_fd = wsi->desc.sockfd; + if (__lws_service_timeout_check(wsi, now)) { + /* he did time out... */ + if (tmp_fd == our_fd) + /* it was the guy we came to service! */ + timed_out = 1; + /* he's gone, no need to mark as handled */ + } + } lws_end_foreach_dll_safe(d, d1); + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + /* + * Phase 2: double-check active ah timeouts independent of wsi + * timeout status + */ + + ah = pt->http.ah_list; + while (ah) { + int len; + char buf[256]; + const unsigned char *c; + + if (!ah->in_use || !ah->wsi || !ah->assigned || + (ah->wsi->vhost && + lws_compare_time_t(context, now, ah->assigned) < + ah->wsi->vhost->timeout_secs_ah_idle + 360)) { + ah = ah->next; + continue; + } + + /* + * a single ah session somehow got held for + * an unreasonable amount of time. + * + * Dump info on the connection... + */ + wsi = ah->wsi; + buf[0] = '\0'; +#if !defined(LWS_PLAT_OPTEE) + lws_get_peer_simple(wsi, buf, sizeof(buf)); +#else + buf[0] = '\0'; +#endif + lwsl_notice("ah excessive hold: wsi %p\n" + " peer address: %s\n" + " ah pos %u\n", + wsi, buf, ah->pos); + buf[0] = '\0'; + m = 0; + do { + c = lws_token_to_string(m); + if (!c) + break; + if (!(*c)) + break; + + len = lws_hdr_total_length(wsi, m); + if (!len || len > (int)sizeof(buf) - 1) { + m++; + continue; + } + + if (lws_hdr_copy(wsi, buf, + sizeof buf, m) > 0) { + buf[sizeof(buf) - 1] = '\0'; + + lwsl_notice(" %s = %s\n", + (const char *)c, buf); + } + m++; + } while (1); + + /* explicitly detach the ah */ + lws_header_table_detach(wsi, 0); + + /* ... and then drop the connection */ + + m = 0; + if (wsi->desc.sockfd == our_fd) { + m = timed_out; + + /* it was the guy we came to service! */ + timed_out = 1; + } + + if (!m) /* if he didn't already timeout */ + __lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "excessive ah"); + + ah = pt->http.ah_list; + } +#endif + lws_pt_unlock(pt); + +#if 0 + { + char s[300], *p = s; + + for (n = 0; n < context->count_threads; n++) + p += sprintf(p, " %7lu (%5d), ", + context->pt[n].count_conns, + context->pt[n].fds_count); + + lwsl_notice("load: %s\n", s); + } +#endif + /* + * Phase 3: vhost / protocol timer callbacks + */ + + wsi = NULL; + lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) { + struct lws_timed_vh_protocol *nx; + if (v->timed_vh_protocol_list) { + lws_start_foreach_ll(struct lws_timed_vh_protocol *, + q, v->timed_vh_protocol_list) { + if (now >= q->time) { + if (!wsi) + wsi = lws_zalloc(sizeof(*wsi), "cbwsi"); + wsi->context = context; + wsi->vhost = v; + wsi->protocol = q->protocol; + lwsl_debug("timed cb: vh %s, protocol %s, reason %d\n", v->name, q->protocol->name, q->reason); + q->protocol->callback(wsi, q->reason, NULL, NULL, 0); + nx = q->next; + lws_timed_callback_remove(v, q); + q = nx; + continue; /* we pointed ourselves to the next from the now-deleted guy */ + } + } lws_end_foreach_ll(q, next); + } + } lws_end_foreach_ll(v, vhost_next); + if (wsi) + lws_free(wsi); + + /* + * Phase 4: check for unconfigured vhosts due to required + * interface missing before + */ + + lws_context_lock(context); + lws_start_foreach_llp(struct lws_vhost **, pv, + context->no_listener_vhost_list) { + struct lws_vhost *v = *pv; + lwsl_debug("deferred iface: checking if on vh %s\n", (*pv)->name); + if (_lws_vhost_init_server(NULL, *pv) == 0) { + /* became happy */ + lwsl_notice("vh %s: became connected\n", v->name); + *pv = v->no_listener_vhost_list; + v->no_listener_vhost_list = NULL; + break; + } + } lws_end_foreach_llp(pv, no_listener_vhost_list); + lws_context_unlock(context); + + /* + * Phase 5: role periodic checks + */ +#if defined(LWS_ROLE_WS) + role_ops_ws.periodic_checks(context, tsi, now); +#endif +#if defined(LWS_ROLE_CGI) + role_ops_cgi.periodic_checks(context, tsi, now); +#endif + + /* + * Phase 6: check the remaining cert lifetime daily + */ + + if (context->tls_ops && + context->tls_ops->periodic_housekeeping) + context->tls_ops->periodic_housekeeping(context, now); + + return timed_out; +} + +LWS_VISIBLE int +lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, + int tsi) +{ + struct lws_context_per_thread *pt = &context->pt[tsi]; + struct lws *wsi; + + if (!context || context->being_destroyed1) + return -1; + + /* the socket we came to service timed out, nothing to do */ + if (lws_service_periodic_checks(context, pollfd, tsi) || !pollfd) + return 0; + + /* no, here to service a socket descriptor */ + wsi = wsi_from_fd(context, pollfd->fd); + if (!wsi) + /* not lws connection ... leave revents alone and return */ + return 0; + + /* + * so that caller can tell we handled, past here we need to + * zero down pollfd->revents after handling + */ + + /* handle session socket closed */ + + if ((!(pollfd->revents & pollfd->events & LWS_POLLIN)) && + (pollfd->revents & LWS_POLLHUP)) { + wsi->socket_is_permanently_unusable = 1; + lwsl_debug("Session Socket %p (fd=%d) dead\n", + (void *)wsi, pollfd->fd); + + goto close_and_handled; + } + +#ifdef _WIN32 + if (pollfd->revents & LWS_POLLOUT) + wsi->sock_send_blocking = FALSE; +#endif + + if ((!(pollfd->revents & pollfd->events & LWS_POLLIN)) && + (pollfd->revents & LWS_POLLHUP)) { + lwsl_debug("pollhup\n"); + wsi->socket_is_permanently_unusable = 1; + goto close_and_handled; + } + +#if defined(LWS_WITH_TLS) + if (lwsi_state(wsi) == LRS_SHUTDOWN && + lws_is_ssl(wsi) && wsi->tls.ssl) { + switch (__lws_tls_shutdown(wsi)) { + case LWS_SSL_CAPABLE_DONE: + case LWS_SSL_CAPABLE_ERROR: + goto close_and_handled; + + case LWS_SSL_CAPABLE_MORE_SERVICE_READ: + case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: + case LWS_SSL_CAPABLE_MORE_SERVICE: + goto handled; + } + } +#endif + wsi->could_have_pending = 0; /* clear back-to-back write detection */ + + /* okay, what we came here to do... */ + + /* if we got here, we should have wire protocol ops set on the wsi */ + assert(wsi->role_ops); + + // lwsl_notice("%s: %s: wsistate 0x%x\n", __func__, wsi->role_ops->name, + // wsi->wsistate); + + switch ((wsi->role_ops->handle_POLLIN)(pt, wsi, pollfd)) { + case LWS_HPI_RET_WSI_ALREADY_DIED: + return 1; + case LWS_HPI_RET_HANDLED: + break; + case LWS_HPI_RET_PLEASE_CLOSE_ME: +close_and_handled: + lwsl_debug("%p: Close and handled\n", wsi); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "close_and_handled"); +#if defined(_DEBUG) && defined(LWS_WITH_LIBUV) + /* + * confirm close has no problem being called again while + * it waits for libuv service to complete the first async + * close + */ + if (context->event_loop_ops == &event_loop_ops_uv) + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "close_and_handled uv repeat test"); +#endif + /* + * pollfd may point to something else after the close + * due to pollfd swapping scheme on delete on some platforms + * we can't clear revents now because it'd be the wrong guy's + * revents + */ + return 1; + default: + assert(0); + } +#if defined(LWS_WITH_TLS) +handled: +#endif + pollfd->revents = 0; + + lws_pt_lock(pt, __func__); + __lws_hrtimer_service(pt); + lws_pt_unlock(pt); + + return 0; +} + +LWS_VISIBLE int +lws_service_fd(struct lws_context *context, struct lws_pollfd *pollfd) +{ + return lws_service_fd_tsi(context, pollfd, 0); +} + +LWS_VISIBLE int +lws_service(struct lws_context *context, int timeout_ms) +{ + struct lws_context_per_thread *pt = &context->pt[0]; + int n; + + if (!context) + return 1; + + pt->inside_service = 1; + + if (context->event_loop_ops->run_pt) { + /* we are configured for an event loop */ + context->event_loop_ops->run_pt(context, 0); + + pt->inside_service = 0; + + return 1; + } + n = lws_plat_service(context, timeout_ms); + + pt->inside_service = 0; + + return n; +} + +LWS_VISIBLE int +lws_service_tsi(struct lws_context *context, int timeout_ms, int tsi) +{ + struct lws_context_per_thread *pt = &context->pt[tsi]; + int n; + + pt->inside_service = 1; + + if (context->event_loop_ops->run_pt) { + /* we are configured for an event loop */ + context->event_loop_ops->run_pt(context, tsi); + + pt->inside_service = 0; + + return 1; + } + + n = _lws_plat_service_tsi(context, timeout_ms, tsi); + + pt->inside_service = 0; + + return n; +} diff --git a/thirdparty/libwebsockets/event-libs/poll/poll.c b/thirdparty/libwebsockets/event-libs/poll/poll.c new file mode 100644 index 0000000000..09af5b15d8 --- /dev/null +++ b/thirdparty/libwebsockets/event-libs/poll/poll.c @@ -0,0 +1,43 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * This is included from core/private.h if LWS_ROLE_WS + */ + +#include + +struct lws_event_loop_ops event_loop_ops_poll = { + /* name */ "poll", + /* init_context */ NULL, + /* destroy_context1 */ NULL, + /* destroy_context2 */ NULL, + /* init_vhost_listen_wsi */ NULL, + /* init_pt */ NULL, + /* wsi_logical_close */ NULL, + /* check_client_connect_ok */ NULL, + /* close_handle_manually */ NULL, + /* accept */ NULL, + /* io */ NULL, + /* run */ NULL, + /* destroy_pt */ NULL, + /* destroy wsi */ NULL, + + /* periodic_events_available */ 1, +}; \ No newline at end of file diff --git a/thirdparty/libwebsockets/event-libs/poll/private.h b/thirdparty/libwebsockets/event-libs/poll/private.h new file mode 100644 index 0000000000..ca313ebfb0 --- /dev/null +++ b/thirdparty/libwebsockets/event-libs/poll/private.h @@ -0,0 +1,23 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + */ + +extern struct lws_event_loop_ops event_loop_ops_poll; diff --git a/thirdparty/libwebsockets/event-libs/private.h b/thirdparty/libwebsockets/event-libs/private.h new file mode 100644 index 0000000000..c36d39c8c2 --- /dev/null +++ b/thirdparty/libwebsockets/event-libs/private.h @@ -0,0 +1,74 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * This is included from core/private.h + */ + +struct lws_event_loop_ops { + const char *name; + /* event loop-specific context init during context creation */ + int (*init_context)(struct lws_context *context, + const struct lws_context_creation_info *info); + /* called during lws_destroy_context */ + int (*destroy_context1)(struct lws_context *context); + /* called during lws_destroy_context2 */ + int (*destroy_context2)(struct lws_context *context); + /* init vhost listening wsi */ + int (*init_vhost_listen_wsi)(struct lws *wsi); + /* init the event loop for a pt */ + int (*init_pt)(struct lws_context *context, void *_loop, int tsi); + /* called at end of first phase of close_free_wsi() */ + int (*wsi_logical_close)(struct lws *wsi); + /* return nonzero if client connect not allowed */ + int (*check_client_connect_ok)(struct lws *wsi); + /* close handle manually */ + void (*close_handle_manually)(struct lws *wsi); + /* event loop accept processing */ + void (*accept)(struct lws *wsi); + /* control wsi active events */ + void (*io)(struct lws *wsi, int flags); + /* run the event loop for a pt */ + void (*run_pt)(struct lws_context *context, int tsi); + /* called before pt is destroyed */ + void (*destroy_pt)(struct lws_context *context, int tsi); + /* called just before wsi is freed */ + void (*destroy_wsi)(struct lws *wsi); + + unsigned int periodic_events_available:1; +}; + +/* bring in event libs private declarations */ + +#if defined(LWS_WITH_POLL) +#include "event-libs/poll/private.h" +#endif + +#if defined(LWS_WITH_LIBUV) +#include "event-libs/libuv/private.h" +#endif + +#if defined(LWS_WITH_LIBEVENT) +#include "event-libs/libevent/private.h" +#endif + +#if defined(LWS_WITH_LIBEV) +#include "event-libs/libev/private.h" +#endif + diff --git a/thirdparty/libwebsockets/include/libwebsockets.h b/thirdparty/libwebsockets/include/libwebsockets.h deleted file mode 100644 index 7cc5c28b78..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets.h +++ /dev/null @@ -1,435 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -/** @file */ - -#ifndef LIBWEBSOCKET_H_3060898B846849FF9F88F5DB59B5950C -#define LIBWEBSOCKET_H_3060898B846849FF9F88F5DB59B5950C - -#ifdef __cplusplus -#include -#include - -extern "C" { -#else -#include -#endif - -#include -#include - -#include "lws_config.h" - -/* - * CARE: everything using cmake defines needs to be below here - */ - -#if defined(LWS_HAS_INTPTR_T) -#include -#define lws_intptr_t intptr_t -#else -typedef unsigned long long lws_intptr_t; -#endif - -#if defined(WIN32) || defined(_WIN32) -#ifndef WIN32_LEAN_AND_MEAN -#define WIN32_LEAN_AND_MEAN -#endif - -#include -#include -#include -#include -#include -#ifndef _WIN32_WCE -#include -#else -#define _O_RDONLY 0x0000 -#define O_RDONLY _O_RDONLY -#endif - -#define LWS_INLINE __inline -#define LWS_VISIBLE -#define LWS_WARN_UNUSED_RESULT -#define LWS_WARN_DEPRECATED -#define LWS_FORMAT(string_index) - -#if !defined(LWS_EXTERN) -#ifdef LWS_DLL -#ifdef LWS_INTERNAL -#define LWS_EXTERN extern __declspec(dllexport) -#else -#define LWS_EXTERN extern __declspec(dllimport) -#endif -#else -#define LWS_EXTERN -#endif -#endif - -#define LWS_INVALID_FILE INVALID_HANDLE_VALUE -#define LWS_O_RDONLY _O_RDONLY -#define LWS_O_WRONLY _O_WRONLY -#define LWS_O_CREAT _O_CREAT -#define LWS_O_TRUNC _O_TRUNC - -#ifndef __func__ -#define __func__ __FUNCTION__ -#endif - -#else /* NOT WIN32 */ -#include -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) -#include -#endif - -#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__QNX__) || defined(__OpenBSD__) -#include -#include -#endif - -#define LWS_INLINE inline -#define LWS_O_RDONLY O_RDONLY -#define LWS_O_WRONLY O_WRONLY -#define LWS_O_CREAT O_CREAT -#define LWS_O_TRUNC O_TRUNC - -#if !defined(LWS_PLAT_OPTEE) && !defined(OPTEE_TA) && !defined(LWS_WITH_ESP32) -#include -#include -#define LWS_INVALID_FILE -1 -#else -#define getdtablesize() (30) -#if defined(LWS_WITH_ESP32) -#define LWS_INVALID_FILE NULL -#else -#define LWS_INVALID_FILE NULL -#endif -#endif - -#if defined(__GNUC__) - -/* warn_unused_result attribute only supported by GCC 3.4 or later */ -#if __GNUC__ >= 4 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4) -#define LWS_WARN_UNUSED_RESULT __attribute__((warn_unused_result)) -#else -#define LWS_WARN_UNUSED_RESULT -#endif - -#define LWS_VISIBLE __attribute__((visibility("default"))) -#define LWS_WARN_DEPRECATED __attribute__ ((deprecated)) -#define LWS_FORMAT(string_index) __attribute__ ((format(printf, string_index, string_index+1))) -#else -#define LWS_VISIBLE -#define LWS_WARN_UNUSED_RESULT -#define LWS_WARN_DEPRECATED -#define LWS_FORMAT(string_index) -#endif - -#if defined(__ANDROID__) -#include -#include -#define getdtablesize() sysconf(_SC_OPEN_MAX) -#endif - -#endif - -#if defined(LWS_WITH_LIBEV) -#include -#endif /* LWS_WITH_LIBEV */ -#ifdef LWS_WITH_LIBUV -#include -#ifdef LWS_HAVE_UV_VERSION_H -#include -#endif -#ifdef LWS_HAVE_NEW_UV_VERSION_H -#include -#endif -#endif /* LWS_WITH_LIBUV */ -#if defined(LWS_WITH_LIBEVENT) -#include -#endif /* LWS_WITH_LIBEVENT */ - -#ifndef LWS_EXTERN -#define LWS_EXTERN extern -#endif - -#ifdef _WIN32 -#define random rand -#else -#if !defined(OPTEE_TA) -#include -#include -#endif -#endif - -#if defined(LWS_WITH_TLS) - -#ifdef USE_WOLFSSL -#ifdef USE_OLD_CYASSL -#ifdef _WIN32 -/* - * Include user-controlled settings for windows from - * /IDE/WIN/user_settings.h - */ -#include -#include -#else -#include -#endif -#include -#include - -#else -#ifdef _WIN32 -/* - * Include user-controlled settings for windows from - * /IDE/WIN/user_settings.h - */ -#include -#include -#else -#include -#endif -#include -#include -#endif /* not USE_OLD_CYASSL */ -#else -#if defined(LWS_WITH_MBEDTLS) -#if defined(LWS_WITH_ESP32) -/* this filepath is passed to us but without quotes or <> */ -#undef MBEDTLS_CONFIG_FILE -#define MBEDTLS_CONFIG_FILE -#endif -#include -#else -#include -#if !defined(LWS_WITH_MBEDTLS) -#include -#endif -#endif -#endif /* not USE_WOLFSSL */ -#endif - -/* - * Helpers for pthread mutex in user code... if lws is built for - * multiple service threads, these resolve to pthread mutex - * operations. In the case LWS_MAX_SMP is 1 (the default), they - * are all NOPs and no pthread type or api is referenced. - */ - -#if LWS_MAX_SMP > 1 - -#include - -#define lws_pthread_mutex(name) pthread_mutex_t name; - -static LWS_INLINE void -lws_pthread_mutex_init(pthread_mutex_t *lock) -{ - pthread_mutex_init(lock, NULL); -} - -static LWS_INLINE void -lws_pthread_mutex_destroy(pthread_mutex_t *lock) -{ - pthread_mutex_destroy(lock); -} - -static LWS_INLINE void -lws_pthread_mutex_lock(pthread_mutex_t *lock) -{ - pthread_mutex_lock(lock); -} - -static LWS_INLINE void -lws_pthread_mutex_unlock(pthread_mutex_t *lock) -{ - pthread_mutex_unlock(lock); -} - -#else -#define lws_pthread_mutex(name) -#define lws_pthread_mutex_init(_a) -#define lws_pthread_mutex_destroy(_a) -#define lws_pthread_mutex_lock(_a) -#define lws_pthread_mutex_unlock(_a) -#endif - - -#define CONTEXT_PORT_NO_LISTEN -1 -#define CONTEXT_PORT_NO_LISTEN_SERVER -2 - -#include - - -#include - -#ifndef lws_container_of -#define lws_container_of(P,T,M) ((T *)((char *)(P) - offsetof(T, M))) -#endif - -struct lws; - -typedef int64_t lws_usec_t; - -/* api change list for user code to test against */ - -#define LWS_FEATURE_SERVE_HTTP_FILE_HAS_OTHER_HEADERS_ARG - -/* the struct lws_protocols has the id field present */ -#define LWS_FEATURE_PROTOCOLS_HAS_ID_FIELD - -/* you can call lws_get_peer_write_allowance */ -#define LWS_FEATURE_PROTOCOLS_HAS_PEER_WRITE_ALLOWANCE - -/* extra parameter introduced in 917f43ab821 */ -#define LWS_FEATURE_SERVE_HTTP_FILE_HAS_OTHER_HEADERS_LEN - -/* File operations stuff exists */ -#define LWS_FEATURE_FOPS - - -#if defined(_WIN32) -#if !defined(LWS_WIN32_HANDLE_TYPES) -typedef SOCKET lws_sockfd_type; -typedef HANDLE lws_filefd_type; -#endif - -struct lws_pollfd { - lws_sockfd_type fd; /**< file descriptor */ - SHORT events; /**< which events to respond to */ - SHORT revents; /**< which events happened */ -}; -#define LWS_POLLHUP (FD_CLOSE) -#define LWS_POLLIN (FD_READ | FD_ACCEPT) -#define LWS_POLLOUT (FD_WRITE) -#else - - -#if defined(LWS_WITH_ESP32) -#include -#else -typedef int lws_sockfd_type; -typedef int lws_filefd_type; -#endif - -#define lws_pollfd pollfd -#define LWS_POLLHUP (POLLHUP|POLLERR) -#define LWS_POLLIN (POLLIN) -#define LWS_POLLOUT (POLLOUT) -#endif - - -#if (defined(WIN32) || defined(_WIN32)) && !defined(__MINGW32__) -/* ... */ -#define ssize_t SSIZE_T -#endif - -#if defined(WIN32) && defined(LWS_HAVE__STAT32I64) -#include -#include -#endif - -#if defined(LWS_HAVE_STDINT_H) -#include -#else -#if defined(WIN32) || defined(_WIN32) -/* !!! >:-[ */ -typedef unsigned __int32 uint32_t; -typedef unsigned __int16 uint16_t; -typedef unsigned __int8 uint8_t; -#else -typedef unsigned int uint32_t; -typedef unsigned short uint16_t; -typedef unsigned char uint8_t; -#endif -#endif - -typedef unsigned long long lws_filepos_t; -typedef long long lws_fileofs_t; -typedef uint32_t lws_fop_flags_t; - -/** struct lws_pollargs - argument structure for all external poll related calls - * passed in via 'in' */ -struct lws_pollargs { - lws_sockfd_type fd; /**< applicable socket descriptor */ - int events; /**< the new event mask */ - int prev_events; /**< the previous event mask */ -}; - -struct lws_extension; /* needed even with ws exts disabled for create context */ -struct lws_token_limits; -struct lws_context; -struct lws_tokens; -struct lws_vhost; -struct lws; - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#if defined(LWS_WITH_TLS) - -#if defined(LWS_WITH_MBEDTLS) -#include -#include -#include -#endif - -#include -#include -#include -#include - -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-adopt.h b/thirdparty/libwebsockets/include/libwebsockets/lws-adopt.h deleted file mode 100644 index 256e3f9fdf..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-adopt.h +++ /dev/null @@ -1,185 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup sock-adopt Socket adoption helpers - * ##Socket adoption helpers - * - * When integrating with an external app with its own event loop, these can - * be used to accept connections from someone else's listening socket. - * - * When using lws own event loop, these are not needed. - */ -///@{ - -/** - * lws_adopt_socket() - adopt foreign socket as if listen socket accepted it - * for the default vhost of context. - * - * \param context: lws context - * \param accept_fd: fd of already-accepted socket to adopt - * - * Either returns new wsi bound to accept_fd, or closes accept_fd and - * returns NULL, having cleaned up any new wsi pieces. - * - * LWS adopts the socket in http serving mode, it's ready to accept an upgrade - * to ws or just serve http. - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd); -/** - * lws_adopt_socket_vhost() - adopt foreign socket as if listen socket accepted - * it for vhost - * - * \param vh: lws vhost - * \param accept_fd: fd of already-accepted socket to adopt - * - * Either returns new wsi bound to accept_fd, or closes accept_fd and - * returns NULL, having cleaned up any new wsi pieces. - * - * LWS adopts the socket in http serving mode, it's ready to accept an upgrade - * to ws or just serve http. - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd); - -typedef enum { - LWS_ADOPT_RAW_FILE_DESC = 0, /* convenience constant */ - LWS_ADOPT_HTTP = 1, /* flag: absent implies RAW */ - LWS_ADOPT_SOCKET = 2, /* flag: absent implies file descr */ - LWS_ADOPT_ALLOW_SSL = 4, /* flag: if set requires LWS_ADOPT_SOCKET */ - LWS_ADOPT_FLAG_UDP = 16, /* flag: socket is UDP */ - - LWS_ADOPT_RAW_SOCKET_UDP = LWS_ADOPT_SOCKET | LWS_ADOPT_FLAG_UDP, -} lws_adoption_type; - -typedef union { - lws_sockfd_type sockfd; - lws_filefd_type filefd; -} lws_sock_file_fd_type; - -#if !defined(LWS_WITH_ESP32) -struct lws_udp { - struct sockaddr sa; - socklen_t salen; - - struct sockaddr sa_pending; - socklen_t salen_pending; -}; -#endif - -/* -* lws_adopt_descriptor_vhost() - adopt foreign socket or file descriptor -* if socket descriptor, should already have been accepted from listen socket -* -* \param vhost: lws vhost -* \param type: OR-ed combinations of lws_adoption_type flags -* \param fd: union with either .sockfd or .filefd set -* \param vh_prot_name: NULL or vh protocol name to bind raw connection to -* \param parent: NULL or struct lws to attach new_wsi to as a child -* -* Either returns new wsi bound to accept_fd, or closes accept_fd and -* returns NULL, having cleaned up any new wsi pieces. -* -* If LWS_ADOPT_SOCKET is set, LWS adopts the socket in http serving mode, it's -* ready to accept an upgrade to ws or just serve http. -* -* parent may be NULL, if given it should be an existing wsi that will become the -* parent of the new wsi created by this call. -*/ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type, - lws_sock_file_fd_type fd, const char *vh_prot_name, - struct lws *parent); - -/** - * lws_adopt_socket_readbuf() - adopt foreign socket and first rx as if listen socket accepted it - * for the default vhost of context. - * \param context: lws context - * \param accept_fd: fd of already-accepted socket to adopt - * \param readbuf: NULL or pointer to data that must be drained before reading from - * accept_fd - * \param len: The length of the data held at \param readbuf - * - * Either returns new wsi bound to accept_fd, or closes accept_fd and - * returns NULL, having cleaned up any new wsi pieces. - * - * LWS adopts the socket in http serving mode, it's ready to accept an upgrade - * to ws or just serve http. - * - * If your external code did not already read from the socket, you can use - * lws_adopt_socket() instead. - * - * This api is guaranteed to use the data at \param readbuf first, before reading from - * the socket. - * - * readbuf is limited to the size of the ah rx buf, currently 2048 bytes. - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd, - const char *readbuf, size_t len); -/** - * lws_adopt_socket_vhost_readbuf() - adopt foreign socket and first rx as if listen socket - * accepted it for vhost. - * \param vhost: lws vhost - * \param accept_fd: fd of already-accepted socket to adopt - * \param readbuf: NULL or pointer to data that must be drained before - * reading from accept_fd - * \param len: The length of the data held at \param readbuf - * - * Either returns new wsi bound to accept_fd, or closes accept_fd and - * returns NULL, having cleaned up any new wsi pieces. - * - * LWS adopts the socket in http serving mode, it's ready to accept an upgrade - * to ws or just serve http. - * - * If your external code did not already read from the socket, you can use - * lws_adopt_socket() instead. - * - * This api is guaranteed to use the data at \param readbuf first, before reading from - * the socket. - * - * readbuf is limited to the size of the ah rx buf, currently 2048 bytes. - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost, - lws_sockfd_type accept_fd, const char *readbuf, - size_t len); - -#define LWS_CAUDP_BIND 1 - -/** - * lws_create_adopt_udp() - create, bind and adopt a UDP socket - * - * \param vhost: lws vhost - * \param port: UDP port to bind to, -1 means unbound - * \param flags: 0 or LWS_CAUDP_NO_BIND - * \param protocol_name: Name of protocol on vhost to bind wsi to - * \param parent_wsi: NULL or parent wsi new wsi will be a child of - * - * Either returns new wsi bound to accept_fd, or closes accept_fd and - * returns NULL, having cleaned up any new wsi pieces. - * */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_create_adopt_udp(struct lws_vhost *vhost, int port, int flags, - const char *protocol_name, struct lws *parent_wsi); -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-callbacks.h b/thirdparty/libwebsockets/include/libwebsockets/lws-callbacks.h deleted file mode 100644 index 8b49218e9c..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-callbacks.h +++ /dev/null @@ -1,807 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup usercb User Callback - * - * ##User protocol callback - * - * The protocol callback is the primary way lws interacts with - * user code. For one of a list of a few dozen reasons the callback gets - * called at some event to be handled. - * - * All of the events can be ignored, returning 0 is taken as "OK" and returning - * nonzero in most cases indicates that the connection should be closed. - */ -///@{ - -struct lws_ssl_info { - int where; - int ret; -}; - -enum lws_cert_update_state { - LWS_CUS_IDLE, - LWS_CUS_STARTING, - LWS_CUS_SUCCESS, - LWS_CUS_FAILED, - - LWS_CUS_CREATE_KEYS, - LWS_CUS_REG, - LWS_CUS_AUTH, - LWS_CUS_CHALLENGE, - LWS_CUS_CREATE_REQ, - LWS_CUS_REQ, - LWS_CUS_CONFIRM, - LWS_CUS_ISSUE, -}; - -enum { - LWS_TLS_REQ_ELEMENT_COUNTRY, - LWS_TLS_REQ_ELEMENT_STATE, - LWS_TLS_REQ_ELEMENT_LOCALITY, - LWS_TLS_REQ_ELEMENT_ORGANIZATION, - LWS_TLS_REQ_ELEMENT_COMMON_NAME, - LWS_TLS_REQ_ELEMENT_EMAIL, - - LWS_TLS_REQ_ELEMENT_COUNT, - - LWS_TLS_SET_DIR_URL = LWS_TLS_REQ_ELEMENT_COUNT, - LWS_TLS_SET_AUTH_PATH, - LWS_TLS_SET_CERT_PATH, - LWS_TLS_SET_KEY_PATH, - - LWS_TLS_TOTAL_COUNT -}; - -struct lws_acme_cert_aging_args { - struct lws_vhost *vh; - const char *element_overrides[LWS_TLS_TOTAL_COUNT]; /* NULL = use pvo */ -}; - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -/** enum lws_callback_reasons - reason you're getting a protocol callback */ -enum lws_callback_reasons { - - /* --------------------------------------------------------------------- - * ----- Callbacks related to wsi and protocol binding lifecycle ----- - */ - - LWS_CALLBACK_PROTOCOL_INIT = 27, - /**< One-time call per protocol, per-vhost using it, so it can - * do initial setup / allocations etc */ - - LWS_CALLBACK_PROTOCOL_DESTROY = 28, - /**< One-time call per protocol, per-vhost using it, indicating - * this protocol won't get used at all after this callback, the - * vhost is getting destroyed. Take the opportunity to - * deallocate everything that was allocated by the protocol. */ - - LWS_CALLBACK_WSI_CREATE = 29, - /**< outermost (earliest) wsi create notification to protocols[0] */ - - LWS_CALLBACK_WSI_DESTROY = 30, - /**< outermost (latest) wsi destroy notification to protocols[0] */ - - - /* --------------------------------------------------------------------- - * ----- Callbacks related to Server TLS ----- - */ - - LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS = 21, - /**< if configured for - * including OpenSSL support, this callback allows your user code - * to perform extra SSL_CTX_load_verify_locations() or similar - * calls to direct OpenSSL where to find certificates the client - * can use to confirm the remote server identity. user is the - * OpenSSL SSL_CTX* */ - - LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS = 22, - /**< if configured for - * including OpenSSL support, this callback allows your user code - * to load extra certificates into the server which allow it to - * verify the validity of certificates returned by clients. user - * is the server's OpenSSL SSL_CTX* and in is the lws_vhost */ - - LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION = 23, - /**< if the libwebsockets vhost was created with the option - * LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT, then this - * callback is generated during OpenSSL verification of the cert - * sent from the client. It is sent to protocol[0] callback as - * no protocol has been negotiated on the connection yet. - * Notice that the libwebsockets context and wsi are both NULL - * during this callback. See - * http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html - * to understand more detail about the OpenSSL callback that - * generates this libwebsockets callback and the meanings of the - * arguments passed. In this callback, user is the x509_ctx, - * in is the ssl pointer and len is preverify_ok - * Notice that this callback maintains libwebsocket return - * conventions, return 0 to mean the cert is OK or 1 to fail it. - * This also means that if you don't handle this callback then - * the default callback action of returning 0 allows the client - * certificates. */ - - LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY = 37, - /**< if configured for including OpenSSL support but no private key - * file has been specified (ssl_private_key_filepath is NULL), this is - * called to allow the user to set the private key directly via - * libopenssl and perform further operations if required; this might be - * useful in situations where the private key is not directly accessible - * by the OS, for example if it is stored on a smartcard. - * user is the server's OpenSSL SSL_CTX* */ - - LWS_CALLBACK_SSL_INFO = 67, - /**< SSL connections only. An event you registered an - * interest in at the vhost has occurred on a connection - * using the vhost. in is a pointer to a - * struct lws_ssl_info containing information about the - * event*/ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to Client TLS ----- - */ - - LWS_CALLBACK_OPENSSL_PERFORM_SERVER_CERT_VERIFICATION = 58, - /**< Similar to LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION - * this callback is called during OpenSSL verification of the cert - * sent from the server to the client. It is sent to protocol[0] - * callback as no protocol has been negotiated on the connection yet. - * Notice that the wsi is set because lws_client_connect_via_info was - * successful. - * - * See http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html - * to understand more detail about the OpenSSL callback that - * generates this libwebsockets callback and the meanings of the - * arguments passed. In this callback, user is the x509_ctx, - * in is the ssl pointer and len is preverify_ok. - * - * THIS IS NOT RECOMMENDED BUT if a cert validation error shall be - * overruled and cert shall be accepted as ok, - * X509_STORE_CTX_set_error((X509_STORE_CTX*)user, X509_V_OK); must be - * called and return value must be 0 to mean the cert is OK; - * returning 1 will fail the cert in any case. - * - * This also means that if you don't handle this callback then - * the default callback action of returning 0 will not accept the - * certificate in case of a validation error decided by the SSL lib. - * - * This is expected and secure behaviour when validating certificates. - * - * Note: LCCSCF_ALLOW_SELFSIGNED and - * LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK still work without this - * callback being implemented. - */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to HTTP Server ----- - */ - - LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED = 19, - /**< A new client has been accepted by the ws server. This - * callback allows setting any relevant property to it. Because this - * happens immediately after the instantiation of a new client, - * there's no websocket protocol selected yet so this callback is - * issued only to protocol 0. Only wsi is defined, pointing to the - * new client, and the return value is ignored. */ - - LWS_CALLBACK_HTTP = 12, - /**< an http request has come from a client that is not - * asking to upgrade the connection to a websocket - * one. This is a chance to serve http content, - * for example, to send a script to the client - * which will then open the websockets connection. - * in points to the URI path requested and - * lws_serve_http_file() makes it very - * simple to send back a file to the client. - * Normally after sending the file you are done - * with the http connection, since the rest of the - * activity will come by websockets from the script - * that was delivered by http, so you will want to - * return 1; to close and free up the connection. */ - - LWS_CALLBACK_HTTP_BODY = 13, - /**< the next len bytes data from the http - * request body HTTP connection is now available in in. */ - - LWS_CALLBACK_HTTP_BODY_COMPLETION = 14, - /**< the expected amount of http request body has been delivered */ - - LWS_CALLBACK_HTTP_FILE_COMPLETION = 15, - /**< a file requested to be sent down http link has completed. */ - - LWS_CALLBACK_HTTP_WRITEABLE = 16, - /**< you can write more down the http protocol link now. */ - - LWS_CALLBACK_CLOSED_HTTP = 5, - /**< when a HTTP (non-websocket) session ends */ - - LWS_CALLBACK_FILTER_HTTP_CONNECTION = 18, - /**< called when the request has - * been received and parsed from the client, but the response is - * not sent yet. Return non-zero to disallow the connection. - * user is a pointer to the connection user space allocation, - * in is the URI, eg, "/" - * In your handler you can use the public APIs - * lws_hdr_total_length() / lws_hdr_copy() to access all of the - * headers using the header enums lws_token_indexes from - * libwebsockets.h to check for and read the supported header - * presence and content before deciding to allow the http - * connection to proceed or to kill the connection. */ - - LWS_CALLBACK_ADD_HEADERS = 53, - /**< This gives your user code a chance to add headers to a server - * transaction bound to your protocol. `in` points to a - * `struct lws_process_html_args` describing a buffer and length - * you can add headers into using the normal lws apis. - * - * (see LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER to add headers to - * a client transaction) - * - * Only `args->p` and `args->len` are valid, and `args->p` should - * be moved on by the amount of bytes written, if any. Eg - * - * case LWS_CALLBACK_ADD_HEADERS: - * - * struct lws_process_html_args *args = - * (struct lws_process_html_args *)in; - * - * if (lws_add_http_header_by_name(wsi, - * (unsigned char *)"set-cookie:", - * (unsigned char *)cookie, cookie_len, - * (unsigned char **)&args->p, - * (unsigned char *)args->p + args->max_len)) - * return 1; - * - * break; - */ - - LWS_CALLBACK_CHECK_ACCESS_RIGHTS = 51, - /**< This gives the user code a chance to forbid an http access. - * `in` points to a `struct lws_process_html_args`, which - * describes the URL, and a bit mask describing the type of - * authentication required. If the callback returns nonzero, - * the transaction ends with HTTP_STATUS_UNAUTHORIZED. */ - - LWS_CALLBACK_PROCESS_HTML = 52, - /**< This gives your user code a chance to mangle outgoing - * HTML. `in` points to a `struct lws_process_html_args` - * which describes the buffer containing outgoing HTML. - * The buffer may grow up to `.max_len` (currently +128 - * bytes per buffer). - */ - - LWS_CALLBACK_HTTP_BIND_PROTOCOL = 49, - /**< By default, all HTTP handling is done in protocols[0]. - * However you can bind different protocols (by name) to - * different parts of the URL space using callback mounts. This - * callback occurs in the new protocol when a wsi is bound - * to that protocol. Any protocol allocation related to the - * http transaction processing should be created then. - * These specific callbacks are necessary because with HTTP/1.1, - * a single connection may perform at series of different - * transactions at different URLs, thus the lifetime of the - * protocol bind is just for one transaction, not connection. */ - - LWS_CALLBACK_HTTP_DROP_PROTOCOL = 50, - /**< This is called when a transaction is unbound from a protocol. - * It indicates the connection completed its transaction and may - * do something different now. Any protocol allocation related - * to the http transaction processing should be destroyed. */ - - LWS_CALLBACK_HTTP_CONFIRM_UPGRADE = 86, - /**< This is your chance to reject an HTTP upgrade action. The - * name of the protocol being upgraded to is in 'in', and the ah - * is still bound to the wsi, so you can look at the headers. - * - * The default of returning 0 (ie, also if not handled) means the - * upgrade may proceed. Return <0 to just hang up the connection, - * or >0 if you have rejected the connection by returning http headers - * and response code yourself. - * - * There is no need for you to call transaction_completed() as the - * caller will take care of it when it sees you returned >0. - */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to HTTP Client ----- - */ - - LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP = 44, - /**< The HTTP client connection has succeeded, and is now - * connected to the server */ - - LWS_CALLBACK_CLOSED_CLIENT_HTTP = 45, - /**< The HTTP client connection is closing */ - - LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ = 48, - /**< This is generated by lws_http_client_read() used to drain - * incoming data. In the case the incoming data was chunked, it will - * be split into multiple smaller callbacks for each chunk block, - * removing the chunk headers. If not chunked, it will appear all in - * one callback. */ - - LWS_CALLBACK_RECEIVE_CLIENT_HTTP = 46, - /**< This simply indicates data was received on the HTTP client - * connection. It does NOT drain or provide the data. - * This exists to neatly allow a proxying type situation, - * where this incoming data will go out on another connection. - * If the outgoing connection stalls, we should stall processing - * the incoming data. So a handler for this in that case should - * simply set a flag to indicate there is incoming data ready - * and ask for a writeable callback on the outgoing connection. - * In the writable callback he can check the flag and then get - * and drain the waiting incoming data using lws_http_client_read(). - * This will use callbacks to LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ - * to get and drain the incoming data, where it should be sent - * back out on the outgoing connection. */ - LWS_CALLBACK_COMPLETED_CLIENT_HTTP = 47, - /**< The client transaction completed... at the moment this - * is the same as closing since transaction pipelining on - * client side is not yet supported. */ - - LWS_CALLBACK_CLIENT_HTTP_WRITEABLE = 57, - /**< when doing an HTTP type client connection, you can call - * lws_client_http_body_pending(wsi, 1) from - * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER to get these callbacks - * sending the HTTP headers. - * - * From this callback, when you have sent everything, you should let - * lws know by calling lws_client_http_body_pending(wsi, 0) - */ - - LWS_CALLBACK_CLIENT_HTTP_BIND_PROTOCOL = 85, - LWS_CALLBACK_CLIENT_HTTP_DROP_PROTOCOL = 76, - - /* --------------------------------------------------------------------- - * ----- Callbacks related to Websocket Server ----- - */ - - LWS_CALLBACK_ESTABLISHED = 0, - /**< (VH) after the server completes a handshake with an incoming - * client. If you built the library with ssl support, in is a - * pointer to the ssl struct associated with the connection or NULL. - * - * b0 of len is set if the connection was made using ws-over-h2 - */ - - LWS_CALLBACK_CLOSED = 4, - /**< when the websocket session ends */ - - LWS_CALLBACK_SERVER_WRITEABLE = 11, - /**< See LWS_CALLBACK_CLIENT_WRITEABLE */ - - LWS_CALLBACK_RECEIVE = 6, - /**< data has appeared for this server endpoint from a - * remote client, it can be found at *in and is - * len bytes long */ - - LWS_CALLBACK_RECEIVE_PONG = 7, - /**< servers receive PONG packets with this callback reason */ - - LWS_CALLBACK_WS_PEER_INITIATED_CLOSE = 38, - /**< The peer has sent an unsolicited Close WS packet. in and - * len are the optional close code (first 2 bytes, network - * order) and the optional additional information which is not - * defined in the standard, and may be a string or non human-readable - * data. - * If you return 0 lws will echo the close and then close the - * connection. If you return nonzero lws will just close the - * connection. */ - - LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION = 20, - /**< called when the handshake has - * been received and parsed from the client, but the response is - * not sent yet. Return non-zero to disallow the connection. - * user is a pointer to the connection user space allocation, - * in is the requested protocol name - * In your handler you can use the public APIs - * lws_hdr_total_length() / lws_hdr_copy() to access all of the - * headers using the header enums lws_token_indexes from - * libwebsockets.h to check for and read the supported header - * presence and content before deciding to allow the handshake - * to proceed or to kill the connection. */ - - LWS_CALLBACK_CONFIRM_EXTENSION_OKAY = 25, - /**< When the server handshake code - * sees that it does support a requested extension, before - * accepting the extension by additing to the list sent back to - * the client it gives this callback just to check that it's okay - * to use that extension. It calls back to the requested protocol - * and with in being the extension name, len is 0 and user is - * valid. Note though at this time the ESTABLISHED callback hasn't - * happened yet so if you initialize user content there, user - * content during this callback might not be useful for anything. */ - - LWS_CALLBACK_WS_SERVER_BIND_PROTOCOL = 77, - LWS_CALLBACK_WS_SERVER_DROP_PROTOCOL = 78, - - /* --------------------------------------------------------------------- - * ----- Callbacks related to Websocket Client ----- - */ - - LWS_CALLBACK_CLIENT_CONNECTION_ERROR = 1, - /**< the request client connection has been unable to complete a - * handshake with the remote server. If in is non-NULL, you can - * find an error string of length len where it points to - * - * Diagnostic strings that may be returned include - * - * "getaddrinfo (ipv6) failed" - * "unknown address family" - * "getaddrinfo (ipv4) failed" - * "set socket opts failed" - * "insert wsi failed" - * "lws_ssl_client_connect1 failed" - * "lws_ssl_client_connect2 failed" - * "Peer hung up" - * "read failed" - * "HS: URI missing" - * "HS: Redirect code but no Location" - * "HS: URI did not parse" - * "HS: Redirect failed" - * "HS: Server did not return 200" - * "HS: OOM" - * "HS: disallowed by client filter" - * "HS: disallowed at ESTABLISHED" - * "HS: ACCEPT missing" - * "HS: ws upgrade response not 101" - * "HS: UPGRADE missing" - * "HS: Upgrade to something other than websocket" - * "HS: CONNECTION missing" - * "HS: UPGRADE malformed" - * "HS: PROTOCOL malformed" - * "HS: Cannot match protocol" - * "HS: EXT: list too big" - * "HS: EXT: failed setting defaults" - * "HS: EXT: failed parsing defaults" - * "HS: EXT: failed parsing options" - * "HS: EXT: Rejects server options" - * "HS: EXT: unknown ext" - * "HS: Accept hash wrong" - * "HS: Rejected by filter cb" - * "HS: OOM" - * "HS: SO_SNDBUF failed" - * "HS: Rejected at CLIENT_ESTABLISHED" - */ - - LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH = 2, - /**< this is the last chance for the client user code to examine the - * http headers and decide to reject the connection. If the - * content in the headers is interesting to the - * client (url, etc) it needs to copy it out at - * this point since it will be destroyed before - * the CLIENT_ESTABLISHED call */ - - LWS_CALLBACK_CLIENT_ESTABLISHED = 3, - /**< after your client connection completed the websocket upgrade - * handshake with the remote server */ - - LWS_CALLBACK_CLIENT_CLOSED = 75, - /**< when a client websocket session ends */ - - LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER = 24, - /**< this callback happens - * when a client handshake is being compiled. user is NULL, - * in is a char **, it's pointing to a char * which holds the - * next location in the header buffer where you can add - * headers, and len is the remaining space in the header buffer, - * which is typically some hundreds of bytes. So, to add a canned - * cookie, your handler code might look similar to: - * - * char **p = (char **)in, *end = (*p) + len; - * - * if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_COOKIE, - * (unsigned char)"a=b", 3, p, end)) - * return -1; - * - * See LWS_CALLBACK_ADD_HEADERS for adding headers to server - * transactions. - */ - - LWS_CALLBACK_CLIENT_RECEIVE = 8, - /**< data has appeared from the server for the client connection, it - * can be found at *in and is len bytes long */ - - LWS_CALLBACK_CLIENT_RECEIVE_PONG = 9, - /**< clients receive PONG packets with this callback reason */ - - LWS_CALLBACK_CLIENT_WRITEABLE = 10, - /**< If you call lws_callback_on_writable() on a connection, you will - * get one of these callbacks coming when the connection socket - * is able to accept another write packet without blocking. - * If it already was able to take another packet without blocking, - * you'll get this callback at the next call to the service loop - * function. Notice that CLIENTs get LWS_CALLBACK_CLIENT_WRITEABLE - * and servers get LWS_CALLBACK_SERVER_WRITEABLE. */ - - LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED = 26, - /**< When a ws client - * connection is being prepared to start a handshake to a server, - * each supported extension is checked with protocols[0] callback - * with this reason, giving the user code a chance to suppress the - * claim to support that extension by returning non-zero. If - * unhandled, by default 0 will be returned and the extension - * support included in the header to the server. Notice this - * callback comes to protocols[0]. */ - - LWS_CALLBACK_WS_EXT_DEFAULTS = 39, - /**< Gives client connections an opportunity to adjust negotiated - * extension defaults. `user` is the extension name that was - * negotiated (eg, "permessage-deflate"). `in` points to a - * buffer and `len` is the buffer size. The user callback can - * set the buffer to a string describing options the extension - * should parse. Or just ignore for defaults. */ - - - LWS_CALLBACK_FILTER_NETWORK_CONNECTION = 17, - /**< called when a client connects to - * the server at network level; the connection is accepted but then - * passed to this callback to decide whether to hang up immediately - * or not, based on the client IP. in contains the connection - * socket's descriptor. Since the client connection information is - * not available yet, wsi still pointing to the main server socket. - * Return non-zero to terminate the connection before sending or - * receiving anything. Because this happens immediately after the - * network connection from the client, there's no websocket protocol - * selected yet so this callback is issued only to protocol 0. */ - - LWS_CALLBACK_WS_CLIENT_BIND_PROTOCOL = 79, - LWS_CALLBACK_WS_CLIENT_DROP_PROTOCOL = 80, - - /* --------------------------------------------------------------------- - * ----- Callbacks related to external poll loop integration ----- - */ - - LWS_CALLBACK_GET_THREAD_ID = 31, - /**< lws can accept callback when writable requests from other - * threads, if you implement this callback and return an opaque - * current thread ID integer. */ - - /* external poll() management support */ - LWS_CALLBACK_ADD_POLL_FD = 32, - /**< lws normally deals with its poll() or other event loop - * internally, but in the case you are integrating with another - * server you will need to have lws sockets share a - * polling array with the other server. This and the other - * POLL_FD related callbacks let you put your specialized - * poll array interface code in the callback for protocol 0, the - * first protocol you support, usually the HTTP protocol in the - * serving case. - * This callback happens when a socket needs to be - * added to the polling loop: in points to a struct - * lws_pollargs; the fd member of the struct is the file - * descriptor, and events contains the active events - * - * If you are using the internal lws polling / event loop - * you can just ignore these callbacks. */ - - LWS_CALLBACK_DEL_POLL_FD = 33, - /**< This callback happens when a socket descriptor - * needs to be removed from an external polling array. in is - * again the struct lws_pollargs containing the fd member - * to be removed. If you are using the internal polling - * loop, you can just ignore it. */ - - LWS_CALLBACK_CHANGE_MODE_POLL_FD = 34, - /**< This callback happens when lws wants to modify the events for - * a connection. - * in is the struct lws_pollargs with the fd to change. - * The new event mask is in events member and the old mask is in - * the prev_events member. - * If you are using the internal polling loop, you can just ignore - * it. */ - - LWS_CALLBACK_LOCK_POLL = 35, - /**< These allow the external poll changes driven - * by lws to participate in an external thread locking - * scheme around the changes, so the whole thing is threadsafe. - * These are called around three activities in the library, - * - inserting a new wsi in the wsi / fd table (len=1) - * - deleting a wsi from the wsi / fd table (len=1) - * - changing a wsi's POLLIN/OUT state (len=0) - * Locking and unlocking external synchronization objects when - * len == 1 allows external threads to be synchronized against - * wsi lifecycle changes if it acquires the same lock for the - * duration of wsi dereference from the other thread context. */ - - LWS_CALLBACK_UNLOCK_POLL = 36, - /**< See LWS_CALLBACK_LOCK_POLL, ignore if using lws internal poll */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to CGI serving ----- - */ - - LWS_CALLBACK_CGI = 40, - /**< CGI: CGI IO events on stdin / out / err are sent here on - * protocols[0]. The provided `lws_callback_http_dummy()` - * handles this and the callback should be directed there if - * you use CGI. */ - - LWS_CALLBACK_CGI_TERMINATED = 41, - /**< CGI: The related CGI process ended, this is called before - * the wsi is closed. Used to, eg, terminate chunking. - * The provided `lws_callback_http_dummy()` - * handles this and the callback should be directed there if - * you use CGI. The child PID that terminated is in len. */ - - LWS_CALLBACK_CGI_STDIN_DATA = 42, - /**< CGI: Data is, to be sent to the CGI process stdin, eg from - * a POST body. The provided `lws_callback_http_dummy()` - * handles this and the callback should be directed there if - * you use CGI. */ - - LWS_CALLBACK_CGI_STDIN_COMPLETED = 43, - /**< CGI: no more stdin is coming. The provided - * `lws_callback_http_dummy()` handles this and the callback - * should be directed there if you use CGI. */ - - LWS_CALLBACK_CGI_PROCESS_ATTACH = 70, - /**< CGI: Sent when the CGI process is spawned for the wsi. The - * len parameter is the PID of the child process */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to Generic Sessions ----- - */ - - LWS_CALLBACK_SESSION_INFO = 54, - /**< This is only generated by user code using generic sessions. - * It's used to get a `struct lws_session_info` filled in by - * generic sessions with information about the logged-in user. - * See the messageboard sample for an example of how to use. */ - - LWS_CALLBACK_GS_EVENT = 55, - /**< Indicates an event happened to the Generic Sessions session. - * `in` contains a `struct lws_gs_event_args` describing the event. */ - - LWS_CALLBACK_HTTP_PMO = 56, - /**< per-mount options for this connection, called before - * the normal LWS_CALLBACK_HTTP when the mount has per-mount - * options. - */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to RAW sockets ----- - */ - - LWS_CALLBACK_RAW_RX = 59, - /**< RAW mode connection RX */ - - LWS_CALLBACK_RAW_CLOSE = 60, - /**< RAW mode connection is closing */ - - LWS_CALLBACK_RAW_WRITEABLE = 61, - /**< RAW mode connection may be written */ - - LWS_CALLBACK_RAW_ADOPT = 62, - /**< RAW mode connection was adopted (equivalent to 'wsi created') */ - - LWS_CALLBACK_RAW_SKT_BIND_PROTOCOL = 81, - LWS_CALLBACK_RAW_SKT_DROP_PROTOCOL = 82, - - /* --------------------------------------------------------------------- - * ----- Callbacks related to RAW file handles ----- - */ - - LWS_CALLBACK_RAW_ADOPT_FILE = 63, - /**< RAW mode file was adopted (equivalent to 'wsi created') */ - - LWS_CALLBACK_RAW_RX_FILE = 64, - /**< This is the indication the RAW mode file has something to read. - * This doesn't actually do the read of the file and len is always - * 0... your code should do the read having been informed there is - * something to read now. */ - - LWS_CALLBACK_RAW_WRITEABLE_FILE = 65, - /**< RAW mode file is writeable */ - - LWS_CALLBACK_RAW_CLOSE_FILE = 66, - /**< RAW mode wsi that adopted a file is closing */ - - LWS_CALLBACK_RAW_FILE_BIND_PROTOCOL = 83, - LWS_CALLBACK_RAW_FILE_DROP_PROTOCOL = 84, - - /* --------------------------------------------------------------------- - * ----- Callbacks related to generic wsi events ----- - */ - - LWS_CALLBACK_TIMER = 73, - /**< When the time elapsed after a call to - * lws_set_timer_usecs(wsi, usecs) is up, the wsi will get one of - * these callbacks. The deadline can be continuously extended into the - * future by later calls to lws_set_timer_usecs() before the deadline - * expires, or cancelled by lws_set_timer_usecs(wsi, -1); - */ - - LWS_CALLBACK_EVENT_WAIT_CANCELLED = 71, - /**< This is sent to every protocol of every vhost in response - * to lws_cancel_service() or lws_cancel_service_pt(). This - * callback is serialized in the lws event loop normally, even - * if the lws_cancel_service[_pt]() call was from a different - * thread. */ - - LWS_CALLBACK_CHILD_CLOSING = 69, - /**< Sent to parent to notify them a child is closing / being - * destroyed. in is the child wsi. - */ - - /* --------------------------------------------------------------------- - * ----- Callbacks related to TLS certificate management ----- - */ - - LWS_CALLBACK_VHOST_CERT_AGING = 72, - /**< When a vhost TLS cert has its expiry checked, this callback - * is broadcast to every protocol of every vhost in case the - * protocol wants to take some action with this information. - * \p in is a pointer to a struct lws_acme_cert_aging_args, - * and \p len is the number of days left before it expires, as - * a (ssize_t). In the struct lws_acme_cert_aging_args, vh - * points to the vhost the cert aging information applies to, - * and element_overrides[] is an optional way to update information - * from the pvos... NULL in an index means use the information from - * from the pvo for the cert renewal, non-NULL in the array index - * means use that pointer instead for the index. */ - - LWS_CALLBACK_VHOST_CERT_UPDATE = 74, - /**< When a vhost TLS cert is being updated, progress is - * reported to the vhost in question here, including completion - * and failure. in points to optional JSON, and len represents the - * connection state using enum lws_cert_update_state */ - - - /****** add new things just above ---^ ******/ - - LWS_CALLBACK_USER = 1000, - /**< user code can use any including above without fear of clashes */ -}; - - - -/** - * typedef lws_callback_function() - User server actions - * \param wsi: Opaque websocket instance pointer - * \param reason: The reason for the call - * \param user: Pointer to per-session user data allocated by library - * \param in: Pointer used for some callback reasons - * \param len: Length set for some callback reasons - * - * This callback is the way the user controls what is served. All the - * protocol detail is hidden and handled by the library. - * - * For each connection / session there is user data allocated that is - * pointed to by "user". You set the size of this user data area when - * the library is initialized with lws_create_server. - */ -typedef int -lws_callback_function(struct lws *wsi, enum lws_callback_reasons reason, - void *user, void *in, size_t len); - -#define LWS_CB_REASON_AUX_BF__CGI 1 -#define LWS_CB_REASON_AUX_BF__PROXY 2 -#define LWS_CB_REASON_AUX_BF__CGI_CHUNK_END 4 -#define LWS_CB_REASON_AUX_BF__CGI_HEADERS 8 -#define LWS_CB_REASON_AUX_BF__PROXY_TRANS_END 16 -#define LWS_CB_REASON_AUX_BF__PROXY_HEADERS 32 -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-cgi.h b/thirdparty/libwebsockets/include/libwebsockets/lws-cgi.h deleted file mode 100644 index 7a5eca2855..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-cgi.h +++ /dev/null @@ -1,103 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup cgi cgi handling - * - * ##CGI handling - * - * These functions allow low-level control over stdin/out/err of the cgi. - * - * However for most cases, binding the cgi to http in and out, the default - * lws implementation already does the right thing. - */ - -enum lws_enum_stdinouterr { - LWS_STDIN = 0, - LWS_STDOUT = 1, - LWS_STDERR = 2, -}; - -enum lws_cgi_hdr_state { - LCHS_HEADER, - LCHS_CR1, - LCHS_LF1, - LCHS_CR2, - LCHS_LF2, - LHCS_RESPONSE, - LHCS_DUMP_HEADERS, - LHCS_PAYLOAD, - LCHS_SINGLE_0A, -}; - -struct lws_cgi_args { - struct lws **stdwsi; /**< get fd with lws_get_socket_fd() */ - enum lws_enum_stdinouterr ch; /**< channel index */ - unsigned char *data; /**< for messages with payload */ - enum lws_cgi_hdr_state hdr_state; /**< track where we are in cgi headers */ - int len; /**< length */ -}; - -#ifdef LWS_WITH_CGI -/** - * lws_cgi: spawn network-connected cgi process - * - * \param wsi: connection to own the process - * \param exec_array: array of "exec-name" "arg1" ... "argn" NULL - * \param script_uri_path_len: how many chars on the left of the uri are the - * path to the cgi, or -1 to spawn without URL-related env vars - * \param timeout_secs: seconds script should be allowed to run - * \param mp_cgienv: pvo list with per-vhost cgi options to put in env - */ -LWS_VISIBLE LWS_EXTERN int -lws_cgi(struct lws *wsi, const char * const *exec_array, - int script_uri_path_len, int timeout_secs, - const struct lws_protocol_vhost_options *mp_cgienv); - -/** - * lws_cgi_write_split_stdout_headers: write cgi output accounting for header part - * - * \param wsi: connection to own the process - */ -LWS_VISIBLE LWS_EXTERN int -lws_cgi_write_split_stdout_headers(struct lws *wsi); - -/** - * lws_cgi_kill: terminate cgi process associated with wsi - * - * \param wsi: connection to own the process - */ -LWS_VISIBLE LWS_EXTERN int -lws_cgi_kill(struct lws *wsi); - -/** - * lws_cgi_get_stdwsi: get wsi for stdin, stdout, or stderr - * - * \param wsi: parent wsi that has cgi - * \param ch: which of LWS_STDIN, LWS_STDOUT or LWS_STDERR - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_cgi_get_stdwsi(struct lws *wsi, enum lws_enum_stdinouterr ch); - -#endif -///@} - diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-client.h b/thirdparty/libwebsockets/include/libwebsockets/lws-client.h deleted file mode 100644 index a1661b0a9f..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-client.h +++ /dev/null @@ -1,231 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup client Client related functions - * ##Client releated functions - * \ingroup lwsapi - * - * */ -///@{ - -/** enum lws_client_connect_ssl_connection_flags - flags that may be used - * with struct lws_client_connect_info ssl_connection member to control if - * and how SSL checks apply to the client connection being created - */ - -enum lws_client_connect_ssl_connection_flags { - LCCSCF_USE_SSL = (1 << 0), - LCCSCF_ALLOW_SELFSIGNED = (1 << 1), - LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK = (1 << 2), - LCCSCF_ALLOW_EXPIRED = (1 << 3), - - LCCSCF_PIPELINE = (1 << 16), - /**< Serialize / pipeline multiple client connections - * on a single connection where possible. - * - * HTTP/1.0: possible if Keep-Alive: yes sent by server - * HTTP/1.1: always possible... uses pipelining - * HTTP/2: always possible... uses parallel streams - * */ -}; - -/** struct lws_client_connect_info - parameters to connect with when using - * lws_client_connect_via_info() */ - -struct lws_client_connect_info { - struct lws_context *context; - /**< lws context to create connection in */ - const char *address; - /**< remote address to connect to */ - int port; - /**< remote port to connect to */ - int ssl_connection; - /**< 0, or a combination of LCCSCF_ flags */ - const char *path; - /**< uri path */ - const char *host; - /**< content of host header */ - const char *origin; - /**< content of origin header */ - const char *protocol; - /**< list of ws protocols we could accept */ - int ietf_version_or_minus_one; - /**< deprecated: currently leave at 0 or -1 */ - void *userdata; - /**< if non-NULL, use this as wsi user_data instead of malloc it */ - const void *client_exts; - /**< UNUSED... provide in info.extensions at context creation time */ - const char *method; - /**< if non-NULL, do this http method instead of ws[s] upgrade. - * use "GET" to be a simple http client connection. "RAW" gets - * you a connected socket that lws itself will leave alone once - * connected. */ - struct lws *parent_wsi; - /**< if another wsi is responsible for this connection, give it here. - * this is used to make sure if the parent closes so do any - * child connections first. */ - const char *uri_replace_from; - /**< if non-NULL, when this string is found in URIs in - * text/html content-encoding, it's replaced with uri_replace_to */ - const char *uri_replace_to; - /**< see uri_replace_from */ - struct lws_vhost *vhost; - /**< vhost to bind to (used to determine related SSL_CTX) */ - struct lws **pwsi; - /**< if not NULL, store the new wsi here early in the connection - * process. Although we return the new wsi, the call to create the - * client connection does progress the connection somewhat and may - * meet an error that will result in the connection being scrubbed and - * NULL returned. While the wsi exists though, he may process a - * callback like CLIENT_CONNECTION_ERROR with his wsi: this gives the - * user callback a way to identify which wsi it is that faced the error - * even before the new wsi is returned and even if ultimately no wsi - * is returned. - */ - const char *iface; - /**< NULL to allow routing on any interface, or interface name or IP - * to bind the socket to */ - const char *local_protocol_name; - /**< NULL: .protocol is used both to select the local protocol handler - * to bind to and as the list of remote ws protocols we could - * accept. - * non-NULL: this protocol name is used to bind the connection to - * the local protocol handler. .protocol is used for the - * list of remote ws protocols we could accept */ - const char *alpn; - /**< NULL: allow lws default ALPN list, from vhost if present or from - * list of roles built into lws - * non-NULL: require one from provided comma-separated list of alpn - * tokens - */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility - * - * The below is to ensure later library versions with new - * members added above will see 0 (default) even if the app - * was not built against the newer headers. - */ - - void *_unused[4]; /**< dummy */ -}; - -/** - * lws_client_connect_via_info() - Connect to another websocket server - * \param ccinfo: pointer to lws_client_connect_info struct - * - * This function creates a connection to a remote server using the - * information provided in ccinfo. - */ -LWS_VISIBLE LWS_EXTERN struct lws * -lws_client_connect_via_info(const struct lws_client_connect_info *ccinfo); - -/** - * lws_init_vhost_client_ssl() - also enable client SSL on an existing vhost - * - * \param info: client ssl related info - * \param vhost: which vhost to initialize client ssl operations on - * - * You only need to call this if you plan on using SSL client connections on - * the vhost. For non-SSL client connections, it's not necessary to call this. - * - * The following members of info are used during the call - * - * - options must have LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT set, - * otherwise the call does nothing - * - provided_client_ssl_ctx must be NULL to get a generated client - * ssl context, otherwise you can pass a prepared one in by setting it - * - ssl_cipher_list may be NULL or set to the client valid cipher list - * - ssl_ca_filepath may be NULL or client cert filepath - * - ssl_cert_filepath may be NULL or client cert filepath - * - ssl_private_key_filepath may be NULL or client cert private key - * - * You must create your vhost explicitly if you want to use this, so you have - * a pointer to the vhost. Create the context first with the option flag - * LWS_SERVER_OPTION_EXPLICIT_VHOSTS and then call lws_create_vhost() with - * the same info struct. - */ -LWS_VISIBLE LWS_EXTERN int -lws_init_vhost_client_ssl(const struct lws_context_creation_info *info, - struct lws_vhost *vhost); -/** - * lws_http_client_read() - consume waiting received http client data - * - * \param wsi: client connection - * \param buf: pointer to buffer pointer - fill with pointer to your buffer - * \param len: pointer to chunk length - fill with max length of buffer - * - * This is called when the user code is notified client http data has arrived. - * The user code may choose to delay calling it to consume the data, for example - * waiting until an onward connection is writeable. - * - * For non-chunked connections, up to len bytes of buf are filled with the - * received content. len is set to the actual amount filled before return. - * - * For chunked connections, the linear buffer content contains the chunking - * headers and it cannot be passed in one lump. Instead, this function will - * call back LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ with in pointing to the - * chunk start and len set to the chunk length. There will be as many calls - * as there are chunks or partial chunks in the buffer. - */ -LWS_VISIBLE LWS_EXTERN int -lws_http_client_read(struct lws *wsi, char **buf, int *len); - -/** - * lws_http_client_http_response() - get last HTTP response code - * - * \param wsi: client connection - * - * Returns the last server response code, eg, 200 for client http connections. - * - * You should capture this during the LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP - * callback, because after that the memory reserved for storing the related - * headers is freed and this value is lost. - */ -LWS_VISIBLE LWS_EXTERN unsigned int -lws_http_client_http_response(struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN void -lws_client_http_body_pending(struct lws *wsi, int something_left_to_send); - -/** - * lws_client_http_body_pending() - control if client connection neeeds to send body - * - * \param wsi: client connection - * \param something_left_to_send: nonzero if need to send more body, 0 (default) - * if nothing more to send - * - * If you will send payload data with your HTTP client connection, eg, for POST, - * when you set the related http headers in - * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER callback you should also call - * this API with something_left_to_send nonzero, and call - * lws_callback_on_writable(wsi); - * - * After sending the headers, lws will call your callback with - * LWS_CALLBACK_CLIENT_HTTP_WRITEABLE reason when writable. You can send the - * next part of the http body payload, calling lws_callback_on_writable(wsi); - * if there is more to come, or lws_client_http_body_pending(wsi, 0); to - * let lws know the last part is sent and the connection can move on. - */ - -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-context-vhost.h b/thirdparty/libwebsockets/include/libwebsockets/lws-context-vhost.h deleted file mode 100644 index a63d708629..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-context-vhost.h +++ /dev/null @@ -1,927 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup context-and-vhost context and vhost related functions - * ##Context and Vhost releated functions - * \ingroup lwsapi - * - * - * LWS requires that there is one context, in which you may define multiple - * vhosts. Each vhost is a virtual host, with either its own listen port - * or sharing an existing one. Each vhost has its own SSL context that can - * be set up individually or left disabled. - * - * If you don't care about multiple "site" support, you can ignore it and - * lws will create a single default vhost at context creation time. - */ -///@{ - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ - -/** enum lws_context_options - context and vhost options */ -enum lws_context_options { - LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT = (1 << 1) | - (1 << 12), - /**< (VH) Don't allow the connection unless the client has a - * client cert that we recognize; provides - * LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */ - LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME = (1 << 2), - /**< (CTX) Don't try to get the server's hostname */ - LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT = (1 << 3) | - (1 << 12), - /**< (VH) Allow non-SSL (plaintext) connections on the same - * port as SSL is listening... undermines the security of SSL; - * provides LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */ - LWS_SERVER_OPTION_LIBEV = (1 << 4), - /**< (CTX) Use libev event loop */ - LWS_SERVER_OPTION_DISABLE_IPV6 = (1 << 5), - /**< (VH) Disable IPV6 support */ - LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS = (1 << 6), - /**< (VH) Don't load OS CA certs, you will need to load your - * own CA cert(s) */ - LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED = (1 << 7), - /**< (VH) Accept connections with no valid Cert (eg, selfsigned) */ - LWS_SERVER_OPTION_VALIDATE_UTF8 = (1 << 8), - /**< (VH) Check UT-8 correctness */ - LWS_SERVER_OPTION_SSL_ECDH = (1 << 9) | - (1 << 12), - /**< (VH) initialize ECDH ciphers */ - LWS_SERVER_OPTION_LIBUV = (1 << 10), - /**< (CTX) Use libuv event loop */ - LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS = (1 << 11) | - (1 << 12), - /**< (VH) Use http redirect to force http to https - * (deprecated: use mount redirection) */ - LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT = (1 << 12), - /**< (CTX) Initialize the SSL library at all */ - LWS_SERVER_OPTION_EXPLICIT_VHOSTS = (1 << 13), - /**< (CTX) Only create the context when calling context - * create api, implies user code will create its own vhosts */ - LWS_SERVER_OPTION_UNIX_SOCK = (1 << 14), - /**< (VH) Use Unix socket */ - LWS_SERVER_OPTION_STS = (1 << 15), - /**< (VH) Send Strict Transport Security header, making - * clients subsequently go to https even if user asked for http */ - LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY = (1 << 16), - /**< (VH) Enable LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE to take effect */ - LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE = (1 << 17), - /**< (VH) if set, only ipv6 allowed on the vhost */ - LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN = (1 << 18), - /**< (CTX) Libuv only: Do not spin on SIGSEGV / SIGFPE. A segfault - * normally makes the lib spin so you can attach a debugger to it - * even if it happened without a debugger in place. You can disable - * that by giving this option. - */ - LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN = (1 << 19), - /**< For backwards-compatibility reasons, by default - * lws prepends "http://" to the origin you give in the client - * connection info struct. If you give this flag when you create - * the context, only the string you give in the client connect - * info for .origin (if any) will be used directly. - */ - LWS_SERVER_OPTION_FALLBACK_TO_RAW = (1 << 20), - /**< (VH) if invalid http is coming in the first line, */ - LWS_SERVER_OPTION_LIBEVENT = (1 << 21), - /**< (CTX) Use libevent event loop */ - LWS_SERVER_OPTION_ONLY_RAW = (1 << 22), - /**< (VH) All connections to this vhost / port are RAW as soon as - * the connection is accepted, no HTTP is going to be coming. - */ - LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE = (1 << 23), - /**< (VH) Set to allow multiple listen sockets on one interface + - * address + port. The default is to strictly allow only one - * listen socket at a time. This is automatically selected if you - * have multiple service threads. - */ - LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX = (1 << 24), - /**< (VH) Force setting up the vhost SSL_CTX, even though the user - * code doesn't explicitly provide a cert in the info struct. It - * implies the user code is going to provide a cert at the - * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS callback, which - * provides the vhost SSL_CTX * in the user parameter. - */ - LWS_SERVER_OPTION_SKIP_PROTOCOL_INIT = (1 << 25), - /**< (VH) You probably don't want this. It forces this vhost to not - * call LWS_CALLBACK_PROTOCOL_INIT on its protocols. It's used in the - * special case of a temporary vhost bound to a single protocol. - */ - LWS_SERVER_OPTION_IGNORE_MISSING_CERT = (1 << 26), - /**< (VH) Don't fail if the vhost TLS cert or key are missing, just - * continue. The vhost won't be able to serve anything, but if for - * example the ACME plugin was configured to fetch a cert, this lets - * you bootstrap your vhost from having no cert to start with. - */ - LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK = (1 << 27), - /**< (VH) On this vhost, if the connection is being upgraded, insist - * that there's a Host: header and that the contents match the vhost - * name + port (443 / 80 are assumed if no :port given based on if the - * connection is using TLS). - * - * By default, without this flag, on upgrade lws just checks that the - * Host: header was given without checking the contents... this is to - * allow lax hostname mappings like localhost / 127.0.0.1, and CNAME - * mappings like www.mysite.com / mysite.com - */ - LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE = (1 << 28), - /**< (VH) Send lws default HTTP headers recommended by Mozilla - * Observatory for security. This is a helper option that sends canned - * headers on each http response enabling a VERY strict Content Security - * Policy. The policy is so strict, for example it won't let the page - * run its own inline JS nor show images or take CSS from a different - * server. In many cases your JS only comes from your server as do the - * image sources and CSS, so that is what you want... attackers hoping - * to inject JS into your DOM are completely out of luck since even if - * they succeed, it will be rejected for execution by the browser - * according to the strict CSP. In other cases you have to deviate from - * the complete strictness, in which case don't use this flag: use the - * .headers member in the vhost init described in struct - * lws_context_creation_info instead to send the adapted headers - * yourself. - */ - - /****** add new things just above ---^ ******/ -}; - -#define lws_check_opt(c, f) (((c) & (f)) == (f)) - -struct lws_plat_file_ops; - -/** struct lws_context_creation_info - parameters to create context and /or vhost with - * - * This is also used to create vhosts.... if LWS_SERVER_OPTION_EXPLICIT_VHOSTS - * is not given, then for backwards compatibility one vhost is created at - * context-creation time using the info from this struct. - * - * If LWS_SERVER_OPTION_EXPLICIT_VHOSTS is given, then no vhosts are created - * at the same time as the context, they are expected to be created afterwards. - */ -struct lws_context_creation_info { - int port; - /**< VHOST: Port to listen on. Use CONTEXT_PORT_NO_LISTEN to suppress - * listening for a client. Use CONTEXT_PORT_NO_LISTEN_SERVER if you are - * writing a server but you are using \ref sock-adopt instead of the - * built-in listener. - * - * You can also set port to 0, in which case the kernel will pick - * a random port that is not already in use. You can find out what - * port the vhost is listening on using lws_get_vhost_listen_port() */ - const char *iface; - /**< VHOST: NULL to bind the listen socket to all interfaces, or the - * interface name, eg, "eth2" - * If options specifies LWS_SERVER_OPTION_UNIX_SOCK, this member is - * the pathname of a UNIX domain socket. you can use the UNIX domain - * sockets in abstract namespace, by prepending an at symbol to the - * socket name. */ - const struct lws_protocols *protocols; - /**< VHOST: Array of structures listing supported protocols and a - * protocol-specific callback for each one. The list is ended with an - * entry that has a NULL callback pointer. */ - const struct lws_extension *extensions; - /**< VHOST: NULL or array of lws_extension structs listing the - * extensions this context supports. */ - const struct lws_token_limits *token_limits; - /**< CONTEXT: NULL or struct lws_token_limits pointer which is - * initialized with a token length limit for each possible WSI_TOKEN_ */ - const char *ssl_private_key_password; - /**< VHOST: NULL or the passphrase needed for the private key. (For - * backwards compatibility, this can also be used to pass the client - * cert passphrase when setting up a vhost client SSL context, but it is - * preferred to use .client_ssl_private_key_password for that.) */ - const char *ssl_cert_filepath; - /**< VHOST: If libwebsockets was compiled to use ssl, and you want - * to listen using SSL, set to the filepath to fetch the - * server cert from, otherwise NULL for unencrypted. (For backwards - * compatibility, this can also be used to pass the client certificate - * when setting up a vhost client SSL context, but it is preferred to - * use .client_ssl_cert_filepath for that.) */ - const char *ssl_private_key_filepath; - /**< VHOST: filepath to private key if wanting SSL mode; - * if this is set to NULL but ssl_cert_filepath is set, the - * OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY callback is called - * to allow setting of the private key directly via openSSL - * library calls. (For backwards compatibility, this can also be used - * to pass the client cert private key filepath when setting up a - * vhost client SSL context, but it is preferred to use - * .client_ssl_private_key_filepath for that.) */ - const char *ssl_ca_filepath; - /**< VHOST: CA certificate filepath or NULL. (For backwards - * compatibility, this can also be used to pass the client CA - * filepath when setting up a vhost client SSL context, - * but it is preferred to use .client_ssl_ca_filepath for that.) */ - const char *ssl_cipher_list; - /**< VHOST: List of valid ciphers to use ON TLS1.2 AND LOWER ONLY (eg, - * "RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:HIGH:!DSS:!aNULL" - * or you can leave it as NULL to get "DEFAULT" (For backwards - * compatibility, this can also be used to pass the client cipher - * list when setting up a vhost client SSL context, - * but it is preferred to use .client_ssl_cipher_list for that.) - * SEE .tls1_3_plus_cipher_list and .client_tls_1_3_plus_cipher_list - * for the equivalent for tls1.3. - */ - const char *http_proxy_address; - /**< VHOST: If non-NULL, attempts to proxy via the given address. - * If proxy auth is required, use format - * "username:password\@server:port" */ - unsigned int http_proxy_port; - /**< VHOST: If http_proxy_address was non-NULL, uses this port */ - int gid; - /**< CONTEXT: group id to change to after setting listen socket, - * or -1. */ - int uid; - /**< CONTEXT: user id to change to after setting listen socket, - * or -1. */ - unsigned int options; - /**< VHOST + CONTEXT: 0, or LWS_SERVER_OPTION_... bitfields */ - void *user; - /**< VHOST + CONTEXT: optional user pointer that will be associated - * with the context when creating the context (and can be retrieved by - * lws_context_user(context), or with the vhost when creating the vhost - * (and can be retrieved by lws_vhost_user(vhost)). You will need to - * use LWS_SERVER_OPTION_EXPLICIT_VHOSTS and create the vhost separately - * if you care about giving the context and vhost different user pointer - * values. - */ - int ka_time; - /**< CONTEXT: 0 for no TCP keepalive, otherwise apply this keepalive - * timeout to all libwebsocket sockets, client or server */ - int ka_probes; - /**< CONTEXT: if ka_time was nonzero, after the timeout expires how many - * times to try to get a response from the peer before giving up - * and killing the connection */ - int ka_interval; - /**< CONTEXT: if ka_time was nonzero, how long to wait before each ka_probes - * attempt */ -#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) - SSL_CTX *provided_client_ssl_ctx; - /**< CONTEXT: If non-null, swap out libwebsockets ssl - * implementation for the one provided by provided_ssl_ctx. - * Libwebsockets no longer is responsible for freeing the context - * if this option is selected. */ -#else /* maintain structure layout either way */ - void *provided_client_ssl_ctx; /**< dummy if ssl disabled */ -#endif - - unsigned short max_http_header_data; - /**< CONTEXT: The max amount of header payload that can be handled - * in an http request (unrecognized header payload is dropped) */ - unsigned short max_http_header_pool; - /**< CONTEXT: The max number of connections with http headers that - * can be processed simultaneously (the corresponding memory is - * allocated and deallocated dynamically as needed). If the pool is - * fully busy new incoming connections must wait for accept until one - * becomes free. 0 = allow as many ah as number of availble fds for - * the process */ - - unsigned int count_threads; - /**< CONTEXT: how many contexts to create in an array, 0 = 1 */ - unsigned int fd_limit_per_thread; - /**< CONTEXT: nonzero means restrict each service thread to this - * many fds, 0 means the default which is divide the process fd - * limit by the number of threads. */ - unsigned int timeout_secs; - /**< VHOST: various processes involving network roundtrips in the - * library are protected from hanging forever by timeouts. If - * nonzero, this member lets you set the timeout used in seconds. - * Otherwise a default timeout is used. */ - const char *ecdh_curve; - /**< VHOST: if NULL, defaults to initializing server with - * "prime256v1" */ - const char *vhost_name; - /**< VHOST: name of vhost, must match external DNS name used to - * access the site, like "warmcat.com" as it's used to match - * Host: header and / or SNI name for SSL. */ - const char * const *plugin_dirs; - /**< CONTEXT: NULL, or NULL-terminated array of directories to - * scan for lws protocol plugins at context creation time */ - const struct lws_protocol_vhost_options *pvo; - /**< VHOST: pointer to optional linked list of per-vhost - * options made accessible to protocols */ - int keepalive_timeout; - /**< VHOST: (default = 0 = 5s) seconds to allow remote - * client to hold on to an idle HTTP/1.1 connection */ - const char *log_filepath; - /**< VHOST: filepath to append logs to... this is opened before - * any dropping of initial privileges */ - const struct lws_http_mount *mounts; - /**< VHOST: optional linked list of mounts for this vhost */ - const char *server_string; - /**< CONTEXT: string used in HTTP headers to identify server - * software, if NULL, "libwebsockets". */ - unsigned int pt_serv_buf_size; - /**< CONTEXT: 0 = default of 4096. This buffer is used by - * various service related features including file serving, it - * defines the max chunk of file that can be sent at once. - * At the risk of lws having to buffer failed large sends, it - * can be increased to, eg, 128KiB to improve throughput. */ - unsigned int max_http_header_data2; - /**< CONTEXT: if max_http_header_data is 0 and this - * is nonzero, this will be used in place of the default. It's - * like this for compatibility with the original short version, - * this is unsigned int length. */ - long ssl_options_set; - /**< VHOST: Any bits set here will be set as server SSL options */ - long ssl_options_clear; - /**< VHOST: Any bits set here will be cleared as server SSL options */ - unsigned short ws_ping_pong_interval; - /**< CONTEXT: 0 for none, else interval in seconds between sending - * PINGs on idle websocket connections. When the PING is sent, - * the PONG must come within the normal timeout_secs timeout period - * or the connection will be dropped. - * Any RX or TX traffic on the connection restarts the interval timer, - * so a connection which always sends or receives something at intervals - * less than the interval given here will never send PINGs / expect - * PONGs. Conversely as soon as the ws connection is established, an - * idle connection will do the PING / PONG roundtrip as soon as - * ws_ping_pong_interval seconds has passed without traffic - */ - const struct lws_protocol_vhost_options *headers; - /**< VHOST: pointer to optional linked list of per-vhost - * canned headers that are added to server responses */ - - const struct lws_protocol_vhost_options *reject_service_keywords; - /**< CONTEXT: Optional list of keywords and rejection codes + text. - * - * The keywords are checked for existing in the user agent string. - * - * Eg, "badrobot" "404 Not Found" - */ - void *external_baggage_free_on_destroy; - /**< CONTEXT: NULL, or pointer to something externally malloc'd, that - * should be freed when the context is destroyed. This allows you to - * automatically sync the freeing action to the context destruction - * action, so there is no need for an external free() if the context - * succeeded to create. - */ - - const char *client_ssl_private_key_password; - /**< VHOST: Client SSL context init: NULL or the passphrase needed - * for the private key */ - const char *client_ssl_cert_filepath; - /**< VHOST: Client SSL context init:T he certificate the client - * should present to the peer on connection */ - const char *client_ssl_private_key_filepath; - /**< VHOST: Client SSL context init: filepath to client private key - * if this is set to NULL but client_ssl_cert_filepath is set, you - * can handle the LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS - * callback of protocols[0] to allow setting of the private key directly - * via openSSL library calls */ - const char *client_ssl_ca_filepath; - /**< VHOST: Client SSL context init: CA certificate filepath or NULL */ - const void *client_ssl_ca_mem; - /**< VHOST: Client SSL context init: CA certificate memory buffer or - * NULL... use this to load CA cert from memory instead of file */ - unsigned int client_ssl_ca_mem_len; - /**< VHOST: Client SSL context init: length of client_ssl_ca_mem in - * bytes */ - - const char *client_ssl_cipher_list; - /**< VHOST: Client SSL context init: List of valid ciphers to use (eg, - * "RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:HIGH:!DSS:!aNULL" - * or you can leave it as NULL to get "DEFAULT" */ - - const struct lws_plat_file_ops *fops; - /**< CONTEXT: NULL, or pointer to an array of fops structs, terminated - * by a sentinel with NULL .open. - * - * If NULL, lws provides just the platform file operations struct for - * backwards compatibility. - */ - int simultaneous_ssl_restriction; - /**< CONTEXT: 0 (no limit) or limit of simultaneous SSL sessions - * possible.*/ - const char *socks_proxy_address; - /**< VHOST: If non-NULL, attempts to proxy via the given address. - * If proxy auth is required, use format - * "username:password\@server:port" */ - unsigned int socks_proxy_port; - /**< VHOST: If socks_proxy_address was non-NULL, uses this port */ -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - cap_value_t caps[4]; - /**< CONTEXT: array holding Linux capabilities you want to - * continue to be available to the server after it transitions - * to a noprivileged user. Usually none are needed but for, eg, - * .bind_iface, CAP_NET_RAW is required. This gives you a way - * to still have the capability but drop root. - */ - char count_caps; - /**< CONTEXT: count of Linux capabilities in .caps[]. 0 means - * no capabilities will be inherited from root (the default) */ -#endif - int bind_iface; - /**< VHOST: nonzero to strictly bind sockets to the interface name in - * .iface (eg, "eth2"), using SO_BIND_TO_DEVICE. - * - * Requires SO_BINDTODEVICE support from your OS and CAP_NET_RAW - * capability. - * - * Notice that common things like access network interface IP from - * your local machine use your lo / loopback interface and will be - * disallowed by this. - */ - int ssl_info_event_mask; - /**< VHOST: mask of ssl events to be reported on LWS_CALLBACK_SSL_INFO - * callback for connections on this vhost. The mask values are of - * the form SSL_CB_ALERT, defined in openssl/ssl.h. The default of - * 0 means no info events will be reported. - */ - unsigned int timeout_secs_ah_idle; - /**< VHOST: seconds to allow a client to hold an ah without using it. - * 0 defaults to 10s. */ - unsigned short ip_limit_ah; - /**< CONTEXT: max number of ah a single IP may use simultaneously - * 0 is no limit. This is a soft limit: if the limit is - * reached, connections from that IP will wait in the ah - * waiting list and not be able to acquire an ah until - * a connection belonging to the IP relinquishes one it - * already has. - */ - unsigned short ip_limit_wsi; - /**< CONTEXT: max number of wsi a single IP may use simultaneously. - * 0 is no limit. This is a hard limit, connections from - * the same IP will simply be dropped once it acquires the - * amount of simultaneous wsi / accepted connections - * given here. - */ - uint32_t http2_settings[7]; - /**< VHOST: if http2_settings[0] is nonzero, the values given in - * http2_settings[1]..[6] are used instead of the lws - * platform default values. - * Just leave all at 0 if you don't care. - */ - const char *error_document_404; - /**< VHOST: If non-NULL, when asked to serve a non-existent file, - * lws attempts to server this url path instead. Eg, - * "/404.html" */ - const char *alpn; - /**< CONTEXT: If non-NULL, default list of advertised alpn, comma- - * separated - * - * VHOST: If non-NULL, per-vhost list of advertised alpn, comma- - * separated - */ - void **foreign_loops; - /**< CONTEXT: This is ignored if the context is not being started with - * an event loop, ie, .options has a flag like - * LWS_SERVER_OPTION_LIBUV. - * - * NULL indicates lws should start its own even loop for - * each service thread, and deal with closing the loops - * when the context is destroyed. - * - * Non-NULL means it points to an array of external - * ("foreign") event loops that are to be used in turn for - * each service thread. In the default case of 1 service - * thread, it can just point to one foreign event loop. - */ - void (*signal_cb)(void *event_lib_handle, int signum); - /**< CONTEXT: NULL: default signal handling. Otherwise this receives - * the signal handler callback. event_lib_handle is the - * native event library signal handle, eg uv_signal_t * - * for libuv. - */ - struct lws_context **pcontext; - /**< CONTEXT: if non-NULL, at the end of context destroy processing, - * the pointer pointed to by pcontext is written with NULL. You can - * use this to let foreign event loops know that lws context destruction - * is fully completed. - */ - void (*finalize)(struct lws_vhost *vh, void *arg); - /**< VHOST: NULL, or pointer to function that will be called back - * when the vhost is just about to be freed. The arg parameter - * will be set to whatever finalize_arg is below. - */ - void *finalize_arg; - /**< VHOST: opaque pointer lws ignores but passes to the finalize - * callback. If you don't care, leave it NULL. - */ - unsigned int max_http_header_pool2; - /**< CONTEXT: if max_http_header_pool is 0 and this - * is nonzero, this will be used in place of the default. It's - * like this for compatibility with the original short version: - * this is unsigned int length. */ - - long ssl_client_options_set; - /**< VHOST: Any bits set here will be set as CLIENT SSL options */ - long ssl_client_options_clear; - /**< VHOST: Any bits set here will be cleared as CLIENT SSL options */ - - const char *tls1_3_plus_cipher_list; - /**< VHOST: List of valid ciphers to use for incoming server connections - * ON TLS1.3 AND ABOVE (eg, "TLS_CHACHA20_POLY1305_SHA256" on this vhost - * or you can leave it as NULL to get "DEFAULT". - * SEE .client_tls_1_3_plus_cipher_list to do the same on the vhost - * client SSL_CTX. - */ - const char *client_tls_1_3_plus_cipher_list; - /**< VHOST: List of valid ciphers to use for outgoing client connections - * ON TLS1.3 AND ABOVE on this vhost (eg, - * "TLS_CHACHA20_POLY1305_SHA256") or you can leave it as NULL to get - * "DEFAULT". - */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility - * - * The below is to ensure later library versions with new - * members added above will see 0 (default) even if the app - * was not built against the newer headers. - */ - - void *_unused[4]; /**< dummy */ -}; - -/** - * lws_create_context() - Create the websocket handler - * \param info: pointer to struct with parameters - * - * This function creates the listening socket (if serving) and takes care - * of all initialization in one step. - * - * If option LWS_SERVER_OPTION_EXPLICIT_VHOSTS is given, no vhost is - * created; you're expected to create your own vhosts afterwards using - * lws_create_vhost(). Otherwise a vhost named "default" is also created - * using the information in the vhost-related members, for compatibility. - * - * After initialization, it returns a struct lws_context * that - * represents this server. After calling, user code needs to take care - * of calling lws_service() with the context pointer to get the - * server's sockets serviced. This must be done in the same process - * context as the initialization call. - * - * The protocol callback functions are called for a handful of events - * including http requests coming in, websocket connections becoming - * established, and data arriving; it's also called periodically to allow - * async transmission. - * - * HTTP requests are sent always to the FIRST protocol in protocol, since - * at that time websocket protocol has not been negotiated. Other - * protocols after the first one never see any HTTP callback activity. - * - * The server created is a simple http server by default; part of the - * websocket standard is upgrading this http connection to a websocket one. - * - * This allows the same server to provide files like scripts and favicon / - * images or whatever over http and dynamic data over websockets all in - * one place; they're all handled in the user callback. - */ -LWS_VISIBLE LWS_EXTERN struct lws_context * -lws_create_context(const struct lws_context_creation_info *info); - - -/** - * lws_context_destroy() - Destroy the websocket context - * \param context: Websocket context - * - * This function closes any active connections and then frees the - * context. After calling this, any further use of the context is - * undefined. - */ -LWS_VISIBLE LWS_EXTERN void -lws_context_destroy(struct lws_context *context); - -typedef int (*lws_reload_func)(void); - -/** - * lws_context_deprecate() - Deprecate the websocket context - * - * \param context: Websocket context - * \param cb: Callback notified when old context listen sockets are closed - * - * This function is used on an existing context before superceding it - * with a new context. - * - * It closes any listen sockets in the context, so new connections are - * not possible. - * - * And it marks the context to be deleted when the number of active - * connections into it falls to zero. - * - * This is aimed at allowing seamless configuration reloads. - * - * The callback cb will be called after the listen sockets are actually - * closed and may be reopened. In the callback the new context should be - * configured and created. (With libuv, socket close happens async after - * more loop events). - */ -LWS_VISIBLE LWS_EXTERN void -lws_context_deprecate(struct lws_context *context, lws_reload_func cb); - -LWS_VISIBLE LWS_EXTERN int -lws_context_is_deprecated(struct lws_context *context); - -/** - * lws_set_proxy() - Setups proxy to lws_context. - * \param vhost: pointer to struct lws_vhost you want set proxy for - * \param proxy: pointer to c string containing proxy in format address:port - * - * Returns 0 if proxy string was parsed and proxy was setup. - * Returns -1 if proxy is NULL or has incorrect format. - * - * This is only required if your OS does not provide the http_proxy - * environment variable (eg, OSX) - * - * IMPORTANT! You should call this function right after creation of the - * lws_context and before call to connect. If you call this - * function after connect behavior is undefined. - * This function will override proxy settings made on lws_context - * creation with genenv() call. - */ -LWS_VISIBLE LWS_EXTERN int -lws_set_proxy(struct lws_vhost *vhost, const char *proxy); - -/** - * lws_set_socks() - Setup socks to lws_context. - * \param vhost: pointer to struct lws_vhost you want set socks for - * \param socks: pointer to c string containing socks in format address:port - * - * Returns 0 if socks string was parsed and socks was setup. - * Returns -1 if socks is NULL or has incorrect format. - * - * This is only required if your OS does not provide the socks_proxy - * environment variable (eg, OSX) - * - * IMPORTANT! You should call this function right after creation of the - * lws_context and before call to connect. If you call this - * function after connect behavior is undefined. - * This function will override proxy settings made on lws_context - * creation with genenv() call. - */ -LWS_VISIBLE LWS_EXTERN int -lws_set_socks(struct lws_vhost *vhost, const char *socks); - -struct lws_vhost; - -/** - * lws_create_vhost() - Create a vhost (virtual server context) - * \param context: pointer to result of lws_create_context() - * \param info: pointer to struct with parameters - * - * This function creates a virtual server (vhost) using the vhost-related - * members of the info struct. You can create many vhosts inside one context - * if you created the context with the option LWS_SERVER_OPTION_EXPLICIT_VHOSTS - */ -LWS_VISIBLE LWS_EXTERN struct lws_vhost * -lws_create_vhost(struct lws_context *context, - const struct lws_context_creation_info *info); - -/** - * lws_vhost_destroy() - Destroy a vhost (virtual server context) - * - * \param vh: pointer to result of lws_create_vhost() - * - * This function destroys a vhost. Normally, if you just want to exit, - * then lws_destroy_context() will take care of everything. If you want - * to destroy an individual vhost and all connections and allocations, you - * can do it with this. - * - * If the vhost has a listen sockets shared by other vhosts, it will be given - * to one of the vhosts sharing it rather than closed. - * - * The vhost close is staged according to the needs of the event loop, and if - * there are multiple service threads. At the point the vhost itself if - * about to be freed, if you provided a finalize callback and optional arg at - * vhost creation time, it will be called just before the vhost is freed. - */ -LWS_VISIBLE LWS_EXTERN void -lws_vhost_destroy(struct lws_vhost *vh); - -/** - * lwsws_get_config_globals() - Parse a JSON server config file - * \param info: pointer to struct with parameters - * \param d: filepath of the config file - * \param config_strings: storage for the config strings extracted from JSON, - * the pointer is incremented as strings are stored - * \param len: pointer to the remaining length left in config_strings - * the value is decremented as strings are stored - * - * This function prepares a n lws_context_creation_info struct with global - * settings from a file d. - * - * Requires CMake option LWS_WITH_LEJP_CONF to have been enabled - */ -LWS_VISIBLE LWS_EXTERN int -lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, - char **config_strings, int *len); - -/** - * lwsws_get_config_vhosts() - Create vhosts from a JSON server config file - * \param context: pointer to result of lws_create_context() - * \param info: pointer to struct with parameters - * \param d: filepath of the config file - * \param config_strings: storage for the config strings extracted from JSON, - * the pointer is incremented as strings are stored - * \param len: pointer to the remaining length left in config_strings - * the value is decremented as strings are stored - * - * This function creates vhosts into a context according to the settings in - *JSON files found in directory d. - * - * Requires CMake option LWS_WITH_LEJP_CONF to have been enabled - */ -LWS_VISIBLE LWS_EXTERN int -lwsws_get_config_vhosts(struct lws_context *context, - struct lws_context_creation_info *info, const char *d, - char **config_strings, int *len); - -/** lws_vhost_get() - \deprecated deprecated: use lws_get_vhost() */ -LWS_VISIBLE LWS_EXTERN struct lws_vhost * -lws_vhost_get(struct lws *wsi) LWS_WARN_DEPRECATED; - -/** - * lws_get_vhost() - return the vhost a wsi belongs to - * - * \param wsi: which connection - */ -LWS_VISIBLE LWS_EXTERN struct lws_vhost * -lws_get_vhost(struct lws *wsi); - -/** - * lws_get_vhost_name() - returns the name of a vhost - * - * \param vhost: which vhost - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_get_vhost_name(struct lws_vhost *vhost); - -/** - * lws_get_vhost_port() - returns the port a vhost listens on, or -1 - * - * \param vhost: which vhost - */ -LWS_VISIBLE LWS_EXTERN int -lws_get_vhost_port(struct lws_vhost *vhost); - -/** - * lws_get_vhost_user() - returns the user pointer for the vhost - * - * \param vhost: which vhost - */ -LWS_VISIBLE LWS_EXTERN void * -lws_get_vhost_user(struct lws_vhost *vhost); - -/** - * lws_get_vhost_iface() - returns the binding for the vhost listen socket - * - * \param vhost: which vhost - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_get_vhost_iface(struct lws_vhost *vhost); - -/** - * lws_json_dump_vhost() - describe vhost state and stats in JSON - * - * \param vh: the vhost - * \param buf: buffer to fill with JSON - * \param len: max length of buf - */ -LWS_VISIBLE LWS_EXTERN int -lws_json_dump_vhost(const struct lws_vhost *vh, char *buf, int len); - -/** - * lws_json_dump_context() - describe context state and stats in JSON - * - * \param context: the context - * \param buf: buffer to fill with JSON - * \param len: max length of buf - * \param hide_vhosts: nonzero to not provide per-vhost mount etc information - * - * Generates a JSON description of vhost state into buf - */ -LWS_VISIBLE LWS_EXTERN int -lws_json_dump_context(const struct lws_context *context, char *buf, int len, - int hide_vhosts); - -/** - * lws_vhost_user() - get the user data associated with the vhost - * \param vhost: Websocket vhost - * - * This returns the optional user pointer that can be attached to - * a vhost when it was created. Lws never dereferences this pointer, it only - * sets it when the vhost is created, and returns it using this api. - */ -LWS_VISIBLE LWS_EXTERN void * -lws_vhost_user(struct lws_vhost *vhost); - -/** - * lws_context_user() - get the user data associated with the context - * \param context: Websocket context - * - * This returns the optional user allocation that can be attached to - * the context the sockets live in at context_create time. It's a way - * to let all sockets serviced in the same context share data without - * using globals statics in the user code. - */ -LWS_VISIBLE LWS_EXTERN void * -lws_context_user(struct lws_context *context); - -/*! \defgroup vhost-mounts Vhost mounts and options - * \ingroup context-and-vhost-creation - * - * ##Vhost mounts and options - */ -///@{ -/** struct lws_protocol_vhost_options - linked list of per-vhost protocol - * name=value options - * - * This provides a general way to attach a linked-list of name=value pairs, - * which can also have an optional child link-list using the options member. - */ -struct lws_protocol_vhost_options { - const struct lws_protocol_vhost_options *next; /**< linked list */ - const struct lws_protocol_vhost_options *options; /**< child linked-list of more options for this node */ - const char *name; /**< name of name=value pair */ - const char *value; /**< value of name=value pair */ -}; - -/** enum lws_mount_protocols - * This specifies the mount protocol for a mountpoint, whether it is to be - * served from a filesystem, or it is a cgi etc. - */ -enum lws_mount_protocols { - LWSMPRO_HTTP = 0, /**< http reverse proxy */ - LWSMPRO_HTTPS = 1, /**< https reverse proxy */ - LWSMPRO_FILE = 2, /**< serve from filesystem directory */ - LWSMPRO_CGI = 3, /**< pass to CGI to handle */ - LWSMPRO_REDIR_HTTP = 4, /**< redirect to http:// url */ - LWSMPRO_REDIR_HTTPS = 5, /**< redirect to https:// url */ - LWSMPRO_CALLBACK = 6, /**< hand by named protocol's callback */ -}; - -/** struct lws_http_mount - * - * arguments for mounting something in a vhost's url namespace - */ -struct lws_http_mount { - const struct lws_http_mount *mount_next; - /**< pointer to next struct lws_http_mount */ - const char *mountpoint; - /**< mountpoint in http pathspace, eg, "/" */ - const char *origin; - /**< path to be mounted, eg, "/var/www/warmcat.com" */ - const char *def; - /**< default target, eg, "index.html" */ - const char *protocol; - /**<"protocol-name" to handle mount */ - - const struct lws_protocol_vhost_options *cgienv; - /**< optional linked-list of cgi options. These are created - * as environment variables for the cgi process - */ - const struct lws_protocol_vhost_options *extra_mimetypes; - /**< optional linked-list of mimetype mappings */ - const struct lws_protocol_vhost_options *interpret; - /**< optional linked-list of files to be interpreted */ - - int cgi_timeout; - /**< seconds cgi is allowed to live, if cgi://mount type */ - int cache_max_age; - /**< max-age for reuse of client cache of files, seconds */ - unsigned int auth_mask; - /**< bits set here must be set for authorized client session */ - - unsigned int cache_reusable:1; /**< set if client cache may reuse this */ - unsigned int cache_revalidate:1; /**< set if client cache should revalidate on use */ - unsigned int cache_intermediaries:1; /**< set if intermediaries are allowed to cache */ - - unsigned char origin_protocol; /**< one of enum lws_mount_protocols */ - unsigned char mountpoint_len; /**< length of mountpoint string */ - - const char *basic_auth_login_file; - /** - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * must be included manually as - * - * #include - * - * if dbus apis needed - */ - -#if !defined(__LWS_DBUS_H__) -#define __LWS_DBUS_H__ - -#include - -/* helper type to simplify implementing methods as individual functions */ -typedef DBusHandlerResult (*lws_dbus_message_handler)(DBusConnection *conn, - DBusMessage *message, DBusMessage **reply, void *d); - -struct lws_dbus_ctx; -typedef void (*lws_dbus_closing_t)(struct lws_dbus_ctx *ctx); - -struct lws_dbus_ctx { - struct lws_dll next; /* dbusserver ctx: HEAD of accepted list */ - struct lws_vhost *vh; /* the vhost we logically bind to in lws */ - int tsi; /* the lws thread service index (0 if only one service - thread as is the default */ - DBusConnection *conn; - DBusServer *dbs; - DBusWatch *w[4]; - DBusPendingCall *pc; - - char hup; - char timeouts; - - /* cb_closing callback will be called after the connection and this - * related ctx struct have effectively gone out of scope. - * - * The callback should close and clean up the connection and free the - * ctx. - */ - lws_dbus_closing_t cb_closing; -}; - -/** - * lws_dbus_connection_setup() - bind dbus connection object to lws event loop - * - * \param ctx: additional information about the connection - * \param conn: the DBusConnection object to bind - * - * This configures a DBusConnection object to use lws for watchers and timeout - * operations. - */ -LWS_VISIBLE LWS_EXTERN int -lws_dbus_connection_setup(struct lws_dbus_ctx *ctx, DBusConnection *conn, - lws_dbus_closing_t cb_closing); - -/** - * lws_dbus_server_listen() - bind dbus connection object to lws event loop - * - * \param ctx: additional information about the connection - * \param ads: the DBUS address to listen on, eg, "unix:abstract=mysocket" - * \param err: a DBusError object to take any extra error information - * \param new_conn: a callback function to prepare new accepted connections - * - * This creates a DBusServer and binds it to the lws event loop, and your - * callback to accept new connections. - */ -LWS_VISIBLE LWS_EXTERN DBusServer * -lws_dbus_server_listen(struct lws_dbus_ctx *ctx, const char *ads, - DBusError *err, DBusNewConnectionFunction new_conn); - -#endif diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-diskcache.h b/thirdparty/libwebsockets/include/libwebsockets/lws-diskcache.h deleted file mode 100644 index eb63fdd855..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-diskcache.h +++ /dev/null @@ -1,185 +0,0 @@ -/* - * libwebsockets - disk cache helpers - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup diskcache LWS disk cache - * ## Disk cache API - * - * Lws provides helper apis useful if you need a disk cache containing hashed - * files and need to delete files from it on an LRU basis to keep it below some - * size limit. - * - * The API `lws_diskcache_prepare()` deals with creating the cache dir and - * 256 subdirs, which are used according to the first two chars of the hex - * hash of the cache file. - * - * `lws_diskcache_create()` and `lws_diskcache_destroy()` allocate and free - * an opaque struct that represents the disk cache. - * - * `lws_diskcache_trim()` should be called at eg, 1s intervals to perform the - * cache dir monitoring and LRU autodelete in the background lazily. It can - * be done in its own thread or on a timer... it monitors the directories in a - * stateful way that stats one or more file in the cache per call, and keeps - * a list of the oldest files as it goes. When it completes a scan, if the - * aggregate size is over the limit, it will delete oldest files first to try - * to keep it under the limit. - * - * The cache size monitoring is extremely efficient in time and memory even when - * the cache directory becomes huge. - * - * `lws_diskcache_query()` is used to determine if the file already exists in - * the cache, or if it must be created. If it must be created, then the file - * is opened using a temp name that must be converted to a findable name with - * `lws_diskcache_finalize_name()` when the generation of the file contents are - * complete. Aborted cached files that did not complete generation will be - * flushed by the LRU eventually. If the file already exists, it is 'touched' - * to make it new again and the fd returned. - * - */ -///@{ - -struct lws_diskcache_scan; - -/** - * lws_diskcache_create() - creates an opaque struct representing the disk cache - * - * \param cache_dir_base: The cache dir path, eg `/var/cache/mycache` - * \param cache_size_limit: maximum size on disk the cache is allowed to use - * - * This returns an opaque `struct lws_diskcache_scan *` which represents the - * disk cache, the trim scanning state and so on. You should use - * `lws_diskcache_destroy()` to free it to destroy it. - */ -LWS_VISIBLE LWS_EXTERN struct lws_diskcache_scan * -lws_diskcache_create(const char *cache_dir_base, uint64_t cache_size_limit); - -/** - * lws_diskcache_destroy() - destroys the pointer returned by ...create() - * - * \param lds: pointer to the pointer returned by lws_diskcache_create() - * - * Frees *lds and any allocations it did, and then sets *lds to NULL and - * returns. - */ -LWS_VISIBLE LWS_EXTERN void -lws_diskcache_destroy(struct lws_diskcache_scan **lds); - -/** - * lws_diskcache_prepare() - ensures the cache dir structure exists on disk - * - * \param cache_base_dir: The cache dir path, eg `/var/cache/mycache` - * \param mode: octal dir mode to enforce, like 0700 - * \param uid: uid the cache dir should belong to - * - * This should be called while your app is still privileged. It will create - * the cache directory structure on disk as necessary, enforce the given access - * mode on it and set the given uid as the owner. It won't make any trouble - * if the cache already exists. - * - * Typically the mode is 0700 and the owner is the user that your application - * will transition to use when it drops root privileges. - */ -LWS_VISIBLE LWS_EXTERN int -lws_diskcache_prepare(const char *cache_base_dir, int mode, int uid); - -#define LWS_DISKCACHE_QUERY_NO_CACHE 0 -#define LWS_DISKCACHE_QUERY_EXISTS 1 -#define LWS_DISKCACHE_QUERY_CREATING 2 -#define LWS_DISKCACHE_QUERY_ONGOING 3 /* something else is creating it */ - -/** - * lws_diskcache_query() - ensures the cache dir structure exists on disk - * - * \param lds: The opaque struct representing the disk cache - * \param is_bot: nonzero means the request is from a bot. Don't create new cache contents if so. - * \param hash_hex: hex string representation of the cache object hash - * \param _fd: pointer to the fd to be set - * \param cache: destination string to take the cache filepath - * \param cache_len: length of the buffer at `cache` - * \param extant_cache_len: pointer to a size_t to take any extant cached file size - * - * This function is called when you want to find if the hashed name already - * exists in the cache. The possibilities for the return value are - * - * - LWS_DISKCACHE_QUERY_NO_CACHE: It's not in the cache and you can't create - * it in the cache for whatever reason. - * - LWS_DISKCACHE_QUERY_EXISTS: It exists in the cache. It's open RDONLY and - * *_fd has been set to the file descriptor. *extant_cache_len has been set - * to the size of the cached file in bytes. cache has been set to the - * full filepath of the cached file. Closing _fd is your responsibility. - * - LWS_DISKCACHE_QUERY_CREATING: It didn't exist, but a temp file has been - * created in the cache and *_fd set to a file descriptor opened on it RDWR. - * You should create the contents, and call `lws_diskcache_finalize_name()` - * when it is done. Closing _fd is your responsibility. - * - LWS_DISKCACHE_QUERY_ONGOING: not returned by this api, but you may find it - * desirable to make a wrapper function which can handle another asynchronous - * process that is already creating the cached file. This can be used to - * indicate that situation externally... how to determine the same thing is - * already being generated is out of scope of this api. - */ -LWS_VISIBLE LWS_EXTERN int -lws_diskcache_query(struct lws_diskcache_scan *lds, int is_bot, - const char *hash_hex, int *_fd, char *cache, int cache_len, - size_t *extant_cache_len); - -/** - * lws_diskcache_query() - ensures the cache dir structure exists on disk - * - * \param cache: The cache file temp name returned with LWS_DISKCACHE_QUERY_CREATING - * - * This renames the cache file you are creating to its final name. It should - * be called on the temp name returned by `lws_diskcache_query()` if it gave a - * LWS_DISKCACHE_QUERY_CREATING return, after you have filled the cache file and - * closed it. - */ -LWS_VISIBLE LWS_EXTERN int -lws_diskcache_finalize_name(char *cache); - -/** - * lws_diskcache_trim() - performs one or more file checks in the cache for size management - * - * \param lds: The opaque object representing the cache - * - * This should be called periodically to statefully walk the cache on disk - * collecting the oldest files. When it has visited every file, if the cache - * is oversize it will delete the oldest files until it's back under size again. - * - * Each time it's called, it will look at one or more dir in the cache. If - * called when the cache is oversize, it increases the amount of work done each - * call until it is reduced again. Typically it will take 256 calls before it - * deletes anything, so if called once per second, it will delete files once - * every 4 minutes. Each call is very inexpensive both in memory and time. - */ -LWS_VISIBLE LWS_EXTERN int -lws_diskcache_trim(struct lws_diskcache_scan *lds); - - -/** - * lws_diskcache_secs_to_idle() - see how long to idle before calling trim - * - * \param lds: The opaque object representing the cache - * - * If the cache is undersize, there's no need to monitor it immediately. This - * suggests how long to "sleep" before calling `lws_diskcache_trim()` again. - */ -LWS_VISIBLE LWS_EXTERN int -lws_diskcache_secs_to_idle(struct lws_diskcache_scan *lds); diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-esp32.h b/thirdparty/libwebsockets/include/libwebsockets/lws-esp32.h deleted file mode 100644 index 2d1c0f42bb..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-esp32.h +++ /dev/null @@ -1,226 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -typedef int lws_sockfd_type; -typedef int lws_filefd_type; - -struct pollfd { - lws_sockfd_type fd; /**< fd related to */ - short events; /**< which POLL... events to respond to */ - short revents; /**< which POLL... events occurred */ -}; -#define POLLIN 0x0001 -#define POLLPRI 0x0002 -#define POLLOUT 0x0004 -#define POLLERR 0x0008 -#define POLLHUP 0x0010 -#define POLLNVAL 0x0020 - -#include -#include -#include -#include "esp_wifi.h" -#include "esp_system.h" -#include "esp_event.h" -#include "esp_event_loop.h" -#include "nvs.h" -#include "driver/gpio.h" -#include "esp_spi_flash.h" -#include "freertos/timers.h" - -#if !defined(CONFIG_FREERTOS_HZ) -#define CONFIG_FREERTOS_HZ 100 -#endif - -typedef TimerHandle_t uv_timer_t; -typedef void uv_cb_t(uv_timer_t *); -typedef void * uv_handle_t; - -struct timer_mapping { - uv_cb_t *cb; - uv_timer_t *t; -}; - -#define UV_VERSION_MAJOR 1 - -#define lws_uv_getloop(a, b) (NULL) - -static LWS_INLINE void uv_timer_init(void *l, uv_timer_t *t) -{ - (void)l; - *t = NULL; -} - -extern void esp32_uvtimer_cb(TimerHandle_t t); - -static LWS_INLINE void uv_timer_start(uv_timer_t *t, uv_cb_t *cb, int first, int rep) -{ - struct timer_mapping *tm = (struct timer_mapping *)malloc(sizeof(*tm)); - - if (!tm) - return; - - tm->t = t; - tm->cb = cb; - - *t = xTimerCreate("x", pdMS_TO_TICKS(first), !!rep, tm, - (TimerCallbackFunction_t)esp32_uvtimer_cb); - xTimerStart(*t, 0); -} - -static LWS_INLINE void uv_timer_stop(uv_timer_t *t) -{ - xTimerStop(*t, 0); -} - -static LWS_INLINE void uv_close(uv_handle_t *h, void *v) -{ - free(pvTimerGetTimerID((uv_timer_t)h)); - xTimerDelete(*(uv_timer_t *)h, 0); -} - -/* ESP32 helper declarations */ - -#include -#include - -#define LWS_PLUGIN_STATIC -#define LWS_MAGIC_REBOOT_TYPE_ADS 0x50001ffc -#define LWS_MAGIC_REBOOT_TYPE_REQ_FACTORY 0xb00bcafe -#define LWS_MAGIC_REBOOT_TYPE_FORCED_FACTORY 0xfaceb00b -#define LWS_MAGIC_REBOOT_TYPE_FORCED_FACTORY_BUTTON 0xf0cedfac -#define LWS_MAGIC_REBOOT_TYPE_REQ_FACTORY_ERASE_OTA 0xfac0eeee - -/* user code provides these */ - -extern void -lws_esp32_identify_physical_device(void); - -/* lws-plat-esp32 provides these */ - -typedef void (*lws_cb_scan_done)(uint16_t count, wifi_ap_record_t *recs, void *arg); - -enum genled_state { - LWSESP32_GENLED__INIT, - LWSESP32_GENLED__LOST_NETWORK, - LWSESP32_GENLED__NO_NETWORK, - LWSESP32_GENLED__CONN_AP, - LWSESP32_GENLED__GOT_IP, - LWSESP32_GENLED__OK, -}; - -struct lws_group_member { - struct lws_group_member *next; - uint64_t last_seen; - char model[16]; - char role[16]; - char host[32]; - char mac[20]; - int width, height; - struct ip4_addr addr; - struct ip6_addr addrv6; - uint8_t flags; -}; - -#define LWS_SYSTEM_GROUP_MEMBER_ADD 1 -#define LWS_SYSTEM_GROUP_MEMBER_CHANGE 2 -#define LWS_SYSTEM_GROUP_MEMBER_REMOVE 3 - -#define LWS_GROUP_FLAG_SELF 1 - -struct lws_esp32 { - char sta_ip[16]; - char sta_mask[16]; - char sta_gw[16]; - char serial[16]; - char opts[16]; - char model[16]; - char group[16]; - char role[16]; - char ssid[4][64]; - char password[4][64]; - char active_ssid[64]; - char access_pw[16]; - char hostname[32]; - char mac[20]; - char le_dns[64]; - char le_email[64]; - char region; - char inet; - char conn_ap; - - enum genled_state genled; - uint64_t genled_t; - - lws_cb_scan_done scan_consumer; - void *scan_consumer_arg; - struct lws_group_member *first; - int extant_group_members; - - char acme; - char upload; - - volatile char button_is_down; -}; - -struct lws_esp32_image { - uint32_t romfs; - uint32_t romfs_len; - uint32_t json; - uint32_t json_len; -}; - -extern struct lws_esp32 lws_esp32; -struct lws_vhost; - -extern esp_err_t -lws_esp32_event_passthru(void *ctx, system_event_t *event); -extern void -lws_esp32_wlan_config(void); -extern void -lws_esp32_wlan_start_ap(void); -extern void -lws_esp32_wlan_start_station(void); -struct lws_context_creation_info; -extern void -lws_esp32_set_creation_defaults(struct lws_context_creation_info *info); -extern struct lws_context * -lws_esp32_init(struct lws_context_creation_info *, struct lws_vhost **pvh); -extern int -lws_esp32_wlan_nvs_get(int retry); -extern esp_err_t -lws_nvs_set_str(nvs_handle handle, const char* key, const char* value); -extern void -lws_esp32_restart_guided(uint32_t type); -extern const esp_partition_t * -lws_esp_ota_get_boot_partition(void); -extern int -lws_esp32_get_image_info(const esp_partition_t *part, struct lws_esp32_image *i, char *json, int json_len); -extern int -lws_esp32_leds_network_indication(void); - -extern uint32_t lws_esp32_get_reboot_type(void); -extern uint16_t lws_esp32_sine_interp(int n); - -/* required in external code by esp32 plat (may just return if no leds) */ -extern void lws_esp32_leds_timer_cb(TimerHandle_t th); diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-fts.h b/thirdparty/libwebsockets/include/libwebsockets/lws-fts.h deleted file mode 100644 index 29405bd6fd..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-fts.h +++ /dev/null @@ -1,214 +0,0 @@ -/* - * libwebsockets - fulltext search - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup search Search - * - * ##Full-text search - * - * Lws provides superfast indexing and fulltext searching from index files on - * storage. - */ -///@{ - -struct lws_fts; -struct lws_fts_file; - -/* - * Queries produce their results in an lwsac, using these public API types. - * The first thing in the lwsac is always a struct lws_fts_result (see below) - * containing heads for linked-lists of the other result types. - */ - -/* one filepath's results */ - -struct lws_fts_result_filepath { - struct lws_fts_result_filepath *next; - int matches; /* logical number of matches */ - int matches_length; /* bytes in length table (may be zero) */ - int lines_in_file; - int filepath_length; - - /* - uint32_t line table follows (first for alignment) */ - /* - filepath (of filepath_length) follows */ -}; - -/* autocomplete result */ - -struct lws_fts_result_autocomplete { - struct lws_fts_result_autocomplete *next; - int instances; - int agg_instances; - int ac_length; - char elided; /* children skipped in interest of antecedent children */ - char has_children; - - /* - autocomplete suggestion (of length ac_length) follows */ -}; - -/* - * The results lwsac always starts with this. If no results and / or no - * autocomplete the members may be NULL. This implies the symbol nor any - * suffix on it exists in the trie file. - */ -struct lws_fts_result { - struct lws_fts_result_filepath *filepath_head; - struct lws_fts_result_autocomplete *autocomplete_head; - int duration_ms; - int effective_flags; /* the search flags that were used */ -}; - -/* - * index creation functions - */ - -/** - * lws_fts_create() - Create a new index file - * - * \param fd: The fd opened for write - * - * Inits a new index file, returning a struct lws_fts to represent it - */ -LWS_VISIBLE LWS_EXTERN struct lws_fts * -lws_fts_create(int fd); - -/** - * lws_fts_destroy() - Finalize a new index file / destroy the trie lwsac - * - * \param trie: The previously opened index being finalized - * - * Finalizes an index file that was being created, and frees the memory involved - * *trie is set to NULL afterwards. - */ -LWS_VISIBLE LWS_EXTERN void -lws_fts_destroy(struct lws_fts **trie); - -/** - * lws_fts_file_index() - Create a new entry in the trie file for an input path - * - * \param t: The previously opened index being written - * \param filepath: The filepath (which may be virtual) associated with this file - * \param filepath_len: The number of chars in the filepath - * \param priority: not used yet - * - * Returns an ordinal that represents this new filepath in the index file. - */ -LWS_VISIBLE LWS_EXTERN int -lws_fts_file_index(struct lws_fts *t, const char *filepath, int filepath_len, - int priority); - -/** - * lws_fts_fill() - Process all or a bufferload of input file - * - * \param t: The previously opened index being written - * \param file_index: The ordinal representing this input filepath - * \param buf: A bufferload of data from the input file - * \param len: The number of bytes in buf - * - * Indexes a buffer of data from the input file. - */ -LWS_VISIBLE LWS_EXTERN int -lws_fts_fill(struct lws_fts *t, uint32_t file_index, const char *buf, - size_t len); - -/** - * lws_fts_serialize() - Store the in-memory trie into the index file - * - * \param t: The previously opened index being written - * - * The trie is held in memory where it can be added to... after all the input - * filepaths and data have been processed, this is called to serialize / - * write the trie data into the index file. - */ -LWS_VISIBLE LWS_EXTERN int -lws_fts_serialize(struct lws_fts *t); - -/* - * index search functions - */ - -/** - * lws_fts_open() - Open an existing index file to search it - * - * \param filepath: The filepath to the index file to open - * - * Opening the index file returns an opaque struct lws_fts_file * that is - * used to perform other operations on it, or NULL if it can't be opened. - */ -LWS_VISIBLE LWS_EXTERN struct lws_fts_file * -lws_fts_open(const char *filepath); - -#define LWSFTS_F_QUERY_AUTOCOMPLETE (1 << 0) -#define LWSFTS_F_QUERY_FILES (1 << 1) -#define LWSFTS_F_QUERY_FILE_LINES (1 << 2) -#define LWSFTS_F_QUERY_QUOTE_LINE (1 << 3) - -struct lws_fts_search_params { - /* the actual search term */ - const char *needle; - /* if non-NULL, FILE results for this filepath only */ - const char *only_filepath; - /* will be set to the results lwsac */ - struct lwsac *results_head; - /* combination of LWSFTS_F_QUERY_* flags */ - int flags; - /* maximum number of autocomplete suggestions to return */ - int max_autocomplete; - /* maximum number of filepaths to return */ - int max_files; - /* maximum number of line number results to return per filepath */ - int max_lines; -}; - -/** - * lws_fts_search() - Perform a search operation on an index - * - * \param jtf: The index file struct returned by lws_fts_open - * \param ftsp: The struct lws_fts_search_params filled in by the caller - * - * The caller should memset the ftsp struct to 0 to ensure members that may be - * introduced in later versions contain known values, then set the related - * members to describe the kind of search action required. - * - * ftsp->results_head is the results lwsac, or NULL. It should be freed with - * lwsac_free() when the results are finished with. - * - * Returns a pointer into the results lwsac that is a struct lws_fts_result - * containing the head pointers into linked-lists of results for autocomplete - * and filepath data, along with some sundry information. This does not need - * to be freed since freeing the lwsac will also remove this and everything it - * points to. - */ -LWS_VISIBLE LWS_EXTERN struct lws_fts_result * -lws_fts_search(struct lws_fts_file *jtf, struct lws_fts_search_params *ftsp); - -/** - * lws_fts_close() - Close a previously-opened index file - * - * \param jtf: The pointer returned from the open - * - * Closes the file handle on the index and frees any allocations - */ -LWS_VISIBLE LWS_EXTERN void -lws_fts_close(struct lws_fts_file *jtf); - -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-genhash.h b/thirdparty/libwebsockets/include/libwebsockets/lws-genhash.h deleted file mode 100644 index a2e4f8ab6a..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-genhash.h +++ /dev/null @@ -1,171 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup generic hash - * ## Generic Hash related functions - * - * Lws provides generic hash / digest accessors that abstract the ones - * provided by whatever OpenSSL library you are linking against. - * - * It lets you use the same code if you build against mbedtls or OpenSSL - * for example. - */ -///@{ - -enum lws_genhash_types { - LWS_GENHASH_TYPE_SHA1, - LWS_GENHASH_TYPE_SHA256, - LWS_GENHASH_TYPE_SHA384, - LWS_GENHASH_TYPE_SHA512, -}; - -enum lws_genhmac_types { - LWS_GENHMAC_TYPE_SHA256, - LWS_GENHMAC_TYPE_SHA384, - LWS_GENHMAC_TYPE_SHA512, -}; - -#define LWS_GENHASH_LARGEST 64 - -struct lws_genhash_ctx { - uint8_t type; -#if defined(LWS_WITH_MBEDTLS) - union { - mbedtls_sha1_context sha1; - mbedtls_sha256_context sha256; - mbedtls_sha512_context sha512; /* 384 also uses this */ - const mbedtls_md_info_t *hmac; - } u; -#else - const EVP_MD *evp_type; - EVP_MD_CTX *mdctx; -#endif -}; - -struct lws_genhmac_ctx { - uint8_t type; -#if defined(LWS_WITH_MBEDTLS) - const mbedtls_md_info_t *hmac; - mbedtls_md_context_t ctx; -#else - const EVP_MD *evp_type; - EVP_MD_CTX *ctx; -#endif -}; - -/** lws_genhash_size() - get hash size in bytes - * - * \param type: one of LWS_GENHASH_TYPE_... - * - * Returns number of bytes in this type of hash - */ -LWS_VISIBLE LWS_EXTERN size_t LWS_WARN_UNUSED_RESULT -lws_genhash_size(enum lws_genhash_types type); - -/** lws_genhmac_size() - get hash size in bytes - * - * \param type: one of LWS_GENHASH_TYPE_... - * - * Returns number of bytes in this type of hmac - */ -LWS_VISIBLE LWS_EXTERN size_t LWS_WARN_UNUSED_RESULT -lws_genhmac_size(enum lws_genhmac_types type); - -/** lws_genhash_init() - prepare your struct lws_genhash_ctx for use - * - * \param ctx: your struct lws_genhash_ctx - * \param type: one of LWS_GENHASH_TYPE_... - * - * Initializes the hash context for the type you requested - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type); - -/** lws_genhash_update() - digest len bytes of the buffer starting at in - * - * \param ctx: your struct lws_genhash_ctx - * \param in: start of the bytes to digest - * \param len: count of bytes to digest - * - * Updates the state of your hash context to reflect digesting len bytes from in - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_genhash_update(struct lws_genhash_ctx *ctx, const void *in, size_t len); - -/** lws_genhash_destroy() - copy out the result digest and destroy the ctx - * - * \param ctx: your struct lws_genhash_ctx - * \param result: NULL, or where to copy the result hash - * - * Finalizes the hash and copies out the digest. Destroys any allocations such - * that ctx can safely go out of scope after calling this. - * - * NULL result is supported so that you can destroy the ctx cleanly on error - * conditions, where there is no valid result. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result); - -/** lws_genhmac_init() - prepare your struct lws_genhmac_ctx for use - * - * \param ctx: your struct lws_genhmac_ctx - * \param type: one of LWS_GENHMAC_TYPE_... - * \param key: pointer to the start of the HMAC key - * \param key_len: length of the HMAC key - * - * Initializes the hash context for the type you requested - * - * If the return is nonzero, it failed and there is nothing needing to be - * destroyed. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type, - const uint8_t *key, size_t key_len); - -/** lws_genhmac_update() - digest len bytes of the buffer starting at in - * - * \param ctx: your struct lws_genhmac_ctx - * \param in: start of the bytes to digest - * \param len: count of bytes to digest - * - * Updates the state of your hash context to reflect digesting len bytes from in - * - * If the return is nonzero, it failed and needs destroying. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len); - -/** lws_genhmac_destroy() - copy out the result digest and destroy the ctx - * - * \param ctx: your struct lws_genhmac_ctx - * \param result: NULL, or where to copy the result hash - * - * Finalizes the hash and copies out the digest. Destroys any allocations such - * that ctx can safely go out of scope after calling this. - * - * NULL result is supported so that you can destroy the ctx cleanly on error - * conditions, where there is no valid result. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result); -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-genrsa.h b/thirdparty/libwebsockets/include/libwebsockets/lws-genrsa.h deleted file mode 100644 index 3e427e2927..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-genrsa.h +++ /dev/null @@ -1,190 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup generic RSA - * ## Generic RSA related functions - * - * Lws provides generic RSA functions that abstract the ones - * provided by whatever OpenSSL library you are linking against. - * - * It lets you use the same code if you build against mbedtls or OpenSSL - * for example. - */ -///@{ - -enum enum_jwk_tok { - JWK_KEY_E, - JWK_KEY_N, - JWK_KEY_D, - JWK_KEY_P, - JWK_KEY_Q, - JWK_KEY_DP, - JWK_KEY_DQ, - JWK_KEY_QI, - JWK_KTY, /* also serves as count of real elements */ - JWK_KEY, -}; - -#define LWS_COUNT_RSA_ELEMENTS JWK_KTY - -struct lws_genrsa_ctx { -#if defined(LWS_WITH_MBEDTLS) - mbedtls_rsa_context *ctx; -#else - BIGNUM *bn[LWS_COUNT_RSA_ELEMENTS]; - RSA *rsa; -#endif -}; - -struct lws_genrsa_element { - uint8_t *buf; - uint16_t len; -}; - -struct lws_genrsa_elements { - struct lws_genrsa_element e[LWS_COUNT_RSA_ELEMENTS]; -}; - -/** lws_jwk_destroy_genrsa_elements() - Free allocations in genrsa_elements - * - * \param el: your struct lws_genrsa_elements - * - * This is a helper for user code making use of struct lws_genrsa_elements - * where the elements are allocated on the heap, it frees any non-NULL - * buf element and sets the buf to NULL. - * - * NB: lws_genrsa_public_... apis do not need this as they take care of the key - * creation and destruction themselves. - */ -LWS_VISIBLE LWS_EXTERN void -lws_jwk_destroy_genrsa_elements(struct lws_genrsa_elements *el); - -/** lws_genrsa_public_decrypt_create() - Create RSA public decrypt context - * - * \param ctx: your struct lws_genrsa_ctx - * \param el: struct prepared with key element data - * - * Creates an RSA context with a public key associated with it, formed from - * the key elements in \p el. - * - * Returns 0 for OK or nonzero for error. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_create(struct lws_genrsa_ctx *ctx, struct lws_genrsa_elements *el); - -/** lws_genrsa_new_keypair() - Create new RSA keypair - * - * \param context: your struct lws_context (may be used for RNG) - * \param ctx: your struct lws_genrsa_ctx - * \param el: struct to get the new key element data allocated into it - * \param bits: key size, eg, 4096 - * - * Creates a new RSA context and generates a new keypair into it, with \p bits - * bits. - * - * Returns 0 for OK or nonzero for error. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx, - struct lws_genrsa_elements *el, int bits); - -/** lws_genrsa_public_decrypt() - Perform RSA public decryption - * - * \param ctx: your struct lws_genrsa_ctx - * \param in: encrypted input - * \param in_len: length of encrypted input - * \param out: decrypted output - * \param out_max: size of output buffer - * - * Performs the decryption. - * - * Returns <0 for error, or length of decrypted data. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, - size_t in_len, uint8_t *out, size_t out_max); - -/** lws_genrsa_public_verify() - Perform RSA public verification - * - * \param ctx: your struct lws_genrsa_ctx - * \param in: unencrypted payload (usually a recomputed hash) - * \param hash_type: one of LWS_GENHASH_TYPE_ - * \param sig: pointer to the signature we received with the payload - * \param sig_len: length of the signature we are checking in bytes - * - * Returns <0 for error, or 0 if signature matches the payload + key. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_public_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in, - enum lws_genhash_types hash_type, - const uint8_t *sig, size_t sig_len); - -/** lws_genrsa_public_sign() - Create RSA signature - * - * \param ctx: your struct lws_genrsa_ctx - * \param in: precomputed hash - * \param hash_type: one of LWS_GENHASH_TYPE_ - * \param sig: pointer to buffer to take signature - * \param sig_len: length of the buffer (must be >= length of key N) - * - * Returns <0 for error, or 0 for success. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_public_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in, - enum lws_genhash_types hash_type, uint8_t *sig, - size_t sig_len); - -/** lws_genrsa_public_decrypt_destroy() - Destroy RSA public decrypt context - * - * \param ctx: your struct lws_genrsa_ctx - * - * Destroys any allocations related to \p ctx. - * - * This and related APIs operate identically with OpenSSL or mbedTLS backends. - */ -LWS_VISIBLE LWS_EXTERN void -lws_genrsa_destroy(struct lws_genrsa_ctx *ctx); - -/** lws_genrsa_render_pkey_asn1() - Exports public or private key to ASN1/DER - * - * \param ctx: your struct lws_genrsa_ctx - * \param _private: 0 = public part only, 1 = all parts of the key - * \param pkey_asn1: pointer to buffer to take the ASN1 - * \param pkey_asn1_len: max size of the pkey_asn1_len - * - * Returns length of pkey_asn1 written, or -1 for error. - */ -LWS_VISIBLE LWS_EXTERN int -lws_genrsa_render_pkey_asn1(struct lws_genrsa_ctx *ctx, int _private, - uint8_t *pkey_asn1, size_t pkey_asn1_len); -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-http.h b/thirdparty/libwebsockets/include/libwebsockets/lws-http.h deleted file mode 100644 index eb3d826ebd..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-http.h +++ /dev/null @@ -1,685 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/* minimal space for typical headers and CSP stuff */ - -#define LWS_RECOMMENDED_MIN_HEADER_SPACE 2048 - -/*! \defgroup http HTTP - - Modules related to handling HTTP -*/ -//@{ - -/*! \defgroup httpft HTTP File transfer - * \ingroup http - - APIs for sending local files in response to HTTP requests -*/ -//@{ - -/** - * lws_get_mimetype() - Determine mimetype to use from filename - * - * \param file: filename - * \param m: NULL, or mount context - * - * This uses a canned list of known filetypes first, if no match and m is - * non-NULL, then tries a list of per-mount file suffix to mimtype mappings. - * - * Returns either NULL or a pointer to the mimetype matching the file. - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_get_mimetype(const char *file, const struct lws_http_mount *m); - -/** - * lws_serve_http_file() - Send a file back to the client using http - * \param wsi: Websocket instance (available from user callback) - * \param file: The file to issue over http - * \param content_type: The http content type, eg, text/html - * \param other_headers: NULL or pointer to header string - * \param other_headers_len: length of the other headers if non-NULL - * - * This function is intended to be called from the callback in response - * to http requests from the client. It allows the callback to issue - * local files down the http link in a single step. - * - * Returning <0 indicates error and the wsi should be closed. Returning - * >0 indicates the file was completely sent and - * lws_http_transaction_completed() called on the wsi (and close if != 0) - * ==0 indicates the file transfer is started and needs more service later, - * the wsi should be left alone. - */ -LWS_VISIBLE LWS_EXTERN int -lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, - const char *other_headers, int other_headers_len); - -LWS_VISIBLE LWS_EXTERN int -lws_serve_http_file_fragment(struct lws *wsi); -//@} - - -enum http_status { - HTTP_STATUS_CONTINUE = 100, - - HTTP_STATUS_OK = 200, - HTTP_STATUS_NO_CONTENT = 204, - HTTP_STATUS_PARTIAL_CONTENT = 206, - - HTTP_STATUS_MOVED_PERMANENTLY = 301, - HTTP_STATUS_FOUND = 302, - HTTP_STATUS_SEE_OTHER = 303, - HTTP_STATUS_NOT_MODIFIED = 304, - - HTTP_STATUS_BAD_REQUEST = 400, - HTTP_STATUS_UNAUTHORIZED, - HTTP_STATUS_PAYMENT_REQUIRED, - HTTP_STATUS_FORBIDDEN, - HTTP_STATUS_NOT_FOUND, - HTTP_STATUS_METHOD_NOT_ALLOWED, - HTTP_STATUS_NOT_ACCEPTABLE, - HTTP_STATUS_PROXY_AUTH_REQUIRED, - HTTP_STATUS_REQUEST_TIMEOUT, - HTTP_STATUS_CONFLICT, - HTTP_STATUS_GONE, - HTTP_STATUS_LENGTH_REQUIRED, - HTTP_STATUS_PRECONDITION_FAILED, - HTTP_STATUS_REQ_ENTITY_TOO_LARGE, - HTTP_STATUS_REQ_URI_TOO_LONG, - HTTP_STATUS_UNSUPPORTED_MEDIA_TYPE, - HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE, - HTTP_STATUS_EXPECTATION_FAILED, - - HTTP_STATUS_INTERNAL_SERVER_ERROR = 500, - HTTP_STATUS_NOT_IMPLEMENTED, - HTTP_STATUS_BAD_GATEWAY, - HTTP_STATUS_SERVICE_UNAVAILABLE, - HTTP_STATUS_GATEWAY_TIMEOUT, - HTTP_STATUS_HTTP_VERSION_NOT_SUPPORTED, -}; -/*! \defgroup html-chunked-substitution HTML Chunked Substitution - * \ingroup http - * - * ##HTML chunked Substitution - * - * APIs for receiving chunks of text, replacing a set of variable names via - * a callback, and then prepending and appending HTML chunked encoding - * headers. - */ -//@{ - -struct lws_process_html_args { - char *p; /**< pointer to the buffer containing the data */ - int len; /**< length of the original data at p */ - int max_len; /**< maximum length we can grow the data to */ - int final; /**< set if this is the last chunk of the file */ - int chunked; /**< 0 == unchunked, 1 == produce chunk headers - (incompatible with HTTP/2) */ -}; - -typedef const char *(*lws_process_html_state_cb)(void *data, int index); - -struct lws_process_html_state { - char *start; /**< pointer to start of match */ - char swallow[16]; /**< matched character buffer */ - int pos; /**< position in match */ - void *data; /**< opaque pointer */ - const char * const *vars; /**< list of variable names */ - int count_vars; /**< count of variable names */ - - lws_process_html_state_cb replace; - /**< called on match to perform substitution */ -}; - -/*! lws_chunked_html_process() - generic chunked substitution - * \param args: buffer to process using chunked encoding - * \param s: current processing state - */ -LWS_VISIBLE LWS_EXTERN int -lws_chunked_html_process(struct lws_process_html_args *args, - struct lws_process_html_state *s); -//@} - -/** \defgroup HTTP-headers-read HTTP headers: read - * \ingroup http - * - * ##HTTP header releated functions - * - * In lws the client http headers are temporarily stored in a pool, only for the - * duration of the http part of the handshake. It's because in most cases, - * the header content is ignored for the whole rest of the connection lifetime - * and would then just be taking up space needlessly. - * - * During LWS_CALLBACK_HTTP when the URI path is delivered is the last time - * the http headers are still allocated, you can use these apis then to - * look at and copy out interesting header content (cookies, etc) - * - * Notice that the header total length reported does not include a terminating - * '\0', however you must allocate for it when using the _copy apis. So the - * length reported for a header containing "123" is 3, but you must provide - * a buffer of length 4 so that "123\0" may be copied into it, or the copy - * will fail with a nonzero return code. - * - * In the special case of URL arguments, like ?x=1&y=2, the arguments are - * stored in a token named for the method, eg, WSI_TOKEN_GET_URI if it - * was a GET or WSI_TOKEN_POST_URI if POST. You can check the total - * length to confirm the method. - * - * For URL arguments, each argument is stored urldecoded in a "fragment", so - * you can use the fragment-aware api lws_hdr_copy_fragment() to access each - * argument in turn: the fragments contain urldecoded strings like x=1 or y=2. - * - * As a convenience, lws has an api that will find the fragment with a - * given name= part, lws_get_urlarg_by_name(). - */ -///@{ - -/** struct lws_tokens - * you need these to look at headers that have been parsed if using the - * LWS_CALLBACK_FILTER_CONNECTION callback. If a header from the enum - * list below is absent, .token = NULL and len = 0. Otherwise .token - * points to .len chars containing that header content. - */ -struct lws_tokens { - char *token; /**< pointer to start of the token */ - int len; /**< length of the token's value */ -}; - -/* enum lws_token_indexes - * these have to be kept in sync with lextable.h / minilex.c - * - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -enum lws_token_indexes { - WSI_TOKEN_GET_URI = 0, - WSI_TOKEN_POST_URI = 1, - WSI_TOKEN_OPTIONS_URI = 2, - WSI_TOKEN_HOST = 3, - WSI_TOKEN_CONNECTION = 4, - WSI_TOKEN_UPGRADE = 5, - WSI_TOKEN_ORIGIN = 6, - WSI_TOKEN_DRAFT = 7, - WSI_TOKEN_CHALLENGE = 8, - WSI_TOKEN_EXTENSIONS = 9, - WSI_TOKEN_KEY1 = 10, - WSI_TOKEN_KEY2 = 11, - WSI_TOKEN_PROTOCOL = 12, - WSI_TOKEN_ACCEPT = 13, - WSI_TOKEN_NONCE = 14, - WSI_TOKEN_HTTP = 15, - WSI_TOKEN_HTTP2_SETTINGS = 16, - WSI_TOKEN_HTTP_ACCEPT = 17, - WSI_TOKEN_HTTP_AC_REQUEST_HEADERS = 18, - WSI_TOKEN_HTTP_IF_MODIFIED_SINCE = 19, - WSI_TOKEN_HTTP_IF_NONE_MATCH = 20, - WSI_TOKEN_HTTP_ACCEPT_ENCODING = 21, - WSI_TOKEN_HTTP_ACCEPT_LANGUAGE = 22, - WSI_TOKEN_HTTP_PRAGMA = 23, - WSI_TOKEN_HTTP_CACHE_CONTROL = 24, - WSI_TOKEN_HTTP_AUTHORIZATION = 25, - WSI_TOKEN_HTTP_COOKIE = 26, - WSI_TOKEN_HTTP_CONTENT_LENGTH = 27, - WSI_TOKEN_HTTP_CONTENT_TYPE = 28, - WSI_TOKEN_HTTP_DATE = 29, - WSI_TOKEN_HTTP_RANGE = 30, - WSI_TOKEN_HTTP_REFERER = 31, - WSI_TOKEN_KEY = 32, - WSI_TOKEN_VERSION = 33, - WSI_TOKEN_SWORIGIN = 34, - - WSI_TOKEN_HTTP_COLON_AUTHORITY = 35, - WSI_TOKEN_HTTP_COLON_METHOD = 36, - WSI_TOKEN_HTTP_COLON_PATH = 37, - WSI_TOKEN_HTTP_COLON_SCHEME = 38, - WSI_TOKEN_HTTP_COLON_STATUS = 39, - - WSI_TOKEN_HTTP_ACCEPT_CHARSET = 40, - WSI_TOKEN_HTTP_ACCEPT_RANGES = 41, - WSI_TOKEN_HTTP_ACCESS_CONTROL_ALLOW_ORIGIN = 42, - WSI_TOKEN_HTTP_AGE = 43, - WSI_TOKEN_HTTP_ALLOW = 44, - WSI_TOKEN_HTTP_CONTENT_DISPOSITION = 45, - WSI_TOKEN_HTTP_CONTENT_ENCODING = 46, - WSI_TOKEN_HTTP_CONTENT_LANGUAGE = 47, - WSI_TOKEN_HTTP_CONTENT_LOCATION = 48, - WSI_TOKEN_HTTP_CONTENT_RANGE = 49, - WSI_TOKEN_HTTP_ETAG = 50, - WSI_TOKEN_HTTP_EXPECT = 51, - WSI_TOKEN_HTTP_EXPIRES = 52, - WSI_TOKEN_HTTP_FROM = 53, - WSI_TOKEN_HTTP_IF_MATCH = 54, - WSI_TOKEN_HTTP_IF_RANGE = 55, - WSI_TOKEN_HTTP_IF_UNMODIFIED_SINCE = 56, - WSI_TOKEN_HTTP_LAST_MODIFIED = 57, - WSI_TOKEN_HTTP_LINK = 58, - WSI_TOKEN_HTTP_LOCATION = 59, - WSI_TOKEN_HTTP_MAX_FORWARDS = 60, - WSI_TOKEN_HTTP_PROXY_AUTHENTICATE = 61, - WSI_TOKEN_HTTP_PROXY_AUTHORIZATION = 62, - WSI_TOKEN_HTTP_REFRESH = 63, - WSI_TOKEN_HTTP_RETRY_AFTER = 64, - WSI_TOKEN_HTTP_SERVER = 65, - WSI_TOKEN_HTTP_SET_COOKIE = 66, - WSI_TOKEN_HTTP_STRICT_TRANSPORT_SECURITY = 67, - WSI_TOKEN_HTTP_TRANSFER_ENCODING = 68, - WSI_TOKEN_HTTP_USER_AGENT = 69, - WSI_TOKEN_HTTP_VARY = 70, - WSI_TOKEN_HTTP_VIA = 71, - WSI_TOKEN_HTTP_WWW_AUTHENTICATE = 72, - - WSI_TOKEN_PATCH_URI = 73, - WSI_TOKEN_PUT_URI = 74, - WSI_TOKEN_DELETE_URI = 75, - - WSI_TOKEN_HTTP_URI_ARGS = 76, - WSI_TOKEN_PROXY = 77, - WSI_TOKEN_HTTP_X_REAL_IP = 78, - WSI_TOKEN_HTTP1_0 = 79, - WSI_TOKEN_X_FORWARDED_FOR = 80, - WSI_TOKEN_CONNECT = 81, - WSI_TOKEN_HEAD_URI = 82, - WSI_TOKEN_TE = 83, - WSI_TOKEN_REPLAY_NONCE = 84, - WSI_TOKEN_COLON_PROTOCOL = 85, - WSI_TOKEN_X_AUTH_TOKEN = 86, - - /****** add new things just above ---^ ******/ - - /* use token storage to stash these internally, not for - * user use */ - - _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, - _WSI_TOKEN_CLIENT_PEER_ADDRESS, - _WSI_TOKEN_CLIENT_URI, - _WSI_TOKEN_CLIENT_HOST, - _WSI_TOKEN_CLIENT_ORIGIN, - _WSI_TOKEN_CLIENT_METHOD, - _WSI_TOKEN_CLIENT_IFACE, - _WSI_TOKEN_CLIENT_ALPN, - - /* always last real token index*/ - WSI_TOKEN_COUNT, - - /* parser state additions, no storage associated */ - WSI_TOKEN_NAME_PART, - WSI_TOKEN_SKIPPING, - WSI_TOKEN_SKIPPING_SAW_CR, - WSI_PARSING_COMPLETE, - WSI_INIT_TOKEN_MUXURL, -}; - -struct lws_token_limits { - unsigned short token_limit[WSI_TOKEN_COUNT]; /**< max chars for this token */ -}; - -/** - * lws_token_to_string() - returns a textual representation of a hdr token index - * - * \param token: token index - */ -LWS_VISIBLE LWS_EXTERN const unsigned char * -lws_token_to_string(enum lws_token_indexes token); - -/** - * lws_hdr_total_length: report length of all fragments of a header totalled up - * The returned length does not include the space for a - * terminating '\0' - * - * \param wsi: websocket connection - * \param h: which header index we are interested in - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h); - -/** - * lws_hdr_fragment_length: report length of a single fragment of a header - * The returned length does not include the space for a - * terminating '\0' - * - * \param wsi: websocket connection - * \param h: which header index we are interested in - * \param frag_idx: which fragment of h we want to get the length of - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_hdr_fragment_length(struct lws *wsi, enum lws_token_indexes h, - int frag_idx); - -/** - * lws_hdr_copy() - copy all fragments of the given header to a buffer - * The buffer length len must include space for an additional - * terminating '\0', or it will fail returning -1. - * - * \param wsi: websocket connection - * \param dest: destination buffer - * \param len: length of destination buffer - * \param h: which header index we are interested in - * - * copies the whole, aggregated header, even if it was delivered in - * several actual headers piece by piece. Returns -1 or length of the whole - * header. - */ -LWS_VISIBLE LWS_EXTERN int -lws_hdr_copy(struct lws *wsi, char *dest, int len, enum lws_token_indexes h); - -/** - * lws_hdr_copy_fragment() - copy a single fragment of the given header to a buffer - * The buffer length len must include space for an additional - * terminating '\0', or it will fail returning -1. - * If the requested fragment index is not present, it fails - * returning -1. - * - * \param wsi: websocket connection - * \param dest: destination buffer - * \param len: length of destination buffer - * \param h: which header index we are interested in - * \param frag_idx: which fragment of h we want to copy - * - * Normally this is only useful - * to parse URI arguments like ?x=1&y=2, token index WSI_TOKEN_HTTP_URI_ARGS - * fragment 0 will contain "x=1" and fragment 1 "y=2" - */ -LWS_VISIBLE LWS_EXTERN int -lws_hdr_copy_fragment(struct lws *wsi, char *dest, int len, - enum lws_token_indexes h, int frag_idx); - -/** - * lws_get_urlarg_by_name() - return pointer to arg value if present - * \param wsi: the connection to check - * \param name: the arg name, like "token=" - * \param buf: the buffer to receive the urlarg (including the name= part) - * \param len: the length of the buffer to receive the urlarg - * - * Returns NULL if not found or a pointer inside buf to just after the - * name= part. - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_get_urlarg_by_name(struct lws *wsi, const char *name, char *buf, int len); -///@} - -/*! \defgroup HTTP-headers-create HTTP headers: create - * - * ## HTTP headers: Create - * - * These apis allow you to create HTTP response headers in a way compatible with - * both HTTP/1.x and HTTP/2. - * - * They each append to a buffer taking care about the buffer end, which is - * passed in as a pointer. When data is written to the buffer, the current - * position p is updated accordingly. - * - * All of these apis are LWS_WARN_UNUSED_RESULT as they can run out of space - * and fail with nonzero return. - */ -///@{ - -#define LWSAHH_CODE_MASK ((1 << 16) - 1) -#define LWSAHH_FLAG_NO_SERVER_NAME (1 << 30) - -/** - * lws_add_http_header_status() - add the HTTP response status code - * - * \param wsi: the connection to check - * \param code: an HTTP code like 200, 404 etc (see enum http_status) - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Adds the initial response code, so should be called first. - * - * Code may additionally take OR'd flags: - * - * LWSAHH_FLAG_NO_SERVER_NAME: don't apply server name header this time - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_add_http_header_status(struct lws *wsi, - unsigned int code, unsigned char **p, - unsigned char *end); -/** - * lws_add_http_header_by_name() - append named header and value - * - * \param wsi: the connection to check - * \param name: the hdr name, like "my-header" - * \param value: the value after the = for this header - * \param length: the length of the value - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Appends name: value to the headers - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_add_http_header_by_name(struct lws *wsi, const unsigned char *name, - const unsigned char *value, int length, - unsigned char **p, unsigned char *end); -/** - * lws_add_http_header_by_token() - append given header and value - * - * \param wsi: the connection to check - * \param token: the token index for the hdr - * \param value: the value after the = for this header - * \param length: the length of the value - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Appends name=value to the headers, but is able to take advantage of better - * HTTP/2 coding mechanisms where possible. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_add_http_header_by_token(struct lws *wsi, enum lws_token_indexes token, - const unsigned char *value, int length, - unsigned char **p, unsigned char *end); -/** - * lws_add_http_header_content_length() - append content-length helper - * - * \param wsi: the connection to check - * \param content_length: the content length to use - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Appends content-length: content_length to the headers - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_add_http_header_content_length(struct lws *wsi, - lws_filepos_t content_length, - unsigned char **p, unsigned char *end); -/** - * lws_finalize_http_header() - terminate header block - * - * \param wsi: the connection to check - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Indicates no more headers will be added - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_finalize_http_header(struct lws *wsi, unsigned char **p, - unsigned char *end); - -/** - * lws_finalize_write_http_header() - Helper finializing and writing http headers - * - * \param wsi: the connection to check - * \param start: pointer to the start of headers in the buffer, eg &buf[LWS_PRE] - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Terminates the headers correctly accoring to the protocol in use (h1 / h2) - * and writes the headers. Returns nonzero for error. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_finalize_write_http_header(struct lws *wsi, unsigned char *start, - unsigned char **p, unsigned char *end); - -#define LWS_ILLEGAL_HTTP_CONTENT_LEN ((lws_filepos_t)-1ll) - -/** - * lws_add_http_common_headers() - Helper preparing common http headers - * - * \param wsi: the connection to check - * \param code: an HTTP code like 200, 404 etc (see enum http_status) - * \param content_type: the content type, like "text/html" - * \param content_len: the content length, in bytes - * \param p: pointer to current position in buffer pointer - * \param end: pointer to end of buffer - * - * Adds the initial response code, so should be called first. - * - * Code may additionally take OR'd flags: - * - * LWSAHH_FLAG_NO_SERVER_NAME: don't apply server name header this time - * - * This helper just calls public apis to simplify adding headers that are - * commonly needed. If it doesn't fit your case, or you want to add additional - * headers just call the public apis directly yourself for what you want. - * - * You can miss out the content length header by providing the constant - * LWS_ILLEGAL_HTTP_CONTENT_LEN for the content_len. - * - * It does not call lws_finalize_http_header(), to allow you to add further - * headers after calling this. You will need to call that yourself at the end. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_add_http_common_headers(struct lws *wsi, unsigned int code, - const char *content_type, lws_filepos_t content_len, - unsigned char **p, unsigned char *end); - -///@} - -/*! \defgroup urlendec Urlencode and Urldecode - * \ingroup http - * - * ##HTML chunked Substitution - * - * APIs for receiving chunks of text, replacing a set of variable names via - * a callback, and then prepending and appending HTML chunked encoding - * headers. - */ -//@{ - -/** - * lws_urlencode() - like strncpy but with urlencoding - * - * \param escaped: output buffer - * \param string: input buffer ('/0' terminated) - * \param len: output buffer max length - * - * Because urlencoding expands the output string, it's not - * possible to do it in-place, ie, with escaped == string - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_urlencode(char *escaped, const char *string, int len); - -/* - * URLDECODE 1 / 2 - * - * This simple urldecode only operates until the first '\0' and requires the - * data to exist all at once - */ -/** - * lws_urldecode() - like strncpy but with urldecoding - * - * \param string: output buffer - * \param escaped: input buffer ('\0' terminated) - * \param len: output buffer max length - * - * This is only useful for '\0' terminated strings - * - * Since urldecoding only shrinks the output string, it is possible to - * do it in-place, ie, string == escaped - * - * Returns 0 if completed OK or nonzero for urldecode violation (non-hex chars - * where hex required, etc) - */ -LWS_VISIBLE LWS_EXTERN int -lws_urldecode(char *string, const char *escaped, int len); -///@} - -/** - * lws_return_http_status() - Return simple http status - * \param wsi: Websocket instance (available from user callback) - * \param code: Status index, eg, 404 - * \param html_body: User-readable HTML description < 1KB, or NULL - * - * Helper to report HTTP errors back to the client cleanly and - * consistently - */ -LWS_VISIBLE LWS_EXTERN int -lws_return_http_status(struct lws *wsi, unsigned int code, - const char *html_body); - -/** - * lws_http_redirect() - write http redirect out on wsi - * - * \param wsi: websocket connection - * \param code: HTTP response code (eg, 301) - * \param loc: where to redirect to - * \param len: length of loc - * \param p: pointer current position in buffer (updated as we write) - * \param end: pointer to end of buffer - * - * Returns amount written, or < 0 indicating fatal write failure. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_http_redirect(struct lws *wsi, int code, const unsigned char *loc, int len, - unsigned char **p, unsigned char *end); - -/** - * lws_http_transaction_completed() - wait for new http transaction or close - * \param wsi: websocket connection - * - * Returns 1 if the HTTP connection must close now - * Returns 0 and resets connection to wait for new HTTP header / - * transaction if possible - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_http_transaction_completed(struct lws *wsi); - -/** - * lws_http_compression_apply() - apply an http compression transform - * - * \param wsi: the wsi to apply the compression transform to - * \param name: NULL, or the name of the compression transform, eg, "deflate" - * \param p: pointer to pointer to headers buffer - * \param end: pointer to end of headers buffer - * \param decomp: 0 = add compressor to wsi, 1 = add decompressor - * - * This allows transparent compression of dynamically generated HTTP. The - * requested compression (eg, "deflate") is only applied if the client headers - * indicated it was supported (and it has support in lws), otherwise it's a NOP. - * - * If the requested compression method is NULL, then the supported compression - * formats are tried, and for non-decompression (server) mode the first that's - * found on the client's accept-encoding header is chosen. - * - * NOTE: the compression transform, same as h2 support, relies on the user - * code using LWS_WRITE_HTTP and then LWS_WRITE_HTTP_FINAL on the last part - * written. The internal lws fileserving code already does this. - * - * If the library was built without the cmake option - * LWS_WITH_HTTP_STREAM_COMPRESSION set, then a NOP is provided for this api, - * allowing user code to build either way and use compression if available. - */ -LWS_VISIBLE int -lws_http_compression_apply(struct lws *wsi, const char *name, - unsigned char **p, unsigned char *end, char decomp); -///@} - diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-jwk.h b/thirdparty/libwebsockets/include/libwebsockets/lws-jwk.h deleted file mode 100644 index 2e2eabd73e..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-jwk.h +++ /dev/null @@ -1,110 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - - -/*! \defgroup jwk JSON Web Keys - * ## JSON Web Keys API - * - * Lws provides an API to parse JSON Web Keys into a struct lws_genrsa_elements. - * - * "oct" and "RSA" type keys are supported. For "oct" keys, they are held in - * the "e" member of the struct lws_genrsa_elements. - * - * Keys elements are allocated on the heap. You must destroy the allocations - * in the struct lws_genrsa_elements by calling - * lws_jwk_destroy_genrsa_elements() when you are finished with it. - */ -///@{ - -struct lws_jwk { - char keytype[5]; /**< "oct" or "RSA" */ - struct lws_genrsa_elements el; /**< OCTet key is in el.e */ -}; - -/** lws_jwk_import() - Create a JSON Web key from the textual representation - * - * \param s: the JWK object to create - * \param in: a single JWK JSON stanza in utf-8 - * \param len: the length of the JWK JSON stanza in bytes - * - * Creates an lws_jwk struct filled with data from the JSON representation. - * "oct" and "rsa" key types are supported. - * - * For "oct" type keys, it is loaded into el.e. - */ -LWS_VISIBLE LWS_EXTERN int -lws_jwk_import(struct lws_jwk *s, const char *in, size_t len); - -/** lws_jwk_destroy() - Destroy a JSON Web key - * - * \param s: the JWK object to destroy - * - * All allocations in the lws_jwk are destroyed - */ -LWS_VISIBLE LWS_EXTERN void -lws_jwk_destroy(struct lws_jwk *s); - -/** lws_jwk_export() - Export a JSON Web key to a textual representation - * - * \param s: the JWK object to export - * \param _private: 0 = just export public parts, 1 = export everything - * \param p: the buffer to write the exported JWK to - * \param len: the length of the buffer \p p in bytes - * - * Returns length of the used part of the buffer if OK, or -1 for error. - * - * Serializes the content of the JWK into a char buffer. - */ -LWS_VISIBLE LWS_EXTERN int -lws_jwk_export(struct lws_jwk *s, int _private, char *p, size_t len); - -/** lws_jwk_load() - Import a JSON Web key from a file - * - * \param s: the JWK object to load into - * \param filename: filename to load from - * - * Returns 0 for OK or -1 for failure - */ -LWS_VISIBLE int -lws_jwk_load(struct lws_jwk *s, const char *filename); - -/** lws_jwk_save() - Export a JSON Web key to a file - * - * \param s: the JWK object to save from - * \param filename: filename to save to - * - * Returns 0 for OK or -1 for failure - */ -LWS_VISIBLE int -lws_jwk_save(struct lws_jwk *s, const char *filename); - -/** lws_jwk_rfc7638_fingerprint() - jwk to RFC7638 compliant fingerprint - * - * \param s: the JWK object to fingerprint - * \param digest32: buffer to take 32-byte digest - * - * Returns 0 for OK or -1 for failure - */ -LWS_VISIBLE int -lws_jwk_rfc7638_fingerprint(struct lws_jwk *s, char *digest32); -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-jws.h b/thirdparty/libwebsockets/include/libwebsockets/lws-jws.h deleted file mode 100644 index 7112fc3dba..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-jws.h +++ /dev/null @@ -1,101 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup jws JSON Web Signature - * ## JSON Web Signature API - * - * Lws provides an API to check and create RFC7515 JSON Web Signatures - * - * SHA256/384/512 HMAC, and RSA 256/384/512 are supported. - * - * The API uses your TLS library crypto, but works exactly the same no matter - * what you TLS backend is. - */ -///@{ - -LWS_VISIBLE LWS_EXTERN int -lws_jws_confirm_sig(const char *in, size_t len, struct lws_jwk *jwk); - -/** - * lws_jws_sign_from_b64() - add b64 sig to b64 hdr + payload - * - * \param b64_hdr: protected header encoded in b64, may be NULL - * \param hdr_len: bytes in b64 coding of protected header - * \param b64_pay: payload encoded in b64 - * \param pay_len: bytes in b64 coding of payload - * \param b64_sig: buffer to write the b64 encoded signature into - * \param sig_len: max bytes we can write at b64_sig - * \param hash_type: one of LWS_GENHASH_TYPE_SHA[256|384|512] - * \param jwk: the struct lws_jwk containing the signing key - * - * This adds a b64-coded JWS signature of the b64-encoded protected header - * and b64-encoded payload, at \p b64_sig. The signature will be as large - * as the N element of the RSA key when the RSA key is used, eg, 512 bytes for - * a 4096-bit key, and then b64-encoding on top. - * - * In some special cases, there is only payload to sign and no header, in that - * case \p b64_hdr may be NULL, and only the payload will be hashed before - * signing. - * - * Returns the length of the encoded signature written to \p b64_sig, or -1. - */ -LWS_VISIBLE LWS_EXTERN int -lws_jws_sign_from_b64(const char *b64_hdr, size_t hdr_len, const char *b64_pay, - size_t pay_len, char *b64_sig, size_t sig_len, - enum lws_genhash_types hash_type, struct lws_jwk *jwk); - -/** - * lws_jws_create_packet() - add b64 sig to b64 hdr + payload - * - * \param jwk: the struct lws_jwk containing the signing key - * \param payload: unencoded payload JSON - * \param len: length of unencoded payload JSON - * \param nonce: Nonse string to include in protected header - * \param out: buffer to take signed packet - * \param out_len: size of \p out buffer - * - * This creates a "flattened" JWS packet from the jwk and the plaintext - * payload, and signs it. The packet is written into \p out. - * - * This does the whole packet assembly and signing, calling through to - * lws_jws_sign_from_b64() as part of the process. - * - * Returns the length written to \p out, or -1. - */ -LWS_VISIBLE LWS_EXTERN int -lws_jws_create_packet(struct lws_jwk *jwk, const char *payload, size_t len, - const char *nonce, char *out, size_t out_len); - -/** - * lws_jws_base64_enc() - encode input data into b64url data - * - * \param in: the incoming plaintext - * \param in_len: the length of the incoming plaintext in bytes - * \param out: the buffer to store the b64url encoded data to - * \param out_max: the length of \p out in bytes - * - * Returns either -1 if problems, or the number of bytes written to \p out. - */ -LWS_VISIBLE LWS_EXTERN int -lws_jws_base64_enc(const char *in, size_t in_len, char *out, size_t out_max); -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-lejp.h b/thirdparty/libwebsockets/include/libwebsockets/lws-lejp.h deleted file mode 100644 index f3f7e59a64..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-lejp.h +++ /dev/null @@ -1,262 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup lejp JSON parser - * ##JSON parsing related functions - * \ingroup lwsapi - * - * LEJP is an extremely lightweight JSON stream parser included in lws. - */ -//@{ -struct lejp_ctx; - -#if !defined(LWS_ARRAY_SIZE) -#define LWS_ARRAY_SIZE(_x) (sizeof(_x) / sizeof(_x[0])) -#endif -#define LEJP_FLAG_WS_KEEP 64 -#define LEJP_FLAG_WS_COMMENTLINE 32 - -enum lejp_states { - LEJP_IDLE = 0, - LEJP_MEMBERS = 1, - LEJP_M_P = 2, - LEJP_MP_STRING = LEJP_FLAG_WS_KEEP | 3, - LEJP_MP_STRING_ESC = LEJP_FLAG_WS_KEEP | 4, - LEJP_MP_STRING_ESC_U1 = LEJP_FLAG_WS_KEEP | 5, - LEJP_MP_STRING_ESC_U2 = LEJP_FLAG_WS_KEEP | 6, - LEJP_MP_STRING_ESC_U3 = LEJP_FLAG_WS_KEEP | 7, - LEJP_MP_STRING_ESC_U4 = LEJP_FLAG_WS_KEEP | 8, - LEJP_MP_DELIM = 9, - LEJP_MP_VALUE = 10, - LEJP_MP_VALUE_NUM_INT = LEJP_FLAG_WS_KEEP | 11, - LEJP_MP_VALUE_NUM_EXP = LEJP_FLAG_WS_KEEP | 12, - LEJP_MP_VALUE_TOK = LEJP_FLAG_WS_KEEP | 13, - LEJP_MP_COMMA_OR_END = 14, - LEJP_MP_ARRAY_END = 15, -}; - -enum lejp_reasons { - LEJP_CONTINUE = -1, - LEJP_REJECT_IDLE_NO_BRACE = -2, - LEJP_REJECT_MEMBERS_NO_CLOSE = -3, - LEJP_REJECT_MP_NO_OPEN_QUOTE = -4, - LEJP_REJECT_MP_STRING_UNDERRUN = -5, - LEJP_REJECT_MP_ILLEGAL_CTRL = -6, - LEJP_REJECT_MP_STRING_ESC_ILLEGAL_ESC = -7, - LEJP_REJECT_ILLEGAL_HEX = -8, - LEJP_REJECT_MP_DELIM_MISSING_COLON = -9, - LEJP_REJECT_MP_DELIM_BAD_VALUE_START = -10, - LEJP_REJECT_MP_VAL_NUM_INT_NO_FRAC = -11, - LEJP_REJECT_MP_VAL_NUM_FORMAT = -12, - LEJP_REJECT_MP_VAL_NUM_EXP_BAD_EXP = -13, - LEJP_REJECT_MP_VAL_TOK_UNKNOWN = -14, - LEJP_REJECT_MP_C_OR_E_UNDERF = -15, - LEJP_REJECT_MP_C_OR_E_NOTARRAY = -16, - LEJP_REJECT_MP_ARRAY_END_MISSING = -17, - LEJP_REJECT_STACK_OVERFLOW = -18, - LEJP_REJECT_MP_DELIM_ISTACK = -19, - LEJP_REJECT_NUM_TOO_LONG = -20, - LEJP_REJECT_MP_C_OR_E_NEITHER = -21, - LEJP_REJECT_UNKNOWN = -22, - LEJP_REJECT_CALLBACK = -23 -}; - -#define LEJP_FLAG_CB_IS_VALUE 64 - -enum lejp_callbacks { - LEJPCB_CONSTRUCTED = 0, - LEJPCB_DESTRUCTED = 1, - - LEJPCB_START = 2, - LEJPCB_COMPLETE = 3, - LEJPCB_FAILED = 4, - - LEJPCB_PAIR_NAME = 5, - - LEJPCB_VAL_TRUE = LEJP_FLAG_CB_IS_VALUE | 6, - LEJPCB_VAL_FALSE = LEJP_FLAG_CB_IS_VALUE | 7, - LEJPCB_VAL_NULL = LEJP_FLAG_CB_IS_VALUE | 8, - LEJPCB_VAL_NUM_INT = LEJP_FLAG_CB_IS_VALUE | 9, - LEJPCB_VAL_NUM_FLOAT = LEJP_FLAG_CB_IS_VALUE | 10, - LEJPCB_VAL_STR_START = 11, /* notice handle separately */ - LEJPCB_VAL_STR_CHUNK = LEJP_FLAG_CB_IS_VALUE | 12, - LEJPCB_VAL_STR_END = LEJP_FLAG_CB_IS_VALUE | 13, - - LEJPCB_ARRAY_START = 14, - LEJPCB_ARRAY_END = 15, - - LEJPCB_OBJECT_START = 16, - LEJPCB_OBJECT_END = 17 -}; - -/** - * _lejp_callback() - User parser actions - * \param ctx: LEJP context - * \param reason: Callback reason - * - * Your user callback is associated with the context at construction time, - * and receives calls as the parsing progresses. - * - * All of the callbacks may be ignored and just return 0. - * - * The reasons it might get called, found in @reason, are: - * - * LEJPCB_CONSTRUCTED: The context was just constructed... you might want to - * perform one-time allocation for the life of the context. - * - * LEJPCB_DESTRUCTED: The context is being destructed... if you made any - * allocations at construction-time, you can free them now - * - * LEJPCB_START: Parsing is beginning at the first byte of input - * - * LEJPCB_COMPLETE: Parsing has completed successfully. You'll get a 0 or - * positive return code from lejp_parse indicating the - * amount of unused bytes left in the input buffer - * - * LEJPCB_FAILED: Parsing failed. You'll get a negative error code - * returned from lejp_parse - * - * LEJPCB_PAIR_NAME: When a "name":"value" pair has had the name parsed, - * this callback occurs. You can find the new name at - * the end of ctx->path[] - * - * LEJPCB_VAL_TRUE: The "true" value appeared - * - * LEJPCB_VAL_FALSE: The "false" value appeared - * - * LEJPCB_VAL_NULL: The "null" value appeared - * - * LEJPCB_VAL_NUM_INT: A string representing an integer is in ctx->buf - * - * LEJPCB_VAL_NUM_FLOAT: A string representing a float is in ctx->buf - * - * LEJPCB_VAL_STR_START: We are starting to parse a string, no data yet - * - * LEJPCB_VAL_STR_CHUNK: We parsed LEJP_STRING_CHUNK -1 bytes of string data in - * ctx->buf, which is as much as we can buffer, so we are - * spilling it. If all your strings are less than - * LEJP_STRING_CHUNK - 1 bytes, you will never see this - * callback. - * - * LEJPCB_VAL_STR_END: String parsing has completed, the last chunk of the - * string is in ctx->buf. - * - * LEJPCB_ARRAY_START: An array started - * - * LEJPCB_ARRAY_END: An array ended - * - * LEJPCB_OBJECT_START: An object started - * - * LEJPCB_OBJECT_END: An object ended - */ -LWS_EXTERN signed char _lejp_callback(struct lejp_ctx *ctx, char reason); - -typedef signed char (*lejp_callback)(struct lejp_ctx *ctx, char reason); - -#ifndef LEJP_MAX_DEPTH -#define LEJP_MAX_DEPTH 12 -#endif -#ifndef LEJP_MAX_INDEX_DEPTH -#define LEJP_MAX_INDEX_DEPTH 5 -#endif -#ifndef LEJP_MAX_PATH -#define LEJP_MAX_PATH 128 -#endif -#ifndef LEJP_STRING_CHUNK -/* must be >= 30 to assemble floats */ -#define LEJP_STRING_CHUNK 254 -#endif - -enum num_flags { - LEJP_SEEN_MINUS = (1 << 0), - LEJP_SEEN_POINT = (1 << 1), - LEJP_SEEN_POST_POINT = (1 << 2), - LEJP_SEEN_EXP = (1 << 3) -}; - -struct _lejp_stack { - char s; /* lejp_state stack*/ - char p; /* path length */ - char i; /* index array length */ - char b; /* user bitfield */ -}; - -struct lejp_ctx { - - /* sorted by type for most compact alignment - * - * pointers - */ - - signed char (*callback)(struct lejp_ctx *ctx, char reason); - void *user; - const char * const *paths; - - /* arrays */ - - struct _lejp_stack st[LEJP_MAX_DEPTH]; - uint16_t i[LEJP_MAX_INDEX_DEPTH]; /* index array */ - uint16_t wild[LEJP_MAX_INDEX_DEPTH]; /* index array */ - char path[LEJP_MAX_PATH]; - char buf[LEJP_STRING_CHUNK + 1]; - - /* int */ - - uint32_t line; - - /* short */ - - uint16_t uni; - - /* char */ - - uint8_t npos; - uint8_t dcount; - uint8_t f; - uint8_t sp; /* stack head */ - uint8_t ipos; /* index stack depth */ - uint8_t ppos; - uint8_t count_paths; - uint8_t path_match; - uint8_t path_match_len; - uint8_t wildcount; -}; - -LWS_VISIBLE LWS_EXTERN void -lejp_construct(struct lejp_ctx *ctx, - signed char (*callback)(struct lejp_ctx *ctx, char reason), - void *user, const char * const *paths, unsigned char paths_count); - -LWS_VISIBLE LWS_EXTERN void -lejp_destruct(struct lejp_ctx *ctx); - -LWS_VISIBLE LWS_EXTERN int -lejp_parse(struct lejp_ctx *ctx, const unsigned char *json, int len); - -LWS_VISIBLE LWS_EXTERN void -lejp_change_callback(struct lejp_ctx *ctx, - signed char (*callback)(struct lejp_ctx *ctx, char reason)); - -LWS_VISIBLE LWS_EXTERN int -lejp_get_wildcard(struct lejp_ctx *ctx, int wildcard, char *dest, int len); -//@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-logs.h b/thirdparty/libwebsockets/include/libwebsockets/lws-logs.h deleted file mode 100644 index 9317dcc70c..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-logs.h +++ /dev/null @@ -1,224 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup log Logging - * - * ##Logging - * - * Lws provides flexible and filterable logging facilities, which can be - * used inside lws and in user code. - * - * Log categories may be individually filtered bitwise, and directed to built-in - * sinks for syslog-compatible logging, or a user-defined function. - */ -///@{ - -enum lws_log_levels { - LLL_ERR = 1 << 0, - LLL_WARN = 1 << 1, - LLL_NOTICE = 1 << 2, - LLL_INFO = 1 << 3, - LLL_DEBUG = 1 << 4, - LLL_PARSER = 1 << 5, - LLL_HEADER = 1 << 6, - LLL_EXT = 1 << 7, - LLL_CLIENT = 1 << 8, - LLL_LATENCY = 1 << 9, - LLL_USER = 1 << 10, - LLL_THREAD = 1 << 11, - - LLL_COUNT = 12 /* set to count of valid flags */ -}; - -LWS_VISIBLE LWS_EXTERN void _lws_log(int filter, const char *format, ...) LWS_FORMAT(2); -LWS_VISIBLE LWS_EXTERN void _lws_logv(int filter, const char *format, va_list vl); -/** - * lwsl_timestamp: generate logging timestamp string - * - * \param level: logging level - * \param p: char * buffer to take timestamp - * \param len: length of p - * - * returns length written in p - */ -LWS_VISIBLE LWS_EXTERN int -lwsl_timestamp(int level, char *p, int len); - -/* these guys are unconditionally included */ - -#define lwsl_err(...) _lws_log(LLL_ERR, __VA_ARGS__) -#define lwsl_user(...) _lws_log(LLL_USER, __VA_ARGS__) - -#if !defined(LWS_WITH_NO_LOGS) -/* notice and warn are usually included by being compiled in */ -#define lwsl_warn(...) _lws_log(LLL_WARN, __VA_ARGS__) -#define lwsl_notice(...) _lws_log(LLL_NOTICE, __VA_ARGS__) -#endif -/* - * weaker logging can be deselected by telling CMake to build in RELEASE mode - * that gets rid of the overhead of checking while keeping _warn and _err - * active - */ - -#ifdef _DEBUG -#if defined(LWS_WITH_NO_LOGS) -/* notice, warn and log are always compiled in */ -#define lwsl_warn(...) _lws_log(LLL_WARN, __VA_ARGS__) -#define lwsl_notice(...) _lws_log(LLL_NOTICE, __VA_ARGS__) -#endif -#define lwsl_info(...) _lws_log(LLL_INFO, __VA_ARGS__) -#define lwsl_debug(...) _lws_log(LLL_DEBUG, __VA_ARGS__) -#define lwsl_parser(...) _lws_log(LLL_PARSER, __VA_ARGS__) -#define lwsl_header(...) _lws_log(LLL_HEADER, __VA_ARGS__) -#define lwsl_ext(...) _lws_log(LLL_EXT, __VA_ARGS__) -#define lwsl_client(...) _lws_log(LLL_CLIENT, __VA_ARGS__) -#define lwsl_latency(...) _lws_log(LLL_LATENCY, __VA_ARGS__) -#define lwsl_thread(...) _lws_log(LLL_THREAD, __VA_ARGS__) - -#else /* no debug */ -#if defined(LWS_WITH_NO_LOGS) -#define lwsl_warn(...) do {} while(0) -#define lwsl_notice(...) do {} while(0) -#endif -#define lwsl_info(...) do {} while(0) -#define lwsl_debug(...) do {} while(0) -#define lwsl_parser(...) do {} while(0) -#define lwsl_header(...) do {} while(0) -#define lwsl_ext(...) do {} while(0) -#define lwsl_client(...) do {} while(0) -#define lwsl_latency(...) do {} while(0) -#define lwsl_thread(...) do {} while(0) - -#endif - -#define lwsl_hexdump_err(...) lwsl_hexdump_level(LLL_ERR, __VA_ARGS__) -#define lwsl_hexdump_warn(...) lwsl_hexdump_level(LLL_WARN, __VA_ARGS__) -#define lwsl_hexdump_notice(...) lwsl_hexdump_level(LLL_NOTICE, __VA_ARGS__) -#define lwsl_hexdump_info(...) lwsl_hexdump_level(LLL_INFO, __VA_ARGS__) -#define lwsl_hexdump_debug(...) lwsl_hexdump_level(LLL_DEBUG, __VA_ARGS__) - -/** - * lwsl_hexdump_level() - helper to hexdump a buffer at a selected debug level - * - * \param level: one of LLL_ constants - * \param vbuf: buffer start to dump - * \param len: length of buffer to dump - * - * If \p level is visible, does a nice hexdump -C style dump of \p vbuf for - * \p len bytes. This can be extremely convenient while debugging. - */ -LWS_VISIBLE LWS_EXTERN void -lwsl_hexdump_level(int level, const void *vbuf, size_t len); - -/** - * lwsl_hexdump() - helper to hexdump a buffer (DEBUG builds only) - * - * \param buf: buffer start to dump - * \param len: length of buffer to dump - * - * Calls through to lwsl_hexdump_level(LLL_DEBUG, ... for compatability. - * It's better to use lwsl_hexdump_level(level, ... directly so you can control - * the visibility. - */ -LWS_VISIBLE LWS_EXTERN void -lwsl_hexdump(const void *buf, size_t len); - -/** - * lws_is_be() - returns nonzero if the platform is Big Endian - */ -static LWS_INLINE int lws_is_be(void) { - const int probe = ~0xff; - - return *(const char *)&probe; -} - -/** - * lws_set_log_level() - Set the logging bitfield - * \param level: OR together the LLL_ debug contexts you want output from - * \param log_emit_function: NULL to leave it as it is, or a user-supplied - * function to perform log string emission instead of - * the default stderr one. - * - * log level defaults to "err", "warn" and "notice" contexts enabled and - * emission on stderr. If stderr is a tty (according to isatty()) then - * the output is coloured according to the log level using ANSI escapes. - */ -LWS_VISIBLE LWS_EXTERN void -lws_set_log_level(int level, - void (*log_emit_function)(int level, const char *line)); - -/** - * lwsl_emit_syslog() - helper log emit function writes to system log - * - * \param level: one of LLL_ log level indexes - * \param line: log string - * - * You use this by passing the function pointer to lws_set_log_level(), to set - * it as the log emit function, it is not called directly. - */ -LWS_VISIBLE LWS_EXTERN void -lwsl_emit_syslog(int level, const char *line); - -/** - * lwsl_emit_stderr() - helper log emit function writes to stderr - * - * \param level: one of LLL_ log level indexes - * \param line: log string - * - * You use this by passing the function pointer to lws_set_log_level(), to set - * it as the log emit function, it is not called directly. - * - * It prepends a system timestamp like [2018/11/13 07:41:57:3989] - * - * If stderr is a tty, then ansi colour codes are added. - */ -LWS_VISIBLE LWS_EXTERN void -lwsl_emit_stderr(int level, const char *line); - -/** - * lwsl_emit_stderr_notimestamp() - helper log emit function writes to stderr - * - * \param level: one of LLL_ log level indexes - * \param line: log string - * - * You use this by passing the function pointer to lws_set_log_level(), to set - * it as the log emit function, it is not called directly. - * - * If stderr is a tty, then ansi colour codes are added. - */ -LWS_VISIBLE LWS_EXTERN void -lwsl_emit_stderr_notimestamp(int level, const char *line); - -/** - * lwsl_visible() - returns true if the log level should be printed - * - * \param level: one of LLL_ log level indexes - * - * This is useful if you have to do work to generate the log content, you - * can skip the work if the log level used to print it is not actually - * enabled at runtime. - */ -LWS_VISIBLE LWS_EXTERN int -lwsl_visible(int level); - -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-lwsac.h b/thirdparty/libwebsockets/include/libwebsockets/lws-lwsac.h deleted file mode 100644 index 1f914b66a6..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-lwsac.h +++ /dev/null @@ -1,191 +0,0 @@ -/* - * libwebsockets - lws alloc chunk - * - * Copyright (C) 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup log lwsac - * - * ##Allocated Chunks - * - * If you know you will be allocating a large, unknown number of same or - * differently sized objects, it's certainly possible to do it with libc - * malloc. However the allocation cost in time and memory overhead can - * add up, and deallocation means walking the structure of every object and - * freeing them in turn. - * - * lwsac (LWS Allocated Chunks) allocates chunks intended to be larger - * than your objects (4000 bytes by default) which you linearly allocate from - * using lwsac_use(). - * - * If your next request won't fit in the current chunk, a new chunk is added - * to the chain of chunks and the allocaton done from there. If the request - * is larger than the chunk size, an oversize chunk is created to satisfy it. - * - * When you are finished with the allocations, you call lwsac_free() and - * free all the *chunks*. So you may have thousands of objects in the chunks, - * but they are all destroyed with the chunks without having to deallocate them - * one by one pointlessly. - */ -///@{ - -struct lwsac; -typedef unsigned char * lwsac_cached_file_t; - - -#define lws_list_ptr_container(P,T,M) ((T *)((char *)(P) - offsetof(T, M))) - -/* - * linked-list helper that's commonly useful to manage lists of things - * allocated using lwsac. - * - * These lists point to their corresponding "next" member in the target, NOT - * the original containing struct. To get the containing struct, you must use - * lws_list_ptr_container() to convert. - * - * It's like that because it means we no longer have to have the next pointer - * at the start of the struct, and we can have the same struct on multiple - * linked-lists with everything held in the struct itself. - */ -typedef void * lws_list_ptr; - -/* - * optional sorting callback called by lws_list_ptr_insert() to sort the right - * things inside the opqaue struct being sorted / inserted on the list. - */ -typedef int (*lws_list_ptr_sort_func_t)(lws_list_ptr a, lws_list_ptr b); - -#define lws_list_ptr_advance(_lp) _lp = *((void **)_lp) - -/* sort may be NULL if you don't care about order */ -LWS_VISIBLE LWS_EXTERN void -lws_list_ptr_insert(lws_list_ptr *phead, lws_list_ptr *add, - lws_list_ptr_sort_func_t sort); - - -/** - * lwsac_use - allocate / use some memory from a lwsac - * - * \param head: pointer to the lwsac list object - * \param ensure: the number of bytes we want to use - * \param chunk_size: 0, or the size of the chunk to (over)allocate if - * what we want won't fit in the current tail chunk. If - * 0, the default value of 4000 is used. If ensure is - * larger, it is used instead. - * - * This also serves to init the lwsac if *head is NULL. Basically it does - * whatever is necessary to return you a pointer to ensure bytes of memory - * reserved for the caller. - * - * Returns NULL if OOM. - */ -LWS_VISIBLE LWS_EXTERN void * -lwsac_use(struct lwsac **head, size_t ensure, size_t chunk_size); - -/** - * lwsac_free - deallocate all chunks in the lwsac and set head NULL - * - * \param head: pointer to the lwsac list object - * - * This deallocates all chunks in the lwsac, then sets *head to NULL. All - * lwsac_use() pointers are invalidated in one hit without individual frees. - */ -LWS_VISIBLE LWS_EXTERN void -lwsac_free(struct lwsac **head); - -/* - * Optional helpers useful for where consumers may need to defer destruction - * until all consumers are finished with the lwsac - */ - -/** - * lwsac_detach() - destroy an lwsac unless somebody else is referencing it - * - * \param head: pointer to the lwsac list object - * - * The creator of the lwsac can all this instead of lwsac_free() when it itself - * has finished with the lwsac, but other code may be consuming it. - * - * If there are no other references, the lwsac is destroyed, *head is set to - * NULL and that's the end; however if something else has called - * lwsac_reference() on the lwsac, it simply returns. When lws_unreference() - * is called and no references are left, it will be destroyed then. - */ -LWS_VISIBLE LWS_EXTERN void -lwsac_detach(struct lwsac **head); - -/** - * lwsac_reference() - increase the lwsac reference count - * - * \param head: pointer to the lwsac list object - * - * Increment the reference count on the lwsac to defer destruction. - */ -LWS_VISIBLE LWS_EXTERN void -lwsac_reference(struct lwsac *head); - -/** - * lwsac_reference() - increase the lwsac reference count - * - * \param head: pointer to the lwsac list object - * - * Decrement the reference count on the lwsac... if it reached 0 on a detached - * lwsac then the lwsac is immediately destroyed and *head set to NULL. - */ -LWS_VISIBLE LWS_EXTERN void -lwsac_unreference(struct lwsac **head); - - -/* helpers to keep a file cached in memory */ - -LWS_VISIBLE LWS_EXTERN void -lwsac_use_cached_file_start(lwsac_cached_file_t cache); - -LWS_VISIBLE LWS_EXTERN void -lwsac_use_cached_file_end(lwsac_cached_file_t *cache); - -LWS_VISIBLE LWS_EXTERN void -lwsac_use_cached_file_detach(lwsac_cached_file_t *cache); - -LWS_VISIBLE LWS_EXTERN int -lwsac_cached_file(const char *filepath, lwsac_cached_file_t *cache, - size_t *len); - -/* more advanced helpers */ - -LWS_VISIBLE LWS_EXTERN size_t -lwsac_sizeof(void); - -LWS_VISIBLE LWS_EXTERN size_t -lwsac_get_tail_pos(struct lwsac *lac); - -LWS_VISIBLE LWS_EXTERN struct lwsac * -lwsac_get_next(struct lwsac *lac); - -LWS_VISIBLE LWS_EXTERN size_t -lwsac_align(size_t length); - -LWS_VISIBLE LWS_EXTERN void -lwsac_info(struct lwsac *head); - -LWS_VISIBLE LWS_EXTERN uint64_t -lwsac_total_alloc(struct lwsac *head); - -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-misc.h b/thirdparty/libwebsockets/include/libwebsockets/lws-misc.h deleted file mode 100644 index 02fe432d5b..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-misc.h +++ /dev/null @@ -1,836 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup misc Miscellaneous APIs -* ##Miscellaneous APIs -* -* Various APIs outside of other categories -*/ -///@{ - -/** - * lws_start_foreach_ll(): linkedlist iterator helper start - * - * \param type: type of iteration, eg, struct xyz * - * \param it: iterator var name to create - * \param start: start of list - * - * This helper creates an iterator and starts a while (it) { - * loop. The iterator runs through the linked list starting at start and - * ends when it gets a NULL. - * The while loop should be terminated using lws_start_foreach_ll(). - */ -#define lws_start_foreach_ll(type, it, start)\ -{ \ - type it = start; \ - while (it) { - -/** - * lws_end_foreach_ll(): linkedlist iterator helper end - * - * \param it: same iterator var name given when starting - * \param nxt: member name in the iterator pointing to next list element - * - * This helper is the partner for lws_start_foreach_ll() that ends the - * while loop. - */ - -#define lws_end_foreach_ll(it, nxt) \ - it = it->nxt; \ - } \ -} - -/** - * lws_start_foreach_ll_safe(): linkedlist iterator helper start safe against delete - * - * \param type: type of iteration, eg, struct xyz * - * \param it: iterator var name to create - * \param start: start of list - * \param nxt: member name in the iterator pointing to next list element - * - * This helper creates an iterator and starts a while (it) { - * loop. The iterator runs through the linked list starting at start and - * ends when it gets a NULL. - * The while loop should be terminated using lws_end_foreach_ll_safe(). - * Performs storage of next increment for situations where iterator can become invalidated - * during iteration. - */ -#define lws_start_foreach_ll_safe(type, it, start, nxt)\ -{ \ - type it = start; \ - while (it) { \ - type next_##it = it->nxt; - -/** - * lws_end_foreach_ll_safe(): linkedlist iterator helper end (pre increment storage) - * - * \param it: same iterator var name given when starting - * - * This helper is the partner for lws_start_foreach_ll_safe() that ends the - * while loop. It uses the precreated next_ variable already stored during - * start. - */ - -#define lws_end_foreach_ll_safe(it) \ - it = next_##it; \ - } \ -} - -/** - * lws_start_foreach_llp(): linkedlist pointer iterator helper start - * - * \param type: type of iteration, eg, struct xyz ** - * \param it: iterator var name to create - * \param start: start of list - * - * This helper creates an iterator and starts a while (it) { - * loop. The iterator runs through the linked list starting at the - * address of start and ends when it gets a NULL. - * The while loop should be terminated using lws_start_foreach_llp(). - * - * This helper variant iterates using a pointer to the previous linked-list - * element. That allows you to easily delete list members by rewriting the - * previous pointer to the element's next pointer. - */ -#define lws_start_foreach_llp(type, it, start)\ -{ \ - type it = &(start); \ - while (*(it)) { - -#define lws_start_foreach_llp_safe(type, it, start, nxt)\ -{ \ - type it = &(start); \ - type next; \ - while (*(it)) { \ - next = &((*(it))->nxt); \ - -/** - * lws_end_foreach_llp(): linkedlist pointer iterator helper end - * - * \param it: same iterator var name given when starting - * \param nxt: member name in the iterator pointing to next list element - * - * This helper is the partner for lws_start_foreach_llp() that ends the - * while loop. - */ - -#define lws_end_foreach_llp(it, nxt) \ - it = &(*(it))->nxt; \ - } \ -} - -#define lws_end_foreach_llp_safe(it) \ - it = next; \ - } \ -} - -#define lws_ll_fwd_insert(\ - ___new_object, /* pointer to new object */ \ - ___m_list, /* member for next list object ptr */ \ - ___list_head /* list head */ \ - ) {\ - ___new_object->___m_list = ___list_head; \ - ___list_head = ___new_object; \ - } - -#define lws_ll_fwd_remove(\ - ___type, /* type of listed object */ \ - ___m_list, /* member for next list object ptr */ \ - ___target, /* object to remove from list */ \ - ___list_head /* list head */ \ - ) { \ - lws_start_foreach_llp(___type **, ___ppss, ___list_head) { \ - if (*___ppss == ___target) { \ - *___ppss = ___target->___m_list; \ - break; \ - } \ - } lws_end_foreach_llp(___ppss, ___m_list); \ - } - -/* - * doubly linked-list - */ - -struct lws_dll { /* abstract */ - struct lws_dll *prev; - struct lws_dll *next; -}; - -/* - * these all point to the composed list objects... you have to use the - * lws_container_of() helper to recover the start of the containing struct - */ - -LWS_VISIBLE LWS_EXTERN void -lws_dll_add_front(struct lws_dll *d, struct lws_dll *phead); - -LWS_VISIBLE LWS_EXTERN void -lws_dll_remove(struct lws_dll *d); - -struct lws_dll_lws { /* typed as struct lws * */ - struct lws_dll_lws *prev; - struct lws_dll_lws *next; -}; - -#define lws_dll_is_null(___dll) (!(___dll)->prev && !(___dll)->next) - -static LWS_INLINE void -lws_dll_lws_add_front(struct lws_dll_lws *_a, struct lws_dll_lws *_head) -{ - lws_dll_add_front((struct lws_dll *)_a, (struct lws_dll *)_head); -} - -static LWS_INLINE void -lws_dll_lws_remove(struct lws_dll_lws *_a) -{ - lws_dll_remove((struct lws_dll *)_a); -} - -/* - * these are safe against the current container object getting deleted, - * since the hold his next in a temp and go to that next. ___tmp is - * the temp. - */ - -#define lws_start_foreach_dll_safe(___type, ___it, ___tmp, ___start) \ -{ \ - ___type ___it = ___start; \ - while (___it) { \ - ___type ___tmp = (___it)->next; - -#define lws_end_foreach_dll_safe(___it, ___tmp) \ - ___it = ___tmp; \ - } \ -} - -#define lws_start_foreach_dll(___type, ___it, ___start) \ -{ \ - ___type ___it = ___start; \ - while (___it) { - -#define lws_end_foreach_dll(___it) \ - ___it = (___it)->next; \ - } \ -} - -struct lws_buflist; - -/** - * lws_buflist_append_segment(): add buffer to buflist at head - * - * \param head: list head - * \param buf: buffer to stash - * \param len: length of buffer to stash - * - * Returns -1 on OOM, 1 if this was the first segment on the list, and 0 if - * it was a subsequent segment. - */ -LWS_VISIBLE LWS_EXTERN int -lws_buflist_append_segment(struct lws_buflist **head, const uint8_t *buf, - size_t len); -/** - * lws_buflist_next_segment_len(): number of bytes left in current segment - * - * \param head: list head - * \param buf: if non-NULL, *buf is written with the address of the start of - * the remaining data in the segment - * - * Returns the number of bytes left in the current segment. 0 indicates - * that the buflist is empty (there are no segments on the buflist). - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_buflist_next_segment_len(struct lws_buflist **head, uint8_t **buf); -/** - * lws_buflist_use_segment(): remove len bytes from the current segment - * - * \param head: list head - * \param len: number of bytes to mark as used - * - * If len is less than the remaining length of the current segment, the position - * in the current segment is simply advanced and it returns. - * - * If len uses up the remaining length of the current segment, then the segment - * is deleted and the list head moves to the next segment if any. - * - * Returns the number of bytes left in the current segment. 0 indicates - * that the buflist is empty (there are no segments on the buflist). - */ -LWS_VISIBLE LWS_EXTERN int -lws_buflist_use_segment(struct lws_buflist **head, size_t len); -/** - * lws_buflist_destroy_all_segments(): free all segments on the list - * - * \param head: list head - * - * This frees everything on the list unconditionally. *head is always - * NULL after this. - */ -LWS_VISIBLE LWS_EXTERN void -lws_buflist_destroy_all_segments(struct lws_buflist **head); - -void -lws_buflist_describe(struct lws_buflist **head, void *id); - -/** - * lws_ptr_diff(): helper to report distance between pointers as an int - * - * \param head: the pointer with the larger address - * \param tail: the pointer with the smaller address - * - * This helper gives you an int representing the number of bytes further - * forward the first pointer is compared to the second pointer. - */ -#define lws_ptr_diff(head, tail) \ - ((int)((char *)(head) - (char *)(tail))) - -/** - * lws_snprintf(): snprintf that truncates the returned length too - * - * \param str: destination buffer - * \param size: bytes left in destination buffer - * \param format: format string - * \param ...: args for format - * - * This lets you correctly truncate buffers by concatenating lengths, if you - * reach the limit the reported length doesn't exceed the limit. - */ -LWS_VISIBLE LWS_EXTERN int -lws_snprintf(char *str, size_t size, const char *format, ...) LWS_FORMAT(3); - -/** - * lws_strncpy(): strncpy that guarantees NUL on truncated copy - * - * \param dest: destination buffer - * \param src: source buffer - * \param size: bytes left in destination buffer - * - * This lets you correctly truncate buffers by concatenating lengths, if you - * reach the limit the reported length doesn't exceed the limit. - */ -LWS_VISIBLE LWS_EXTERN char * -lws_strncpy(char *dest, const char *src, size_t size); - -/** - * lws_get_random(): fill a buffer with platform random data - * - * \param context: the lws context - * \param buf: buffer to fill - * \param len: how much to fill - * - * This is intended to be called from the LWS_CALLBACK_RECEIVE callback if - * it's interested to see if the frame it's dealing with was sent in binary - * mode. - */ -LWS_VISIBLE LWS_EXTERN int -lws_get_random(struct lws_context *context, void *buf, int len); -/** - * lws_daemonize(): make current process run in the background - * - * \param _lock_path: the filepath to write the lock file - * - * Spawn lws as a background process, taking care of various things - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_daemonize(const char *_lock_path); -/** - * lws_get_library_version(): return string describing the version of lws - * - * On unix, also includes the git describe - */ -LWS_VISIBLE LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT -lws_get_library_version(void); - -/** - * lws_wsi_user() - get the user data associated with the connection - * \param wsi: lws connection - * - * Not normally needed since it's passed into the callback - */ -LWS_VISIBLE LWS_EXTERN void * -lws_wsi_user(struct lws *wsi); - -/** - * lws_wsi_set_user() - set the user data associated with the client connection - * \param wsi: lws connection - * \param user: user data - * - * By default lws allocates this and it's not legal to externally set it - * yourself. However client connections may have it set externally when the - * connection is created... if so, this api can be used to modify it at - * runtime additionally. - */ -LWS_VISIBLE LWS_EXTERN void -lws_set_wsi_user(struct lws *wsi, void *user); - -/** - * lws_parse_uri: cut up prot:/ads:port/path into pieces - * Notice it does so by dropping '\0' into input string - * and the leading / on the path is consequently lost - * - * \param p: incoming uri string.. will get written to - * \param prot: result pointer for protocol part (https://) - * \param ads: result pointer for address part - * \param port: result pointer for port part - * \param path: result pointer for path part - * - * You may also refer to unix socket addresses, using a '+' at the start of - * the address. In this case, the address should end with ':', which is - * treated as the separator between the address and path (the normal separator - * '/' is a valid part of the socket path). Eg, - * - * http://+/var/run/mysocket:/my/path - * - * If the first character after the + is '@', it's interpreted by lws client - * processing as meaning to use linux abstract namespace sockets, the @ is - * replaced with a '\0' before use. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_parse_uri(char *p, const char **prot, const char **ads, int *port, - const char **path); -/** - * lws_cmdline_option(): simple commandline parser - * - * \param argc: count of argument strings - * \param argv: argument strings - * \param val: string to find - * - * Returns NULL if the string \p val is not found in the arguments. - * - * If it is found, then it returns a pointer to the next character after \p val. - * So if \p val is "-d", then for the commandlines "myapp -d15" and - * "myapp -d 15", in both cases the return will point to the "15". - * - * In the case there is no argument, like "myapp -d", the return will - * either point to the '\\0' at the end of -d, or to the start of the - * next argument, ie, will be non-NULL. - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_cmdline_option(int argc, const char **argv, const char *val); - -/** - * lws_now_secs(): return seconds since 1970-1-1 - */ -LWS_VISIBLE LWS_EXTERN unsigned long -lws_now_secs(void); - -/** - * lws_now_usecs(): return useconds since 1970-1-1 - */ -LWS_VISIBLE LWS_EXTERN lws_usec_t -lws_now_usecs(void); - -/** - * lws_compare_time_t(): return relationship between two time_t - * - * \param context: struct lws_context - * \param t1: time_t 1 - * \param t2: time_t 2 - * - * returns <0 if t2 > t1; >0 if t1 > t2; or == 0 if t1 == t2. - * - * This is aware of clock discontiguities that may have affected either t1 or - * t2 and adapts the comparison for them. - * - * For the discontiguity detection to work, you must avoid any arithmetic on - * the times being compared. For example to have a timeout that triggers - * 15s from when it was set, store the time it was set and compare like - * `if (lws_compare_time_t(context, now, set_time) > 15)` - */ -LWS_VISIBLE LWS_EXTERN int -lws_compare_time_t(struct lws_context *context, time_t t1, time_t t2); - -/** - * lws_get_context - Allow getting lws_context from a Websocket connection - * instance - * - * With this function, users can access context in the callback function. - * Otherwise users may have to declare context as a global variable. - * - * \param wsi: Websocket connection instance - */ -LWS_VISIBLE LWS_EXTERN struct lws_context * LWS_WARN_UNUSED_RESULT -lws_get_context(const struct lws *wsi); - -/** - * lws_get_vhost_listen_port - Find out the port number a vhost is listening on - * - * In the case you passed 0 for the port number at context creation time, you - * can discover the port number that was actually chosen for the vhost using - * this api. - * - * \param vhost: Vhost to get listen port from - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_get_vhost_listen_port(struct lws_vhost *vhost); - -/** - * lws_get_count_threads(): how many service threads the context uses - * - * \param context: the lws context - * - * By default this is always 1, if you asked for more than lws can handle it - * will clip the number of threads. So you can use this to find out how many - * threads are actually in use. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_get_count_threads(struct lws_context *context); - -/** - * lws_get_parent() - get parent wsi or NULL - * \param wsi: lws connection - * - * Specialized wsi like cgi stdin/out/err are associated to a parent wsi, - * this allows you to get their parent. - */ -LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT -lws_get_parent(const struct lws *wsi); - -/** - * lws_get_child() - get child wsi or NULL - * \param wsi: lws connection - * - * Allows you to find a related wsi from the parent wsi. - */ -LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT -lws_get_child(const struct lws *wsi); - -/** - * lws_get_effective_uid_gid() - find out eventual uid and gid while still root - * - * \param context: lws context - * \param uid: pointer to uid result - * \param gid: pointer to gid result - * - * This helper allows you to find out what the uid and gid for the process will - * be set to after the privileges are dropped, beforehand. So while still root, - * eg in LWS_CALLBACK_PROTOCOL_INIT, you can arrange things like cache dir - * and subdir creation / permissions down /var/cache dynamically. - */ -LWS_VISIBLE LWS_EXTERN void -lws_get_effective_uid_gid(struct lws_context *context, int *uid, int *gid); - -/** - * lws_get_udp() - get wsi's udp struct - * - * \param wsi: lws connection - * - * Returns NULL or pointer to the wsi's UDP-specific information - */ -LWS_VISIBLE LWS_EXTERN const struct lws_udp * LWS_WARN_UNUSED_RESULT -lws_get_udp(const struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN void * -lws_get_opaque_parent_data(const struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN void -lws_set_opaque_parent_data(struct lws *wsi, void *data); - -LWS_VISIBLE LWS_EXTERN int -lws_get_child_pending_on_writable(const struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN void -lws_clear_child_pending_on_writable(struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN int -lws_get_close_length(struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN unsigned char * -lws_get_close_payload(struct lws *wsi); - -/** - * lws_get_network_wsi() - Returns wsi that has the tcp connection for this wsi - * - * \param wsi: wsi you have - * - * Returns wsi that has the tcp connection (which may be the incoming wsi) - * - * HTTP/1 connections will always return the incoming wsi - * HTTP/2 connections may return a different wsi that has the tcp connection - */ -LWS_VISIBLE LWS_EXTERN -struct lws *lws_get_network_wsi(struct lws *wsi); - -/** - * lws_set_allocator() - custom allocator support - * - * \param realloc - * - * Allows you to replace the allocator (and deallocator) used by lws - */ -LWS_VISIBLE LWS_EXTERN void -lws_set_allocator(void *(*realloc)(void *ptr, size_t size, const char *reason)); - -enum { - /* - * Flags for enable and disable rxflow with reason bitmap and with - * backwards-compatible single bool - */ - LWS_RXFLOW_REASON_USER_BOOL = (1 << 0), - LWS_RXFLOW_REASON_HTTP_RXBUFFER = (1 << 6), - LWS_RXFLOW_REASON_H2_PPS_PENDING = (1 << 7), - - LWS_RXFLOW_REASON_APPLIES = (1 << 14), - LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT = (1 << 13), - LWS_RXFLOW_REASON_APPLIES_ENABLE = LWS_RXFLOW_REASON_APPLIES | - LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT, - LWS_RXFLOW_REASON_APPLIES_DISABLE = LWS_RXFLOW_REASON_APPLIES, - LWS_RXFLOW_REASON_FLAG_PROCESS_NOW = (1 << 12), - -}; - -/** - * lws_rx_flow_control() - Enable and disable socket servicing for - * received packets. - * - * If the output side of a server process becomes choked, this allows flow - * control for the input side. - * - * \param wsi: Websocket connection instance to get callback for - * \param enable: 0 = disable read servicing for this connection, 1 = enable - * - * If you need more than one additive reason for rxflow control, you can give - * iLWS_RXFLOW_REASON_APPLIES_ENABLE or _DISABLE together with one or more of - * b5..b0 set to idicate which bits to enable or disable. If any bits are - * enabled, rx on the connection is suppressed. - * - * LWS_RXFLOW_REASON_FLAG_PROCESS_NOW flag may also be given to force any change - * in rxflowbstatus to benapplied immediately, this should be used when you are - * changing a wsi flow control state from outside a callback on that wsi. - */ -LWS_VISIBLE LWS_EXTERN int -lws_rx_flow_control(struct lws *wsi, int enable); - -/** - * lws_rx_flow_allow_all_protocol() - Allow all connections with this protocol to receive - * - * When the user server code realizes it can accept more input, it can - * call this to have the RX flow restriction removed from all connections using - * the given protocol. - * \param context: lws_context - * \param protocol: all connections using this protocol will be allowed to receive - */ -LWS_VISIBLE LWS_EXTERN void -lws_rx_flow_allow_all_protocol(const struct lws_context *context, - const struct lws_protocols *protocol); - -/** - * lws_remaining_packet_payload() - Bytes to come before "overall" - * rx fragment is complete - * \param wsi: Websocket instance (available from user callback) - * - * This tracks how many bytes are left in the current ws fragment, according - * to the ws length given in the fragment header. - * - * If the message was in a single fragment, and there is no compression, this - * is the same as "how much data is left to read for this message". - * - * However, if the message is being sent in multiple fragments, this will - * reflect the unread amount of the current **fragment**, not the message. With - * ws, it is legal to not know the length of the message before it completes. - * - * Additionally if the message is sent via the negotiated permessage-deflate - * extension, this number only tells the amount of **compressed** data left to - * be read, since that is the only information available at the ws layer. - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_remaining_packet_payload(struct lws *wsi); - - - -/** - * lws_is_ssl() - Find out if connection is using SSL - * \param wsi: websocket connection to check - * - * Returns 0 if the connection is not using SSL, 1 if using SSL and - * using verified cert, and 2 if using SSL but the cert was not - * checked (appears for client wsi told to skip check on connection) - */ -LWS_VISIBLE LWS_EXTERN int -lws_is_ssl(struct lws *wsi); -/** - * lws_is_cgi() - find out if this wsi is running a cgi process - * \param wsi: lws connection - */ -LWS_VISIBLE LWS_EXTERN int -lws_is_cgi(struct lws *wsi); - -/** - * lws_open() - platform-specific wrapper for open that prepares the fd - * - * \param file: the filepath to open - * \param oflag: option flags - * \param mode: optional mode of any created file - * - * This is a wrapper around platform open() that sets options on the fd - * according to lws policy. Currently that is FD_CLOEXEC to stop the opened - * fd being available to any child process forked by user code. - */ -LWS_VISIBLE LWS_EXTERN int -lws_open(const char *__file, int __oflag, ...); - -struct lws_wifi_scan { /* generic wlan scan item */ - struct lws_wifi_scan *next; - char ssid[32]; - int32_t rssi; /* divide by .count to get db */ - uint8_t bssid[6]; - uint8_t count; - uint8_t channel; - uint8_t authmode; -}; - -#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) -/** - * lws_get_ssl() - Return wsi's SSL context structure - * \param wsi: websocket connection - * - * Returns pointer to the SSL library's context structure - */ -LWS_VISIBLE LWS_EXTERN SSL* -lws_get_ssl(struct lws *wsi); -#endif - -/** \defgroup smtp SMTP related functions - * ##SMTP related functions - * \ingroup lwsapi - * - * These apis let you communicate with a local SMTP server to send email from - * lws. It handles all the SMTP sequencing and protocol actions. - * - * Your system should have postfix, sendmail or another MTA listening on port - * 25 and able to send email using the "mail" commandline app. Usually distro - * MTAs are configured for this by default. - * - * It runs via its own libuv events if initialized (which requires giving it - * a libuv loop to attach to). - * - * It operates using three callbacks, on_next() queries if there is a new email - * to send, on_get_body() asks for the body of the email, and on_sent() is - * called after the email is successfully sent. - * - * To use it - * - * - create an lws_email struct - * - * - initialize data, loop, the email_* strings, max_content_size and - * the callbacks - * - * - call lws_email_init() - * - * When you have at least one email to send, call lws_email_check() to - * schedule starting to send it. - */ -//@{ -#ifdef LWS_WITH_SMTP - -/** enum lwsgs_smtp_states - where we are in SMTP protocol sequence */ -enum lwsgs_smtp_states { - LGSSMTP_IDLE, /**< awaiting new email */ - LGSSMTP_CONNECTING, /**< opening tcp connection to MTA */ - LGSSMTP_CONNECTED, /**< tcp connection to MTA is connected */ - LGSSMTP_SENT_HELO, /**< sent the HELO */ - LGSSMTP_SENT_FROM, /**< sent FROM */ - LGSSMTP_SENT_TO, /**< sent TO */ - LGSSMTP_SENT_DATA, /**< sent DATA request */ - LGSSMTP_SENT_BODY, /**< sent the email body */ - LGSSMTP_SENT_QUIT, /**< sent the session quit */ -}; - -/** struct lws_email - abstract context for performing SMTP operations */ -struct lws_email { - void *data; - /**< opaque pointer set by user code and available to the callbacks */ - uv_loop_t *loop; - /**< the libuv loop we will work on */ - - char email_smtp_ip[32]; /**< Fill before init, eg, "127.0.0.1" */ - char email_helo[32]; /**< Fill before init, eg, "myserver.com" */ - char email_from[100]; /**< Fill before init or on_next */ - char email_to[100]; /**< Fill before init or on_next */ - - unsigned int max_content_size; - /**< largest possible email body size */ - - /* Fill all the callbacks before init */ - - int (*on_next)(struct lws_email *email); - /**< (Fill in before calling lws_email_init) - * called when idle, 0 = another email to send, nonzero is idle. - * If you return 0, all of the email_* char arrays must be set - * to something useful. */ - int (*on_sent)(struct lws_email *email); - /**< (Fill in before calling lws_email_init) - * called when transfer of the email to the SMTP server was - * successful, your callback would remove the current email - * from its queue */ - int (*on_get_body)(struct lws_email *email, char *buf, int len); - /**< (Fill in before calling lws_email_init) - * called when the body part of the queued email is about to be - * sent to the SMTP server. */ - - - /* private things */ - uv_timer_t timeout_email; /**< private */ - enum lwsgs_smtp_states estate; /**< private */ - uv_connect_t email_connect_req; /**< private */ - uv_tcp_t email_client; /**< private */ - time_t email_connect_started; /**< private */ - char email_buf[256]; /**< private */ - char *content; /**< private */ -}; - -/** - * lws_email_init() - Initialize a struct lws_email - * - * \param email: struct lws_email to init - * \param loop: libuv loop to use - * \param max_content: max email content size - * - * Prepares a struct lws_email for use ending SMTP - */ -LWS_VISIBLE LWS_EXTERN int -lws_email_init(struct lws_email *email, uv_loop_t *loop, int max_content); - -/** - * lws_email_check() - Request check for new email - * - * \param email: struct lws_email context to check - * - * Schedules a check for new emails in 1s... call this when you have queued an - * email for send. - */ -LWS_VISIBLE LWS_EXTERN void -lws_email_check(struct lws_email *email); -/** - * lws_email_destroy() - stop using the struct lws_email - * - * \param email: the struct lws_email context - * - * Stop sending email using email and free allocations - */ -LWS_VISIBLE LWS_EXTERN void -lws_email_destroy(struct lws_email *email); - -#endif -//@} - -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-network-helper.h b/thirdparty/libwebsockets/include/libwebsockets/lws-network-helper.h deleted file mode 100644 index 94ee8d9a5d..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-network-helper.h +++ /dev/null @@ -1,105 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup net Network related helper APIs - * ##Network related helper APIs - * - * These wrap miscellaneous useful network-related functions - */ -///@{ - -/** - * lws_canonical_hostname() - returns this host's hostname - * - * This is typically used by client code to fill in the host parameter - * when making a client connection. You can only call it after the context - * has been created. - * - * \param context: Websocket context - */ -LWS_VISIBLE LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT -lws_canonical_hostname(struct lws_context *context); - -/** - * lws_get_peer_addresses() - Get client address information - * \param wsi: Local struct lws associated with - * \param fd: Connection socket descriptor - * \param name: Buffer to take client address name - * \param name_len: Length of client address name buffer - * \param rip: Buffer to take client address IP dotted quad - * \param rip_len: Length of client address IP buffer - * - * This function fills in name and rip with the name and IP of - * the client connected with socket descriptor fd. Names may be - * truncated if there is not enough room. If either cannot be - * determined, they will be returned as valid zero-length strings. - */ -LWS_VISIBLE LWS_EXTERN void -lws_get_peer_addresses(struct lws *wsi, lws_sockfd_type fd, char *name, - int name_len, char *rip, int rip_len); - -/** - * lws_get_peer_simple() - Get client address information without RDNS - * - * \param wsi: Local struct lws associated with - * \param name: Buffer to take client address name - * \param namelen: Length of client address name buffer - * - * This provides a 123.123.123.123 type IP address in name from the - * peer that has connected to wsi - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_get_peer_simple(struct lws *wsi, char *name, int namelen); - -#define LWS_ITOSA_USABLE 0 -#define LWS_ITOSA_NOT_EXIST -1 -#define LWS_ITOSA_NOT_USABLE -2 -#define LWS_ITOSA_BUSY -3 /* only returned by lws_socket_bind() on - EADDRINUSE */ - -#if !defined(LWS_WITH_ESP32) -/** - * lws_interface_to_sa() - Convert interface name or IP to sockaddr struct - * - * \param ipv6: Allow IPV6 addresses - * \param ifname: Interface name or IP - * \param addr: struct sockaddr_in * to be written - * \param addrlen: Length of addr - * - * This converts a textual network interface name to a sockaddr usable by - * other network functions. - * - * If the network interface doesn't exist, it will return LWS_ITOSA_NOT_EXIST. - * - * If the network interface is not usable, eg ethernet cable is removed, it - * may logically exist but not have any IP address. As such it will return - * LWS_ITOSA_NOT_USABLE. - * - * If the network interface exists and is usable, it will return - * LWS_ITOSA_USABLE. - */ -LWS_VISIBLE LWS_EXTERN int -lws_interface_to_sa(int ipv6, const char *ifname, struct sockaddr_in *addr, - size_t addrlen); -#endif -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-plugin-generic-sessions.h b/thirdparty/libwebsockets/include/libwebsockets/lws-plugin-generic-sessions.h deleted file mode 100644 index 7f46f854ec..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-plugin-generic-sessions.h +++ /dev/null @@ -1,74 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup generic-sessions plugin: generic-sessions - * \ingroup Protocols-and-Plugins - * - * ##Plugin Generic-sessions related - * - * generic-sessions plugin provides a reusable, generic session and login / - * register / forgot password framework including email verification. - */ -///@{ - -#define LWSGS_EMAIL_CONTENT_SIZE 16384 -/**< Maximum size of email we might send */ - -/* SHA-1 binary and hexified versions */ -/** typedef struct lwsgw_hash_bin */ -typedef struct { unsigned char bin[20]; /**< binary representation of hash */} lwsgw_hash_bin; -/** typedef struct lwsgw_hash */ -typedef struct { char id[41]; /**< ascii hex representation of hash */ } lwsgw_hash; - -/** enum lwsgs_auth_bits */ -enum lwsgs_auth_bits { - LWSGS_AUTH_LOGGED_IN = 1, /**< user is logged in as somebody */ - LWSGS_AUTH_ADMIN = 2, /**< logged in as the admin user */ - LWSGS_AUTH_VERIFIED = 4, /**< user has verified his email */ - LWSGS_AUTH_FORGOT_FLOW = 8, /**< just completed "forgot password" */ -}; - -/** struct lws_session_info - information about user session status */ -struct lws_session_info { - char username[32]; /**< username logged in as, or empty string */ - char email[100]; /**< email address associated with login, or empty string */ - char ip[72]; /**< ip address session was started from */ - unsigned int mask; /**< access rights mask associated with session - * see enum lwsgs_auth_bits */ - char session[42]; /**< session id string, usable as opaque uid when not logged in */ -}; - -/** enum lws_gs_event */ -enum lws_gs_event { - LWSGSE_CREATED, /**< a new user was created */ - LWSGSE_DELETED /**< an existing user was deleted */ -}; - -/** struct lws_gs_event_args */ -struct lws_gs_event_args { - enum lws_gs_event event; /**< which event happened */ - const char *username; /**< which username the event happened to */ - const char *email; /**< the email address of that user */ -}; - -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-protocols-plugins.h b/thirdparty/libwebsockets/include/libwebsockets/lws-protocols-plugins.h deleted file mode 100644 index b6cc44e27f..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-protocols-plugins.h +++ /dev/null @@ -1,229 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup Protocols-and-Plugins Protocols and Plugins - * \ingroup lwsapi - * - * ##Protocol and protocol plugin -related apis - * - * Protocols bind ws protocol names to a custom callback specific to that - * protocol implementaion. - * - * A list of protocols can be passed in at context creation time, but it is - * also legal to leave that NULL and add the protocols and their callback code - * using plugins. - * - * Plugins are much preferable compared to cut and pasting code into an - * application each time, since they can be used standalone. - */ -///@{ -/** struct lws_protocols - List of protocols and handlers client or server - * supports. */ - -struct lws_protocols { - const char *name; - /**< Protocol name that must match the one given in the client - * Javascript new WebSocket(url, 'protocol') name. */ - lws_callback_function *callback; - /**< The service callback used for this protocol. It allows the - * service action for an entire protocol to be encapsulated in - * the protocol-specific callback */ - size_t per_session_data_size; - /**< Each new connection using this protocol gets - * this much memory allocated on connection establishment and - * freed on connection takedown. A pointer to this per-connection - * allocation is passed into the callback in the 'user' parameter */ - size_t rx_buffer_size; - /**< lws allocates this much space for rx data and informs callback - * when something came. Due to rx flow control, the callback may not - * be able to consume it all without having to return to the event - * loop. That is supported in lws. - * - * If .tx_packet_size is 0, this also controls how much may be sent at - * once for backwards compatibility. - */ - unsigned int id; - /**< ignored by lws, but useful to contain user information bound - * to the selected protocol. For example if this protocol was - * called "myprotocol-v2", you might set id to 2, and the user - * code that acts differently according to the version can do so by - * switch (wsi->protocol->id), user code might use some bits as - * capability flags based on selected protocol version, etc. */ - void *user; /**< ignored by lws, but user code can pass a pointer - here it can later access from the protocol callback */ - size_t tx_packet_size; - /**< 0 indicates restrict send() size to .rx_buffer_size for backwards- - * compatibility. - * If greater than zero, a single send() is restricted to this amount - * and any remainder is buffered by lws and sent afterwards also in - * these size chunks. Since that is expensive, it's preferable - * to restrict one fragment you are trying to send to match this - * size. - */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ -}; - -/** - * lws_vhost_name_to_protocol() - get vhost's protocol object from its name - * - * \param vh: vhost to search - * \param name: protocol name - * - * Returns NULL or a pointer to the vhost's protocol of the requested name - */ -LWS_VISIBLE LWS_EXTERN const struct lws_protocols * -lws_vhost_name_to_protocol(struct lws_vhost *vh, const char *name); - -/** - * lws_get_protocol() - Returns a protocol pointer from a websocket - * connection. - * \param wsi: pointer to struct websocket you want to know the protocol of - * - * - * Some apis can act on all live connections of a given protocol, - * this is how you can get a pointer to the active protocol if needed. - */ -LWS_VISIBLE LWS_EXTERN const struct lws_protocols * -lws_get_protocol(struct lws *wsi); - -/** lws_protocol_get() - deprecated: use lws_get_protocol */ -LWS_VISIBLE LWS_EXTERN const struct lws_protocols * -lws_protocol_get(struct lws *wsi) LWS_WARN_DEPRECATED; - -/** - * lws_protocol_vh_priv_zalloc() - Allocate and zero down a protocol's per-vhost - * storage - * \param vhost: vhost the instance is related to - * \param prot: protocol the instance is related to - * \param size: bytes to allocate - * - * Protocols often find it useful to allocate a per-vhost struct, this is a - * helper to be called in the per-vhost init LWS_CALLBACK_PROTOCOL_INIT - */ -LWS_VISIBLE LWS_EXTERN void * -lws_protocol_vh_priv_zalloc(struct lws_vhost *vhost, - const struct lws_protocols *prot, int size); - -/** - * lws_protocol_vh_priv_get() - retreive a protocol's per-vhost storage - * - * \param vhost: vhost the instance is related to - * \param prot: protocol the instance is related to - * - * Recover a pointer to the allocated per-vhost storage for the protocol created - * by lws_protocol_vh_priv_zalloc() earlier - */ -LWS_VISIBLE LWS_EXTERN void * -lws_protocol_vh_priv_get(struct lws_vhost *vhost, - const struct lws_protocols *prot); - -/** - * lws_adjust_protocol_psds - change a vhost protocol's per session data size - * - * \param wsi: a connection with the protocol to change - * \param new_size: the new size of the per session data size for the protocol - * - * Returns user_space for the wsi, after allocating - * - * This should not be used except to initalize a vhost protocol's per session - * data size one time, before any connections are accepted. - * - * Sometimes the protocol wraps another protocol and needs to discover and set - * its per session data size at runtime. - */ -LWS_VISIBLE LWS_EXTERN void * -lws_adjust_protocol_psds(struct lws *wsi, size_t new_size); - -/** - * lws_finalize_startup() - drop initial process privileges - * - * \param context: lws context - * - * This is called after the end of the vhost protocol initializations, but - * you may choose to call it earlier - */ -LWS_VISIBLE LWS_EXTERN int -lws_finalize_startup(struct lws_context *context); - -/** - * lws_pvo_search() - helper to find a named pvo in a linked-list - * - * \param pvo: the first pvo in the linked-list - * \param name: the name of the pvo to return if found - * - * Returns NULL, or a pointer to the name pvo in the linked-list - */ -LWS_VISIBLE LWS_EXTERN const struct lws_protocol_vhost_options * -lws_pvo_search(const struct lws_protocol_vhost_options *pvo, const char *name); - -/** - * lws_pvo_get_str() - retreive a string pvo value - * - * \param pvo: the first pvo in the linked-list - * \param name: the name of the pvo to return if found - * \param result: pointer to a const char * to get the result if any - * - * Returns 0 if found and *result set, or nonzero if not found - */ -LWS_VISIBLE LWS_EXTERN int -lws_pvo_get_str(void *in, const char *name, const char **result); - -LWS_VISIBLE LWS_EXTERN int -lws_protocol_init(struct lws_context *context); - -#ifdef LWS_WITH_PLUGINS - -/* PLUGINS implies LIBUV */ - -#define LWS_PLUGIN_API_MAGIC 180 - -/** struct lws_plugin_capability - how a plugin introduces itself to lws */ -struct lws_plugin_capability { - unsigned int api_magic; /**< caller fills this in, plugin fills rest */ - const struct lws_protocols *protocols; /**< array of supported protocols provided by plugin */ - int count_protocols; /**< how many protocols */ - const struct lws_extension *extensions; /**< array of extensions provided by plugin */ - int count_extensions; /**< how many extensions */ -}; - -typedef int (*lws_plugin_init_func)(struct lws_context *, - struct lws_plugin_capability *); -typedef int (*lws_plugin_destroy_func)(struct lws_context *); - -/** struct lws_plugin */ -struct lws_plugin { - struct lws_plugin *list; /**< linked list */ -#if (UV_VERSION_MAJOR > 0) - uv_lib_t lib; /**< shared library pointer */ -#else - void *l; /**< so we can compile on ancient libuv */ -#endif - char name[64]; /**< name of the plugin */ - struct lws_plugin_capability caps; /**< plugin capabilities */ -}; - -#endif - -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-purify.h b/thirdparty/libwebsockets/include/libwebsockets/lws-purify.h deleted file mode 100644 index 0ae35ce33c..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-purify.h +++ /dev/null @@ -1,81 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - - -/*! \defgroup pur Sanitize / purify SQL and JSON helpers - * - * ##Sanitize / purify SQL and JSON helpers - * - * APIs for escaping untrusted JSON and SQL safely before use - */ -//@{ - -/** - * lws_sql_purify() - like strncpy but with escaping for sql quotes - * - * \param escaped: output buffer - * \param string: input buffer ('/0' terminated) - * \param len: output buffer max length - * - * Because escaping expands the output string, it's not - * possible to do it in-place, ie, with escaped == string - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_sql_purify(char *escaped, const char *string, int len); - -/** - * lws_json_purify() - like strncpy but with escaping for json chars - * - * \param escaped: output buffer - * \param string: input buffer ('/0' terminated) - * \param len: output buffer max length - * - * Because escaping expands the output string, it's not - * possible to do it in-place, ie, with escaped == string - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_json_purify(char *escaped, const char *string, int len); - -/** - * lws_filename_purify_inplace() - replace scary filename chars with underscore - * - * \param filename: filename to be purified - * - * Replace scary characters in the filename (it should not be a path) - * with underscore, so it's safe to use. - */ -LWS_VISIBLE LWS_EXTERN void -lws_filename_purify_inplace(char *filename); - -LWS_VISIBLE LWS_EXTERN int -lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, - int len); -LWS_VISIBLE LWS_EXTERN int -lws_plat_write_file(const char *filename, void *buf, int len); - -LWS_VISIBLE LWS_EXTERN int -lws_plat_read_file(const char *filename, void *buf, int len); - -LWS_VISIBLE LWS_EXTERN int -lws_plat_recommended_rsa_bits(void); -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-ring.h b/thirdparty/libwebsockets/include/libwebsockets/lws-ring.h deleted file mode 100644 index 9a5ec2e10b..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-ring.h +++ /dev/null @@ -1,305 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup lws_ring LWS Ringbuffer APIs - * ##lws_ring: generic ringbuffer struct - * - * Provides an abstract ringbuffer api supporting one head and one or an - * unlimited number of tails. - * - * All of the members are opaque and manipulated by lws_ring_...() apis. - * - * The lws_ring and its buffer is allocated at runtime on the heap, using - * - * - lws_ring_create() - * - lws_ring_destroy() - * - * It may contain any type, the size of the "element" stored in the ring - * buffer and the number of elements is given at creation time. - * - * When you create the ringbuffer, you can optionally provide an element - * destroy callback that frees any allocations inside the element. This is then - * automatically called for elements with no tail behind them, ie, elements - * which don't have any pending consumer are auto-freed. - * - * Whole elements may be inserted into the ringbuffer and removed from it, using - * - * - lws_ring_insert() - * - lws_ring_consume() - * - * You can find out how many whole elements are free or waiting using - * - * - lws_ring_get_count_free_elements() - * - lws_ring_get_count_waiting_elements() - * - * In addition there are special purpose optional byte-centric apis - * - * - lws_ring_next_linear_insert_range() - * - lws_ring_bump_head() - * - * which let you, eg, read() directly into the ringbuffer without needing - * an intermediate bounce buffer. - * - * The accessors understand that the ring wraps, and optimizes insertion and - * consumption into one or two memcpy()s depending on if the head or tail - * wraps. - * - * lws_ring only supports a single head, but optionally multiple tails with - * an API to inform it when the "oldest" tail has moved on. You can give - * NULL where-ever an api asks for a tail pointer, and it will use an internal - * single tail pointer for convenience. - * - * The "oldest tail", which is the only tail if you give it NULL instead of - * some other tail, is used to track which elements in the ringbuffer are - * still unread by anyone. - * - * - lws_ring_update_oldest_tail() - */ -///@{ -struct lws_ring; - -/** - * lws_ring_create(): create a new ringbuffer - * - * \param element_len: the size in bytes of one element in the ringbuffer - * \param count: the number of elements the ringbuffer can contain - * \param destroy_element: NULL, or callback to be called for each element - * that is removed from the ringbuffer due to the - * oldest tail moving beyond it - * - * Creates the ringbuffer and allocates the storage. Returns the new - * lws_ring *, or NULL if the allocation failed. - * - * If non-NULL, destroy_element will get called back for every element that is - * retired from the ringbuffer after the oldest tail has gone past it, and for - * any element still left in the ringbuffer when it is destroyed. It replaces - * all other element destruction code in your user code. - */ -LWS_VISIBLE LWS_EXTERN struct lws_ring * -lws_ring_create(size_t element_len, size_t count, - void (*destroy_element)(void *element)); - -/** - * lws_ring_destroy(): destroy a previously created ringbuffer - * - * \param ring: the struct lws_ring to destroy - * - * Destroys the ringbuffer allocation and the struct lws_ring itself. - */ -LWS_VISIBLE LWS_EXTERN void -lws_ring_destroy(struct lws_ring *ring); - -/** - * lws_ring_get_count_free_elements(): return how many elements can fit - * in the free space - * - * \param ring: the struct lws_ring to report on - * - * Returns how much room is left in the ringbuffer for whole element insertion. - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_ring_get_count_free_elements(struct lws_ring *ring); - -/** - * lws_ring_get_count_waiting_elements(): return how many elements can be consumed - * - * \param ring: the struct lws_ring to report on - * \param tail: a pointer to the tail struct to use, or NULL for single tail - * - * Returns how many elements are waiting to be consumed from the perspective - * of the tail pointer given. - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_ring_get_count_waiting_elements(struct lws_ring *ring, uint32_t *tail); - -/** - * lws_ring_insert(): attempt to insert up to max_count elements from src - * - * \param ring: the struct lws_ring to report on - * \param src: the array of elements to be inserted - * \param max_count: the number of available elements at src - * - * Attempts to insert as many of the elements at src as possible, up to the - * maximum max_count. Returns the number of elements actually inserted. - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_ring_insert(struct lws_ring *ring, const void *src, size_t max_count); - -/** - * lws_ring_consume(): attempt to copy out and remove up to max_count elements - * to src - * - * \param ring: the struct lws_ring to report on - * \param tail: a pointer to the tail struct to use, or NULL for single tail - * \param dest: the array of elements to be inserted. or NULL for no copy - * \param max_count: the number of available elements at src - * - * Attempts to copy out as many waiting elements as possible into dest, from - * the perspective of the given tail, up to max_count. If dest is NULL, the - * copying out is not done but the elements are logically consumed as usual. - * NULL dest is useful in combination with lws_ring_get_element(), where you - * can use the element direct from the ringbuffer and then call this with NULL - * dest to logically consume it. - * - * Increments the tail position according to how many elements could be - * consumed. - * - * Returns the number of elements consumed. - */ -LWS_VISIBLE LWS_EXTERN size_t -lws_ring_consume(struct lws_ring *ring, uint32_t *tail, void *dest, - size_t max_count); - -/** - * lws_ring_get_element(): get a pointer to the next waiting element for tail - * - * \param ring: the struct lws_ring to report on - * \param tail: a pointer to the tail struct to use, or NULL for single tail - * - * Points to the next element that tail would consume, directly in the - * ringbuffer. This lets you write() or otherwise use the element without - * having to copy it out somewhere first. - * - * After calling this, you must call lws_ring_consume(ring, &tail, NULL, 1) - * which will logically consume the element you used up and increment your - * tail (tail may also be NULL there if you use a single tail). - * - * Returns NULL if no waiting element, or a const void * pointing to it. - */ -LWS_VISIBLE LWS_EXTERN const void * -lws_ring_get_element(struct lws_ring *ring, uint32_t *tail); - -/** - * lws_ring_update_oldest_tail(): free up elements older than tail for reuse - * - * \param ring: the struct lws_ring to report on - * \param tail: a pointer to the tail struct to use, or NULL for single tail - * - * If you are using multiple tails, you must use this API to inform the - * lws_ring when none of the tails still need elements in the fifo any more, - * by updating it when the "oldest" tail has moved on. - */ -LWS_VISIBLE LWS_EXTERN void -lws_ring_update_oldest_tail(struct lws_ring *ring, uint32_t tail); - -/** - * lws_ring_get_oldest_tail(): get current oldest available data index - * - * \param ring: the struct lws_ring to report on - * - * If you are initializing a new ringbuffer consumer, you can set its tail to - * this to start it from the oldest ringbuffer entry still available. - */ -LWS_VISIBLE LWS_EXTERN uint32_t -lws_ring_get_oldest_tail(struct lws_ring *ring); - -/** - * lws_ring_next_linear_insert_range(): used to write directly into the ring - * - * \param ring: the struct lws_ring to report on - * \param start: pointer to a void * set to the start of the next ringbuffer area - * \param bytes: pointer to a size_t set to the max length you may use from *start - * - * This provides a low-level, bytewise access directly into the ringbuffer - * allowing direct insertion of data without having to use a bounce buffer. - * - * The api reports the position and length of the next linear range that can - * be written in the ringbuffer, ie, up to the point it would wrap, and sets - * *start and *bytes accordingly. You can then, eg, directly read() into - * *start for up to *bytes, and use lws_ring_bump_head() to update the lws_ring - * with what you have done. - * - * Returns nonzero if no insertion is currently possible. - */ -LWS_VISIBLE LWS_EXTERN int -lws_ring_next_linear_insert_range(struct lws_ring *ring, void **start, - size_t *bytes); - -/** - * lws_ring_bump_head(): used to write directly into the ring - * - * \param ring: the struct lws_ring to operate on - * \param bytes: the number of bytes you inserted at the current head - */ -LWS_VISIBLE LWS_EXTERN void -lws_ring_bump_head(struct lws_ring *ring, size_t bytes); - -LWS_VISIBLE LWS_EXTERN void -lws_ring_dump(struct lws_ring *ring, uint32_t *tail); - -/* - * This is a helper that combines the common pattern of needing to consume - * some ringbuffer elements, move the consumer tail on, and check if that - * has moved any ringbuffer elements out of scope, because it was the last - * consumer that had not already consumed them. - * - * Elements that go out of scope because the oldest tail is now after them - * get garbage-collected by calling the destroy_element callback on them - * defined when the ringbuffer was created. - */ - -#define lws_ring_consume_and_update_oldest_tail(\ - ___ring, /* the lws_ring object */ \ - ___type, /* type of objects with tails */ \ - ___ptail, /* ptr to tail of obj with tail doing consuming */ \ - ___count, /* count of payload objects being consumed */ \ - ___list_head, /* head of list of objects with tails */ \ - ___mtail, /* member name of tail in ___type */ \ - ___mlist /* member name of next list member ptr in ___type */ \ - ) { \ - int ___n, ___m; \ - \ - ___n = lws_ring_get_oldest_tail(___ring) == *(___ptail); \ - lws_ring_consume(___ring, ___ptail, NULL, ___count); \ - if (___n) { \ - uint32_t ___oldest; \ - ___n = 0; \ - ___oldest = *(___ptail); \ - lws_start_foreach_llp(___type **, ___ppss, ___list_head) { \ - ___m = lws_ring_get_count_waiting_elements( \ - ___ring, &(*___ppss)->tail); \ - if (___m >= ___n) { \ - ___n = ___m; \ - ___oldest = (*___ppss)->tail; \ - } \ - } lws_end_foreach_llp(___ppss, ___mlist); \ - \ - lws_ring_update_oldest_tail(___ring, ___oldest); \ - } \ -} - -/* - * This does the same as the lws_ring_consume_and_update_oldest_tail() - * helper, but for the simpler case there is only one consumer, so one - * tail, and that tail is always the oldest tail. - */ - -#define lws_ring_consume_single_tail(\ - ___ring, /* the lws_ring object */ \ - ___ptail, /* ptr to tail of obj with tail doing consuming */ \ - ___count /* count of payload objects being consumed */ \ - ) { \ - lws_ring_consume(___ring, ___ptail, NULL, ___count); \ - lws_ring_update_oldest_tail(___ring, *(___ptail)); \ -} -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-service.h b/thirdparty/libwebsockets/include/libwebsockets/lws-service.h deleted file mode 100644 index f4109f0431..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-service.h +++ /dev/null @@ -1,215 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup service Built-in service loop entry - * - * ##Built-in service loop entry - * - * If you're not using libev / libuv, these apis are needed to enter the poll() - * wait in lws and service any connections with pending events. - */ -///@{ - -/** - * lws_service() - Service any pending websocket activity - * \param context: Websocket context - * \param timeout_ms: Timeout for poll; 0 means return immediately if nothing needed - * service otherwise block and service immediately, returning - * after the timeout if nothing needed service. - * - * This function deals with any pending websocket traffic, for three - * kinds of event. It handles these events on both server and client - * types of connection the same. - * - * 1) Accept new connections to our context's server - * - * 2) Call the receive callback for incoming frame data received by - * server or client connections. - * - * You need to call this service function periodically to all the above - * functions to happen; if your application is single-threaded you can - * just call it in your main event loop. - * - * Alternatively you can fork a new process that asynchronously handles - * calling this service in a loop. In that case you are happy if this - * call blocks your thread until it needs to take care of something and - * would call it with a large nonzero timeout. Your loop then takes no - * CPU while there is nothing happening. - * - * If you are calling it in a single-threaded app, you don't want it to - * wait around blocking other things in your loop from happening, so you - * would call it with a timeout_ms of 0, so it returns immediately if - * nothing is pending, or as soon as it services whatever was pending. - */ -LWS_VISIBLE LWS_EXTERN int -lws_service(struct lws_context *context, int timeout_ms); - -/** - * lws_service_tsi() - Service any pending websocket activity - * - * \param context: Websocket context - * \param timeout_ms: Timeout for poll; 0 means return immediately if nothing needed - * service otherwise block and service immediately, returning - * after the timeout if nothing needed service. - * \param tsi: Thread service index, starting at 0 - * - * Same as lws_service(), but for a specific thread service index. Only needed - * if you are spawning multiple service threads. - */ -LWS_VISIBLE LWS_EXTERN int -lws_service_tsi(struct lws_context *context, int timeout_ms, int tsi); - -/** - * lws_cancel_service_pt() - Cancel servicing of pending socket activity - * on one thread - * \param wsi: Cancel service on the thread this wsi is serviced by - * - * Same as lws_cancel_service(), but targets a single service thread, the one - * the wsi belongs to. You probably want to use lws_cancel_service() instead. - */ -LWS_VISIBLE LWS_EXTERN void -lws_cancel_service_pt(struct lws *wsi); - -/** - * lws_cancel_service() - Cancel wait for new pending socket activity - * \param context: Websocket context - * - * This function creates an immediate "synchronous interrupt" to the lws poll() - * wait or event loop. As soon as possible in the serialzed service sequencing, - * a LWS_CALLBACK_EVENT_WAIT_CANCELLED callback is sent to every protocol on - * every vhost. - * - * lws_cancel_service() may be called from another thread while the context - * exists, and its effect will be immediately serialized. - */ -LWS_VISIBLE LWS_EXTERN void -lws_cancel_service(struct lws_context *context); - -/** - * lws_service_fd() - Service polled socket with something waiting - * \param context: Websocket context - * \param pollfd: The pollfd entry describing the socket fd and which events - * happened, or NULL to tell lws to do only timeout servicing. - * - * This function takes a pollfd that has POLLIN or POLLOUT activity and - * services it according to the state of the associated - * struct lws. - * - * The one call deals with all "service" that might happen on a socket - * including listen accepts, http files as well as websocket protocol. - * - * If a pollfd says it has something, you can just pass it to - * lws_service_fd() whether it is a socket handled by lws or not. - * If it sees it is a lws socket, the traffic will be handled and - * pollfd->revents will be zeroed now. - * - * If the socket is foreign to lws, it leaves revents alone. So you can - * see if you should service yourself by checking the pollfd revents - * after letting lws try to service it. - * - * You should also call this with pollfd = NULL to just allow the - * once-per-second global timeout checks; if less than a second since the last - * check it returns immediately then. - */ -LWS_VISIBLE LWS_EXTERN int -lws_service_fd(struct lws_context *context, struct lws_pollfd *pollfd); - -/** - * lws_service_fd_tsi() - Service polled socket in specific service thread - * \param context: Websocket context - * \param pollfd: The pollfd entry describing the socket fd and which events - * happened. - * \param tsi: thread service index - * - * Same as lws_service_fd() but used with multiple service threads - */ -LWS_VISIBLE LWS_EXTERN int -lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, - int tsi); - -/** - * lws_service_adjust_timeout() - Check for any connection needing forced service - * \param context: Websocket context - * \param timeout_ms: The original poll timeout value. You can just set this - * to 1 if you don't really have a poll timeout. - * \param tsi: thread service index - * - * Under some conditions connections may need service even though there is no - * pending network action on them, this is "forced service". For default - * poll() and libuv / libev, the library takes care of calling this and - * dealing with it for you. But for external poll() integration, you need - * access to the apis. - * - * If anybody needs "forced service", returned timeout is zero. In that case, - * you can call lws_service_tsi() with a timeout of -1 to only service - * guys who need forced service. - */ -LWS_VISIBLE LWS_EXTERN int -lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi); - -/* Backwards compatibility */ -#define lws_plat_service_tsi lws_service_tsi - -LWS_VISIBLE LWS_EXTERN int -lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd); - -///@} - -/*! \defgroup uv libuv helpers - * - * ##libuv helpers - * - * APIs specific to libuv event loop itegration - */ -///@{ -#ifdef LWS_WITH_LIBUV -/* - * Any direct libuv allocations in lws protocol handlers must participate in the - * lws reference counting scheme. Two apis are provided: - * - * - lws_libuv_static_refcount_add(handle, context) to mark the handle with - * a pointer to the context and increment the global uv object counter - * - * - lws_libuv_static_refcount_del() which should be used as the close callback - * for your own libuv objects declared in the protocol scope. - * - * Using the apis allows lws to detach itself from a libuv loop completely - * cleanly and at the moment all of its libuv objects have completed close. - */ - -LWS_VISIBLE LWS_EXTERN uv_loop_t * -lws_uv_getloop(struct lws_context *context, int tsi); - -LWS_VISIBLE LWS_EXTERN void -lws_libuv_static_refcount_add(uv_handle_t *, struct lws_context *context); - -LWS_VISIBLE LWS_EXTERN void -lws_libuv_static_refcount_del(uv_handle_t *); - -#endif /* LWS_WITH_LIBUV */ - -#if defined(LWS_WITH_ESP32) -#define lws_libuv_static_refcount_add(_a, _b) -#define lws_libuv_static_refcount_del NULL -#endif -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-sha1-base64.h b/thirdparty/libwebsockets/include/libwebsockets/lws-sha1-base64.h deleted file mode 100644 index 5a2bfdbbb0..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-sha1-base64.h +++ /dev/null @@ -1,93 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup sha SHA and B64 helpers - * ##SHA and B64 helpers - * - * These provide SHA-1 and B64 helper apis - */ -///@{ -#ifdef LWS_SHA1_USE_OPENSSL_NAME -#define lws_SHA1 SHA1 -#else -/** - * lws_SHA1(): make a SHA-1 digest of a buffer - * - * \param d: incoming buffer - * \param n: length of incoming buffer - * \param md: buffer for message digest (must be >= 20 bytes) - * - * Reduces any size buffer into a 20-byte SHA-1 hash. - */ -LWS_VISIBLE LWS_EXTERN unsigned char * -lws_SHA1(const unsigned char *d, size_t n, unsigned char *md); -#endif -/** - * lws_b64_encode_string(): encode a string into base 64 - * - * \param in: incoming buffer - * \param in_len: length of incoming buffer - * \param out: result buffer - * \param out_size: length of result buffer - * - * Encodes a string using b64 - */ -LWS_VISIBLE LWS_EXTERN int -lws_b64_encode_string(const char *in, int in_len, char *out, int out_size); -/** - * lws_b64_encode_string_url(): encode a string into base 64 - * - * \param in: incoming buffer - * \param in_len: length of incoming buffer - * \param out: result buffer - * \param out_size: length of result buffer - * - * Encodes a string using b64 with the "URL" variant (+ -> -, and / -> _) - */ -LWS_VISIBLE LWS_EXTERN int -lws_b64_encode_string_url(const char *in, int in_len, char *out, int out_size); -/** - * lws_b64_decode_string(): decode a string from base 64 - * - * \param in: incoming buffer - * \param out: result buffer - * \param out_size: length of result buffer - * - * Decodes a NUL-terminated string using b64 - */ -LWS_VISIBLE LWS_EXTERN int -lws_b64_decode_string(const char *in, char *out, int out_size); -/** - * lws_b64_decode_string_len(): decode a string from base 64 - * - * \param in: incoming buffer - * \param in_len: length of incoming buffer - * \param out: result buffer - * \param out_size: length of result buffer - * - * Decodes a range of chars using b64 - */ -LWS_VISIBLE LWS_EXTERN int -lws_b64_decode_string_len(const char *in, int in_len, char *out, int out_size); -///@} - diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-spa.h b/thirdparty/libwebsockets/include/libwebsockets/lws-spa.h deleted file mode 100644 index fcaf3889f5..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-spa.h +++ /dev/null @@ -1,140 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup form-parsing Form Parsing - * \ingroup http - * ##POSTed form parsing functions - * - * These lws_spa (stateful post arguments) apis let you parse and urldecode - * POSTed form arguments, both using simple urlencoded and multipart transfer - * encoding. - * - * It's capable of handling file uploads as well a named input parsing, - * and the apis are the same for both form upload styles. - * - * You feed it a list of parameter names and it creates pointers to the - * urldecoded arguments: file upload parameters pass the file data in chunks to - * a user-supplied callback as they come. - * - * Since it's stateful, it handles the incoming data needing more than one - * POST_BODY callback and has no limit on uploaded file size. - */ -///@{ - -/** enum lws_spa_fileupload_states */ -enum lws_spa_fileupload_states { - LWS_UFS_CONTENT, - /**< a chunk of file content has arrived */ - LWS_UFS_FINAL_CONTENT, - /**< the last chunk (possibly zero length) of file content has arrived */ - LWS_UFS_OPEN - /**< a new file is starting to arrive */ -}; - -/** - * lws_spa_fileupload_cb() - callback to receive file upload data - * - * \param data: opt_data pointer set in lws_spa_create - * \param name: name of the form field being uploaded - * \param filename: original filename from client - * \param buf: start of data to receive - * \param len: length of data to receive - * \param state: information about how this call relates to file - * - * Notice name and filename shouldn't be trusted, as they are passed from - * HTTP provided by the client. - */ -typedef int (*lws_spa_fileupload_cb)(void *data, const char *name, - const char *filename, char *buf, int len, - enum lws_spa_fileupload_states state); - -/** struct lws_spa - opaque urldecode parser capable of handling multipart - * and file uploads */ -struct lws_spa; - -/** - * lws_spa_create() - create urldecode parser - * - * \param wsi: lws connection (used to find Content Type) - * \param param_names: array of form parameter names, like "username" - * \param count_params: count of param_names - * \param max_storage: total amount of form parameter values we can store - * \param opt_cb: NULL, or callback to receive file upload data. - * \param opt_data: NULL, or user pointer provided to opt_cb. - * - * Creates a urldecode parser and initializes it. - * - * opt_cb can be NULL if you just want normal name=value parsing, however - * if one or more entries in your form are bulk data (file transfer), you - * can provide this callback and filter on the name callback parameter to - * treat that urldecoded data separately. The callback should return -1 - * in case of fatal error, and 0 if OK. - */ -LWS_VISIBLE LWS_EXTERN struct lws_spa * -lws_spa_create(struct lws *wsi, const char * const *param_names, - int count_params, int max_storage, lws_spa_fileupload_cb opt_cb, - void *opt_data); - -/** - * lws_spa_process() - parses a chunk of input data - * - * \param spa: the parser object previously created - * \param in: incoming, urlencoded data - * \param len: count of bytes valid at \param in - */ -LWS_VISIBLE LWS_EXTERN int -lws_spa_process(struct lws_spa *spa, const char *in, int len); - -/** - * lws_spa_finalize() - indicate incoming data completed - * - * \param spa: the parser object previously created - */ -LWS_VISIBLE LWS_EXTERN int -lws_spa_finalize(struct lws_spa *spa); - -/** - * lws_spa_get_length() - return length of parameter value - * - * \param spa: the parser object previously created - * \param n: parameter ordinal to return length of value for - */ -LWS_VISIBLE LWS_EXTERN int -lws_spa_get_length(struct lws_spa *spa, int n); - -/** - * lws_spa_get_string() - return pointer to parameter value - * \param spa: the parser object previously created - * \param n: parameter ordinal to return pointer to value for - */ -LWS_VISIBLE LWS_EXTERN const char * -lws_spa_get_string(struct lws_spa *spa, int n); - -/** - * lws_spa_destroy() - destroy parser object - * - * \param spa: the parser object previously created - */ -LWS_VISIBLE LWS_EXTERN int -lws_spa_destroy(struct lws_spa *spa); -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-stats.h b/thirdparty/libwebsockets/include/libwebsockets/lws-stats.h deleted file mode 100644 index b0031ca3e5..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-stats.h +++ /dev/null @@ -1,75 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/* - * Stats are all uint64_t numbers that start at 0. - * Index names here have the convention - * - * _C_ counter - * _B_ byte count - * _MS_ millisecond count - */ - -enum { - LWSSTATS_C_CONNECTIONS, /**< count incoming connections */ - LWSSTATS_C_API_CLOSE, /**< count calls to close api */ - LWSSTATS_C_API_READ, /**< count calls to read from socket api */ - LWSSTATS_C_API_LWS_WRITE, /**< count calls to lws_write API */ - LWSSTATS_C_API_WRITE, /**< count calls to write API */ - LWSSTATS_C_WRITE_PARTIALS, /**< count of partial writes */ - LWSSTATS_C_WRITEABLE_CB_REQ, /**< count of writable callback requests */ - LWSSTATS_C_WRITEABLE_CB_EFF_REQ, /**< count of effective writable callback requests */ - LWSSTATS_C_WRITEABLE_CB, /**< count of writable callbacks */ - LWSSTATS_C_SSL_CONNECTIONS_FAILED, /**< count of failed SSL connections */ - LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, /**< count of accepted SSL connections */ - LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, /**< count of SSL_accept() attempts */ - LWSSTATS_C_SSL_CONNS_HAD_RX, /**< count of accepted SSL conns that have had some RX */ - LWSSTATS_C_TIMEOUTS, /**< count of timed-out connections */ - LWSSTATS_C_SERVICE_ENTRY, /**< count of entries to lws service loop */ - LWSSTATS_B_READ, /**< aggregate bytes read */ - LWSSTATS_B_WRITE, /**< aggregate bytes written */ - LWSSTATS_B_PARTIALS_ACCEPTED_PARTS, /**< aggreate of size of accepted write data from new partials */ - LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY, /**< aggregate delay in accepting connection */ - LWSSTATS_MS_WRITABLE_DELAY, /**< aggregate delay between asking for writable and getting cb */ - LWSSTATS_MS_WORST_WRITABLE_DELAY, /**< single worst delay between asking for writable and getting cb */ - LWSSTATS_MS_SSL_RX_DELAY, /**< aggregate delay between ssl accept complete and first RX */ - LWSSTATS_C_PEER_LIMIT_AH_DENIED, /**< number of times we would have given an ah but for the peer limit */ - LWSSTATS_C_PEER_LIMIT_WSI_DENIED, /**< number of times we would have given a wsi but for the peer limit */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ - LWSSTATS_SIZE -}; - -#if defined(LWS_WITH_STATS) - -LWS_VISIBLE LWS_EXTERN uint64_t -lws_stats_get(struct lws_context *context, int index); -LWS_VISIBLE LWS_EXTERN void -lws_stats_log_dump(struct lws_context *context); -#else -static LWS_INLINE uint64_t -lws_stats_get(struct lws_context *context, int index) { (void)context; (void)index; return 0; } -static LWS_INLINE void -lws_stats_log_dump(struct lws_context *context) { (void)context; } -#endif diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-threadpool.h b/thirdparty/libwebsockets/include/libwebsockets/lws-threadpool.h deleted file mode 100644 index eb6c6e1a16..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-threadpool.h +++ /dev/null @@ -1,231 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup threadpool Threadpool related functions - * ##Threadpool - * \ingroup lwsapi - * - * This allows you to create one or more pool of threads which can run tasks - * associated with a wsi. If the pool is busy, tasks wait on a queue. - * - * Tasks don't have to be atomic, if they will take more than a few tens of ms - * they should return back to the threadpool worker with a return of 0. This - * will allow them to abort cleanly. - */ -//@{ - -struct lws_threadpool; -struct lws_threadpool_task; - -enum lws_threadpool_task_status { - LWS_TP_STATUS_QUEUED, - LWS_TP_STATUS_RUNNING, - LWS_TP_STATUS_SYNCING, - LWS_TP_STATUS_STOPPING, - LWS_TP_STATUS_FINISHED, /* lws_threadpool_task_status() frees task */ - LWS_TP_STATUS_STOPPED, /* lws_threadpool_task_status() frees task */ -}; - -enum lws_threadpool_task_return { - /** Still work to do, just confirming not being stopped */ - LWS_TP_RETURN_CHECKING_IN, - /** Still work to do, enter cond_wait until service thread syncs. This - * is used if you have filled your buffer(s) of data to the service - * thread and are blocked until the service thread completes sending at - * least one. - */ - LWS_TP_RETURN_SYNC, - /** No more work to do... */ - LWS_TP_RETURN_FINISHED, - /** Responding to request to stop */ - LWS_TP_RETURN_STOPPED, - - /* OR on to indicate this task wishes to outlive its wsi */ - LWS_TP_RETURN_FLAG_OUTLIVE = 64 -}; - -struct lws_threadpool_create_args { - int threads; - int max_queue_depth; -}; - -struct lws_threadpool_task_args { - struct lws *wsi; /**< user must set to wsi task is bound to */ - void *user; /**< user may set (user-private pointer) */ - const char *name; /**< user may set to describe task */ - char async_task; /**< set to allow the task to shrug off the loss - of the associated wsi and continue to - completion */ - enum lws_threadpool_task_return (*task)(void *user, - enum lws_threadpool_task_status s); - /**< user must set to actual task function */ - void (*cleanup)(struct lws *wsi, void *user); - /**< socket lifecycle may end while task is not stoppable, so the task - * must be able to detach from any wsi and clean itself up when it does - * stop. If NULL, no cleanup necessary, otherwise point to a user- - * supplied function that destroys the stuff in \p user. - * - * wsi may be NULL on entry, indicating the task got detached due to the - * wsi closing before. - */ -}; - -/** - * lws_threadpool_create() - create a pool of worker threads - * - * \param context: the lws_context the threadpool will exist inside - * \param args: argument struct prepared by caller - * \param format: printf-type format for the task name - * \param ...: printf type args for the task name format - * - * Creates a pool of worker threads with \p threads and a queue of up to - * \p max_queue_depth waiting tasks if all the threads are busy. - * - * Returns NULL if OOM, or a struct lws_threadpool pointer that must be - * destroyed by lws_threadpool_destroy(). - */ -LWS_VISIBLE LWS_EXTERN struct lws_threadpool * -lws_threadpool_create(struct lws_context *context, - const struct lws_threadpool_create_args *args, - const char *format, ...) LWS_FORMAT(3); - -/** - * lws_threadpool_finish() - Stop all pending and running tasks - * - * \param tp: the threadpool object - * - * Marks the threadpool as under destruction. Removes everything from the - * pending queue and completes those tasks as LWS_TP_STATUS_STOPPED. - * - * Running tasks will also get LWS_TP_STATUS_STOPPED as soon as they - * "resurface". - * - * This doesn't reap tasks or free the threadpool, the reaping is done by the - * lws_threadpool_task_status() on the done task. - */ -LWS_VISIBLE LWS_EXTERN void -lws_threadpool_finish(struct lws_threadpool *tp); - -/** - * lws_threadpool_destroy() - Destroy a threadpool - * - * \param tp: the threadpool object - * - * Waits for all worker threads to stop, ends the threads and frees the tp. - */ -LWS_VISIBLE LWS_EXTERN void -lws_threadpool_destroy(struct lws_threadpool *tp); - -/** - * lws_threadpool_enqueue() - Queue the task and run it on a worker thread when possible - * - * \param tp: the threadpool to queue / run on - * \param args: information about what to run - * \param format: printf-type format for the task name - * \param ...: printf type args for the task name format - * - * This asks for a task to run ASAP on a worker thread in threadpool \p tp. - * - * The args defines the wsi, a user-private pointer, a timeout in secs and - * a pointer to the task function. - * - * Returns NULL or an opaque pointer to the queued (or running, or completed) - * task. - * - * Once a task is created and enqueued, it can only be destroyed by calling - * lws_threadpool_task_status() on it after it has reached the state - * LWS_TP_STATUS_FINISHED or LWS_TP_STATUS_STOPPED. - */ -LWS_VISIBLE LWS_EXTERN struct lws_threadpool_task * -lws_threadpool_enqueue(struct lws_threadpool *tp, - const struct lws_threadpool_task_args *args, - const char *format, ...) LWS_FORMAT(3); - -/** - * lws_threadpool_dequeue() - Dequeue or try to stop a running task - * - * \param wsi: the wsi whose current task we want to eliminate - * - * Returns 0 is the task was dequeued or already compeleted, or 1 if the task - * has been asked to stop asynchronously. - * - * This doesn't free the task. It only shortcuts it to state - * LWS_TP_STATUS_STOPPED. lws_threadpool_task_status() must be performed on - * the task separately once it is in LWS_TP_STATUS_STOPPED to free the task. - */ -LWS_VISIBLE LWS_EXTERN int -lws_threadpool_dequeue(struct lws *wsi); - -/** - * lws_threadpool_task_status() - Dequeue or try to stop a running task - * - * \param wsi: the wsi to query the current task of - * \param task: receives a pointer to the opaque task - * \param user: receives a void * pointer to the task user data - * - * This is the equivalent of posix waitpid()... it returns the status of the - * task, and if the task is in state LWS_TP_STATUS_FINISHED or - * LWS_TP_STATUS_STOPPED, frees \p task. If in another state, the task - * continues to exist. - * - * This is designed to be called from the service thread. - * - * Its use is to make sure the service thread has seen the state of the task - * before deleting it. - */ -LWS_VISIBLE LWS_EXTERN enum lws_threadpool_task_status -lws_threadpool_task_status_wsi(struct lws *wsi, - struct lws_threadpool_task **task, void **user); - -/** - * lws_threadpool_task_sync() - Indicate to a stalled task it may continue - * - * \param task: the task to unblock - * \param stop: 0 = run after unblock, 1 = when he unblocks, stop him - * - * Inform the task that the service thread has finished with the shared data - * and that the task, if blocked in LWS_TP_RETURN_SYNC, may continue. - * - * If the lws service context determined that the task must be aborted, it - * should still call this but with stop = 1, causing the task to finish. - */ -LWS_VISIBLE LWS_EXTERN void -lws_threadpool_task_sync(struct lws_threadpool_task *task, int stop); - -/** - * lws_threadpool_dump() - dump the state of a threadpool to the log - * - * \param tp: The threadpool to dump - * - * This locks the threadpool and then dumps the pending queue, the worker - * threads and the done queue, together with time information for how long - * the tasks have been in their current state, how long they have occupied a - * thread, etc. - * - * This only does anything on lws builds with CMAKE_BUILD_TYPE=DEBUG, otherwise - * while it still exists, it's a NOP. - */ - -LWS_VISIBLE LWS_EXTERN void -lws_threadpool_dump(struct lws_threadpool *tp); -//@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-timeout-timer.h b/thirdparty/libwebsockets/include/libwebsockets/lws-timeout-timer.h deleted file mode 100644 index e715ba15a3..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-timeout-timer.h +++ /dev/null @@ -1,164 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup timeout Connection timeouts - - APIs related to setting connection timeouts -*/ -//@{ - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -enum pending_timeout { - NO_PENDING_TIMEOUT = 0, - PENDING_TIMEOUT_AWAITING_PROXY_RESPONSE = 1, - PENDING_TIMEOUT_AWAITING_CONNECT_RESPONSE = 2, - PENDING_TIMEOUT_ESTABLISH_WITH_SERVER = 3, - PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE = 4, - PENDING_TIMEOUT_AWAITING_PING = 5, - PENDING_TIMEOUT_CLOSE_ACK = 6, - PENDING_TIMEOUT_UNUSED1 = 7, - PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE = 8, - PENDING_TIMEOUT_SSL_ACCEPT = 9, - PENDING_TIMEOUT_HTTP_CONTENT = 10, - PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND = 11, - PENDING_FLUSH_STORED_SEND_BEFORE_CLOSE = 12, - PENDING_TIMEOUT_SHUTDOWN_FLUSH = 13, - PENDING_TIMEOUT_CGI = 14, - PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE = 15, - PENDING_TIMEOUT_WS_PONG_CHECK_SEND_PING = 16, - PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG = 17, - PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD = 18, - PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY = 19, - PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY = 20, - PENDING_TIMEOUT_AWAITING_SOCKS_AUTH_REPLY = 21, - PENDING_TIMEOUT_KILLED_BY_SSL_INFO = 22, - PENDING_TIMEOUT_KILLED_BY_PARENT = 23, - PENDING_TIMEOUT_CLOSE_SEND = 24, - PENDING_TIMEOUT_HOLDING_AH = 25, - PENDING_TIMEOUT_UDP_IDLE = 26, - PENDING_TIMEOUT_CLIENT_CONN_IDLE = 27, - PENDING_TIMEOUT_LAGGING = 28, - PENDING_TIMEOUT_THREADPOOL = 29, - PENDING_TIMEOUT_THREADPOOL_TASK = 30, - PENDING_TIMEOUT_KILLED_BY_PROXY_CLIENT_CLOSE = 31, - - /****** add new things just above ---^ ******/ - - PENDING_TIMEOUT_USER_REASON_BASE = 1000 -}; - -/** - * lws_time_in_microseconds() - Returns the unix time in microseconds - */ -LWS_VISIBLE LWS_EXTERN uint64_t -lws_time_in_microseconds(void); - -#define LWS_TO_KILL_ASYNC -1 -/**< If LWS_TO_KILL_ASYNC is given as the timeout sec in a lws_set_timeout() - * call, then the connection is marked to be killed at the next timeout - * check. This is how you should force-close the wsi being serviced if - * you are doing it outside the callback (where you should close by nonzero - * return). - */ -#define LWS_TO_KILL_SYNC -2 -/**< If LWS_TO_KILL_SYNC is given as the timeout sec in a lws_set_timeout() - * call, then the connection is closed before returning (which may delete - * the wsi). This should only be used where the wsi being closed is not the - * wsi currently being serviced. - */ -/** - * lws_set_timeout() - marks the wsi as subject to a timeout - * - * You will not need this unless you are doing something special - * - * \param wsi: Websocket connection instance - * \param reason: timeout reason - * \param secs: how many seconds. You may set to LWS_TO_KILL_ASYNC to - * force the connection to timeout at the next opportunity, or - * LWS_TO_KILL_SYNC to close it synchronously if you know the - * wsi is not the one currently being serviced. - */ -LWS_VISIBLE LWS_EXTERN void -lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs); - -#define LWS_SET_TIMER_USEC_CANCEL ((lws_usec_t)-1ll) -#define LWS_USEC_PER_SEC (1000000ll) - -/** - * lws_set_timer_usecs() - schedules a callback on the wsi in the future - * - * \param wsi: Websocket connection instance - * \param usecs: LWS_SET_TIMER_USEC_CANCEL removes any existing scheduled - * callback, otherwise number of microseconds in the future - * the callback will occur at. - * - * NOTE: event loop support for this: - * - * default poll() loop: yes - * libuv event loop: yes - * libev: not implemented (patch welcome) - * libevent: not implemented (patch welcome) - * - * After the deadline expires, the wsi will get a callback of type - * LWS_CALLBACK_TIMER and the timer is exhausted. The deadline may be - * continuously deferred by further calls to lws_set_timer_usecs() with a later - * deadline, or cancelled by lws_set_timer_usecs(wsi, -1). - * - * If the timer should repeat, lws_set_timer_usecs() must be called again from - * LWS_CALLBACK_TIMER. - * - * Accuracy depends on the platform and the load on the event loop or system... - * all that's guaranteed is the callback will come after the requested wait - * period. - */ -LWS_VISIBLE LWS_EXTERN void -lws_set_timer_usecs(struct lws *wsi, lws_usec_t usecs); - -/* - * lws_timed_callback_vh_protocol() - calls back a protocol on a vhost after - * the specified delay - * - * \param vh: the vhost to call back - * \param protocol: the protocol to call back - * \param reason: callback reason - * \param secs: how many seconds in the future to do the callback. Set to - * -1 to cancel the timer callback. - * - * Callback the specified protocol with a fake wsi pointing to the specified - * vhost and protocol, with the specified reason, at the specified time in the - * future. - * - * Returns 0 if OK. - * - * In the multithreaded service case, the callback will occur in the same - * service thread context as the call to this api that requested it. If it is - * called from a non-service thread, tsi 0 will handle it. - */ -LWS_VISIBLE LWS_EXTERN int -lws_timed_callback_vh_protocol(struct lws_vhost *vh, - const struct lws_protocols *prot, - int reason, int secs); -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-tokenize.h b/thirdparty/libwebsockets/include/libwebsockets/lws-tokenize.h deleted file mode 100644 index 26a57dfbaf..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-tokenize.h +++ /dev/null @@ -1,136 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/* Do not treat - as a terminal character, so "my-token" is one token */ -#define LWS_TOKENIZE_F_MINUS_NONTERM (1 << 0) -/* Separately report aggregate colon-delimited tokens */ -#define LWS_TOKENIZE_F_AGG_COLON (1 << 1) -/* Enforce sequencing for a simple token , token , token ... list */ -#define LWS_TOKENIZE_F_COMMA_SEP_LIST (1 << 2) -/* Allow more characters in the tokens and less delimiters... default is - * only alphanumeric + underscore in tokens */ -#define LWS_TOKENIZE_F_RFC7230_DELIMS (1 << 3) -/* Do not treat . as a terminal character, so "warmcat.com" is one token */ -#define LWS_TOKENIZE_F_DOT_NONTERM (1 << 4) -/* If something starts looking like a float, like 1.2, force to be string token. - * This lets you receive dotted-quads like 192.168.0.1 as string tokens, and - * avoids illegal float format detection like 1.myserver.com */ -#define LWS_TOKENIZE_F_NO_FLOATS (1 << 5) - -typedef enum { - - LWS_TOKZE_ERRS = 5, /* the number of errors defined */ - - LWS_TOKZE_ERR_BROKEN_UTF8 = -5, /* malformed or partial utf8 */ - LWS_TOKZE_ERR_UNTERM_STRING = -4, /* ended while we were in "" */ - LWS_TOKZE_ERR_MALFORMED_FLOAT = -3, /* like 0..1 or 0.1.1 */ - LWS_TOKZE_ERR_NUM_ON_LHS = -2, /* like 123= or 0.1= */ - LWS_TOKZE_ERR_COMMA_LIST = -1, /* like ",tok", or, "tok,," */ - - LWS_TOKZE_ENDED = 0, /* no more content */ - - /* Note: results have ordinal 1+, EOT is 0 and errors are < 0 */ - - LWS_TOKZE_DELIMITER, /* a delimiter appeared */ - LWS_TOKZE_TOKEN, /* a token appeared */ - LWS_TOKZE_INTEGER, /* an integer appeared */ - LWS_TOKZE_FLOAT, /* a float appeared */ - LWS_TOKZE_TOKEN_NAME_EQUALS, /* token [whitespace] = */ - LWS_TOKZE_TOKEN_NAME_COLON, /* token [whitespace] : (only with - LWS_TOKENIZE_F_AGG_COLON flag) */ - LWS_TOKZE_QUOTED_STRING, /* "*", where * may have any char */ - -} lws_tokenize_elem; - -/* - * helper enums to allow caller to enforce legal delimiter sequencing, eg - * disallow "token,,token", "token,", and ",token" - */ - -enum lws_tokenize_delimiter_tracking { - LWSTZ_DT_NEED_FIRST_CONTENT, - LWSTZ_DT_NEED_DELIM, - LWSTZ_DT_NEED_NEXT_CONTENT, -}; - -struct lws_tokenize { - const char *start; /**< set to the start of the string to tokenize */ - const char *token; /**< the start of an identified token or delimiter */ - int len; /**< set to the length of the string to tokenize */ - int token_len; /**< the length of the identied token or delimiter */ - - int flags; /**< optional LWS_TOKENIZE_F_ flags, or 0 */ - int delim; -}; - -/** - * lws_tokenize() - breaks down a string into tokens and delimiters in-place - * - * \param ts: the lws_tokenize struct to init - * \param start: the string to tokenize - * \param flags: LWS_TOKENIZE_F_ option flags - * - * This initializes the tokenize struct to point to the given string, and - * sets the length to 2GiB - 1 (so there must be a terminating NUL)... you can - * override this requirement by setting ts.len yourself before using it. - * - * .delim is also initialized to LWSTZ_DT_NEED_FIRST_CONTENT. - */ - -LWS_VISIBLE LWS_EXTERN void -lws_tokenize_init(struct lws_tokenize *ts, const char *start, int flags); - -/** - * lws_tokenize() - breaks down a string into tokens and delimiters in-place - * - * \param ts: the lws_tokenize struct with information and state on what to do - * - * The \p ts struct should have its start, len and flags members initialized to - * reflect the string to be tokenized and any options. - * - * Then `lws_tokenize()` may be called repeatedly on the struct, returning one - * of `lws_tokenize_elem` each time, and with the struct's `token` and - * `token_len` members set to describe the content of the delimiter or token - * payload each time. - * - * There are no allocations during the process. - * - * returns lws_tokenize_elem that was identified (LWS_TOKZE_ENDED means reached - * the end of the string). - */ - -LWS_VISIBLE LWS_EXTERN lws_tokenize_elem -lws_tokenize(struct lws_tokenize *ts); - -/** - * lws_tokenize_cstr() - copy token string to NUL-terminated buffer - * - * \param ts: pointer to lws_tokenize struct to operate on - * \param str: destination buffer - * \pparam max: bytes in destination buffer - * - * returns 0 if OK or nonzero if the string + NUL won't fit. - */ - -LWS_VISIBLE LWS_EXTERN int -lws_tokenize_cstr(struct lws_tokenize *ts, char *str, int max); diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-vfs.h b/thirdparty/libwebsockets/include/libwebsockets/lws-vfs.h deleted file mode 100644 index 00e2fda5d3..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-vfs.h +++ /dev/null @@ -1,269 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup fops file operation wrapping - * - * ##File operation wrapping - * - * Use these helper functions if you want to access a file from the perspective - * of a specific wsi, which is usually the case. If you just want contextless - * file access, use the fops callbacks directly with NULL wsi instead of these - * helpers. - * - * If so, then it calls the platform handler or user overrides where present - * (as defined in info->fops) - * - * The advantage from all this is user code can be portable for file operations - * without having to deal with differences between platforms. - */ -//@{ - -/** struct lws_plat_file_ops - Platform-specific file operations - * - * These provide platform-agnostic ways to deal with filesystem access in the - * library and in the user code. - */ - -#if defined(LWS_WITH_ESP32) -/* sdk preprocessor defs? compiler issue? gets confused with member names */ -#define LWS_FOP_OPEN _open -#define LWS_FOP_CLOSE _close -#define LWS_FOP_SEEK_CUR _seek_cur -#define LWS_FOP_READ _read -#define LWS_FOP_WRITE _write -#else -#define LWS_FOP_OPEN open -#define LWS_FOP_CLOSE close -#define LWS_FOP_SEEK_CUR seek_cur -#define LWS_FOP_READ read -#define LWS_FOP_WRITE write -#endif - -#define LWS_FOP_FLAGS_MASK ((1 << 23) - 1) -#define LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP (1 << 24) -#define LWS_FOP_FLAG_COMPR_IS_GZIP (1 << 25) -#define LWS_FOP_FLAG_MOD_TIME_VALID (1 << 26) -#define LWS_FOP_FLAG_VIRTUAL (1 << 27) - -struct lws_plat_file_ops; - -struct lws_fop_fd { - lws_filefd_type fd; - /**< real file descriptor related to the file... */ - const struct lws_plat_file_ops *fops; - /**< fops that apply to this fop_fd */ - void *filesystem_priv; - /**< ignored by lws; owned by the fops handlers */ - lws_filepos_t pos; - /**< generic "position in file" */ - lws_filepos_t len; - /**< generic "length of file" */ - lws_fop_flags_t flags; - /**< copy of the returned flags */ - uint32_t mod_time; - /**< optional "modification time of file", only valid if .open() - * set the LWS_FOP_FLAG_MOD_TIME_VALID flag */ -}; -typedef struct lws_fop_fd *lws_fop_fd_t; - -struct lws_fops_index { - const char *sig; /* NULL or vfs signature, eg, ".zip/" */ - uint8_t len; /* length of above string */ -}; - -struct lws_plat_file_ops { - lws_fop_fd_t (*LWS_FOP_OPEN)(const struct lws_plat_file_ops *fops, - const char *filename, const char *vpath, - lws_fop_flags_t *flags); - /**< Open file (always binary access if plat supports it) - * vpath may be NULL, or if the fops understands it, the point at which - * the filename's virtual part starts. - * *flags & LWS_FOP_FLAGS_MASK should be set to O_RDONLY or O_RDWR. - * If the file may be gzip-compressed, - * LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP is set. If it actually is - * gzip-compressed, then the open handler should OR - * LWS_FOP_FLAG_COMPR_IS_GZIP on to *flags before returning. - */ - int (*LWS_FOP_CLOSE)(lws_fop_fd_t *fop_fd); - /**< close file AND set the pointer to NULL */ - lws_fileofs_t (*LWS_FOP_SEEK_CUR)(lws_fop_fd_t fop_fd, - lws_fileofs_t offset_from_cur_pos); - /**< seek from current position */ - int (*LWS_FOP_READ)(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len); - /**< Read from file, on exit *amount is set to amount actually read */ - int (*LWS_FOP_WRITE)(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len); - /**< Write to file, on exit *amount is set to amount actually written */ - - struct lws_fops_index fi[3]; - /**< vfs path signatures implying use of this fops */ - - const struct lws_plat_file_ops *next; - /**< NULL or next fops in list */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ -}; - -/** - * lws_get_fops() - get current file ops - * - * \param context: context - */ -LWS_VISIBLE LWS_EXTERN struct lws_plat_file_ops * LWS_WARN_UNUSED_RESULT -lws_get_fops(struct lws_context *context); -LWS_VISIBLE LWS_EXTERN void -lws_set_fops(struct lws_context *context, const struct lws_plat_file_ops *fops); -/** - * lws_vfs_tell() - get current file position - * - * \param fop_fd: fop_fd we are asking about - */ -LWS_VISIBLE LWS_EXTERN lws_filepos_t LWS_WARN_UNUSED_RESULT -lws_vfs_tell(lws_fop_fd_t fop_fd); -/** - * lws_vfs_get_length() - get current file total length in bytes - * - * \param fop_fd: fop_fd we are asking about - */ -LWS_VISIBLE LWS_EXTERN lws_filepos_t LWS_WARN_UNUSED_RESULT -lws_vfs_get_length(lws_fop_fd_t fop_fd); -/** - * lws_vfs_get_mod_time() - get time file last modified - * - * \param fop_fd: fop_fd we are asking about - */ -LWS_VISIBLE LWS_EXTERN uint32_t LWS_WARN_UNUSED_RESULT -lws_vfs_get_mod_time(lws_fop_fd_t fop_fd); -/** - * lws_vfs_file_seek_set() - seek relative to start of file - * - * \param fop_fd: fop_fd we are seeking in - * \param offset: offset from start of file - */ -LWS_VISIBLE LWS_EXTERN lws_fileofs_t -lws_vfs_file_seek_set(lws_fop_fd_t fop_fd, lws_fileofs_t offset); -/** - * lws_vfs_file_seek_end() - seek relative to end of file - * - * \param fop_fd: fop_fd we are seeking in - * \param offset: offset from start of file - */ -LWS_VISIBLE LWS_EXTERN lws_fileofs_t -lws_vfs_file_seek_end(lws_fop_fd_t fop_fd, lws_fileofs_t offset); - -extern struct lws_plat_file_ops fops_zip; - -/** - * lws_plat_file_open() - open vfs filepath - * - * \param fops: file ops struct that applies to this descriptor - * \param vfs_path: filename to open - * \param flags: pointer to open flags - * - * The vfs_path is scanned for known fops signatures, and the open directed - * to any matching fops open. - * - * User code should use this api to perform vfs opens. - * - * returns semi-opaque handle - */ -LWS_VISIBLE LWS_EXTERN lws_fop_fd_t LWS_WARN_UNUSED_RESULT -lws_vfs_file_open(const struct lws_plat_file_ops *fops, const char *vfs_path, - lws_fop_flags_t *flags); - -/** - * lws_plat_file_close() - close file - * - * \param fop_fd: file handle to close - */ -static LWS_INLINE int -lws_vfs_file_close(lws_fop_fd_t *fop_fd) -{ - return (*fop_fd)->fops->LWS_FOP_CLOSE(fop_fd); -} - -/** - * lws_plat_file_seek_cur() - close file - * - * - * \param fop_fd: file handle - * \param offset: position to seek to - */ -static LWS_INLINE lws_fileofs_t -lws_vfs_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) -{ - return fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, offset); -} -/** - * lws_plat_file_read() - read from file - * - * \param fop_fd: file handle - * \param amount: how much to read (rewritten by call) - * \param buf: buffer to write to - * \param len: max length - */ -static LWS_INLINE int LWS_WARN_UNUSED_RESULT -lws_vfs_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len) -{ - return fop_fd->fops->LWS_FOP_READ(fop_fd, amount, buf, len); -} -/** - * lws_plat_file_write() - write from file - * - * \param fop_fd: file handle - * \param amount: how much to write (rewritten by call) - * \param buf: buffer to read from - * \param len: max length - */ -static LWS_INLINE int LWS_WARN_UNUSED_RESULT -lws_vfs_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len) -{ - return fop_fd->fops->LWS_FOP_WRITE(fop_fd, amount, buf, len); -} - -/* these are the platform file operations implementations... they can - * be called directly and used in fops arrays - */ - -LWS_VISIBLE LWS_EXTERN lws_fop_fd_t -_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, - const char *vpath, lws_fop_flags_t *flags); -LWS_VISIBLE LWS_EXTERN int -_lws_plat_file_close(lws_fop_fd_t *fop_fd); -LWS_VISIBLE LWS_EXTERN lws_fileofs_t -_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset); -LWS_VISIBLE LWS_EXTERN int -_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len); -LWS_VISIBLE LWS_EXTERN int -_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len); - -LWS_VISIBLE LWS_EXTERN int -lws_alloc_vfs_file(struct lws_context *context, const char *filename, - uint8_t **buf, lws_filepos_t *amount); -//@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-write.h b/thirdparty/libwebsockets/include/libwebsockets/lws-write.h deleted file mode 100644 index b73e51c789..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-write.h +++ /dev/null @@ -1,235 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup sending-data Sending data - - APIs related to writing data on a connection -*/ -//@{ -#if !defined(LWS_SIZEOFPTR) -#define LWS_SIZEOFPTR ((int)sizeof (void *)) -#endif - -#if defined(__x86_64__) -#define _LWS_PAD_SIZE 16 /* Intel recommended for best performance */ -#else -#define _LWS_PAD_SIZE LWS_SIZEOFPTR /* Size of a pointer on the target arch */ -#endif -#define _LWS_PAD(n) (((n) % _LWS_PAD_SIZE) ? \ - ((n) + (_LWS_PAD_SIZE - ((n) % _LWS_PAD_SIZE))) : (n)) -/* last 2 is for lws-meta */ -#define LWS_PRE _LWS_PAD(4 + 10 + 2) -/* used prior to 1.7 and retained for backward compatibility */ -#define LWS_SEND_BUFFER_PRE_PADDING LWS_PRE -#define LWS_SEND_BUFFER_POST_PADDING 0 - -#define LWS_WRITE_RAW LWS_WRITE_HTTP - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -enum lws_write_protocol { - LWS_WRITE_TEXT = 0, - /**< Send a ws TEXT message,the pointer must have LWS_PRE valid - * memory behind it. - * - * The receiver expects only valid utf-8 in the payload */ - LWS_WRITE_BINARY = 1, - /**< Send a ws BINARY message, the pointer must have LWS_PRE valid - * memory behind it. - * - * Any sequence of bytes is valid */ - LWS_WRITE_CONTINUATION = 2, - /**< Continue a previous ws message, the pointer must have LWS_PRE valid - * memory behind it */ - LWS_WRITE_HTTP = 3, - /**< Send HTTP content */ - - /* LWS_WRITE_CLOSE is handled by lws_close_reason() */ - LWS_WRITE_PING = 5, - LWS_WRITE_PONG = 6, - - /* Same as write_http but we know this write ends the transaction */ - LWS_WRITE_HTTP_FINAL = 7, - - /* HTTP2 */ - - LWS_WRITE_HTTP_HEADERS = 8, - /**< Send http headers (http2 encodes this payload and LWS_WRITE_HTTP - * payload differently, http 1.x links also handle this correctly. so - * to be compatible with both in the future,header response part should - * be sent using this regardless of http version expected) - */ - LWS_WRITE_HTTP_HEADERS_CONTINUATION = 9, - /**< Continuation of http/2 headers - */ - - /****** add new things just above ---^ ******/ - - /* flags */ - - LWS_WRITE_BUFLIST = 0x20, - /**< Don't actually write it... stick it on the output buflist and - * write it as soon as possible. Useful if you learn you have to - * write something, have the data to write to hand but the timing is - * unrelated as to whether the connection is writable or not, and were - * otherwise going to have to allocate a temp buffer and write it - * later anyway */ - - LWS_WRITE_NO_FIN = 0x40, - /**< This part of the message is not the end of the message */ - - LWS_WRITE_H2_STREAM_END = 0x80, - /**< Flag indicates this packet should go out with STREAM_END if h2 - * STREAM_END is allowed on DATA or HEADERS. - */ - - LWS_WRITE_CLIENT_IGNORE_XOR_MASK = 0x80 - /**< client packet payload goes out on wire unmunged - * only useful for security tests since normal servers cannot - * decode the content if used */ -}; - -/* used with LWS_CALLBACK_CHILD_WRITE_VIA_PARENT */ - -struct lws_write_passthru { - struct lws *wsi; - unsigned char *buf; - size_t len; - enum lws_write_protocol wp; -}; - - -/** - * lws_write() - Apply protocol then write data to client - * \param wsi: Websocket instance (available from user callback) - * \param buf: The data to send. For data being sent on a websocket - * connection (ie, not default http), this buffer MUST have - * LWS_PRE bytes valid BEFORE the pointer. - * This is so the protocol header data can be added in-situ. - * \param len: Count of the data bytes in the payload starting from buf - * \param protocol: Use LWS_WRITE_HTTP to reply to an http connection, and one - * of LWS_WRITE_BINARY or LWS_WRITE_TEXT to send appropriate - * data on a websockets connection. Remember to allow the extra - * bytes before and after buf if LWS_WRITE_BINARY or LWS_WRITE_TEXT - * are used. - * - * This function provides the way to issue data back to the client - * for both http and websocket protocols. - * - * IMPORTANT NOTICE! - * - * When sending with websocket protocol - * - * LWS_WRITE_TEXT, - * LWS_WRITE_BINARY, - * LWS_WRITE_CONTINUATION, - * LWS_WRITE_PING, - * LWS_WRITE_PONG, - * - * or sending on http/2, - * - * the send buffer has to have LWS_PRE bytes valid BEFORE the buffer pointer you - * pass to lws_write(). Since you'll probably want to use http/2 before too - * long, it's wise to just always do this with lws_write buffers... LWS_PRE is - * typically 16 bytes it's not going to hurt usually. - * - * start of alloc ptr passed to lws_write end of allocation - * | | | - * v <-- LWS_PRE bytes --> v v - * [---------------- allocated memory ---------------] - * (for lws use) [====== user buffer ======] - * - * This allows us to add protocol info before and after the data, and send as - * one packet on the network without payload copying, for maximum efficiency. - * - * So for example you need this kind of code to use lws_write with a - * 128-byte payload - * - * char buf[LWS_PRE + 128]; - * - * // fill your part of the buffer... for example here it's all zeros - * memset(&buf[LWS_PRE], 0, 128); - * - * lws_write(wsi, &buf[LWS_PRE], 128, LWS_WRITE_TEXT); - * - * LWS_PRE is at least the frame nonce + 2 header + 8 length - * LWS_SEND_BUFFER_POST_PADDING is deprecated, it's now 0 and can be left off. - * The example apps no longer use it. - * - * Pad LWS_PRE to the CPU word size, so that word references - * to the address immediately after the padding won't cause an unaligned access - * error. Sometimes for performance reasons the recommended padding is even - * larger than sizeof(void *). - * - * In the case of sending using websocket protocol, be sure to allocate - * valid storage before and after buf as explained above. This scheme - * allows maximum efficiency of sending data and protocol in a single - * packet while not burdening the user code with any protocol knowledge. - * - * Return may be -1 for a fatal error needing connection close, or the - * number of bytes sent. - * - * Truncated Writes - * ================ - * - * The OS may not accept everything you asked to write on the connection. - * - * Posix defines POLLOUT indication from poll() to show that the connection - * will accept more write data, but it doesn't specifiy how much. It may just - * accept one byte of whatever you wanted to send. - * - * LWS will buffer the remainder automatically, and send it out autonomously. - * - * During that time, WRITABLE callbacks will be suppressed. - * - * This is to handle corner cases where unexpectedly the OS refuses what we - * usually expect it to accept. You should try to send in chunks that are - * almost always accepted in order to avoid the inefficiency of the buffering. - */ -LWS_VISIBLE LWS_EXTERN int -lws_write(struct lws *wsi, unsigned char *buf, size_t len, - enum lws_write_protocol protocol); - -/* helper for case where buffer may be const */ -#define lws_write_http(wsi, buf, len) \ - lws_write(wsi, (unsigned char *)(buf), len, LWS_WRITE_HTTP) - -/* helper for multi-frame ws message flags */ -static LWS_INLINE int -lws_write_ws_flags(int initial, int is_start, int is_end) -{ - int r; - - if (is_start) - r = initial; - else - r = LWS_WRITE_CONTINUATION; - - if (!is_end) - r |= LWS_WRITE_NO_FIN; - - return r; -} -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-writeable.h b/thirdparty/libwebsockets/include/libwebsockets/lws-writeable.h deleted file mode 100644 index dd5659c3f0..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-writeable.h +++ /dev/null @@ -1,225 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup callback-when-writeable Callback when writeable - * - * ##Callback When Writeable - * - * lws can only write data on a connection when it is able to accept more - * data without blocking. - * - * So a basic requirement is we should only use the lws_write() apis when the - * connection we want to write on says that he can accept more data. - * - * When lws cannot complete your send at the time, it will buffer the data - * and send it in the background, suppressing any further WRITEABLE callbacks - * on that connection until it completes. So it is important to write new - * things in a new writeable callback. - * - * These apis reflect the various ways we can indicate we would like to be - * called back when one or more connections is writeable. - */ -///@{ - -/** - * lws_callback_on_writable() - Request a callback when this socket - * becomes able to be written to without - * blocking - * - * \param wsi: Websocket connection instance to get callback for - * - * - Which: only this wsi - * - When: when the individual connection becomes writeable - * - What: LWS_CALLBACK_*_WRITEABLE - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_on_writable(struct lws *wsi); - -/** - * lws_callback_on_writable_all_protocol() - Request a callback for all - * connections using the given protocol when it - * becomes possible to write to each socket without - * blocking in turn. - * - * \param context: lws_context - * \param protocol: Protocol whose connections will get callbacks - * - * - Which: connections using this protocol on ANY VHOST - * - When: when the individual connection becomes writeable - * - What: LWS_CALLBACK_*_WRITEABLE - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_on_writable_all_protocol(const struct lws_context *context, - const struct lws_protocols *protocol); - -/** - * lws_callback_on_writable_all_protocol_vhost() - Request a callback for - * all connections on same vhost using the given protocol - * when it becomes possible to write to each socket without - * blocking in turn. - * - * \param vhost: Only consider connections on this lws_vhost - * \param protocol: Protocol whose connections will get callbacks - * - * - Which: connections using this protocol on GIVEN VHOST ONLY - * - When: when the individual connection becomes writeable - * - What: LWS_CALLBACK_*_WRITEABLE - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_on_writable_all_protocol_vhost(const struct lws_vhost *vhost, - const struct lws_protocols *protocol); - -/** - * lws_callback_all_protocol() - Callback all connections using - * the given protocol with the given reason - * - * \param context: lws_context - * \param protocol: Protocol whose connections will get callbacks - * \param reason: Callback reason index - * - * - Which: connections using this protocol on ALL VHOSTS - * - When: before returning - * - What: reason - * - * This isn't normally what you want... normally any update of connection- - * specific information can wait until a network-related callback like rx, - * writable, or close. - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_all_protocol(struct lws_context *context, - const struct lws_protocols *protocol, int reason); - -/** - * lws_callback_all_protocol_vhost() - Callback all connections using - * the given protocol with the given reason. This is - * deprecated since v2.4: use lws_callback_all_protocol_vhost_args - * - * \param vh: Vhost whose connections will get callbacks - * \param protocol: Which protocol to match. NULL means all. - * \param reason: Callback reason index - * - * - Which: connections using this protocol on GIVEN VHOST ONLY - * - When: now - * - What: reason - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_all_protocol_vhost(struct lws_vhost *vh, - const struct lws_protocols *protocol, - int reason) -LWS_WARN_DEPRECATED; - -/** - * lws_callback_all_protocol_vhost_args() - Callback all connections using - * the given protocol with the given reason and args - * - * \param vh: Vhost whose connections will get callbacks - * \param protocol: Which protocol to match. NULL means all. - * \param reason: Callback reason index - * \param argp: Callback "in" parameter - * \param len: Callback "len" parameter - * - * - Which: connections using this protocol on GIVEN VHOST ONLY - * - When: now - * - What: reason - */ -LWS_VISIBLE int -lws_callback_all_protocol_vhost_args(struct lws_vhost *vh, - const struct lws_protocols *protocol, - int reason, void *argp, size_t len); - -/** - * lws_callback_vhost_protocols() - Callback all protocols enabled on a vhost - * with the given reason - * - * \param wsi: wsi whose vhost will get callbacks - * \param reason: Callback reason index - * \param in: in argument to callback - * \param len: len argument to callback - * - * - Which: connections using this protocol on same VHOST as wsi ONLY - * - When: now - * - What: reason - * - * This is deprecated since v2.5, use lws_callback_vhost_protocols_vhost() - * which takes the pointer to the vhost directly without using or needing the - * wsi. - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_vhost_protocols(struct lws *wsi, int reason, void *in, int len) -LWS_WARN_DEPRECATED; - -/** - * lws_callback_vhost_protocols_vhost() - Callback all protocols enabled on a vhost - * with the given reason - * - * \param vh: vhost that will get callbacks - * \param reason: Callback reason index - * \param in: in argument to callback - * \param len: len argument to callback - * - * - Which: connections using this protocol on same VHOST as wsi ONLY - * - When: now - * - What: reason - */ -LWS_VISIBLE LWS_EXTERN int -lws_callback_vhost_protocols_vhost(struct lws_vhost *vh, int reason, void *in, - size_t len); - -LWS_VISIBLE LWS_EXTERN int -lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason, - void *user, void *in, size_t len); - -/** - * lws_get_socket_fd() - returns the socket file descriptor - * - * This is needed to use sendto() on UDP raw sockets - * - * \param wsi: Websocket connection instance - */ -LWS_VISIBLE LWS_EXTERN lws_sockfd_type -lws_get_socket_fd(struct lws *wsi); - -/** - * lws_get_peer_write_allowance() - get the amount of data writeable to peer - * if known - * - * \param wsi: Websocket connection instance - * - * if the protocol does not have any guidance, returns -1. Currently only - * http2 connections get send window information from this API. But your code - * should use it so it can work properly with any protocol. - * - * If nonzero return is the amount of payload data the peer or intermediary has - * reported it has buffer space for. That has NO relationship with the amount - * of buffer space your OS can accept on this connection for a write action. - * - * This number represents the maximum you could send to the peer or intermediary - * on this connection right now without the protocol complaining. - * - * lws manages accounting for send window updates and payload writes - * automatically, so this number reflects the situation at the peer or - * intermediary dynamically. - */ -LWS_VISIBLE LWS_EXTERN lws_fileofs_t -lws_get_peer_write_allowance(struct lws *wsi); -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-ws-close.h b/thirdparty/libwebsockets/include/libwebsockets/lws-ws-close.h deleted file mode 100644 index 9721e29233..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-ws-close.h +++ /dev/null @@ -1,124 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup wsclose Websocket Close - * - * ##Websocket close frame control - * - * When we close a ws connection, we can send a reason code and a short - * UTF-8 description back with the close packet. - */ -///@{ - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -/** enum lws_close_status - RFC6455 close status codes */ -enum lws_close_status { - LWS_CLOSE_STATUS_NOSTATUS = 0, - LWS_CLOSE_STATUS_NORMAL = 1000, - /**< 1000 indicates a normal closure, meaning that the purpose for - which the connection was established has been fulfilled. */ - LWS_CLOSE_STATUS_GOINGAWAY = 1001, - /**< 1001 indicates that an endpoint is "going away", such as a server - going down or a browser having navigated away from a page. */ - LWS_CLOSE_STATUS_PROTOCOL_ERR = 1002, - /**< 1002 indicates that an endpoint is terminating the connection due - to a protocol error. */ - LWS_CLOSE_STATUS_UNACCEPTABLE_OPCODE = 1003, - /**< 1003 indicates that an endpoint is terminating the connection - because it has received a type of data it cannot accept (e.g., an - endpoint that understands only text data MAY send this if it - receives a binary message). */ - LWS_CLOSE_STATUS_RESERVED = 1004, - /**< Reserved. The specific meaning might be defined in the future. */ - LWS_CLOSE_STATUS_NO_STATUS = 1005, - /**< 1005 is a reserved value and MUST NOT be set as a status code in a - Close control frame by an endpoint. It is designated for use in - applications expecting a status code to indicate that no status - code was actually present. */ - LWS_CLOSE_STATUS_ABNORMAL_CLOSE = 1006, - /**< 1006 is a reserved value and MUST NOT be set as a status code in a - Close control frame by an endpoint. It is designated for use in - applications expecting a status code to indicate that the - connection was closed abnormally, e.g., without sending or - receiving a Close control frame. */ - LWS_CLOSE_STATUS_INVALID_PAYLOAD = 1007, - /**< 1007 indicates that an endpoint is terminating the connection - because it has received data within a message that was not - consistent with the type of the message (e.g., non-UTF-8 [RFC3629] - data within a text message). */ - LWS_CLOSE_STATUS_POLICY_VIOLATION = 1008, - /**< 1008 indicates that an endpoint is terminating the connection - because it has received a message that violates its policy. This - is a generic status code that can be returned when there is no - other more suitable status code (e.g., 1003 or 1009) or if there - is a need to hide specific details about the policy. */ - LWS_CLOSE_STATUS_MESSAGE_TOO_LARGE = 1009, - /**< 1009 indicates that an endpoint is terminating the connection - because it has received a message that is too big for it to - process. */ - LWS_CLOSE_STATUS_EXTENSION_REQUIRED = 1010, - /**< 1010 indicates that an endpoint (client) is terminating the - connection because it has expected the server to negotiate one or - more extension, but the server didn't return them in the response - message of the WebSocket handshake. The list of extensions that - are needed SHOULD appear in the /reason/ part of the Close frame. - Note that this status code is not used by the server, because it - can fail the WebSocket handshake instead */ - LWS_CLOSE_STATUS_UNEXPECTED_CONDITION = 1011, - /**< 1011 indicates that a server is terminating the connection because - it encountered an unexpected condition that prevented it from - fulfilling the request. */ - LWS_CLOSE_STATUS_TLS_FAILURE = 1015, - /**< 1015 is a reserved value and MUST NOT be set as a status code in a - Close control frame by an endpoint. It is designated for use in - applications expecting a status code to indicate that the - connection was closed due to a failure to perform a TLS handshake - (e.g., the server certificate can't be verified). */ - - LWS_CLOSE_STATUS_CLIENT_TRANSACTION_DONE = 2000, - - /****** add new things just above ---^ ******/ - - LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY = 9999, -}; - -/** - * lws_close_reason - Set reason and aux data to send with Close packet - * If you are going to return nonzero from the callback - * requesting the connection to close, you can optionally - * call this to set the reason the peer will be told if - * possible. - * - * \param wsi: The websocket connection to set the close reason on - * \param status: A valid close status from websocket standard - * \param buf: NULL or buffer containing up to 124 bytes of auxiliary data - * \param len: Length of data in \param buf to send - */ -LWS_VISIBLE LWS_EXTERN void -lws_close_reason(struct lws *wsi, enum lws_close_status status, - unsigned char *buf, size_t len); - -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-ws-ext.h b/thirdparty/libwebsockets/include/libwebsockets/lws-ws-ext.h deleted file mode 100644 index 3face4f344..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-ws-ext.h +++ /dev/null @@ -1,197 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/*! \defgroup extensions Extension related functions - * ##Extension releated functions - * - * Ws defines optional extensions, lws provides the ability to implement these - * in user code if so desired. - * - * We provide one extensions permessage-deflate. - */ -///@{ - -/* - * NOTE: These public enums are part of the abi. If you want to add one, - * add it at where specified so existing users are unaffected. - */ -enum lws_extension_callback_reasons { - LWS_EXT_CB_CONSTRUCT = 4, - LWS_EXT_CB_CLIENT_CONSTRUCT = 5, - LWS_EXT_CB_DESTROY = 8, - LWS_EXT_CB_PACKET_TX_PRESEND = 12, - LWS_EXT_CB_PAYLOAD_TX = 21, - LWS_EXT_CB_PAYLOAD_RX = 22, - LWS_EXT_CB_OPTION_DEFAULT = 23, - LWS_EXT_CB_OPTION_SET = 24, - LWS_EXT_CB_OPTION_CONFIRM = 25, - LWS_EXT_CB_NAMED_OPTION_SET = 26, - - /****** add new things just above ---^ ******/ -}; - -/** enum lws_ext_options_types */ -enum lws_ext_options_types { - EXTARG_NONE, /**< does not take an argument */ - EXTARG_DEC, /**< requires a decimal argument */ - EXTARG_OPT_DEC /**< may have an optional decimal argument */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ -}; - -/** struct lws_ext_options - Option arguments to the extension. These are - * used in the negotiation at ws upgrade time. - * The helper function lws_ext_parse_options() - * uses these to generate callbacks */ -struct lws_ext_options { - const char *name; /**< Option name, eg, "server_no_context_takeover" */ - enum lws_ext_options_types type; /**< What kind of args the option can take */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ -}; - -/** struct lws_ext_option_arg */ -struct lws_ext_option_arg { - const char *option_name; /**< may be NULL, option_index used then */ - int option_index; /**< argument ordinal to use if option_name missing */ - const char *start; /**< value */ - int len; /**< length of value */ -}; - -/** - * typedef lws_extension_callback_function() - Hooks to allow extensions to operate - * \param context: Websockets context - * \param ext: This extension - * \param wsi: Opaque websocket instance pointer - * \param reason: The reason for the call - * \param user: Pointer to ptr to per-session user data allocated by library - * \param in: Pointer used for some callback reasons - * \param len: Length set for some callback reasons - * - * Each extension that is active on a particular connection receives - * callbacks during the connection lifetime to allow the extension to - * operate on websocket data and manage itself. - * - * Libwebsockets takes care of allocating and freeing "user" memory for - * each active extension on each connection. That is what is pointed to - * by the user parameter. - * - * LWS_EXT_CB_CONSTRUCT: called when the server has decided to - * select this extension from the list provided by the client, - * just before the server will send back the handshake accepting - * the connection with this extension active. This gives the - * extension a chance to initialize its connection context found - * in user. - * - * LWS_EXT_CB_CLIENT_CONSTRUCT: same as LWS_EXT_CB_CONSTRUCT - * but called when client is instantiating this extension. Some - * extensions will work the same on client and server side and then - * you can just merge handlers for both CONSTRUCTS. - * - * LWS_EXT_CB_DESTROY: called when the connection the extension was - * being used on is about to be closed and deallocated. It's the - * last chance for the extension to deallocate anything it has - * allocated in the user data (pointed to by user) before the - * user data is deleted. This same callback is used whether you - * are in client or server instantiation context. - * - * LWS_EXT_CB_PACKET_TX_PRESEND: this works the same way as - * LWS_EXT_CB_PACKET_RX_PREPARSE above, except it gives the - * extension a chance to change websocket data just before it will - * be sent out. Using the same lws_token pointer scheme in in, - * the extension can change the buffer and the length to be - * transmitted how it likes. Again if it wants to grow the - * buffer safely, it should copy the data into its own buffer and - * set the lws_tokens token pointer to it. - * - * LWS_EXT_CB_ARGS_VALIDATE: - */ -typedef int -lws_extension_callback_function(struct lws_context *context, - const struct lws_extension *ext, struct lws *wsi, - enum lws_extension_callback_reasons reason, - void *user, void *in, size_t len); - -/** struct lws_extension - An extension we support */ -struct lws_extension { - const char *name; /**< Formal extension name, eg, "permessage-deflate" */ - lws_extension_callback_function *callback; /**< Service callback */ - const char *client_offer; /**< String containing exts and options client offers */ - - /* Add new things just above here ---^ - * This is part of the ABI, don't needlessly break compatibility */ -}; - -/** - * lws_set_extension_option(): set extension option if possible - * - * \param wsi: websocket connection - * \param ext_name: name of ext, like "permessage-deflate" - * \param opt_name: name of option, like "rx_buf_size" - * \param opt_val: value to set option to - */ -LWS_VISIBLE LWS_EXTERN int -lws_set_extension_option(struct lws *wsi, const char *ext_name, - const char *opt_name, const char *opt_val); - -/** - * lws_ext_parse_options() - deal with parsing negotiated extension options - * - * \param ext: related extension struct - * \param wsi: websocket connection - * \param ext_user: per-connection extension private data - * \param opts: list of supported options - * \param o: option string to parse - * \param len: length - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_ext_parse_options(const struct lws_extension *ext, struct lws *wsi, - void *ext_user, const struct lws_ext_options *opts, - const char *o, int len); - -/** lws_extension_callback_pm_deflate() - extension for RFC7692 - * - * \param context: lws context - * \param ext: related lws_extension struct - * \param wsi: websocket connection - * \param reason: incoming callback reason - * \param user: per-connection extension private data - * \param in: pointer parameter - * \param len: length parameter - * - * Built-in callback implementing RFC7692 permessage-deflate - */ -LWS_EXTERN int -lws_extension_callback_pm_deflate(struct lws_context *context, - const struct lws_extension *ext, - struct lws *wsi, - enum lws_extension_callback_reasons reason, - void *user, void *in, size_t len); - -/* - * The internal exts are part of the public abi - * If we add more extensions, publish the callback here ------v - */ -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-ws-state.h b/thirdparty/libwebsockets/include/libwebsockets/lws-ws-state.h deleted file mode 100644 index 3f65724a7a..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-ws-state.h +++ /dev/null @@ -1,92 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -/** \defgroup wsstatus Websocket status APIs - * ##Websocket connection status APIs - * - * These provide information about ws connection or message status - */ -///@{ -/** - * lws_send_pipe_choked() - tests if socket is writable or not - * \param wsi: lws connection - * - * Allows you to check if you can write more on the socket - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_send_pipe_choked(struct lws *wsi); - -/** - * lws_is_final_fragment() - tests if last part of ws message - * - * \param wsi: lws connection - */ -LWS_VISIBLE LWS_EXTERN int -lws_is_final_fragment(struct lws *wsi); - -/** - * lws_is_first_fragment() - tests if first part of ws message - * - * \param wsi: lws connection - */ -LWS_VISIBLE LWS_EXTERN int -lws_is_first_fragment(struct lws *wsi); - -/** - * lws_get_reserved_bits() - access reserved bits of ws frame - * \param wsi: lws connection - */ -LWS_VISIBLE LWS_EXTERN unsigned char -lws_get_reserved_bits(struct lws *wsi); - -/** - * lws_partial_buffered() - find out if lws buffered the last write - * \param wsi: websocket connection to check - * - * Returns 1 if you cannot use lws_write because the last - * write on this connection is still buffered, and can't be cleared without - * returning to the service loop and waiting for the connection to be - * writeable again. - * - * If you will try to do >1 lws_write call inside a single - * WRITEABLE callback, you must check this after every write and bail if - * set, ask for a new writeable callback and continue writing from there. - * - * This is never set at the start of a writeable callback, but any write - * may set it. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_partial_buffered(struct lws *wsi); - -/** - * lws_frame_is_binary(): true if the current frame was sent in binary mode - * - * \param wsi: the connection we are inquiring about - * - * This is intended to be called from the LWS_CALLBACK_RECEIVE callback if - * it's interested to see if the frame it's dealing with was sent in binary - * mode. - */ -LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_frame_is_binary(struct lws *wsi); -///@} diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-x509.h b/thirdparty/libwebsockets/include/libwebsockets/lws-x509.h deleted file mode 100644 index f8e5cb0fad..0000000000 --- a/thirdparty/libwebsockets/include/libwebsockets/lws-x509.h +++ /dev/null @@ -1,177 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * included from libwebsockets.h - */ - -enum lws_tls_cert_info { - LWS_TLS_CERT_INFO_VALIDITY_FROM, - /**< fills .time with the time_t the cert validity started from */ - LWS_TLS_CERT_INFO_VALIDITY_TO, - /**< fills .time with the time_t the cert validity ends at */ - LWS_TLS_CERT_INFO_COMMON_NAME, - /**< fills up to len bytes of .ns.name with the cert common name */ - LWS_TLS_CERT_INFO_ISSUER_NAME, - /**< fills up to len bytes of .ns.name with the cert issuer name */ - LWS_TLS_CERT_INFO_USAGE, - /**< fills verified with a bitfield asserting the valid uses */ - LWS_TLS_CERT_INFO_VERIFIED, - /**< fills .verified with a bool representing peer cert validity, - * call returns -1 if no cert */ - LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY, - /**< the certificate's public key, as an opaque bytestream. These - * opaque bytestreams can only be compared with each other using the - * same tls backend, ie, OpenSSL or mbedTLS. The different backends - * produce different, incompatible representations for the same cert. - */ -}; - -union lws_tls_cert_info_results { - unsigned int verified; - time_t time; - unsigned int usage; - struct { - int len; - /* KEEP LAST... notice the [64] is only there because - * name[] is not allowed in a union. The actual length of - * name[] is arbitrary and is passed into the api using the - * len parameter. Eg - * - * char big[1024]; - * union lws_tls_cert_info_results *buf = - * (union lws_tls_cert_info_results *)big; - * - * lws_tls_peer_cert_info(wsi, type, buf, sizeof(big) - - * sizeof(*buf) + sizeof(buf->ns.name)); - */ - char name[64]; - } ns; -}; - -/** - * lws_tls_peer_cert_info() - get information from the peer's TLS cert - * - * \param wsi: the connection to query - * \param type: one of LWS_TLS_CERT_INFO_ - * \param buf: pointer to union to take result - * \param len: when result is a string, the true length of buf->ns.name[] - * - * lws_tls_peer_cert_info() lets you get hold of information from the peer - * certificate. - * - * Return 0 if there is a result in \p buf, or -1 indicating there was no cert - * or another problem. - * - * This function works the same no matter if the TLS backend is OpenSSL or - * mbedTLS. - */ -LWS_VISIBLE LWS_EXTERN int -lws_tls_peer_cert_info(struct lws *wsi, enum lws_tls_cert_info type, - union lws_tls_cert_info_results *buf, size_t len); - -/** - * lws_tls_vhost_cert_info() - get information from the vhost's own TLS cert - * - * \param vhost: the vhost to query - * \param type: one of LWS_TLS_CERT_INFO_ - * \param buf: pointer to union to take result - * \param len: when result is a string, the true length of buf->ns.name[] - * - * lws_tls_vhost_cert_info() lets you get hold of information from the vhost - * certificate. - * - * Return 0 if there is a result in \p buf, or -1 indicating there was no cert - * or another problem. - * - * This function works the same no matter if the TLS backend is OpenSSL or - * mbedTLS. - */ -LWS_VISIBLE LWS_EXTERN int -lws_tls_vhost_cert_info(struct lws_vhost *vhost, enum lws_tls_cert_info type, - union lws_tls_cert_info_results *buf, size_t len); - -/** - * lws_tls_acme_sni_cert_create() - creates a temp selfsigned cert - * and attaches to a vhost - * - * \param vhost: the vhost to acquire the selfsigned cert - * \param san_a: SAN written into the certificate - * \param san_b: second SAN written into the certificate - * - * - * Returns 0 if created and attached to the vhost. Returns -1 if problems and - * frees all allocations before returning. - * - * On success, any allocations are destroyed at vhost destruction automatically. - */ -LWS_VISIBLE LWS_EXTERN int -lws_tls_acme_sni_cert_create(struct lws_vhost *vhost, const char *san_a, - const char *san_b); - -/** - * lws_tls_acme_sni_csr_create() - creates a CSR and related private key PEM - * - * \param context: lws_context used for random - * \param elements: array of LWS_TLS_REQ_ELEMENT_COUNT const char * - * \param csr: buffer that will get the b64URL(ASN-1 CSR) - * \param csr_len: max length of the csr buffer - * \param privkey_pem: pointer to pointer allocated to hold the privkey_pem - * \param privkey_len: pointer to size_t set to the length of the privkey_pem - * - * Creates a CSR according to the information in \p elements, and a private - * RSA key used to sign the CSR. - * - * The outputs are the b64URL(ASN-1 CSR) into csr, and the PEM private key into - * privkey_pem. - * - * Notice that \p elements points to an array of const char *s pointing to the - * information listed in the enum above. If an entry is NULL or an empty - * string, the element is set to "none" in the CSR. - * - * Returns 0 on success or nonzero for failure. - */ -LWS_VISIBLE LWS_EXTERN int -lws_tls_acme_sni_csr_create(struct lws_context *context, const char *elements[], - uint8_t *csr, size_t csr_len, char **privkey_pem, - size_t *privkey_len); - -/** - * lws_tls_cert_updated() - update every vhost using the given cert path - * - * \param context: our lws_context - * \param certpath: the filepath to the certificate - * \param keypath: the filepath to the private key of the certificate - * \param mem_cert: copy of the cert in memory - * \param len_mem_cert: length of the copy of the cert in memory - * \param mem_privkey: copy of the private key in memory - * \param len_mem_privkey: length of the copy of the private key in memory - * - * Checks every vhost to see if it is the using certificate described by the - * the given filepaths. If so, it attempts to update the vhost ssl_ctx to use - * the new certificate. - * - * Returns 0 on success or nonzero for failure. - */ -LWS_VISIBLE LWS_EXTERN int -lws_tls_cert_updated(struct lws_context *context, const char *certpath, - const char *keypath, - const char *mem_cert, size_t len_mem_cert, - const char *mem_privkey, size_t len_mem_privkey); - diff --git a/thirdparty/libwebsockets/include/lws_config.h b/thirdparty/libwebsockets/include/lws_config.h deleted file mode 100644 index fdf02157cc..0000000000 --- a/thirdparty/libwebsockets/include/lws_config.h +++ /dev/null @@ -1,195 +0,0 @@ -/* lws_config.h Generated from lws_config.h.in */ - -/* GODOT ADDITION */ -#ifndef DEBUG_ENABLED -#define LWS_WITH_NO_LOGS -#endif -/* END GODOT ADDITION */ - -#ifndef NDEBUG - #ifndef _DEBUG - #define _DEBUG - #endif -#endif - -#define LWS_INSTALL_DATADIR "/usr/local/share" - -#define LWS_ROLE_H1 -#define LWS_ROLE_WS -#define LWS_ROLE_RAW -/* #undef LWS_ROLE_H2 */ -/* #undef LWS_ROLE_CGI */ - -/* Define to 1 to use wolfSSL/CyaSSL as a replacement for OpenSSL. - * LWS_OPENSSL_SUPPORT needs to be set also for this to work. */ -/* #undef USE_WOLFSSL */ - -/* Also define to 1 (in addition to USE_WOLFSSL) when using the - (older) CyaSSL library */ -/* #undef USE_OLD_CYASSL */ -/* #undef LWS_WITH_BORINGSSL */ - -#define LWS_WITH_MBEDTLS -/* #undef LWS_WITH_POLARSSL */ -/* #undef LWS_WITH_ESP32 */ - -/* #undef LWS_WITH_PLUGINS */ -/* #undef LWS_WITH_NO_LOGS */ - -/* The Libwebsocket version */ -#define LWS_LIBRARY_VERSION "3.0.0" - -#define LWS_LIBRARY_VERSION_MAJOR 3 -#define LWS_LIBRARY_VERSION_MINOR 0 -#define LWS_LIBRARY_VERSION_PATCH 0 -/* LWS_LIBRARY_VERSION_NUMBER looks like 1005001 for e.g. version 1.5.1 */ -#define LWS_LIBRARY_VERSION_NUMBER (LWS_LIBRARY_VERSION_MAJOR*1000000)+(LWS_LIBRARY_VERSION_MINOR*1000)+LWS_LIBRARY_VERSION_PATCH - -/* The current git commit hash that we're building from */ -#define LWS_BUILD_HASH "v2.0.0-948-geaa935a8" - -/* Build with OpenSSL support ... alias of LWS_WITH_TLS for compatibility*/ -#define LWS_OPENSSL_SUPPORT -#define LWS_WITH_TLS - -/* The client should load and trust CA root certs it finds in the OS */ -/* #undef LWS_SSL_CLIENT_USE_OS_CA_CERTS */ - -/* Sets the path where the client certs should be installed. */ -/* #undef LWS_OPENSSL_CLIENT_CERTS "../share" */ - -/* Turn off websocket extensions */ -#define LWS_WITHOUT_EXTENSIONS - -/* notice if client or server gone */ -/* #undef LWS_WITHOUT_SERVER */ -/* #undef LWS_WITHOUT_CLIENT */ - -#define LWS_WITH_POLL - -/* Enable libev io loop */ -/* #undef LWS_WITH_LIBEV */ - -/* Enable libuv io loop */ -/* #undef LWS_WITH_LIBUV */ - -/* Enable libevent io loop */ -/* #undef LWS_WITH_LIBEVENT */ - -/* Build with support for ipv6 */ -/* Everywhere, except in OpenBSD which does not support dual stacking */ -#if !defined(__OpenBSD__) -#define LWS_WITH_IPV6 -#endif - -/* Build with support for UNIX domain socket */ -/* #undef LWS_WITH_UNIX_SOCK */ - -/* Build with support for HTTP2 */ -/* #undef LWS_WITH_HTTP2 */ - -/* Turn on latency measuring code */ -/* #undef LWS_LATENCY */ - -/* Don't build the daemonizeation api */ -#define LWS_NO_DAEMONIZE - -/* Build without server support */ -/* #undef LWS_NO_SERVER */ - -/* Build without client support */ -/* #undef LWS_NO_CLIENT */ - -/* If we should compile with MinGW support */ -/* #undef LWS_MINGW_SUPPORT */ - -/* Use the BSD getifaddrs that comes with libwebsocket, for uclibc support */ -/* #undef LWS_BUILTIN_GETIFADDRS */ - -/* use SHA1() not internal libwebsockets_SHA1 */ -/* #undef LWS_SHA1_USE_OPENSSL_NAME */ - -/* SSL server using ECDH certificate */ -/* #undef LWS_SSL_SERVER_WITH_ECDH_CERT */ -/* #undef LWS_HAVE_SSL_CTX_set1_param */ -#define LWS_HAVE_X509_VERIFY_PARAM_set1_host -/* #undef LWS_HAVE_RSA_SET0_KEY */ -/* #undef LWS_HAVE_X509_get_key_usage */ -/* #undef LWS_HAVE_SSL_CTX_get0_certificate */ - -/* #undef LWS_HAVE_UV_VERSION_H */ -/* #undef LWS_HAVE_PTHREAD_H */ - -/* CGI apis */ -/* #undef LWS_WITH_CGI */ - -/* whether the Openssl is recent enough, and / or built with, ecdh */ -/* #undef LWS_HAVE_OPENSSL_ECDH_H */ - -/* HTTP Proxy support */ -/* #undef LWS_WITH_HTTP_PROXY */ - -/* HTTP Ranges support */ -/* #undef LWS_WITH_RANGES */ - -/* Http access log support */ -/* #undef LWS_WITH_ACCESS_LOG */ -/* #undef LWS_WITH_SERVER_STATUS */ - -/* #undef LWS_WITH_STATEFUL_URLDECODE */ -/* #undef LWS_WITH_PEER_LIMITS */ - -/* Maximum supported service threads */ -#define LWS_MAX_SMP 1 - -/* Lightweight JSON Parser */ -/* #undef LWS_WITH_LEJP */ - -/* SMTP */ -/* #undef LWS_WITH_SMTP */ - -/* OPTEE */ -/* #undef LWS_PLAT_OPTEE */ - -/* ZIP FOPS */ -/* #undef LWS_WITH_ZIP_FOPS */ -#define LWS_HAVE_STDINT_H - -/* #undef LWS_AVOID_SIGPIPE_IGN */ - -/* #undef LWS_FALLBACK_GETHOSTBYNAME */ - -/* #undef LWS_WITH_STATS */ -/* #undef LWS_WITH_SOCKS5 */ - -/* #undef LWS_HAVE_SYS_CAPABILITY_H */ -/* #undef LWS_HAVE_LIBCAP */ - -#define LWS_HAVE_ATOLL -/* #undef LWS_HAVE__ATOI64 */ -/* #undef LWS_HAVE__STAT32I64 */ - -/* #undef LWS_WITH_JWS */ -/* #undef LWS_WITH_ACME */ -/* #undef LWS_WITH_SELFTESTS */ - -#if !defined(__APPLE__) && !defined(__FreeBSD__) && !defined(__OpenBSD__) -#define LWS_HAVE_MALLOC_H -#endif - -#if !defined(__APPLE__) && !defined(__HAIKU__) -#define LWS_HAVE_PIPE2 -#endif - -/* OpenSSL various APIs */ - -#define LWS_HAVE_TLS_CLIENT_METHOD -/* #undef LWS_HAVE_TLSV1_2_CLIENT_METHOD */ -/* #undef LWS_HAVE_SSL_SET_INFO_CALLBACK */ -/* #undef LWS_HAVE_SSL_EXTRA_CHAIN_CERTS */ -/* #undef LWS_HAVE_SSL_get0_alpn_selected */ -/* #undef LWS_HAVE_SSL_set_alpn_protos */ - -#define LWS_HAS_INTPTR_T - - diff --git a/thirdparty/libwebsockets/ipv6_fixes.diff b/thirdparty/libwebsockets/ipv6_fixes.diff index 5fa1e5c520..fe3e5e4b63 100644 --- a/thirdparty/libwebsockets/ipv6_fixes.diff +++ b/thirdparty/libwebsockets/ipv6_fixes.diff @@ -1,8 +1,8 @@ -diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c b/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c -index 693efd28e..192dddee6 100644 ---- a/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c -+++ b/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c -@@ -73,6 +73,11 @@ lws_plat_set_socket_options(struct lws_vhost *vhost, int fd, int unix_skt) +diff --git a/thirdparty/libwebsockets/plat/lws-plat-unix.c b/thirdparty/libwebsockets/plat/lws-plat-unix.c +index 7dba3bd82..d1bca8b5d 100644 +--- a/thirdparty/libwebsockets/plat/lws-plat-unix.c ++++ b/thirdparty/libwebsockets/plat/lws-plat-unix.c +@@ -328,6 +328,11 @@ lws_plat_set_socket_options(struct lws_vhost *vhost, int fd) int optval = 1; socklen_t optlen = sizeof(optval); @@ -14,11 +14,11 @@ index 693efd28e..192dddee6 100644 #if defined(__APPLE__) || \ defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \ defined(__NetBSD__) || \ -diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c b/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c -index bf0935057..62a0a4984 100644 ---- a/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c -+++ b/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c -@@ -56,6 +56,11 @@ lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd, +diff --git a/thirdparty/libwebsockets/plat/lws-plat-win.c b/thirdparty/libwebsockets/plat/lws-plat-win.c +index 1850b6425..26caab2cd 100644 +--- a/thirdparty/libwebsockets/plat/lws-plat-win.c ++++ b/thirdparty/libwebsockets/plat/lws-plat-win.c +@@ -348,6 +348,11 @@ lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd) struct protoent *tcp_proto; #endif diff --git a/thirdparty/libwebsockets/lib/core/adopt.c b/thirdparty/libwebsockets/lib/core/adopt.c deleted file mode 100644 index 49ac5af161..0000000000 --- a/thirdparty/libwebsockets/lib/core/adopt.c +++ /dev/null @@ -1,414 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - - -static int -lws_get_idlest_tsi(struct lws_context *context) -{ - unsigned int lowest = ~0; - int n = 0, hit = -1; - - for (; n < context->count_threads; n++) { - if ((unsigned int)context->pt[n].fds_count != - context->fd_limit_per_thread - 1 && - (unsigned int)context->pt[n].fds_count < lowest) { - lowest = context->pt[n].fds_count; - hit = n; - } - } - - return hit; -} - -struct lws * -lws_create_new_server_wsi(struct lws_vhost *vhost, int fixed_tsi) -{ - struct lws *new_wsi; - int n = fixed_tsi; - - if (n < 0) - n = lws_get_idlest_tsi(vhost->context); - - if (n < 0) { - lwsl_err("no space for new conn\n"); - return NULL; - } - - new_wsi = lws_zalloc(sizeof(struct lws), "new server wsi"); - if (new_wsi == NULL) { - lwsl_err("Out of memory for new connection\n"); - return NULL; - } - - new_wsi->tsi = n; - lwsl_debug("new wsi %p joining vhost %s, tsi %d\n", new_wsi, - vhost->name, new_wsi->tsi); - - lws_vhost_bind_wsi(vhost, new_wsi); - new_wsi->context = vhost->context; - new_wsi->pending_timeout = NO_PENDING_TIMEOUT; - new_wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; - - /* initialize the instance struct */ - - lwsi_set_state(new_wsi, LRS_UNCONNECTED); - new_wsi->hdr_parsing_completed = 0; - -#ifdef LWS_WITH_TLS - new_wsi->tls.use_ssl = LWS_SSL_ENABLED(vhost); -#endif - - /* - * these can only be set once the protocol is known - * we set an un-established connection's protocol pointer - * to the start of the supported list, so it can look - * for matching ones during the handshake - */ - new_wsi->protocol = vhost->protocols; - new_wsi->user_space = NULL; - new_wsi->desc.sockfd = LWS_SOCK_INVALID; - new_wsi->position_in_fds_table = LWS_NO_FDS_POS; - - vhost->context->count_wsi_allocated++; - - /* - * outermost create notification for wsi - * no user_space because no protocol selection - */ - vhost->protocols[0].callback(new_wsi, LWS_CALLBACK_WSI_CREATE, NULL, - NULL, 0); - - return new_wsi; -} - - -/* if not a socket, it's a raw, non-ssl file descriptor */ - -LWS_VISIBLE struct lws * -lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type, - lws_sock_file_fd_type fd, const char *vh_prot_name, - struct lws *parent) -{ - struct lws_context *context = vh->context; - struct lws *new_wsi; - struct lws_context_per_thread *pt; - int n; - -#if defined(LWS_WITH_PEER_LIMITS) - struct lws_peer *peer = NULL; - - if (type & LWS_ADOPT_SOCKET) { - peer = lws_get_or_create_peer(vh, fd.sockfd); - - if (peer && context->ip_limit_wsi && - peer->count_wsi >= context->ip_limit_wsi) { - lwsl_notice("Peer reached wsi limit %d\n", - context->ip_limit_wsi); - lws_stats_atomic_bump(context, &context->pt[0], - LWSSTATS_C_PEER_LIMIT_WSI_DENIED, - 1); - return NULL; - } - } -#endif - - n = -1; - if (parent) - n = parent->tsi; - new_wsi = lws_create_new_server_wsi(vh, n); - if (!new_wsi) { - if (type & LWS_ADOPT_SOCKET) - compatible_close(fd.sockfd); - return NULL; - } -#if defined(LWS_WITH_PEER_LIMITS) - if (peer) - lws_peer_add_wsi(context, peer, new_wsi); -#endif - pt = &context->pt[(int)new_wsi->tsi]; - lws_stats_atomic_bump(context, pt, LWSSTATS_C_CONNECTIONS, 1); - - if (parent) { - new_wsi->parent = parent; - new_wsi->sibling_list = parent->child_list; - parent->child_list = new_wsi; - } - - new_wsi->desc = fd; - - if (vh_prot_name) { - new_wsi->protocol = lws_vhost_name_to_protocol(new_wsi->vhost, - vh_prot_name); - if (!new_wsi->protocol) { - lwsl_err("Protocol %s not enabled on vhost %s\n", - vh_prot_name, new_wsi->vhost->name); - goto bail; - } - if (lws_ensure_user_space(new_wsi)) { - lwsl_notice("OOM trying to get user_space\n"); - goto bail; - } - } - - if (!LWS_SSL_ENABLED(new_wsi->vhost) || !(type & LWS_ADOPT_SOCKET)) - type &= ~LWS_ADOPT_ALLOW_SSL; - - if (lws_role_call_adoption_bind(new_wsi, type, vh_prot_name)) { - lwsl_err("Unable to find a role that can adopt descriptor\n"); - goto bail; - } - - /* - * A new connection was accepted. Give the user a chance to - * set properties of the newly created wsi. There's no protocol - * selected yet so we issue this to the vhosts's default protocol, - * itself by default protocols[0] - */ - n = LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED; - if (!(type & LWS_ADOPT_HTTP)) { - if (!(type & LWS_ADOPT_SOCKET)) - n = LWS_CALLBACK_RAW_ADOPT_FILE; - else - n = LWS_CALLBACK_RAW_ADOPT; - } - - lwsl_debug("new wsi wsistate 0x%x\n", new_wsi->wsistate); - - if (context->event_loop_ops->accept) - if (context->event_loop_ops->accept(new_wsi)) - goto fail; - - if (!(type & LWS_ADOPT_ALLOW_SSL)) { - lws_pt_lock(pt, __func__); - if (__insert_wsi_socket_into_fds(context, new_wsi)) { - lws_pt_unlock(pt); - lwsl_err("%s: fail inserting socket\n", __func__); - goto fail; - } - lws_pt_unlock(pt); - } else - if (lws_server_socket_service_ssl(new_wsi, fd.sockfd)) { - lwsl_info("%s: fail ssl negotiation\n", __func__); - goto fail; - } - - /* - * by deferring callback to this point, after insertion to fds, - * lws_callback_on_writable() can work from the callback - */ - if ((new_wsi->protocol->callback)(new_wsi, n, new_wsi->user_space, - NULL, 0)) - goto fail; - - /* role may need to do something after all adoption completed */ - - lws_role_call_adoption_bind(new_wsi, type | _LWS_ADOPT_FINISH, - vh_prot_name); - - lws_cancel_service_pt(new_wsi); - - return new_wsi; - -fail: - if (type & LWS_ADOPT_SOCKET) - lws_close_free_wsi(new_wsi, LWS_CLOSE_STATUS_NOSTATUS, - "adopt skt fail"); - - return NULL; - -bail: - lwsl_notice("%s: exiting on bail\n", __func__); - if (parent) - parent->child_list = new_wsi->sibling_list; - if (new_wsi->user_space) - lws_free(new_wsi->user_space); - - vh->context->count_wsi_allocated--; - - lws_vhost_unbind_wsi(new_wsi); - lws_free(new_wsi); - - compatible_close(fd.sockfd); - - return NULL; -} - -LWS_VISIBLE struct lws * -lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd) -{ - lws_sock_file_fd_type fd; - - fd.sockfd = accept_fd; - return lws_adopt_descriptor_vhost(vh, LWS_ADOPT_SOCKET | - LWS_ADOPT_HTTP | LWS_ADOPT_ALLOW_SSL, fd, NULL, NULL); -} - -LWS_VISIBLE struct lws * -lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd) -{ - return lws_adopt_socket_vhost(context->vhost_list, accept_fd); -} - -/* Common read-buffer adoption for lws_adopt_*_readbuf */ -static struct lws* -adopt_socket_readbuf(struct lws *wsi, const char *readbuf, size_t len) -{ - struct lws_context_per_thread *pt; - struct lws_pollfd *pfd; - int n; - - if (!wsi) - return NULL; - - if (!readbuf || len == 0) - return wsi; - - if (wsi->position_in_fds_table == LWS_NO_FDS_POS) - return wsi; - - pt = &wsi->context->pt[(int)wsi->tsi]; - - n = lws_buflist_append_segment(&wsi->buflist, (const uint8_t *)readbuf, - len); - if (n < 0) - goto bail; - if (n) - lws_dll_lws_add_front(&wsi->dll_buflist, &pt->dll_head_buflist); - - /* - * we can't process the initial read data until we can attach an ah. - * - * if one is available, get it and place the data in his ah rxbuf... - * wsi with ah that have pending rxbuf get auto-POLLIN service. - * - * no autoservice because we didn't get a chance to attach the - * readbuf data to wsi or ah yet, and we will do it next if we get - * the ah. - */ - if (wsi->http.ah || !lws_header_table_attach(wsi, 0)) { - - lwsl_notice("%s: calling service on readbuf ah\n", __func__); - - /* - * unlike a normal connect, we have the headers already - * (or the first part of them anyway). - * libuv won't come back and service us without a network - * event, so we need to do the header service right here. - */ - pfd = &pt->fds[wsi->position_in_fds_table]; - pfd->revents |= LWS_POLLIN; - lwsl_err("%s: calling service\n", __func__); - if (lws_service_fd_tsi(wsi->context, pfd, wsi->tsi)) - /* service closed us */ - return NULL; - - return wsi; - } - lwsl_err("%s: deferring handling ah\n", __func__); - - return wsi; - -bail: - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "adopt skt readbuf fail"); - - return NULL; -} - -LWS_EXTERN struct lws * -lws_create_adopt_udp(struct lws_vhost *vhost, int port, int flags, - const char *protocol_name, struct lws *parent_wsi) -{ - lws_sock_file_fd_type sock; - struct addrinfo h, *r, *rp; - struct lws *wsi = NULL; - char buf[16]; - int n; - - memset(&h, 0, sizeof(h)); - h.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */ - h.ai_socktype = SOCK_DGRAM; - h.ai_protocol = IPPROTO_UDP; - h.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; - - lws_snprintf(buf, sizeof(buf), "%u", port); - n = getaddrinfo(NULL, buf, &h, &r); - if (n) { - lwsl_info("%s: getaddrinfo error: %s\n", __func__, - gai_strerror(n)); - goto bail; - } - - for (rp = r; rp; rp = rp->ai_next) { - sock.sockfd = socket(rp->ai_family, rp->ai_socktype, - rp->ai_protocol); - if (sock.sockfd != LWS_SOCK_INVALID) - break; - } - if (!rp) { - lwsl_err("%s: unable to create INET socket\n", __func__); - goto bail1; - } - - if ((flags & LWS_CAUDP_BIND) && bind(sock.sockfd, rp->ai_addr, -#if defined(_WIN32) - (int)rp->ai_addrlen -#else - rp->ai_addrlen -#endif - ) == -1) { - lwsl_err("%s: bind failed\n", __func__); - goto bail2; - } - - wsi = lws_adopt_descriptor_vhost(vhost, LWS_ADOPT_RAW_SOCKET_UDP, sock, - protocol_name, parent_wsi); - if (!wsi) - lwsl_err("%s: udp adoption failed\n", __func__); - -bail2: - if (!wsi) - compatible_close((int)sock.sockfd); -bail1: - freeaddrinfo(r); - -bail: - return wsi; -} - -LWS_VISIBLE struct lws * -lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd, - const char *readbuf, size_t len) -{ - return adopt_socket_readbuf(lws_adopt_socket(context, accept_fd), - readbuf, len); -} - -LWS_VISIBLE struct lws * -lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost, - lws_sockfd_type accept_fd, - const char *readbuf, size_t len) -{ - return adopt_socket_readbuf(lws_adopt_socket_vhost(vhost, accept_fd), - readbuf, len); -} diff --git a/thirdparty/libwebsockets/lib/core/alloc.c b/thirdparty/libwebsockets/lib/core/alloc.c deleted file mode 100644 index f169fc3767..0000000000 --- a/thirdparty/libwebsockets/lib/core/alloc.c +++ /dev/null @@ -1,92 +0,0 @@ -#include "core/private.h" - -#if defined(LWS_PLAT_OPTEE) - -#define TEE_USER_MEM_HINT_NO_FILL_ZERO 0x80000000 - -void *__attribute__((weak)) - TEE_Malloc(uint32_t size, uint32_t hint) -{ - return NULL; -} -void *__attribute__((weak)) - TEE_Realloc(void *buffer, uint32_t newSize) -{ - return NULL; -} -void __attribute__((weak)) - TEE_Free(void *buffer) -{ -} - -void *lws_realloc(void *ptr, size_t size, const char *reason) -{ - return TEE_Realloc(ptr, size); -} - -void *lws_malloc(size_t size, const char *reason) -{ - return TEE_Malloc(size, TEE_USER_MEM_HINT_NO_FILL_ZERO); -} - -void lws_free(void *p) -{ - TEE_Free(p); -} - -void *lws_zalloc(size_t size, const char *reason) -{ - void *ptr = TEE_Malloc(size, TEE_USER_MEM_HINT_NO_FILL_ZERO); - if (ptr) - memset(ptr, 0, size); - return ptr; -} - -void lws_set_allocator(void *(*cb)(void *ptr, size_t size, const char *reason)) -{ - (void)cb; -} -#else - -static void *_realloc(void *ptr, size_t size, const char *reason) -{ - if (size) { -#if defined(LWS_WITH_ESP32) - lwsl_notice("%s: size %lu: %s (free heap %d)\n", __func__, - (unsigned long)size, reason, (unsigned int)esp_get_free_heap_size() - (int)size); -#else - lwsl_debug("%s: size %lu: %s\n", __func__, - (unsigned long)size, reason); -#endif -#if defined(LWS_PLAT_OPTEE) - return (void *)TEE_Realloc(ptr, size); -#else - return (void *)realloc(ptr, size); -#endif - } - if (ptr) - free(ptr); - - return NULL; -} - -void *(*_lws_realloc)(void *ptr, size_t size, const char *reason) = _realloc; - -void *lws_realloc(void *ptr, size_t size, const char *reason) -{ - return _lws_realloc(ptr, size, reason); -} - -void *lws_zalloc(size_t size, const char *reason) -{ - void *ptr = _lws_realloc(NULL, size, reason); - if (ptr) - memset(ptr, 0, size); - return ptr; -} - -void lws_set_allocator(void *(*cb)(void *ptr, size_t size, const char *reason)) -{ - _lws_realloc = cb; -} -#endif diff --git a/thirdparty/libwebsockets/lib/core/connect.c b/thirdparty/libwebsockets/lib/core/connect.c deleted file mode 100644 index daffc193c8..0000000000 --- a/thirdparty/libwebsockets/lib/core/connect.c +++ /dev/null @@ -1,287 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -void -lws_client_stash_destroy(struct lws *wsi) -{ - if (!wsi || !wsi->stash) - return; - - lws_free_set_NULL(wsi->stash->address); - lws_free_set_NULL(wsi->stash->path); - lws_free_set_NULL(wsi->stash->host); - lws_free_set_NULL(wsi->stash->origin); - lws_free_set_NULL(wsi->stash->protocol); - lws_free_set_NULL(wsi->stash->method); - lws_free_set_NULL(wsi->stash->iface); - lws_free_set_NULL(wsi->stash->alpn); - - lws_free_set_NULL(wsi->stash); -} - -LWS_VISIBLE struct lws * -lws_client_connect_via_info(const struct lws_client_connect_info *i) -{ - struct lws *wsi, *safe = NULL; - const struct lws_protocols *p; - const char *local = i->protocol; -#if LWS_MAX_SMP > 1 - int n, tid; -#endif - - if (i->context->requested_kill) - return NULL; - - if (!i->context->protocol_init_done) - lws_protocol_init(i->context); - /* - * If we have .local_protocol_name, use it to select the local protocol - * handler to bind to. Otherwise use .protocol if http[s]. - */ - if (i->local_protocol_name) - local = i->local_protocol_name; - - /* PHASE 1: create a bare wsi */ - - wsi = lws_zalloc(sizeof(struct lws), "client wsi"); - if (wsi == NULL) - goto bail; - - wsi->context = i->context; - wsi->desc.sockfd = LWS_SOCK_INVALID; - - wsi->vhost = NULL; - if (!i->vhost) - lws_vhost_bind_wsi(i->context->vhost_list, wsi); - else - lws_vhost_bind_wsi(i->vhost, wsi); - - if (!wsi->vhost) { - lwsl_err("%s: No vhost in the context\n", __func__); - - goto bail; - } - - /* - * PHASE 2: if SMP, bind the client to whatever tsi the current thread - * represents - */ - -#if LWS_MAX_SMP > 1 - tid = wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_GET_THREAD_ID, - NULL, NULL, 0); - - lws_context_lock(i->context, "client find tsi"); - - for (n = 0; n < i->context->count_threads; n++) - if (i->context->pt[n].service_tid == tid) { - lwsl_info("%s: client binds to caller tsi %d\n", - __func__, n); - wsi->tsi = n; - break; - } - - /* - * this binding is sort of provisional, since when we try to insert - * into the pt fds, there may be no space and it will fail - */ - - lws_context_unlock(i->context); -#endif - - /* - * PHASE 3: Choose an initial role for the wsi and do role-specific init - * - * Note the initial role may not reflect the final role, eg, - * we may want ws, but first we have to go through h1 to get that - */ - - lws_role_call_client_bind(wsi, i); - - /* - * PHASE 4: fill up the wsi with stuff from the connect_info as far as - * it can go. It's uncertain because not only is our connection - * going to complete asynchronously, we might have bound to h1 and not - * even be able to get ahold of an ah immediately. - */ - - wsi->user_space = NULL; - wsi->pending_timeout = NO_PENDING_TIMEOUT; - wsi->position_in_fds_table = LWS_NO_FDS_POS; - wsi->c_port = i->port; - - wsi->protocol = &wsi->vhost->protocols[0]; - wsi->client_pipeline = !!(i->ssl_connection & LCCSCF_PIPELINE); - - /* - * PHASE 5: handle external user_space now, generic alloc is done in - * role finalization - */ - - if (!wsi->user_space && i->userdata) { - wsi->user_space_externally_allocated = 1; - wsi->user_space = i->userdata; - } - - if (local) { - lwsl_info("%s: protocol binding to %s\n", __func__, local); - p = lws_vhost_name_to_protocol(wsi->vhost, local); - if (p) - lws_bind_protocol(wsi, p, __func__); - } - - /* - * PHASE 5: handle external user_space now, generic alloc is done in - * role finalization - */ - - if (!wsi->user_space && i->userdata) { - wsi->user_space_externally_allocated = 1; - wsi->user_space = i->userdata; - } - -#if defined(LWS_WITH_TLS) - wsi->tls.use_ssl = i->ssl_connection; -#else - if (i->ssl_connection & LCCSCF_USE_SSL) { - lwsl_err("%s: lws not configured for tls\n", __func__); - goto bail; - } -#endif - - /* - * PHASE 6: stash the things from connect_info that we can't process - * right now, eg, if http binding, without an ah. If h1 and no ah, we - * will go on the ah waiting list and process those things later (after - * the connect_info and maybe the things pointed to have gone out of - * scope) - * - * However these things are stashed in a generic way at this point, - * with no relationship to http or ah - */ - - wsi->stash = lws_zalloc(sizeof(*wsi->stash), "client stash"); - if (!wsi->stash) { - lwsl_err("%s: OOM\n", __func__); - goto bail1; - } - - wsi->stash->address = lws_strdup(i->address); - wsi->stash->path = lws_strdup(i->path); - wsi->stash->host = lws_strdup(i->host); - - if (!wsi->stash->address || !wsi->stash->path || !wsi->stash->host) - goto bail1; - - if (i->origin) { - wsi->stash->origin = lws_strdup(i->origin); - if (!wsi->stash->origin) - goto bail1; - } - if (i->protocol) { - wsi->stash->protocol = lws_strdup(i->protocol); - if (!wsi->stash->protocol) - goto bail1; - } - if (i->method) { - wsi->stash->method = lws_strdup(i->method); - if (!wsi->stash->method) - goto bail1; - } - if (i->iface) { - wsi->stash->iface = lws_strdup(i->iface); - if (!wsi->stash->iface) - goto bail1; - } - if (i->alpn) { - wsi->stash->alpn = lws_strdup(i->alpn); - if (!wsi->stash->alpn) - goto bail1; - } - - /* - * at this point user callbacks like - * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER will be interested to - * know the parent... eg for proxying we can grab extra headers from - * the parent's incoming ah and add them to the child client handshake - */ - - if (i->parent_wsi) { - lwsl_info("%s: created child %p of parent %p\n", __func__, - wsi, i->parent_wsi); - wsi->parent = i->parent_wsi; - safe = wsi->sibling_list = i->parent_wsi->child_list; - i->parent_wsi->child_list = wsi; - } - - /* - * PHASE 7: Do any role-specific finalization processing. We can still - * see important info things via wsi->stash - */ - - if (wsi->role_ops->client_bind) { - int n = wsi->role_ops->client_bind(wsi, NULL); - - if (n && i->parent_wsi) { - /* unpick from parent */ - - i->parent_wsi->child_list = safe; - } - - if (n < 0) - /* we didn't survive, wsi is freed */ - goto bail2; - - if (n) - /* something else failed, wsi needs freeing */ - goto bail; - } - - /* let the caller's optional wsi storage have the wsi we created */ - - if (i->pwsi) - *i->pwsi = wsi; - - -#if defined(LWS_WITH_HUBBUB) - if (i->uri_replace_to) - wsi->http.rw = lws_rewrite_create(wsi, html_parser_cb, - i->uri_replace_from, - i->uri_replace_to); -#endif - - return wsi; - -bail1: - lws_client_stash_destroy(wsi); - -bail: - lws_free(wsi); -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) -bail2: -#endif - if (i->pwsi) - *i->pwsi = NULL; - - return NULL; -} diff --git a/thirdparty/libwebsockets/lib/core/context.c b/thirdparty/libwebsockets/lib/core/context.c deleted file mode 100644 index 94b2d86339..0000000000 --- a/thirdparty/libwebsockets/lib/core/context.c +++ /dev/null @@ -1,1865 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -#ifndef LWS_BUILD_HASH -#define LWS_BUILD_HASH "unknown-build-hash" -#endif - -const struct lws_role_ops *available_roles[] = { -#if defined(LWS_ROLE_H2) - &role_ops_h2, -#endif -#if defined(LWS_ROLE_H1) - &role_ops_h1, -#endif -#if defined(LWS_ROLE_WS) - &role_ops_ws, -#endif -#if defined(LWS_ROLE_DBUS) - &role_ops_dbus, -#endif - NULL -}; - -const struct lws_event_loop_ops *available_event_libs[] = { -#if defined(LWS_WITH_POLL) - &event_loop_ops_poll, -#endif -#if defined(LWS_WITH_LIBUV) - &event_loop_ops_uv, -#endif -#if defined(LWS_WITH_LIBEVENT) - &event_loop_ops_event, -#endif -#if defined(LWS_WITH_LIBEV) - &event_loop_ops_ev, -#endif - NULL -}; - -static const char *library_version = LWS_LIBRARY_VERSION " " LWS_BUILD_HASH; - -/** - * lws_get_library_version: get version and git hash library built from - * - * returns a const char * to a string like "1.1 178d78c" - * representing the library version followed by the git head hash it - * was built from - */ -LWS_VISIBLE const char * -lws_get_library_version(void) -{ - return library_version; -} - -int -lws_role_call_alpn_negotiated(struct lws *wsi, const char *alpn) -{ -#if defined(LWS_WITH_TLS) - if (!alpn) - return 0; - - lwsl_info("%s: '%s'\n", __func__, alpn); - - LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) - if (ar->alpn && !strcmp(ar->alpn, alpn) && ar->alpn_negotiated) - return ar->alpn_negotiated(wsi, alpn); - LWS_FOR_EVERY_AVAILABLE_ROLE_END; -#endif - return 0; -} - -#if !defined(LWS_WITHOUT_SERVER) -int -lws_role_call_adoption_bind(struct lws *wsi, int type, const char *prot) -{ - LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) - if (ar->adoption_bind) - if (ar->adoption_bind(wsi, type, prot)) - return 0; - LWS_FOR_EVERY_AVAILABLE_ROLE_END; - - /* fall back to raw socket role if, eg, h1 not configured */ - - if (role_ops_raw_skt.adoption_bind && - role_ops_raw_skt.adoption_bind(wsi, type, prot)) - return 0; - - /* fall back to raw file role if, eg, h1 not configured */ - - if (role_ops_raw_file.adoption_bind && - role_ops_raw_file.adoption_bind(wsi, type, prot)) - return 0; - - return 1; -} -#endif - -#if !defined(LWS_WITHOUT_CLIENT) -int -lws_role_call_client_bind(struct lws *wsi, - const struct lws_client_connect_info *i) -{ - LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) - if (ar->client_bind) { - int m = ar->client_bind(wsi, i); - if (m < 0) - return m; - if (m) - return 0; - } - LWS_FOR_EVERY_AVAILABLE_ROLE_END; - - /* fall back to raw socket role if, eg, h1 not configured */ - - if (role_ops_raw_skt.client_bind && - role_ops_raw_skt.client_bind(wsi, i)) - return 0; - - return 1; -} -#endif - -static const char * const mount_protocols[] = { - "http://", - "https://", - "file://", - "cgi://", - ">http://", - ">https://", - "callback://" -}; - -LWS_VISIBLE void * -lws_protocol_vh_priv_zalloc(struct lws_vhost *vhost, - const struct lws_protocols *prot, int size) -{ - int n = 0; - - /* allocate the vh priv array only on demand */ - if (!vhost->protocol_vh_privs) { - vhost->protocol_vh_privs = (void **)lws_zalloc( - vhost->count_protocols * sizeof(void *), - "protocol_vh_privs"); - if (!vhost->protocol_vh_privs) - return NULL; - } - - while (n < vhost->count_protocols && &vhost->protocols[n] != prot) - n++; - - if (n == vhost->count_protocols) { - n = 0; - while (n < vhost->count_protocols && - strcmp(vhost->protocols[n].name, prot->name)) - n++; - - if (n == vhost->count_protocols) - return NULL; - } - - vhost->protocol_vh_privs[n] = lws_zalloc(size, "vh priv"); - return vhost->protocol_vh_privs[n]; -} - -LWS_VISIBLE void * -lws_protocol_vh_priv_get(struct lws_vhost *vhost, - const struct lws_protocols *prot) -{ - int n = 0; - - if (!vhost || !vhost->protocol_vh_privs || !prot) - return NULL; - - while (n < vhost->count_protocols && &vhost->protocols[n] != prot) - n++; - - if (n == vhost->count_protocols) { - n = 0; - while (n < vhost->count_protocols && - strcmp(vhost->protocols[n].name, prot->name)) - n++; - - if (n == vhost->count_protocols) { - lwsl_err("%s: unknown protocol %p\n", __func__, prot); - return NULL; - } - } - - return vhost->protocol_vh_privs[n]; -} - -static const struct lws_protocol_vhost_options * -lws_vhost_protocol_options(struct lws_vhost *vh, const char *name) -{ - const struct lws_protocol_vhost_options *pvo = vh->pvo; - - if (!name) - return NULL; - - while (pvo) { - if (!strcmp(pvo->name, name)) - return pvo; - pvo = pvo->next; - } - - return NULL; -} - -/* - * inform every vhost that hasn't already done it, that - * his protocols are initializing - */ -LWS_VISIBLE int -lws_protocol_init(struct lws_context *context) -{ - struct lws_vhost *vh = context->vhost_list; - const struct lws_protocol_vhost_options *pvo, *pvo1; - struct lws wsi; - int n, any = 0; - - if (context->doing_protocol_init) - return 0; - - context->doing_protocol_init = 1; - - memset(&wsi, 0, sizeof(wsi)); - wsi.context = context; - - lwsl_info("%s\n", __func__); - - while (vh) { - wsi.vhost = vh; - - /* only do the protocol init once for a given vhost */ - if (vh->created_vhost_protocols || - (vh->options & LWS_SERVER_OPTION_SKIP_PROTOCOL_INIT)) - goto next; - - /* initialize supported protocols on this vhost */ - - for (n = 0; n < vh->count_protocols; n++) { - wsi.protocol = &vh->protocols[n]; - if (!vh->protocols[n].name) - continue; - pvo = lws_vhost_protocol_options(vh, - vh->protocols[n].name); - if (pvo) { - /* - * linked list of options specific to - * vh + protocol - */ - pvo1 = pvo; - pvo = pvo1->options; - - while (pvo) { - lwsl_debug( - " vhost \"%s\", " - "protocol \"%s\", " - "option \"%s\"\n", - vh->name, - vh->protocols[n].name, - pvo->name); - - if (!strcmp(pvo->name, "default")) { - lwsl_info("Setting default " - "protocol for vh %s to %s\n", - vh->name, - vh->protocols[n].name); - vh->default_protocol_index = n; - } - if (!strcmp(pvo->name, "raw")) { - lwsl_info("Setting raw " - "protocol for vh %s to %s\n", - vh->name, - vh->protocols[n].name); - vh->raw_protocol_index = n; - } - pvo = pvo->next; - } - - pvo = pvo1->options; - } - -#if defined(LWS_WITH_TLS) - any |= !!vh->tls.ssl_ctx; -#endif - - /* - * inform all the protocols that they are doing their - * one-time initialization if they want to. - * - * NOTE the wsi is all zeros except for the context, vh - * + protocol ptrs so lws_get_context(wsi) etc can work - */ - if (vh->protocols[n].callback(&wsi, - LWS_CALLBACK_PROTOCOL_INIT, NULL, - (void *)pvo, 0)) { - lws_free(vh->protocol_vh_privs[n]); - vh->protocol_vh_privs[n] = NULL; - lwsl_err("%s: protocol %s failed init\n", - __func__, vh->protocols[n].name); - - return 1; - } - } - - vh->created_vhost_protocols = 1; -next: - vh = vh->vhost_next; - } - - context->doing_protocol_init = 0; - - if (!context->protocol_init_done) - lws_finalize_startup(context); - - context->protocol_init_done = 1; - - if (any) - lws_tls_check_all_cert_lifetimes(context); - - return 0; -} - - -/* list of supported protocols and callbacks */ - -static const struct lws_protocols protocols_dummy[] = { - /* first protocol must always be HTTP handler */ - - { - "http-only", /* name */ - lws_callback_http_dummy, /* callback */ - 0, /* per_session_data_size */ - 0, /* rx_buffer_size */ - 0, /* id */ - NULL, /* user */ - 0 /* tx_packet_size */ - }, - /* - * the other protocols are provided by lws plugins - */ - { NULL, NULL, 0, 0, 0, NULL, 0} /* terminator */ -}; - -#ifdef LWS_PLAT_OPTEE -#undef LWS_HAVE_GETENV -#endif - -LWS_VISIBLE struct lws_vhost * -lws_create_vhost(struct lws_context *context, - const struct lws_context_creation_info *info) -{ - struct lws_vhost *vh = lws_zalloc(sizeof(*vh), "create vhost"), - **vh1 = &context->vhost_list; - const struct lws_http_mount *mounts; - const struct lws_protocols *pcols = info->protocols; - const struct lws_protocol_vhost_options *pvo; -#ifdef LWS_WITH_PLUGINS - struct lws_plugin *plugin = context->plugin_list; -#endif - struct lws_protocols *lwsp; - int m, f = !info->pvo; - char buf[20]; -#if !defined(LWS_WITHOUT_CLIENT) && defined(LWS_HAVE_GETENV) - char *p; -#endif - int n; - - if (!vh) - return NULL; - -#if LWS_MAX_SMP > 1 - pthread_mutex_init(&vh->lock, NULL); -#endif - - if (!pcols) - pcols = &protocols_dummy[0]; - - vh->context = context; - if (!info->vhost_name) - vh->name = "default"; - else - vh->name = info->vhost_name; - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - vh->http.error_document_404 = info->error_document_404; -#endif - - if (info->options & LWS_SERVER_OPTION_ONLY_RAW) - lwsl_info("%s set to only support RAW\n", vh->name); - - vh->iface = info->iface; -#if !defined(LWS_WITH_ESP32) && \ - !defined(OPTEE_TA) && !defined(WIN32) - vh->bind_iface = info->bind_iface; -#endif - - for (vh->count_protocols = 0; - pcols[vh->count_protocols].callback; - vh->count_protocols++) - ; - - vh->options = info->options; - vh->pvo = info->pvo; - vh->headers = info->headers; - vh->user = info->user; - vh->finalize = info->finalize; - vh->finalize_arg = info->finalize_arg; - - LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) - if (ar->init_vhost) - if (ar->init_vhost(vh, info)) - return NULL; - LWS_FOR_EVERY_AVAILABLE_ROLE_END; - - - if (info->keepalive_timeout) - vh->keepalive_timeout = info->keepalive_timeout; - else - vh->keepalive_timeout = 5; - - if (info->timeout_secs_ah_idle) - vh->timeout_secs_ah_idle = info->timeout_secs_ah_idle; - else - vh->timeout_secs_ah_idle = 10; - -#if defined(LWS_WITH_TLS) - - vh->tls.alpn = info->alpn; - vh->tls.ssl_info_event_mask = info->ssl_info_event_mask; - - if (info->ecdh_curve) - lws_strncpy(vh->tls.ecdh_curve, info->ecdh_curve, - sizeof(vh->tls.ecdh_curve)); - - /* carefully allocate and take a copy of cert + key paths if present */ - n = 0; - if (info->ssl_cert_filepath) - n += (int)strlen(info->ssl_cert_filepath) + 1; - if (info->ssl_private_key_filepath) - n += (int)strlen(info->ssl_private_key_filepath) + 1; - - if (n) { - vh->tls.key_path = vh->tls.alloc_cert_path = - lws_malloc(n, "vh paths"); - if (info->ssl_cert_filepath) { - n = (int)strlen(info->ssl_cert_filepath) + 1; - memcpy(vh->tls.alloc_cert_path, - info->ssl_cert_filepath, n); - vh->tls.key_path += n; - } - if (info->ssl_private_key_filepath) - memcpy(vh->tls.key_path, info->ssl_private_key_filepath, - strlen(info->ssl_private_key_filepath) + 1); - } -#endif - - /* - * give the vhost a unified list of protocols including the - * ones that came from plugins - */ - lwsp = lws_zalloc(sizeof(struct lws_protocols) * (vh->count_protocols + - context->plugin_protocol_count + 1), - "vhost-specific plugin table"); - if (!lwsp) { - lwsl_err("OOM\n"); - return NULL; - } - - m = vh->count_protocols; - memcpy(lwsp, pcols, sizeof(struct lws_protocols) * m); - - /* for compatibility, all protocols enabled on vhost if only - * the default vhost exists. Otherwise only vhosts who ask - * for a protocol get it enabled. - */ - - if (context->options & LWS_SERVER_OPTION_EXPLICIT_VHOSTS) - f = 0; - (void)f; -#ifdef LWS_WITH_PLUGINS - if (plugin) { - - while (plugin) { - for (n = 0; n < plugin->caps.count_protocols; n++) { - /* - * for compatibility's sake, no pvo implies - * allow all protocols - */ - if (f || lws_vhost_protocol_options(vh, - plugin->caps.protocols[n].name)) { - memcpy(&lwsp[m], - &plugin->caps.protocols[n], - sizeof(struct lws_protocols)); - m++; - vh->count_protocols++; - } - } - plugin = plugin->list; - } - } -#endif - - if ( -#ifdef LWS_WITH_PLUGINS - (context->plugin_list) || -#endif - context->options & LWS_SERVER_OPTION_EXPLICIT_VHOSTS) - vh->protocols = lwsp; - else { - vh->protocols = pcols; - lws_free(lwsp); - } - - vh->same_vh_protocol_heads = (struct lws_dll_lws *) - lws_zalloc(sizeof(struct lws_dll_lws) * - vh->count_protocols, "same vh list"); -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - vh->http.mount_list = info->mounts; -#endif - -#ifdef LWS_WITH_UNIX_SOCK - if (LWS_UNIX_SOCK_ENABLED(vh)) { - lwsl_notice("Creating Vhost '%s' path \"%s\", %d protocols\n", - vh->name, vh->iface, vh->count_protocols); - } else -#endif - { - switch(info->port) { - case CONTEXT_PORT_NO_LISTEN: - strcpy(buf, "(serving disabled)"); - break; - case CONTEXT_PORT_NO_LISTEN_SERVER: - strcpy(buf, "(no listener)"); - break; - default: - lws_snprintf(buf, sizeof(buf), "port %u", info->port); - break; - } - lwsl_notice("Creating Vhost '%s' %s, %d protocols, IPv6 %s\n", - vh->name, buf, vh->count_protocols, - LWS_IPV6_ENABLED(vh) ? "on" : "off"); - } - mounts = info->mounts; - while (mounts) { - (void)mount_protocols[0]; - lwsl_info(" mounting %s%s to %s\n", - mount_protocols[mounts->origin_protocol], - mounts->origin, mounts->mountpoint); - - /* convert interpreter protocol names to pointers */ - pvo = mounts->interpret; - while (pvo) { - for (n = 0; n < vh->count_protocols; n++) { - if (strcmp(pvo->value, vh->protocols[n].name)) - continue; - ((struct lws_protocol_vhost_options *)pvo)-> - value = (const char *)(lws_intptr_t)n; - break; - } - if (n == vh->count_protocols) - lwsl_err("ignoring unknown interp pr %s\n", - pvo->value); - pvo = pvo->next; - } - - mounts = mounts->mount_next; - } - - vh->listen_port = info->port; -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - vh->http.http_proxy_port = 0; - vh->http.http_proxy_address[0] = '\0'; -#endif -#if defined(LWS_WITH_SOCKS5) - vh->socks_proxy_port = 0; - vh->socks_proxy_address[0] = '\0'; -#endif - -#if !defined(LWS_WITHOUT_CLIENT) - /* either use proxy from info, or try get it from env var */ -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - /* http proxy */ - if (info->http_proxy_address) { - /* override for backwards compatibility */ - if (info->http_proxy_port) - vh->http.http_proxy_port = info->http_proxy_port; - lws_set_proxy(vh, info->http_proxy_address); - } else -#endif - { -#ifdef LWS_HAVE_GETENV - p = getenv("http_proxy"); - if (p) - lws_set_proxy(vh, p); -#endif - } -#endif -#if defined(LWS_WITH_SOCKS5) - /* socks proxy */ - if (info->socks_proxy_address) { - /* override for backwards compatibility */ - if (info->socks_proxy_port) - vh->socks_proxy_port = info->socks_proxy_port; - lws_set_socks(vh, info->socks_proxy_address); - } else { -#ifdef LWS_HAVE_GETENV - p = getenv("socks_proxy"); - if (p) - lws_set_socks(vh, p); -#endif - } -#endif - - vh->ka_time = info->ka_time; - vh->ka_interval = info->ka_interval; - vh->ka_probes = info->ka_probes; - - if (vh->options & LWS_SERVER_OPTION_STS) - lwsl_notice(" STS enabled\n"); - -#ifdef LWS_WITH_ACCESS_LOG - if (info->log_filepath) { - vh->log_fd = lws_open(info->log_filepath, - O_CREAT | O_APPEND | O_RDWR, 0600); - if (vh->log_fd == (int)LWS_INVALID_FILE) { - lwsl_err("unable to open log filepath %s\n", - info->log_filepath); - goto bail; - } -#ifndef WIN32 - if (context->uid != -1) - if (chown(info->log_filepath, context->uid, - context->gid) == -1) - lwsl_err("unable to chown log file %s\n", - info->log_filepath); -#endif - } else - vh->log_fd = (int)LWS_INVALID_FILE; -#endif - if (lws_context_init_server_ssl(info, vh)) { - lwsl_err("%s: lws_context_init_server_ssl failed\n", __func__); - goto bail1; - } - if (lws_context_init_client_ssl(info, vh)) { - lwsl_err("%s: lws_context_init_client_ssl failed\n", __func__); - goto bail1; - } - lws_context_lock(context, "create_vhost"); - n = _lws_vhost_init_server(info, vh); - lws_context_unlock(context); - if (n < 0) { - lwsl_err("init server failed\n"); - goto bail1; - } - - while (1) { - if (!(*vh1)) { - *vh1 = vh; - break; - } - vh1 = &(*vh1)->vhost_next; - }; - - /* for the case we are adding a vhost much later, after server init */ - - if (context->protocol_init_done) - if (lws_protocol_init(context)) { - lwsl_err("%s: lws_protocol_init failed\n", __func__); - goto bail1; - } - - return vh; - -bail1: - lws_vhost_destroy(vh); - - return NULL; - -#ifdef LWS_WITH_ACCESS_LOG -bail: - lws_free(vh); -#endif - - return NULL; -} - -LWS_VISIBLE int -lws_init_vhost_client_ssl(const struct lws_context_creation_info *info, - struct lws_vhost *vhost) -{ - struct lws_context_creation_info i; - - memcpy(&i, info, sizeof(i)); - i.port = CONTEXT_PORT_NO_LISTEN; - - return lws_context_init_client_ssl(&i, vhost); -} - -LWS_VISIBLE void -lws_cancel_service_pt(struct lws *wsi) -{ - lws_plat_pipe_signal(wsi); -} - -LWS_VISIBLE void -lws_cancel_service(struct lws_context *context) -{ - struct lws_context_per_thread *pt = &context->pt[0]; - short m = context->count_threads; - - if (context->being_destroyed1) - return; - - lwsl_info("%s\n", __func__); - - while (m--) { - if (pt->pipe_wsi) - lws_plat_pipe_signal(pt->pipe_wsi); - pt++; - } -} - -int -lws_create_event_pipes(struct lws_context *context) -{ - struct lws *wsi; - int n; - - /* - * Create the pt event pipes... these are unique in that they are - * not bound to a vhost or protocol (both are NULL) - */ - - for (n = 0; n < context->count_threads; n++) { - if (context->pt[n].pipe_wsi) - continue; - - wsi = lws_zalloc(sizeof(*wsi), "event pipe wsi"); - if (!wsi) { - lwsl_err("%s: Out of mem\n", __func__); - return 1; - } - wsi->context = context; - lws_role_transition(wsi, 0, LRS_UNCONNECTED, &role_ops_pipe); - wsi->protocol = NULL; - wsi->tsi = n; - wsi->vhost = NULL; - wsi->event_pipe = 1; - wsi->desc.sockfd = LWS_SOCK_INVALID; - context->pt[n].pipe_wsi = wsi; - context->count_wsi_allocated++; - - if (lws_plat_pipe_create(wsi)) - /* - * platform code returns 0 if it actually created pipes - * and initialized pt->dummy_pipe_fds[]. If it used - * some other mechanism outside of signaling in the - * normal event loop, we skip treating the pipe as - * related to dummy_pipe_fds[], adding it to the fds, - * etc. - */ - continue; - - wsi->desc.sockfd = context->pt[n].dummy_pipe_fds[0]; - lwsl_debug("event pipe fd %d\n", wsi->desc.sockfd); - - if (context->event_loop_ops->accept) - if (context->event_loop_ops->accept(wsi)) - return 1; - - if (__insert_wsi_socket_into_fds(context, wsi)) - return 1; - } - - return 0; -} - -void -lws_destroy_event_pipe(struct lws *wsi) -{ - lwsl_info("%s\n", __func__); - __remove_wsi_socket_from_fds(wsi); - - if (wsi->context->event_loop_ops->wsi_logical_close) { - wsi->context->event_loop_ops->wsi_logical_close(wsi); - lws_plat_pipe_close(wsi); - wsi->context->count_wsi_allocated--; - return; - } - - if (wsi->context->event_loop_ops->destroy_wsi) - wsi->context->event_loop_ops->destroy_wsi(wsi); - lws_plat_pipe_close(wsi); - wsi->context->count_wsi_allocated--; - lws_free(wsi); -} - -LWS_VISIBLE struct lws_context * -lws_create_context(const struct lws_context_creation_info *info) -{ - struct lws_context *context = NULL; - struct lws_plat_file_ops *prev; -#ifndef LWS_NO_DAEMONIZE - int pid_daemon = get_daemonize_pid(); -#endif - int n; -#if defined(__ANDROID__) - struct rlimit rt; -#endif - - lwsl_info("Initial logging level %d\n", log_level); - lwsl_info("Libwebsockets version: %s\n", library_version); - -#ifdef LWS_WITH_IPV6 - if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DISABLE_IPV6)) - lwsl_info("IPV6 compiled in and enabled\n"); - else - lwsl_info("IPV6 compiled in but disabled\n"); -#else - lwsl_info("IPV6 not compiled in\n"); -#endif - - lwsl_info(" LWS_DEF_HEADER_LEN : %u\n", LWS_DEF_HEADER_LEN); - lwsl_info(" LWS_MAX_PROTOCOLS : %u\n", LWS_MAX_PROTOCOLS); - lwsl_info(" LWS_MAX_SMP : %u\n", LWS_MAX_SMP); - lwsl_info(" sizeof (*info) : %ld\n", (long)sizeof(*info)); -#if defined(LWS_WITH_STATS) - lwsl_info(" LWS_WITH_STATS : on\n"); -#endif - lwsl_info(" SYSTEM_RANDOM_FILEPATH: '%s'\n", SYSTEM_RANDOM_FILEPATH); -#if defined(LWS_WITH_HTTP2) - lwsl_info(" HTTP2 support : available\n"); -#else - lwsl_info(" HTTP2 support : not configured\n"); -#endif - if (lws_plat_context_early_init()) - return NULL; - - context = lws_zalloc(sizeof(struct lws_context), "context"); - if (!context) { - lwsl_err("No memory for websocket context\n"); - return NULL; - } - -#if defined(LWS_WITH_TLS) -#if defined(LWS_WITH_MBEDTLS) - context->tls_ops = &tls_ops_mbedtls; -#else - context->tls_ops = &tls_ops_openssl; -#endif -#endif - - if (info->pt_serv_buf_size) - context->pt_serv_buf_size = info->pt_serv_buf_size; - else - context->pt_serv_buf_size = 4096; - -#if defined(LWS_ROLE_H2) - role_ops_h2.init_context(context, info); -#endif - -#if LWS_MAX_SMP > 1 - lws_mutex_refcount_init(&context->mr); -#endif - -#if defined(LWS_WITH_ESP32) - context->last_free_heap = esp_get_free_heap_size(); -#endif - - /* default to just the platform fops implementation */ - - context->fops_platform.LWS_FOP_OPEN = _lws_plat_file_open; - context->fops_platform.LWS_FOP_CLOSE = _lws_plat_file_close; - context->fops_platform.LWS_FOP_SEEK_CUR = _lws_plat_file_seek_cur; - context->fops_platform.LWS_FOP_READ = _lws_plat_file_read; - context->fops_platform.LWS_FOP_WRITE = _lws_plat_file_write; - context->fops_platform.fi[0].sig = NULL; - - /* - * arrange a linear linked-list of fops starting from context->fops - * - * platform fops - * [ -> fops_zip (copied into context so .next settable) ] - * [ -> info->fops ] - */ - - context->fops = &context->fops_platform; - prev = (struct lws_plat_file_ops *)context->fops; - -#if defined(LWS_WITH_ZIP_FOPS) - /* make a soft copy so we can set .next */ - context->fops_zip = fops_zip; - prev->next = &context->fops_zip; - prev = (struct lws_plat_file_ops *)prev->next; -#endif - - /* if user provided fops, tack them on the end of the list */ - if (info->fops) - prev->next = info->fops; - - context->reject_service_keywords = info->reject_service_keywords; - if (info->external_baggage_free_on_destroy) - context->external_baggage_free_on_destroy = - info->external_baggage_free_on_destroy; - - context->time_up = time(NULL); - context->pcontext_finalize = info->pcontext; - - context->simultaneous_ssl_restriction = - info->simultaneous_ssl_restriction; - -#ifndef LWS_NO_DAEMONIZE - if (pid_daemon) { - context->started_with_parent = pid_daemon; - lwsl_info(" Started with daemon pid %d\n", pid_daemon); - } -#endif -#if defined(__ANDROID__) - n = getrlimit ( RLIMIT_NOFILE,&rt); - if (-1 == n) { - lwsl_err("Get RLIMIT_NOFILE failed!\n"); - return NULL; - } - context->max_fds = rt.rlim_cur; -#else - context->max_fds = getdtablesize(); -#endif - - if (info->count_threads) - context->count_threads = info->count_threads; - else - context->count_threads = 1; - - if (context->count_threads > LWS_MAX_SMP) - context->count_threads = LWS_MAX_SMP; - - context->token_limits = info->token_limits; - - context->options = info->options; - - /* - * set the context event loops ops struct - * - * after this, all event_loop actions use the generic ops - */ - -#if defined(LWS_WITH_POLL) - context->event_loop_ops = &event_loop_ops_poll; -#endif - - if (lws_check_opt(context->options, LWS_SERVER_OPTION_LIBUV)) -#if defined(LWS_WITH_LIBUV) - context->event_loop_ops = &event_loop_ops_uv; -#else - goto fail_event_libs; -#endif - - if (lws_check_opt(context->options, LWS_SERVER_OPTION_LIBEV)) -#if defined(LWS_WITH_LIBEV) - context->event_loop_ops = &event_loop_ops_ev; -#else - goto fail_event_libs; -#endif - - if (lws_check_opt(context->options, LWS_SERVER_OPTION_LIBEVENT)) -#if defined(LWS_WITH_LIBEVENT) - context->event_loop_ops = &event_loop_ops_event; -#else - goto fail_event_libs; -#endif - - if (!context->event_loop_ops) - goto fail_event_libs; - - lwsl_info("Using event loop: %s\n", context->event_loop_ops->name); - -#if defined(LWS_WITH_TLS) - time(&context->tls.last_cert_check_s); - if (info->alpn) - context->tls.alpn_default = info->alpn; - else { - char *p = context->tls.alpn_discovered, first = 1; - - LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) { - if (ar->alpn) { - if (!first) - *p++ = ','; - p += lws_snprintf(p, - context->tls.alpn_discovered + - sizeof(context->tls.alpn_discovered) - - 2 - p, "%s", ar->alpn); - first = 0; - } - } LWS_FOR_EVERY_AVAILABLE_ROLE_END; - - context->tls.alpn_default = context->tls.alpn_discovered; - } - - lwsl_info("Default ALPN advertisment: %s\n", context->tls.alpn_default); -#endif - - if (info->timeout_secs) - context->timeout_secs = info->timeout_secs; - else - context->timeout_secs = AWAITING_TIMEOUT; - - context->ws_ping_pong_interval = info->ws_ping_pong_interval; - - lwsl_info(" default timeout (secs): %u\n", context->timeout_secs); - - if (info->max_http_header_data) - context->max_http_header_data = info->max_http_header_data; - else - if (info->max_http_header_data2) - context->max_http_header_data = - info->max_http_header_data2; - else - context->max_http_header_data = LWS_DEF_HEADER_LEN; - - if (info->max_http_header_pool) - context->max_http_header_pool = info->max_http_header_pool; - else - if (info->max_http_header_pool2) - context->max_http_header_pool = - info->max_http_header_pool2; - else - context->max_http_header_pool = context->max_fds; - - if (info->fd_limit_per_thread) - context->fd_limit_per_thread = info->fd_limit_per_thread; - else - context->fd_limit_per_thread = context->max_fds / - context->count_threads; - - /* - * Allocate the per-thread storage for scratchpad buffers, - * and header data pool - */ - for (n = 0; n < context->count_threads; n++) { - context->pt[n].serv_buf = lws_malloc(context->pt_serv_buf_size, - "pt_serv_buf"); - if (!context->pt[n].serv_buf) { - lwsl_err("OOM\n"); - return NULL; - } - - context->pt[n].context = context; - context->pt[n].tid = n; - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - context->pt[n].http.ah_list = NULL; - context->pt[n].http.ah_pool_length = 0; -#endif - lws_pt_mutex_init(&context->pt[n]); - } - - lwsl_info(" Threads: %d each %d fds\n", context->count_threads, - context->fd_limit_per_thread); - - if (!info->ka_interval && info->ka_time > 0) { - lwsl_err("info->ka_interval can't be 0 if ka_time used\n"); - return NULL; - } - -#if defined(LWS_WITH_PEER_LIMITS) - /* scale the peer hash table according to the max fds for the process, - * so that the max list depth averages 16. Eg, 1024 fd -> 64, - * 102400 fd -> 6400 - */ - - context->pl_hash_elements = - (context->count_threads * context->fd_limit_per_thread) / 16; - context->pl_hash_table = lws_zalloc(sizeof(struct lws_peer *) * - context->pl_hash_elements, "peer limits hash table"); - - context->ip_limit_ah = info->ip_limit_ah; - context->ip_limit_wsi = info->ip_limit_wsi; -#endif - - lwsl_info(" mem: context: %5lu B (%ld ctx + (%ld thr x %d))\n", - (long)sizeof(struct lws_context) + - (context->count_threads * context->pt_serv_buf_size), - (long)sizeof(struct lws_context), - (long)context->count_threads, - context->pt_serv_buf_size); -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - lwsl_info(" mem: http hdr rsvd: %5lu B (%u thr x (%u + %lu) x %u))\n", - (long)(context->max_http_header_data + - sizeof(struct allocated_headers)) * - context->max_http_header_pool * context->count_threads, - context->count_threads, - context->max_http_header_data, - (long)sizeof(struct allocated_headers), - context->max_http_header_pool); -#endif - n = sizeof(struct lws_pollfd) * context->count_threads * - context->fd_limit_per_thread; - context->pt[0].fds = lws_zalloc(n, "fds table"); - if (context->pt[0].fds == NULL) { - lwsl_err("OOM allocating %d fds\n", context->max_fds); - goto bail; - } - lwsl_info(" mem: pollfd map: %5u\n", n); - - if (info->server_string) { - context->server_string = info->server_string; - context->server_string_len = (short) - strlen(context->server_string); - } - -#if LWS_MAX_SMP > 1 - /* each thread serves his own chunk of fds */ - for (n = 1; n < (int)info->count_threads; n++) - context->pt[n].fds = context->pt[n - 1].fds + - context->fd_limit_per_thread; -#endif - - if (lws_plat_init(context, info)) - goto bail; - - if (context->event_loop_ops->init_context) - if (context->event_loop_ops->init_context(context, info)) - goto bail; - - - if (context->event_loop_ops->init_pt) - for (n = 0; n < context->count_threads; n++) { - void *lp = NULL; - - if (info->foreign_loops) - lp = info->foreign_loops[n]; - - if (context->event_loop_ops->init_pt(context, lp, n)) - goto bail; - } - - if (lws_create_event_pipes(context)) - goto bail; - - lws_context_init_ssl_library(info); - - context->user_space = info->user; - - /* - * if he's not saying he'll make his own vhosts later then act - * compatibly and make a default vhost using the data in the info - */ - if (!lws_check_opt(info->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) - if (!lws_create_vhost(context, info)) { - lwsl_err("Failed to create default vhost\n"); - for (n = 0; n < context->count_threads; n++) - lws_free_set_NULL(context->pt[n].serv_buf); -#if defined(LWS_WITH_PEER_LIMITS) - lws_free_set_NULL(context->pl_hash_table); -#endif - lws_free_set_NULL(context->pt[0].fds); - lws_plat_context_late_destroy(context); - lws_free_set_NULL(context); - return NULL; - } - - lws_context_init_extensions(info, context); - - lwsl_info(" mem: per-conn: %5lu bytes + protocol rx buf\n", - (unsigned long)sizeof(struct lws)); - - strcpy(context->canonical_hostname, "unknown"); - lws_server_get_canonical_hostname(context, info); - - context->uid = info->uid; - context->gid = info->gid; - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - memcpy(context->caps, info->caps, sizeof(context->caps)); - context->count_caps = info->count_caps; -#endif - - /* - * drop any root privs for this process - * to listen on port < 1023 we would have needed root, but now we are - * listening, we don't want the power for anything else - */ - if (!lws_check_opt(info->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) - lws_plat_drop_app_privileges(info); - - /* expedite post-context init (eg, protocols) */ - lws_cancel_service(context); - -#if defined(LWS_WITH_SELFTESTS) - lws_jws_selftest(); -#endif - - return context; - -bail: - lws_context_destroy(context); - - return NULL; - -fail_event_libs: - lwsl_err("Requested event library support not configured, available:\n"); - { - const struct lws_event_loop_ops **elops = available_event_libs; - - while (*elops) { - lwsl_err(" - %s\n", (*elops)->name); - elops++; - } - } - lws_free(context); - - return NULL; -} - -LWS_VISIBLE LWS_EXTERN void -lws_context_deprecate(struct lws_context *context, lws_reload_func cb) -{ - struct lws_vhost *vh = context->vhost_list, *vh1; - - /* - * "deprecation" means disable the context from accepting any new - * connections and free up listen sockets to be used by a replacement - * context. - * - * Otherwise the deprecated context remains operational, until its - * number of connected sockets falls to zero, when it is deleted. - */ - - /* for each vhost, close his listen socket */ - - while (vh) { - struct lws *wsi = vh->lserv_wsi; - - if (wsi) { - wsi->socket_is_permanently_unusable = 1; - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "ctx deprecate"); - wsi->context->deprecation_pending_listen_close_count++; - /* - * other vhosts can share the listen port, they - * point to the same wsi. So zap those too. - */ - vh1 = context->vhost_list; - while (vh1) { - if (vh1->lserv_wsi == wsi) - vh1->lserv_wsi = NULL; - vh1 = vh1->vhost_next; - } - } - vh = vh->vhost_next; - } - - context->deprecated = 1; - context->deprecation_cb = cb; -} - -LWS_VISIBLE LWS_EXTERN int -lws_context_is_deprecated(struct lws_context *context) -{ - return context->deprecated; -} - -void -lws_vhost_destroy1(struct lws_vhost *vh) -{ - struct lws_context *context = vh->context; - - lwsl_info("%s\n", __func__); - - lws_context_lock(context, "vhost destroy 1"); /* ---------- context { */ - - if (vh->being_destroyed) - goto out; - - lws_vhost_lock(vh); /* -------------- vh { */ - - vh->being_destroyed = 1; - - /* - * PHASE 1: take down or reassign any listen wsi - * - * Are there other vhosts that are piggybacking on our listen socket? - * If so we need to hand the listen socket off to one of the others - * so it will remain open. - * - * If not, leave it attached to the closing vhost, the vh being marked - * being_destroyed will defeat any service and it will get closed in - * later phases. - */ - - if (vh->lserv_wsi) - lws_start_foreach_ll(struct lws_vhost *, v, - context->vhost_list) { - if (v != vh && - !v->being_destroyed && - v->listen_port == vh->listen_port && - ((!v->iface && !vh->iface) || - (v->iface && vh->iface && - !strcmp(v->iface, vh->iface)))) { - /* - * this can only be a listen wsi, which is - * restricted... it has no protocol or other - * bindings or states. So we can simply - * swap it to a vhost that has the same - * iface + port, but is not closing. - */ - assert(v->lserv_wsi == NULL); - v->lserv_wsi = vh->lserv_wsi; - - lwsl_notice("%s: listen skt from %s to %s\n", - __func__, vh->name, v->name); - - if (v->lserv_wsi) { - lws_vhost_unbind_wsi(vh->lserv_wsi); - lws_vhost_bind_wsi(v, v->lserv_wsi); - } - - break; - } - } lws_end_foreach_ll(v, vhost_next); - - lws_vhost_unlock(vh); /* } vh -------------- */ - - /* - * lws_check_deferred_free() will notice there is a vhost that is - * marked for destruction during the next 1s, for all tsi. - * - * It will start closing all wsi on this vhost. When the last wsi - * is closed, it will trigger lws_vhost_destroy2() - */ - -out: - lws_context_unlock(context); /* --------------------------- context { */ -} - -void -__lws_vhost_destroy2(struct lws_vhost *vh) -{ - const struct lws_protocols *protocol = NULL; - struct lws_context *context = vh->context; - struct lws_deferred_free *df; - struct lws wsi; - int n; - - /* - * destroy any pending timed events - */ - - while (vh->timed_vh_protocol_list) - __lws_timed_callback_remove(vh, vh->timed_vh_protocol_list); - - /* - * let the protocols destroy the per-vhost protocol objects - */ - - memset(&wsi, 0, sizeof(wsi)); - wsi.context = vh->context; - wsi.vhost = vh; /* not a real bound wsi */ - protocol = vh->protocols; - if (protocol && vh->created_vhost_protocols) { - n = 0; - while (n < vh->count_protocols) { - wsi.protocol = protocol; - protocol->callback(&wsi, LWS_CALLBACK_PROTOCOL_DESTROY, - NULL, NULL, 0); - protocol++; - n++; - } - } - - /* - * remove vhost from context list of vhosts - */ - - lws_start_foreach_llp(struct lws_vhost **, pv, context->vhost_list) { - if (*pv == vh) { - *pv = vh->vhost_next; - break; - } - } lws_end_foreach_llp(pv, vhost_next); - - /* add ourselves to the pending destruction list */ - - vh->vhost_next = vh->context->vhost_pending_destruction_list; - vh->context->vhost_pending_destruction_list = vh; - - lwsl_info("%s: %p\n", __func__, vh); - - /* if we are still on deferred free list, remove ourselves */ - - lws_start_foreach_llp(struct lws_deferred_free **, pdf, - context->deferred_free_list) { - if ((*pdf)->payload == vh) { - df = *pdf; - *pdf = df->next; - lws_free(df); - break; - } - } lws_end_foreach_llp(pdf, next); - - /* remove ourselves from the pending destruction list */ - - lws_start_foreach_llp(struct lws_vhost **, pv, - context->vhost_pending_destruction_list) { - if ((*pv) == vh) { - *pv = (*pv)->vhost_next; - break; - } - } lws_end_foreach_llp(pv, vhost_next); - - /* - * Free all the allocations associated with the vhost - */ - - protocol = vh->protocols; - if (protocol) { - n = 0; - while (n < vh->count_protocols) { - if (vh->protocol_vh_privs && - vh->protocol_vh_privs[n]) { - lws_free(vh->protocol_vh_privs[n]); - vh->protocol_vh_privs[n] = NULL; - } - protocol++; - n++; - } - } - if (vh->protocol_vh_privs) - lws_free(vh->protocol_vh_privs); - lws_ssl_SSL_CTX_destroy(vh); - lws_free(vh->same_vh_protocol_heads); - - if (context->plugin_list || - (context->options & LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) - lws_free((void *)vh->protocols); - - LWS_FOR_EVERY_AVAILABLE_ROLE_START(ar) - if (ar->destroy_vhost) - ar->destroy_vhost(vh); - LWS_FOR_EVERY_AVAILABLE_ROLE_END; - -#ifdef LWS_WITH_ACCESS_LOG - if (vh->log_fd != (int)LWS_INVALID_FILE) - close(vh->log_fd); -#endif - -#if defined (LWS_WITH_TLS) - lws_free_set_NULL(vh->tls.alloc_cert_path); -#endif - -#if LWS_MAX_SMP > 1 - pthread_mutex_destroy(&vh->lock); -#endif - -#if defined(LWS_WITH_UNIX_SOCK) - if (LWS_UNIX_SOCK_ENABLED(vh)) { - n = unlink(vh->iface); - if (n) - lwsl_info("Closing unix socket %s: errno %d\n", - vh->iface, errno); - } -#endif - /* - * although async event callbacks may still come for wsi handles with - * pending close in the case of asycn event library like libuv, - * they do not refer to the vhost. So it's safe to free. - */ - - if (vh->finalize) - vh->finalize(vh, vh->finalize_arg); - - lwsl_info(" %s: Freeing vhost %p\n", __func__, vh); - - memset(vh, 0, sizeof(*vh)); - lws_free(vh); -} - -/* - * each service thread calls this once a second or so - */ - -int -lws_check_deferred_free(struct lws_context *context, int tsi, int force) -{ - struct lws_context_per_thread *pt; - int n; - - /* - * If we see a vhost is being destroyed, forcibly close every wsi on - * this tsi associated with this vhost. That will include the listen - * socket if it is still associated with the closing vhost. - * - * For SMP, we do this once per tsi per destroyed vhost. The reference - * counting on the vhost as the bound wsi close will notice that there - * are no bound wsi left, that vhost destruction can complete, - * and perform it. It doesn't matter which service thread does that - * because there is nothing left using the vhost to conflict. - */ - - lws_context_lock(context, "check deferred free"); /* ------ context { */ - - lws_start_foreach_ll_safe(struct lws_vhost *, v, context->vhost_list, vhost_next) { - if (v->being_destroyed -#if LWS_MAX_SMP > 1 - && !v->close_flow_vs_tsi[tsi] -#endif - ) { - - pt = &context->pt[tsi]; - - lws_pt_lock(pt, "vhost removal"); /* -------------- pt { */ - -#if LWS_MAX_SMP > 1 - v->close_flow_vs_tsi[tsi] = 1; -#endif - - for (n = 0; (unsigned int)n < pt->fds_count; n++) { - struct lws *wsi = wsi_from_fd(context, pt->fds[n].fd); - if (!wsi) - continue; - if (wsi->vhost != v) - continue; - - __lws_close_free_wsi(wsi, - LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY, - "vh destroy" - /* no protocol close */); - n--; - } - - lws_pt_unlock(pt); /* } pt -------------- */ - } - } lws_end_foreach_ll_safe(v); - - - lws_context_unlock(context); /* } context ------------------- */ - - return 0; -} - -LWS_VISIBLE void -lws_vhost_destroy(struct lws_vhost *vh) -{ - struct lws_deferred_free *df = lws_malloc(sizeof(*df), "deferred free"); - struct lws_context *context = vh->context; - - if (!df) - return; - - lws_context_lock(context, __func__); /* ------ context { */ - - lws_vhost_destroy1(vh); - - if (!vh->count_bound_wsi) { - /* - * After listen handoff, there are already no wsi bound to this - * vhost by any pt: nothing can be servicing any wsi belonging - * to it any more. - * - * Finalize the vh destruction immediately - */ - __lws_vhost_destroy2(vh); - lws_free(df); - - goto out; - } - - /* part 2 is deferred to allow all the handle closes to complete */ - - df->next = vh->context->deferred_free_list; - df->deadline = lws_now_secs(); - df->payload = vh; - vh->context->deferred_free_list = df; - -out: - lws_context_unlock(context); /* } context ------------------- */ -} - -/* - * When using an event loop, the context destruction is in three separate - * parts. This is to cover both internal and foreign event loops cleanly. - * - * - lws_context_destroy() simply starts a soft close of all wsi and - * related allocations. The event loop continues. - * - * As the closes complete in the event loop, reference counting is used - * to determine when everything is closed. It then calls - * lws_context_destroy2(). - * - * - lws_context_destroy2() cleans up the rest of the higher-level logical - * lws pieces like vhosts. If the loop was foreign, it then proceeds to - * lws_context_destroy3(). If it the loop is internal, it stops the - * internal loops and waits for lws_context_destroy() to be called again - * outside the event loop (since we cannot destroy the loop from - * within the loop). That will cause lws_context_destroy3() to run - * directly. - * - * - lws_context_destroy3() destroys any internal event loops and then - * destroys the context itself, setting what was info.pcontext to NULL. - */ - -/* - * destroy the actual context itself - */ - -static void -lws_context_destroy3(struct lws_context *context) -{ - struct lws_context **pcontext_finalize = context->pcontext_finalize; - int n; - - for (n = 0; n < context->count_threads; n++) { -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - struct lws_context_per_thread *pt = &context->pt[n]; -#endif - - if (context->event_loop_ops->destroy_pt) - context->event_loop_ops->destroy_pt(context, n); - - lws_free_set_NULL(context->pt[n].serv_buf); - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - while (pt->http.ah_list) - _lws_destroy_ah(pt, pt->http.ah_list); -#endif - } - - if (context->pt[0].fds) - lws_free_set_NULL(context->pt[0].fds); - - lws_free(context); - lwsl_info("%s: ctx %p freed\n", __func__, context); - - if (pcontext_finalize) - *pcontext_finalize = NULL; -} - -/* - * really start destroying things - */ - -void -lws_context_destroy2(struct lws_context *context) -{ - struct lws_vhost *vh = NULL, *vh1; -#if defined(LWS_WITH_PEER_LIMITS) - uint32_t nu; -#endif - - lwsl_info("%s: ctx %p\n", __func__, context); - - lws_context_lock(context, "context destroy 2"); /* ------ context { */ - - context->being_destroyed2 = 1; - - /* - * free all the per-vhost allocations - */ - - vh = context->vhost_list; - while (vh) { - vh1 = vh->vhost_next; - __lws_vhost_destroy2(vh); - vh = vh1; - } - - /* remove ourselves from the pending destruction list */ - - while (context->vhost_pending_destruction_list) - /* removes itself from list */ - __lws_vhost_destroy2(context->vhost_pending_destruction_list); - - - lws_stats_log_dump(context); - - lws_ssl_context_destroy(context); - lws_plat_context_late_destroy(context); - -#if defined(LWS_WITH_PEER_LIMITS) - for (nu = 0; nu < context->pl_hash_elements; nu++) { - lws_start_foreach_llp(struct lws_peer **, peer, - context->pl_hash_table[nu]) { - struct lws_peer *df = *peer; - *peer = df->next; - lws_free(df); - continue; - } lws_end_foreach_llp(peer, next); - } - lws_free(context->pl_hash_table); -#endif - - if (context->external_baggage_free_on_destroy) - free(context->external_baggage_free_on_destroy); - - lws_check_deferred_free(context, 0, 1); - -#if LWS_MAX_SMP > 1 - lws_mutex_refcount_destroy(&context->mr); -#endif - - if (context->event_loop_ops->destroy_context2) - if (context->event_loop_ops->destroy_context2(context)) { - lws_context_unlock(context); /* } context ----------- */ - context->finalize_destroy_after_internal_loops_stopped = 1; - return; - } - - if (!context->pt[0].event_loop_foreign) { - int n; - for (n = 0; n < context->count_threads; n++) - if (context->pt[n].inside_service) { - lws_context_unlock(context); /* } context --- */ - return; - } - } - - lws_context_unlock(context); /* } context ------------------- */ - - lws_context_destroy3(context); -} - -/* - * Begin the context takedown - */ - -LWS_VISIBLE void -lws_context_destroy(struct lws_context *context) -{ - volatile struct lws_foreign_thread_pollfd *ftp, *next; - volatile struct lws_context_per_thread *vpt; - struct lws_vhost *vh = NULL; - struct lws wsi; - int n, m; - - if (!context) - return; - - if (context->finalize_destroy_after_internal_loops_stopped) { - if (context->event_loop_ops->destroy_context2) - context->event_loop_ops->destroy_context2(context); - - lws_context_destroy3(context); - - return; - } - - if (context->being_destroyed1) { - if (!context->being_destroyed2) { - lws_context_destroy2(context); - - return; - } - lwsl_info("%s: ctx %p: already being destroyed\n", - __func__, context); - - lws_context_destroy3(context); - return; - } - - lwsl_info("%s: ctx %p\n", __func__, context); - - m = context->count_threads; - context->being_destroyed = 1; - context->being_destroyed1 = 1; - context->requested_kill = 1; - - memset(&wsi, 0, sizeof(wsi)); - wsi.context = context; - -#ifdef LWS_LATENCY - if (context->worst_latency_info[0]) - lwsl_notice("Worst latency: %s\n", context->worst_latency_info); -#endif - - while (m--) { - struct lws_context_per_thread *pt = &context->pt[m]; - vpt = (volatile struct lws_context_per_thread *)pt; - - ftp = vpt->foreign_pfd_list; - while (ftp) { - next = ftp->next; - lws_free((void *)ftp); - ftp = next; - } - vpt->foreign_pfd_list = NULL; - - for (n = 0; (unsigned int)n < context->pt[m].fds_count; n++) { - struct lws *wsi = wsi_from_fd(context, pt->fds[n].fd); - if (!wsi) - continue; - - if (wsi->event_pipe) - lws_destroy_event_pipe(wsi); - else - lws_close_free_wsi(wsi, - LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY, - "ctx destroy" - /* no protocol close */); - n--; - } - lws_pt_mutex_destroy(pt); - } - - /* - * inform all the protocols that they are done and will have no more - * callbacks. - * - * We can't free things until after the event loop shuts down. - */ - if (context->protocol_init_done) - vh = context->vhost_list; - while (vh) { - struct lws_vhost *vhn = vh->vhost_next; - lws_vhost_destroy1(vh); - vh = vhn; - } - - lws_plat_context_early_destroy(context); - - /* - * We face two different needs depending if foreign loop or not. - * - * 1) If foreign loop, we really want to advance the destroy_context() - * past here, and block only for libuv-style async close completion. - * - * 2a) If poll, and we exited by ourselves and are calling a final - * destroy_context() outside of any service already, we want to - * advance all the way in one step. - * - * 2b) If poll, and we are reacting to a SIGINT, service thread(s) may - * be in poll wait or servicing. We can't advance the - * destroy_context() to the point it's freeing things; we have to - * leave that for the final destroy_context() after the service - * thread(s) are finished calling for service. - */ - - if (context->event_loop_ops->destroy_context1) { - context->event_loop_ops->destroy_context1(context); - - return; - } - - lws_context_destroy2(context); -} diff --git a/thirdparty/libwebsockets/lib/core/dummy-callback.c b/thirdparty/libwebsockets/lib/core/dummy-callback.c deleted file mode 100644 index 8fd18be9c5..0000000000 --- a/thirdparty/libwebsockets/lib/core/dummy-callback.c +++ /dev/null @@ -1,611 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -#if defined(LWS_WITH_HTTP_PROXY) -static int -proxy_header(struct lws *wsi, struct lws *par, unsigned char *temp, - int temp_len, int index, unsigned char **p, unsigned char *end) -{ - int n = lws_hdr_total_length(par, index); - - if (n < 1) { - lwsl_debug("%s: no index %d:\n", __func__, index); - return 0; - } - - if (lws_hdr_copy(par, (char *)temp, temp_len, index) < 0) - return -1; - - lwsl_debug("%s: index %d: %s\n", __func__, index, (char *)temp); - - if (lws_add_http_header_by_token(wsi, index, temp, n, p, end)) - return -1; - - return 0; -} - -static int -stream_close(struct lws *wsi) -{ - char buf[LWS_PRE + 6], *out = buf + LWS_PRE; - - if (wsi->http.did_stream_close) - return 0; - - wsi->http.did_stream_close = 1; - - if (wsi->http2_substream) { - if (lws_write(wsi, (unsigned char *)buf + LWS_PRE, 0, - LWS_WRITE_HTTP_FINAL) < 0) { - lwsl_info("%s: COMPL_CLIENT_HTTP: h2 fin wr failed\n", - __func__); - - return -1; - } - } else { - *out++ = '0'; - *out++ = '\x0d'; - *out++ = '\x0a'; - *out++ = '\x0d'; - *out++ = '\x0a'; - - if (lws_write(wsi, (unsigned char *)buf + LWS_PRE, 5, - LWS_WRITE_HTTP_FINAL) < 0) { - lwsl_err("%s: COMPL_CLIENT_HTTP: " - "h2 final write failed\n", __func__); - - return -1; - } - } - - return 0; -} - -#endif - -LWS_VISIBLE int -lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason, - void *user, void *in, size_t len) -{ - struct lws_ssl_info *si; -#ifdef LWS_WITH_CGI - struct lws_cgi_args *args; -#endif -#if defined(LWS_WITH_CGI) || defined(LWS_WITH_HTTP_PROXY) - char buf[8192]; - int n; -#endif -#if defined(LWS_WITH_HTTP_PROXY) - unsigned char **p, *end; - struct lws *parent; -#endif - - switch (reason) { -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - case LWS_CALLBACK_HTTP: -#ifndef LWS_NO_SERVER - if (lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL)) - return -1; - - if (lws_http_transaction_completed(wsi)) -#endif - return -1; - break; -#if !defined(LWS_NO_SERVER) - case LWS_CALLBACK_HTTP_BODY_COMPLETION: - case LWS_CALLBACK_HTTP_FILE_COMPLETION: - if (lws_http_transaction_completed(wsi)) - return -1; - break; -#endif - - case LWS_CALLBACK_HTTP_WRITEABLE: -#ifdef LWS_WITH_CGI - if (wsi->reason_bf & (LWS_CB_REASON_AUX_BF__CGI_HEADERS | - LWS_CB_REASON_AUX_BF__CGI)) { - n = lws_cgi_write_split_stdout_headers(wsi); - if (n < 0) { - lwsl_debug("AUX_BF__CGI forcing close\n"); - return -1; - } - if (!n) - lws_rx_flow_control( - wsi->http.cgi->stdwsi[LWS_STDOUT], 1); - - if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__CGI_HEADERS) - wsi->reason_bf &= - ~LWS_CB_REASON_AUX_BF__CGI_HEADERS; - else - wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__CGI; - - if (wsi->http.cgi && wsi->http.cgi->cgi_transaction_over) - return -1; - break; - } - - if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__CGI_CHUNK_END) { - if (!wsi->http2_substream) { - memcpy(buf + LWS_PRE, "0\x0d\x0a\x0d\x0a", 5); - lwsl_debug("writing chunk term and exiting\n"); - n = lws_write(wsi, (unsigned char *)buf + - LWS_PRE, 5, LWS_WRITE_HTTP); - } else - n = lws_write(wsi, (unsigned char *)buf + - LWS_PRE, 0, - LWS_WRITE_HTTP_FINAL); - - /* always close after sending it */ - return -1; - } -#endif -#if defined(LWS_WITH_HTTP_PROXY) - - if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__PROXY_HEADERS) { - - wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__PROXY_HEADERS; - - lwsl_debug("%s: %p: issuing proxy headers\n", - __func__, wsi); - n = lws_write(wsi, wsi->http.pending_return_headers + - LWS_PRE, - wsi->http.pending_return_headers_len, - LWS_WRITE_HTTP_HEADERS); - - lws_free_set_NULL(wsi->http.pending_return_headers); - - if (n < 0) { - lwsl_err("%s: EST_CLIENT_HTTP: write failed\n", - __func__); - return -1; - } - lws_callback_on_writable(wsi); - break; - } - - if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__PROXY) { - char *px = buf + LWS_PRE; - int lenx = sizeof(buf) - LWS_PRE - 32; - - /* - * our sink is writeable and our source has something - * to read. So read a lump of source material of - * suitable size to send or what's available, whichever - * is the smaller. - */ - wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__PROXY; - if (!lws_get_child(wsi)) - break; - - /* this causes LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ */ - if (lws_http_client_read(lws_get_child(wsi), &px, - &lenx) < 0) { - lwsl_info("%s: LWS_CB_REASON_AUX_BF__PROXY: " - "client closed\n", __func__); - - stream_close(wsi); - - return -1; - } - break; - } - - if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__PROXY_TRANS_END) { - lwsl_info("%s: LWS_CB_REASON_AUX_BF__PROXY_TRANS_END\n", - __func__); - - wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__PROXY_TRANS_END; - - if (stream_close(wsi)) - return -1; - - if (lws_http_transaction_completed(wsi)) - return -1; - } -#endif - break; - -#if defined(LWS_WITH_HTTP_PROXY) - case LWS_CALLBACK_RECEIVE_CLIENT_HTTP: - assert(lws_get_parent(wsi)); - if (!lws_get_parent(wsi)) - break; - lws_get_parent(wsi)->reason_bf |= LWS_CB_REASON_AUX_BF__PROXY; - lws_callback_on_writable(lws_get_parent(wsi)); - break; - - case LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ: { - char *out = buf + LWS_PRE; - - assert(lws_get_parent(wsi)); - - if (wsi->http.proxy_parent_chunked) { - - if (len > sizeof(buf) - LWS_PRE - 16) { - lwsl_err("oversize buf %d %d\n", (int)len, - (int)sizeof(buf) - LWS_PRE - 16); - return -1; - } - - /* - * this only needs dealing with on http/1.1 to allow - * pipelining - */ - n = lws_snprintf(out, 14, "%X\x0d\x0a", (int)len); - out += n; - memcpy(out, in, len); - out += len; - *out++ = '\x0d'; - *out++ = '\x0a'; - - n = lws_write(lws_get_parent(wsi), - (unsigned char *)buf + LWS_PRE, - len + n + 2, LWS_WRITE_HTTP); - } else - n = lws_write(lws_get_parent(wsi), (unsigned char *)in, - len, LWS_WRITE_HTTP); - if (n < 0) - return -1; - break; } - - - /* this handles the proxy case... */ - case LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP: { - unsigned char *start, *p, *end; - - /* - * We want to proxy these headers, but we are being called - * at the point the onward client was established, which is - * unrelated to the state or writability of our proxy - * connection. - * - * Therefore produce the headers using the onward client ah - * while we have it, and stick them on the output buflist to be - * written on the proxy connection as soon as convenient. - */ - - parent = lws_get_parent(wsi); - - if (!parent) - return 0; - - start = p = (unsigned char *)buf + LWS_PRE; - end = p + sizeof(buf) - LWS_PRE - 256; - - if (lws_add_http_header_status(lws_get_parent(wsi), - lws_http_client_http_response(wsi), &p, end)) - return 1; - - /* - * copy these headers from the client connection to the parent - */ - - proxy_header(parent, wsi, end, 256, - WSI_TOKEN_HTTP_CONTENT_LENGTH, &p, end); - proxy_header(parent, wsi, end, 256, - WSI_TOKEN_HTTP_CONTENT_TYPE, &p, end); - proxy_header(parent, wsi, end, 256, - WSI_TOKEN_HTTP_ETAG, &p, end); - proxy_header(parent, wsi, end, 256, - WSI_TOKEN_HTTP_ACCEPT_LANGUAGE, &p, end); - proxy_header(parent, wsi, end, 256, - WSI_TOKEN_HTTP_CONTENT_ENCODING, &p, end); - proxy_header(parent, wsi, end, 256, - WSI_TOKEN_HTTP_CACHE_CONTROL, &p, end); - - if (!parent->http2_substream) - if (lws_add_http_header_by_token(parent, - WSI_TOKEN_CONNECTION, (unsigned char *)"close", - 5, &p, end)) - return -1; - - /* - * We proxy using h1 only atm, and strip any chunking so it - * can go back out on h2 just fine. - * - * However if we are actually going out on h1, we need to add - * our own chunking since we still don't know the size. - */ - - if (!parent->http2_substream && - !lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { - lwsl_debug("downstream parent chunked\n"); - if (lws_add_http_header_by_token(parent, - WSI_TOKEN_HTTP_TRANSFER_ENCODING, - (unsigned char *)"chunked", 7, &p, end)) - return -1; - - wsi->http.proxy_parent_chunked = 1; - } - - if (lws_finalize_http_header(parent, &p, end)) - return 1; - - parent->http.pending_return_headers_len = - lws_ptr_diff(p, start); - parent->http.pending_return_headers = - lws_malloc(parent->http.pending_return_headers_len + - LWS_PRE, "return proxy headers"); - if (!parent->http.pending_return_headers) - return -1; - - memcpy(parent->http.pending_return_headers + LWS_PRE, start, - parent->http.pending_return_headers_len); - - parent->reason_bf |= LWS_CB_REASON_AUX_BF__PROXY_HEADERS; - - lwsl_debug("%s: LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP: " - "prepared headers\n", __func__); - lws_callback_on_writable(parent); - - break; } - - case LWS_CALLBACK_COMPLETED_CLIENT_HTTP: - lwsl_info("%s: COMPLETED_CLIENT_HTTP: %p (parent %p)\n", - __func__, wsi, lws_get_parent(wsi)); - if (!lws_get_parent(wsi)) - break; - lws_get_parent(wsi)->reason_bf |= - LWS_CB_REASON_AUX_BF__PROXY_TRANS_END; - lws_callback_on_writable(lws_get_parent(wsi)); - break; - - case LWS_CALLBACK_CLOSED_CLIENT_HTTP: - if (!lws_get_parent(wsi)) - break; - lwsl_err("%s: LWS_CALLBACK_CLOSED_CLIENT_HTTP\n", __func__); - lws_set_timeout(lws_get_parent(wsi), LWS_TO_KILL_ASYNC, - PENDING_TIMEOUT_KILLED_BY_PROXY_CLIENT_CLOSE); - break; - - case LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER: - parent = lws_get_parent(wsi); - - if (!parent) - break; - - p = (unsigned char **)in; - end = (*p) + len; - - /* - * copy these headers from the parent request to the client - * connection's request - */ - - proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), - WSI_TOKEN_HOST, p, end); - proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), - WSI_TOKEN_HTTP_ETAG, p, end); - proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), - WSI_TOKEN_HTTP_IF_MODIFIED_SINCE, p, end); - proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), - WSI_TOKEN_HTTP_ACCEPT_LANGUAGE, p, end); - proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), - WSI_TOKEN_HTTP_ACCEPT_ENCODING, p, end); - proxy_header(wsi, parent, (unsigned char *)buf, sizeof(buf), - WSI_TOKEN_HTTP_CACHE_CONTROL, p, end); - - buf[0] = '\0'; - lws_get_peer_simple(parent, buf, sizeof(buf)); - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_X_FORWARDED_FOR, - (unsigned char *)buf, (int)strlen(buf), p, end)) - return -1; - - break; - -#endif - -#ifdef LWS_WITH_CGI - /* CGI IO events (POLLIN/OUT) appear here, our default policy is: - * - * - POST data goes on subprocess stdin - * - subprocess stdout goes on http via writeable callback - * - subprocess stderr goes to the logs - */ - case LWS_CALLBACK_CGI: - args = (struct lws_cgi_args *)in; - switch (args->ch) { /* which of stdin/out/err ? */ - case LWS_STDIN: - /* TBD stdin rx flow control */ - break; - case LWS_STDOUT: - /* quench POLLIN on STDOUT until MASTER got writeable */ - lws_rx_flow_control(args->stdwsi[LWS_STDOUT], 0); - wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI; - /* when writing to MASTER would not block */ - lws_callback_on_writable(wsi); - break; - case LWS_STDERR: - n = lws_get_socket_fd(args->stdwsi[LWS_STDERR]); - if (n < 0) - break; - n = read(n, buf, sizeof(buf) - 2); - if (n > 0) { - if (buf[n - 1] != '\n') - buf[n++] = '\n'; - buf[n] = '\0'; - lwsl_notice("CGI-stderr: %s\n", buf); - } - break; - } - break; - - case LWS_CALLBACK_CGI_TERMINATED: - lwsl_debug("LWS_CALLBACK_CGI_TERMINATED: %d %" PRIu64 "\n", - wsi->http.cgi->explicitly_chunked, - (uint64_t)wsi->http.cgi->content_length); - if (!wsi->http.cgi->explicitly_chunked && - !wsi->http.cgi->content_length) { - /* send terminating chunk */ - lwsl_debug("LWS_CALLBACK_CGI_TERMINATED: ending\n"); - wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI_CHUNK_END; - lws_callback_on_writable(wsi); - lws_set_timeout(wsi, PENDING_TIMEOUT_CGI, 3); - break; - } - return -1; - - case LWS_CALLBACK_CGI_STDIN_DATA: /* POST body for stdin */ - args = (struct lws_cgi_args *)in; - args->data[args->len] = '\0'; - if (!args->stdwsi[LWS_STDIN]) - return -1; - n = lws_get_socket_fd(args->stdwsi[LWS_STDIN]); - if (n < 0) - return -1; - -#if defined(LWS_WITH_ZLIB) - if (wsi->http.cgi->gzip_inflate) { - /* gzip handling */ - - if (!wsi->http.cgi->gzip_init) { - lwsl_info("inflating gzip\n"); - - memset(&wsi->http.cgi->inflate, 0, - sizeof(wsi->http.cgi->inflate)); - - if (inflateInit2(&wsi->http.cgi->inflate, - 16 + 15) != Z_OK) { - lwsl_err("%s: iniflateInit failed\n", - __func__); - return -1; - } - - wsi->http.cgi->gzip_init = 1; - } - - wsi->http.cgi->inflate.next_in = args->data; - wsi->http.cgi->inflate.avail_in = args->len; - - do { - - wsi->http.cgi->inflate.next_out = - wsi->http.cgi->inflate_buf; - wsi->http.cgi->inflate.avail_out = - sizeof(wsi->http.cgi->inflate_buf); - - n = inflate(&wsi->http.cgi->inflate, - Z_SYNC_FLUSH); - - switch (n) { - case Z_NEED_DICT: - case Z_STREAM_ERROR: - case Z_DATA_ERROR: - case Z_MEM_ERROR: - inflateEnd(&wsi->http.cgi->inflate); - wsi->http.cgi->gzip_init = 0; - lwsl_err("zlib error inflate %d\n", n); - return -1; - } - - if (wsi->http.cgi->inflate.avail_out != - sizeof(wsi->http.cgi->inflate_buf)) { - int written; - - written = write(args->stdwsi[LWS_STDIN]->desc.filefd, - wsi->http.cgi->inflate_buf, - sizeof(wsi->http.cgi->inflate_buf) - - wsi->http.cgi->inflate.avail_out); - - if (written != (int)( - sizeof(wsi->http.cgi->inflate_buf) - - wsi->http.cgi->inflate.avail_out)) { - lwsl_notice("LWS_CALLBACK_CGI_STDIN_DATA: " - "sent %d only %d went", n, args->len); - } - - if (n == Z_STREAM_END) { - lwsl_err("gzip inflate end\n"); - inflateEnd(&wsi->http.cgi->inflate); - wsi->http.cgi->gzip_init = 0; - break; - } - - } else - break; - - if (wsi->http.cgi->inflate.avail_out) - break; - - } while (1); - - return args->len; - } -#endif /* WITH_ZLIB */ - - n = write(n, args->data, args->len); -// lwsl_hexdump_notice(args->data, args->len); - if (n < args->len) - lwsl_notice("LWS_CALLBACK_CGI_STDIN_DATA: " - "sent %d only %d went", n, args->len); - - if (wsi->http.cgi->post_in_expected && args->stdwsi[LWS_STDIN] && - args->stdwsi[LWS_STDIN]->desc.filefd > 0) { - wsi->http.cgi->post_in_expected -= n; - if (!wsi->http.cgi->post_in_expected) { - struct lws *siwsi = args->stdwsi[LWS_STDIN]; - - lwsl_debug("%s: expected POST in end: " - "closing stdin wsi %p, fd %d\n", - __func__, siwsi, siwsi->desc.sockfd); - - __remove_wsi_socket_from_fds(siwsi); - lwsi_set_state(siwsi, LRS_DEAD_SOCKET); - siwsi->socket_is_permanently_unusable = 1; - lws_remove_child_from_any_parent(siwsi); - if (wsi->context->event_loop_ops-> - close_handle_manually) { - wsi->context->event_loop_ops-> - close_handle_manually(siwsi); - siwsi->told_event_loop_closed = 1; - } else { - compatible_close(siwsi->desc.sockfd); - __lws_free_wsi(siwsi); - } - wsi->http.cgi->pipe_fds[LWS_STDIN][1] = -1; - - args->stdwsi[LWS_STDIN] = NULL; - } - } - - return n; -#endif /* WITH_CGI */ -#endif /* ROLE_ H1 / H2 */ - case LWS_CALLBACK_SSL_INFO: - si = in; - - (void)si; - lwsl_notice("LWS_CALLBACK_SSL_INFO: where: 0x%x, ret: 0x%x\n", - si->where, si->ret); - break; - -#if LWS_MAX_SMP > 1 - case LWS_CALLBACK_GET_THREAD_ID: - return (int)(unsigned long long)pthread_self(); -#endif - - default: - break; - } - - return 0; -} diff --git a/thirdparty/libwebsockets/lib/core/libwebsockets.c b/thirdparty/libwebsockets/lib/core/libwebsockets.c deleted file mode 100644 index 972422114a..0000000000 --- a/thirdparty/libwebsockets/lib/core/libwebsockets.c +++ /dev/null @@ -1,3986 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -#ifdef LWS_HAVE_SYS_TYPES_H -#include -#endif - -#ifdef LWS_WITH_IPV6 -#if defined(WIN32) || defined(_WIN32) -#include -#include -#else -#include -#endif -#endif - -int log_level = LLL_ERR | LLL_WARN | LLL_NOTICE; -static void (*lwsl_emit)(int level, const char *line) -#ifndef LWS_PLAT_OPTEE - = lwsl_emit_stderr -#endif - ; -#ifndef LWS_PLAT_OPTEE -static const char * const log_level_names[] = { - "ERR", - "WARN", - "NOTICE", - "INFO", - "DEBUG", - "PARSER", - "HEADER", - "EXTENSION", - "CLIENT", - "LATENCY", - "USER", - "THREAD", - "?", - "?" -}; -#endif - -#if defined (_DEBUG) -void lwsi_set_role(struct lws *wsi, lws_wsi_state_t role) -{ - wsi->wsistate = (wsi->wsistate & (~LWSI_ROLE_MASK)) | role; - - lwsl_debug("lwsi_set_role(%p, 0x%x)\n", wsi, wsi->wsistate); -} - -void lwsi_set_state(struct lws *wsi, lws_wsi_state_t lrs) -{ - wsi->wsistate = (wsi->wsistate & (~LRS_MASK)) | lrs; - - lwsl_debug("lwsi_set_state(%p, 0x%x)\n", wsi, wsi->wsistate); -} -#endif - -signed char char_to_hex(const char c) -{ - if (c >= '0' && c <= '9') - return c - '0'; - - if (c >= 'a' && c <= 'f') - return c - 'a' + 10; - - if (c >= 'A' && c <= 'F') - return c - 'A' + 10; - - return -1; -} - -int lws_open(const char *__file, int __oflag, ...) -{ - va_list ap; - int n; - - va_start(ap, __oflag); - if (((__oflag & O_CREAT) == O_CREAT) -#if defined(O_TMPFILE) - || ((__oflag & O_TMPFILE) == O_TMPFILE) -#endif - ) - /* last arg is really a mode_t. But windows... */ - n = open(__file, __oflag, va_arg(ap, uint32_t)); - else - n = open(__file, __oflag); - va_end(ap); - - if (n != -1 && lws_plat_apply_FD_CLOEXEC(n)) { - close(n); - - return -1; - } - - return n; -} - -void -lws_vhost_bind_wsi(struct lws_vhost *vh, struct lws *wsi) -{ - if (wsi->vhost == vh) - return; - lws_context_lock(vh->context, __func__); /* ---------- context { */ - wsi->vhost = vh; - vh->count_bound_wsi++; - lws_context_unlock(vh->context); /* } context ---------- */ - lwsl_info("%s: vh %s: count_bound_wsi %d\n", - __func__, vh->name, vh->count_bound_wsi); - assert(wsi->vhost->count_bound_wsi > 0); -} - -void -lws_vhost_unbind_wsi(struct lws *wsi) -{ - if (!wsi->vhost) - return; - - lws_context_lock(wsi->context, __func__); /* ---------- context { */ - - assert(wsi->vhost->count_bound_wsi > 0); - wsi->vhost->count_bound_wsi--; - lwsl_info("%s: vh %s: count_bound_wsi %d\n", __func__, - wsi->vhost->name, wsi->vhost->count_bound_wsi); - - if (!wsi->vhost->count_bound_wsi && - wsi->vhost->being_destroyed) { - /* - * We have closed all wsi that were bound to this vhost - * by any pt: nothing can be servicing any wsi belonging - * to it any more. - * - * Finalize the vh destruction - */ - __lws_vhost_destroy2(wsi->vhost); - } - wsi->vhost = NULL; - - lws_context_unlock(wsi->context); /* } context ---------- */ -} - -void -__lws_free_wsi(struct lws *wsi) -{ - if (!wsi) - return; - - /* - * Protocol user data may be allocated either internally by lws - * or by specified the user. We should only free what we allocated. - */ - if (wsi->protocol && wsi->protocol->per_session_data_size && - wsi->user_space && !wsi->user_space_externally_allocated) - lws_free(wsi->user_space); - - lws_buflist_destroy_all_segments(&wsi->buflist); - lws_buflist_destroy_all_segments(&wsi->buflist_out); - lws_free_set_NULL(wsi->udp); - - if (wsi->vhost && wsi->vhost->lserv_wsi == wsi) - wsi->vhost->lserv_wsi = NULL; -#if !defined(LWS_NO_CLIENT) - lws_dll_lws_remove(&wsi->dll_active_client_conns); -#endif - wsi->context->count_wsi_allocated--; - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - __lws_header_table_detach(wsi, 0); -#endif - __lws_same_vh_protocol_remove(wsi); -#if !defined(LWS_NO_CLIENT) - lws_client_stash_destroy(wsi); - lws_free_set_NULL(wsi->client_hostname_copy); -#endif - - if (wsi->role_ops->destroy_role) - wsi->role_ops->destroy_role(wsi); - -#if defined(LWS_WITH_PEER_LIMITS) - lws_peer_track_wsi_close(wsi->context, wsi->peer); - wsi->peer = NULL; -#endif - - /* since we will destroy the wsi, make absolutely sure now */ - -#if defined(LWS_WITH_OPENSSL) - __lws_ssl_remove_wsi_from_buffered_list(wsi); -#endif - __lws_remove_from_timeout_list(wsi); - - if (wsi->context->event_loop_ops->destroy_wsi) - wsi->context->event_loop_ops->destroy_wsi(wsi); - - lws_vhost_unbind_wsi(wsi); - - lwsl_debug("%s: %p, remaining wsi %d\n", __func__, wsi, - wsi->context->count_wsi_allocated); - - lws_free(wsi); -} - -void -lws_dll_add_front(struct lws_dll *d, struct lws_dll *phead) -{ - if (d->prev) - return; - - /* our next guy is current first guy */ - d->next = phead->next; - /* if there is a next guy, set his prev ptr to our next ptr */ - if (d->next) - d->next->prev = d; - /* our prev ptr is first ptr */ - d->prev = phead; - /* set the first guy to be us */ - phead->next = d; -} - -/* situation is: - * - * HEAD: struct lws_dll * = &entry1 - * - * Entry 1: struct lws_dll .pprev = &HEAD , .next = Entry 2 - * Entry 2: struct lws_dll .pprev = &entry1 , .next = &entry2 - * Entry 3: struct lws_dll .pprev = &entry2 , .next = NULL - * - * Delete Entry1: - * - * - HEAD = &entry2 - * - Entry2: .pprev = &HEAD, .next = &entry3 - * - Entry3: .pprev = &entry2, .next = NULL - * - * Delete Entry2: - * - * - HEAD = &entry1 - * - Entry1: .pprev = &HEAD, .next = &entry3 - * - Entry3: .pprev = &entry1, .next = NULL - * - * Delete Entry3: - * - * - HEAD = &entry1 - * - Entry1: .pprev = &HEAD, .next = &entry2 - * - Entry2: .pprev = &entry1, .next = NULL - * - */ - -void -lws_dll_remove(struct lws_dll *d) -{ - if (!d->prev) /* ie, not part of the list */ - return; - - /* - * remove us - * - * USp <-> us <-> USn --> USp <-> USn - */ - - /* if we have a next guy, set his prev to our prev */ - if (d->next) - d->next->prev = d->prev; - - /* set our prev guy to our next guy instead of us */ - if (d->prev) - d->prev->next = d->next; - - /* we're out of the list, we should not point anywhere any more */ - d->prev = NULL; - d->next = NULL; -} - -void -__lws_remove_from_timeout_list(struct lws *wsi) -{ - lws_dll_lws_remove(&wsi->dll_timeout); -} - -void -lws_remove_from_timeout_list(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - lws_pt_lock(pt, __func__); - __lws_remove_from_timeout_list(wsi); - lws_pt_unlock(pt); -} - -void -lws_dll_dump(struct lws_dll_lws *head, const char *title) -{ - int n = 0; - - (void)n; - lwsl_notice("%s: %s (head.next %p)\n", __func__, title, head->next); - - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, head->next) { - struct lws *wsi = lws_container_of(d, struct lws, dll_hrtimer); - - (void)wsi; - - lwsl_notice(" %d: wsi %p: %llu\n", n++, wsi, - (unsigned long long)wsi->pending_timer); - } lws_end_foreach_dll_safe(d, d1); -} - -void -__lws_set_timer_usecs(struct lws *wsi, lws_usec_t usecs) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - struct lws_dll_lws *dd = &pt->dll_head_hrtimer; - struct timeval now; - struct lws *wsi1; - int bef = 0; - - lws_dll_lws_remove(&wsi->dll_hrtimer); - - if (usecs == LWS_SET_TIMER_USEC_CANCEL) - return; - - gettimeofday(&now, NULL); - wsi->pending_timer = ((now.tv_sec * 1000000ll) + now.tv_usec) + usecs; - - /* - * we sort the hrtimer list with the earliest timeout first - */ - - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - pt->dll_head_hrtimer.next) { - dd = d; - wsi1 = lws_container_of(d, struct lws, dll_hrtimer); - - if (wsi1->pending_timer >= wsi->pending_timer) { - /* d, dprev's next, is >= our time */ - bef = 1; - break; - } - } lws_end_foreach_dll_safe(d, d1); - - if (bef) { - /* - * we go before dd - * DDp <-> DD <-> DDn --> DDp <-> us <-> DD <-> DDn - */ - /* we point forward to dd */ - wsi->dll_hrtimer.next = dd; - /* we point back to what dd used to point back to */ - wsi->dll_hrtimer.prev = dd->prev; - /* DDp points forward to us now */ - dd->prev->next = &wsi->dll_hrtimer; - /* DD points back to us now */ - dd->prev = &wsi->dll_hrtimer; - } else { - /* - * we go after dd - * DDp <-> DD <-> DDn --> DDp <-> DD <-> us <-> DDn - */ - /* we point forward to what dd used to point forward to */ - wsi->dll_hrtimer.next = dd->next; - /* we point back to dd */ - wsi->dll_hrtimer.prev = dd; - /* DDn points back to us */ - if (dd->next) - dd->next->prev = &wsi->dll_hrtimer; - /* DD points forward to us */ - dd->next = &wsi->dll_hrtimer; - } - -// lws_dll_dump(&pt->dll_head_hrtimer, "after set_timer_usec"); -} - -LWS_VISIBLE lws_usec_t -lws_now_usecs(void) -{ - struct timeval now; - - gettimeofday(&now, NULL); - return (now.tv_sec * 1000000ll) + now.tv_usec; -} - -LWS_VISIBLE void -lws_set_timer_usecs(struct lws *wsi, lws_usec_t usecs) -{ - __lws_set_timer_usecs(wsi, usecs); -} - -lws_usec_t -__lws_hrtimer_service(struct lws_context_per_thread *pt) -{ - struct timeval now; - struct lws *wsi; - lws_usec_t t; - - gettimeofday(&now, NULL); - t = (now.tv_sec * 1000000ll) + now.tv_usec; - - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - pt->dll_head_hrtimer.next) { - wsi = lws_container_of(d, struct lws, dll_hrtimer); - - /* - * if we met one in the future, we are done, because the list - * is sorted by time in the future. - */ - if (wsi->pending_timer > t) - break; - - lws_set_timer_usecs(wsi, LWS_SET_TIMER_USEC_CANCEL); - - /* it's time for the timer to be serviced */ - - if (wsi->protocol && - wsi->protocol->callback(wsi, LWS_CALLBACK_TIMER, - wsi->user_space, NULL, 0)) - __lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "timer cb errored"); - } lws_end_foreach_dll_safe(d, d1); - - /* return an estimate how many us until next timer hit */ - - if (!pt->dll_head_hrtimer.next) - return LWS_HRTIMER_NOWAIT; - - wsi = lws_container_of(pt->dll_head_hrtimer.next, struct lws, - dll_hrtimer); - - gettimeofday(&now, NULL); - t = (now.tv_sec * 1000000ll) + now.tv_usec; - - if (wsi->pending_timer < t) - return 0; - - return wsi->pending_timer - t; -} - -void -__lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - time_t now; - - time(&now); - - lwsl_debug("%s: %p: %d secs (reason %d)\n", __func__, wsi, secs, reason); - wsi->pending_timeout_limit = secs; - wsi->pending_timeout_set = now; - wsi->pending_timeout = reason; - - if (!reason) - lws_dll_lws_remove(&wsi->dll_timeout); - else - lws_dll_lws_add_front(&wsi->dll_timeout, &pt->dll_head_timeout); -} - -LWS_VISIBLE void -lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - if (secs == LWS_TO_KILL_SYNC) { - lws_remove_from_timeout_list(wsi); - lwsl_debug("synchronously killing %p\n", wsi); - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "to sync kill"); - return; - } - - if (secs == LWS_TO_KILL_ASYNC) - secs = 0; - - lws_pt_lock(pt, __func__); - __lws_set_timeout(wsi, reason, secs); - lws_pt_unlock(pt); -} - -/* requires context + vh lock */ - -int -__lws_timed_callback_remove(struct lws_vhost *vh, struct lws_timed_vh_protocol *p) -{ - lws_start_foreach_llp(struct lws_timed_vh_protocol **, pt, - vh->timed_vh_protocol_list) { - if (*pt == p) { - *pt = p->next; - lws_free(p); - - return 0; - } - } lws_end_foreach_llp(pt, next); - - return 1; -} - -int -lws_pthread_self_to_tsi(struct lws_context *context) -{ -#if LWS_MAX_SMP > 1 - pthread_t ps = pthread_self(); - struct lws_context_per_thread *pt = &context->pt[0]; - int n; - - for (n = 0; n < context->count_threads; n++) { - if (pthread_equal(ps, pt->self)) - return n; - pt++; - } - - return -1; -#else - return 0; -#endif -} - -LWS_VISIBLE LWS_EXTERN int -lws_timed_callback_vh_protocol(struct lws_vhost *vh, - const struct lws_protocols *prot, int reason, - int secs) -{ - struct lws_timed_vh_protocol *p = (struct lws_timed_vh_protocol *) - lws_malloc(sizeof(*p), "timed_vh"); - - if (!p) - return 1; - - p->tsi_req = lws_pthread_self_to_tsi(vh->context); - if (p->tsi_req < 0) /* not called from a service thread --> tsi 0 */ - p->tsi_req = 0; - - lws_context_lock(vh->context, __func__); /* context ----------------- */ - - p->protocol = prot; - p->reason = reason; - p->time = lws_now_secs() + secs; - - lws_vhost_lock(vh); /* vhost ---------------------------------------- */ - p->next = vh->timed_vh_protocol_list; - vh->timed_vh_protocol_list = p; - lws_vhost_unlock(vh); /* -------------------------------------- vhost */ - - lws_context_unlock(vh->context); /* ------------------------- context */ - - return 0; -} - -void -lws_remove_child_from_any_parent(struct lws *wsi) -{ - struct lws **pwsi; - int seen = 0; - - if (!wsi->parent) - return; - - /* detach ourselves from parent's child list */ - pwsi = &wsi->parent->child_list; - while (*pwsi) { - if (*pwsi == wsi) { - lwsl_info("%s: detach %p from parent %p\n", __func__, - wsi, wsi->parent); - - if (wsi->parent->protocol) - wsi->parent->protocol->callback(wsi, - LWS_CALLBACK_CHILD_CLOSING, - wsi->parent->user_space, wsi, 0); - - *pwsi = wsi->sibling_list; - seen = 1; - break; - } - pwsi = &(*pwsi)->sibling_list; - } - if (!seen) - lwsl_err("%s: failed to detach from parent\n", __func__); - - wsi->parent = NULL; -} - -int -lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p, - const char *reason) -{ -// if (wsi->protocol == p) -// return 0; - const struct lws_protocols *vp = wsi->vhost->protocols, *vpo; - - if (wsi->protocol && wsi->protocol_bind_balance) { - wsi->protocol->callback(wsi, - wsi->role_ops->protocol_unbind_cb[!!lwsi_role_server(wsi)], - wsi->user_space, (void *)reason, 0); - wsi->protocol_bind_balance = 0; - } - if (!wsi->user_space_externally_allocated) - lws_free_set_NULL(wsi->user_space); - - lws_same_vh_protocol_remove(wsi); - - wsi->protocol = p; - if (!p) - return 0; - - if (lws_ensure_user_space(wsi)) - return 1; - - if (p > vp && p < &vp[wsi->vhost->count_protocols]) - lws_same_vh_protocol_insert(wsi, (int)(p - vp)); - else { - int n = wsi->vhost->count_protocols; - int hit = 0; - - vpo = vp; - - while (n--) { - if (p->name && vp->name && !strcmp(p->name, vp->name)) { - hit = 1; - lws_same_vh_protocol_insert(wsi, (int)(vp - vpo)); - break; - } - vp++; - } - if (!hit) - lwsl_err("%s: %p is not in vhost '%s' protocols list\n", - __func__, p, wsi->vhost->name); - } - - if (wsi->protocol->callback(wsi, wsi->role_ops->protocol_bind_cb[ - !!lwsi_role_server(wsi)], - wsi->user_space, NULL, 0)) - return 1; - - wsi->protocol_bind_balance = 1; - - return 0; -} - -void -__lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, - const char *caller) -{ - struct lws_context_per_thread *pt; - struct lws *wsi1, *wsi2; - struct lws_context *context; - int n; - - lwsl_info("%s: %p: caller: %s\n", __func__, wsi, caller); - - if (!wsi) - return; - - lws_access_log(wsi); - - context = wsi->context; - pt = &context->pt[(int)wsi->tsi]; - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_CLOSE, 1); - -#if !defined(LWS_NO_CLIENT) - - lws_free_set_NULL(wsi->client_hostname_copy); - /* we are no longer an active client connection that can piggyback */ - lws_dll_lws_remove(&wsi->dll_active_client_conns); - - /* - * if we have wsi in our transaction queue, if we are closing we - * must go through and close all those first - */ - if (wsi->vhost) { - if ((int)reason != -1) - lws_vhost_lock(wsi->vhost); - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->dll_client_transaction_queue_head.next) { - struct lws *w = lws_container_of(d, struct lws, - dll_client_transaction_queue); - - __lws_close_free_wsi(w, -1, "trans q leader closing"); - } lws_end_foreach_dll_safe(d, d1); - - /* - * !!! If we are closing, but we have pending pipelined - * transaction results we already sent headers for, that's going - * to destroy sync for HTTP/1 and leave H2 stream with no live - * swsi. - * - * However this is normal if we are being closed because the - * transaction queue leader is closing. - */ - lws_dll_lws_remove(&wsi->dll_client_transaction_queue); - if ((int)reason !=-1) - lws_vhost_unlock(wsi->vhost); - } -#endif - - /* if we have children, close them first */ - if (wsi->child_list) { - wsi2 = wsi->child_list; - while (wsi2) { - wsi1 = wsi2->sibling_list; - wsi2->parent = NULL; - /* stop it doing shutdown processing */ - wsi2->socket_is_permanently_unusable = 1; - __lws_close_free_wsi(wsi2, reason, - "general child recurse"); - wsi2 = wsi1; - } - wsi->child_list = NULL; - } - - if (wsi->role_ops == &role_ops_raw_file) { - lws_remove_child_from_any_parent(wsi); - __remove_wsi_socket_from_fds(wsi); - wsi->protocol->callback(wsi, wsi->role_ops->close_cb[0], - wsi->user_space, NULL, 0); - goto async_close; - } - - wsi->wsistate_pre_close = wsi->wsistate; - -#ifdef LWS_WITH_CGI - if (wsi->role_ops == &role_ops_cgi) { - /* we are not a network connection, but a handler for CGI io */ - if (wsi->parent && wsi->parent->http.cgi) { - - if (wsi->cgi_channel == LWS_STDOUT) - lws_cgi_remove_and_kill(wsi->parent); - - /* end the binding between us and master */ - wsi->parent->http.cgi->stdwsi[(int)wsi->cgi_channel] = - NULL; - } - wsi->socket_is_permanently_unusable = 1; - - goto just_kill_connection; - } - - if (wsi->http.cgi) - lws_cgi_remove_and_kill(wsi); -#endif - -#if !defined(LWS_NO_CLIENT) - lws_client_stash_destroy(wsi); -#endif - - if (wsi->role_ops == &role_ops_raw_skt) { - wsi->socket_is_permanently_unusable = 1; - goto just_kill_connection; - } -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - if (lwsi_role_http(wsi) && lwsi_role_server(wsi) && - wsi->http.fop_fd != NULL) - lws_vfs_file_close(&wsi->http.fop_fd); -#endif - - if (lwsi_state(wsi) == LRS_DEAD_SOCKET) - return; - - if (wsi->socket_is_permanently_unusable || - reason == LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY || - lwsi_state(wsi) == LRS_SHUTDOWN) - goto just_kill_connection; - - switch (lwsi_state_PRE_CLOSE(wsi)) { - case LRS_DEAD_SOCKET: - return; - - /* we tried the polite way... */ - case LRS_WAITING_TO_SEND_CLOSE: - case LRS_AWAITING_CLOSE_ACK: - case LRS_RETURNED_CLOSE: - goto just_kill_connection; - - case LRS_FLUSHING_BEFORE_CLOSE: - if (lws_has_buffered_out(wsi) -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - || wsi->http.comp_ctx.buflist_comp || - wsi->http.comp_ctx.may_have_more -#endif - ) { - lws_callback_on_writable(wsi); - return; - } - lwsl_info("%p: end LRS_FLUSHING_BEFORE_CLOSE\n", wsi); - goto just_kill_connection; - default: - if (lws_has_buffered_out(wsi) -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - || wsi->http.comp_ctx.buflist_comp || - wsi->http.comp_ctx.may_have_more -#endif - ) { - lwsl_info("%p: LRS_FLUSHING_BEFORE_CLOSE\n", wsi); - lwsi_set_state(wsi, LRS_FLUSHING_BEFORE_CLOSE); - __lws_set_timeout(wsi, - PENDING_FLUSH_STORED_SEND_BEFORE_CLOSE, 5); - return; - } - break; - } - - if (lwsi_state(wsi) == LRS_WAITING_CONNECT || - lwsi_state(wsi) == LRS_H1C_ISSUE_HANDSHAKE) - goto just_kill_connection; - - if (!wsi->told_user_closed && wsi->user_space && wsi->protocol && - wsi->protocol_bind_balance) { - wsi->protocol->callback(wsi, - wsi->role_ops->protocol_unbind_cb[ - !!lwsi_role_server(wsi)], - wsi->user_space, (void *)__func__, 0); - wsi->protocol_bind_balance = 0; - } - - /* - * signal we are closing, lws_write will - * add any necessary version-specific stuff. If the write fails, - * no worries we are closing anyway. If we didn't initiate this - * close, then our state has been changed to - * LRS_RETURNED_CLOSE and we will skip this. - * - * Likewise if it's a second call to close this connection after we - * sent the close indication to the peer already, we are in state - * LRS_AWAITING_CLOSE_ACK and will skip doing this a second time. - */ - - if (wsi->role_ops->close_via_role_protocol && - wsi->role_ops->close_via_role_protocol(wsi, reason)) - return; - -just_kill_connection: - - if (wsi->role_ops->close_kill_connection) - wsi->role_ops->close_kill_connection(wsi, reason); - - lws_remove_child_from_any_parent(wsi); - n = 0; - - if (!wsi->told_user_closed && wsi->user_space && - wsi->protocol_bind_balance) { - lwsl_debug("%s: %p: DROP_PROTOCOL %s\n", __func__, wsi, - wsi->protocol->name); - wsi->protocol->callback(wsi, - wsi->role_ops->protocol_unbind_cb[ - !!lwsi_role_server(wsi)], - wsi->user_space, (void *)__func__, 0); - wsi->protocol_bind_balance = 0; - } - - if ((lwsi_state(wsi) == LRS_WAITING_SERVER_REPLY || - lwsi_state(wsi) == LRS_WAITING_CONNECT) && !wsi->already_did_cce) - wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_CONNECTION_ERROR, - wsi->user_space, NULL, 0); - - /* - * Testing with ab shows that we have to stage the socket close when - * the system is under stress... shutdown any further TX, change the - * state to one that won't emit anything more, and wait with a timeout - * for the POLLIN to show a zero-size rx before coming back and doing - * the actual close. - */ - if (wsi->role_ops != &role_ops_raw_skt && !lwsi_role_client(wsi) && - lwsi_state(wsi) != LRS_SHUTDOWN && - lwsi_state(wsi) != LRS_UNCONNECTED && - reason != LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY && - !wsi->socket_is_permanently_unusable) { - -#if defined(LWS_WITH_TLS) - if (lws_is_ssl(wsi) && wsi->tls.ssl) { - n = 0; - switch (__lws_tls_shutdown(wsi)) { - case LWS_SSL_CAPABLE_DONE: - case LWS_SSL_CAPABLE_ERROR: - case LWS_SSL_CAPABLE_MORE_SERVICE_READ: - case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: - case LWS_SSL_CAPABLE_MORE_SERVICE: - break; - } - } else -#endif - { - lwsl_info("%s: shutdown conn: %p (sk %d, state 0x%x)\n", - __func__, wsi, (int)(long)wsi->desc.sockfd, - lwsi_state(wsi)); - if (!wsi->socket_is_permanently_unusable && - lws_socket_is_valid(wsi->desc.sockfd)) { - wsi->socket_is_permanently_unusable = 1; - n = shutdown(wsi->desc.sockfd, SHUT_WR); - } - } - if (n) - lwsl_debug("closing: shutdown (state 0x%x) ret %d\n", - lwsi_state(wsi), LWS_ERRNO); - - /* - * This causes problems on WINCE / ESP32 with disconnection - * when the events are half closing connection - */ -#if !defined(_WIN32_WCE) && !defined(LWS_WITH_ESP32) - /* libuv: no event available to guarantee completion */ - if (!wsi->socket_is_permanently_unusable && - lws_socket_is_valid(wsi->desc.sockfd) && - lwsi_state(wsi) != LRS_SHUTDOWN && - context->event_loop_ops->periodic_events_available) { - __lws_change_pollfd(wsi, LWS_POLLOUT, LWS_POLLIN); - lwsi_set_state(wsi, LRS_SHUTDOWN); - __lws_set_timeout(wsi, PENDING_TIMEOUT_SHUTDOWN_FLUSH, - context->timeout_secs); - - return; - } -#endif - } - - lwsl_debug("%s: real just_kill_connection: %p (sockfd %d)\n", __func__, - wsi, wsi->desc.sockfd); - -#ifdef LWS_WITH_HUBBUB - if (wsi->http.rw) { - lws_rewrite_destroy(wsi->http.rw); - wsi->http.rw = NULL; - } -#endif - - if (wsi->http.pending_return_headers) - lws_free_set_NULL(wsi->http.pending_return_headers); - - /* - * we won't be servicing or receiving anything further from this guy - * delete socket from the internal poll list if still present - */ - __lws_ssl_remove_wsi_from_buffered_list(wsi); - __lws_remove_from_timeout_list(wsi); - lws_dll_lws_remove(&wsi->dll_hrtimer); - - /* don't repeat event loop stuff */ - if (wsi->told_event_loop_closed) - return; - - /* checking return redundant since we anyway close */ - if (wsi->desc.sockfd != LWS_SOCK_INVALID) - __remove_wsi_socket_from_fds(wsi); - else - __lws_same_vh_protocol_remove(wsi); - - lwsi_set_state(wsi, LRS_DEAD_SOCKET); - lws_buflist_destroy_all_segments(&wsi->buflist); - lws_dll_lws_remove(&wsi->dll_buflist); - - if (wsi->role_ops->close_role) - wsi->role_ops->close_role(pt, wsi); - - /* tell the user it's all over for this guy */ - - if ((lwsi_state_est_PRE_CLOSE(wsi) || - lwsi_state_PRE_CLOSE(wsi) == LRS_WAITING_SERVER_REPLY) && - !wsi->told_user_closed && - wsi->role_ops->close_cb[lwsi_role_server(wsi)]) { - const struct lws_protocols *pro = wsi->protocol; - - if (!wsi->protocol) - pro = &wsi->vhost->protocols[0]; - - if (!wsi->upgraded_to_http2 || !lwsi_role_client(wsi)) - /* - * The network wsi for a client h2 connection shouldn't - * call back for its role: the child stream connections - * own the role. Otherwise h2 will call back closed - * one too many times as the children do it and then - * the closing network stream. - */ - pro->callback(wsi, - wsi->role_ops->close_cb[lwsi_role_server(wsi)], - wsi->user_space, NULL, 0); - wsi->told_user_closed = 1; - } - -async_close: - wsi->socket_is_permanently_unusable = 1; - - if (wsi->context->event_loop_ops->wsi_logical_close) - if (wsi->context->event_loop_ops->wsi_logical_close(wsi)) - return; - - __lws_close_free_wsi_final(wsi); -} - -void -__lws_close_free_wsi_final(struct lws *wsi) -{ - int n; - - if (!wsi->shadow && - lws_socket_is_valid(wsi->desc.sockfd) && !lws_ssl_close(wsi)) { - lwsl_debug("%s: wsi %p: fd %d\n", __func__, wsi, wsi->desc.sockfd); - n = compatible_close(wsi->desc.sockfd); - if (n) - lwsl_debug("closing: close ret %d\n", LWS_ERRNO); - - wsi->desc.sockfd = LWS_SOCK_INVALID; - } - - /* outermost destroy notification for wsi (user_space still intact) */ - if (wsi->vhost) - wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_WSI_DESTROY, - wsi->user_space, NULL, 0); - -#ifdef LWS_WITH_CGI - if (wsi->http.cgi) { - - for (n = 0; n < 3; n++) { - if (wsi->http.cgi->pipe_fds[n][!!(n == 0)] == 0) - lwsl_err("ZERO FD IN CGI CLOSE"); - - if (wsi->http.cgi->pipe_fds[n][!!(n == 0)] >= 0) - close(wsi->http.cgi->pipe_fds[n][!!(n == 0)]); - } - - lws_free(wsi->http.cgi); - } -#endif - - __lws_free_wsi(wsi); -} - - -void -lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char *caller) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - lws_pt_lock(pt, __func__); - __lws_close_free_wsi(wsi, reason, caller); - lws_pt_unlock(pt); -} - -/* lws_buflist */ - -int -lws_buflist_append_segment(struct lws_buflist **head, const uint8_t *buf, - size_t len) -{ - struct lws_buflist *nbuf; - int first = !*head; - void *p = *head; - int sanity = 1024; - - assert(buf); - assert(len); - - /* append at the tail */ - while (*head) { - if (!--sanity || head == &((*head)->next)) { - lwsl_err("%s: corrupt list points to self\n", __func__); - return -1; - } - head = &((*head)->next); - } - - lwsl_info("%s: len %u first %d %p\n", __func__, (uint32_t)len, first, p); - - nbuf = (struct lws_buflist *)lws_malloc(sizeof(**head) + len, __func__); - if (!nbuf) { - lwsl_err("%s: OOM\n", __func__); - return -1; - } - - nbuf->len = len; - nbuf->pos = 0; - nbuf->next = NULL; - - p = (void *)nbuf->buf; - memcpy(p, buf, len); - - *head = nbuf; - - return first; /* returns 1 if first segment just created */ -} - -static int -lws_buflist_destroy_segment(struct lws_buflist **head) -{ - struct lws_buflist *old = *head; - - assert(*head); - *head = (*head)->next; - old->next = NULL; - lws_free(old); - - return !*head; /* returns 1 if last segment just destroyed */ -} - -void -lws_buflist_destroy_all_segments(struct lws_buflist **head) -{ - struct lws_buflist *p = *head, *p1; - - while (p) { - p1 = p->next; - p->next = NULL; - lws_free(p); - p = p1; - } - - *head = NULL; -} - -size_t -lws_buflist_next_segment_len(struct lws_buflist **head, uint8_t **buf) -{ - if (!*head) { - if (buf) - *buf = NULL; - - return 0; - } - - if (!(*head)->len && (*head)->next) - lws_buflist_destroy_segment(head); - - if (!*head) { - if (buf) - *buf = NULL; - - return 0; - } - - assert((*head)->pos < (*head)->len); - - if (buf) - *buf = (*head)->buf + (*head)->pos; - - return (*head)->len - (*head)->pos; -} - -int -lws_buflist_use_segment(struct lws_buflist **head, size_t len) -{ - assert(*head); - assert(len); - assert((*head)->pos + len <= (*head)->len); - - (*head)->pos += len; - if ((*head)->pos == (*head)->len) - lws_buflist_destroy_segment(head); - - if (!*head) - return 0; - - return (int)((*head)->len - (*head)->pos); -} - -void -lws_buflist_describe(struct lws_buflist **head, void *id) -{ - struct lws_buflist *old; - int n = 0; - - if (*head == NULL) - lwsl_notice("%p: buflist empty\n", id); - - while (*head) { - lwsl_notice("%p: %d: %llu / %llu (%llu left)\n", id, n, - (unsigned long long)(*head)->pos, - (unsigned long long)(*head)->len, - (unsigned long long)(*head)->len - (*head)->pos); - old = *head; - head = &((*head)->next); - if (*head == old) { - lwsl_err("%s: next points to self\n", __func__); - break; - } - n++; - } -} - -/* ... */ - -LWS_VISIBLE LWS_EXTERN const char * -lws_get_urlarg_by_name(struct lws *wsi, const char *name, char *buf, int len) -{ - int n = 0, sl = (int)strlen(name); - - while (lws_hdr_copy_fragment(wsi, buf, len, - WSI_TOKEN_HTTP_URI_ARGS, n) >= 0) { - - if (!strncmp(buf, name, sl)) - return buf + sl; - - n++; - } - - return NULL; -} - -#if !defined(LWS_WITH_ESP32) -LWS_VISIBLE int -interface_to_sa(struct lws_vhost *vh, const char *ifname, - struct sockaddr_in *addr, size_t addrlen) -{ - int ipv6 = 0; -#ifdef LWS_WITH_IPV6 - ipv6 = LWS_IPV6_ENABLED(vh); -#endif - (void)vh; - - return lws_interface_to_sa(ipv6, ifname, addr, addrlen); -} -#endif - -#ifndef LWS_PLAT_OPTEE -static int -lws_get_addresses(struct lws_vhost *vh, void *ads, char *name, - int name_len, char *rip, int rip_len) -{ - struct addrinfo ai, *res; - struct sockaddr_in addr4; - - rip[0] = '\0'; - name[0] = '\0'; - addr4.sin_family = AF_UNSPEC; - -#ifdef LWS_WITH_IPV6 - if (LWS_IPV6_ENABLED(vh)) { - if (!lws_plat_inet_ntop(AF_INET6, - &((struct sockaddr_in6 *)ads)->sin6_addr, - rip, rip_len)) { - lwsl_err("inet_ntop: %s", strerror(LWS_ERRNO)); - return -1; - } - - // Strip off the IPv4 to IPv6 header if one exists - if (strncmp(rip, "::ffff:", 7) == 0) - memmove(rip, rip + 7, strlen(rip) - 6); - - getnameinfo((struct sockaddr *)ads, sizeof(struct sockaddr_in6), - name, name_len, NULL, 0, 0); - - return 0; - } else -#endif - { - struct addrinfo *result; - - memset(&ai, 0, sizeof ai); - ai.ai_family = PF_UNSPEC; - ai.ai_socktype = SOCK_STREAM; -#if !defined(LWS_WITH_ESP32) - if (getnameinfo((struct sockaddr *)ads, - sizeof(struct sockaddr_in), - name, name_len, NULL, 0, 0)) - return -1; -#endif - - if (getaddrinfo(name, NULL, &ai, &result)) - return -1; - - res = result; - while (addr4.sin_family == AF_UNSPEC && res) { - switch (res->ai_family) { - case AF_INET: - addr4.sin_addr = - ((struct sockaddr_in *)res->ai_addr)->sin_addr; - addr4.sin_family = AF_INET; - break; - } - - res = res->ai_next; - } - freeaddrinfo(result); - } - - if (addr4.sin_family == AF_UNSPEC) - return -1; - - if (lws_plat_inet_ntop(AF_INET, &addr4.sin_addr, rip, rip_len) == NULL) - return -1; - - return 0; -} - - -LWS_VISIBLE const char * -lws_get_peer_simple(struct lws *wsi, char *name, int namelen) -{ - socklen_t len, olen; -#ifdef LWS_WITH_IPV6 - struct sockaddr_in6 sin6; -#endif - struct sockaddr_in sin4; - int af = AF_INET; - void *p, *q; - - wsi = lws_get_network_wsi(wsi); - -#ifdef LWS_WITH_IPV6 - if (LWS_IPV6_ENABLED(wsi->vhost)) { - len = sizeof(sin6); - p = &sin6; - af = AF_INET6; - q = &sin6.sin6_addr; - } else -#endif - { - len = sizeof(sin4); - p = &sin4; - q = &sin4.sin_addr; - } - - olen = len; - if (getpeername(wsi->desc.sockfd, p, &len) < 0 || len > olen) { - lwsl_warn("getpeername: %s\n", strerror(LWS_ERRNO)); - return NULL; - } - - return lws_plat_inet_ntop(af, q, name, namelen); -} -#endif - -LWS_VISIBLE void -lws_get_peer_addresses(struct lws *wsi, lws_sockfd_type fd, char *name, - int name_len, char *rip, int rip_len) -{ -#ifndef LWS_PLAT_OPTEE - socklen_t len; -#ifdef LWS_WITH_IPV6 - struct sockaddr_in6 sin6; -#endif - struct sockaddr_in sin4; - struct lws_context *context = wsi->context; - int ret = -1; - void *p; - - rip[0] = '\0'; - name[0] = '\0'; - - lws_latency_pre(context, wsi); - -#ifdef LWS_WITH_IPV6 - if (LWS_IPV6_ENABLED(wsi->vhost)) { - len = sizeof(sin6); - p = &sin6; - } else -#endif - { - len = sizeof(sin4); - p = &sin4; - } - - if (getpeername(fd, p, &len) < 0) { - lwsl_warn("getpeername: %s\n", strerror(LWS_ERRNO)); - goto bail; - } - - ret = lws_get_addresses(wsi->vhost, p, name, name_len, rip, rip_len); - -bail: - lws_latency(context, wsi, "lws_get_peer_addresses", ret, 1); -#endif - (void)wsi; - (void)fd; - (void)name; - (void)name_len; - (void)rip; - (void)rip_len; - -} - -LWS_EXTERN void * -lws_vhost_user(struct lws_vhost *vhost) -{ - return vhost->user; -} - -LWS_EXTERN void * -lws_context_user(struct lws_context *context) -{ - return context->user_space; -} - -LWS_VISIBLE struct lws_vhost * -lws_vhost_get(struct lws *wsi) -{ - return wsi->vhost; -} - -LWS_VISIBLE struct lws_vhost * -lws_get_vhost(struct lws *wsi) -{ - return wsi->vhost; -} - -LWS_VISIBLE const struct lws_protocols * -lws_protocol_get(struct lws *wsi) -{ - return wsi->protocol; -} - -LWS_VISIBLE const struct lws_udp * -lws_get_udp(const struct lws *wsi) -{ - return wsi->udp; -} - -LWS_VISIBLE struct lws * -lws_get_network_wsi(struct lws *wsi) -{ - if (!wsi) - return NULL; - -#if defined(LWS_WITH_HTTP2) - if (!wsi->http2_substream -#if !defined(LWS_NO_CLIENT) - && !wsi->client_h2_substream -#endif - ) - return wsi; - - while (wsi->h2.parent_wsi) - wsi = wsi->h2.parent_wsi; -#endif - - return wsi; -} - -LWS_VISIBLE LWS_EXTERN const struct lws_protocols * -lws_vhost_name_to_protocol(struct lws_vhost *vh, const char *name) -{ - int n; - - for (n = 0; n < vh->count_protocols; n++) - if (!strcmp(name, vh->protocols[n].name)) - return &vh->protocols[n]; - - return NULL; -} - -LWS_VISIBLE int -lws_callback_all_protocol(struct lws_context *context, - const struct lws_protocols *protocol, int reason) -{ - struct lws_context_per_thread *pt = &context->pt[0]; - unsigned int n, m = context->count_threads; - struct lws *wsi; - - while (m--) { - for (n = 0; n < pt->fds_count; n++) { - wsi = wsi_from_fd(context, pt->fds[n].fd); - if (!wsi) - continue; - if (wsi->protocol == protocol) - protocol->callback(wsi, reason, wsi->user_space, - NULL, 0); - } - pt++; - } - - return 0; -} - -LWS_VISIBLE int -lws_callback_all_protocol_vhost_args(struct lws_vhost *vh, - const struct lws_protocols *protocol, int reason, - void *argp, size_t len) -{ - struct lws_context *context = vh->context; - struct lws_context_per_thread *pt = &context->pt[0]; - unsigned int n, m = context->count_threads; - struct lws *wsi; - - while (m--) { - for (n = 0; n < pt->fds_count; n++) { - wsi = wsi_from_fd(context, pt->fds[n].fd); - if (!wsi) - continue; - if (wsi->vhost == vh && (wsi->protocol == protocol || - !protocol)) - wsi->protocol->callback(wsi, reason, - wsi->user_space, argp, len); - } - pt++; - } - - return 0; -} - -LWS_VISIBLE int -lws_callback_all_protocol_vhost(struct lws_vhost *vh, - const struct lws_protocols *protocol, int reason) -{ - return lws_callback_all_protocol_vhost_args(vh, protocol, reason, NULL, 0); -} - -LWS_VISIBLE LWS_EXTERN int -lws_callback_vhost_protocols(struct lws *wsi, int reason, void *in, int len) -{ - int n; - - for (n = 0; n < wsi->vhost->count_protocols; n++) - if (wsi->vhost->protocols[n].callback(wsi, reason, NULL, in, len)) - return 1; - - return 0; -} - -LWS_VISIBLE LWS_EXTERN int -lws_callback_vhost_protocols_vhost(struct lws_vhost *vh, int reason, void *in, - size_t len) -{ - int n; - struct lws *wsi = lws_zalloc(sizeof(*wsi), "fake wsi"); - - wsi->context = vh->context; - lws_vhost_bind_wsi(vh, wsi); - - for (n = 0; n < wsi->vhost->count_protocols; n++) { - wsi->protocol = &vh->protocols[n]; - if (wsi->protocol->callback(wsi, reason, NULL, in, len)) { - lws_free(wsi); - return 1; - } - } - - lws_free(wsi); - - return 0; -} - -LWS_VISIBLE LWS_EXTERN void -lws_set_fops(struct lws_context *context, const struct lws_plat_file_ops *fops) -{ - context->fops = fops; -} - -LWS_VISIBLE LWS_EXTERN lws_filepos_t -lws_vfs_tell(lws_fop_fd_t fop_fd) -{ - return fop_fd->pos; -} - -LWS_VISIBLE LWS_EXTERN lws_filepos_t -lws_vfs_get_length(lws_fop_fd_t fop_fd) -{ - return fop_fd->len; -} - -LWS_VISIBLE LWS_EXTERN uint32_t -lws_vfs_get_mod_time(lws_fop_fd_t fop_fd) -{ - return fop_fd->mod_time; -} - -LWS_VISIBLE lws_fileofs_t -lws_vfs_file_seek_set(lws_fop_fd_t fop_fd, lws_fileofs_t offset) -{ - lws_fileofs_t ofs; - - ofs = fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, offset - fop_fd->pos); - - return ofs; -} - - -LWS_VISIBLE lws_fileofs_t -lws_vfs_file_seek_end(lws_fop_fd_t fop_fd, lws_fileofs_t offset) -{ - return fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, fop_fd->len + - fop_fd->pos + offset); -} - - -const struct lws_plat_file_ops * -lws_vfs_select_fops(const struct lws_plat_file_ops *fops, const char *vfs_path, - const char **vpath) -{ - const struct lws_plat_file_ops *pf; - const char *p = vfs_path; - int n; - - *vpath = NULL; - - /* no non-platform fops, just use that */ - - if (!fops->next) - return fops; - - /* - * scan the vfs path looking for indications we are to be - * handled by a specific fops - */ - - while (p && *p) { - if (*p != '/') { - p++; - continue; - } - /* the first one is always platform fops, so skip */ - pf = fops->next; - while (pf) { - n = 0; - while (n < (int)LWS_ARRAY_SIZE(pf->fi) && pf->fi[n].sig) { - if (p >= vfs_path + pf->fi[n].len) - if (!strncmp(p - (pf->fi[n].len - 1), - pf->fi[n].sig, - pf->fi[n].len - 1)) { - *vpath = p + 1; - return pf; - } - - n++; - } - pf = pf->next; - } - p++; - } - - return fops; -} - -LWS_VISIBLE LWS_EXTERN lws_fop_fd_t LWS_WARN_UNUSED_RESULT -lws_vfs_file_open(const struct lws_plat_file_ops *fops, const char *vfs_path, - lws_fop_flags_t *flags) -{ - const char *vpath = ""; - const struct lws_plat_file_ops *selected; - - selected = lws_vfs_select_fops(fops, vfs_path, &vpath); - - return selected->LWS_FOP_OPEN(fops, vfs_path, vpath, flags); -} - - -/** - * lws_now_secs() - seconds since 1970-1-1 - * - */ -LWS_VISIBLE LWS_EXTERN unsigned long -lws_now_secs(void) -{ - struct timeval tv; - - gettimeofday(&tv, NULL); - - return tv.tv_sec; -} - -LWS_VISIBLE LWS_EXTERN int -lws_compare_time_t(struct lws_context *context, time_t t1, time_t t2) -{ - if (t1 < context->time_discontiguity) - t1 += context->time_fixup; - - if (t2 < context->time_discontiguity) - t2 += context->time_fixup; - - return (int)(t1 - t2); -} - -LWS_VISIBLE lws_sockfd_type -lws_get_socket_fd(struct lws *wsi) -{ - if (!wsi) - return -1; - return wsi->desc.sockfd; -} - -#ifdef LWS_LATENCY -void -lws_latency(struct lws_context *context, struct lws *wsi, const char *action, - int ret, int completed) -{ - unsigned long long u; - char buf[256]; - - u = lws_time_in_microseconds(); - - if (!action) { - wsi->latency_start = u; - if (!wsi->action_start) - wsi->action_start = u; - return; - } - if (completed) { - if (wsi->action_start == wsi->latency_start) - sprintf(buf, - "Completion first try lat %lluus: %p: ret %d: %s\n", - u - wsi->latency_start, - (void *)wsi, ret, action); - else - sprintf(buf, - "Completion %lluus: lat %lluus: %p: ret %d: %s\n", - u - wsi->action_start, - u - wsi->latency_start, - (void *)wsi, ret, action); - wsi->action_start = 0; - } else - sprintf(buf, "lat %lluus: %p: ret %d: %s\n", - u - wsi->latency_start, (void *)wsi, ret, action); - - if (u - wsi->latency_start > context->worst_latency) { - context->worst_latency = u - wsi->latency_start; - strcpy(context->worst_latency_info, buf); - } - lwsl_latency("%s", buf); -} -#endif - -LWS_VISIBLE int -lws_rx_flow_control(struct lws *wsi, int _enable) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - int en = _enable; - - // h2 ignores rx flow control atm - if (lwsi_role_h2(wsi) || wsi->http2_substream || - lwsi_role_h2_ENCAPSULATION(wsi)) - return 0; // !!! - - lwsl_info("%s: %p 0x%x\n", __func__, wsi, _enable); - - if (!(_enable & LWS_RXFLOW_REASON_APPLIES)) { - /* - * convert user bool style to bitmap style... in user simple - * bool style _enable = 0 = flow control it, = 1 = allow rx - */ - en = LWS_RXFLOW_REASON_APPLIES | LWS_RXFLOW_REASON_USER_BOOL; - if (_enable & 1) - en |= LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT; - } - - lws_pt_lock(pt, __func__); - - /* any bit set in rxflow_bitmap DISABLEs rxflow control */ - if (en & LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT) - wsi->rxflow_bitmap &= ~(en & 0xff); - else - wsi->rxflow_bitmap |= en & 0xff; - - if ((LWS_RXFLOW_PENDING_CHANGE | (!wsi->rxflow_bitmap)) == - wsi->rxflow_change_to) - goto skip; - - wsi->rxflow_change_to = LWS_RXFLOW_PENDING_CHANGE | - (!wsi->rxflow_bitmap); - - lwsl_info("%s: %p: bitmap 0x%x: en 0x%x, ch 0x%x\n", __func__, wsi, - wsi->rxflow_bitmap, en, wsi->rxflow_change_to); - - if (_enable & LWS_RXFLOW_REASON_FLAG_PROCESS_NOW || - !wsi->rxflow_will_be_applied) { - en = __lws_rx_flow_control(wsi); - lws_pt_unlock(pt); - - return en; - } - -skip: - lws_pt_unlock(pt); - - return 0; -} - -LWS_VISIBLE void -lws_rx_flow_allow_all_protocol(const struct lws_context *context, - const struct lws_protocols *protocol) -{ - const struct lws_context_per_thread *pt = &context->pt[0]; - struct lws *wsi; - unsigned int n, m = context->count_threads; - - while (m--) { - for (n = 0; n < pt->fds_count; n++) { - wsi = wsi_from_fd(context, pt->fds[n].fd); - if (!wsi) - continue; - if (wsi->protocol == protocol) - lws_rx_flow_control(wsi, LWS_RXFLOW_ALLOW); - } - pt++; - } -} - -int -lws_broadcast(struct lws_context *context, int reason, void *in, size_t len) -{ - struct lws_vhost *v = context->vhost_list; - struct lws wsi; - int n, ret = 0; - - memset(&wsi, 0, sizeof(wsi)); - wsi.context = context; - - while (v) { - const struct lws_protocols *p = v->protocols; - wsi.vhost = v; /* not a real bound wsi */ - - for (n = 0; n < v->count_protocols; n++) { - wsi.protocol = p; - if (p->callback && - p->callback(&wsi, reason, NULL, in, len)) - ret |= 1; - p++; - } - v = v->vhost_next; - } - - return ret; -} - -LWS_VISIBLE extern const char * -lws_canonical_hostname(struct lws_context *context) -{ - return (const char *)context->canonical_hostname; -} - -LWS_VISIBLE LWS_EXTERN const char * -lws_get_vhost_name(struct lws_vhost *vhost) -{ - return vhost->name; -} - -LWS_VISIBLE LWS_EXTERN int -lws_get_vhost_port(struct lws_vhost *vhost) -{ - return vhost->listen_port; -} - -LWS_VISIBLE LWS_EXTERN void * -lws_get_vhost_user(struct lws_vhost *vhost) -{ - return vhost->user; -} - -LWS_VISIBLE LWS_EXTERN const char * -lws_get_vhost_iface(struct lws_vhost *vhost) -{ - return vhost->iface; -} - -int user_callback_handle_rxflow(lws_callback_function callback_function, - struct lws *wsi, - enum lws_callback_reasons reason, void *user, - void *in, size_t len) -{ - int n; - - wsi->rxflow_will_be_applied = 1; - n = callback_function(wsi, reason, user, in, len); - wsi->rxflow_will_be_applied = 0; - if (!n) - n = __lws_rx_flow_control(wsi); - - return n; -} - -#if !defined(LWS_WITHOUT_CLIENT) -LWS_VISIBLE int -lws_set_proxy(struct lws_vhost *vhost, const char *proxy) -{ - char *p; - char authstring[96]; - - if (!proxy) - return -1; - - /* we have to deal with a possible redundant leading http:// */ - if (!strncmp(proxy, "http://", 7)) - proxy += 7; - - p = strrchr(proxy, '@'); - if (p) { /* auth is around */ - - if ((unsigned int)(p - proxy) > sizeof(authstring) - 1) - goto auth_too_long; - - lws_strncpy(authstring, proxy, p - proxy + 1); - // null termination not needed on input - if (lws_b64_encode_string(authstring, lws_ptr_diff(p, proxy), - vhost->proxy_basic_auth_token, - sizeof vhost->proxy_basic_auth_token) < 0) - goto auth_too_long; - - lwsl_info(" Proxy auth in use\n"); - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - proxy = p + 1; -#endif - } else - vhost->proxy_basic_auth_token[0] = '\0'; - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - lws_strncpy(vhost->http.http_proxy_address, proxy, - sizeof(vhost->http.http_proxy_address)); - - p = strchr(vhost->http.http_proxy_address, ':'); - if (!p && !vhost->http.http_proxy_port) { - lwsl_err("http_proxy needs to be ads:port\n"); - - return -1; - } else { - if (p) { - *p = '\0'; - vhost->http.http_proxy_port = atoi(p + 1); - } - } - - lwsl_info(" Proxy %s:%u\n", vhost->http.http_proxy_address, - vhost->http.http_proxy_port); -#endif - return 0; - -auth_too_long: - lwsl_err("proxy auth too long\n"); - - return -1; -} -#endif - -#if defined(LWS_WITH_SOCKS5) -LWS_VISIBLE int -lws_set_socks(struct lws_vhost *vhost, const char *socks) -{ - char *p_at, *p_colon; - char user[96]; - char password[96]; - - if (!socks) - return -1; - - vhost->socks_user[0] = '\0'; - vhost->socks_password[0] = '\0'; - - p_at = strrchr(socks, '@'); - if (p_at) { /* auth is around */ - if ((unsigned int)(p_at - socks) > (sizeof(user) - + sizeof(password) - 2)) { - lwsl_err("Socks auth too long\n"); - goto bail; - } - - p_colon = strchr(socks, ':'); - if (p_colon) { - if ((unsigned int)(p_colon - socks) > (sizeof(user) - - 1) ) { - lwsl_err("Socks user too long\n"); - goto bail; - } - if ((unsigned int)(p_at - p_colon) > (sizeof(password) - - 1) ) { - lwsl_err("Socks password too long\n"); - goto bail; - } - - lws_strncpy(vhost->socks_user, socks, p_colon - socks + 1); - lws_strncpy(vhost->socks_password, p_colon + 1, - p_at - (p_colon + 1) + 1); - } - - lwsl_info(" Socks auth, user: %s, password: %s\n", - vhost->socks_user, vhost->socks_password ); - - socks = p_at + 1; - } - - lws_strncpy(vhost->socks_proxy_address, socks, - sizeof(vhost->socks_proxy_address)); - - p_colon = strchr(vhost->socks_proxy_address, ':'); - if (!p_colon && !vhost->socks_proxy_port) { - lwsl_err("socks_proxy needs to be address:port\n"); - return -1; - } else { - if (p_colon) { - *p_colon = '\0'; - vhost->socks_proxy_port = atoi(p_colon + 1); - } - } - - lwsl_info(" Socks %s:%u\n", vhost->socks_proxy_address, - vhost->socks_proxy_port); - - return 0; - -bail: - return -1; -} -#endif - -LWS_VISIBLE const struct lws_protocols * -lws_get_protocol(struct lws *wsi) -{ - return wsi->protocol; -} - - -int -lws_ensure_user_space(struct lws *wsi) -{ - if (!wsi->protocol) - return 0; - - /* allocate the per-connection user memory (if any) */ - - if (wsi->protocol->per_session_data_size && !wsi->user_space) { - wsi->user_space = lws_zalloc( - wsi->protocol->per_session_data_size, "user space"); - if (wsi->user_space == NULL) { - lwsl_err("%s: OOM\n", __func__); - return 1; - } - } else - lwsl_debug("%s: %p protocol pss %lu, user_space=%p\n", __func__, - wsi, (long)wsi->protocol->per_session_data_size, - wsi->user_space); - return 0; -} - -LWS_VISIBLE void * -lws_adjust_protocol_psds(struct lws *wsi, size_t new_size) -{ - ((struct lws_protocols *)lws_get_protocol(wsi))->per_session_data_size = - new_size; - - if (lws_ensure_user_space(wsi)) - return NULL; - - return wsi->user_space; -} - -LWS_VISIBLE int -lwsl_timestamp(int level, char *p, int len) -{ -#ifndef LWS_PLAT_OPTEE -#ifndef _WIN32_WCE - time_t o_now = time(NULL); -#endif - unsigned long long now; - struct tm *ptm = NULL; -#ifndef WIN32 - struct tm tm; -#endif - int n; - -#ifndef _WIN32_WCE -#ifdef WIN32 - ptm = localtime(&o_now); -#else - if (localtime_r(&o_now, &tm)) - ptm = &tm; -#endif -#endif - p[0] = '\0'; - for (n = 0; n < LLL_COUNT; n++) { - if (level != (1 << n)) - continue; - now = lws_time_in_microseconds() / 100; - if (ptm) - n = lws_snprintf(p, len, - "[%04d/%02d/%02d %02d:%02d:%02d:%04d] %s: ", - ptm->tm_year + 1900, - ptm->tm_mon + 1, - ptm->tm_mday, - ptm->tm_hour, - ptm->tm_min, - ptm->tm_sec, - (int)(now % 10000), log_level_names[n]); - else - n = lws_snprintf(p, len, "[%llu:%04d] %s: ", - (unsigned long long) now / 10000, - (int)(now % 10000), log_level_names[n]); - return n; - } -#else - p[0] = '\0'; -#endif - - return 0; -} - -#ifndef LWS_PLAT_OPTEE -static const char * const colours[] = { - "[31;1m", /* LLL_ERR */ - "[36;1m", /* LLL_WARN */ - "[35;1m", /* LLL_NOTICE */ - "[32;1m", /* LLL_INFO */ - "[34;1m", /* LLL_DEBUG */ - "[33;1m", /* LLL_PARSER */ - "[33m", /* LLL_HEADER */ - "[33m", /* LLL_EXT */ - "[33m", /* LLL_CLIENT */ - "[33;1m", /* LLL_LATENCY */ - "[30;1m", /* LLL_USER */ - "[31m", /* LLL_THREAD */ -}; - -static char tty; - -LWS_VISIBLE void -lwsl_emit_stderr(int level, const char *line) -{ - char buf[50]; - int n, m = LWS_ARRAY_SIZE(colours) - 1; - - if (!tty) - tty = isatty(2) | 2; - lwsl_timestamp(level, buf, sizeof(buf)); - - if (tty == 3) { - n = 1 << (LWS_ARRAY_SIZE(colours) - 1); - while (n) { - if (level & n) - break; - m--; - n >>= 1; - } - fprintf(stderr, "%c%s%s%s%c[0m", 27, colours[m], buf, line, 27); - } else - fprintf(stderr, "%s%s", buf, line); -} - -LWS_VISIBLE void -lwsl_emit_stderr_notimestamp(int level, const char *line) -{ - int n, m = LWS_ARRAY_SIZE(colours) - 1; - - if (!tty) - tty = isatty(2) | 2; - - if (tty == 3) { - n = 1 << (LWS_ARRAY_SIZE(colours) - 1); - while (n) { - if (level & n) - break; - m--; - n >>= 1; - } - fprintf(stderr, "%c%s%s%c[0m", 27, colours[m], line, 27); - } else - fprintf(stderr, "%s", line); -} - -#endif - -LWS_VISIBLE void _lws_logv(int filter, const char *format, va_list vl) -{ - char buf[256]; - int n; - - if (!(log_level & filter)) - return; - - n = vsnprintf(buf, sizeof(buf) - 1, format, vl); - (void)n; - /* vnsprintf returns what it would have written, even if truncated */ - if (n > (int)sizeof(buf) - 1) { - n = sizeof(buf) - 5; - buf[n++] = '.'; - buf[n++] = '.'; - buf[n++] = '.'; - buf[n++] = '\n'; - buf[n] = '\0'; - } - if (n > 0) - buf[n] = '\0'; - - lwsl_emit(filter, buf); -} - -LWS_VISIBLE void _lws_log(int filter, const char *format, ...) -{ - va_list ap; - - va_start(ap, format); - _lws_logv(filter, format, ap); - va_end(ap); -} - -LWS_VISIBLE void lws_set_log_level(int level, - void (*func)(int level, const char *line)) -{ - log_level = level; - if (func) - lwsl_emit = func; -} - -LWS_VISIBLE int lwsl_visible(int level) -{ - return log_level & level; -} - -LWS_VISIBLE void -lwsl_hexdump_level(int hexdump_level, const void *vbuf, size_t len) -{ - unsigned char *buf = (unsigned char *)vbuf; - unsigned int n; - - if (!lwsl_visible(hexdump_level)) - return; - - if (!len) - return; - - if (!vbuf) - return; - - _lws_log(hexdump_level, "\n"); - - for (n = 0; n < len;) { - unsigned int start = n, m; - char line[80], *p = line; - - p += sprintf(p, "%04X: ", start); - - for (m = 0; m < 16 && n < len; m++) - p += sprintf(p, "%02X ", buf[n++]); - while (m++ < 16) - p += sprintf(p, " "); - - p += sprintf(p, " "); - - for (m = 0; m < 16 && (start + m) < len; m++) { - if (buf[start + m] >= ' ' && buf[start + m] < 127) - *p++ = buf[start + m]; - else - *p++ = '.'; - } - while (m++ < 16) - *p++ = ' '; - - *p++ = '\n'; - *p = '\0'; - _lws_log(hexdump_level, "%s", line); - (void)line; - } - - _lws_log(hexdump_level, "\n"); -} - -LWS_VISIBLE void -lwsl_hexdump(const void *vbuf, size_t len) -{ -#if defined(_DEBUG) - lwsl_hexdump_level(LLL_DEBUG, vbuf, len); -#endif -} - -LWS_VISIBLE int -lws_is_ssl(struct lws *wsi) -{ -#if defined(LWS_WITH_TLS) - return wsi->tls.use_ssl & LCCSCF_USE_SSL; -#else - (void)wsi; - return 0; -#endif -} - -#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) -LWS_VISIBLE lws_tls_conn* -lws_get_ssl(struct lws *wsi) -{ - return wsi->tls.ssl; -} -#endif - -LWS_VISIBLE int -lws_partial_buffered(struct lws *wsi) -{ - return lws_has_buffered_out(wsi); -} - -LWS_VISIBLE lws_fileofs_t -lws_get_peer_write_allowance(struct lws *wsi) -{ - if (!wsi->role_ops->tx_credit) - return -1; - return wsi->role_ops->tx_credit(wsi); -} - -LWS_VISIBLE void -lws_role_transition(struct lws *wsi, enum lwsi_role role, enum lwsi_state state, - struct lws_role_ops *ops) -{ -#if defined(_DEBUG) - const char *name = "(unset)"; -#endif - wsi->wsistate = role | state; - if (ops) - wsi->role_ops = ops; -#if defined(_DEBUG) - if (wsi->role_ops) - name = wsi->role_ops->name; - lwsl_debug("%s: %p: wsistate 0x%x, ops %s\n", __func__, wsi, - wsi->wsistate, name); -#endif -} - -LWS_VISIBLE struct lws_plat_file_ops * -lws_get_fops(struct lws_context *context) -{ - return (struct lws_plat_file_ops *)context->fops; -} - -LWS_VISIBLE LWS_EXTERN struct lws_context * -lws_get_context(const struct lws *wsi) -{ - return wsi->context; -} - -LWS_VISIBLE LWS_EXTERN int -lws_get_count_threads(struct lws_context *context) -{ - return context->count_threads; -} - -LWS_VISIBLE LWS_EXTERN void * -lws_wsi_user(struct lws *wsi) -{ - return wsi->user_space; -} - -LWS_VISIBLE LWS_EXTERN void -lws_set_wsi_user(struct lws *wsi, void *data) -{ - if (wsi->user_space_externally_allocated) - wsi->user_space = data; - else - lwsl_err("%s: Cannot set internally-allocated user_space\n", - __func__); -} - -LWS_VISIBLE LWS_EXTERN struct lws * -lws_get_parent(const struct lws *wsi) -{ - return wsi->parent; -} - -LWS_VISIBLE LWS_EXTERN struct lws * -lws_get_child(const struct lws *wsi) -{ - return wsi->child_list; -} - -LWS_VISIBLE LWS_EXTERN void * -lws_get_opaque_parent_data(const struct lws *wsi) -{ - return wsi->opaque_parent_data; -} - -LWS_VISIBLE LWS_EXTERN void -lws_set_opaque_parent_data(struct lws *wsi, void *data) -{ - wsi->opaque_parent_data = data; -} - -LWS_VISIBLE LWS_EXTERN int -lws_get_child_pending_on_writable(const struct lws *wsi) -{ - return wsi->parent_pending_cb_on_writable; -} - -LWS_VISIBLE LWS_EXTERN void -lws_clear_child_pending_on_writable(struct lws *wsi) -{ - wsi->parent_pending_cb_on_writable = 0; -} - - -LWS_EXTERN int -__lws_rx_flow_control(struct lws *wsi) -{ - struct lws *wsic = wsi->child_list; - - // h2 ignores rx flow control atm - if (lwsi_role_h2(wsi) || wsi->http2_substream || - lwsi_role_h2_ENCAPSULATION(wsi)) - return 0; // !!! - - /* if he has children, do those if they were changed */ - while (wsic) { - if (wsic->rxflow_change_to & LWS_RXFLOW_PENDING_CHANGE) - __lws_rx_flow_control(wsic); - - wsic = wsic->sibling_list; - } - - /* there is no pending change */ - if (!(wsi->rxflow_change_to & LWS_RXFLOW_PENDING_CHANGE)) - return 0; - - /* stuff is still buffered, not ready to really accept new input */ - if (lws_buflist_next_segment_len(&wsi->buflist, NULL)) { - /* get ourselves called back to deal with stashed buffer */ - lws_callback_on_writable(wsi); - return 0; - } - - /* now the pending is cleared, we can change rxflow state */ - - wsi->rxflow_change_to &= ~LWS_RXFLOW_PENDING_CHANGE; - - lwsl_info("rxflow: wsi %p change_to %d\n", wsi, - wsi->rxflow_change_to & LWS_RXFLOW_ALLOW); - - /* adjust the pollfd for this wsi */ - - if (wsi->rxflow_change_to & LWS_RXFLOW_ALLOW) { - if (__lws_change_pollfd(wsi, 0, LWS_POLLIN)) { - lwsl_info("%s: fail\n", __func__); - return -1; - } - } else - if (__lws_change_pollfd(wsi, LWS_POLLIN, 0)) - return -1; - - return 0; -} - -static const unsigned char e0f4[] = { - 0xa0 | ((2 - 1) << 2) | 1, /* e0 */ - 0x80 | ((4 - 1) << 2) | 1, /* e1 */ - 0x80 | ((4 - 1) << 2) | 1, /* e2 */ - 0x80 | ((4 - 1) << 2) | 1, /* e3 */ - 0x80 | ((4 - 1) << 2) | 1, /* e4 */ - 0x80 | ((4 - 1) << 2) | 1, /* e5 */ - 0x80 | ((4 - 1) << 2) | 1, /* e6 */ - 0x80 | ((4 - 1) << 2) | 1, /* e7 */ - 0x80 | ((4 - 1) << 2) | 1, /* e8 */ - 0x80 | ((4 - 1) << 2) | 1, /* e9 */ - 0x80 | ((4 - 1) << 2) | 1, /* ea */ - 0x80 | ((4 - 1) << 2) | 1, /* eb */ - 0x80 | ((4 - 1) << 2) | 1, /* ec */ - 0x80 | ((2 - 1) << 2) | 1, /* ed */ - 0x80 | ((4 - 1) << 2) | 1, /* ee */ - 0x80 | ((4 - 1) << 2) | 1, /* ef */ - 0x90 | ((3 - 1) << 2) | 2, /* f0 */ - 0x80 | ((4 - 1) << 2) | 2, /* f1 */ - 0x80 | ((4 - 1) << 2) | 2, /* f2 */ - 0x80 | ((4 - 1) << 2) | 2, /* f3 */ - 0x80 | ((1 - 1) << 2) | 2, /* f4 */ - - 0, /* s0 */ - 0x80 | ((4 - 1) << 2) | 0, /* s2 */ - 0x80 | ((4 - 1) << 2) | 1, /* s3 */ -}; - -LWS_EXTERN int -lws_check_byte_utf8(unsigned char state, unsigned char c) -{ - unsigned char s = state; - - if (!s) { - if (c >= 0x80) { - if (c < 0xc2 || c > 0xf4) - return -1; - if (c < 0xe0) - return 0x80 | ((4 - 1) << 2); - else - return e0f4[c - 0xe0]; - } - - return s; - } - if (c < (s & 0xf0) || c >= (s & 0xf0) + 0x10 + ((s << 2) & 0x30)) - return -1; - - return e0f4[21 + (s & 3)]; -} - -LWS_EXTERN int -lws_check_utf8(unsigned char *state, unsigned char *buf, size_t len) -{ - unsigned char s = *state; - - while (len--) { - unsigned char c = *buf++; - - if (!s) { - if (c >= 0x80) { - if (c < 0xc2 || c > 0xf4) - return 1; - if (c < 0xe0) - s = 0x80 | ((4 - 1) << 2); - else - s = e0f4[c - 0xe0]; - } - } else { - if (c < (s & 0xf0) || - c >= (s & 0xf0) + 0x10 + ((s << 2) & 0x30)) - return 1; - s = e0f4[21 + (s & 3)]; - } - } - - *state = s; - - return 0; -} - -LWS_VISIBLE LWS_EXTERN int -lws_parse_uri(char *p, const char **prot, const char **ads, int *port, - const char **path) -{ - const char *end; - char unix_skt = 0; - - /* cut up the location into address, port and path */ - *prot = p; - while (*p && (*p != ':' || p[1] != '/' || p[2] != '/')) - p++; - if (!*p) { - end = p; - p = (char *)*prot; - *prot = end; - } else { - *p = '\0'; - p += 3; - } - if (*p == '+') /* unix skt */ - unix_skt = 1; - - *ads = p; - if (!strcmp(*prot, "http") || !strcmp(*prot, "ws")) - *port = 80; - else if (!strcmp(*prot, "https") || !strcmp(*prot, "wss")) - *port = 443; - - if (*p == '[') { - ++(*ads); - while (*p && *p != ']') - p++; - if (*p) - *p++ = '\0'; - } else - while (*p && *p != ':' && (unix_skt || *p != '/')) - p++; - - if (*p == ':') { - *p++ = '\0'; - *port = atoi(p); - while (*p && *p != '/') - p++; - } - *path = "/"; - if (*p) { - *p++ = '\0'; - if (*p) - *path = p; - } - - return 0; -} - -char * -lws_strdup(const char *s) -{ - char *d = lws_malloc(strlen(s) + 1, "strdup"); - - if (d) - strcpy(d, s); - - return d; -} - -#if defined(LWS_WITHOUT_EXTENSIONS) - -/* we need to provide dummy callbacks for internal exts - * so user code runs when faced with a lib compiled with - * extensions disabled. - */ - -LWS_VISIBLE int -lws_extension_callback_pm_deflate(struct lws_context *context, - const struct lws_extension *ext, - struct lws *wsi, - enum lws_extension_callback_reasons reason, - void *user, void *in, size_t len) -{ - (void)context; - (void)ext; - (void)wsi; - (void)reason; - (void)user; - (void)in; - (void)len; - - return 0; -} - -LWS_EXTERN int -lws_set_extension_option(struct lws *wsi, const char *ext_name, - const char *opt_name, const char *opt_val) -{ - return -1; -} -#endif - -/* note: this returns a random port, or one of these <= 0 return codes: - * - * LWS_ITOSA_USABLE: the interface is usable, returned if so and sockfd invalid - * LWS_ITOSA_NOT_EXIST: the requested iface does not even exist - * LWS_ITOSA_NOT_USABLE: the requested iface exists but is not usable (eg, no IP) - * LWS_ITOSA_BUSY: the port at the requested iface + port is already in use - */ - -LWS_EXTERN int -lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port, - const char *iface) -{ -#ifdef LWS_WITH_UNIX_SOCK - struct sockaddr_un serv_unix; -#endif -#ifdef LWS_WITH_IPV6 - struct sockaddr_in6 serv_addr6; -#endif - struct sockaddr_in serv_addr4; -#ifndef LWS_PLAT_OPTEE - socklen_t len = sizeof(struct sockaddr_storage); -#endif - int n; -#if !defined(LWS_WITH_ESP32) - int m; -#endif - struct sockaddr_storage sin; - struct sockaddr *v; - - memset(&sin, 0, sizeof(sin)); - -#if defined(LWS_WITH_UNIX_SOCK) - if (LWS_UNIX_SOCK_ENABLED(vhost)) { - v = (struct sockaddr *)&serv_unix; - n = sizeof(struct sockaddr_un); - bzero((char *) &serv_unix, sizeof(serv_unix)); - serv_unix.sun_family = AF_UNIX; - if (!iface) - return LWS_ITOSA_NOT_EXIST; - if (sizeof(serv_unix.sun_path) <= strlen(iface)) { - lwsl_err("\"%s\" too long for UNIX domain socket\n", - iface); - return LWS_ITOSA_NOT_EXIST; - } - strcpy(serv_unix.sun_path, iface); - if (serv_unix.sun_path[0] == '@') - serv_unix.sun_path[0] = '\0'; - else - unlink(serv_unix.sun_path); - - } else -#endif -#if defined(LWS_WITH_IPV6) && !defined(LWS_WITH_ESP32) - if (LWS_IPV6_ENABLED(vhost)) { - v = (struct sockaddr *)&serv_addr6; - n = sizeof(struct sockaddr_in6); - bzero((char *) &serv_addr6, sizeof(serv_addr6)); - if (iface) { - m = interface_to_sa(vhost, iface, - (struct sockaddr_in *)v, n); - if (m == LWS_ITOSA_NOT_USABLE) { - lwsl_info("%s: netif %s: Not usable\n", - __func__, iface); - return m; - } - if (m == LWS_ITOSA_NOT_EXIST) { - lwsl_info("%s: netif %s: Does not exist\n", - __func__, iface); - return m; - } - serv_addr6.sin6_scope_id = lws_get_addr_scope(iface); - } - - serv_addr6.sin6_family = AF_INET6; - serv_addr6.sin6_port = htons(port); - } else -#endif - { - v = (struct sockaddr *)&serv_addr4; - n = sizeof(serv_addr4); - bzero((char *) &serv_addr4, sizeof(serv_addr4)); - serv_addr4.sin_addr.s_addr = INADDR_ANY; - serv_addr4.sin_family = AF_INET; - -#if !defined(LWS_WITH_ESP32) - if (iface) { - m = interface_to_sa(vhost, iface, - (struct sockaddr_in *)v, n); - if (m == LWS_ITOSA_NOT_USABLE) { - lwsl_info("%s: netif %s: Not usable\n", - __func__, iface); - return m; - } - if (m == LWS_ITOSA_NOT_EXIST) { - lwsl_info("%s: netif %s: Does not exist\n", - __func__, iface); - return m; - } - } -#endif - serv_addr4.sin_port = htons(port); - } /* ipv4 */ - - /* just checking for the interface extant */ - if (sockfd == LWS_SOCK_INVALID) - return LWS_ITOSA_USABLE; - - n = bind(sockfd, v, n); -#ifdef LWS_WITH_UNIX_SOCK - if (n < 0 && LWS_UNIX_SOCK_ENABLED(vhost)) { - lwsl_err("ERROR on binding fd %d to \"%s\" (%d %d)\n", - sockfd, iface, n, LWS_ERRNO); - return LWS_ITOSA_NOT_EXIST; - } else -#endif - if (n < 0) { - lwsl_err("ERROR on binding fd %d to port %d (%d %d)\n", - sockfd, port, n, LWS_ERRNO); - - /* if something already listening, tell caller to fail permanently */ - - if (LWS_ERRNO == LWS_EADDRINUSE) - return LWS_ITOSA_BUSY; - - /* otherwise ask caller to retry later */ - - return LWS_ITOSA_NOT_EXIST; - } - -#if defined(LWS_WITH_UNIX_SOCK) - if (LWS_UNIX_SOCK_ENABLED(vhost) && vhost->context->uid) - if (chown(serv_unix.sun_path, vhost->context->uid, - vhost->context->gid)) - lwsl_notice("%s: chown for unix skt %s failed\n", - __func__, serv_unix.sun_path); -#endif - -#ifndef LWS_PLAT_OPTEE - if (getsockname(sockfd, (struct sockaddr *)&sin, &len) == -1) - lwsl_warn("getsockname: %s\n", strerror(LWS_ERRNO)); - else -#endif -#if defined(LWS_WITH_IPV6) - port = (sin.ss_family == AF_INET6) ? - ntohs(((struct sockaddr_in6 *) &sin)->sin6_port) : - ntohs(((struct sockaddr_in *) &sin)->sin_port); -#else - { - struct sockaddr_in sain; - memcpy(&sain, &sin, sizeof(sain)); - port = ntohs(sain.sin_port); - } -#endif - - return port; -} - -LWS_VISIBLE LWS_EXTERN int -lws_get_vhost_listen_port(struct lws_vhost *vhost) -{ - return vhost->listen_port; -} - -#if defined(LWS_WITH_IPV6) -LWS_EXTERN unsigned long -lws_get_addr_scope(const char *ipaddr) -{ - unsigned long scope = 0; - -#ifndef WIN32 - struct ifaddrs *addrs, *addr; - char ip[NI_MAXHOST]; - unsigned int i; - - getifaddrs(&addrs); - for (addr = addrs; addr; addr = addr->ifa_next) { - if (!addr->ifa_addr || - addr->ifa_addr->sa_family != AF_INET6) - continue; - - getnameinfo(addr->ifa_addr, - sizeof(struct sockaddr_in6), - ip, sizeof(ip), - NULL, 0, NI_NUMERICHOST); - - i = 0; - while (ip[i]) - if (ip[i++] == '%') { - ip[i - 1] = '\0'; - break; - } - - if (!strcmp(ip, ipaddr)) { - scope = if_nametoindex(addr->ifa_name); - break; - } - } - freeifaddrs(addrs); -#else - PIP_ADAPTER_ADDRESSES adapter, addrs = NULL; - PIP_ADAPTER_UNICAST_ADDRESS addr; - ULONG size = 0; - DWORD ret; - struct sockaddr_in6 *sockaddr; - char ip[NI_MAXHOST]; - unsigned int i; - int found = 0; - - for (i = 0; i < 5; i++) - { - ret = GetAdaptersAddresses(AF_INET6, GAA_FLAG_INCLUDE_PREFIX, - NULL, addrs, &size); - if ((ret == NO_ERROR) || (ret == ERROR_NO_DATA)) { - break; - } else if (ret == ERROR_BUFFER_OVERFLOW) - { - if (addrs) - free(addrs); - addrs = (IP_ADAPTER_ADDRESSES *)malloc(size); - } else - { - if (addrs) - { - free(addrs); - addrs = NULL; - } - lwsl_err("Failed to get IPv6 address table (%d)", ret); - break; - } - } - - if ((ret == NO_ERROR) && (addrs)) { - adapter = addrs; - while (adapter && !found) { - addr = adapter->FirstUnicastAddress; - while (addr && !found) { - if (addr->Address.lpSockaddr->sa_family == - AF_INET6) { - sockaddr = (struct sockaddr_in6 *) - (addr->Address.lpSockaddr); - - lws_plat_inet_ntop(sockaddr->sin6_family, - &sockaddr->sin6_addr, - ip, sizeof(ip)); - - if (!strcmp(ip, ipaddr)) { - scope = sockaddr->sin6_scope_id; - found = 1; - break; - } - } - addr = addr->Next; - } - adapter = adapter->Next; - } - } - if (addrs) - free(addrs); -#endif - - return scope; -} -#endif - -static const char *hex = "0123456789ABCDEF"; - -LWS_VISIBLE LWS_EXTERN const char * -lws_sql_purify(char *escaped, const char *string, int len) -{ - const char *p = string; - char *q = escaped; - - while (*p && len-- > 2) { - if (*p == '\'') { - *q++ = '\''; - *q++ = '\''; - len --; - p++; - } else - *q++ = *p++; - } - *q = '\0'; - - return escaped; -} - -LWS_VISIBLE LWS_EXTERN const char * -lws_json_purify(char *escaped, const char *string, int len) -{ - const char *p = string; - char *q = escaped; - - if (!p) { - escaped[0] = '\0'; - return escaped; - } - - while (*p && len-- > 6) { - if (*p == '\t') { - p++; - *q++ = '\\'; - *q++ = 't'; - continue; - } - - if (*p == '\n') { - p++; - *q++ = '\\'; - *q++ = 'n'; - continue; - } - - if (*p == '\r') { - p++; - *q++ = '\\'; - *q++ = 'r'; - continue; - } - - if (*p == '\"' || *p == '\\' || *p < 0x20) { - *q++ = '\\'; - *q++ = 'u'; - *q++ = '0'; - *q++ = '0'; - *q++ = hex[((*p) >> 4) & 15]; - *q++ = hex[(*p) & 15]; - len -= 5; - p++; - } else - *q++ = *p++; - } - *q = '\0'; - - return escaped; -} - -LWS_VISIBLE LWS_EXTERN void -lws_filename_purify_inplace(char *filename) -{ - while (*filename) { - - if (*filename == '.' && filename[1] == '.') { - *filename = '_'; - filename[1] = '_'; - } - - if (*filename == ':' || - *filename == '/' || - *filename == '\\' || - *filename == '$' || - *filename == '%') - *filename = '_'; - - filename++; - } -} - -LWS_VISIBLE LWS_EXTERN const char * -lws_urlencode(char *escaped, const char *string, int len) -{ - const char *p = string; - char *q = escaped; - - while (*p && len-- > 3) { - if (*p == ' ') { - *q++ = '+'; - p++; - continue; - } - if ((*p >= '0' && *p <= '9') || - (*p >= 'A' && *p <= 'Z') || - (*p >= 'a' && *p <= 'z')) { - *q++ = *p++; - continue; - } - *q++ = '%'; - *q++ = hex[(*p >> 4) & 0xf]; - *q++ = hex[*p & 0xf]; - - len -= 2; - p++; - } - *q = '\0'; - - return escaped; -} - -LWS_VISIBLE LWS_EXTERN int -lws_urldecode(char *string, const char *escaped, int len) -{ - int state = 0, n; - char sum = 0; - - while (*escaped && len) { - switch (state) { - case 0: - if (*escaped == '%') { - state++; - escaped++; - continue; - } - if (*escaped == '+') { - escaped++; - *string++ = ' '; - len--; - continue; - } - *string++ = *escaped++; - len--; - break; - case 1: - n = char_to_hex(*escaped); - if (n < 0) - return -1; - escaped++; - sum = n << 4; - state++; - break; - - case 2: - n = char_to_hex(*escaped); - if (n < 0) - return -1; - escaped++; - *string++ = sum | n; - len--; - state = 0; - break; - } - - } - *string = '\0'; - - return 0; -} - -LWS_VISIBLE LWS_EXTERN int -lws_finalize_startup(struct lws_context *context) -{ - struct lws_context_creation_info info; - - info.uid = context->uid; - info.gid = context->gid; - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - memcpy(info.caps, context->caps, sizeof(info.caps)); - info.count_caps = context->count_caps; -#endif - - if (lws_check_opt(context->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) - lws_plat_drop_app_privileges(&info); - - return 0; -} - -LWS_VISIBLE LWS_EXTERN void -lws_get_effective_uid_gid(struct lws_context *context, int *uid, int *gid) -{ - *uid = context->uid; - *gid = context->gid; -} - -int -lws_snprintf(char *str, size_t size, const char *format, ...) -{ - va_list ap; - int n; - - if (!size) - return 0; - - va_start(ap, format); - n = vsnprintf(str, size, format, ap); - va_end(ap); - - if (n >= (int)size) - return (int)size; - - return n; -} - -char * -lws_strncpy(char *dest, const char *src, size_t size) -{ - strncpy(dest, src, size - 1); - dest[size - 1] = '\0'; - - return dest; -} - - -typedef enum { - LWS_TOKZS_LEADING_WHITESPACE, - LWS_TOKZS_QUOTED_STRING, - LWS_TOKZS_TOKEN, - LWS_TOKZS_TOKEN_POST_TERMINAL -} lws_tokenize_state; - -int -lws_tokenize(struct lws_tokenize *ts) -{ - const char *rfc7230_delims = "(),/:;<=>?@[\\]{}"; - lws_tokenize_state state = LWS_TOKZS_LEADING_WHITESPACE; - char c, flo = 0, d_minus = '-', d_dot = '.', s_minus = '\0', - s_dot = '\0'; - signed char num = -1; - int utf8 = 0; - - /* for speed, compute the effect of the flags outside the loop */ - - if (ts->flags & LWS_TOKENIZE_F_MINUS_NONTERM) { - d_minus = '\0'; - s_minus = '-'; - } - if (ts->flags & LWS_TOKENIZE_F_DOT_NONTERM) { - d_dot = '\0'; - s_dot = '.'; - } - - ts->token = NULL; - ts->token_len = 0; - - while (ts->len) { - c = *ts->start++; - ts->len--; - - utf8 = lws_check_byte_utf8((unsigned char)utf8, c); - if (utf8 < 0) - return LWS_TOKZE_ERR_BROKEN_UTF8; - - if (!c) - break; - - /* whitespace */ - - if (c == ' ' || c == '\t' || c == '\n' || c == '\r' || - c == '\f') { - switch (state) { - case LWS_TOKZS_LEADING_WHITESPACE: - case LWS_TOKZS_TOKEN_POST_TERMINAL: - continue; - case LWS_TOKZS_QUOTED_STRING: - ts->token_len++; - continue; - case LWS_TOKZS_TOKEN: - /* we want to scan forward to look for = */ - - state = LWS_TOKZS_TOKEN_POST_TERMINAL; - continue; - } - } - - /* quoted string */ - - if (c == '\"') { - if (state == LWS_TOKZS_QUOTED_STRING) - return LWS_TOKZE_QUOTED_STRING; - - /* starting a quoted string */ - - if (ts->flags & LWS_TOKENIZE_F_COMMA_SEP_LIST) { - if (ts->delim == LWSTZ_DT_NEED_DELIM) - return LWS_TOKZE_ERR_COMMA_LIST; - ts->delim = LWSTZ_DT_NEED_DELIM; - } - - state = LWS_TOKZS_QUOTED_STRING; - ts->token = ts->start; - ts->token_len = 0; - - continue; - } - - /* token= aggregation */ - - if (c == '=' && (state == LWS_TOKZS_TOKEN_POST_TERMINAL || - state == LWS_TOKZS_TOKEN)) { - if (num == 1) - return LWS_TOKZE_ERR_NUM_ON_LHS; - /* swallow the = */ - return LWS_TOKZE_TOKEN_NAME_EQUALS; - } - - /* optional token: aggregation */ - - if ((ts->flags & LWS_TOKENIZE_F_AGG_COLON) && c == ':' && - (state == LWS_TOKZS_TOKEN_POST_TERMINAL || - state == LWS_TOKZS_TOKEN)) - /* swallow the : */ - return LWS_TOKZE_TOKEN_NAME_COLON; - - /* aggregate . in a number as a float */ - - if (c == '.' && !(ts->flags & LWS_TOKENIZE_F_NO_FLOATS) && - state == LWS_TOKZS_TOKEN && num == 1) { - if (flo) - return LWS_TOKZE_ERR_MALFORMED_FLOAT; - flo = 1; - ts->token_len++; - continue; - } - - /* - * Delimiter... by default anything that: - * - * - isn't matched earlier, or - * - is [A-Z, a-z, 0-9, _], and - * - is not a partial utf8 char - * - * is a "delimiter", it marks the end of a token and is itself - * reported as a single LWS_TOKZE_DELIMITER each time. - * - * However with LWS_TOKENIZE_F_RFC7230_DELIMS flag, tokens may - * contain any noncontrol character that isn't defined in - * rfc7230_delims, and only characters listed there are treated - * as delimiters. - */ - - if (!utf8 && - ((ts->flags & LWS_TOKENIZE_F_RFC7230_DELIMS && - strchr(rfc7230_delims, c) && c > 32) || - ((!(ts->flags & LWS_TOKENIZE_F_RFC7230_DELIMS) && - (c < '0' || c > '9') && (c < 'A' || c > 'Z') && - (c < 'a' || c > 'z') && c != '_') && - c != s_minus && c != s_dot) || - c == d_minus || c == d_dot - )) { - switch (state) { - case LWS_TOKZS_LEADING_WHITESPACE: - if (ts->flags & LWS_TOKENIZE_F_COMMA_SEP_LIST) { - if (c != ',' || - ts->delim != LWSTZ_DT_NEED_DELIM) - return LWS_TOKZE_ERR_COMMA_LIST; - ts->delim = LWSTZ_DT_NEED_NEXT_CONTENT; - } - - ts->token = ts->start - 1; - ts->token_len = 1; - return LWS_TOKZE_DELIMITER; - - case LWS_TOKZS_QUOTED_STRING: - ts->token_len++; - continue; - - case LWS_TOKZS_TOKEN_POST_TERMINAL: - case LWS_TOKZS_TOKEN: - /* report the delimiter next time */ - ts->start--; - ts->len++; - goto token_or_numeric; - } - } - - /* anything that's not whitespace or delimiter is payload */ - - switch (state) { - case LWS_TOKZS_LEADING_WHITESPACE: - - if (ts->flags & LWS_TOKENIZE_F_COMMA_SEP_LIST) { - if (ts->delim == LWSTZ_DT_NEED_DELIM) - return LWS_TOKZE_ERR_COMMA_LIST; - ts->delim = LWSTZ_DT_NEED_DELIM; - } - - state = LWS_TOKZS_TOKEN; - ts->token = ts->start - 1; - ts->token_len = 1; - if (c < '0' || c > '9') - num = 0; - else - if (num < 0) - num = 1; - continue; - case LWS_TOKZS_QUOTED_STRING: - case LWS_TOKZS_TOKEN: - if (c < '0' || c > '9') - num = 0; - else - if (num < 0) - num = 1; - ts->token_len++; - continue; - case LWS_TOKZS_TOKEN_POST_TERMINAL: - /* report the new token next time */ - ts->start--; - ts->len++; - goto token_or_numeric; - } - } - - /* we ran out of content */ - - if (utf8) /* ended partway through a multibyte char */ - return LWS_TOKZE_ERR_BROKEN_UTF8; - - if (state == LWS_TOKZS_QUOTED_STRING) - return LWS_TOKZE_ERR_UNTERM_STRING; - - if (state != LWS_TOKZS_TOKEN_POST_TERMINAL && - state != LWS_TOKZS_TOKEN) { - if ((ts->flags & LWS_TOKENIZE_F_COMMA_SEP_LIST) && - ts->delim == LWSTZ_DT_NEED_NEXT_CONTENT) - return LWS_TOKZE_ERR_COMMA_LIST; - - return LWS_TOKZE_ENDED; - } - - /* report the pending token */ - -token_or_numeric: - - if (num != 1) - return LWS_TOKZE_TOKEN; - if (flo) - return LWS_TOKZE_FLOAT; - - return LWS_TOKZE_INTEGER; -} - - -LWS_VISIBLE LWS_EXTERN int -lws_tokenize_cstr(struct lws_tokenize *ts, char *str, int max) -{ - if (ts->token_len + 1 >= max) - return 1; - - memcpy(str, ts->token, ts->token_len); - str[ts->token_len] = '\0'; - - return 0; -} - -LWS_VISIBLE LWS_EXTERN void -lws_tokenize_init(struct lws_tokenize *ts, const char *start, int flags) -{ - ts->start = start; - ts->len = 0x7fffffff; - ts->flags = flags; - ts->delim = LWSTZ_DT_NEED_FIRST_CONTENT; -} - -#if LWS_MAX_SMP > 1 - -void -lws_mutex_refcount_init(struct lws_mutex_refcount *mr) -{ - pthread_mutex_init(&mr->lock, NULL); - mr->last_lock_reason = NULL; - mr->lock_depth = 0; - mr->metadata = 0; - mr->lock_owner = 0; -} - -void -lws_mutex_refcount_destroy(struct lws_mutex_refcount *mr) -{ - pthread_mutex_destroy(&mr->lock); -} - -void -lws_mutex_refcount_lock(struct lws_mutex_refcount *mr, const char *reason) -{ - /* if true, this sequence is atomic because our thread has the lock - * - * - if true, only guy who can race to make it untrue is our thread, - * and we are here. - * - * - if false, only guy who could race to make it true is our thread, - * and we are here - * - * - it can be false and change to a different tid that is also false - */ - if (mr->lock_owner == pthread_self()) { - /* atomic because we only change it if we own the lock */ - mr->lock_depth++; - return; - } - - pthread_mutex_lock(&mr->lock); - /* atomic because only we can have the lock */ - mr->last_lock_reason = reason; - mr->lock_owner = pthread_self(); - mr->lock_depth = 1; - //lwsl_notice("tid %d: lock %s\n", mr->tid, reason); -} - -void -lws_mutex_refcount_unlock(struct lws_mutex_refcount *mr) -{ - if (--mr->lock_depth) - /* atomic because only thread that has the lock can unlock */ - return; - - mr->last_lock_reason = "free"; - mr->lock_owner = 0; - //lwsl_notice("tid %d: unlock %s\n", mr->tid, mr->last_lock_reason); - pthread_mutex_unlock(&mr->lock); -} - -#endif /* SMP */ - -LWS_VISIBLE LWS_EXTERN int -lws_is_cgi(struct lws *wsi) { -#ifdef LWS_WITH_CGI - return !!wsi->http.cgi; -#else - return 0; -#endif -} - -const struct lws_protocol_vhost_options * -lws_pvo_search(const struct lws_protocol_vhost_options *pvo, const char *name) -{ - while (pvo) { - if (!strcmp(pvo->name, name)) - break; - - pvo = pvo->next; - } - - return pvo; -} - -int -lws_pvo_get_str(void *in, const char *name, const char **result) -{ - const struct lws_protocol_vhost_options *pv = - lws_pvo_search((const struct lws_protocol_vhost_options *)in, - name); - - if (!pv) - return 1; - - *result = (const char *)pv->value; - - return 0; -} - -void -lws_sum_stats(const struct lws_context *ctx, struct lws_conn_stats *cs) -{ - const struct lws_vhost *vh = ctx->vhost_list; - - while (vh) { - - cs->rx += vh->conn_stats.rx; - cs->tx += vh->conn_stats.tx; - cs->h1_conn += vh->conn_stats.h1_conn; - cs->h1_trans += vh->conn_stats.h1_trans; - cs->h2_trans += vh->conn_stats.h2_trans; - cs->ws_upg += vh->conn_stats.ws_upg; - cs->h2_upg += vh->conn_stats.h2_upg; - cs->h2_alpn += vh->conn_stats.h2_alpn; - cs->h2_subs += vh->conn_stats.h2_subs; - cs->rejected += vh->conn_stats.rejected; - - vh = vh->vhost_next; - } -} - -const char * -lws_cmdline_option(int argc, const char **argv, const char *val) -{ - int n = (int)strlen(val), c = argc; - - while (--c > 0) { - - if (!strncmp(argv[c], val, n)) { - if (!*(argv[c] + n) && c < argc - 1) { - /* coverity treats unchecked argv as "tainted" */ - if (!argv[c + 1] || strlen(argv[c + 1]) > 1024) - return NULL; - return argv[c + 1]; - } - - return argv[c] + n; - } - } - - return NULL; -} - -#ifdef LWS_WITH_SERVER_STATUS - -LWS_EXTERN int -lws_json_dump_vhost(const struct lws_vhost *vh, char *buf, int len) -{ -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - static const char * const prots[] = { - "http://", - "https://", - "file://", - "cgi://", - ">http://", - ">https://", - "callback://" - }; -#endif - char *orig = buf, *end = buf + len - 1, first = 1; - int n = 0; - - if (len < 100) - return 0; - - buf += lws_snprintf(buf, end - buf, - "{\n \"name\":\"%s\",\n" - " \"port\":\"%d\",\n" - " \"use_ssl\":\"%d\",\n" - " \"sts\":\"%d\",\n" - " \"rx\":\"%llu\",\n" - " \"tx\":\"%llu\",\n" - " \"h1_conn\":\"%lu\",\n" - " \"h1_trans\":\"%lu\",\n" - " \"h2_trans\":\"%lu\",\n" - " \"ws_upg\":\"%lu\",\n" - " \"rejected\":\"%lu\",\n" - " \"h2_upg\":\"%lu\",\n" - " \"h2_alpn\":\"%lu\",\n" - " \"h2_subs\":\"%lu\"" - , - vh->name, vh->listen_port, -#if defined(LWS_WITH_TLS) - vh->tls.use_ssl & LCCSCF_USE_SSL, -#else - 0, -#endif - !!(vh->options & LWS_SERVER_OPTION_STS), - vh->conn_stats.rx, vh->conn_stats.tx, - vh->conn_stats.h1_conn, - vh->conn_stats.h1_trans, - vh->conn_stats.h2_trans, - vh->conn_stats.ws_upg, - vh->conn_stats.rejected, - vh->conn_stats.h2_upg, - vh->conn_stats.h2_alpn, - vh->conn_stats.h2_subs - ); -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - if (vh->http.mount_list) { - const struct lws_http_mount *m = vh->http.mount_list; - - buf += lws_snprintf(buf, end - buf, ",\n \"mounts\":["); - while (m) { - if (!first) - buf += lws_snprintf(buf, end - buf, ","); - buf += lws_snprintf(buf, end - buf, - "\n {\n \"mountpoint\":\"%s\",\n" - " \"origin\":\"%s%s\",\n" - " \"cache_max_age\":\"%d\",\n" - " \"cache_reuse\":\"%d\",\n" - " \"cache_revalidate\":\"%d\",\n" - " \"cache_intermediaries\":\"%d\"\n" - , - m->mountpoint, - prots[m->origin_protocol], - m->origin, - m->cache_max_age, - m->cache_reusable, - m->cache_revalidate, - m->cache_intermediaries); - if (m->def) - buf += lws_snprintf(buf, end - buf, - ",\n \"default\":\"%s\"", - m->def); - buf += lws_snprintf(buf, end - buf, "\n }"); - first = 0; - m = m->mount_next; - } - buf += lws_snprintf(buf, end - buf, "\n ]"); - } -#endif - if (vh->protocols) { - n = 0; - first = 1; - - buf += lws_snprintf(buf, end - buf, ",\n \"ws-protocols\":["); - while (n < vh->count_protocols) { - if (!first) - buf += lws_snprintf(buf, end - buf, ","); - buf += lws_snprintf(buf, end - buf, - "\n {\n \"%s\":{\n" - " \"status\":\"ok\"\n }\n }" - , - vh->protocols[n].name); - first = 0; - n++; - } - buf += lws_snprintf(buf, end - buf, "\n ]"); - } - - buf += lws_snprintf(buf, end - buf, "\n}"); - - return buf - orig; -} - - -LWS_EXTERN LWS_VISIBLE int -lws_json_dump_context(const struct lws_context *context, char *buf, int len, - int hide_vhosts) -{ - char *orig = buf, *end = buf + len - 1, first = 1; - const struct lws_vhost *vh = context->vhost_list; - const struct lws_context_per_thread *pt; - time_t t = time(NULL); - int n, listening = 0, cgi_count = 0; - struct lws_conn_stats cs; - double d = 0; -#ifdef LWS_WITH_CGI - struct lws_cgi * const *pcgi; -#endif - -#ifdef LWS_WITH_LIBUV - uv_uptime(&d); -#endif - - buf += lws_snprintf(buf, end - buf, "{ " - "\"version\":\"%s\",\n" - "\"uptime\":\"%ld\",\n", - lws_get_library_version(), - (long)d); - -#ifdef LWS_HAVE_GETLOADAVG - { - double d[3]; - int m; - - m = getloadavg(d, 3); - for (n = 0; n < m; n++) { - buf += lws_snprintf(buf, end - buf, - "\"l%d\":\"%.2f\",\n", - n + 1, d[n]); - } - } -#endif - - buf += lws_snprintf(buf, end - buf, "\"contexts\":[\n"); - - buf += lws_snprintf(buf, end - buf, "{ " - "\"context_uptime\":\"%ld\",\n" - "\"cgi_spawned\":\"%d\",\n" - "\"pt_fd_max\":\"%d\",\n" - "\"ah_pool_max\":\"%d\",\n" - "\"deprecated\":\"%d\",\n" - "\"wsi_alive\":\"%d\",\n", - (unsigned long)(t - context->time_up), - context->count_cgi_spawned, - context->fd_limit_per_thread, - context->max_http_header_pool, - context->deprecated, - context->count_wsi_allocated); - - buf += lws_snprintf(buf, end - buf, "\"pt\":[\n "); - for (n = 0; n < context->count_threads; n++) { - pt = &context->pt[n]; - if (n) - buf += lws_snprintf(buf, end - buf, ","); - buf += lws_snprintf(buf, end - buf, - "\n {\n" - " \"fds_count\":\"%d\",\n" - " \"ah_pool_inuse\":\"%d\",\n" - " \"ah_wait_list\":\"%d\"\n" - " }", - pt->fds_count, - pt->http.ah_count_in_use, - pt->http.ah_wait_list_length); - } - - buf += lws_snprintf(buf, end - buf, "]"); - - buf += lws_snprintf(buf, end - buf, ", \"vhosts\":[\n "); - - first = 1; - vh = context->vhost_list; - listening = 0; - cs = context->conn_stats; - lws_sum_stats(context, &cs); - while (vh) { - - if (!hide_vhosts) { - if (!first) - if(buf != end) - *buf++ = ','; - buf += lws_json_dump_vhost(vh, buf, end - buf); - first = 0; - } - if (vh->lserv_wsi) - listening++; - vh = vh->vhost_next; - } - - buf += lws_snprintf(buf, end - buf, - "],\n\"listen_wsi\":\"%d\",\n" - " \"rx\":\"%llu\",\n" - " \"tx\":\"%llu\",\n" - " \"h1_conn\":\"%lu\",\n" - " \"h1_trans\":\"%lu\",\n" - " \"h2_trans\":\"%lu\",\n" - " \"ws_upg\":\"%lu\",\n" - " \"rejected\":\"%lu\",\n" - " \"h2_alpn\":\"%lu\",\n" - " \"h2_subs\":\"%lu\",\n" - " \"h2_upg\":\"%lu\"", - listening, cs.rx, cs.tx, - cs.h1_conn, - cs.h1_trans, - cs.h2_trans, - cs.ws_upg, - cs.rejected, - cs.h2_alpn, - cs.h2_subs, - cs.h2_upg); - -#ifdef LWS_WITH_CGI - for (n = 0; n < context->count_threads; n++) { - pt = &context->pt[n]; - pcgi = &pt->http.cgi_list; - - while (*pcgi) { - pcgi = &(*pcgi)->cgi_list; - - cgi_count++; - } - } -#endif - buf += lws_snprintf(buf, end - buf, ",\n \"cgi_alive\":\"%d\"\n ", - cgi_count); - - buf += lws_snprintf(buf, end - buf, "}"); - - - buf += lws_snprintf(buf, end - buf, "]}\n "); - - return buf - orig; -} - -#endif - -#if defined(LWS_WITH_STATS) - -LWS_VISIBLE LWS_EXTERN uint64_t -lws_stats_get(struct lws_context *context, int index) -{ - if (index >= LWSSTATS_SIZE) - return 0; - - return context->lws_stats[index]; -} - -LWS_VISIBLE LWS_EXTERN void -lws_stats_log_dump(struct lws_context *context) -{ - struct lws_vhost *v = context->vhost_list; - int n; -#if defined(LWS_WITH_PEER_LIMITS) - int m; -#endif - - if (!context->updated) - return; - - context->updated = 0; - - lwsl_notice("\n"); - lwsl_notice("LWS internal statistics dump ----->\n"); - lwsl_notice("LWSSTATS_C_CONNECTIONS: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_CONNECTIONS)); - lwsl_notice("LWSSTATS_C_API_CLOSE: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_API_CLOSE)); - lwsl_notice("LWSSTATS_C_API_READ: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_API_READ)); - lwsl_notice("LWSSTATS_C_API_LWS_WRITE: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_API_LWS_WRITE)); - lwsl_notice("LWSSTATS_C_API_WRITE: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_API_WRITE)); - lwsl_notice("LWSSTATS_C_WRITE_PARTIALS: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_WRITE_PARTIALS)); - lwsl_notice("LWSSTATS_C_WRITEABLE_CB_REQ: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_WRITEABLE_CB_REQ)); - lwsl_notice("LWSSTATS_C_WRITEABLE_CB_EFF_REQ: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_WRITEABLE_CB_EFF_REQ)); - lwsl_notice("LWSSTATS_C_WRITEABLE_CB: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_WRITEABLE_CB)); - lwsl_notice("LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN)); - lwsl_notice("LWSSTATS_C_SSL_CONNECTIONS_FAILED: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_SSL_CONNECTIONS_FAILED)); - lwsl_notice("LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED)); - lwsl_notice("LWSSTATS_C_SSL_CONNS_HAD_RX: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_SSL_CONNS_HAD_RX)); - lwsl_notice("LWSSTATS_C_PEER_LIMIT_AH_DENIED: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_PEER_LIMIT_AH_DENIED)); - lwsl_notice("LWSSTATS_C_PEER_LIMIT_WSI_DENIED: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_PEER_LIMIT_WSI_DENIED)); - - lwsl_notice("LWSSTATS_C_TIMEOUTS: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_TIMEOUTS)); - lwsl_notice("LWSSTATS_C_SERVICE_ENTRY: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_C_SERVICE_ENTRY)); - lwsl_notice("LWSSTATS_B_READ: %8llu\n", - (unsigned long long)lws_stats_get(context, LWSSTATS_B_READ)); - lwsl_notice("LWSSTATS_B_WRITE: %8llu\n", - (unsigned long long)lws_stats_get(context, LWSSTATS_B_WRITE)); - lwsl_notice("LWSSTATS_B_PARTIALS_ACCEPTED_PARTS: %8llu\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_B_PARTIALS_ACCEPTED_PARTS)); - lwsl_notice("LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY: %8llums\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY) / 1000); - if (lws_stats_get(context, LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED)) - lwsl_notice(" Avg accept delay: %8llums\n", - (unsigned long long)(lws_stats_get(context, - LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY) / - lws_stats_get(context, - LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED)) / 1000); - lwsl_notice("LWSSTATS_MS_SSL_RX_DELAY: %8llums\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_MS_SSL_RX_DELAY) / 1000); - if (lws_stats_get(context, LWSSTATS_C_SSL_CONNS_HAD_RX)) - lwsl_notice(" Avg accept-rx delay: %8llums\n", - (unsigned long long)(lws_stats_get(context, - LWSSTATS_MS_SSL_RX_DELAY) / - lws_stats_get(context, - LWSSTATS_C_SSL_CONNS_HAD_RX)) / 1000); - - lwsl_notice("LWSSTATS_MS_WRITABLE_DELAY: %8lluus\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_MS_WRITABLE_DELAY)); - lwsl_notice("LWSSTATS_MS_WORST_WRITABLE_DELAY: %8lluus\n", - (unsigned long long)lws_stats_get(context, - LWSSTATS_MS_WORST_WRITABLE_DELAY)); - if (lws_stats_get(context, LWSSTATS_C_WRITEABLE_CB)) - lwsl_notice(" Avg writable delay: %8lluus\n", - (unsigned long long)(lws_stats_get(context, - LWSSTATS_MS_WRITABLE_DELAY) / - lws_stats_get(context, LWSSTATS_C_WRITEABLE_CB))); - lwsl_notice("Simultaneous SSL restriction: %8d/%d\n", - context->simultaneous_ssl, - context->simultaneous_ssl_restriction); - - lwsl_notice("Live wsi: %8d\n", - context->count_wsi_allocated); - - context->updated = 1; - - while (v) { - if (v->lserv_wsi && - v->lserv_wsi->position_in_fds_table != LWS_NO_FDS_POS) { - - struct lws_context_per_thread *pt = - &context->pt[(int)v->lserv_wsi->tsi]; - struct lws_pollfd *pfd; - - pfd = &pt->fds[v->lserv_wsi->position_in_fds_table]; - - lwsl_notice(" Listen port %d actual POLLIN: %d\n", - v->listen_port, - (int)pfd->events & LWS_POLLIN); - } - - v = v->vhost_next; - } - - for (n = 0; n < context->count_threads; n++) { - struct lws_context_per_thread *pt = &context->pt[n]; - struct lws *wl; - int m = 0; - - lwsl_notice("PT %d\n", n + 1); - - lws_pt_lock(pt, __func__); - - lwsl_notice(" AH in use / max: %d / %d\n", - pt->http.ah_count_in_use, - context->max_http_header_pool); - - wl = pt->http.ah_wait_list; - while (wl) { - m++; - wl = wl->http.ah_wait_list; - } - - lwsl_notice(" AH wait list count / actual: %d / %d\n", - pt->http.ah_wait_list_length, m); - - lws_pt_unlock(pt); - } - -#if defined(LWS_WITH_PEER_LIMITS) - m = 0; - for (n = 0; n < (int)context->pl_hash_elements; n++) { - lws_start_foreach_llp(struct lws_peer **, peer, - context->pl_hash_table[n]) { - m++; - } lws_end_foreach_llp(peer, next); - } - - lwsl_notice(" Peers: total active %d\n", m); - if (m > 10) { - m = 10; - lwsl_notice(" (showing 10 peers only)\n"); - } - - if (m) { - for (n = 0; n < (int)context->pl_hash_elements; n++) { - char buf[72]; - - lws_start_foreach_llp(struct lws_peer **, peer, - context->pl_hash_table[n]) { - struct lws_peer *df = *peer; - - if (!lws_plat_inet_ntop(df->af, df->addr, buf, - sizeof(buf) - 1)) - strcpy(buf, "unknown"); -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - lwsl_notice(" peer %s: count wsi: %d, count ah: %d\n", - buf, df->count_wsi, - df->http.count_ah); -#else - lwsl_notice(" peer %s: count wsi: %d\n", - buf, df->count_wsi); -#endif - - if (!--m) - break; - } lws_end_foreach_llp(peer, next); - } - } -#endif - - lwsl_notice("\n"); -} - -void -lws_stats_atomic_bump(struct lws_context * context, - struct lws_context_per_thread *pt, int index, uint64_t bump) -{ - lws_pt_stats_lock(pt); - context->lws_stats[index] += bump; - if (index != LWSSTATS_C_SERVICE_ENTRY) - context->updated = 1; - lws_pt_stats_unlock(pt); -} - -void -lws_stats_atomic_max(struct lws_context * context, - struct lws_context_per_thread *pt, int index, uint64_t val) -{ - lws_pt_stats_lock(pt); - if (val > context->lws_stats[index]) { - context->lws_stats[index] = val; - context->updated = 1; - } - lws_pt_stats_unlock(pt); -} - -#endif - diff --git a/thirdparty/libwebsockets/lib/core/output.c b/thirdparty/libwebsockets/lib/core/output.c deleted file mode 100644 index 49d289db40..0000000000 --- a/thirdparty/libwebsockets/lib/core/output.c +++ /dev/null @@ -1,323 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -/* - * notice this returns number of bytes consumed, or -1 - */ -int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len) -{ - struct lws_context *context = lws_get_context(wsi); - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - size_t real_len = len; - unsigned int n, m; - - // lwsl_notice("%s: len %d\n", __func__, (int)len); - // lwsl_hexdump_level(LLL_NOTICE, buf, len); - - /* - * Detect if we got called twice without going through the - * event loop to handle pending. Since that guarantees extending any - * existing buflist_out it's inefficient. - */ - if (0 && buf && wsi->could_have_pending) { - lwsl_hexdump_level(LLL_INFO, buf, len); - lwsl_info("** %p: vh: %s, prot: %s, role %s: " - "Inefficient back-to-back write of %lu detected...\n", - wsi, wsi->vhost->name, wsi->protocol->name, - wsi->role_ops->name, - (unsigned long)len); - } - - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_WRITE, 1); - - /* just ignore sends after we cleared the truncation buffer */ - if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE && - !lws_has_buffered_out(wsi) -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - && !wsi->http.comp_ctx.may_have_more -#endif - ) - return (int)len; - - if (buf && lws_has_buffered_out(wsi)) { - lwsl_info("** %p: vh: %s, prot: %s, incr buflist_out by %lu\n", - wsi, wsi->vhost->name, wsi->protocol->name, - (unsigned long)len); - - /* - * already buflist ahead of this, add it on the tail of the - * buflist, then ignore it for now and act like we're flushing - * the buflist... - */ - - lws_buflist_append_segment(&wsi->buflist_out, buf, len); - - buf = NULL; - len = 0; - } - - if (wsi->buflist_out) { - /* we have to drain the earliest buflist_out stuff first */ - - len = lws_buflist_next_segment_len(&wsi->buflist_out, &buf); - real_len = len; - - lwsl_debug("%s: draining %d\n", __func__, (int)len); - } - - if (!len || !buf) - return 0; - - if (!wsi->http2_substream && !lws_socket_is_valid(wsi->desc.sockfd)) - lwsl_warn("** error invalid sock but expected to send\n"); - - /* limit sending */ - if (wsi->protocol->tx_packet_size) - n = (int)wsi->protocol->tx_packet_size; - else { - n = (int)wsi->protocol->rx_buffer_size; - if (!n) - n = context->pt_serv_buf_size; - } - n += LWS_PRE + 4; - if (n > len) - n = (int)len; - - /* nope, send it on the socket directly */ - lws_latency_pre(context, wsi); - m = lws_ssl_capable_write(wsi, buf, n); - lws_latency(context, wsi, "send lws_issue_raw", n, n == m); - - lwsl_info("%s: ssl_capable_write (%d) says %d\n", __func__, n, m); - - /* something got written, it can have been truncated now */ - wsi->could_have_pending = 1; - - switch (m) { - case LWS_SSL_CAPABLE_ERROR: - /* we're going to close, let close know sends aren't possible */ - wsi->socket_is_permanently_unusable = 1; - return -1; - case LWS_SSL_CAPABLE_MORE_SERVICE: - /* - * nothing got sent, not fatal. Retry the whole thing later, - * ie, implying treat it was a truncated send so it gets - * retried - */ - m = 0; - break; - } - - /* - * we were sending this from buflist_out? Then not sending everything - * is a small matter of advancing ourselves only by the amount we did - * send in the buflist. - */ - if (lws_has_buffered_out(wsi)) { - if (m) { - lwsl_info("%p partial adv %d (vs %ld)\n", wsi, m, - (long)real_len); - lws_buflist_use_segment(&wsi->buflist_out, m); - } - - if (!lws_has_buffered_out(wsi)) { - lwsl_info("%s: wsi %p: buflist_out flushed\n", - __func__, wsi); - - m = (int)real_len; - if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE) { - lwsl_info("*%p signalling to close now\n", wsi); - return -1; /* retry closing now */ - } - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) -#if !defined(LWS_WITHOUT_SERVER) - if (wsi->http.deferred_transaction_completed) { - lwsl_notice("%s: partial completed, doing " - "deferred transaction completed\n", - __func__); - wsi->http.deferred_transaction_completed = 0; - return lws_http_transaction_completed(wsi) ? - -1 : (int)real_len; - } -#endif -#endif - } - /* always callback on writeable */ - lws_callback_on_writable(wsi); - - return m; - } - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - if (wsi->http.comp_ctx.may_have_more) - lws_callback_on_writable(wsi); -#endif - - if (m == real_len) - /* what we just sent went out cleanly */ - return m; - - /* - * We were not able to send everything... and we were not sending from - * an existing buflist_out. So we are starting a fresh buflist_out, by - * buffering the unsent remainder on it. - * (it will get first priority next time the socket is writable). - */ - lwsl_debug("%p new partial sent %d from %lu total\n", wsi, m, - (unsigned long)real_len); - - lws_buflist_append_segment(&wsi->buflist_out, buf + m, real_len - m); - - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITE_PARTIALS, 1); - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_B_PARTIALS_ACCEPTED_PARTS, m); - -#if !defined(LWS_WITH_ESP32) - if (lws_wsi_is_udp(wsi)) { - /* stash original destination for fulfilling UDP partials */ - wsi->udp->sa_pending = wsi->udp->sa; - wsi->udp->salen_pending = wsi->udp->salen; - } -#endif - - /* since something buffered, force it to get another chance to send */ - lws_callback_on_writable(wsi); - - return (int)real_len; -} - -LWS_VISIBLE int lws_write(struct lws *wsi, unsigned char *buf, size_t len, - enum lws_write_protocol wp) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_LWS_WRITE, 1); - - if ((int)len < 0) { - lwsl_err("%s: suspicious len int %d, ulong %lu\n", __func__, - (int)len, (unsigned long)len); - return -1; - } - - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_B_WRITE, len); - -#ifdef LWS_WITH_ACCESS_LOG - wsi->http.access_log.sent += len; -#endif - if (wsi->vhost) - wsi->vhost->conn_stats.tx += len; - - assert(wsi->role_ops); - if (!wsi->role_ops->write_role_protocol) - return lws_issue_raw(wsi, buf, len); - - return wsi->role_ops->write_role_protocol(wsi, buf, len, &wp); -} - -LWS_VISIBLE int -lws_ssl_capable_read_no_ssl(struct lws *wsi, unsigned char *buf, int len) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - int n = 0; - - lws_stats_atomic_bump(context, pt, LWSSTATS_C_API_READ, 1); - - if (lws_wsi_is_udp(wsi)) { -#if !defined(LWS_WITH_ESP32) - wsi->udp->salen = sizeof(wsi->udp->sa); - n = recvfrom(wsi->desc.sockfd, (char *)buf, len, 0, - &wsi->udp->sa, &wsi->udp->salen); -#endif - } else - n = recv(wsi->desc.sockfd, (char *)buf, len, 0); - - if (n >= 0) { - - if (!n && wsi->unix_skt) - return LWS_SSL_CAPABLE_ERROR; - - if (wsi->vhost) - wsi->vhost->conn_stats.rx += n; - lws_stats_atomic_bump(context, pt, LWSSTATS_B_READ, n); - - return n; - } - - if (LWS_ERRNO == LWS_EAGAIN || - LWS_ERRNO == LWS_EWOULDBLOCK || - LWS_ERRNO == LWS_EINTR) - return LWS_SSL_CAPABLE_MORE_SERVICE; - - lwsl_info("error on reading from skt : %d\n", LWS_ERRNO); - return LWS_SSL_CAPABLE_ERROR; -} - -LWS_VISIBLE int -lws_ssl_capable_write_no_ssl(struct lws *wsi, unsigned char *buf, int len) -{ - int n = 0; - - if (lws_wsi_is_udp(wsi)) { -#if !defined(LWS_WITH_ESP32) - if (lws_has_buffered_out(wsi)) - n = sendto(wsi->desc.sockfd, (const char *)buf, - len, 0, &wsi->udp->sa_pending, - wsi->udp->salen_pending); - else - n = sendto(wsi->desc.sockfd, (const char *)buf, - len, 0, &wsi->udp->sa, wsi->udp->salen); -#endif - } else - n = send(wsi->desc.sockfd, (char *)buf, len, MSG_NOSIGNAL); -// lwsl_info("%s: sent len %d result %d", __func__, len, n); - if (n >= 0) - return n; - - if (LWS_ERRNO == LWS_EAGAIN || - LWS_ERRNO == LWS_EWOULDBLOCK || - LWS_ERRNO == LWS_EINTR) { - if (LWS_ERRNO == LWS_EWOULDBLOCK) { - lws_set_blocking_send(wsi); - } - - return LWS_SSL_CAPABLE_MORE_SERVICE; - } - - lwsl_debug("ERROR writing len %d to skt fd %d err %d / errno %d\n", - len, wsi->desc.sockfd, n, LWS_ERRNO); - - return LWS_SSL_CAPABLE_ERROR; -} - -LWS_VISIBLE int -lws_ssl_pending_no_ssl(struct lws *wsi) -{ - (void)wsi; -#if defined(LWS_WITH_ESP32) - return 100; -#else - return 0; -#endif -} diff --git a/thirdparty/libwebsockets/lib/core/pollfd.c b/thirdparty/libwebsockets/lib/core/pollfd.c deleted file mode 100644 index 834298577a..0000000000 --- a/thirdparty/libwebsockets/lib/core/pollfd.c +++ /dev/null @@ -1,566 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -int -_lws_change_pollfd(struct lws *wsi, int _and, int _or, struct lws_pollargs *pa) -{ -#if !defined(LWS_WITH_LIBUV) && !defined(LWS_WITH_LIBEV) && !defined(LWS_WITH_LIBEVENT) - volatile struct lws_context_per_thread *vpt; -#endif - struct lws_context_per_thread *pt; - struct lws_context *context; - int ret = 0, pa_events = 1; - struct lws_pollfd *pfd; - int sampled_tid, tid; - - if (!wsi) - return 0; - - assert(wsi->position_in_fds_table == LWS_NO_FDS_POS || - wsi->position_in_fds_table >= 0); - - if (wsi->position_in_fds_table == LWS_NO_FDS_POS) - return 0; - - if (((volatile struct lws *)wsi)->handling_pollout && - !_and && _or == LWS_POLLOUT) { - /* - * Happening alongside service thread handling POLLOUT. - * The danger is when he is finished, he will disable POLLOUT, - * countermanding what we changed here. - * - * Instead of changing the fds, inform the service thread - * what happened, and ask it to leave POLLOUT active on exit - */ - ((volatile struct lws *)wsi)->leave_pollout_active = 1; - /* - * by definition service thread is not in poll wait, so no need - * to cancel service - */ - - lwsl_debug("%s: using leave_pollout_active\n", __func__); - - return 0; - } - - context = wsi->context; - pt = &context->pt[(int)wsi->tsi]; - - assert(wsi->position_in_fds_table < (int)pt->fds_count); - -#if !defined(LWS_WITH_LIBUV) && \ - !defined(LWS_WITH_LIBEV) && \ - !defined(LWS_WITH_LIBEVENT) - /* - * This only applies when we use the default poll() event loop. - * - * BSD can revert pa->events at any time, when the kernel decides to - * exit from poll(). We can't protect against it using locking. - * - * Therefore we must check first if the service thread is in poll() - * wait; if so, we know we must be being called from a foreign thread, - * and we must keep a strictly ordered list of changes we made instead - * of trying to apply them, since when poll() exits, which may happen - * at any time it would revert our changes. - * - * The plat code will apply them when it leaves the poll() wait - * before doing anything else. - */ - - vpt = (volatile struct lws_context_per_thread *)pt; - - vpt->foreign_spinlock = 1; - lws_memory_barrier(); - - if (vpt->inside_poll) { - struct lws_foreign_thread_pollfd *ftp, **ftp1; - /* - * We are certainly a foreign thread trying to change events - * while the service thread is in the poll() wait. - * - * Create a list of changes to be applied after poll() exit, - * instead of trying to apply them now. - */ - ftp = lws_malloc(sizeof(*ftp), "ftp"); - if (!ftp) { - vpt->foreign_spinlock = 0; - lws_memory_barrier(); - ret = -1; - goto bail; - } - - ftp->_and = _and; - ftp->_or = _or; - ftp->fd_index = wsi->position_in_fds_table; - ftp->next = NULL; - - /* place at END of list to maintain order */ - ftp1 = (struct lws_foreign_thread_pollfd **) - &vpt->foreign_pfd_list; - while (*ftp1) - ftp1 = &((*ftp1)->next); - - *ftp1 = ftp; - vpt->foreign_spinlock = 0; - lws_memory_barrier(); - lws_cancel_service_pt(wsi); - - return 0; - } - - vpt->foreign_spinlock = 0; - lws_memory_barrier(); -#endif - - pfd = &pt->fds[wsi->position_in_fds_table]; - pa->fd = wsi->desc.sockfd; - lwsl_debug("%s: wsi %p: fd %d events %d -> %d\n", __func__, wsi, - pa->fd, pfd->events, (pfd->events & ~_and) | _or); - pa->prev_events = pfd->events; - pa->events = pfd->events = (pfd->events & ~_and) | _or; - - if (wsi->http2_substream) - return 0; - - if (wsi->vhost && - wsi->vhost->protocols[0].callback(wsi, - LWS_CALLBACK_CHANGE_MODE_POLL_FD, - wsi->user_space, (void *)pa, 0)) { - ret = -1; - goto bail; - } - - if (context->event_loop_ops->io) { - if (_and & LWS_POLLIN) - context->event_loop_ops->io(wsi, - LWS_EV_STOP | LWS_EV_READ); - - if (_or & LWS_POLLIN) - context->event_loop_ops->io(wsi, - LWS_EV_START | LWS_EV_READ); - - if (_and & LWS_POLLOUT) - context->event_loop_ops->io(wsi, - LWS_EV_STOP | LWS_EV_WRITE); - - if (_or & LWS_POLLOUT) - context->event_loop_ops->io(wsi, - LWS_EV_START | LWS_EV_WRITE); - } - - /* - * if we changed something in this pollfd... - * ... and we're running in a different thread context - * than the service thread... - * ... and the service thread is waiting ... - * then cancel it to force a restart with our changed events - */ - pa_events = pa->prev_events != pa->events; - - if (pa_events) { - if (lws_plat_change_pollfd(context, wsi, pfd)) { - lwsl_info("%s failed\n", __func__); - ret = -1; - goto bail; - } - sampled_tid = pt->service_tid; - if (sampled_tid && wsi->vhost) { - tid = wsi->vhost->protocols[0].callback(wsi, - LWS_CALLBACK_GET_THREAD_ID, NULL, NULL, 0); - if (tid == -1) { - ret = -1; - goto bail; - } - if (tid != sampled_tid) - lws_cancel_service_pt(wsi); - } - } - -bail: - return ret; -} - -#ifndef LWS_NO_SERVER -/* - * Enable or disable listen sockets on this pt globally... - * it's modulated according to the pt having space for a new accept. - */ -static void -lws_accept_modulation(struct lws_context *context, - struct lws_context_per_thread *pt, int allow) -{ - struct lws_vhost *vh = context->vhost_list; - struct lws_pollargs pa1; - - while (vh) { - if (vh->lserv_wsi) { - if (allow) - _lws_change_pollfd(vh->lserv_wsi, - 0, LWS_POLLIN, &pa1); - else - _lws_change_pollfd(vh->lserv_wsi, - LWS_POLLIN, 0, &pa1); - } - vh = vh->vhost_next; - } -} -#endif - -int -__insert_wsi_socket_into_fds(struct lws_context *context, struct lws *wsi) -{ - struct lws_pollargs pa = { wsi->desc.sockfd, LWS_POLLIN, 0 }; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - int ret = 0; - - - lwsl_debug("%s: %p: tsi=%d, sock=%d, pos-in-fds=%d\n", - __func__, wsi, wsi->tsi, wsi->desc.sockfd, pt->fds_count); - - if ((unsigned int)pt->fds_count >= context->fd_limit_per_thread) { - lwsl_err("Too many fds (%d vs %d)\n", context->max_fds, - context->fd_limit_per_thread ); - return 1; - } - -#if !defined(_WIN32) - if (wsi->desc.sockfd - lws_plat_socket_offset() >= context->max_fds) { - lwsl_err("Socket fd %d is too high (%d) offset %d\n", - wsi->desc.sockfd, context->max_fds, - lws_plat_socket_offset()); - return 1; - } -#endif - - assert(wsi); - assert(wsi->event_pipe || wsi->vhost); - assert(lws_socket_is_valid(wsi->desc.sockfd)); - - if (wsi->vhost && - wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_LOCK_POLL, - wsi->user_space, (void *) &pa, 1)) - return -1; - - pt->count_conns++; - insert_wsi(context, wsi); - wsi->position_in_fds_table = pt->fds_count; - - pt->fds[wsi->position_in_fds_table].fd = wsi->desc.sockfd; - pt->fds[wsi->position_in_fds_table].events = LWS_POLLIN; - pa.events = pt->fds[pt->fds_count].events; - - lws_plat_insert_socket_into_fds(context, wsi); - - /* external POLL support via protocol 0 */ - if (wsi->vhost && - wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_ADD_POLL_FD, - wsi->user_space, (void *) &pa, 0)) - ret = -1; -#ifndef LWS_NO_SERVER - /* if no more room, defeat accepts on this thread */ - if ((unsigned int)pt->fds_count == context->fd_limit_per_thread - 1) - lws_accept_modulation(context, pt, 0); -#endif - - if (wsi->vhost && - wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_UNLOCK_POLL, - wsi->user_space, (void *)&pa, 1)) - ret = -1; - - return ret; -} - -int -__remove_wsi_socket_from_fds(struct lws *wsi) -{ - struct lws_context *context = wsi->context; - struct lws_pollargs pa = { wsi->desc.sockfd, 0, 0 }; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - struct lws *end_wsi; - int v; - int m, ret = 0; - -#if !defined(_WIN32) - if (wsi->desc.sockfd - lws_plat_socket_offset() > context->max_fds) { - lwsl_err("fd %d too high (%d)\n", wsi->desc.sockfd, - context->max_fds); - return 1; - } -#endif - - if (wsi->vhost && - wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_LOCK_POLL, - wsi->user_space, (void *)&pa, 1)) - return -1; - - lws_same_vh_protocol_remove(wsi); - - /* the guy who is to be deleted's slot index in pt->fds */ - m = wsi->position_in_fds_table; - - /* these are the only valid possibilities for position_in_fds_table */ - assert(m == LWS_NO_FDS_POS || (m >= 0 && - (unsigned int)m < pt->fds_count)); - - if (context->event_loop_ops->io) - context->event_loop_ops->io(wsi, - LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE | - LWS_EV_PREPARE_DELETION); - - lwsl_debug("%s: wsi=%p, skt=%d, fds pos=%d, end guy pos=%d, endfd=%d\n", - __func__, wsi, wsi->desc.sockfd, wsi->position_in_fds_table, - pt->fds_count, pt->fds[pt->fds_count].fd); - - if (m != LWS_NO_FDS_POS) { - - /* have the last guy take up the now vacant slot */ - pt->fds[m] = pt->fds[pt->fds_count - 1]; - /* this decrements pt->fds_count */ - lws_plat_delete_socket_from_fds(context, wsi, m); - pt->count_conns--; - v = (int) pt->fds[m].fd; - /* end guy's "position in fds table" is now the deletion - * guy's old one */ - end_wsi = wsi_from_fd(context, v); - if (!end_wsi) { - lwsl_err("no wsi for fd %d pos %d, pt->fds_count=%d\n", - (int)pt->fds[m].fd, m, pt->fds_count); - assert(0); - } else - end_wsi->position_in_fds_table = m; - - /* deletion guy's lws_lookup entry needs nuking */ - delete_from_fd(context, wsi->desc.sockfd); - - /* removed wsi has no position any more */ - wsi->position_in_fds_table = LWS_NO_FDS_POS; - } - - /* remove also from external POLL support via protocol 0 */ - if (lws_socket_is_valid(wsi->desc.sockfd) && wsi->vhost && - wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_DEL_POLL_FD, - wsi->user_space, (void *) &pa, 0)) - ret = -1; - -#ifndef LWS_NO_SERVER - if (!context->being_destroyed && - /* if this made some room, accept connects on this thread */ - (unsigned int)pt->fds_count < context->fd_limit_per_thread - 1) - lws_accept_modulation(context, pt, 1); -#endif - - if (wsi->vhost && - wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_UNLOCK_POLL, - wsi->user_space, (void *) &pa, 1)) - ret = -1; - - return ret; -} - -int -__lws_change_pollfd(struct lws *wsi, int _and, int _or) -{ - struct lws_context *context; - struct lws_pollargs pa; - int ret = 0; - - if (!wsi || (!wsi->protocol && !wsi->event_pipe) || - wsi->position_in_fds_table == LWS_NO_FDS_POS) - return 0; - - context = lws_get_context(wsi); - if (!context) - return 1; - - if (wsi->vhost && - wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_LOCK_POLL, - wsi->user_space, (void *) &pa, 0)) - return -1; - - ret = _lws_change_pollfd(wsi, _and, _or, &pa); - if (wsi->vhost && - wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_UNLOCK_POLL, - wsi->user_space, (void *) &pa, 0)) - ret = -1; - - return ret; -} - -int -lws_change_pollfd(struct lws *wsi, int _and, int _or) -{ - struct lws_context_per_thread *pt; - int ret = 0; - - pt = &wsi->context->pt[(int)wsi->tsi]; - - lws_pt_lock(pt, __func__); - ret = __lws_change_pollfd(wsi, _and, _or); - lws_pt_unlock(pt); - - return ret; -} - -LWS_VISIBLE int -lws_callback_on_writable(struct lws *wsi) -{ - struct lws_context_per_thread *pt; - - if (lwsi_state(wsi) == LRS_SHUTDOWN) - return 0; - - if (wsi->socket_is_permanently_unusable) - return 0; - - pt = &wsi->context->pt[(int)wsi->tsi]; - - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITEABLE_CB_REQ, 1); -#if defined(LWS_WITH_STATS) - if (!wsi->active_writable_req_us) { - wsi->active_writable_req_us = lws_time_in_microseconds(); - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_WRITEABLE_CB_EFF_REQ, 1); - } -#endif - - - if (wsi->role_ops->callback_on_writable) { - if (wsi->role_ops->callback_on_writable(wsi)) - return 1; - wsi = lws_get_network_wsi(wsi); - } - - if (wsi->position_in_fds_table == LWS_NO_FDS_POS) { - lwsl_debug("%s: failed to find socket %d\n", __func__, - wsi->desc.sockfd); - return -1; - } - - if (__lws_change_pollfd(wsi, 0, LWS_POLLOUT)) - return -1; - - return 1; -} - - -/* - * stitch protocol choice into the vh protocol linked list - * We always insert ourselves at the start of the list - * - * X <-> B - * X <-> pAn <-> pB - * - * Illegal to attach more than once without detach inbetween - */ -void -lws_same_vh_protocol_insert(struct lws *wsi, int n) -{ - lws_vhost_lock(wsi->vhost); - - if (!lws_dll_is_null(&wsi->same_vh_protocol)) - lws_dll_lws_remove(&wsi->same_vh_protocol); - - lws_dll_lws_add_front(&wsi->same_vh_protocol, - &wsi->vhost->same_vh_protocol_heads[n]); - - lws_vhost_unlock(wsi->vhost); -} - -void -__lws_same_vh_protocol_remove(struct lws *wsi) -{ - if (!lws_dll_is_null(&wsi->same_vh_protocol)) - lws_dll_lws_remove(&wsi->same_vh_protocol); -} - -void -lws_same_vh_protocol_remove(struct lws *wsi) -{ - if (!wsi->vhost) - return; - - lws_vhost_lock(wsi->vhost); - - __lws_same_vh_protocol_remove(wsi); - - lws_vhost_unlock(wsi->vhost); -} - - -LWS_VISIBLE int -lws_callback_on_writable_all_protocol_vhost(const struct lws_vhost *vhost, - const struct lws_protocols *protocol) -{ - struct lws *wsi; - int n; - - if (protocol < vhost->protocols || - protocol >= (vhost->protocols + vhost->count_protocols)) { - lwsl_err("%s: protocol %p is not from vhost %p (%p - %p)\n", - __func__, protocol, vhost->protocols, vhost, - (vhost->protocols + vhost->count_protocols)); - - return -1; - } - - n = (int)(protocol - vhost->protocols); - - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - vhost->same_vh_protocol_heads[n].next) { - wsi = lws_container_of(d, struct lws, same_vh_protocol); - - assert(wsi->protocol == protocol); - lws_callback_on_writable(wsi); - - } lws_end_foreach_dll_safe(d, d1); - - return 0; -} - -LWS_VISIBLE int -lws_callback_on_writable_all_protocol(const struct lws_context *context, - const struct lws_protocols *protocol) -{ - struct lws_vhost *vhost; - int n; - - if (!context) - return 0; - - vhost = context->vhost_list; - - while (vhost) { - for (n = 0; n < vhost->count_protocols; n++) - if (protocol->callback == - vhost->protocols[n].callback && - !strcmp(protocol->name, vhost->protocols[n].name)) - break; - if (n != vhost->count_protocols) - lws_callback_on_writable_all_protocol_vhost( - vhost, &vhost->protocols[n]); - - vhost = vhost->vhost_next; - } - - return 0; -} diff --git a/thirdparty/libwebsockets/lib/core/private.h b/thirdparty/libwebsockets/lib/core/private.h deleted file mode 100644 index c1a0a661b1..0000000000 --- a/thirdparty/libwebsockets/lib/core/private.h +++ /dev/null @@ -1,1573 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "lws_config.h" -#include "lws_config_private.h" - -#if defined(LWS_WITH_CGI) && defined(LWS_HAVE_VFORK) - #define _GNU_SOURCE -#endif - -#if defined(__COVERITY__) && !defined(LWS_COVERITY_WORKAROUND) - #define LWS_COVERITY_WORKAROUND - typedef float _Float32; - typedef float _Float64; - typedef float _Float128; - typedef float _Float32x; - typedef float _Float64x; - typedef float _Float128x; -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#ifdef LWS_HAVE_SYS_TYPES_H - #include -#endif -#ifdef LWS_HAVE_SYS_STAT_H - #include -#endif - -#if LWS_MAX_SMP > 1 - #include -#endif - -#ifndef LWS_DEF_HEADER_LEN -#define LWS_DEF_HEADER_LEN 4096 -#endif -#ifndef LWS_DEF_HEADER_POOL -#define LWS_DEF_HEADER_POOL 4 -#endif -#ifndef LWS_MAX_PROTOCOLS -#define LWS_MAX_PROTOCOLS 5 -#endif -#ifndef LWS_MAX_EXTENSIONS_ACTIVE -#define LWS_MAX_EXTENSIONS_ACTIVE 1 -#endif -#ifndef LWS_MAX_EXT_OFFERS -#define LWS_MAX_EXT_OFFERS 8 -#endif -#ifndef SPEC_LATEST_SUPPORTED -#define SPEC_LATEST_SUPPORTED 13 -#endif -#ifndef AWAITING_TIMEOUT -#define AWAITING_TIMEOUT 20 -#endif -#ifndef CIPHERS_LIST_STRING -#define CIPHERS_LIST_STRING "DEFAULT" -#endif -#ifndef LWS_SOMAXCONN -#define LWS_SOMAXCONN SOMAXCONN -#endif - -#define MAX_WEBSOCKET_04_KEY_LEN 128 - -#ifndef SYSTEM_RANDOM_FILEPATH -#define SYSTEM_RANDOM_FILEPATH "/dev/urandom" -#endif - -#define LWS_H2_RX_SCRATCH_SIZE 512 - -#define lws_socket_is_valid(x) (x != LWS_SOCK_INVALID) - -#ifndef LWS_HAVE_STRERROR - #define strerror(x) "" -#endif - - /* - * - * ------ private platform defines ------ - * - */ - -#if defined(LWS_WITH_ESP32) - #include "plat/esp32/private.h" -#else - #if defined(WIN32) || defined(_WIN32) - #include "plat/windows/private.h" - #else - #if defined(LWS_PLAT_OPTEE) - #include "plat/optee/private.h" - #else - #include "plat/unix/private.h" - #endif - #endif -#endif - -#ifndef LWS_HAVE_BZERO - #ifndef bzero - #define bzero(b, len) (memset((b), '\0', (len)), (void) 0) - #endif -#endif - - /* - * - * ------ public api ------ - * - */ - -#include "libwebsockets.h" - - -#include "tls/private.h" - -#if defined(WIN32) || defined(_WIN32) - // Visual studio older than 2015 and WIN_CE has only _stricmp - #if (defined(_MSC_VER) && _MSC_VER < 1900) || defined(_WIN32_WCE) - #define strcasecmp _stricmp - #elif !defined(__MINGW32__) - #define strcasecmp stricmp - #endif - #define getdtablesize() 30000 -#endif - -#ifndef LWS_ARRAY_SIZE -#define LWS_ARRAY_SIZE(x) (sizeof(x) / sizeof(x[0])) -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * All lws_tls...() functions must return this type, converting the - * native backend result and doing the extra work to determine which one - * as needed. - * - * Native TLS backend return codes are NOT ALLOWED outside the backend. - * - * Non-SSL mode also uses these types. - */ -enum lws_ssl_capable_status { - LWS_SSL_CAPABLE_ERROR = -1, /* it failed */ - LWS_SSL_CAPABLE_DONE = 0, /* it succeeded */ - LWS_SSL_CAPABLE_MORE_SERVICE_READ = -2, /* retry WANT_READ */ - LWS_SSL_CAPABLE_MORE_SERVICE_WRITE = -3, /* retry WANT_WRITE */ - LWS_SSL_CAPABLE_MORE_SERVICE = -4, /* general retry */ -}; - -#if defined(__clang__) -#define lws_memory_barrier() __sync_synchronize() -#elif defined(__GNUC__) -#define lws_memory_barrier() __sync_synchronize() -#else -#define lws_memory_barrier() -#endif - -/* - * - * ------ roles ------ - * - */ - -#include "roles/private.h" - -/* null-terminated array of pointers to roles lws built with */ -extern const struct lws_role_ops *available_roles[]; - -#define LWS_FOR_EVERY_AVAILABLE_ROLE_START(xx) { \ - const struct lws_role_ops **ppxx = available_roles; \ - while (*ppxx) { \ - const struct lws_role_ops *xx = *ppxx++; - -#define LWS_FOR_EVERY_AVAILABLE_ROLE_END }} - -/* - * - * ------ event_loop ops ------ - * - */ - -#include "event-libs/private.h" - -/* enums of socks version */ -enum socks_version { - SOCKS_VERSION_4 = 4, - SOCKS_VERSION_5 = 5 -}; - -/* enums of subnegotiation version */ -enum socks_subnegotiation_version { - SOCKS_SUBNEGOTIATION_VERSION_1 = 1, -}; - -/* enums of socks commands */ -enum socks_command { - SOCKS_COMMAND_CONNECT = 1, - SOCKS_COMMAND_BIND = 2, - SOCKS_COMMAND_UDP_ASSOCIATE = 3 -}; - -/* enums of socks address type */ -enum socks_atyp { - SOCKS_ATYP_IPV4 = 1, - SOCKS_ATYP_DOMAINNAME = 3, - SOCKS_ATYP_IPV6 = 4 -}; - -/* enums of socks authentication methods */ -enum socks_auth_method { - SOCKS_AUTH_NO_AUTH = 0, - SOCKS_AUTH_GSSAPI = 1, - SOCKS_AUTH_USERNAME_PASSWORD = 2 -}; - -/* enums of subnegotiation status */ -enum socks_subnegotiation_status { - SOCKS_SUBNEGOTIATION_STATUS_SUCCESS = 0, -}; - -/* enums of socks request reply */ -enum socks_request_reply { - SOCKS_REQUEST_REPLY_SUCCESS = 0, - SOCKS_REQUEST_REPLY_FAILURE_GENERAL = 1, - SOCKS_REQUEST_REPLY_CONNECTION_NOT_ALLOWED = 2, - SOCKS_REQUEST_REPLY_NETWORK_UNREACHABLE = 3, - SOCKS_REQUEST_REPLY_HOST_UNREACHABLE = 4, - SOCKS_REQUEST_REPLY_CONNECTION_REFUSED = 5, - SOCKS_REQUEST_REPLY_TTL_EXPIRED = 6, - SOCKS_REQUEST_REPLY_COMMAND_NOT_SUPPORTED = 7, - SOCKS_REQUEST_REPLY_ATYP_NOT_SUPPORTED = 8 -}; - -/* enums used to generate socks messages */ -enum socks_msg_type { - /* greeting */ - SOCKS_MSG_GREETING, - /* credential, user name and password */ - SOCKS_MSG_USERNAME_PASSWORD, - /* connect command */ - SOCKS_MSG_CONNECT -}; - -enum { - LWS_RXFLOW_ALLOW = (1 << 0), - LWS_RXFLOW_PENDING_CHANGE = (1 << 1), -}; - -struct lws_ring { - void *buf; - void (*destroy_element)(void *element); - uint32_t buflen; - uint32_t element_len; - uint32_t head; - uint32_t oldest_tail; -}; - -struct lws_protocols; -struct lws; - -struct lws_io_watcher { -#ifdef LWS_WITH_LIBEV - struct lws_io_watcher_libev ev; -#endif -#ifdef LWS_WITH_LIBUV - struct lws_io_watcher_libuv uv; -#endif -#ifdef LWS_WITH_LIBEVENT - struct lws_io_watcher_libevent event; -#endif - struct lws_context *context; - - uint8_t actual_events; -}; - -struct lws_signal_watcher { -#ifdef LWS_WITH_LIBEV - struct lws_signal_watcher_libev ev; -#endif -#ifdef LWS_WITH_LIBUV - struct lws_signal_watcher_libuv uv; -#endif -#ifdef LWS_WITH_LIBEVENT - struct lws_signal_watcher_libevent event; -#endif - struct lws_context *context; -}; - -struct lws_foreign_thread_pollfd { - struct lws_foreign_thread_pollfd *next; - int fd_index; - int _and; - int _or; -}; - -#if LWS_MAX_SMP > 1 - -struct lws_mutex_refcount { - pthread_mutex_t lock; - pthread_t lock_owner; - const char *last_lock_reason; - char lock_depth; - char metadata; -}; - -void -lws_mutex_refcount_init(struct lws_mutex_refcount *mr); - -void -lws_mutex_refcount_destroy(struct lws_mutex_refcount *mr); - -void -lws_mutex_refcount_lock(struct lws_mutex_refcount *mr, const char *reason); - -void -lws_mutex_refcount_unlock(struct lws_mutex_refcount *mr); -#endif - -#define LWS_HRTIMER_NOWAIT (0x7fffffffffffffffll) - -/* - * so we can have n connections being serviced simultaneously, - * these things need to be isolated per-thread. - */ - -struct lws_context_per_thread { -#if LWS_MAX_SMP > 1 - pthread_mutex_t lock_stats; - struct lws_mutex_refcount mr; - pthread_t self; -#endif - - struct lws_context *context; - - /* - * usable by anything in the service code, but only if the scope - * does not last longer than the service action (since next service - * of any socket can likewise use it and overwrite) - */ - unsigned char *serv_buf; - - struct lws_dll_lws dll_head_timeout; - struct lws_dll_lws dll_head_hrtimer; - struct lws_dll_lws dll_head_buflist; /* guys with pending rxflow */ - -#if defined(LWS_WITH_TLS) - struct lws_pt_tls tls; -#endif - - struct lws_pollfd *fds; - volatile struct lws_foreign_thread_pollfd * volatile foreign_pfd_list; -#ifdef _WIN32 - WSAEVENT events; -#endif - lws_sockfd_type dummy_pipe_fds[2]; - struct lws *pipe_wsi; - - /* --- role based members --- */ - -#if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) - struct lws_pt_role_ws ws; -#endif -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - struct lws_pt_role_http http; -#endif -#if defined(LWS_ROLE_DBUS) - struct lws_pt_role_dbus dbus; -#endif - - /* --- event library based members --- */ - -#if defined(LWS_WITH_LIBEV) - struct lws_pt_eventlibs_libev ev; -#endif -#if defined(LWS_WITH_LIBUV) - struct lws_pt_eventlibs_libuv uv; -#endif -#if defined(LWS_WITH_LIBEVENT) - struct lws_pt_eventlibs_libevent event; -#endif - -#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || \ - defined(LWS_WITH_LIBEVENT) - struct lws_signal_watcher w_sigint; -#endif - - /* --- */ - - unsigned long count_conns; - unsigned int fds_count; - - /* - * set to the Thread ID that's doing the service loop just before entry - * to poll indicates service thread likely idling in poll() - * volatile because other threads may check it as part of processing - * for pollfd event change. - */ - volatile int service_tid; - int service_tid_detected; - - volatile unsigned char inside_poll; - volatile unsigned char foreign_spinlock; - - unsigned char tid; - - unsigned char inside_service:1; - unsigned char event_loop_foreign:1; - unsigned char event_loop_destroy_processing_done:1; -}; - -struct lws_conn_stats { - unsigned long long rx, tx; - unsigned long h1_conn, h1_trans, h2_trans, ws_upg, h2_alpn, h2_subs, - h2_upg, rejected; -}; - -void -lws_sum_stats(const struct lws_context *ctx, struct lws_conn_stats *cs); - -struct lws_timed_vh_protocol { - struct lws_timed_vh_protocol *next; - const struct lws_protocols *protocol; - struct lws_vhost *vhost; /* only used for pending processing */ - time_t time; - int reason; - int tsi_req; -}; - -/* - * virtual host -related context information - * vhostwide SSL context - * vhostwide proxy - * - * hierarchy: - * - * context -> vhost -> wsi - * - * incoming connection non-SSL vhost binding: - * - * listen socket -> wsi -> select vhost after first headers - * - * incoming connection SSL vhost binding: - * - * SSL SNI -> wsi -> bind after SSL negotiation - */ - - -struct lws_vhost { -#if !defined(LWS_WITHOUT_CLIENT) - char proxy_basic_auth_token[128]; -#endif -#if LWS_MAX_SMP > 1 - pthread_mutex_t lock; - char close_flow_vs_tsi[LWS_MAX_SMP]; -#endif - -#if defined(LWS_ROLE_H2) - struct lws_vhost_role_h2 h2; -#endif -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - struct lws_vhost_role_http http; -#endif -#if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) - struct lws_vhost_role_ws ws; -#endif - -#if defined(LWS_WITH_SOCKS5) - char socks_proxy_address[128]; - char socks_user[96]; - char socks_password[96]; -#endif -#if defined(LWS_WITH_LIBEV) - struct lws_io_watcher w_accept; -#endif - struct lws_conn_stats conn_stats; - struct lws_context *context; - struct lws_vhost *vhost_next; - - struct lws *lserv_wsi; - const char *name; - const char *iface; - - void (*finalize)(struct lws_vhost *vh, void *arg); - void *finalize_arg; - -#if !defined(LWS_WITH_ESP32) && !defined(OPTEE_TA) && !defined(WIN32) - int bind_iface; -#endif - const struct lws_protocols *protocols; - void **protocol_vh_privs; - const struct lws_protocol_vhost_options *pvo; - const struct lws_protocol_vhost_options *headers; - struct lws_dll_lws *same_vh_protocol_heads; - struct lws_vhost *no_listener_vhost_list; -#if !defined(LWS_NO_CLIENT) - struct lws_dll_lws dll_active_client_conns; -#endif - -#if defined(LWS_WITH_TLS) - struct lws_vhost_tls tls; -#endif - - struct lws_timed_vh_protocol *timed_vh_protocol_list; - void *user; - - int listen_port; - -#if defined(LWS_WITH_SOCKS5) - unsigned int socks_proxy_port; -#endif - unsigned int options; - int count_protocols; - int ka_time; - int ka_probes; - int ka_interval; - int keepalive_timeout; - int timeout_secs_ah_idle; - - int count_bound_wsi; - -#ifdef LWS_WITH_ACCESS_LOG - int log_fd; -#endif - - unsigned int created_vhost_protocols:1; - unsigned int being_destroyed:1; - - unsigned char default_protocol_index; - unsigned char raw_protocol_index; -}; - -void -lws_vhost_bind_wsi(struct lws_vhost *vh, struct lws *wsi); -void -lws_vhost_unbind_wsi(struct lws *wsi); -void -__lws_vhost_destroy2(struct lws_vhost *vh); - -struct lws_deferred_free -{ - struct lws_deferred_free *next; - time_t deadline; - void *payload; -}; - -typedef union { -#ifdef LWS_WITH_IPV6 - struct sockaddr_in6 sa6; -#endif - struct sockaddr_in sa4; -} sockaddr46; - - -#if defined(LWS_WITH_PEER_LIMITS) -struct lws_peer { - struct lws_peer *next; - struct lws_peer *peer_wait_list; - - time_t time_created; - time_t time_closed_all; - - uint8_t addr[32]; - uint32_t hash; - uint32_t count_wsi; - uint32_t total_wsi; - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - struct lws_peer_role_http http; -#endif - - uint8_t af; -}; -#endif - -/* - * the rest is managed per-context, that includes - * - * - processwide single fd -> wsi lookup - * - contextwide headers pool - */ - -struct lws_context { - time_t last_timeout_check_s; - time_t last_ws_ping_pong_check_s; - time_t time_up; - time_t time_discontiguity; - time_t time_fixup; - const struct lws_plat_file_ops *fops; - struct lws_plat_file_ops fops_platform; - struct lws_context **pcontext_finalize; - - const struct lws_tls_ops *tls_ops; - -#if defined(LWS_WITH_HTTP2) - struct http2_settings set; -#endif -#if defined(LWS_WITH_ZIP_FOPS) - struct lws_plat_file_ops fops_zip; -#endif - struct lws_context_per_thread pt[LWS_MAX_SMP]; - struct lws_conn_stats conn_stats; -#if LWS_MAX_SMP > 1 - struct lws_mutex_refcount mr; -#endif -#ifdef _WIN32 -/* different implementation between unix and windows */ - struct lws_fd_hashtable fd_hashtable[FD_HASHTABLE_MODULUS]; -#else - struct lws **lws_lookup; /* fd to wsi */ -#endif - struct lws_vhost *vhost_list; - struct lws_vhost *no_listener_vhost_list; - struct lws_vhost *vhost_pending_destruction_list; - struct lws_plugin *plugin_list; - struct lws_deferred_free *deferred_free_list; - -#if defined(LWS_WITH_THREADPOOL) - struct lws_threadpool *tp_list_head; -#endif - -#if defined(LWS_WITH_PEER_LIMITS) - struct lws_peer **pl_hash_table; - struct lws_peer *peer_wait_list; - time_t next_cull; -#endif - - void *external_baggage_free_on_destroy; - const struct lws_token_limits *token_limits; - void *user_space; - const struct lws_protocol_vhost_options *reject_service_keywords; - lws_reload_func deprecation_cb; - void (*eventlib_signal_cb)(void *event_lib_handle, int signum); - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - cap_value_t caps[4]; - char count_caps; -#endif - -#if defined(LWS_WITH_LIBEV) - struct lws_context_eventlibs_libev ev; -#endif -#if defined(LWS_WITH_LIBUV) - struct lws_context_eventlibs_libuv uv; -#endif -#if defined(LWS_WITH_LIBEVENT) - struct lws_context_eventlibs_libevent event; -#endif - struct lws_event_loop_ops *event_loop_ops; - - -#if defined(LWS_WITH_TLS) - struct lws_context_tls tls; -#endif - - char canonical_hostname[128]; - const char *server_string; - -#ifdef LWS_LATENCY - unsigned long worst_latency; - char worst_latency_info[256]; -#endif - -#if defined(LWS_WITH_STATS) - uint64_t lws_stats[LWSSTATS_SIZE]; - uint64_t last_dump; - int updated; -#endif -#if defined(LWS_WITH_ESP32) - unsigned long time_last_state_dump; - uint32_t last_free_heap; -#endif - - int max_fds; - int count_event_loop_static_asset_handles; - int started_with_parent; - int uid, gid; - - int fd_random; - - int count_wsi_allocated; - int count_cgi_spawned; - unsigned int options; - unsigned int fd_limit_per_thread; - unsigned int timeout_secs; - unsigned int pt_serv_buf_size; - int max_http_header_data; - int max_http_header_pool; - int simultaneous_ssl_restriction; - int simultaneous_ssl; -#if defined(LWS_WITH_PEER_LIMITS) - uint32_t pl_hash_elements; /* protected by context->lock */ - uint32_t count_peers; /* protected by context->lock */ - unsigned short ip_limit_ah; - unsigned short ip_limit_wsi; -#endif - unsigned int deprecated:1; - unsigned int being_destroyed:1; - unsigned int being_destroyed1:1; - unsigned int being_destroyed2:1; - unsigned int requested_kill:1; - unsigned int protocol_init_done:1; - unsigned int doing_protocol_init:1; - unsigned int done_protocol_destroy_cb:1; - unsigned int finalize_destroy_after_internal_loops_stopped:1; - - short count_threads; - short plugin_protocol_count; - short plugin_extension_count; - short server_string_len; - unsigned short ws_ping_pong_interval; - unsigned short deprecation_pending_listen_close_count; - - uint8_t max_fi; -}; - -int -lws_check_deferred_free(struct lws_context *context, int tsi, int force); - -#define lws_get_context_protocol(ctx, x) ctx->vhost_list->protocols[x] -#define lws_get_vh_protocol(vh, x) vh->protocols[x] - -LWS_EXTERN void -__lws_close_free_wsi_final(struct lws *wsi); -LWS_EXTERN void -lws_libuv_closehandle(struct lws *wsi); -LWS_EXTERN int -lws_libuv_check_watcher_active(struct lws *wsi); - -LWS_VISIBLE LWS_EXTERN int -lws_plat_plugins_init(struct lws_context * context, const char * const *d); - -LWS_VISIBLE LWS_EXTERN int -lws_plat_plugins_destroy(struct lws_context * context); - -LWS_EXTERN void -lws_restart_ws_ping_pong_timer(struct lws *wsi); - -struct lws * -lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd); - -int -lws_jws_base64_enc(const char *in, size_t in_len, char *out, size_t out_max); - -void -lws_vhost_destroy1(struct lws_vhost *vh); - -enum { - LWS_EV_READ = (1 << 0), - LWS_EV_WRITE = (1 << 1), - LWS_EV_START = (1 << 2), - LWS_EV_STOP = (1 << 3), - - LWS_EV_PREPARE_DELETION = (1u << 31), -}; - - -#if defined(LWS_WITH_ESP32) -LWS_EXTERN int -lws_find_string_in_file(const char *filename, const char *str, int stringlen); -#endif - -#ifdef LWS_WITH_IPV6 -#define LWS_IPV6_ENABLED(vh) \ - (!lws_check_opt(vh->context->options, LWS_SERVER_OPTION_DISABLE_IPV6) && \ - !lws_check_opt(vh->options, LWS_SERVER_OPTION_DISABLE_IPV6)) -#else -#define LWS_IPV6_ENABLED(context) (0) -#endif - -#ifdef LWS_WITH_UNIX_SOCK -#define LWS_UNIX_SOCK_ENABLED(vhost) \ - (vhost->options & LWS_SERVER_OPTION_UNIX_SOCK) -#else -#define LWS_UNIX_SOCK_ENABLED(vhost) (0) -#endif - -enum uri_path_states { - URIPS_IDLE, - URIPS_SEEN_SLASH, - URIPS_SEEN_SLASH_DOT, - URIPS_SEEN_SLASH_DOT_DOT, -}; - -enum uri_esc_states { - URIES_IDLE, - URIES_SEEN_PERCENT, - URIES_SEEN_PERCENT_H1, -}; - - -#ifndef LWS_NO_CLIENT -struct client_info_stash { - char *address; - char *path; - char *host; - char *origin; - char *protocol; - char *method; - char *iface; - char *alpn; -}; -#endif - - -signed char char_to_hex(const char c); - - -struct lws_buflist { - struct lws_buflist *next; - - size_t len; - size_t pos; - - uint8_t buf[1]; /* true length of this is set by the oversize malloc */ -}; - -#define lws_wsi_is_udp(___wsi) (!!___wsi->udp) - -#define LWS_H2_FRAME_HEADER_LENGTH 9 - - -struct lws { - /* structs */ - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - struct _lws_http_mode_related http; -#endif -#if defined(LWS_ROLE_H2) - struct _lws_h2_related h2; -#endif -#if defined(LWS_ROLE_WS) - struct _lws_websocket_related *ws; /* allocated if we upgrade to ws */ -#endif -#if defined(LWS_ROLE_DBUS) - struct _lws_dbus_mode_related dbus; -#endif - - const struct lws_role_ops *role_ops; - lws_wsi_state_t wsistate; - lws_wsi_state_t wsistate_pre_close; - - /* lifetime members */ - -#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || \ - defined(LWS_WITH_LIBEVENT) - struct lws_io_watcher w_read; -#endif -#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBEVENT) - struct lws_io_watcher w_write; -#endif - - /* pointers */ - - struct lws_context *context; - struct lws_vhost *vhost; - struct lws *parent; /* points to parent, if any */ - struct lws *child_list; /* points to first child */ - struct lws *sibling_list; /* subsequent children at same level */ - - const struct lws_protocols *protocol; - struct lws_dll_lws same_vh_protocol; - - struct lws_dll_lws dll_timeout; - struct lws_dll_lws dll_hrtimer; - struct lws_dll_lws dll_buflist; /* guys with pending rxflow */ - -#if defined(LWS_WITH_THREADPOOL) - struct lws_threadpool_task *tp_task; -#endif - -#if defined(LWS_WITH_PEER_LIMITS) - struct lws_peer *peer; -#endif - - struct lws_udp *udp; -#ifndef LWS_NO_CLIENT - struct client_info_stash *stash; - char *client_hostname_copy; - struct lws_dll_lws dll_active_client_conns; - struct lws_dll_lws dll_client_transaction_queue_head; - struct lws_dll_lws dll_client_transaction_queue; -#endif - void *user_space; - void *opaque_parent_data; - - struct lws_buflist *buflist; /* input-side buflist */ - struct lws_buflist *buflist_out; /* output-side buflist */ - -#if defined(LWS_WITH_TLS) - struct lws_lws_tls tls; -#endif - - lws_sock_file_fd_type desc; /* .filefd / .sockfd */ -#if defined(LWS_WITH_STATS) - uint64_t active_writable_req_us; -#if defined(LWS_WITH_TLS) - uint64_t accept_start_us; -#endif -#endif - - lws_usec_t pending_timer; /* hrtimer fires */ - time_t pending_timeout_set; /* second-resolution timeout start */ - -#ifdef LWS_LATENCY - unsigned long action_start; - unsigned long latency_start; -#endif - - /* ints */ -#define LWS_NO_FDS_POS (-1) - int position_in_fds_table; - -#ifndef LWS_NO_CLIENT - int chunk_remaining; -#endif - unsigned int cache_secs; - - unsigned int hdr_parsing_completed:1; - unsigned int http2_substream:1; - unsigned int upgraded_to_http2:1; - unsigned int h2_stream_carries_ws:1; - unsigned int seen_nonpseudoheader:1; - unsigned int listener:1; - unsigned int user_space_externally_allocated:1; - unsigned int socket_is_permanently_unusable:1; - unsigned int rxflow_change_to:2; - unsigned int conn_stat_done:1; - unsigned int cache_reuse:1; - unsigned int cache_revalidate:1; - unsigned int cache_intermediaries:1; - unsigned int favoured_pollin:1; - unsigned int sending_chunked:1; - unsigned int interpreting:1; - unsigned int already_did_cce:1; - unsigned int told_user_closed:1; - unsigned int told_event_loop_closed:1; - unsigned int waiting_to_send_close_frame:1; - unsigned int close_needs_ack:1; - unsigned int ipv6:1; - unsigned int parent_pending_cb_on_writable:1; - unsigned int cgi_stdout_zero_length:1; - unsigned int seen_zero_length_recv:1; - unsigned int rxflow_will_be_applied:1; - unsigned int event_pipe:1; - unsigned int handling_404:1; - unsigned int protocol_bind_balance:1; - unsigned int unix_skt:1; - - unsigned int could_have_pending:1; /* detect back-to-back writes */ - unsigned int outer_will_close:1; - unsigned int shadow:1; /* we do not control fd lifecycle at all */ - -#ifdef LWS_WITH_ACCESS_LOG - unsigned int access_log_pending:1; -#endif -#ifndef LWS_NO_CLIENT - unsigned int do_ws:1; /* whether we are doing http or ws flow */ - unsigned int chunked:1; /* if the clientside connection is chunked */ - unsigned int client_rx_avail:1; - unsigned int client_http_body_pending:1; - unsigned int transaction_from_pipeline_queue:1; - unsigned int keepalive_active:1; - unsigned int keepalive_rejected:1; - unsigned int client_pipeline:1; - unsigned int client_h2_alpn:1; - unsigned int client_h2_substream:1; -#endif - -#ifdef _WIN32 - unsigned int sock_send_blocking:1; -#endif - -#ifndef LWS_NO_CLIENT - unsigned short c_port; -#endif - unsigned short pending_timeout_limit; - - /* chars */ - - char lws_rx_parse_state; /* enum lws_rx_parse_state */ - char rx_frame_type; /* enum lws_write_protocol */ - char pending_timeout; /* enum pending_timeout */ - char tsi; /* thread service index we belong to */ - char protocol_interpret_idx; - char redirects; - uint8_t rxflow_bitmap; -#ifdef LWS_WITH_CGI - char cgi_channel; /* which of stdin/out/err */ - char hdr_state; -#endif -#ifndef LWS_NO_CLIENT - char chunk_parser; /* enum lws_chunk_parser */ -#endif -#if defined(LWS_WITH_CGI) || !defined(LWS_NO_CLIENT) - char reason_bf; /* internal writeable callback reason bitfield */ -#endif -#if defined(LWS_WITH_STATS) && defined(LWS_WITH_TLS) - char seen_rx; -#endif - uint8_t ws_over_h2_count; - /* volatile to make sure code is aware other thread can change */ - volatile char handling_pollout; - volatile char leave_pollout_active; -}; - -LWS_EXTERN char * -lws_strdup(const char *s); - -#define lws_is_flowcontrolled(w) (!!(wsi->rxflow_bitmap)) - -void -lws_service_do_ripe_rxflow(struct lws_context_per_thread *pt); - -LWS_EXTERN int log_level; - -LWS_EXTERN int -lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port, - const char *iface); - -#if defined(LWS_WITH_IPV6) -LWS_EXTERN unsigned long -lws_get_addr_scope(const char *ipaddr); -#endif - -LWS_EXTERN void -lws_close_free_wsi(struct lws *wsi, enum lws_close_status, const char *caller); -LWS_EXTERN void -__lws_close_free_wsi(struct lws *wsi, enum lws_close_status, const char *caller); - -LWS_EXTERN void -__lws_free_wsi(struct lws *wsi); - -LWS_EXTERN int -__remove_wsi_socket_from_fds(struct lws *wsi); -LWS_EXTERN int -lws_rxflow_cache(struct lws *wsi, unsigned char *buf, int n, int len); - -#ifndef LWS_LATENCY -static LWS_INLINE void -lws_latency(struct lws_context *context, struct lws *wsi, const char *action, - int ret, int completion) { - do { - (void)context; (void)wsi; (void)action; (void)ret; - (void)completion; - } while (0); -} -static LWS_INLINE void -lws_latency_pre(struct lws_context *context, struct lws *wsi) { - do { (void)context; (void)wsi; } while (0); -} -#else -#define lws_latency_pre(_context, _wsi) lws_latency(_context, _wsi, NULL, 0, 0) -extern void -lws_latency(struct lws_context *context, struct lws *wsi, const char *action, - int ret, int completion); -#endif - -static LWS_INLINE int -lws_has_buffered_out(struct lws *wsi) { return !!wsi->buflist_out; } - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_ws_client_rx_sm(struct lws *wsi, unsigned char c); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_parse(struct lws *wsi, unsigned char *buf, int *len); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_parse_urldecode(struct lws *wsi, uint8_t *_c); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_http_action(struct lws *wsi); - -LWS_EXTERN int -lws_b64_selftest(void); - -LWS_EXTERN int -lws_service_flag_pending(struct lws_context *context, int tsi); - -LWS_EXTERN int -__lws_timed_callback_remove(struct lws_vhost *vh, struct lws_timed_vh_protocol *p); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -__insert_wsi_socket_into_fds(struct lws_context *context, struct lws *wsi); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len); - -LWS_EXTERN void -lws_remove_from_timeout_list(struct lws *wsi); - -LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT -lws_client_connect_2(struct lws *wsi); - -LWS_VISIBLE struct lws * LWS_WARN_UNUSED_RESULT -lws_client_reset(struct lws **wsi, int ssl, const char *address, int port, - const char *path, const char *host); - -LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT -lws_create_new_server_wsi(struct lws_vhost *vhost, int fixed_tsi); - -LWS_EXTERN char * LWS_WARN_UNUSED_RESULT -lws_generate_client_handshake(struct lws *wsi, char *pkt); - -LWS_EXTERN int -lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd); - -LWS_EXTERN struct lws * -lws_http_client_connect_via_info2(struct lws *wsi); - - - -LWS_EXTERN void -lws_client_stash_destroy(struct lws *wsi); - -/* - * EXTENSIONS - */ - -#if defined(LWS_WITHOUT_EXTENSIONS) -#define lws_any_extension_handled(_a, _b, _c, _d) (0) -#define lws_ext_cb_active(_a, _b, _c, _d) (0) -#define lws_ext_cb_all_exts(_a, _b, _c, _d, _e) (0) -#define lws_issue_raw_ext_access lws_issue_raw -#define lws_context_init_extensions(_a, _b) -#endif - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_client_interpret_server_handshake(struct lws *wsi); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_ws_rx_sm(struct lws *wsi, char already_processed, unsigned char c); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_issue_raw_ext_access(struct lws *wsi, unsigned char *buf, size_t len); - -LWS_EXTERN void -lws_role_transition(struct lws *wsi, enum lwsi_role role, enum lwsi_state state, - struct lws_role_ops *ops); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -user_callback_handle_rxflow(lws_callback_function, struct lws *wsi, - enum lws_callback_reasons reason, void *user, - void *in, size_t len); - -LWS_EXTERN int -lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd, - int unix_skt); - -LWS_EXTERN int -lws_plat_check_connection_error(struct lws *wsi); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_header_table_attach(struct lws *wsi, int autoservice); - -LWS_EXTERN int -lws_header_table_detach(struct lws *wsi, int autoservice); -LWS_EXTERN int -__lws_header_table_detach(struct lws *wsi, int autoservice); - -LWS_EXTERN void -lws_header_table_reset(struct lws *wsi, int autoservice); - -void -__lws_header_table_reset(struct lws *wsi, int autoservice); - -LWS_EXTERN char * LWS_WARN_UNUSED_RESULT -lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_hdr_simple_create(struct lws *wsi, enum lws_token_indexes h, const char *s); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_ensure_user_space(struct lws *wsi); - -LWS_EXTERN int -lws_change_pollfd(struct lws *wsi, int _and, int _or); - -#ifndef LWS_NO_SERVER - int _lws_vhost_init_server(const struct lws_context_creation_info *info, - struct lws_vhost *vhost); - LWS_EXTERN struct lws_vhost * - lws_select_vhost(struct lws_context *context, int port, const char *servername); - LWS_EXTERN int LWS_WARN_UNUSED_RESULT - lws_parse_ws(struct lws *wsi, unsigned char **buf, size_t len); - LWS_EXTERN void - lws_server_get_canonical_hostname(struct lws_context *context, - const struct lws_context_creation_info *info); -#else - #define _lws_vhost_init_server(_a, _b) (0) - #define lws_parse_ws(_a, _b, _c) (0) - #define lws_server_get_canonical_hostname(_a, _b) -#endif - -#ifndef LWS_NO_DAEMONIZE - LWS_EXTERN int get_daemonize_pid(); -#else - #define get_daemonize_pid() (0) -#endif - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -interface_to_sa(struct lws_vhost *vh, const char *ifname, - struct sockaddr_in *addr, size_t addrlen); -LWS_EXTERN void lwsl_emit_stderr(int level, const char *line); - -#if !defined(LWS_WITH_TLS) - #define LWS_SSL_ENABLED(context) (0) - #define lws_context_init_server_ssl(_a, _b) (0) - #define lws_ssl_destroy(_a) - #define lws_context_init_alpn(_a) - #define lws_ssl_capable_read lws_ssl_capable_read_no_ssl - #define lws_ssl_capable_write lws_ssl_capable_write_no_ssl - #define lws_ssl_pending lws_ssl_pending_no_ssl - #define lws_server_socket_service_ssl(_b, _c) (0) - #define lws_ssl_close(_a) (0) - #define lws_ssl_context_destroy(_a) - #define lws_ssl_SSL_CTX_destroy(_a) - #define lws_ssl_remove_wsi_from_buffered_list(_a) - #define __lws_ssl_remove_wsi_from_buffered_list(_a) - #define lws_context_init_ssl_library(_a) - #define lws_tls_check_all_cert_lifetimes(_a) - #define lws_tls_acme_sni_cert_destroy(_a) -#endif - - -#if LWS_MAX_SMP > 1 - -static LWS_INLINE void -lws_pt_mutex_init(struct lws_context_per_thread *pt) -{ - lws_mutex_refcount_init(&pt->mr); - pthread_mutex_init(&pt->lock_stats, NULL); -} - -static LWS_INLINE void -lws_pt_mutex_destroy(struct lws_context_per_thread *pt) -{ - pthread_mutex_destroy(&pt->lock_stats); - lws_mutex_refcount_destroy(&pt->mr); -} - -#define lws_pt_lock(pt, reason) lws_mutex_refcount_lock(&pt->mr, reason) -#define lws_pt_unlock(pt) lws_mutex_refcount_unlock(&pt->mr) - -static LWS_INLINE void -lws_pt_stats_lock(struct lws_context_per_thread *pt) -{ - pthread_mutex_lock(&pt->lock_stats); -} - -static LWS_INLINE void -lws_pt_stats_unlock(struct lws_context_per_thread *pt) -{ - pthread_mutex_unlock(&pt->lock_stats); -} - -#define lws_context_lock(c, reason) lws_mutex_refcount_lock(&c->mr, reason) -#define lws_context_unlock(c) lws_mutex_refcount_unlock(&c->mr) - -static LWS_INLINE void -lws_vhost_lock(struct lws_vhost *vhost) -{ - pthread_mutex_lock(&vhost->lock); -} - -static LWS_INLINE void -lws_vhost_unlock(struct lws_vhost *vhost) -{ - pthread_mutex_unlock(&vhost->lock); -} - - -#else -#define lws_pt_mutex_init(_a) (void)(_a) -#define lws_pt_mutex_destroy(_a) (void)(_a) -#define lws_pt_lock(_a, b) (void)(_a) -#define lws_pt_unlock(_a) (void)(_a) -#define lws_context_lock(_a, _b) (void)(_a) -#define lws_context_unlock(_a) (void)(_a) -#define lws_vhost_lock(_a) (void)(_a) -#define lws_vhost_unlock(_a) (void)(_a) -#define lws_pt_stats_lock(_a) (void)(_a) -#define lws_pt_stats_unlock(_a) (void)(_a) -#endif - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_ssl_capable_read_no_ssl(struct lws *wsi, unsigned char *buf, int len); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_ssl_capable_write_no_ssl(struct lws *wsi, unsigned char *buf, int len); - -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_ssl_pending_no_ssl(struct lws *wsi); - -int -lws_tls_check_cert_lifetime(struct lws_vhost *vhost); - -int lws_jws_selftest(void); - - -#ifndef LWS_NO_CLIENT -LWS_EXTERN int lws_client_socket_service(struct lws *wsi, - struct lws_pollfd *pollfd, - struct lws *wsi_conn); -LWS_EXTERN struct lws * -lws_client_wsi_effective(struct lws *wsi); -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_http_transaction_completed_client(struct lws *wsi); -#if !defined(LWS_WITH_TLS) - #define lws_context_init_client_ssl(_a, _b) (0) -#endif -LWS_EXTERN void -lws_decode_ssl_error(void); -#else -#define lws_context_init_client_ssl(_a, _b) (0) -#endif - -LWS_EXTERN int -__lws_rx_flow_control(struct lws *wsi); - -LWS_EXTERN int -_lws_change_pollfd(struct lws *wsi, int _and, int _or, struct lws_pollargs *pa); - -#ifndef LWS_NO_SERVER -LWS_EXTERN int -lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len); -#else -#define lws_server_socket_service(_b, _c) (0) -#define lws_handshake_server(_a, _b, _c) (0) -#endif - -#ifdef LWS_WITH_ACCESS_LOG -LWS_EXTERN int -lws_access_log(struct lws *wsi); -LWS_EXTERN void -lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int len, int meth); -#else -#define lws_access_log(_a) -#endif - -LWS_EXTERN int -lws_cgi_kill_terminated(struct lws_context_per_thread *pt); - -LWS_EXTERN void -lws_cgi_remove_and_kill(struct lws *wsi); - -int -lws_protocol_init(struct lws_context *context); - -int -lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p, - const char *reason); - -const struct lws_http_mount * -lws_find_mount(struct lws *wsi, const char *uri_ptr, int uri_len); - -/* - * custom allocator - */ -LWS_EXTERN void * -lws_realloc(void *ptr, size_t size, const char *reason); - -LWS_EXTERN void * LWS_WARN_UNUSED_RESULT -lws_zalloc(size_t size, const char *reason); - -#ifdef LWS_PLAT_OPTEE -void *lws_malloc(size_t size, const char *reason); -void lws_free(void *p); -#define lws_free_set_NULL(P) do { lws_free(P); (P) = NULL; } while(0) -#else -#define lws_malloc(S, R) lws_realloc(NULL, S, R) -#define lws_free(P) lws_realloc(P, 0, "lws_free") -#define lws_free_set_NULL(P) do { lws_realloc(P, 0, "free"); (P) = NULL; } while(0) -#endif - -int -lws_plat_pipe_create(struct lws *wsi); -int -lws_plat_pipe_signal(struct lws *wsi); -void -lws_plat_pipe_close(struct lws *wsi); -int -lws_create_event_pipes(struct lws_context *context); - -int -lws_plat_apply_FD_CLOEXEC(int n); - -const struct lws_plat_file_ops * -lws_vfs_select_fops(const struct lws_plat_file_ops *fops, const char *vfs_path, - const char **vpath); - -/* lws_plat_ */ -LWS_EXTERN void -lws_plat_delete_socket_from_fds(struct lws_context *context, - struct lws *wsi, int m); -LWS_EXTERN void -lws_plat_insert_socket_into_fds(struct lws_context *context, - struct lws *wsi); -LWS_EXTERN void -lws_plat_service_periodic(struct lws_context *context); - -LWS_EXTERN int -lws_plat_change_pollfd(struct lws_context *context, struct lws *wsi, - struct lws_pollfd *pfd); -LWS_EXTERN void -lws_add_wsi_to_draining_ext_list(struct lws *wsi); -LWS_EXTERN void -lws_remove_wsi_from_draining_ext_list(struct lws *wsi); -LWS_EXTERN int -lws_plat_context_early_init(void); -LWS_EXTERN void -lws_plat_context_early_destroy(struct lws_context *context); -LWS_EXTERN void -lws_plat_context_late_destroy(struct lws_context *context); -LWS_EXTERN int -lws_poll_listen_fd(struct lws_pollfd *fd); -LWS_EXTERN int -lws_plat_service(struct lws_context *context, int timeout_ms); -LWS_EXTERN LWS_VISIBLE int -_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi); - -LWS_EXTERN int -lws_pthread_self_to_tsi(struct lws_context *context); - -LWS_EXTERN int -lws_plat_init(struct lws_context *context, - const struct lws_context_creation_info *info); -LWS_EXTERN void -lws_plat_drop_app_privileges(const struct lws_context_creation_info *info); -LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT -lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt); -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_plat_inet_pton(int af, const char *src, void *dst); - -LWS_EXTERN int -lws_check_byte_utf8(unsigned char state, unsigned char c); -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_check_utf8(unsigned char *state, unsigned char *buf, size_t len); -LWS_EXTERN int alloc_file(struct lws_context *context, const char *filename, - uint8_t **buf, lws_filepos_t *amount); - - -LWS_EXTERN void -lws_same_vh_protocol_remove(struct lws *wsi); -LWS_EXTERN void -__lws_same_vh_protocol_remove(struct lws *wsi); -LWS_EXTERN void -lws_same_vh_protocol_insert(struct lws *wsi, int n); - -LWS_EXTERN int -lws_broadcast(struct lws_context *context, int reason, void *in, size_t len); - -#if defined(LWS_WITH_STATS) - void - lws_stats_atomic_bump(struct lws_context * context, - struct lws_context_per_thread *pt, int index, uint64_t bump); - void - lws_stats_atomic_max(struct lws_context * context, - struct lws_context_per_thread *pt, int index, uint64_t val); -#else - static LWS_INLINE uint64_t lws_stats_atomic_bump(struct lws_context * context, - struct lws_context_per_thread *pt, int index, uint64_t bump) { - (void)context; (void)pt; (void)index; (void)bump; return 0; } - static LWS_INLINE uint64_t lws_stats_atomic_max(struct lws_context * context, - struct lws_context_per_thread *pt, int index, uint64_t val) { - (void)context; (void)pt; (void)index; (void)val; return 0; } -#endif - -/* socks */ -void socks_generate_msg(struct lws *wsi, enum socks_msg_type type, - ssize_t *msg_len); - -#if defined(LWS_WITH_PEER_LIMITS) -void -lws_peer_track_wsi_close(struct lws_context *context, struct lws_peer *peer); -int -lws_peer_confirm_ah_attach_ok(struct lws_context *context, - struct lws_peer *peer); -void -lws_peer_track_ah_detach(struct lws_context *context, struct lws_peer *peer); -void -lws_peer_cull_peer_wait_list(struct lws_context *context); -struct lws_peer * -lws_get_or_create_peer(struct lws_vhost *vhost, lws_sockfd_type sockfd); -void -lws_peer_add_wsi(struct lws_context *context, struct lws_peer *peer, - struct lws *wsi); -void -lws_peer_dump_from_wsi(struct lws *wsi); -#endif - -#ifdef LWS_WITH_HUBBUB -hubbub_error -html_parser_cb(const hubbub_token *token, void *pw); -#endif - -int -lws_threadpool_tsi_context(struct lws_context *context, int tsi); - -void -__lws_remove_from_timeout_list(struct lws *wsi); - -lws_usec_t -__lws_hrtimer_service(struct lws_context_per_thread *pt); - -void -__lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs); -int -__lws_change_pollfd(struct lws *wsi, int _and, int _or); - - -int -lws_callback_as_writeable(struct lws *wsi); -int -lws_buflist_aware_read(struct lws_context_per_thread *pt, struct lws *wsi, - struct lws_tokens *ebuf); -int -lws_buflist_aware_consume(struct lws *wsi, struct lws_tokens *ebuf, int used, - int buffered); - - -char * -lws_generate_client_ws_handshake(struct lws *wsi, char *p, const char *conn1); -int -lws_client_ws_upgrade(struct lws *wsi, const char **cce); -int -lws_create_client_ws_object(const struct lws_client_connect_info *i, - struct lws *wsi); -int -lws_alpn_comma_to_openssl(const char *comma, uint8_t *os, int len); -int -lws_role_call_alpn_negotiated(struct lws *wsi, const char *alpn); -int -lws_tls_server_conn_alpn(struct lws *wsi); - -int -lws_ws_client_rx_sm_block(struct lws *wsi, unsigned char **buf, size_t len); -void -lws_destroy_event_pipe(struct lws *wsi); -void -lws_context_destroy2(struct lws_context *context); -int -lws_role_call_client_bind(struct lws *wsi, - const struct lws_client_connect_info *i); -void -lws_remove_child_from_any_parent(struct lws *wsi); - -#ifdef __cplusplus -}; -#endif diff --git a/thirdparty/libwebsockets/lib/core/service.c b/thirdparty/libwebsockets/lib/core/service.c deleted file mode 100644 index ef251409cb..0000000000 --- a/thirdparty/libwebsockets/lib/core/service.c +++ /dev/null @@ -1,1114 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -int -lws_callback_as_writeable(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - int n, m; - - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITEABLE_CB, 1); -#if defined(LWS_WITH_STATS) - if (wsi->active_writable_req_us) { - uint64_t ul = lws_time_in_microseconds() - - wsi->active_writable_req_us; - - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_MS_WRITABLE_DELAY, ul); - lws_stats_atomic_max(wsi->context, pt, - LWSSTATS_MS_WORST_WRITABLE_DELAY, ul); - wsi->active_writable_req_us = 0; - } -#endif - - n = wsi->role_ops->writeable_cb[lwsi_role_server(wsi)]; - - m = user_callback_handle_rxflow(wsi->protocol->callback, - wsi, (enum lws_callback_reasons) n, - wsi->user_space, NULL, 0); - - return m; -} - -LWS_VISIBLE int -lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd) -{ - volatile struct lws *vwsi = (volatile struct lws *)wsi; - int n; - - //lwsl_notice("%s: %p\n", __func__, wsi); - - vwsi->leave_pollout_active = 0; - vwsi->handling_pollout = 1; - /* - * if another thread wants POLLOUT on us, from here on while - * handling_pollout is set, he will only set leave_pollout_active. - * If we are going to disable POLLOUT, we will check that first. - */ - wsi->could_have_pending = 0; /* clear back-to-back write detection */ - - /* - * user callback is lowest priority to get these notifications - * actually, since other pending things cannot be disordered - * - * Priority 1: pending truncated sends are incomplete ws fragments - * If anything else sent first the protocol would be - * corrupted. - * - * These are post- any compression transform - */ - - if (lws_has_buffered_out(wsi)) { - //lwsl_notice("%s: completing partial\n", __func__); - if (lws_issue_raw(wsi, NULL, 0) < 0) { - lwsl_info("%s signalling to close\n", __func__); - goto bail_die; - } - /* leave POLLOUT active either way */ - goto bail_ok; - } else - if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE) { - wsi->socket_is_permanently_unusable = 1; - goto bail_die; /* retry closing now */ - } - - /* Priority 2: pre- compression transform */ - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - if (wsi->http.comp_ctx.buflist_comp || - wsi->http.comp_ctx.may_have_more) { - enum lws_write_protocol wp = LWS_WRITE_HTTP; - - lwsl_info("%s: completing comp partial (buflist_comp %p, may %d)\n", - __func__, wsi->http.comp_ctx.buflist_comp, - wsi->http.comp_ctx.may_have_more - ); - - if (wsi->role_ops->write_role_protocol(wsi, NULL, 0, &wp) < 0) { - lwsl_info("%s signalling to close\n", __func__); - goto bail_die; - } - lws_callback_on_writable(wsi); - - goto bail_ok; - } -#endif - -#ifdef LWS_WITH_CGI - /* - * A cgi master's wire protocol remains h1 or h2. He is just getting - * his data from his child cgis. - */ - if (wsi->http.cgi) { - /* also one shot */ - if (pollfd) - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_info("failed at set pollfd\n"); - return 1; - } - goto user_service_go_again; - } -#endif - - /* if we got here, we should have wire protocol ops set on the wsi */ - assert(wsi->role_ops); - - if (!wsi->role_ops->handle_POLLOUT) - goto bail_ok; - - switch ((wsi->role_ops->handle_POLLOUT)(wsi)) { - case LWS_HP_RET_BAIL_OK: - goto bail_ok; - case LWS_HP_RET_BAIL_DIE: - goto bail_die; - case LWS_HP_RET_USER_SERVICE: - break; - default: - assert(0); - } - - /* one shot */ - - if (pollfd) { - int eff = vwsi->leave_pollout_active; - - if (!eff) { - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_info("failed at set pollfd\n"); - goto bail_die; - } - } - - vwsi->handling_pollout = 0; - - /* cannot get leave_pollout_active set after the above */ - if (!eff && wsi->leave_pollout_active) { - /* - * got set inbetween sampling eff and clearing - * handling_pollout, force POLLOUT on - */ - lwsl_debug("leave_pollout_active\n"); - if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) { - lwsl_info("failed at set pollfd\n"); - goto bail_die; - } - } - - vwsi->leave_pollout_active = 0; - } - - if (lwsi_role_client(wsi) && - !wsi->hdr_parsing_completed && - lwsi_state(wsi) != LRS_H2_WAITING_TO_SEND_HEADERS && - lwsi_state(wsi) != LRS_ISSUE_HTTP_BODY - ) - goto bail_ok; - - -#ifdef LWS_WITH_CGI -user_service_go_again: -#endif - - if (wsi->role_ops->perform_user_POLLOUT) { - if (wsi->role_ops->perform_user_POLLOUT(wsi) == -1) - goto bail_die; - else - goto bail_ok; - } - - lwsl_debug("%s: %p: non mux: wsistate 0x%x, ops %s\n", __func__, wsi, - wsi->wsistate, wsi->role_ops->name); - - vwsi = (volatile struct lws *)wsi; - vwsi->leave_pollout_active = 0; - - n = lws_callback_as_writeable(wsi); - vwsi->handling_pollout = 0; - - if (vwsi->leave_pollout_active) - lws_change_pollfd(wsi, 0, LWS_POLLOUT); - - return n; - - /* - * since these don't disable the POLLOUT, they are always doing the - * right thing for leave_pollout_active whether it was set or not. - */ - -bail_ok: - vwsi->handling_pollout = 0; - vwsi->leave_pollout_active = 0; - - return 0; - -bail_die: - vwsi->handling_pollout = 0; - vwsi->leave_pollout_active = 0; - - return -1; -} - -static int -__lws_service_timeout_check(struct lws *wsi, time_t sec) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - int n = 0; -#endif - - (void)n; - - /* - * if we went beyond the allowed time, kill the - * connection - */ - if (wsi->dll_timeout.prev && - lws_compare_time_t(wsi->context, sec, wsi->pending_timeout_set) > - wsi->pending_timeout_limit) { - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - if (wsi->desc.sockfd != LWS_SOCK_INVALID && - wsi->position_in_fds_table >= 0) - n = pt->fds[wsi->position_in_fds_table].events; -#endif - - lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_TIMEOUTS, 1); - - /* no need to log normal idle keepalive timeout */ - if (wsi->pending_timeout != PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE) -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - lwsl_info("wsi %p: TIMEDOUT WAITING on %d " - "(did hdr %d, ah %p, wl %d, pfd " - "events %d) %llu vs %llu\n", - (void *)wsi, wsi->pending_timeout, - wsi->hdr_parsing_completed, wsi->http.ah, - pt->http.ah_wait_list_length, n, - (unsigned long long)sec, - (unsigned long long)wsi->pending_timeout_limit); -#if defined(LWS_WITH_CGI) - if (wsi->http.cgi) - lwsl_notice("CGI timeout: %s\n", wsi->http.cgi->summary); -#endif -#else - lwsl_info("wsi %p: TIMEDOUT WAITING on %d ", (void *)wsi, - wsi->pending_timeout); -#endif - - /* - * Since he failed a timeout, he already had a chance to do - * something and was unable to... that includes situations like - * half closed connections. So process this "failed timeout" - * close as a violent death and don't try to do protocol - * cleanup like flush partials. - */ - wsi->socket_is_permanently_unusable = 1; - if (lwsi_state(wsi) == LRS_WAITING_SSL && wsi->protocol) - wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_CONNECTION_ERROR, - wsi->user_space, - (void *)"Timed out waiting SSL", 21); - - __lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "timeout"); - - return 1; - } - - return 0; -} - -int lws_rxflow_cache(struct lws *wsi, unsigned char *buf, int n, int len) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - uint8_t *buffered; - size_t blen; - int ret = 0, m; - - /* his RX is flowcontrolled, don't send remaining now */ - blen = lws_buflist_next_segment_len(&wsi->buflist, &buffered); - if (blen) { - if (buf >= buffered && buf + len <= buffered + blen) { - /* rxflow while we were spilling prev rxflow */ - lwsl_info("%s: staying in rxflow buf\n", __func__); - - return 1; - } - ret = 1; - } - - /* a new rxflow, buffer it and warn caller */ - - m = lws_buflist_append_segment(&wsi->buflist, buf + n, len - n); - - if (m < 0) - return -1; - if (m) { - lwsl_debug("%s: added %p to rxflow list\n", __func__, wsi); - lws_dll_lws_add_front(&wsi->dll_buflist, &pt->dll_head_buflist); - } - - return ret; -} - -/* this is used by the platform service code to stop us waiting for network - * activity in poll() when we have something that already needs service - */ - -LWS_VISIBLE LWS_EXTERN int -lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi) -{ - struct lws_context_per_thread *pt = &context->pt[tsi]; - - /* - * Figure out if we really want to wait in poll()... we only need to - * wait if really nothing already to do and we have to wait for - * something from network - */ -#if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) - /* 1) if we know we are draining rx ext, do not wait in poll */ - if (pt->ws.rx_draining_ext_list) - return 0; -#endif - - /* 2) if we know we have non-network pending data, - * do not wait in poll */ - - if (pt->context->tls_ops && - pt->context->tls_ops->fake_POLLIN_for_buffered && - pt->context->tls_ops->fake_POLLIN_for_buffered(pt)) - return 0; - - /* - * 3) If there is any wsi with rxflow buffered and in a state to process - * it, we should not wait in poll - */ - - lws_start_foreach_dll(struct lws_dll_lws *, d, - pt->dll_head_buflist.next) { - struct lws *wsi = lws_container_of(d, struct lws, dll_buflist); - - if (lwsi_state(wsi) != LRS_DEFERRING_ACTION) - return 0; - - /* - * 4) If any guys with http compression to spill, we shouldn't wait in - * poll but hurry along and service them - */ - - } lws_end_foreach_dll(d); - - return timeout_ms; -} - -/* - * POLLIN said there is something... we must read it, and either use it; or - * if other material already in the buflist append it and return the buflist - * head material. - */ -int -lws_buflist_aware_read(struct lws_context_per_thread *pt, struct lws *wsi, - struct lws_tokens *ebuf) -{ - int n, prior = (int)lws_buflist_next_segment_len(&wsi->buflist, NULL); - - ebuf->token = (char *)pt->serv_buf; - ebuf->len = lws_ssl_capable_read(wsi, pt->serv_buf, - wsi->context->pt_serv_buf_size); - - if (ebuf->len == LWS_SSL_CAPABLE_MORE_SERVICE && prior) - goto get_from_buflist; - - if (ebuf->len <= 0) - return 0; - - /* nothing in buflist already? Then just use what we read */ - - if (!prior) - return 0; - - /* stash what we read */ - - n = lws_buflist_append_segment(&wsi->buflist, (uint8_t *)ebuf->token, - ebuf->len); - if (n < 0) - return -1; - if (n) { - lwsl_debug("%s: added %p to rxflow list\n", __func__, wsi); - lws_dll_lws_add_front(&wsi->dll_buflist, &pt->dll_head_buflist); - } - - /* get the first buflist guy in line */ - -get_from_buflist: - - ebuf->len = (int)lws_buflist_next_segment_len(&wsi->buflist, - (uint8_t **)&ebuf->token); - - return 1; /* came from buflist */ -} - -int -lws_buflist_aware_consume(struct lws *wsi, struct lws_tokens *ebuf, int used, - int buffered) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - int m; - - /* it's in the buflist; we didn't use any */ - - if (!used && buffered) - return 0; - - if (used && buffered) { - m = lws_buflist_use_segment(&wsi->buflist, used); - lwsl_info("%s: draining rxflow: used %d, next %d\n", - __func__, used, m); - if (m) - return 0; - - lwsl_info("%s: removed %p from dll_buflist\n", __func__, wsi); - lws_dll_lws_remove(&wsi->dll_buflist); - - return 0; - } - - /* any remainder goes on the buflist */ - - if (used != ebuf->len) { - m = lws_buflist_append_segment(&wsi->buflist, - (uint8_t *)ebuf->token + used, - ebuf->len - used); - if (m < 0) - return 1; /* OOM */ - if (m) { - lwsl_debug("%s: added %p to rxflow list\n", - __func__, wsi); - lws_dll_lws_add_front(&wsi->dll_buflist, - &pt->dll_head_buflist); - } - } - - return 0; -} - -void -lws_service_do_ripe_rxflow(struct lws_context_per_thread *pt) -{ - struct lws_pollfd pfd; - - if (!pt->dll_head_buflist.next) - return; - - /* - * service all guys with pending rxflow that reached a state they can - * accept the pending data - */ - - lws_pt_lock(pt, __func__); - - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - pt->dll_head_buflist.next) { - struct lws *wsi = lws_container_of(d, struct lws, dll_buflist); - - pfd.events = LWS_POLLIN; - pfd.revents = LWS_POLLIN; - pfd.fd = -1; - - lwsl_debug("%s: rxflow processing: %p 0x%x\n", __func__, wsi, - wsi->wsistate); - - if (!lws_is_flowcontrolled(wsi) && - lwsi_state(wsi) != LRS_DEFERRING_ACTION && - (wsi->role_ops->handle_POLLIN)(pt, wsi, &pfd) == - LWS_HPI_RET_PLEASE_CLOSE_ME) - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "close_and_handled"); - - } lws_end_foreach_dll_safe(d, d1); - - lws_pt_unlock(pt); -} - -/* - * guys that need POLLIN service again without waiting for network action - * can force POLLIN here if not flowcontrolled, so they will get service. - * - * Return nonzero if anybody got their POLLIN faked - */ -int -lws_service_flag_pending(struct lws_context *context, int tsi) -{ - struct lws_context_per_thread *pt = &context->pt[tsi]; - int forced = 0; - - lws_pt_lock(pt, __func__); - - /* - * 1) If there is any wsi with a buflist and in a state to process - * it, we should not wait in poll - */ - - lws_start_foreach_dll(struct lws_dll_lws *, d, pt->dll_head_buflist.next) { - struct lws *wsi = lws_container_of(d, struct lws, dll_buflist); - - if (lwsi_state(wsi) != LRS_DEFERRING_ACTION) { - forced = 1; - break; - } - } lws_end_foreach_dll(d); - -#if defined(LWS_ROLE_WS) - forced |= role_ops_ws.service_flag_pending(context, tsi); -#endif - -#if defined(LWS_WITH_TLS) - /* - * 2) For all guys with buffered SSL read data already saved up, if they - * are not flowcontrolled, fake their POLLIN status so they'll get - * service to use up the buffered incoming data, even though their - * network socket may have nothing - */ - lws_start_foreach_dll_safe(struct lws_dll_lws *, p, p1, - pt->tls.pending_tls_head.next) { - struct lws *wsi = lws_container_of(p, struct lws, - tls.pending_tls_list); - - pt->fds[wsi->position_in_fds_table].revents |= - pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN; - if (pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN) { - forced = 1; - /* - * he's going to get serviced now, take him off the - * list of guys with buffered SSL. If he still has some - * at the end of the service, he'll get put back on the - * list then. - */ - __lws_ssl_remove_wsi_from_buffered_list(wsi); - } - - } lws_end_foreach_dll_safe(p, p1); -#endif - - lws_pt_unlock(pt); - - return forced; -} - -static int -lws_service_periodic_checks(struct lws_context *context, - struct lws_pollfd *pollfd, int tsi) -{ - struct lws_context_per_thread *pt = &context->pt[tsi]; - struct lws_timed_vh_protocol *tmr; - lws_sockfd_type our_fd = 0, tmp_fd; - struct lws *wsi; - int timed_out = 0; - time_t now; -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - struct allocated_headers *ah; - int n, m; -#endif - - if (!context->protocol_init_done) - if (lws_protocol_init(context)) { - lwsl_err("%s: lws_protocol_init failed\n", __func__); - return -1; - } - - time(&now); - - /* - * handle case that system time was uninitialized when lws started - * at boot, and got initialized a little later - */ - if (context->time_up < 1464083026 && now > 1464083026) - context->time_up = now; - - if (context->last_timeout_check_s && - now - context->last_timeout_check_s > 100) { - /* - * There has been a discontiguity. Any stored time that is - * less than context->time_discontiguity should have context-> - * time_fixup added to it. - * - * Some platforms with no RTC will experience this as a normal - * event when ntp sets their clock, but we can have started - * long before that with a 0-based unix time. - */ - - context->time_discontiguity = now; - context->time_fixup = now - context->last_timeout_check_s; - - lwsl_notice("time discontiguity: at old time %llus, " - "new time %llus: +%llus\n", - (unsigned long long)context->last_timeout_check_s, - (unsigned long long)context->time_discontiguity, - (unsigned long long)context->time_fixup); - - context->last_timeout_check_s = now - 1; - } - - if (!lws_compare_time_t(context, context->last_timeout_check_s, now)) - return 0; - - context->last_timeout_check_s = now; - -#if defined(LWS_WITH_STATS) - if (!tsi && now - context->last_dump > 10) { - lws_stats_log_dump(context); - context->last_dump = now; - } -#endif - - lws_plat_service_periodic(context); - lws_check_deferred_free(context, tsi, 0); - -#if defined(LWS_WITH_PEER_LIMITS) - lws_peer_cull_peer_wait_list(context); -#endif - - /* retire unused deprecated context */ -#if !defined(LWS_PLAT_OPTEE) && !defined(LWS_WITH_ESP32) -#if !defined(_WIN32) - if (context->deprecated && !context->count_wsi_allocated) { - lwsl_notice("%s: ending deprecated context\n", __func__); - kill(getpid(), SIGINT); - return 0; - } -#endif -#endif - /* global timeout check once per second */ - - if (pollfd) - our_fd = pollfd->fd; - - /* - * Phase 1: check every wsi on our pt's timeout check list - */ - - lws_pt_lock(pt, __func__); - - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - context->pt[tsi].dll_head_timeout.next) { - wsi = lws_container_of(d, struct lws, dll_timeout); - tmp_fd = wsi->desc.sockfd; - if (__lws_service_timeout_check(wsi, now)) { - /* he did time out... */ - if (tmp_fd == our_fd) - /* it was the guy we came to service! */ - timed_out = 1; - /* he's gone, no need to mark as handled */ - } - } lws_end_foreach_dll_safe(d, d1); - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - /* - * Phase 2: double-check active ah timeouts independent of wsi - * timeout status - */ - - ah = pt->http.ah_list; - while (ah) { - int len; - char buf[256]; - const unsigned char *c; - - if (!ah->in_use || !ah->wsi || !ah->assigned || - (ah->wsi->vhost && - lws_compare_time_t(context, now, ah->assigned) < - ah->wsi->vhost->timeout_secs_ah_idle + 360)) { - ah = ah->next; - continue; - } - - /* - * a single ah session somehow got held for - * an unreasonable amount of time. - * - * Dump info on the connection... - */ - wsi = ah->wsi; - buf[0] = '\0'; -#if !defined(LWS_PLAT_OPTEE) - lws_get_peer_simple(wsi, buf, sizeof(buf)); -#else - buf[0] = '\0'; -#endif - lwsl_notice("ah excessive hold: wsi %p\n" - " peer address: %s\n" - " ah pos %u\n", - wsi, buf, ah->pos); - buf[0] = '\0'; - m = 0; - do { - c = lws_token_to_string(m); - if (!c) - break; - if (!(*c)) - break; - - len = lws_hdr_total_length(wsi, m); - if (!len || len > (int)sizeof(buf) - 1) { - m++; - continue; - } - - if (lws_hdr_copy(wsi, buf, sizeof buf, m) > 0) { - buf[sizeof(buf) - 1] = '\0'; - - lwsl_notice(" %s = %s\n", - (const char *)c, buf); - } - m++; - } while (1); - - /* explicitly detach the ah */ - lws_header_table_detach(wsi, 0); - - /* ... and then drop the connection */ - - m = 0; - if (wsi->desc.sockfd == our_fd) { - m = timed_out; - - /* it was the guy we came to service! */ - timed_out = 1; - } - - if (!m) /* if he didn't already timeout */ - __lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "excessive ah"); - - ah = pt->http.ah_list; - } -#endif - lws_pt_unlock(pt); - -#if 0 - { - char s[300], *p = s; - - for (n = 0; n < context->count_threads; n++) - p += sprintf(p, " %7lu (%5d), ", - context->pt[n].count_conns, - context->pt[n].fds_count); - - lwsl_notice("load: %s\n", s); - } -#endif - /* - * Phase 3: vhost / protocol timer callbacks - */ - - /* 3a: lock, collect, and remove vh timers that are pending */ - - lws_context_lock(context, "expired vh timers"); /* context ---------- */ - - n = 0; - - /* - * first, under the context lock, get a count of the number of - * expired timers so we can allocate for them (or not, cleanly) - */ - - lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) { - - if (v->timed_vh_protocol_list) { - - lws_start_foreach_ll_safe(struct lws_timed_vh_protocol *, - q, v->timed_vh_protocol_list, next) { - if (now >= q->time && q->tsi_req == tsi) - n++; - } lws_end_foreach_ll_safe(q); - } - - } lws_end_foreach_ll(v, vhost_next); - - /* if nothing to do, unlock and move on to the next vhost */ - - if (!n) { - lws_context_unlock(context); /* ----------- context */ - goto vh_timers_done; - } - - /* - * attempt to do the wsi and timer info allocation - * first en bloc. If it fails, we can just skip the rest and - * the timers will still be pending next time. - */ - - wsi = lws_zalloc(sizeof(*wsi), "cbwsi"); - if (!wsi) { - /* - * at this point, we haven't cleared any vhost - * timers. We can fail out and retry cleanly - * next periodic check - */ - lws_context_unlock(context); /* ----------- context */ - goto vh_timers_done; - } - wsi->context = context; - - tmr = lws_zalloc(sizeof(*tmr) * n, "cbtmr"); - if (!tmr) { - /* again OOM here can be handled cleanly */ - lws_free(wsi); - lws_context_unlock(context); /* ----------- context */ - goto vh_timers_done; - } - - /* so we have the allocation for n pending timers... */ - - m = 0; - lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) { - - if (v->timed_vh_protocol_list) { - - lws_vhost_lock(v); /* vhost ------------------------- */ - - lws_start_foreach_ll_safe(struct lws_timed_vh_protocol *, - q, v->timed_vh_protocol_list, next) { - - /* only do n */ - if (m == n) - break; - - if (now >= q->time && q->tsi_req == tsi) { - - /* - * tmr is an allocated array. - * Ignore the linked-list. - */ - tmr[m].vhost = v; - tmr[m].protocol = q->protocol; - tmr[m++].reason = q->reason; - - /* take the timer out now we took - * responsibility */ - __lws_timed_callback_remove(v, q); - } - - } lws_end_foreach_ll_safe(q); - - lws_vhost_unlock(v); /* ----------------------- vhost */ - } - - } lws_end_foreach_ll(v, vhost_next); - lws_context_unlock(context); /* ---------------------------- context */ - - /* 3b: call the vh timer callbacks outside any lock */ - - for (m = 0; m < n; m++) { - - wsi->vhost = tmr[m].vhost; /* not a real bound wsi */ - wsi->protocol = tmr[m].protocol; - - lwsl_debug("%s: timed cb: vh %s, protocol %s, reason %d\n", - __func__, tmr[m].vhost->name, tmr[m].protocol->name, - tmr[m].reason); - tmr[m].protocol->callback(wsi, tmr[m].reason, NULL, NULL, 0); - } - - lws_free(tmr); - lws_free(wsi); - -vh_timers_done: - - /* - * Phase 4: check for unconfigured vhosts due to required - * interface missing before - */ - - lws_context_lock(context, "periodic checks"); - lws_start_foreach_llp(struct lws_vhost **, pv, - context->no_listener_vhost_list) { - struct lws_vhost *v = *pv; - lwsl_debug("deferred iface: checking if on vh %s\n", (*pv)->name); - if (_lws_vhost_init_server(NULL, *pv) == 0) { - /* became happy */ - lwsl_notice("vh %s: became connected\n", v->name); - *pv = v->no_listener_vhost_list; - v->no_listener_vhost_list = NULL; - break; - } - } lws_end_foreach_llp(pv, no_listener_vhost_list); - lws_context_unlock(context); - - /* - * Phase 5: role periodic checks - */ -#if defined(LWS_ROLE_WS) - role_ops_ws.periodic_checks(context, tsi, now); -#endif -#if defined(LWS_ROLE_CGI) - role_ops_cgi.periodic_checks(context, tsi, now); -#endif - - /* - * Phase 6: check the remaining cert lifetime daily - */ - - if (context->tls_ops && - context->tls_ops->periodic_housekeeping) - context->tls_ops->periodic_housekeeping(context, now); - - return 0; -} - -LWS_VISIBLE int -lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, - int tsi) -{ - struct lws_context_per_thread *pt = &context->pt[tsi]; - struct lws *wsi; - - if (!context || context->being_destroyed1) - return -1; - - /* the case there's no pollfd to service, we just want to do periodic */ - if (!pollfd) { - lws_service_periodic_checks(context, pollfd, tsi); - return -2; - } - - /* no, here to service a socket descriptor */ - wsi = wsi_from_fd(context, pollfd->fd); - if (!wsi) - /* not lws connection ... leave revents alone and return */ - return 0; - - /* - * so that caller can tell we handled, past here we need to - * zero down pollfd->revents after handling - */ - - /* handle session socket closed */ - - if ((!(pollfd->revents & pollfd->events & LWS_POLLIN)) && - (pollfd->revents & LWS_POLLHUP)) { - wsi->socket_is_permanently_unusable = 1; - lwsl_debug("Session Socket %p (fd=%d) dead\n", - (void *)wsi, pollfd->fd); - - goto close_and_handled; - } - -#ifdef _WIN32 - if (pollfd->revents & LWS_POLLOUT) - wsi->sock_send_blocking = FALSE; -#endif - - if ((!(pollfd->revents & pollfd->events & LWS_POLLIN)) && - (pollfd->revents & LWS_POLLHUP)) { - lwsl_debug("pollhup\n"); - wsi->socket_is_permanently_unusable = 1; - goto close_and_handled; - } - -#if defined(LWS_WITH_TLS) - if (lwsi_state(wsi) == LRS_SHUTDOWN && - lws_is_ssl(wsi) && wsi->tls.ssl) { - switch (__lws_tls_shutdown(wsi)) { - case LWS_SSL_CAPABLE_DONE: - case LWS_SSL_CAPABLE_ERROR: - goto close_and_handled; - - case LWS_SSL_CAPABLE_MORE_SERVICE_READ: - case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: - case LWS_SSL_CAPABLE_MORE_SERVICE: - goto handled; - } - } -#endif - wsi->could_have_pending = 0; /* clear back-to-back write detection */ - - /* okay, what we came here to do... */ - - /* if we got here, we should have wire protocol ops set on the wsi */ - assert(wsi->role_ops); - - // lwsl_notice("%s: %s: wsistate 0x%x\n", __func__, wsi->role_ops->name, - // wsi->wsistate); - - switch ((wsi->role_ops->handle_POLLIN)(pt, wsi, pollfd)) { - case LWS_HPI_RET_WSI_ALREADY_DIED: - return 1; - case LWS_HPI_RET_HANDLED: - break; - case LWS_HPI_RET_PLEASE_CLOSE_ME: -close_and_handled: - lwsl_debug("%p: Close and handled\n", wsi); - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "close_and_handled"); -#if defined(_DEBUG) && defined(LWS_WITH_LIBUV) - /* - * confirm close has no problem being called again while - * it waits for libuv service to complete the first async - * close - */ - if (context->event_loop_ops == &event_loop_ops_uv) - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "close_and_handled uv repeat test"); -#endif - /* - * pollfd may point to something else after the close - * due to pollfd swapping scheme on delete on some platforms - * we can't clear revents now because it'd be the wrong guy's - * revents - */ - return 1; - default: - assert(0); - } -#if defined(LWS_WITH_TLS) -handled: -#endif - pollfd->revents = 0; - - /* check the timeout situation if we didn't in the last second */ - lws_service_periodic_checks(context, pollfd, tsi); - - lws_pt_lock(pt, __func__); - __lws_hrtimer_service(pt); - lws_pt_unlock(pt); - - return 0; -} - -LWS_VISIBLE int -lws_service_fd(struct lws_context *context, struct lws_pollfd *pollfd) -{ - return lws_service_fd_tsi(context, pollfd, 0); -} - -LWS_VISIBLE int -lws_service(struct lws_context *context, int timeout_ms) -{ - struct lws_context_per_thread *pt = &context->pt[0]; - int n; - - if (!context) - return 1; - - pt->inside_service = 1; - - if (context->event_loop_ops->run_pt) { - /* we are configured for an event loop */ - context->event_loop_ops->run_pt(context, 0); - - pt->inside_service = 0; - - return 1; - } - n = lws_plat_service(context, timeout_ms); - - pt->inside_service = 0; - - return n; -} - -LWS_VISIBLE int -lws_service_tsi(struct lws_context *context, int timeout_ms, int tsi) -{ - struct lws_context_per_thread *pt = &context->pt[tsi]; - int n; - - pt->inside_service = 1; -#if LWS_MAX_SMP > 1 - pt->self = pthread_self(); -#endif - - if (context->event_loop_ops->run_pt) { - /* we are configured for an event loop */ - context->event_loop_ops->run_pt(context, tsi); - - pt->inside_service = 0; - - return 1; - } - - n = _lws_plat_service_tsi(context, timeout_ms, tsi); - - pt->inside_service = 0; - - return n; -} diff --git a/thirdparty/libwebsockets/lib/event-libs/poll/poll.c b/thirdparty/libwebsockets/lib/event-libs/poll/poll.c deleted file mode 100644 index 09af5b15d8..0000000000 --- a/thirdparty/libwebsockets/lib/event-libs/poll/poll.c +++ /dev/null @@ -1,43 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * This is included from core/private.h if LWS_ROLE_WS - */ - -#include - -struct lws_event_loop_ops event_loop_ops_poll = { - /* name */ "poll", - /* init_context */ NULL, - /* destroy_context1 */ NULL, - /* destroy_context2 */ NULL, - /* init_vhost_listen_wsi */ NULL, - /* init_pt */ NULL, - /* wsi_logical_close */ NULL, - /* check_client_connect_ok */ NULL, - /* close_handle_manually */ NULL, - /* accept */ NULL, - /* io */ NULL, - /* run */ NULL, - /* destroy_pt */ NULL, - /* destroy wsi */ NULL, - - /* periodic_events_available */ 1, -}; \ No newline at end of file diff --git a/thirdparty/libwebsockets/lib/event-libs/poll/private.h b/thirdparty/libwebsockets/lib/event-libs/poll/private.h deleted file mode 100644 index ca313ebfb0..0000000000 --- a/thirdparty/libwebsockets/lib/event-libs/poll/private.h +++ /dev/null @@ -1,23 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - */ - -extern struct lws_event_loop_ops event_loop_ops_poll; diff --git a/thirdparty/libwebsockets/lib/event-libs/private.h b/thirdparty/libwebsockets/lib/event-libs/private.h deleted file mode 100644 index 58bca946b5..0000000000 --- a/thirdparty/libwebsockets/lib/event-libs/private.h +++ /dev/null @@ -1,74 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * This is included from core/private.h - */ - -struct lws_event_loop_ops { - const char *name; - /* event loop-specific context init during context creation */ - int (*init_context)(struct lws_context *context, - const struct lws_context_creation_info *info); - /* called during lws_destroy_context */ - int (*destroy_context1)(struct lws_context *context); - /* called during lws_destroy_context2 */ - int (*destroy_context2)(struct lws_context *context); - /* init vhost listening wsi */ - int (*init_vhost_listen_wsi)(struct lws *wsi); - /* init the event loop for a pt */ - int (*init_pt)(struct lws_context *context, void *_loop, int tsi); - /* called at end of first phase of close_free_wsi() */ - int (*wsi_logical_close)(struct lws *wsi); - /* return nonzero if client connect not allowed */ - int (*check_client_connect_ok)(struct lws *wsi); - /* close handle manually */ - void (*close_handle_manually)(struct lws *wsi); - /* event loop accept processing */ - int (*accept)(struct lws *wsi); - /* control wsi active events */ - void (*io)(struct lws *wsi, int flags); - /* run the event loop for a pt */ - void (*run_pt)(struct lws_context *context, int tsi); - /* called before pt is destroyed */ - void (*destroy_pt)(struct lws_context *context, int tsi); - /* called just before wsi is freed */ - void (*destroy_wsi)(struct lws *wsi); - - unsigned int periodic_events_available:1; -}; - -/* bring in event libs private declarations */ - -#if defined(LWS_WITH_POLL) -#include "event-libs/poll/private.h" -#endif - -#if defined(LWS_WITH_LIBUV) -#include "event-libs/libuv/private.h" -#endif - -#if defined(LWS_WITH_LIBEVENT) -#include "event-libs/libevent/private.h" -#endif - -#if defined(LWS_WITH_LIBEV) -#include "event-libs/libev/private.h" -#endif - diff --git a/thirdparty/libwebsockets/lib/lws_config_private.h b/thirdparty/libwebsockets/lib/lws_config_private.h deleted file mode 100644 index e531777624..0000000000 --- a/thirdparty/libwebsockets/lib/lws_config_private.h +++ /dev/null @@ -1,145 +0,0 @@ -/* lws_config_private.h.in. Private compilation options. */ -#ifndef DEBUG_ENABLED -#define NDEBUG -#endif - -#ifndef NDEBUG - #ifndef _DEBUG - #define _DEBUG - #endif -#endif - -/* Define to 1 to use CyaSSL as a replacement for OpenSSL. - * LWS_OPENSSL_SUPPORT needs to be set also for this to work. */ -/* #undef USE_CYASSL */ - -/* Define to 1 if you have the `bzero' function. */ -#define LWS_HAVE_BZERO -/* Windows has no bzero function */ -#ifdef WINDOWS_ENABLED -#undef LWS_HAVE_BZERO -#endif - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_DLFCN_H - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_FCNTL_H -#ifdef NO_FCNTL -#undef LWS_HAVE_FCNTL_H -#endif - -/* Define to 1 if you have the `fork' function. */ -#define LWS_HAVE_FORK - -/* Define to 1 if you have the `getenv’ function. */ -#define LWS_HAVE_GETENV - -/* Define to 1 if you have the header file. */ -/* #undef LWS_HAVE_IN6ADDR_H */ - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_INTTYPES_H - -/* Define to 1 if you have the `ssl' library (-lssl). */ -/* #undef LWS_HAVE_LIBSSL */ - -/* Define to 1 if your system has a GNU libc compatible `malloc' function, and - to 0 otherwise. */ -#define LWS_HAVE_MALLOC - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_MEMORY_H - -/* Define to 1 if you have the `memset' function. */ -#define LWS_HAVE_MEMSET - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_NETINET_IN_H - -/* Define to 1 if your system has a GNU libc compatible `realloc' function, - and to 0 otherwise. */ -#define LWS_HAVE_REALLOC - -/* Define to 1 if you have the `socket' function. */ -#define LWS_HAVE_SOCKET - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_STDINT_H - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_STDLIB_H - -/* Define to 1 if you have the `strerror' function. */ -#define LWS_HAVE_STRERROR - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_STRINGS_H - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_STRING_H - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_SYS_PRCTL_H -#if defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__HAIKU__) -#undef LWS_HAVE_SYS_PRCTL_H -#endif - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_SYS_SOCKET_H - -/* Define to 1 if you have the header file. */ -/* #undef LWS_HAVE_SYS_SOCKIO_H */ - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_SYS_STAT_H - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_SYS_TYPES_H - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_UNISTD_H - -#define LWS_HAVE_TCP_USER_TIMEOUT - -/* Define to 1 if you have the `vfork' function. */ -#define LWS_HAVE_VFORK - -/* Define to 1 if you have the header file. */ -/* #undef LWS_HAVE_VFORK_H */ - -/* Define to 1 if `fork' works. */ -#define LWS_HAVE_WORKING_FORK - -/* Define to 1 if `vfork' works. */ -#define LWS_HAVE_WORKING_VFORK - -/* Define to 1 if execvpe() exists */ -#define LWS_HAVE_EXECVPE - -/* Define to 1 if you have the header file. */ -#define LWS_HAVE_ZLIB_H - -#define LWS_HAVE_GETLOADAVG - -/* Define to the sub-directory in which libtool stores uninstalled libraries. - */ -#undef LT_OBJDIR // We're not using libtool - -/* Define to rpl_malloc if the replacement function should be used. */ -/* #undef malloc */ - -/* Define to rpl_realloc if the replacement function should be used. */ -/* #undef realloc */ - -/* Define to 1 if we have getifaddrs */ -#define LWS_HAVE_GETIFADDRS -#if defined(ANDROID_ENABLED) -#undef LWS_HAVE_GETIFADDRS -#define LWS_BUILTIN_GETIFADDRS -#endif - -/* Define if the inline keyword doesn't exist. */ -/* #undef inline */ - - diff --git a/thirdparty/libwebsockets/lib/misc/base64-decode.c b/thirdparty/libwebsockets/lib/misc/base64-decode.c deleted file mode 100644 index de2efc8fd1..0000000000 --- a/thirdparty/libwebsockets/lib/misc/base64-decode.c +++ /dev/null @@ -1,241 +0,0 @@ -/* - * This code originally came from here - * - * http://base64.sourceforge.net/b64.c - * - * with the following license: - * - * LICENCE: Copyright (c) 2001 Bob Trower, Trantor Standard Systems Inc. - * - * Permission is hereby granted, free of charge, to any person - * obtaining a copy of this software and associated - * documentation files (the "Software"), to deal in the - * Software without restriction, including without limitation - * the rights to use, copy, modify, merge, publish, distribute, - * sublicense, and/or sell copies of the Software, and to - * permit persons to whom the Software is furnished to do so, - * subject to the following conditions: - * - * The above copyright notice and this permission notice shall - * be included in all copies or substantial portions of the - * Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY - * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE - * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR - * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS - * OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR - * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR - * OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE - * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - * - * VERSION HISTORY: - * Bob Trower 08/04/01 -- Create Version 0.00.00B - * - * I cleaned it up quite a bit to match the (linux kernel) style of the rest - * of libwebsockets; this version is under LGPL2.1 + SLE like the rest of lws - * since he explicitly allows sublicensing, but I give the URL above so you can - * get the original with Bob's super-liberal terms directly if you prefer. - */ - -#include -#include -#include "core/private.h" - -static const char encode_orig[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - "abcdefghijklmnopqrstuvwxyz0123456789+/"; -static const char encode_url[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - "abcdefghijklmnopqrstuvwxyz0123456789-_"; -static const char decode[] = "|$$$}rstuvwxyz{$$$$$$$>?@ABCDEFGHIJKLMNOPQRSTUVW" - "$$$$$$XYZ[\\]^_`abcdefghijklmnopq"; - -static int -_lws_b64_encode_string(const char *encode, const char *in, int in_len, - char *out, int out_size) -{ - unsigned char triple[3]; - int i; - int line = 0; - int done = 0; - - while (in_len) { - int len = 0; - for (i = 0; i < 3; i++) { - if (in_len) { - triple[i] = *in++; - len++; - in_len--; - } else - triple[i] = 0; - } - - if (done + 4 >= out_size) - return -1; - - *out++ = encode[triple[0] >> 2]; - *out++ = encode[((triple[0] & 0x03) << 4) | - ((triple[1] & 0xf0) >> 4)]; - *out++ = (len > 1 ? encode[((triple[1] & 0x0f) << 2) | - ((triple[2] & 0xc0) >> 6)] : '='); - *out++ = (len > 2 ? encode[triple[2] & 0x3f] : '='); - - done += 4; - line += 4; - } - - if (done + 1 >= out_size) - return -1; - - *out++ = '\0'; - - return done; -} - -LWS_VISIBLE int -lws_b64_encode_string(const char *in, int in_len, char *out, int out_size) -{ - return _lws_b64_encode_string(encode_orig, in, in_len, out, out_size); -} - -LWS_VISIBLE int -lws_b64_encode_string_url(const char *in, int in_len, char *out, int out_size) -{ - return _lws_b64_encode_string(encode_url, in, in_len, out, out_size); -} - -/* - * returns length of decoded string in out, or -1 if out was too small - * according to out_size - * - * Only reads up to in_len chars, otherwise if in_len is -1 on entry reads until - * the first NUL in the input. - */ - -static int -_lws_b64_decode_string(const char *in, int in_len, char *out, int out_size) -{ - int len, i, c = 0, done = 0; - unsigned char v, quad[4]; - - while (in_len && *in) { - - len = 0; - for (i = 0; i < 4 && in_len && *in; i++) { - - v = 0; - c = 0; - while (in_len && *in && !v) { - c = v = *in++; - in_len--; - /* support the url base64 variant too */ - if (v == '-') - c = v = '+'; - if (v == '_') - c = v = '/'; - v = (v < 43 || v > 122) ? 0 : decode[v - 43]; - if (v) - v = (v == '$') ? 0 : v - 61; - } - if (c) { - len++; - if (v) - quad[i] = v - 1; - } else - quad[i] = 0; - } - - if (out_size < (done + len - 1)) - /* out buffer is too small */ - return -1; - - /* - * "The '==' sequence indicates that the last group contained - * only one byte, and '=' indicates that it contained two - * bytes." (wikipedia) - */ - - if ((!in_len || !*in) && c == '=') - len--; - - if (len >= 2) - *out++ = quad[0] << 2 | quad[1] >> 4; - if (len >= 3) - *out++ = quad[1] << 4 | quad[2] >> 2; - if (len >= 4) - *out++ = ((quad[2] << 6) & 0xc0) | quad[3]; - - done += len - 1; - } - - if (done + 1 >= out_size) - return -1; - - *out = '\0'; - - return done; -} - -LWS_VISIBLE int -lws_b64_decode_string(const char *in, char *out, int out_size) -{ - return _lws_b64_decode_string(in, -1, out, out_size); -} - -LWS_VISIBLE int -lws_b64_decode_string_len(const char *in, int in_len, char *out, int out_size) -{ - return _lws_b64_decode_string(in, in_len, out, out_size); -} - -#if 0 -int -lws_b64_selftest(void) -{ - char buf[64]; - unsigned int n, r = 0; - unsigned int test; - /* examples from https://en.wikipedia.org/wiki/Base64 */ - static const char * const plaintext[] = { - "any carnal pleasure.", - "any carnal pleasure", - "any carnal pleasur", - "any carnal pleasu", - "any carnal pleas", - "Admin:kloikloi" - }; - static const char * const coded[] = { - "YW55IGNhcm5hbCBwbGVhc3VyZS4=", - "YW55IGNhcm5hbCBwbGVhc3VyZQ==", - "YW55IGNhcm5hbCBwbGVhc3Vy", - "YW55IGNhcm5hbCBwbGVhc3U=", - "YW55IGNhcm5hbCBwbGVhcw==", - "QWRtaW46a2xvaWtsb2k=" - }; - - for (test = 0; test < sizeof plaintext / sizeof(plaintext[0]); test++) { - - buf[sizeof(buf) - 1] = '\0'; - n = lws_b64_encode_string(plaintext[test], - strlen(plaintext[test]), buf, sizeof buf); - if (n != strlen(coded[test]) || strcmp(buf, coded[test])) { - lwsl_err("Failed lws_b64 encode selftest " - "%d result '%s' %d\n", test, buf, n); - r = -1; - } - - buf[sizeof(buf) - 1] = '\0'; - n = lws_b64_decode_string(coded[test], buf, sizeof buf); - if (n != strlen(plaintext[test]) || - strcmp(buf, plaintext[test])) { - lwsl_err("Failed lws_b64 decode selftest " - "%d result '%s' / '%s', %d / %d\n", - test, buf, plaintext[test], n, strlen(plaintext[test])); - r = -1; - } - } - - lwsl_notice("Base 64 selftests passed\n"); - - return r; -} -#endif diff --git a/thirdparty/libwebsockets/lib/misc/getifaddrs.c b/thirdparty/libwebsockets/lib/misc/getifaddrs.c deleted file mode 100644 index 735b899f48..0000000000 --- a/thirdparty/libwebsockets/lib/misc/getifaddrs.c +++ /dev/null @@ -1,270 +0,0 @@ -/* - * Copyright (c) 2000 - 2001 Kungliga Tekniska H�gskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * originally downloaded from - * - * http://ftp.uninett.no/pub/OpenBSD/src/kerberosV/src/lib/roken/getifaddrs.c - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include "core/private.h" - -#ifdef LWS_HAVE_SYS_SOCKIO_H -#include -#endif - -#ifdef LWS_HAVE_NETINET_IN6_VAR_H -#include -#endif - -#ifndef max -#define max(a, b) ((a) > (b) ? (a) : (b)) -#endif - -#include "getifaddrs.h" - -static int -getifaddrs2(struct ifaddrs **ifap, int af, int siocgifconf, int siocgifflags, - size_t ifreq_sz) -{ - int ret; - int fd; - size_t buf_size; - char *buf; - struct ifconf ifconf; - char *p; - size_t sz; - struct sockaddr sa_zero; - struct ifreq *ifr; - struct ifaddrs *start, **end = &start; - - buf = NULL; - - memset(&sa_zero, 0, sizeof(sa_zero)); - fd = socket(af, SOCK_DGRAM, 0); - if (fd < 0) - return -1; - - buf_size = 8192; - for (;;) { - buf = lws_zalloc(buf_size, "getifaddrs2"); - if (buf == NULL) { - ret = ENOMEM; - goto error_out; - } - ifconf.ifc_len = buf_size; - ifconf.ifc_buf = buf; - - /* - * Solaris returns EINVAL when the buffer is too small. - */ - if (ioctl(fd, siocgifconf, &ifconf) < 0 && errno != EINVAL) { - ret = errno; - goto error_out; - } - /* - * Can the difference between a full and a overfull buf - * be determined? - */ - - if (ifconf.ifc_len < (int)buf_size) - break; - lws_free(buf); - buf_size *= 2; - } - - for (p = ifconf.ifc_buf; p < ifconf.ifc_buf + ifconf.ifc_len; p += sz) { - struct ifreq ifreq; - struct sockaddr *sa; - size_t salen; - - ifr = (struct ifreq *)p; - sa = &ifr->ifr_addr; - - sz = ifreq_sz; - salen = sizeof(struct sockaddr); -#ifdef LWS_HAVE_STRUCT_SOCKADDR_SA_LEN - salen = sa->sa_len; - sz = max(sz, sizeof(ifr->ifr_name) + sa->sa_len); -#endif -#ifdef SA_LEN - salen = SA_LEN(sa); - sz = max(sz, sizeof(ifr->ifr_name) + SA_LEN(sa)); -#endif - memset(&ifreq, 0, sizeof(ifreq)); - memcpy(ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name)); - - if (ioctl(fd, siocgifflags, &ifreq) < 0) { - ret = errno; - goto error_out; - } - - *end = lws_malloc(sizeof(**end), "getifaddrs"); - - (*end)->ifa_next = NULL; - (*end)->ifa_name = strdup(ifr->ifr_name); - (*end)->ifa_flags = ifreq.ifr_flags; - (*end)->ifa_addr = lws_malloc(salen, "getifaddrs"); - memcpy((*end)->ifa_addr, sa, salen); - (*end)->ifa_netmask = NULL; - -#if 0 - /* fix these when we actually need them */ - if (ifreq.ifr_flags & IFF_BROADCAST) { - (*end)->ifa_broadaddr = - lws_malloc(sizeof(ifr->ifr_broadaddr), "getifaddrs"); - memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr, - sizeof(ifr->ifr_broadaddr)); - } else if (ifreq.ifr_flags & IFF_POINTOPOINT) { - (*end)->ifa_dstaddr = - lws_malloc(sizeof(ifr->ifr_dstaddr), "getifaddrs"); - memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr, - sizeof(ifr->ifr_dstaddr)); - } else - (*end)->ifa_dstaddr = NULL; -#else - (*end)->ifa_dstaddr = NULL; -#endif - (*end)->ifa_data = NULL; - - end = &(*end)->ifa_next; - - } - *ifap = start; - close(fd); - lws_free(buf); - return 0; - -error_out: - close(fd); - lws_free(buf); - errno = ret; - - return -1; -} - -int -getifaddrs(struct ifaddrs **ifap) -{ - int ret = -1; - errno = ENXIO; -#if defined(AF_INET6) && defined(SIOCGIF6CONF) && defined(SIOCGIF6FLAGS) - if (ret) - ret = getifaddrs2(ifap, AF_INET6, SIOCGIF6CONF, SIOCGIF6FLAGS, - sizeof(struct in6_ifreq)); -#endif -#if defined(LWS_HAVE_IPV6) && defined(SIOCGIFCONF) - if (ret) - ret = getifaddrs2(ifap, AF_INET6, SIOCGIFCONF, SIOCGIFFLAGS, - sizeof(struct ifreq)); -#endif -#if defined(AF_INET) && defined(SIOCGIFCONF) && defined(SIOCGIFFLAGS) - if (ret) - ret = getifaddrs2(ifap, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, - sizeof(struct ifreq)); -#endif - return ret; -} - -void -freeifaddrs(struct ifaddrs *ifp) -{ - struct ifaddrs *p, *q; - - for (p = ifp; p; ) { - lws_free(p->ifa_name); - lws_free(p->ifa_addr); - lws_free(p->ifa_dstaddr); - lws_free(p->ifa_netmask); - lws_free(p->ifa_data); - q = p; - p = p->ifa_next; - lws_free(q); - } -} - -#ifdef TEST - -void -print_addr(const char *s, struct sockaddr *sa) -{ - int i; - printf(" %s=%d/", s, sa->sa_family); -#ifdef LWS_HAVE_STRUCT_SOCKADDR_SA_LEN - for (i = 0; - i < sa->sa_len - ((lws_intptr_t)sa->sa_data - (lws_intptr_t)&sa->sa_family); i++) - printf("%02x", ((unsigned char *)sa->sa_data)[i]); -#else - for (i = 0; i < sizeof(sa->sa_data); i++) - printf("%02x", ((unsigned char *)sa->sa_data)[i]); -#endif - printf("\n"); -} - -void -print_ifaddrs(struct ifaddrs *x) -{ - struct ifaddrs *p; - - for (p = x; p; p = p->ifa_next) { - printf("%s\n", p->ifa_name); - printf(" flags=%x\n", p->ifa_flags); - if (p->ifa_addr) - print_addr("addr", p->ifa_addr); - if (p->ifa_dstaddr) - print_addr("dstaddr", p->ifa_dstaddr); - if (p->ifa_netmask) - print_addr("netmask", p->ifa_netmask); - printf(" %p\n", p->ifa_data); - } -} - -int -main() -{ - struct ifaddrs *a = NULL, *b; - getifaddrs2(&a, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, - sizeof(struct ifreq)); - print_ifaddrs(a); - printf("---\n"); - getifaddrs(&b); - print_ifaddrs(b); - return 0; -} -#endif diff --git a/thirdparty/libwebsockets/lib/misc/getifaddrs.h b/thirdparty/libwebsockets/lib/misc/getifaddrs.h deleted file mode 100644 index d26670c082..0000000000 --- a/thirdparty/libwebsockets/lib/misc/getifaddrs.h +++ /dev/null @@ -1,80 +0,0 @@ -#ifndef LWS_HAVE_GETIFADDRS -#define LWS_HAVE_GETIFADDRS 0 -#endif - -#if LWS_HAVE_GETIFADDRS -#include -#include -#else -#ifdef __cplusplus -extern "C" { -#endif -/* - * Copyright (c) 2000 Kungliga Tekniska H�gskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $KTH: ifaddrs.hin,v 1.3 2000/12/11 00:01:13 assar Exp $ */ - -#ifndef ifaddrs_h_7467027A95AD4B5C8DDD40FE7D973791 -#define ifaddrs_h_7467027A95AD4B5C8DDD40FE7D973791 - -/* - * the interface is defined in terms of the fields below, and this is - * sometimes #define'd, so there seems to be no simple way of solving - * this and this seemed the best. */ - -#undef ifa_dstaddr - -struct ifaddrs { - struct ifaddrs *ifa_next; - char *ifa_name; - unsigned int ifa_flags; - struct sockaddr *ifa_addr; - struct sockaddr *ifa_netmask; - struct sockaddr *ifa_dstaddr; - void *ifa_data; -}; - -#ifndef ifa_broadaddr -#define ifa_broadaddr ifa_dstaddr -#endif - -int getifaddrs(struct ifaddrs **); - -void freeifaddrs(struct ifaddrs *); - -#endif /* __ifaddrs_h__ */ - -#ifdef __cplusplus -} -#endif -#endif diff --git a/thirdparty/libwebsockets/lib/misc/lejp.c b/thirdparty/libwebsockets/lib/misc/lejp.c deleted file mode 100644 index 599a6d37ba..0000000000 --- a/thirdparty/libwebsockets/lib/misc/lejp.c +++ /dev/null @@ -1,753 +0,0 @@ -/* - * Lightweight Embedded JSON Parser - * - * Copyright (C) 2013-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include -#include "core/private.h" -#include -#include - -/** - * lejp_construct - prepare a struct lejp_ctx for use - * - * \param ctx: pointer to your struct lejp_ctx - * \param callback: your user callback which will received parsed tokens - * \param user: optional user data pointer untouched by lejp - * \param paths: your array of name elements you are interested in - * \param count_paths: LWS_ARRAY_SIZE() of @paths - * - * Prepares your context struct for use with lejp - */ - -void -lejp_construct(struct lejp_ctx *ctx, - signed char (*callback)(struct lejp_ctx *ctx, char reason), void *user, - const char * const *paths, unsigned char count_paths) -{ - ctx->st[0].s = 0; - ctx->st[0].p = 0; - ctx->st[0].i = 0; - ctx->st[0].b = 0; - ctx->sp = 0; - ctx->ipos = 0; - ctx->ppos = 0; - ctx->path_match = 0; - ctx->path[0] = '\0'; - ctx->callback = callback; - ctx->user = user; - ctx->paths = paths; - ctx->count_paths = count_paths; - ctx->line = 1; - ctx->callback(ctx, LEJPCB_CONSTRUCTED); -} - -/** - * lejp_destruct - retire a previously constructed struct lejp_ctx - * - * \param ctx: pointer to your struct lejp_ctx - * - * lejp does not perform any allocations, but since your user code might, this - * provides a one-time LEJPCB_DESTRUCTED callback at destruction time where - * you can clean up in your callback. - */ - -void -lejp_destruct(struct lejp_ctx *ctx) -{ - /* no allocations... just let callback know what it happening */ - ctx->callback(ctx, LEJPCB_DESTRUCTED); -} - -/** - * lejp_change_callback - switch to a different callback from now on - * - * \param ctx: pointer to your struct lejp_ctx - * \param callback: your user callback which will received parsed tokens - * - * This tells the old callback it was destroyed, in case you want to take any - * action because that callback "lost focus", then changes to the new - * callback and tells it first that it was constructed, and then started. - * - * Changing callback is a cheap and powerful trick to split out handlers - * according to information earlier in the parse. For example you may have - * a JSON pair "schema" whose value defines what can be expected for the rest - * of the JSON. Rather than having one huge callback for all cases, you can - * have an initial one looking for "schema" which then calls - * lejp_change_callback() to a handler specific for the schema. - * - * Notice that afterwards, you need to construct the context again anyway to - * parse another JSON object, and the callback is reset then to the main, - * schema-interpreting one. The construction action is very lightweight. - */ - -void -lejp_change_callback(struct lejp_ctx *ctx, - signed char (*callback)(struct lejp_ctx *ctx, char reason)) -{ - ctx->callback(ctx, LEJPCB_DESTRUCTED); - ctx->callback = callback; - ctx->callback(ctx, LEJPCB_CONSTRUCTED); - ctx->callback(ctx, LEJPCB_START); -} - -static void -lejp_check_path_match(struct lejp_ctx *ctx) -{ - const char *p, *q; - int n; - - /* we only need to check if a match is not active */ - for (n = 0; !ctx->path_match && n < ctx->count_paths; n++) { - ctx->wildcount = 0; - p = ctx->path; - q = ctx->paths[n]; - while (*p && *q) { - if (*q != '*') { - if (*p != *q) - break; - p++; - q++; - continue; - } - ctx->wild[ctx->wildcount++] = lws_ptr_diff(p, ctx->path); - q++; - /* - * if * has something after it, match to . - * if ends with *, eat everything. - * This implies match sequences must be ordered like - * x.*.* - * x.* - * if both options are possible - */ - while (*p && (*p != '.' || !*q)) - p++; - } - if (*p || *q) - continue; - - ctx->path_match = n + 1; - ctx->path_match_len = ctx->ppos; - return; - } - - if (!ctx->path_match) - ctx->wildcount = 0; -} - -int -lejp_get_wildcard(struct lejp_ctx *ctx, int wildcard, char *dest, int len) -{ - int n; - - if (wildcard >= ctx->wildcount || !len) - return 0; - - n = ctx->wild[wildcard]; - - while (--len && n < ctx->ppos && - (n == ctx->wild[wildcard] || ctx->path[n] != '.')) - *dest++ = ctx->path[n++]; - - *dest = '\0'; - n++; - - return n - ctx->wild[wildcard]; -} - -/** - * lejp_parse - interpret some more incoming data incrementally - * - * \param ctx: previously constructed parsing context - * \param json: char buffer with the new data to interpret - * \param len: amount of data in the buffer - * - * Because lejp is a stream parser, it incrementally parses as new data - * becomes available, maintaining all state in the context struct. So an - * incomplete JSON is a normal situation, getting you a LEJP_CONTINUE - * return, signalling there's no error but to call again with more data when - * it comes to complete the parsing. Successful parsing completes with a - * 0 or positive integer indicating how much of the last input buffer was - * unused. - */ - -int -lejp_parse(struct lejp_ctx *ctx, const unsigned char *json, int len) -{ - unsigned char c, n, s, ret = LEJP_REJECT_UNKNOWN; - static const char esc_char[] = "\"\\/bfnrt"; - static const char esc_tran[] = "\"\\/\b\f\n\r\t"; - static const char tokens[] = "rue alse ull "; - - if (!ctx->sp && !ctx->ppos) - ctx->callback(ctx, LEJPCB_START); - - while (len--) { - c = *json++; - s = ctx->st[ctx->sp].s; - - /* skip whitespace unless we should care */ - if (c == ' ' || c == '\t' || c == '\n' || c == '\r' || c == '#') { - if (c == '\n') { - ctx->line++; - ctx->st[ctx->sp].s &= ~LEJP_FLAG_WS_COMMENTLINE; - } - if (!(s & LEJP_FLAG_WS_KEEP)) { - if (c == '#') - ctx->st[ctx->sp].s |= - LEJP_FLAG_WS_COMMENTLINE; - continue; - } - } - - if (ctx->st[ctx->sp].s & LEJP_FLAG_WS_COMMENTLINE) - continue; - - switch (s) { - case LEJP_IDLE: - if (c != '{') { - ret = LEJP_REJECT_IDLE_NO_BRACE; - goto reject; - } - if (ctx->callback(ctx, LEJPCB_OBJECT_START)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - ctx->st[ctx->sp].s = LEJP_MEMBERS; - break; - case LEJP_MEMBERS: - if (c == '}') { - ctx->st[ctx->sp].s = LEJP_IDLE; - ret = LEJP_REJECT_MEMBERS_NO_CLOSE; - goto reject; - } - ctx->st[ctx->sp].s = LEJP_M_P; - goto redo_character; - case LEJP_M_P: - if (c != '\"') { - ret = LEJP_REJECT_MP_NO_OPEN_QUOTE; - goto reject; - } - /* push */ - ctx->st[ctx->sp].s = LEJP_MP_DELIM; - c = LEJP_MP_STRING; - goto add_stack_level; - - case LEJP_MP_STRING: - if (c == '\"') { - if (!ctx->sp) { /* JSON can't end on quote */ - ret = LEJP_REJECT_MP_STRING_UNDERRUN; - goto reject; - } - if (ctx->st[ctx->sp - 1].s != LEJP_MP_DELIM) { - ctx->buf[ctx->npos] = '\0'; - if (ctx->callback(ctx, - LEJPCB_VAL_STR_END) < 0) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - } - /* pop */ - ctx->sp--; - break; - } - if (c == '\\') { - ctx->st[ctx->sp].s = LEJP_MP_STRING_ESC; - break; - } - if (c < ' ') {/* "control characters" not allowed */ - ret = LEJP_REJECT_MP_ILLEGAL_CTRL; - goto reject; - } - goto emit_string_char; - - case LEJP_MP_STRING_ESC: - if (c == 'u') { - ctx->st[ctx->sp].s = LEJP_MP_STRING_ESC_U1; - ctx->uni = 0; - break; - } - for (n = 0; n < sizeof(esc_char); n++) { - if (c != esc_char[n]) - continue; - /* found it */ - c = esc_tran[n]; - ctx->st[ctx->sp].s = LEJP_MP_STRING; - goto emit_string_char; - } - ret = LEJP_REJECT_MP_STRING_ESC_ILLEGAL_ESC; - /* illegal escape char */ - goto reject; - - case LEJP_MP_STRING_ESC_U1: - case LEJP_MP_STRING_ESC_U2: - case LEJP_MP_STRING_ESC_U3: - case LEJP_MP_STRING_ESC_U4: - ctx->uni <<= 4; - if (c >= '0' && c <= '9') - ctx->uni |= c - '0'; - else - if (c >= 'a' && c <= 'f') - ctx->uni = c - 'a' + 10; - else - if (c >= 'A' && c <= 'F') - ctx->uni = c - 'A' + 10; - else { - ret = LEJP_REJECT_ILLEGAL_HEX; - goto reject; - } - ctx->st[ctx->sp].s++; - switch (s) { - case LEJP_MP_STRING_ESC_U2: - if (ctx->uni < 0x08) - break; - /* - * 0x08-0xff (0x0800 - 0xffff) - * emit 3-byte UTF-8 - */ - c = 0xe0 | ((ctx->uni >> 4) & 0xf); - goto emit_string_char; - - case LEJP_MP_STRING_ESC_U3: - if (ctx->uni >= 0x080) { - /* - * 0x080 - 0xfff (0x0800 - 0xffff) - * middle 3-byte seq - * send ....XXXXXX.. - */ - c = 0x80 | ((ctx->uni >> 2) & 0x3f); - goto emit_string_char; - } - if (ctx->uni < 0x008) - break; - /* - * 0x008 - 0x7f (0x0080 - 0x07ff) - * start 2-byte seq - */ - c = 0xc0 | (ctx->uni >> 2); - goto emit_string_char; - - case LEJP_MP_STRING_ESC_U4: - if (ctx->uni >= 0x0080) - /* end of 2 or 3-byte seq */ - c = 0x80 | (ctx->uni & 0x3f); - else - /* literal */ - c = (unsigned char)ctx->uni; - - ctx->st[ctx->sp].s = LEJP_MP_STRING; - goto emit_string_char; - default: - break; - } - break; - - case LEJP_MP_DELIM: - if (c != ':') { - ret = LEJP_REJECT_MP_DELIM_MISSING_COLON; - goto reject; - } - ctx->st[ctx->sp].s = LEJP_MP_VALUE; - ctx->path[ctx->ppos] = '\0'; - - lejp_check_path_match(ctx); - if (ctx->callback(ctx, LEJPCB_PAIR_NAME)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - break; - - case LEJP_MP_VALUE: - if (c >= '0' && c <= '9') { - ctx->npos = 0; - ctx->dcount = 0; - ctx->f = 0; - ctx->st[ctx->sp].s = LEJP_MP_VALUE_NUM_INT; - goto redo_character; - } - switch (c) { - case'\"': - /* push */ - ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END; - c = LEJP_MP_STRING; - ctx->npos = 0; - ctx->buf[0] = '\0'; - if (ctx->callback(ctx, LEJPCB_VAL_STR_START)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - goto add_stack_level; - - case '{': - /* push */ - ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END; - c = LEJP_MEMBERS; - lejp_check_path_match(ctx); - if (ctx->callback(ctx, LEJPCB_OBJECT_START)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - ctx->path_match = 0; - goto add_stack_level; - - case '[': - /* push */ - ctx->st[ctx->sp].s = LEJP_MP_ARRAY_END; - c = LEJP_MP_VALUE; - ctx->path[ctx->ppos++] = '['; - ctx->path[ctx->ppos++] = ']'; - ctx->path[ctx->ppos] = '\0'; - if (ctx->callback(ctx, LEJPCB_ARRAY_START)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - ctx->i[ctx->ipos++] = 0; - if (ctx->ipos > LWS_ARRAY_SIZE(ctx->i)) { - ret = LEJP_REJECT_MP_DELIM_ISTACK; - goto reject; - } - goto add_stack_level; - - case ']': - /* pop */ - if (!ctx->sp) { /* JSON can't end on ] */ - ret = LEJP_REJECT_MP_C_OR_E_UNDERF; - goto reject; - } - ctx->sp--; - if (ctx->st[ctx->sp].s != LEJP_MP_ARRAY_END) { - ret = LEJP_REJECT_MP_C_OR_E_NOTARRAY; - goto reject; - } - /* drop the path [n] bit */ - if (ctx->sp) { - ctx->ppos = ctx->st[ctx->sp - 1].p; - ctx->ipos = ctx->st[ctx->sp - 1].i; - } - ctx->path[ctx->ppos] = '\0'; - if (ctx->path_match && - ctx->ppos <= ctx->path_match_len) - /* - * we shrank the path to be - * smaller than the matching point - */ - ctx->path_match = 0; - goto array_end; - - case 't': /* true */ - ctx->uni = 0; - ctx->st[ctx->sp].s = LEJP_MP_VALUE_TOK; - break; - - case 'f': - ctx->uni = 4; - ctx->st[ctx->sp].s = LEJP_MP_VALUE_TOK; - break; - - case 'n': - ctx->uni = 4 + 5; - ctx->st[ctx->sp].s = LEJP_MP_VALUE_TOK; - break; - default: - ret = LEJP_REJECT_MP_DELIM_BAD_VALUE_START; - goto reject; - } - break; - - case LEJP_MP_VALUE_NUM_INT: - if (!ctx->npos && c == '-') { - ctx->f |= LEJP_SEEN_MINUS; - goto append_npos; - } - - if (ctx->dcount < 10 && c >= '0' && c <= '9') { - if (ctx->f & LEJP_SEEN_POINT) - ctx->f |= LEJP_SEEN_POST_POINT; - ctx->dcount++; - goto append_npos; - } - if (c == '.') { - if (!ctx->dcount || (ctx->f & LEJP_SEEN_POINT)) { - ret = LEJP_REJECT_MP_VAL_NUM_FORMAT; - goto reject; - } - ctx->f |= LEJP_SEEN_POINT; - goto append_npos; - } - /* - * before exponent, if we had . we must have had at - * least one more digit - */ - if ((ctx->f & - (LEJP_SEEN_POINT | LEJP_SEEN_POST_POINT)) == - LEJP_SEEN_POINT) { - ret = LEJP_REJECT_MP_VAL_NUM_INT_NO_FRAC; - goto reject; - } - if (c == 'e' || c == 'E') { - if (ctx->f & LEJP_SEEN_EXP) { - ret = LEJP_REJECT_MP_VAL_NUM_FORMAT; - goto reject; - } - ctx->f |= LEJP_SEEN_EXP; - ctx->st[ctx->sp].s = LEJP_MP_VALUE_NUM_EXP; - goto append_npos; - } - /* if none of the above, did we even have a number? */ - if (!ctx->dcount) { - ret = LEJP_REJECT_MP_VAL_NUM_FORMAT; - goto reject; - } - - ctx->buf[ctx->npos] = '\0'; - if (ctx->f & LEJP_SEEN_POINT) { - if (ctx->callback(ctx, LEJPCB_VAL_NUM_FLOAT)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - } else { - if (ctx->callback(ctx, LEJPCB_VAL_NUM_INT)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - } - - /* then this is the post-number character, loop */ - ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END; - goto redo_character; - - case LEJP_MP_VALUE_NUM_EXP: - ctx->st[ctx->sp].s = LEJP_MP_VALUE_NUM_INT; - if (c >= '0' && c <= '9') - goto redo_character; - if (c == '+' || c == '-') - goto append_npos; - ret = LEJP_REJECT_MP_VAL_NUM_EXP_BAD_EXP; - goto reject; - - case LEJP_MP_VALUE_TOK: /* true, false, null */ - if (c != tokens[ctx->uni]) { - ret = LEJP_REJECT_MP_VAL_TOK_UNKNOWN; - goto reject; - } - ctx->uni++; - if (tokens[ctx->uni] != ' ') - break; - switch (ctx->uni) { - case 3: - ctx->buf[0] = '1'; - ctx->buf[1] = '\0'; - if (ctx->callback(ctx, LEJPCB_VAL_TRUE)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - break; - case 8: - ctx->buf[0] = '0'; - ctx->buf[1] = '\0'; - if (ctx->callback(ctx, LEJPCB_VAL_FALSE)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - break; - case 12: - ctx->buf[0] = '\0'; - if (ctx->callback(ctx, LEJPCB_VAL_NULL)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - break; - } - ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END; - break; - - case LEJP_MP_COMMA_OR_END: - ctx->path[ctx->ppos] = '\0'; - if (c == ',') { - /* increment this stack level's index */ - ctx->st[ctx->sp].s = LEJP_M_P; - if (!ctx->sp) { - ctx->ppos = 0; - /* - * since we came back to root level, - * no path can still match - */ - ctx->path_match = 0; - break; - } - ctx->ppos = ctx->st[ctx->sp - 1].p; - ctx->path[ctx->ppos] = '\0'; - if (ctx->path_match && - ctx->ppos <= ctx->path_match_len) - /* - * we shrank the path to be - * smaller than the matching point - */ - ctx->path_match = 0; - - if (ctx->st[ctx->sp - 1].s != LEJP_MP_ARRAY_END) - break; - /* top level is definitely an array... */ - if (ctx->ipos) - ctx->i[ctx->ipos - 1]++; - ctx->st[ctx->sp].s = LEJP_MP_VALUE; - break; - } - if (c == ']') { - if (!ctx->sp) { /* JSON can't end on ] */ - ret = LEJP_REJECT_MP_C_OR_E_UNDERF; - goto reject; - } - /* pop */ - ctx->sp--; - if (ctx->st[ctx->sp].s != LEJP_MP_ARRAY_END) { - ret = LEJP_REJECT_MP_C_OR_E_NOTARRAY; - goto reject; - } - /* drop the path [n] bit */ - if (ctx->sp) { - ctx->ppos = ctx->st[ctx->sp - 1].p; - ctx->ipos = ctx->st[ctx->sp - 1].i; - } - ctx->path[ctx->ppos] = '\0'; - if (ctx->path_match && - ctx->ppos <= ctx->path_match_len) - /* - * we shrank the path to be - * smaller than the matching point - */ - ctx->path_match = 0; - - /* do LEJP_MP_ARRAY_END processing */ - goto redo_character; - } - if (c == '}') { - if (!ctx->sp) { - lejp_check_path_match(ctx); - if (ctx->callback(ctx, LEJPCB_OBJECT_END)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - ctx->callback(ctx, LEJPCB_COMPLETE); - /* done, return unused amount */ - return len; - } - /* pop */ - ctx->sp--; - if (ctx->sp) { - ctx->ppos = ctx->st[ctx->sp - 1].p; - ctx->ipos = ctx->st[ctx->sp - 1].i; - } - ctx->path[ctx->ppos] = '\0'; - if (ctx->path_match && - ctx->ppos <= ctx->path_match_len) - /* - * we shrank the path to be - * smaller than the matching point - */ - ctx->path_match = 0; - lejp_check_path_match(ctx); - if (ctx->callback(ctx, LEJPCB_OBJECT_END)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - break; - } - - ret = LEJP_REJECT_MP_C_OR_E_NEITHER; - goto reject; - - case LEJP_MP_ARRAY_END: -array_end: - ctx->path[ctx->ppos] = '\0'; - if (c == ',') { - /* increment this stack level's index */ - if (ctx->ipos) - ctx->i[ctx->ipos - 1]++; - ctx->st[ctx->sp].s = LEJP_MP_VALUE; - if (ctx->sp) - ctx->ppos = ctx->st[ctx->sp - 1].p; - ctx->path[ctx->ppos] = '\0'; - break; - } - if (c != ']') { - ret = LEJP_REJECT_MP_ARRAY_END_MISSING; - goto reject; - } - - ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END; - ctx->callback(ctx, LEJPCB_ARRAY_END); - break; - } - - continue; - -emit_string_char: - if (!ctx->sp || ctx->st[ctx->sp - 1].s != LEJP_MP_DELIM) { - /* assemble the string value into chunks */ - ctx->buf[ctx->npos++] = c; - if (ctx->npos == sizeof(ctx->buf) - 1) { - if (ctx->callback(ctx, LEJPCB_VAL_STR_CHUNK)) { - ret = LEJP_REJECT_CALLBACK; - goto reject; - } - ctx->npos = 0; - } - continue; - } - /* name part of name:value pair */ - ctx->path[ctx->ppos++] = c; - continue; - -add_stack_level: - /* push on to the object stack */ - if (ctx->ppos && ctx->st[ctx->sp].s != LEJP_MP_COMMA_OR_END && - ctx->st[ctx->sp].s != LEJP_MP_ARRAY_END) - ctx->path[ctx->ppos++] = '.'; - - ctx->st[ctx->sp].p = ctx->ppos; - ctx->st[ctx->sp].i = ctx->ipos; - if (++ctx->sp == LWS_ARRAY_SIZE(ctx->st)) { - ret = LEJP_REJECT_STACK_OVERFLOW; - goto reject; - } - ctx->path[ctx->ppos] = '\0'; - ctx->st[ctx->sp].s = c; - ctx->st[ctx->sp].b = 0; - continue; - -append_npos: - if (ctx->npos >= sizeof(ctx->buf)) { - ret = LEJP_REJECT_NUM_TOO_LONG; - goto reject; - } - ctx->buf[ctx->npos++] = c; - continue; - -redo_character: - json--; - len++; - } - - return LEJP_CONTINUE; - -reject: - ctx->callback(ctx, LEJPCB_FAILED); - return ret; -} diff --git a/thirdparty/libwebsockets/lib/misc/sha-1.c b/thirdparty/libwebsockets/lib/misc/sha-1.c deleted file mode 100644 index 898f3f45b1..0000000000 --- a/thirdparty/libwebsockets/lib/misc/sha-1.c +++ /dev/null @@ -1,296 +0,0 @@ -/* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* - * FIPS pub 180-1: Secure Hash Algorithm (SHA-1) - * based on: http://csrc.nist.gov/fips/fip180-1.txt - * implemented by Jun-ichiro itojun Itoh - */ - -#include "core/private.h" - -#ifdef LWS_HAVE_SYS_TYPES_H -#include -#endif - -struct sha1_ctxt { - union { - unsigned char b8[20]; - unsigned int b32[5]; - } h; - union { - unsigned char b8[8]; - uint64_t b64[1]; - } c; - union { - unsigned char b8[64]; - unsigned int b32[16]; - } m; - unsigned char count; -}; - -/* sanity check */ -#if !defined(BYTE_ORDER) || !defined(LITTLE_ENDIAN) || !defined(BIG_ENDIAN) -# define unsupported 1 -#elif BYTE_ORDER != BIG_ENDIAN -# if BYTE_ORDER != LITTLE_ENDIAN -# define unsupported 1 -# endif -#endif - -#ifndef unsupported - -/* constant table */ -static const unsigned int _K[] = - { 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6 }; -#define K(t) _K[(t) / 20] - -#define F0(b, c, d) (((b) & (c)) | ((~(b)) & (d))) -#define F1(b, c, d) (((b) ^ (c)) ^ (d)) -#define F2(b, c, d) (((b) & (c)) | ((b) & (d)) | ((c) & (d))) -#define F3(b, c, d) (((b) ^ (c)) ^ (d)) - -#define S(n, x) (((x) << (n)) | ((x) >> (32 - n))) - -#define H(n) (ctxt->h.b32[(n)]) -#define COUNT (ctxt->count) -#define BCOUNT (ctxt->c.b64[0] / 8) -#define W(n) (ctxt->m.b32[(n)]) - -#define PUTBYTE(x) { \ - ctxt->m.b8[(COUNT % 64)] = (x); \ - COUNT++; \ - COUNT %= 64; \ - ctxt->c.b64[0] += 8; \ - if (COUNT % 64 == 0) \ - sha1_step(ctxt); \ - } - -#define PUTPAD(x) { \ - ctxt->m.b8[(COUNT % 64)] = (x); \ - COUNT++; \ - COUNT %= 64; \ - if (COUNT % 64 == 0) \ - sha1_step(ctxt); \ - } - - -static void -sha1_step(struct sha1_ctxt *ctxt) -{ - unsigned int a, b, c, d, e, tmp; - size_t t, s; - -#if BYTE_ORDER == LITTLE_ENDIAN - struct sha1_ctxt tctxt; - - memcpy(&tctxt.m.b8[0], &ctxt->m.b8[0], 64); - ctxt->m.b8[0] = tctxt.m.b8[3]; ctxt->m.b8[1] = tctxt.m.b8[2]; - ctxt->m.b8[2] = tctxt.m.b8[1]; ctxt->m.b8[3] = tctxt.m.b8[0]; - ctxt->m.b8[4] = tctxt.m.b8[7]; ctxt->m.b8[5] = tctxt.m.b8[6]; - ctxt->m.b8[6] = tctxt.m.b8[5]; ctxt->m.b8[7] = tctxt.m.b8[4]; - ctxt->m.b8[8] = tctxt.m.b8[11]; ctxt->m.b8[9] = tctxt.m.b8[10]; - ctxt->m.b8[10] = tctxt.m.b8[9]; ctxt->m.b8[11] = tctxt.m.b8[8]; - ctxt->m.b8[12] = tctxt.m.b8[15]; ctxt->m.b8[13] = tctxt.m.b8[14]; - ctxt->m.b8[14] = tctxt.m.b8[13]; ctxt->m.b8[15] = tctxt.m.b8[12]; - ctxt->m.b8[16] = tctxt.m.b8[19]; ctxt->m.b8[17] = tctxt.m.b8[18]; - ctxt->m.b8[18] = tctxt.m.b8[17]; ctxt->m.b8[19] = tctxt.m.b8[16]; - ctxt->m.b8[20] = tctxt.m.b8[23]; ctxt->m.b8[21] = tctxt.m.b8[22]; - ctxt->m.b8[22] = tctxt.m.b8[21]; ctxt->m.b8[23] = tctxt.m.b8[20]; - ctxt->m.b8[24] = tctxt.m.b8[27]; ctxt->m.b8[25] = tctxt.m.b8[26]; - ctxt->m.b8[26] = tctxt.m.b8[25]; ctxt->m.b8[27] = tctxt.m.b8[24]; - ctxt->m.b8[28] = tctxt.m.b8[31]; ctxt->m.b8[29] = tctxt.m.b8[30]; - ctxt->m.b8[30] = tctxt.m.b8[29]; ctxt->m.b8[31] = tctxt.m.b8[28]; - ctxt->m.b8[32] = tctxt.m.b8[35]; ctxt->m.b8[33] = tctxt.m.b8[34]; - ctxt->m.b8[34] = tctxt.m.b8[33]; ctxt->m.b8[35] = tctxt.m.b8[32]; - ctxt->m.b8[36] = tctxt.m.b8[39]; ctxt->m.b8[37] = tctxt.m.b8[38]; - ctxt->m.b8[38] = tctxt.m.b8[37]; ctxt->m.b8[39] = tctxt.m.b8[36]; - ctxt->m.b8[40] = tctxt.m.b8[43]; ctxt->m.b8[41] = tctxt.m.b8[42]; - ctxt->m.b8[42] = tctxt.m.b8[41]; ctxt->m.b8[43] = tctxt.m.b8[40]; - ctxt->m.b8[44] = tctxt.m.b8[47]; ctxt->m.b8[45] = tctxt.m.b8[46]; - ctxt->m.b8[46] = tctxt.m.b8[45]; ctxt->m.b8[47] = tctxt.m.b8[44]; - ctxt->m.b8[48] = tctxt.m.b8[51]; ctxt->m.b8[49] = tctxt.m.b8[50]; - ctxt->m.b8[50] = tctxt.m.b8[49]; ctxt->m.b8[51] = tctxt.m.b8[48]; - ctxt->m.b8[52] = tctxt.m.b8[55]; ctxt->m.b8[53] = tctxt.m.b8[54]; - ctxt->m.b8[54] = tctxt.m.b8[53]; ctxt->m.b8[55] = tctxt.m.b8[52]; - ctxt->m.b8[56] = tctxt.m.b8[59]; ctxt->m.b8[57] = tctxt.m.b8[58]; - ctxt->m.b8[58] = tctxt.m.b8[57]; ctxt->m.b8[59] = tctxt.m.b8[56]; - ctxt->m.b8[60] = tctxt.m.b8[63]; ctxt->m.b8[61] = tctxt.m.b8[62]; - ctxt->m.b8[62] = tctxt.m.b8[61]; ctxt->m.b8[63] = tctxt.m.b8[60]; -#endif - - a = H(0); b = H(1); c = H(2); d = H(3); e = H(4); - - for (t = 0; t < 20; t++) { - s = t & 0x0f; - if (t >= 16) - W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ - W((s+2) & 0x0f) ^ W(s)); - - tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t); - e = d; d = c; c = S(30, b); b = a; a = tmp; - } - for (t = 20; t < 40; t++) { - s = t & 0x0f; - W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ - W((s+2) & 0x0f) ^ W(s)); - tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t); - e = d; d = c; c = S(30, b); b = a; a = tmp; - } - for (t = 40; t < 60; t++) { - s = t & 0x0f; - W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ - W((s+2) & 0x0f) ^ W(s)); - tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t); - e = d; d = c; c = S(30, b); b = a; a = tmp; - } - for (t = 60; t < 80; t++) { - s = t & 0x0f; - W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ - W((s+2) & 0x0f) ^ W(s)); - tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t); - e = d; d = c; c = S(30, b); b = a; a = tmp; - } - - H(0) = H(0) + a; - H(1) = H(1) + b; - H(2) = H(2) + c; - H(3) = H(3) + d; - H(4) = H(4) + e; - - bzero(&ctxt->m.b8[0], 64); -} - -/*------------------------------------------------------------*/ - -static void -_sha1_init(struct sha1_ctxt *ctxt) -{ - bzero(ctxt, sizeof(struct sha1_ctxt)); - H(0) = 0x67452301; - H(1) = 0xefcdab89; - H(2) = 0x98badcfe; - H(3) = 0x10325476; - H(4) = 0xc3d2e1f0; -} - -void -sha1_pad(struct sha1_ctxt *ctxt) -{ - size_t padlen; /*pad length in bytes*/ - size_t padstart; - - PUTPAD(0x80); - - padstart = COUNT % 64; - padlen = 64 - padstart; - if (padlen < 8) { - bzero(&ctxt->m.b8[padstart], padlen); - COUNT += (unsigned char)padlen; - COUNT %= 64; - sha1_step(ctxt); - padstart = COUNT % 64; /* should be 0 */ - padlen = 64 - padstart; /* should be 64 */ - } - bzero(&ctxt->m.b8[padstart], padlen - 8); - COUNT += ((unsigned char)padlen - 8); - COUNT %= 64; -#if BYTE_ORDER == BIG_ENDIAN - PUTPAD(ctxt->c.b8[0]); PUTPAD(ctxt->c.b8[1]); - PUTPAD(ctxt->c.b8[2]); PUTPAD(ctxt->c.b8[3]); - PUTPAD(ctxt->c.b8[4]); PUTPAD(ctxt->c.b8[5]); - PUTPAD(ctxt->c.b8[6]); PUTPAD(ctxt->c.b8[7]); -#else - PUTPAD(ctxt->c.b8[7]); PUTPAD(ctxt->c.b8[6]); - PUTPAD(ctxt->c.b8[5]); PUTPAD(ctxt->c.b8[4]); - PUTPAD(ctxt->c.b8[3]); PUTPAD(ctxt->c.b8[2]); - PUTPAD(ctxt->c.b8[1]); PUTPAD(ctxt->c.b8[0]); -#endif -} - -void -sha1_loop(struct sha1_ctxt *ctxt, const unsigned char *input, size_t len) -{ - size_t off; - - off = 0; - - while (off < len) { - size_t gapstart = COUNT % 64, gaplen = 64 - gapstart, - copysiz = (gaplen < len - off) ? gaplen : len - off; - - memcpy(&ctxt->m.b8[gapstart], &input[off], copysiz); - COUNT += (unsigned char)copysiz; - COUNT %= 64; - ctxt->c.b64[0] += copysiz * 8; - if (COUNT % 64 == 0) - sha1_step(ctxt); - off += copysiz; - } -} - -void -sha1_result(struct sha1_ctxt *ctxt, void *digest0) -{ - unsigned char *digest; - - digest = (unsigned char *)digest0; - sha1_pad(ctxt); -#if BYTE_ORDER == BIG_ENDIAN - memcpy(digest, &ctxt->h.b8[0], 20); -#else - digest[0] = ctxt->h.b8[3]; digest[1] = ctxt->h.b8[2]; - digest[2] = ctxt->h.b8[1]; digest[3] = ctxt->h.b8[0]; - digest[4] = ctxt->h.b8[7]; digest[5] = ctxt->h.b8[6]; - digest[6] = ctxt->h.b8[5]; digest[7] = ctxt->h.b8[4]; - digest[8] = ctxt->h.b8[11]; digest[9] = ctxt->h.b8[10]; - digest[10] = ctxt->h.b8[9]; digest[11] = ctxt->h.b8[8]; - digest[12] = ctxt->h.b8[15]; digest[13] = ctxt->h.b8[14]; - digest[14] = ctxt->h.b8[13]; digest[15] = ctxt->h.b8[12]; - digest[16] = ctxt->h.b8[19]; digest[17] = ctxt->h.b8[18]; - digest[18] = ctxt->h.b8[17]; digest[19] = ctxt->h.b8[16]; -#endif -} - -/* - * This should look and work like the libcrypto implementation - */ - -LWS_VISIBLE unsigned char * -lws_SHA1(const unsigned char *d, size_t n, unsigned char *md) -{ - struct sha1_ctxt ctx; - - _sha1_init(&ctx); - sha1_loop(&ctx, d, n); - sha1_result(&ctx, (void *)md); - - return md; -} - -#endif /*unsupported*/ diff --git a/thirdparty/libwebsockets/lib/plat/unix/private.h b/thirdparty/libwebsockets/lib/plat/unix/private.h deleted file mode 100644 index 8583ee7bc8..0000000000 --- a/thirdparty/libwebsockets/lib/plat/unix/private.h +++ /dev/null @@ -1,169 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * Included from lib/core/private.h if no explicit platform - */ - -#include -#include -#include - -#include -#include -#include -#include -#include - -#ifndef __cplusplus -#include -#endif -#include -#include - -#include -#include -#include -#include -#include -#include - -#if defined(__APPLE__) -#include -#endif -#if defined(__FreeBSD__) -#include -#endif -#if defined(__linux__) -#include -#endif -#if defined(__QNX__) - #include - #if defined(__LITTLEENDIAN__) - #define BYTE_ORDER __LITTLEENDIAN__ - #define LITTLE_ENDIAN __LITTLEENDIAN__ - #define BIG_ENDIAN 4321 /* to show byte order (taken from gcc); for suppres warning that BIG_ENDIAN is not defined. */ - #endif - #if defined(__BIGENDIAN__) - #define BYTE_ORDER __BIGENDIAN__ - #define LITTLE_ENDIAN 1234 /* to show byte order (taken from gcc); for suppres warning that LITTLE_ENDIAN is not defined. */ - #define BIG_ENDIAN __BIGENDIAN__ - #endif -#endif - -#if defined(__sun) && defined(__GNUC__) - -#include - -#if !defined (BYTE_ORDER) -#define BYTE_ORDER __BYTE_ORDER__ -#endif - -#if !defined(LITTLE_ENDIAN) -#define LITTLE_ENDIAN __ORDER_LITTLE_ENDIAN__ -#endif - -#if !defined(BIG_ENDIAN) -#define BIG_ENDIAN __ORDER_BIG_ENDIAN__ -#endif - -#endif /* sun + GNUC */ - -#if !defined(BYTE_ORDER) -#define BYTE_ORDER __BYTE_ORDER -#endif -#if !defined(LITTLE_ENDIAN) -#define LITTLE_ENDIAN __LITTLE_ENDIAN -#endif -#if !defined(BIG_ENDIAN) -#define BIG_ENDIAN __BIG_ENDIAN -#endif - -#if defined(LWS_BUILTIN_GETIFADDRS) -#include "./misc/getifaddrs.h" -#else - -#if defined(__HAIKU__) -#define _BSD_SOURCE -#endif -#include - -#endif - -#if defined (__sun) || defined(__HAIKU__) || defined(__QNX__) -#include -#else -#include -#endif - -#ifdef __QNX__ -# include "netinet/tcp_var.h" -# define TCP_KEEPINTVL TCPCTL_KEEPINTVL -# define TCP_KEEPIDLE TCPCTL_KEEPIDLE -# define TCP_KEEPCNT TCPCTL_KEEPCNT -#endif - -#define LWS_ERRNO errno -#define LWS_EAGAIN EAGAIN -#define LWS_EALREADY EALREADY -#define LWS_EINPROGRESS EINPROGRESS -#define LWS_EINTR EINTR -#define LWS_EISCONN EISCONN -#define LWS_ENOTCONN ENOTCONN -#define LWS_EWOULDBLOCK EWOULDBLOCK -#define LWS_EADDRINUSE EADDRINUSE -#define lws_set_blocking_send(wsi) -#define LWS_SOCK_INVALID (-1) - -#define wsi_from_fd(A,B) A->lws_lookup[B - lws_plat_socket_offset()] -#define insert_wsi(A,B) assert(A->lws_lookup[B->desc.sockfd - \ - lws_plat_socket_offset()] == 0); \ - A->lws_lookup[B->desc.sockfd - \ - lws_plat_socket_offset()] = B -#define delete_from_fd(A,B) A->lws_lookup[B - lws_plat_socket_offset()] = 0 - -#ifndef LWS_NO_FORK -#ifdef LWS_HAVE_SYS_PRCTL_H -#include -#endif -#endif - -#if defined (__ANDROID__) - #include - #include -#endif - -#define compatible_close(x) close(x) -#define lws_plat_socket_offset() (0) - -/* - * Mac OSX as well as iOS do not define the MSG_NOSIGNAL flag, - * but happily have something equivalent in the SO_NOSIGPIPE flag. - */ -#ifdef __APPLE__ -#define MSG_NOSIGNAL SO_NOSIGPIPE -#endif - -/* - * Solaris 11.X only supports POSIX 2001, MSG_NOSIGNAL appears in - * POSIX 2008. - */ -#ifdef __sun - #define MSG_NOSIGNAL 0 -#endif diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-caps.c b/thirdparty/libwebsockets/lib/plat/unix/unix-caps.c deleted file mode 100644 index 64aea61816..0000000000 --- a/thirdparty/libwebsockets/lib/plat/unix/unix-caps.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#define _GNU_SOURCE -#include "core/private.h" - -#include -#include - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) -static void -_lws_plat_apply_caps(int mode, const cap_value_t *cv, int count) -{ - cap_t caps; - - if (!count) - return; - - caps = cap_get_proc(); - - cap_set_flag(caps, mode, count, cv, CAP_SET); - cap_set_proc(caps); - prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); - cap_free(caps); -} -#endif - -void -lws_plat_drop_app_privileges(const struct lws_context_creation_info *info) -{ - if (info->gid && info->gid != -1) - if (setgid(info->gid)) - lwsl_warn("setgid: %s\n", strerror(LWS_ERRNO)); - - if (info->uid && info->uid != -1) { - struct passwd *p = getpwuid(info->uid); - - if (p) { - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - _lws_plat_apply_caps(CAP_PERMITTED, info->caps, - info->count_caps); -#endif - - initgroups(p->pw_name, info->gid); - if (setuid(info->uid)) - lwsl_warn("setuid: %s\n", strerror(LWS_ERRNO)); - else - lwsl_notice("Set privs to user '%s'\n", - p->pw_name); - -#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) - _lws_plat_apply_caps(CAP_EFFECTIVE, info->caps, - info->count_caps); - - if (info->count_caps) { - int n; - for (n = 0; n < info->count_caps; n++) - lwsl_notice(" RETAINING CAP %d\n", - (int)info->caps[n]); - } -#endif - - } else - lwsl_warn("getpwuid: unable to find uid %d", info->uid); - } -} diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-fds.c b/thirdparty/libwebsockets/lib/plat/unix/unix-fds.c deleted file mode 100644 index 8a00bcff3f..0000000000 --- a/thirdparty/libwebsockets/lib/plat/unix/unix-fds.c +++ /dev/null @@ -1,54 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#define _GNU_SOURCE -#include "core/private.h" - -void -lws_plat_insert_socket_into_fds(struct lws_context *context, struct lws *wsi) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - - if (context->event_loop_ops->io) - context->event_loop_ops->io(wsi, LWS_EV_START | LWS_EV_READ); - - pt->fds[pt->fds_count++].revents = 0; -} - -void -lws_plat_delete_socket_from_fds(struct lws_context *context, - struct lws *wsi, int m) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - - if (context->event_loop_ops->io) - context->event_loop_ops->io(wsi, - LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE); - - pt->fds_count--; -} - -int -lws_plat_change_pollfd(struct lws_context *context, - struct lws *wsi, struct lws_pollfd *pfd) -{ - return 0; -} diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-file.c b/thirdparty/libwebsockets/lib/plat/unix/unix-file.c deleted file mode 100644 index bcdc213a89..0000000000 --- a/thirdparty/libwebsockets/lib/plat/unix/unix-file.c +++ /dev/null @@ -1,172 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#define _GNU_SOURCE -#include "core/private.h" - -#include -#include - -#ifdef LWS_WITH_PLUGINS -#include -#endif -#include - -int lws_plat_apply_FD_CLOEXEC(int n) -{ - if (n == -1) - return 0; - - return fcntl(n, F_SETFD, FD_CLOEXEC); -} - -int -lws_plat_write_file(const char *filename, void *buf, int len) -{ - int m, fd; - - fd = lws_open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); - - if (fd == -1) - return 1; - - m = write(fd, buf, len); - close(fd); - - return m != len; -} - -int -lws_plat_read_file(const char *filename, void *buf, int len) -{ - int n, fd = lws_open(filename, O_RDONLY); - if (fd == -1) - return -1; - - n = read(fd, buf, len); - close(fd); - - return n; -} - -lws_fop_fd_t -_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, - const char *vpath, lws_fop_flags_t *flags) -{ - struct stat stat_buf; - int ret = lws_open(filename, (*flags) & LWS_FOP_FLAGS_MASK, 0664); - lws_fop_fd_t fop_fd; - - if (ret < 0) - return NULL; - - if (fstat(ret, &stat_buf) < 0) - goto bail; - - fop_fd = malloc(sizeof(*fop_fd)); - if (!fop_fd) - goto bail; - - fop_fd->fops = fops; - fop_fd->flags = *flags; - fop_fd->fd = ret; - fop_fd->filesystem_priv = NULL; /* we don't use it */ - fop_fd->len = stat_buf.st_size; - fop_fd->pos = 0; - - return fop_fd; - -bail: - close(ret); - return NULL; -} - -int -_lws_plat_file_close(lws_fop_fd_t *fop_fd) -{ - int fd = (*fop_fd)->fd; - - free(*fop_fd); - *fop_fd = NULL; - - return close(fd); -} - -lws_fileofs_t -_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) -{ - lws_fileofs_t r; - - if (offset > 0 && - offset > (lws_fileofs_t)fop_fd->len - (lws_fileofs_t)fop_fd->pos) - offset = fop_fd->len - fop_fd->pos; - - if ((lws_fileofs_t)fop_fd->pos + offset < 0) - offset = -fop_fd->pos; - - r = lseek(fop_fd->fd, offset, SEEK_CUR); - - if (r >= 0) - fop_fd->pos = r; - else - lwsl_err("error seeking from cur %ld, offset %ld\n", - (long)fop_fd->pos, (long)offset); - - return r; -} - -int -_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len) -{ - long n; - - n = read((int)fop_fd->fd, buf, len); - if (n == -1) { - *amount = 0; - return -1; - } - fop_fd->pos += n; - lwsl_debug("%s: read %ld of req %ld, pos %ld, len %ld\n", __func__, n, - (long)len, (long)fop_fd->pos, (long)fop_fd->len); - *amount = n; - - return 0; -} - -int -_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len) -{ - long n; - - n = write((int)fop_fd->fd, buf, len); - if (n == -1) { - *amount = 0; - return -1; - } - - fop_fd->pos += n; - *amount = n; - - return 0; -} - diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-init.c b/thirdparty/libwebsockets/lib/plat/unix/unix-init.c deleted file mode 100644 index fa9a30e8d2..0000000000 --- a/thirdparty/libwebsockets/lib/plat/unix/unix-init.c +++ /dev/null @@ -1,97 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#define _GNU_SOURCE -#include "core/private.h" - -#include -#include - -#ifdef LWS_WITH_PLUGINS -#include -#endif -#include - -int -lws_plat_init(struct lws_context *context, - const struct lws_context_creation_info *info) -{ - int fd; - - /* master context has the global fd lookup array */ - context->lws_lookup = lws_zalloc(sizeof(struct lws *) * - context->max_fds, "lws_lookup"); - if (context->lws_lookup == NULL) { - lwsl_err("OOM on lws_lookup array for %d connections\n", - context->max_fds); - return 1; - } - - lwsl_info(" mem: platform fd map: %5lu bytes\n", - (unsigned long)(sizeof(struct lws *) * context->max_fds)); - fd = lws_open(SYSTEM_RANDOM_FILEPATH, O_RDONLY); - - context->fd_random = fd; - if (context->fd_random < 0) { - lwsl_err("Unable to open random device %s %d\n", - SYSTEM_RANDOM_FILEPATH, context->fd_random); - return 1; - } - -#ifdef LWS_WITH_PLUGINS - if (info->plugin_dirs && (context->options & LWS_SERVER_OPTION_LIBUV)) - lws_plat_plugins_init(context, info->plugin_dirs); -#endif - - return 0; -} - -int -lws_plat_context_early_init(void) -{ -#if !defined(LWS_AVOID_SIGPIPE_IGN) - signal(SIGPIPE, SIG_IGN); -#endif - - return 0; -} - -void -lws_plat_context_early_destroy(struct lws_context *context) -{ -} - -void -lws_plat_context_late_destroy(struct lws_context *context) -{ -#ifdef LWS_WITH_PLUGINS - if (context->plugin_list) - lws_plat_plugins_destroy(context); -#endif - - if (context->lws_lookup) - lws_free(context->lws_lookup); - - if (!context->fd_random) - lwsl_err("ZERO RANDOM FD\n"); - if (context->fd_random != LWS_INVALID_FILE) - close(context->fd_random); -} diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-misc.c b/thirdparty/libwebsockets/lib/plat/unix/unix-misc.c deleted file mode 100644 index d4b0f76658..0000000000 --- a/thirdparty/libwebsockets/lib/plat/unix/unix-misc.c +++ /dev/null @@ -1,83 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#define _GNU_SOURCE -#include "core/private.h" - - -uint64_t -lws_time_in_microseconds(void) -{ - struct timeval tv; - - gettimeofday(&tv, NULL); - return ((unsigned long long)tv.tv_sec * 1000000LL) + tv.tv_usec; -} - -LWS_VISIBLE int -lws_get_random(struct lws_context *context, void *buf, int len) -{ - return read(context->fd_random, (char *)buf, len); -} - -LWS_VISIBLE void lwsl_emit_syslog(int level, const char *line) -{ - int syslog_level = LOG_DEBUG; - - switch (level) { - case LLL_ERR: - syslog_level = LOG_ERR; - break; - case LLL_WARN: - syslog_level = LOG_WARNING; - break; - case LLL_NOTICE: - syslog_level = LOG_NOTICE; - break; - case LLL_INFO: - syslog_level = LOG_INFO; - break; - } - syslog(syslog_level, "%s", line); -} - - -int -lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, - int len) -{ - int n; - - n = write(fd, buf, len); - - fsync(fd); - if (lseek(fd, 0, SEEK_SET) < 0) - return 1; - - return n != len; -} - - -int -lws_plat_recommended_rsa_bits(void) -{ - return 4096; -} diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-pipe.c b/thirdparty/libwebsockets/lib/plat/unix/unix-pipe.c deleted file mode 100644 index 64ce253be6..0000000000 --- a/thirdparty/libwebsockets/lib/plat/unix/unix-pipe.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#define _GNU_SOURCE -#include "core/private.h" - - -int -lws_plat_pipe_create(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - -#if defined(LWS_HAVE_PIPE2) - return pipe2(pt->dummy_pipe_fds, O_NONBLOCK); -#else - return pipe(pt->dummy_pipe_fds); -#endif -} - -int -lws_plat_pipe_signal(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - char buf = 0; - int n; - - n = write(pt->dummy_pipe_fds[1], &buf, 1); - - return n != 1; -} - -void -lws_plat_pipe_close(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - if (pt->dummy_pipe_fds[0] && pt->dummy_pipe_fds[0] != -1) - close(pt->dummy_pipe_fds[0]); - if (pt->dummy_pipe_fds[1] && pt->dummy_pipe_fds[1] != -1) - close(pt->dummy_pipe_fds[1]); - - pt->dummy_pipe_fds[0] = pt->dummy_pipe_fds[1] = -1; -} - diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-service.c b/thirdparty/libwebsockets/lib/plat/unix/unix-service.c deleted file mode 100644 index e61ef59959..0000000000 --- a/thirdparty/libwebsockets/lib/plat/unix/unix-service.c +++ /dev/null @@ -1,204 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#define _GNU_SOURCE -#include "core/private.h" - -int -lws_poll_listen_fd(struct lws_pollfd *fd) -{ - return poll(fd, 1, 0); -} - -LWS_EXTERN int -_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi) -{ - volatile struct lws_foreign_thread_pollfd *ftp, *next; - volatile struct lws_context_per_thread *vpt; - struct lws_context_per_thread *pt; - int n = -1, m, c; - - /* stay dead once we are dead */ - - if (!context || !context->vhost_list) - return 1; - - pt = &context->pt[tsi]; - vpt = (volatile struct lws_context_per_thread *)pt; - - lws_stats_atomic_bump(context, pt, LWSSTATS_C_SERVICE_ENTRY, 1); - - if (timeout_ms < 0) - goto faked_service; - - if (context->event_loop_ops->run_pt) - context->event_loop_ops->run_pt(context, tsi); - - if (!pt->service_tid_detected) { - struct lws _lws; - - memset(&_lws, 0, sizeof(_lws)); - _lws.context = context; - - pt->service_tid = - context->vhost_list->protocols[0].callback( - &_lws, LWS_CALLBACK_GET_THREAD_ID, NULL, NULL, 0); - pt->service_tid_detected = 1; - } - - /* - * is there anybody with pending stuff that needs service forcing? - */ - if (!lws_service_adjust_timeout(context, 1, tsi)) { - /* -1 timeout means just do forced service */ - _lws_plat_service_tsi(context, -1, pt->tid); - /* still somebody left who wants forced service? */ - if (!lws_service_adjust_timeout(context, 1, pt->tid)) - /* yes... come back again quickly */ - timeout_ms = 0; - } - - if (timeout_ms) { - lws_pt_lock(pt, __func__); - /* don't stay in poll wait longer than next hr timeout */ - lws_usec_t t = __lws_hrtimer_service(pt); - if ((lws_usec_t)timeout_ms * 1000 > t) - timeout_ms = t / 1000; - lws_pt_unlock(pt); - } - - vpt->inside_poll = 1; - lws_memory_barrier(); - n = poll(pt->fds, pt->fds_count, timeout_ms); - vpt->inside_poll = 0; - lws_memory_barrier(); - - /* Collision will be rare and brief. Just spin until it completes */ - while (vpt->foreign_spinlock) - ; - - /* - * At this point we are not inside a foreign thread pollfd change, - * and we have marked ourselves as outside the poll() wait. So we - * are the only guys that can modify the lws_foreign_thread_pollfd - * list on the pt. Drain the list and apply the changes to the - * affected pollfds in the correct order. - */ - - lws_pt_lock(pt, __func__); - - ftp = vpt->foreign_pfd_list; - //lwsl_notice("cleared list %p\n", ftp); - while (ftp) { - struct lws *wsi; - struct lws_pollfd *pfd; - - next = ftp->next; - pfd = &vpt->fds[ftp->fd_index]; - if (lws_socket_is_valid(pfd->fd)) { - wsi = wsi_from_fd(context, pfd->fd); - if (wsi) - __lws_change_pollfd(wsi, ftp->_and, ftp->_or); - } - lws_free((void *)ftp); - ftp = next; - } - vpt->foreign_pfd_list = NULL; - lws_memory_barrier(); - - /* we have come out of a poll wait... check the hrtimer list */ - - __lws_hrtimer_service(pt); - - lws_pt_unlock(pt); - - m = 0; -#if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) - m |= !!pt->ws.rx_draining_ext_list; -#endif - - if (pt->context->tls_ops && - pt->context->tls_ops->fake_POLLIN_for_buffered) - m |= pt->context->tls_ops->fake_POLLIN_for_buffered(pt); - - if (!m && !n) { /* nothing to do */ - lws_service_fd_tsi(context, NULL, tsi); - lws_service_do_ripe_rxflow(pt); - - return 0; - } - -faked_service: - m = lws_service_flag_pending(context, tsi); - if (m) - c = -1; /* unknown limit */ - else - if (n < 0) { - if (LWS_ERRNO != LWS_EINTR) - return -1; - return 0; - } else - c = n; - - /* any socket with events to service? */ - for (n = 0; n < (int)pt->fds_count && c; n++) { - if (!pt->fds[n].revents) - continue; - - c--; - - m = lws_service_fd_tsi(context, &pt->fds[n], tsi); - if (m < 0) { - lwsl_err("%s: lws_service_fd_tsi returned %d\n", - __func__, m); - return -1; - } - /* if something closed, retry this slot */ - if (m) - n--; - } - - lws_service_do_ripe_rxflow(pt); - - return 0; -} - -int -lws_plat_check_connection_error(struct lws *wsi) -{ - return 0; -} - -int -lws_plat_service(struct lws_context *context, int timeout_ms) -{ - return _lws_plat_service_tsi(context, timeout_ms, 0); -} - - -void -lws_plat_service_periodic(struct lws_context *context) -{ - /* if our parent went down, don't linger around */ - if (context->started_with_parent && - kill(context->started_with_parent, 0) < 0) - kill(getpid(), SIGTERM); -} diff --git a/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c b/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c deleted file mode 100644 index 192dddee63..0000000000 --- a/thirdparty/libwebsockets/lib/plat/unix/unix-sockets.c +++ /dev/null @@ -1,263 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#define _GNU_SOURCE -#include "core/private.h" - -#include -#include - - - -int -lws_send_pipe_choked(struct lws *wsi) -{ - struct lws_pollfd fds; - struct lws *wsi_eff; - -#if defined(LWS_WITH_HTTP2) - wsi_eff = lws_get_network_wsi(wsi); -#else - wsi_eff = wsi; -#endif - - /* the fact we checked implies we avoided back-to-back writes */ - wsi_eff->could_have_pending = 0; - - /* treat the fact we got a truncated send pending as if we're choked */ - if (lws_has_buffered_out(wsi_eff) -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - ||wsi->http.comp_ctx.buflist_comp || - wsi->http.comp_ctx.may_have_more -#endif - ) - return 1; - - fds.fd = wsi_eff->desc.sockfd; - fds.events = POLLOUT; - fds.revents = 0; - - if (poll(&fds, 1, 0) != 1) - return 1; - - if ((fds.revents & POLLOUT) == 0) - return 1; - - /* okay to send another packet without blocking */ - - return 0; -} - - -int -lws_plat_set_socket_options(struct lws_vhost *vhost, int fd, int unix_skt) -{ - int optval = 1; - socklen_t optlen = sizeof(optval); - -#ifdef LWS_WITH_IPV6 - optval = 0; - setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, (const void*)&optval, optlen); -#endif - -#if defined(__APPLE__) || \ - defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \ - defined(__NetBSD__) || \ - defined(__OpenBSD__) || \ - defined(__HAIKU__) - struct protoent *tcp_proto; -#endif - - (void)fcntl(fd, F_SETFD, FD_CLOEXEC); - - if (!unix_skt && vhost->ka_time) { - /* enable keepalive on this socket */ - optval = 1; - if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, - (const void *)&optval, optlen) < 0) - return 1; - -#if defined(__APPLE__) || \ - defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \ - defined(__NetBSD__) || \ - defined(__CYGWIN__) || defined(__OpenBSD__) || defined (__sun) || \ - defined(__HAIKU__) - - /* - * didn't find a way to set these per-socket, need to - * tune kernel systemwide values - */ -#else - /* set the keepalive conditions we want on it too */ - -#if defined(LWS_HAVE_TCP_USER_TIMEOUT) - optval = 1000 * (vhost->ka_time + - (vhost->ka_interval * vhost->ka_probes)); - if (setsockopt(fd, IPPROTO_TCP, TCP_USER_TIMEOUT, - (const void *)&optval, optlen) < 0) - return 1; -#endif - optval = vhost->ka_time; - if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPIDLE, - (const void *)&optval, optlen) < 0) - return 1; - - optval = vhost->ka_interval; - if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPINTVL, - (const void *)&optval, optlen) < 0) - return 1; - - optval = vhost->ka_probes; - if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPCNT, - (const void *)&optval, optlen) < 0) - return 1; -#endif - } - -#if defined(SO_BINDTODEVICE) - if (!unix_skt && vhost->bind_iface && vhost->iface) { - lwsl_info("binding listen skt to %s using SO_BINDTODEVICE\n", vhost->iface); - if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, vhost->iface, - strlen(vhost->iface)) < 0) { - lwsl_warn("Failed to bind to device %s\n", vhost->iface); - return 1; - } - } -#endif - - /* Disable Nagle */ - optval = 1; -#if defined (__sun) || defined(__QNX__) - if (!unix_skt && setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (const void *)&optval, optlen) < 0) - return 1; -#elif !defined(__APPLE__) && \ - !defined(__FreeBSD__) && !defined(__FreeBSD_kernel__) && \ - !defined(__NetBSD__) && \ - !defined(__OpenBSD__) && \ - !defined(__HAIKU__) - if (!unix_skt && setsockopt(fd, SOL_TCP, TCP_NODELAY, (const void *)&optval, optlen) < 0) - return 1; -#else - tcp_proto = getprotobyname("TCP"); - if (!unix_skt && setsockopt(fd, tcp_proto->p_proto, TCP_NODELAY, &optval, optlen) < 0) - return 1; -#endif - - /* We are nonblocking... */ - if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) - return 1; - - return 0; -} - - -/* cast a struct sockaddr_in6 * into addr for ipv6 */ - -int -lws_interface_to_sa(int ipv6, const char *ifname, struct sockaddr_in *addr, - size_t addrlen) -{ - int rc = LWS_ITOSA_NOT_EXIST; - - struct ifaddrs *ifr; - struct ifaddrs *ifc; -#ifdef LWS_WITH_IPV6 - struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr; -#endif - - getifaddrs(&ifr); - for (ifc = ifr; ifc != NULL && rc; ifc = ifc->ifa_next) { - if (!ifc->ifa_addr) - continue; - - lwsl_debug(" interface %s vs %s (fam %d) ipv6 %d\n", - ifc->ifa_name, ifname, - ifc->ifa_addr->sa_family, ipv6); - - if (strcmp(ifc->ifa_name, ifname)) - continue; - - switch (ifc->ifa_addr->sa_family) { -#if defined(AF_PACKET) - case AF_PACKET: - /* interface exists but is not usable */ - rc = LWS_ITOSA_NOT_USABLE; - continue; -#endif - - case AF_INET: -#ifdef LWS_WITH_IPV6 - if (ipv6) { - /* map IPv4 to IPv6 */ - bzero((char *)&addr6->sin6_addr, - sizeof(struct in6_addr)); - addr6->sin6_addr.s6_addr[10] = 0xff; - addr6->sin6_addr.s6_addr[11] = 0xff; - memcpy(&addr6->sin6_addr.s6_addr[12], - &((struct sockaddr_in *)ifc->ifa_addr)->sin_addr, - sizeof(struct in_addr)); - } else -#endif - memcpy(addr, - (struct sockaddr_in *)ifc->ifa_addr, - sizeof(struct sockaddr_in)); - break; -#ifdef LWS_WITH_IPV6 - case AF_INET6: - memcpy(&addr6->sin6_addr, - &((struct sockaddr_in6 *)ifc->ifa_addr)->sin6_addr, - sizeof(struct in6_addr)); - break; -#endif - default: - continue; - } - rc = LWS_ITOSA_USABLE; - } - - freeifaddrs(ifr); - - if (rc) { - /* check if bind to IP address */ -#ifdef LWS_WITH_IPV6 - if (inet_pton(AF_INET6, ifname, &addr6->sin6_addr) == 1) - rc = LWS_ITOSA_USABLE; - else -#endif - if (inet_pton(AF_INET, ifname, &addr->sin_addr) == 1) - rc = LWS_ITOSA_USABLE; - } - - return rc; -} - - -const char * -lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt) -{ - return inet_ntop(af, src, dst, cnt); -} - -int -lws_plat_inet_pton(int af, const char *src, void *dst) -{ - return inet_pton(af, src, dst); -} diff --git a/thirdparty/libwebsockets/lib/plat/windows/private.h b/thirdparty/libwebsockets/lib/plat/windows/private.h deleted file mode 100644 index 980028ce42..0000000000 --- a/thirdparty/libwebsockets/lib/plat/windows/private.h +++ /dev/null @@ -1,148 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * Included from lib/core/private.h if defined(WIN32) || defined(_WIN32) - */ - - #ifndef WIN32_LEAN_AND_MEAN - #define WIN32_LEAN_AND_MEAN - #endif - - #if (WINVER < 0x0501) - #undef WINVER - #undef _WIN32_WINNT - #define WINVER 0x0501 - #define _WIN32_WINNT WINVER - #endif - - #define LWS_NO_DAEMONIZE - #define LWS_ERRNO WSAGetLastError() - #define LWS_EAGAIN WSAEWOULDBLOCK - #define LWS_EALREADY WSAEALREADY - #define LWS_EINPROGRESS WSAEINPROGRESS - #define LWS_EINTR WSAEINTR - #define LWS_EISCONN WSAEISCONN - #define LWS_ENOTCONN WSAENOTCONN - #define LWS_EWOULDBLOCK WSAEWOULDBLOCK - #define LWS_EADDRINUSE WSAEADDRINUSE - #define MSG_NOSIGNAL 0 - #define SHUT_RDWR SD_BOTH - #define SOL_TCP IPPROTO_TCP - #define SHUT_WR SD_SEND - - #define compatible_close(fd) closesocket(fd) - #define lws_set_blocking_send(wsi) wsi->sock_send_blocking = 1 - #define LWS_SOCK_INVALID (INVALID_SOCKET) - - #include - #include - #include - #include - #ifdef LWS_HAVE_IN6ADDR_H - #include - #endif - #include - #include - - #if !defined(LWS_HAVE_ATOLL) - #if defined(LWS_HAVE__ATOI64) - #define atoll _atoi64 - #else - #warning No atoll or _atoi64 available, using atoi - #define atoll atoi - #endif - #endif - - #ifndef __func__ - #define __func__ __FUNCTION__ - #endif - - #ifdef LWS_HAVE__VSNPRINTF - #define vsnprintf _vsnprintf - #endif - -/* we don't have an implementation for this on windows... */ -int kill(int pid, int sig); -int fork(void); -#ifndef SIGINT -#define SIGINT 2 -#endif - -#include - -#ifndef BIG_ENDIAN - #define BIG_ENDIAN 4321 /* to show byte order (taken from gcc) */ -#endif -#ifndef LITTLE_ENDIAN - #define LITTLE_ENDIAN 1234 -#endif -#ifndef BYTE_ORDER - #define BYTE_ORDER LITTLE_ENDIAN -#endif - -#undef __P -#ifndef __P - #if __STDC__ - #define __P(protos) protos - #else - #define __P(protos) () - #endif -#endif - -#ifdef _WIN32 - #ifndef FD_HASHTABLE_MODULUS - #define FD_HASHTABLE_MODULUS 32 - #endif -#endif - -#define lws_plat_socket_offset() (0) - -struct lws; -struct lws_context; - -#define LWS_FD_HASH(fd) ((fd ^ (fd >> 8) ^ (fd >> 16)) % FD_HASHTABLE_MODULUS) -struct lws_fd_hashtable { - struct lws **wsi; - int length; -}; - - -#ifdef LWS_DLL -#ifdef LWS_INTERNAL -#define LWS_EXTERN extern __declspec(dllexport) -#else -#define LWS_EXTERN extern __declspec(dllimport) -#endif -#else -#define LWS_EXTERN -#endif - -typedef SOCKET lws_sockfd_type; -typedef HANDLE lws_filefd_type; -#define LWS_WIN32_HANDLE_TYPES - -LWS_EXTERN struct lws * -wsi_from_fd(const struct lws_context *context, lws_sockfd_type fd); - -LWS_EXTERN int -insert_wsi(struct lws_context *context, struct lws *wsi); - -LWS_EXTERN int -delete_from_fd(struct lws_context *context, lws_sockfd_type fd); diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-fds.c b/thirdparty/libwebsockets/lib/plat/windows/windows-fds.c deleted file mode 100644 index 0d324e8f3a..0000000000 --- a/thirdparty/libwebsockets/lib/plat/windows/windows-fds.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS -#define _WINSOCK_DEPRECATED_NO_WARNINGS -#endif -#include "core/private.h" - -struct lws * -wsi_from_fd(const struct lws_context *context, lws_sockfd_type fd) -{ - int h = LWS_FD_HASH(fd); - int n = 0; - - for (n = 0; n < context->fd_hashtable[h].length; n++) - if (context->fd_hashtable[h].wsi[n]->desc.sockfd == fd) - return context->fd_hashtable[h].wsi[n]; - - return NULL; -} - -int -insert_wsi(struct lws_context *context, struct lws *wsi) -{ - int h = LWS_FD_HASH(wsi->desc.sockfd); - - if (context->fd_hashtable[h].length == (getdtablesize() - 1)) { - lwsl_err("hash table overflow\n"); - return 1; - } - - context->fd_hashtable[h].wsi[context->fd_hashtable[h].length++] = wsi; - - return 0; -} - -int -delete_from_fd(struct lws_context *context, lws_sockfd_type fd) -{ - int h = LWS_FD_HASH(fd); - int n = 0; - - for (n = 0; n < context->fd_hashtable[h].length; n++) - if (context->fd_hashtable[h].wsi[n]->desc.sockfd == fd) { - while (n < context->fd_hashtable[h].length) { - context->fd_hashtable[h].wsi[n] = - context->fd_hashtable[h].wsi[n + 1]; - n++; - } - context->fd_hashtable[h].length--; - - return 0; - } - - lwsl_err("Failed to find fd %d requested for " - "delete in hashtable\n", fd); - return 1; -} diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-file.c b/thirdparty/libwebsockets/lib/plat/windows/windows-file.c deleted file mode 100644 index eb73aab7f6..0000000000 --- a/thirdparty/libwebsockets/lib/plat/windows/windows-file.c +++ /dev/null @@ -1,185 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS -#define _WINSOCK_DEPRECATED_NO_WARNINGS -#endif -#include "core/private.h" - -int lws_plat_apply_FD_CLOEXEC(int n) -{ - return 0; -} - -lws_fop_fd_t -_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, - const char *vpath, lws_fop_flags_t *flags) -{ - HANDLE ret; - WCHAR buf[MAX_PATH]; - lws_fop_fd_t fop_fd; - FILE_STANDARD_INFO fInfo = {0}; - - MultiByteToWideChar(CP_UTF8, 0, filename, -1, buf, LWS_ARRAY_SIZE(buf)); - -#if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0602 // Windows 8 (minimum when UWP_ENABLED, but can be used in Windows builds) - CREATEFILE2_EXTENDED_PARAMETERS extParams = {0}; - extParams.dwFileAttributes = FILE_ATTRIBUTE_NORMAL; - - if (((*flags) & 7) == _O_RDONLY) { - ret = CreateFile2(buf, GENERIC_READ, FILE_SHARE_READ, OPEN_EXISTING, &extParams); - } else { - ret = CreateFile2(buf, GENERIC_WRITE, 0, CREATE_ALWAYS, &extParams); - } -#else - if (((*flags) & 7) == _O_RDONLY) { - ret = CreateFileW(buf, GENERIC_READ, FILE_SHARE_READ, - NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); - } else { - ret = CreateFileW(buf, GENERIC_WRITE, 0, NULL, - CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); - } -#endif - - if (ret == LWS_INVALID_FILE) - goto bail; - - fop_fd = malloc(sizeof(*fop_fd)); - if (!fop_fd) - goto bail; - - fop_fd->fops = fops; - fop_fd->fd = ret; - fop_fd->filesystem_priv = NULL; /* we don't use it */ - fop_fd->flags = *flags; - fop_fd->len = 0; - if(GetFileInformationByHandleEx(ret, FileStandardInfo, &fInfo, sizeof(fInfo))) - fop_fd->len = fInfo.EndOfFile.QuadPart; - - fop_fd->pos = 0; - - return fop_fd; - -bail: - return NULL; -} - -int -_lws_plat_file_close(lws_fop_fd_t *fop_fd) -{ - HANDLE fd = (*fop_fd)->fd; - - free(*fop_fd); - *fop_fd = NULL; - - CloseHandle((HANDLE)fd); - - return 0; -} - -lws_fileofs_t -_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) -{ - LARGE_INTEGER l; - - l.QuadPart = offset; - return SetFilePointerEx((HANDLE)fop_fd->fd, l, NULL, FILE_CURRENT); -} - -int -_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t *buf, lws_filepos_t len) -{ - DWORD _amount; - - if (!ReadFile((HANDLE)fop_fd->fd, buf, (DWORD)len, &_amount, NULL)) { - *amount = 0; - - return 1; - } - - fop_fd->pos += _amount; - *amount = (unsigned long)_amount; - - return 0; -} - -int -_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, - uint8_t* buf, lws_filepos_t len) -{ - DWORD _amount; - - if (!WriteFile((HANDLE)fop_fd->fd, buf, (DWORD)len, &_amount, NULL)) { - *amount = 0; - - return 1; - } - - fop_fd->pos += _amount; - *amount = (unsigned long)_amount; - - return 0; -} - - -int -lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, - int len) -{ - int n; - - n = write(fd, buf, len); - - lseek(fd, 0, SEEK_SET); - - return n != len; -} - -int -lws_plat_write_file(const char *filename, void *buf, int len) -{ - int m, fd; - - fd = lws_open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); - - if (fd == -1) - return -1; - - m = write(fd, buf, len); - close(fd); - - return m != len; -} - -int -lws_plat_read_file(const char *filename, void *buf, int len) -{ - int n, fd = lws_open(filename, O_RDONLY); - if (fd == -1) - return -1; - - n = read(fd, buf, len); - close(fd); - - return n; -} - diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-init.c b/thirdparty/libwebsockets/lib/plat/windows/windows-init.c deleted file mode 100644 index 8c4d9373f6..0000000000 --- a/thirdparty/libwebsockets/lib/plat/windows/windows-init.c +++ /dev/null @@ -1,110 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS -#define _WINSOCK_DEPRECATED_NO_WARNINGS -#endif -#include "core/private.h" - -void -lws_plat_drop_app_privileges(const struct lws_context_creation_info *info) -{ -} - -int -lws_plat_context_early_init(void) -{ - WORD wVersionRequested; - WSADATA wsaData; - int err; - - /* Use the MAKEWORD(lowbyte, highbyte) macro from Windef.h */ - wVersionRequested = MAKEWORD(2, 2); - - err = WSAStartup(wVersionRequested, &wsaData); - if (!err) - return 0; - /* - * Tell the user that we could not find a usable - * Winsock DLL - */ - lwsl_err("WSAStartup failed with error: %d\n", err); - - return 1; -} - -int -lws_plat_init(struct lws_context *context, - const struct lws_context_creation_info *info) -{ - struct lws_context_per_thread *pt = &context->pt[0]; - int i, n = context->count_threads; - - for (i = 0; i < FD_HASHTABLE_MODULUS; i++) { - context->fd_hashtable[i].wsi = - lws_zalloc(sizeof(struct lws*) * context->max_fds, - "win hashtable"); - - if (!context->fd_hashtable[i].wsi) - return -1; - } - - while (n--) { - pt->fds_count = 0; - pt->events = WSACreateEvent(); /* the cancel event */ - - pt++; - } - - context->fd_random = 0; - -#ifdef LWS_WITH_PLUGINS - if (info->plugin_dirs) - lws_plat_plugins_init(context, info->plugin_dirs); -#endif - - return 0; -} - -void -lws_plat_context_early_destroy(struct lws_context *context) -{ - struct lws_context_per_thread *pt = &context->pt[0]; - int n = context->count_threads; - - while (n--) { - WSACloseEvent(pt->events); - pt++; - } -} - -void -lws_plat_context_late_destroy(struct lws_context *context) -{ - int n; - - for (n = 0; n < FD_HASHTABLE_MODULUS; n++) { - if (context->fd_hashtable[n].wsi) - lws_free(context->fd_hashtable[n].wsi); - } - - WSACleanup(); -} diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-misc.c b/thirdparty/libwebsockets/lib/plat/windows/windows-misc.c deleted file mode 100644 index 53cc19b6b9..0000000000 --- a/thirdparty/libwebsockets/lib/plat/windows/windows-misc.c +++ /dev/null @@ -1,108 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS -#define _WINSOCK_DEPRECATED_NO_WARNINGS -#endif -#include "core/private.h" - - -uint64_t -lws_time_in_microseconds() -{ -#ifndef DELTA_EPOCH_IN_MICROSECS -#define DELTA_EPOCH_IN_MICROSECS 11644473600000000ULL -#endif - FILETIME filetime; - ULARGE_INTEGER datetime; - -#ifdef _WIN32_WCE - GetCurrentFT(&filetime); -#else - GetSystemTimeAsFileTime(&filetime); -#endif - - /* - * As per Windows documentation for FILETIME, copy the resulting - * FILETIME structure to a ULARGE_INTEGER structure using memcpy - * (using memcpy instead of direct assignment can prevent alignment - * faults on 64-bit Windows). - */ - memcpy(&datetime, &filetime, sizeof(datetime)); - - /* Windows file times are in 100s of nanoseconds. */ - return (datetime.QuadPart / 10) - DELTA_EPOCH_IN_MICROSECS; -} - - -#ifdef _WIN32_WCE -time_t time(time_t *t) -{ - time_t ret = lws_time_in_microseconds() / 1000000; - - if(t != NULL) - *t = ret; - - return ret; -} -#endif - -LWS_VISIBLE int -lws_get_random(struct lws_context *context, void *buf, int len) -{ - int n; - char *p = (char *)buf; - - for (n = 0; n < len; n++) - p[n] = (unsigned char)rand(); - - return n; -} - - -LWS_VISIBLE void -lwsl_emit_syslog(int level, const char *line) -{ - lwsl_emit_stderr(level, line); -} - - -int kill(int pid, int sig) -{ - lwsl_err("Sorry Windows doesn't support kill()."); - exit(0); -} - -int fork(void) -{ - lwsl_err("Sorry Windows doesn't support fork()."); - exit(0); -} - - -int -lws_plat_recommended_rsa_bits(void) -{ - return 4096; -} - - - diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-pipe.c b/thirdparty/libwebsockets/lib/plat/windows/windows-pipe.c deleted file mode 100644 index af2af1fa83..0000000000 --- a/thirdparty/libwebsockets/lib/plat/windows/windows-pipe.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS -#define _WINSOCK_DEPRECATED_NO_WARNINGS -#endif -#include "core/private.h" - -int -lws_plat_pipe_create(struct lws *wsi) -{ - return 1; -} - -int -lws_plat_pipe_signal(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - WSASetEvent(pt->events); /* trigger the cancel event */ - - return 0; -} - -void -lws_plat_pipe_close(struct lws *wsi) -{ -} diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-service.c b/thirdparty/libwebsockets/lib/plat/windows/windows-service.c deleted file mode 100644 index a6adefbd3b..0000000000 --- a/thirdparty/libwebsockets/lib/plat/windows/windows-service.c +++ /dev/null @@ -1,194 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS -#define _WINSOCK_DEPRECATED_NO_WARNINGS -#endif -#include "core/private.h" - - -LWS_EXTERN int -_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi) -{ - struct lws_context_per_thread *pt; - WSANETWORKEVENTS networkevents; - struct lws_pollfd *pfd; - struct lws *wsi; - unsigned int i; - DWORD ev; - int n; - - /* stay dead once we are dead */ - if (context == NULL || !context->vhost_list) - return 1; - - pt = &context->pt[tsi]; - - if (!pt->service_tid_detected) { - struct lws _lws; - - memset(&_lws, 0, sizeof(_lws)); - _lws.context = context; - - pt->service_tid = context->vhost_list-> - protocols[0].callback(&_lws, LWS_CALLBACK_GET_THREAD_ID, - NULL, NULL, 0); - pt->service_tid_detected = 1; - } - - if (timeout_ms < 0) { - if (lws_service_flag_pending(context, tsi)) { - /* any socket with events to service? */ - for (n = 0; n < (int)pt->fds_count; n++) { - int m; - if (!pt->fds[n].revents) - continue; - - m = lws_service_fd_tsi(context, &pt->fds[n], tsi); - if (m < 0) - return -1; - /* if something closed, retry this slot */ - if (m) - n--; - } - } - return 0; - } - - if (context->event_loop_ops->run_pt) - context->event_loop_ops->run_pt(context, tsi); - - for (i = 0; i < pt->fds_count; ++i) { - pfd = &pt->fds[i]; - - if (!(pfd->events & LWS_POLLOUT)) - continue; - - wsi = wsi_from_fd(context, pfd->fd); - if (!wsi || wsi->listener) - continue; - if (wsi->sock_send_blocking) - continue; - pfd->revents = LWS_POLLOUT; - n = lws_service_fd(context, pfd); - if (n < 0) - return -1; - - /* Force WSAWaitForMultipleEvents() to check events and then return immediately. */ - timeout_ms = 0; - - /* if something closed, retry this slot */ - if (n) - i--; - } - - /* - * is there anybody with pending stuff that needs service forcing? - */ - if (!lws_service_adjust_timeout(context, 1, tsi)) { - /* -1 timeout means just do forced service */ - _lws_plat_service_tsi(context, -1, pt->tid); - /* still somebody left who wants forced service? */ - if (!lws_service_adjust_timeout(context, 1, pt->tid)) - /* yes... come back again quickly */ - timeout_ms = 0; - } - - if (timeout_ms) { - lws_usec_t t; - - lws_pt_lock(pt, __func__); - /* don't stay in poll wait longer than next hr timeout */ - t = __lws_hrtimer_service(pt); - - if ((lws_usec_t)timeout_ms * 1000 > t) - timeout_ms = (int)(t / 1000); - lws_pt_unlock(pt); - } - - ev = WSAWaitForMultipleEvents(1, &pt->events, FALSE, timeout_ms, FALSE); - if (ev == WSA_WAIT_EVENT_0) { - unsigned int eIdx; - - WSAResetEvent(pt->events); - - if (pt->context->tls_ops && - pt->context->tls_ops->fake_POLLIN_for_buffered) - pt->context->tls_ops->fake_POLLIN_for_buffered(pt); - - for (eIdx = 0; eIdx < pt->fds_count; ++eIdx) { - unsigned int err; - - if (WSAEnumNetworkEvents(pt->fds[eIdx].fd, 0, - &networkevents) == SOCKET_ERROR) { - lwsl_err("WSAEnumNetworkEvents() failed " - "with error %d\n", LWS_ERRNO); - return -1; - } - - pfd = &pt->fds[eIdx]; - pfd->revents = (short)networkevents.lNetworkEvents; - - err = networkevents.iErrorCode[FD_CONNECT_BIT]; - - if ((networkevents.lNetworkEvents & FD_CONNECT) && - err && err != LWS_EALREADY && - err != LWS_EINPROGRESS && err != LWS_EWOULDBLOCK && - err != WSAEINVAL) { - lwsl_debug("Unable to connect errno=%d\n", err); - pfd->revents |= LWS_POLLHUP; - } - - if (pfd->revents & LWS_POLLOUT) { - wsi = wsi_from_fd(context, pfd->fd); - if (wsi) - wsi->sock_send_blocking = 0; - } - /* if something closed, retry this slot */ - if (pfd->revents & LWS_POLLHUP) - --eIdx; - - if (pfd->revents) { - recv(pfd->fd, NULL, 0, 0); - lws_service_fd_tsi(context, pfd, tsi); - } - } - } - - if (ev == WSA_WAIT_TIMEOUT) - lws_service_fd(context, NULL); - - return 0; -} - -int -lws_plat_service(struct lws_context *context, int timeout_ms) -{ - return _lws_plat_service_tsi(context, timeout_ms, 0); -} - - - -void -lws_plat_service_periodic(struct lws_context *context) -{ -} - diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c b/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c deleted file mode 100644 index 62a0a49846..0000000000 --- a/thirdparty/libwebsockets/lib/plat/windows/windows-sockets.c +++ /dev/null @@ -1,288 +0,0 @@ -#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS -#define _WINSOCK_DEPRECATED_NO_WARNINGS -#endif -#include "core/private.h" - - -LWS_VISIBLE int -lws_send_pipe_choked(struct lws *wsi) -{ struct lws *wsi_eff; - -#if defined(LWS_WITH_HTTP2) - wsi_eff = lws_get_network_wsi(wsi); -#else - wsi_eff = wsi; -#endif - /* the fact we checked implies we avoided back-to-back writes */ - wsi_eff->could_have_pending = 0; - - /* treat the fact we got a truncated send pending as if we're choked */ - if (lws_has_buffered_out(wsi_eff) -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - ||wsi->http.comp_ctx.buflist_comp || - wsi->http.comp_ctx.may_have_more -#endif - ) - return 1; - - return (int)wsi_eff->sock_send_blocking; -} - -int -lws_poll_listen_fd(struct lws_pollfd *fd) -{ - fd_set readfds; - struct timeval tv = { 0, 0 }; - - assert((fd->events & LWS_POLLIN) == LWS_POLLIN); - - FD_ZERO(&readfds); - FD_SET(fd->fd, &readfds); - - return select(((int)fd->fd) + 1, &readfds, NULL, NULL, &tv); -} - -int -lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd, - int unix_skt) -{ - int optval = 1; - int optlen = sizeof(optval); - u_long optl = 1; - DWORD dwBytesRet; - struct tcp_keepalive alive; - int protonbr; -#ifndef _WIN32_WCE - struct protoent *tcp_proto; -#endif - -#ifdef LWS_WITH_IPV6 - optval = 0; - setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, (const void*)&optval, optlen); -#endif - - if (vhost->ka_time) { - /* enable keepalive on this socket */ - optval = 1; - if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, - (const char *)&optval, optlen) < 0) - return 1; - - alive.onoff = TRUE; - alive.keepalivetime = vhost->ka_time; - alive.keepaliveinterval = vhost->ka_interval; - - if (WSAIoctl(fd, SIO_KEEPALIVE_VALS, &alive, sizeof(alive), - NULL, 0, &dwBytesRet, NULL, NULL)) - return 1; - } - - /* Disable Nagle */ - optval = 1; -#ifndef _WIN32_WCE - tcp_proto = getprotobyname("TCP"); - if (!tcp_proto) { - lwsl_err("getprotobyname() failed with error %d\n", LWS_ERRNO); - return 1; - } - protonbr = tcp_proto->p_proto; -#else - protonbr = 6; -#endif - - setsockopt(fd, protonbr, TCP_NODELAY, (const char *)&optval, optlen); - - /* We are nonblocking... */ - ioctlsocket(fd, FIONBIO, &optl); - - return 0; -} - - -LWS_EXTERN int -lws_interface_to_sa(int ipv6, - const char *ifname, struct sockaddr_in *addr, size_t addrlen) -{ -#ifdef LWS_WITH_IPV6 - struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr; - - if (ipv6) { - if (lws_plat_inet_pton(AF_INET6, ifname, &addr6->sin6_addr) == 1) { - return LWS_ITOSA_USABLE; - } - } -#endif - - long long address = inet_addr(ifname); - - if (address == INADDR_NONE) { - struct hostent *entry = gethostbyname(ifname); - if (entry) - address = ((struct in_addr *)entry->h_addr_list[0])->s_addr; - } - - if (address == INADDR_NONE) - return LWS_ITOSA_NOT_EXIST; - - addr->sin_addr.s_addr = (unsigned long)(lws_intptr_t)address; - - return LWS_ITOSA_USABLE; -} - -void -lws_plat_insert_socket_into_fds(struct lws_context *context, struct lws *wsi) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - - pt->fds[pt->fds_count++].revents = 0; - WSAEventSelect(wsi->desc.sockfd, pt->events, - LWS_POLLIN | LWS_POLLHUP | FD_CONNECT); -} - -void -lws_plat_delete_socket_from_fds(struct lws_context *context, - struct lws *wsi, int m) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - - pt->fds_count--; -} - - -int -lws_plat_check_connection_error(struct lws *wsi) -{ - int optVal; - int optLen = sizeof(int); - - if (getsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_ERROR, - (char*)&optVal, &optLen) != SOCKET_ERROR && optVal && - optVal != LWS_EALREADY && optVal != LWS_EINPROGRESS && - optVal != LWS_EWOULDBLOCK && optVal != WSAEINVAL) { - lwsl_debug("Connect failed SO_ERROR=%d\n", optVal); - return 1; - } - - return 0; -} - -int -lws_plat_change_pollfd(struct lws_context *context, - struct lws *wsi, struct lws_pollfd *pfd) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - long networkevents = LWS_POLLHUP | FD_CONNECT; - - if ((pfd->events & LWS_POLLIN)) - networkevents |= LWS_POLLIN; - - if ((pfd->events & LWS_POLLOUT)) - networkevents |= LWS_POLLOUT; - - if (WSAEventSelect(wsi->desc.sockfd, pt->events, - networkevents) != SOCKET_ERROR) - return 0; - - lwsl_err("WSAEventSelect() failed with error %d\n", LWS_ERRNO); - - return 1; -} - -const char * -lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt) -{ - WCHAR *buffer; - DWORD bufferlen = cnt; - BOOL ok = FALSE; - - buffer = lws_malloc(bufferlen * 2, "inet_ntop"); - if (!buffer) { - lwsl_err("Out of memory\n"); - return NULL; - } - - if (af == AF_INET) { - struct sockaddr_in srcaddr; - bzero(&srcaddr, sizeof(srcaddr)); - srcaddr.sin_family = AF_INET; - memcpy(&(srcaddr.sin_addr), src, sizeof(srcaddr.sin_addr)); - - if (!WSAAddressToStringW((struct sockaddr*)&srcaddr, sizeof(srcaddr), 0, buffer, &bufferlen)) - ok = TRUE; -#ifdef LWS_WITH_IPV6 - } else if (af == AF_INET6) { - struct sockaddr_in6 srcaddr; - bzero(&srcaddr, sizeof(srcaddr)); - srcaddr.sin6_family = AF_INET6; - memcpy(&(srcaddr.sin6_addr), src, sizeof(srcaddr.sin6_addr)); - - if (!WSAAddressToStringW((struct sockaddr*)&srcaddr, sizeof(srcaddr), 0, buffer, &bufferlen)) - ok = TRUE; -#endif - } else - lwsl_err("Unsupported type\n"); - - if (!ok) { - int rv = WSAGetLastError(); - lwsl_err("WSAAddressToString() : %d\n", rv); - } else { - if (WideCharToMultiByte(CP_ACP, 0, buffer, bufferlen, dst, cnt, 0, NULL) <= 0) - ok = FALSE; - } - - lws_free(buffer); - return ok ? dst : NULL; -} - -int -lws_plat_inet_pton(int af, const char *src, void *dst) -{ - WCHAR *buffer; - DWORD bufferlen = (int)strlen(src) + 1; - BOOL ok = FALSE; - - buffer = lws_malloc(bufferlen * 2, "inet_pton"); - if (!buffer) { - lwsl_err("Out of memory\n"); - return -1; - } - - if (MultiByteToWideChar(CP_ACP, 0, src, bufferlen, buffer, bufferlen) <= 0) { - lwsl_err("Failed to convert multi byte to wide char\n"); - lws_free(buffer); - return -1; - } - - if (af == AF_INET) { - struct sockaddr_in dstaddr; - int dstaddrlen = sizeof(dstaddr); - bzero(&dstaddr, sizeof(dstaddr)); - dstaddr.sin_family = AF_INET; - - if (!WSAStringToAddressW(buffer, af, 0, (struct sockaddr *) &dstaddr, &dstaddrlen)) { - ok = TRUE; - memcpy(dst, &dstaddr.sin_addr, sizeof(dstaddr.sin_addr)); - } -#ifdef LWS_WITH_IPV6 - } else if (af == AF_INET6) { - struct sockaddr_in6 dstaddr; - int dstaddrlen = sizeof(dstaddr); - bzero(&dstaddr, sizeof(dstaddr)); - dstaddr.sin6_family = AF_INET6; - - if (!WSAStringToAddressW(buffer, af, 0, (struct sockaddr *) &dstaddr, &dstaddrlen)) { - ok = TRUE; - memcpy(dst, &dstaddr.sin6_addr, sizeof(dstaddr.sin6_addr)); - } -#endif - } else - lwsl_err("Unsupported type\n"); - - if (!ok) { - int rv = WSAGetLastError(); - lwsl_err("WSAAddressToString() : %d\n", rv); - } - - lws_free(buffer); - return ok ? 1 : -1; -} diff --git a/thirdparty/libwebsockets/lib/roles/h1/ops-h1.c b/thirdparty/libwebsockets/lib/roles/h1/ops-h1.c deleted file mode 100644 index 2fa0fe16e4..0000000000 --- a/thirdparty/libwebsockets/lib/roles/h1/ops-h1.c +++ /dev/null @@ -1,1040 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include - -#ifndef min -#define min(a, b) ((a) < (b) ? (a) : (b)) -#endif - - -/* - * We have to take care about parsing because the headers may be split - * into multiple fragments. They may contain unknown headers with arbitrary - * argument lengths. So, we parse using a single-character at a time state - * machine that is completely independent of packet size. - * - * Returns <0 for error or length of chars consumed from buf (up to len) - */ - -int -lws_read_h1(struct lws *wsi, unsigned char *buf, lws_filepos_t len) -{ - unsigned char *last_char, *oldbuf = buf; - lws_filepos_t body_chunk_len; - size_t n; - - lwsl_debug("%s: h1 path: wsi state 0x%x\n", __func__, lwsi_state(wsi)); - - switch (lwsi_state(wsi)) { - - case LRS_ISSUING_FILE: - return 0; - - case LRS_ESTABLISHED: - - if (lwsi_role_ws(wsi)) - goto ws_mode; - - if (lwsi_role_client(wsi)) - break; - - wsi->hdr_parsing_completed = 0; - - /* fallthru */ - - case LRS_HEADERS: - if (!wsi->http.ah) { - lwsl_err("%s: LRS_HEADERS: NULL ah\n", __func__); - assert(0); - } - lwsl_parser("issuing %d bytes to parser\n", (int)len); -#if defined(LWS_ROLE_WS) && !defined(LWS_NO_CLIENT) - if (lws_ws_handshake_client(wsi, &buf, (size_t)len)) - goto bail; -#endif - last_char = buf; - if (lws_handshake_server(wsi, &buf, (size_t)len)) - /* Handshake indicates this session is done. */ - goto bail; - - /* we might have transitioned to RAW */ - if (wsi->role_ops == &role_ops_raw_skt || - wsi->role_ops == &role_ops_raw_file) - /* we gave the read buffer to RAW handler already */ - goto read_ok; - - /* - * It's possible that we've exhausted our data already, or - * rx flow control has stopped us dealing with this early, - * but lws_handshake_server doesn't update len for us. - * Figure out how much was read, so that we can proceed - * appropriately: - */ - len -= (buf - last_char); - - if (!wsi->hdr_parsing_completed) - /* More header content on the way */ - goto read_ok; - - switch (lwsi_state(wsi)) { - case LRS_ESTABLISHED: - case LRS_HEADERS: - goto read_ok; - case LRS_ISSUING_FILE: - goto read_ok; - case LRS_BODY: - wsi->http.rx_content_remain = - wsi->http.rx_content_length; - if (wsi->http.rx_content_remain) - goto http_postbody; - - /* there is no POST content */ - goto postbody_completion; - default: - break; - } - break; - - case LRS_BODY: -http_postbody: - lwsl_debug("%s: http post body: remain %d\n", __func__, - (int)wsi->http.rx_content_remain); - - if (!wsi->http.rx_content_remain) - goto postbody_completion; - - while (len && wsi->http.rx_content_remain) { - /* Copy as much as possible, up to the limit of: - * what we have in the read buffer (len) - * remaining portion of the POST body (content_remain) - */ - body_chunk_len = min(wsi->http.rx_content_remain, len); - wsi->http.rx_content_remain -= body_chunk_len; - len -= body_chunk_len; -#ifdef LWS_WITH_CGI - if (wsi->http.cgi) { - struct lws_cgi_args args; - - args.ch = LWS_STDIN; - args.stdwsi = &wsi->http.cgi->stdwsi[0]; - args.data = buf; - args.len = body_chunk_len; - - /* returns how much used */ - n = user_callback_handle_rxflow( - wsi->protocol->callback, - wsi, LWS_CALLBACK_CGI_STDIN_DATA, - wsi->user_space, - (void *)&args, 0); - if ((int)n < 0) - goto bail; - } else { -#endif - n = wsi->protocol->callback(wsi, - LWS_CALLBACK_HTTP_BODY, wsi->user_space, - buf, (size_t)body_chunk_len); - if (n) - goto bail; - n = (size_t)body_chunk_len; -#ifdef LWS_WITH_CGI - } -#endif - buf += n; - - if (wsi->http.rx_content_remain) { - lws_set_timeout(wsi, - PENDING_TIMEOUT_HTTP_CONTENT, - wsi->context->timeout_secs); - break; - } - /* he sent all the content in time */ -postbody_completion: -#ifdef LWS_WITH_CGI - /* - * If we're running a cgi, we can't let him off the - * hook just because he sent his POST data - */ - if (wsi->http.cgi) - lws_set_timeout(wsi, PENDING_TIMEOUT_CGI, - wsi->context->timeout_secs); - else -#endif - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); -#ifdef LWS_WITH_CGI - if (!wsi->http.cgi) -#endif - { - lwsl_info("HTTP_BODY_COMPLETION: %p (%s)\n", - wsi, wsi->protocol->name); - n = wsi->protocol->callback(wsi, - LWS_CALLBACK_HTTP_BODY_COMPLETION, - wsi->user_space, NULL, 0); - if (n) - goto bail; - - if (wsi->http2_substream) - lwsi_set_state(wsi, LRS_ESTABLISHED); - } - - break; - } - break; - - case LRS_RETURNED_CLOSE: - case LRS_AWAITING_CLOSE_ACK: - case LRS_WAITING_TO_SEND_CLOSE: - case LRS_SHUTDOWN: - -ws_mode: -#if !defined(LWS_NO_CLIENT) && defined(LWS_ROLE_WS) - // lwsl_notice("%s: ws_mode\n", __func__); - if (lws_ws_handshake_client(wsi, &buf, (size_t)len)) - goto bail; -#endif -#if defined(LWS_ROLE_WS) - if (lwsi_role_ws(wsi) && lwsi_role_server(wsi) && - /* - * for h2 we are on the swsi - */ - lws_parse_ws(wsi, &buf, (size_t)len) < 0) { - lwsl_info("%s: lws_parse_ws bailed\n", __func__); - goto bail; - } -#endif - // lwsl_notice("%s: ws_mode: buf moved on by %d\n", __func__, - // lws_ptr_diff(buf, oldbuf)); - break; - - case LRS_DEFERRING_ACTION: - lwsl_notice("%s: LRS_DEFERRING_ACTION\n", __func__); - break; - - case LRS_SSL_ACK_PENDING: - break; - - case LRS_DEAD_SOCKET: - lwsl_err("%s: Unhandled state LRS_DEAD_SOCKET\n", __func__); - goto bail; - // assert(0); - /* fallthru */ - - default: - lwsl_err("%s: Unhandled state %d\n", __func__, lwsi_state(wsi)); - assert(0); - goto bail; - } - -read_ok: - /* Nothing more to do for now */ -// lwsl_info("%s: %p: read_ok, used %ld (len %d, state %d)\n", __func__, -// wsi, (long)(buf - oldbuf), (int)len, wsi->state); - - return lws_ptr_diff(buf, oldbuf); - -bail: - /* - * h2 / h2-ws calls us recursively in - * - * lws_read_h1()-> - * lws_h2_parser()-> - * lws_read_h1() - * - * pattern, having stripped the h2 framing in the middle. - * - * When taking down the whole connection, make sure that only the - * outer lws_read() does the wsi close. - */ - if (!wsi->outer_will_close) - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "lws_read_h1 bail"); - - return -1; -} -#if !defined(LWS_NO_SERVER) -static int -lws_h1_server_socket_service(struct lws *wsi, struct lws_pollfd *pollfd) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - struct lws_tokens ebuf; - int n, buffered; - - if (lwsi_state(wsi) == LRS_DEFERRING_ACTION) - goto try_pollout; - - /* any incoming data ready? */ - - if (!(pollfd->revents & pollfd->events & LWS_POLLIN)) - goto try_pollout; - - /* - * If we previously just did POLLIN when IN and OUT were signaled - * (because POLLIN processing may have used up the POLLOUT), don't let - * that happen twice in a row... next time we see the situation favour - * POLLOUT - */ - - if (wsi->favoured_pollin && - (pollfd->revents & pollfd->events & LWS_POLLOUT)) { - // lwsl_notice("favouring pollout\n"); - wsi->favoured_pollin = 0; - goto try_pollout; - } - - /* - * We haven't processed that the tunnel is set up yet, so - * defer reading - */ - - if (lwsi_state(wsi) == LRS_SSL_ACK_PENDING) - return LWS_HPI_RET_HANDLED; - - /* these states imply we MUST have an ah attached */ - - if ((lwsi_state(wsi) == LRS_ESTABLISHED || - lwsi_state(wsi) == LRS_ISSUING_FILE || - lwsi_state(wsi) == LRS_HEADERS || - lwsi_state(wsi) == LRS_BODY)) { - - if (!wsi->http.ah && lws_header_table_attach(wsi, 0)) { - lwsl_info("%s: wsi %p: ah not available\n", __func__, - wsi); - goto try_pollout; - } - - /* - * We got here because there was specifically POLLIN... - * regardless of our buflist state, we need to get it, - * and either use it, or append to the buflist and use - * buflist head material. - * - * We will not notice a connection close until the buflist is - * exhausted and we tried to do a read of some kind. - */ - - buffered = lws_buflist_aware_read(pt, wsi, &ebuf); - switch (ebuf.len) { - case 0: - lwsl_info("%s: read 0 len a\n", __func__); - wsi->seen_zero_length_recv = 1; - lws_change_pollfd(wsi, LWS_POLLIN, 0); -#if !defined(LWS_WITHOUT_EXTENSIONS) - /* - * autobahn requires us to win the race between close - * and draining the extensions - */ - if (wsi->ws && - (wsi->ws->rx_draining_ext || - wsi->ws->tx_draining_ext)) - goto try_pollout; -#endif - /* - * normally, we respond to close with logically closing - * our side immediately - */ - goto fail; - - case LWS_SSL_CAPABLE_ERROR: - goto fail; - case LWS_SSL_CAPABLE_MORE_SERVICE: - goto try_pollout; - } - - /* just ignore incoming if waiting for close */ - if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE) { - lwsl_notice("%s: just ignoring\n", __func__); - goto try_pollout; - } - - if (lwsi_state(wsi) == LRS_ISSUING_FILE) { - // lwsl_notice("stashing: wsi %p: bd %d\n", wsi, buffered); - if (lws_buflist_aware_consume(wsi, &ebuf, 0, buffered)) - return LWS_HPI_RET_PLEASE_CLOSE_ME; - - goto try_pollout; - } - - /* - * Otherwise give it to whoever wants it according to the - * connection state - */ -#if defined(LWS_ROLE_H2) - if (lwsi_role_h2(wsi) && lwsi_state(wsi) != LRS_BODY) - n = lws_read_h2(wsi, (uint8_t *)ebuf.token, ebuf.len); - else -#endif - n = lws_read_h1(wsi, (uint8_t *)ebuf.token, ebuf.len); - if (n < 0) /* we closed wsi */ - return LWS_HPI_RET_WSI_ALREADY_DIED; - - lwsl_debug("%s: consumed %d\n", __func__, n); - - if (lws_buflist_aware_consume(wsi, &ebuf, n, buffered)) - return LWS_HPI_RET_PLEASE_CLOSE_ME; - - /* - * during the parsing our role changed to something non-http, - * so the ah has no further meaning - */ - - if (wsi->http.ah && - !lwsi_role_h1(wsi) && - !lwsi_role_h2(wsi) && - !lwsi_role_cgi(wsi)) - lws_header_table_detach(wsi, 0); - - /* - * He may have used up the writability above, if we will defer - * POLLOUT processing in favour of POLLIN, note it - */ - - if (pollfd->revents & LWS_POLLOUT) - wsi->favoured_pollin = 1; - - return LWS_HPI_RET_HANDLED; - } - - /* - * He may have used up the writability above, if we will defer POLLOUT - * processing in favour of POLLIN, note it - */ - - if (pollfd->revents & LWS_POLLOUT) - wsi->favoured_pollin = 1; - -try_pollout: - - /* this handles POLLOUT for http serving fragments */ - - if (!(pollfd->revents & LWS_POLLOUT)) - return LWS_HPI_RET_HANDLED; - - /* one shot */ - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_notice("%s a\n", __func__); - goto fail; - } - - /* clear back-to-back write detection */ - wsi->could_have_pending = 0; - - if (lwsi_state(wsi) == LRS_DEFERRING_ACTION) { - lwsl_debug("%s: LRS_DEFERRING_ACTION now writable\n", __func__); - - lwsi_set_state(wsi, LRS_ESTABLISHED); - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_info("failed at set pollfd\n"); - goto fail; - } - } - - if (!wsi->hdr_parsing_completed) - return LWS_HPI_RET_HANDLED; - - if (lwsi_state(wsi) != LRS_ISSUING_FILE) { - - if (lws_has_buffered_out(wsi)) { - //lwsl_notice("%s: completing partial\n", __func__); - if (lws_issue_raw(wsi, NULL, 0) < 0) { - lwsl_info("%s signalling to close\n", __func__); - goto fail; - } - return LWS_HPI_RET_HANDLED; - } - - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_WRITEABLE_CB, 1); -#if defined(LWS_WITH_STATS) - if (wsi->active_writable_req_us) { - uint64_t ul = lws_time_in_microseconds() - - wsi->active_writable_req_us; - - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_MS_WRITABLE_DELAY, ul); - lws_stats_atomic_max(wsi->context, pt, - LWSSTATS_MS_WORST_WRITABLE_DELAY, ul); - wsi->active_writable_req_us = 0; - } -#endif - - n = user_callback_handle_rxflow(wsi->protocol->callback, wsi, - LWS_CALLBACK_HTTP_WRITEABLE, - wsi->user_space, NULL, 0); - if (n < 0) { - lwsl_info("writeable_fail\n"); - goto fail; - } - - return LWS_HPI_RET_HANDLED; - } - - /* >0 == completion, <0 == error - * - * We'll get a LWS_CALLBACK_HTTP_FILE_COMPLETION callback when - * it's done. That's the case even if we just completed the - * send, so wait for that. - */ - n = lws_serve_http_file_fragment(wsi); - if (n < 0) - goto fail; - - return LWS_HPI_RET_HANDLED; - - -fail: - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "server socket svc fail"); - - return LWS_HPI_RET_WSI_ALREADY_DIED; -} -#endif - -static int -rops_handle_POLLIN_h1(struct lws_context_per_thread *pt, struct lws *wsi, - struct lws_pollfd *pollfd) -{ - -// lwsl_notice("%s: %p: wsistate 0x%x %s, revents 0x%x\n", __func__, wsi, -// wsi->wsistate, wsi->role_ops->name, pollfd->revents); - -#ifdef LWS_WITH_CGI - if (wsi->http.cgi && (pollfd->revents & LWS_POLLOUT)) { - if (lws_handle_POLLOUT_event(wsi, pollfd)) - return LWS_HPI_RET_PLEASE_CLOSE_ME; - - return LWS_HPI_RET_HANDLED; - } -#endif - -#if 0 - - /* - * !!! lws_serve_http_file_fragment() seems to duplicate most of - * lws_handle_POLLOUT_event() in its own loop... - */ - lwsl_debug("%s: %d %d\n", __func__, (pollfd->revents & LWS_POLLOUT), - lwsi_state_can_handle_POLLOUT(wsi)); - - if ((pollfd->revents & LWS_POLLOUT) && - lwsi_state_can_handle_POLLOUT(wsi) && - lws_handle_POLLOUT_event(wsi, pollfd)) { - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) - lwsi_set_state(wsi, LRS_FLUSHING_BEFORE_CLOSE); - /* the write failed... it's had it */ - wsi->socket_is_permanently_unusable = 1; - - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } -#endif - - - /* Priority 2: pre- compression transform */ - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - if (wsi->http.comp_ctx.buflist_comp || - wsi->http.comp_ctx.may_have_more) { - enum lws_write_protocol wp = LWS_WRITE_HTTP; - - lwsl_info("%s: completing comp partial (buflist_comp %p, may %d)\n", - __func__, wsi->http.comp_ctx.buflist_comp, - wsi->http.comp_ctx.may_have_more - ); - - if (wsi->role_ops->write_role_protocol(wsi, NULL, 0, &wp) < 0) { - lwsl_info("%s signalling to close\n", __func__); - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - lws_callback_on_writable(wsi); - - if (!wsi->http.comp_ctx.buflist_comp && - !wsi->http.comp_ctx.may_have_more && - wsi->http.deferred_transaction_completed) { - wsi->http.deferred_transaction_completed = 0; - if (lws_http_transaction_completed(wsi)) - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - - return LWS_HPI_RET_HANDLED; - } -#endif - - if (lws_is_flowcontrolled(wsi)) - /* We cannot deal with any kind of new RX because we are - * RX-flowcontrolled. - */ - return LWS_HPI_RET_HANDLED; - -#if !defined(LWS_NO_SERVER) - if (!lwsi_role_client(wsi)) { - int n; - - lwsl_debug("%s: %p: wsistate 0x%x\n", __func__, wsi, - wsi->wsistate); - n = lws_h1_server_socket_service(wsi, pollfd); - if (n != LWS_HPI_RET_HANDLED) - return n; - if (lwsi_state(wsi) != LRS_SSL_INIT) - if (lws_server_socket_service_ssl(wsi, - LWS_SOCK_INVALID)) - return LWS_HPI_RET_PLEASE_CLOSE_ME; - - return LWS_HPI_RET_HANDLED; - } -#endif - -#ifndef LWS_NO_CLIENT - if ((pollfd->revents & LWS_POLLIN) && - wsi->hdr_parsing_completed && !wsi->told_user_closed) { - - /* - * In SSL mode we get POLLIN notification about - * encrypted data in. - * - * But that is not necessarily related to decrypted - * data out becoming available; in may need to perform - * other in or out before that happens. - * - * simply mark ourselves as having readable data - * and turn off our POLLIN - */ - wsi->client_rx_avail = 1; - lws_change_pollfd(wsi, LWS_POLLIN, 0); - - //lwsl_notice("calling back %s\n", wsi->protocol->name); - - /* let user code know, he'll usually ask for writeable - * callback and drain / re-enable it there - */ - if (user_callback_handle_rxflow(wsi->protocol->callback, wsi, - LWS_CALLBACK_RECEIVE_CLIENT_HTTP, - wsi->user_space, NULL, 0)) { - lwsl_info("RECEIVE_CLIENT_HTTP closed it\n"); - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - - return LWS_HPI_RET_HANDLED; - } -#endif - -// if (lwsi_state(wsi) == LRS_ESTABLISHED) -// return LWS_HPI_RET_HANDLED; - -#if !defined(LWS_NO_CLIENT) - if ((pollfd->revents & LWS_POLLOUT) && - lws_handle_POLLOUT_event(wsi, pollfd)) { - lwsl_debug("POLLOUT event closed it\n"); - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - - if (lws_client_socket_service(wsi, pollfd, NULL)) - return LWS_HPI_RET_WSI_ALREADY_DIED; -#endif - - return LWS_HPI_RET_HANDLED; -} - -int rops_handle_POLLOUT_h1(struct lws *wsi) -{ - if (lwsi_state(wsi) == LRS_ISSUE_HTTP_BODY) - return LWS_HP_RET_USER_SERVICE; - - if (lwsi_role_client(wsi)) - return LWS_HP_RET_USER_SERVICE; - - return LWS_HP_RET_BAIL_OK; -} - -static int -rops_write_role_protocol_h1(struct lws *wsi, unsigned char *buf, size_t len, - enum lws_write_protocol *wp) -{ - size_t olen = len; - int n; - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - if (wsi->http.lcs && (((*wp) & 0x1f) == LWS_WRITE_HTTP_FINAL || - ((*wp) & 0x1f) == LWS_WRITE_HTTP)) { - unsigned char mtubuf[1400 + LWS_PRE + - LWS_HTTP_CHUNK_HDR_MAX_SIZE + - LWS_HTTP_CHUNK_TRL_MAX_SIZE], - *out = mtubuf + LWS_PRE + - LWS_HTTP_CHUNK_HDR_MAX_SIZE; - size_t o = sizeof(mtubuf) - LWS_PRE - - LWS_HTTP_CHUNK_HDR_MAX_SIZE - - LWS_HTTP_CHUNK_TRL_MAX_SIZE; - - n = lws_http_compression_transform(wsi, buf, len, wp, &out, &o); - if (n) - return n; - - lwsl_info("%s: %p: transformed %d bytes to %d " - "(wp 0x%x, more %d)\n", __func__, wsi, (int)len, - (int)o, (int)*wp, wsi->http.comp_ctx.may_have_more); - - if (!o) - return olen; - - if (wsi->http.comp_ctx.chunking) { - char c[LWS_HTTP_CHUNK_HDR_MAX_SIZE + 2]; - /* - * this only needs dealing with on http/1.1 to allow - * pipelining - */ - n = lws_snprintf(c, sizeof(c), "%X\x0d\x0a", (int)o); - lwsl_info("%s: chunk (%d) %s", __func__, (int)o, c); - out -= n; - o += n; - memcpy(out, c, n); - out[o++] = '\x0d'; - out[o++] = '\x0a'; - - if (((*wp) & 0x1f) == LWS_WRITE_HTTP_FINAL) { - lwsl_info("%s: final chunk\n", __func__); - out[o++] = '0'; - out[o++] = '\x0d'; - out[o++] = '\x0a'; - out[o++] = '\x0d'; - out[o++] = '\x0a'; - } - } - - buf = out; - len = o; - } -#endif - - n = lws_issue_raw(wsi, (unsigned char *)buf, len); - if (n < 0) - return n; - - /* hide there may have been compression */ - - return (int)olen; -} - -static int -rops_alpn_negotiated_h1(struct lws *wsi, const char *alpn) -{ - lwsl_debug("%s: client %d\n", __func__, lwsi_role_client(wsi)); -#if !defined(LWS_NO_CLIENT) - if (lwsi_role_client(wsi)) { - /* - * If alpn asserts it is http/1.1, server support for KA is - * mandatory. - * - * Knowing this lets us proceed with sending pipelined headers - * before we received the first response headers. - */ - wsi->keepalive_active = 1; - } -#endif - - return 0; -} - -static int -rops_destroy_role_h1(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - struct allocated_headers *ah; - - /* we may not have an ah, but may be on the waiting list... */ - lwsl_info("%s: ah det due to close\n", __func__); - __lws_header_table_detach(wsi, 0); - - ah = pt->http.ah_list; - - while (ah) { - if (ah->in_use && ah->wsi == wsi) { - lwsl_err("%s: ah leak: wsi %p\n", __func__, wsi); - ah->in_use = 0; - ah->wsi = NULL; - pt->http.ah_count_in_use--; - break; - } - ah = ah->next; - } - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - lws_http_compression_destroy(wsi); -#endif - -#ifdef LWS_ROLE_WS - lws_free_set_NULL(wsi->ws); -#endif - return 0; -} - -#if !defined(LWS_NO_SERVER) - -static int -rops_adoption_bind_h1(struct lws *wsi, int type, const char *vh_prot_name) -{ - if (!(type & LWS_ADOPT_HTTP)) - return 0; /* no match */ - - - if (type & _LWS_ADOPT_FINISH) { - if (!lws_header_table_attach(wsi, 0)) - lwsl_debug("Attached ah immediately\n"); - else - lwsl_info("%s: waiting for ah\n", __func__); - - return 1; - } - - lws_role_transition(wsi, LWSIFR_SERVER, (type & LWS_ADOPT_ALLOW_SSL) ? - LRS_SSL_INIT : LRS_HEADERS, &role_ops_h1); - - if (!vh_prot_name) - wsi->protocol = &wsi->vhost->protocols[ - wsi->vhost->default_protocol_index]; - - /* the transport is accepted... give him time to negotiate */ - lws_set_timeout(wsi, PENDING_TIMEOUT_ESTABLISH_WITH_SERVER, - wsi->context->timeout_secs); - - return 1; /* bound */ -} - -#endif - -#if !defined(LWS_NO_CLIENT) - -static const char * const http_methods[] = { - "GET", "POST", "OPTIONS", "PUT", "PATCH", "DELETE", "CONNECT" -}; - -static int -rops_client_bind_h1(struct lws *wsi, const struct lws_client_connect_info *i) -{ - int n; - - if (!i) { - /* we are finalizing an already-selected role */ - - /* - * If we stay in http, assuming there wasn't already-set - * external user_space, since we know our initial protocol - * we can assign the user space now, otherwise do it after the - * ws subprotocol negotiated - */ - if (!wsi->user_space && wsi->stash->method) - if (lws_ensure_user_space(wsi)) - return 1; - - /* - * For ws, default to http/1.1 only. If i->alpn had been set - * though, defer to whatever he has set in there (eg, "h2"). - * - * The problem is he has to commit to h2 before he can find - * out if the server has the SETTINGS for ws-over-h2 enabled; - * if not then ws is not possible on that connection. So we - * only try h2 if he assertively said to use h2 alpn, otherwise - * ws implies alpn restriction to h1. - */ - if (!wsi->stash->method && !wsi->stash->alpn) { - wsi->stash->alpn = lws_strdup("http/1.1"); - if (!wsi->stash->alpn) - return 1; - } - - /* if we went on the ah waiting list, it's ok, we can wait. - * - * When we do get the ah, now or later, he will end up at - * lws_http_client_connect_via_info2(). - */ - if (lws_header_table_attach(wsi, 0) < 0) - /* - * if we failed here, the connection is already closed - * and freed. - */ - return -1; - - return 0; - } - - /* - * Clients that want to be h1, h2, or ws all start out as h1 - * (we don't yet know if the server supports h2 or ws) - */ - - if (!i->method) { /* websockets */ -#if defined(LWS_ROLE_WS) - if (lws_create_client_ws_object(i, wsi)) - goto fail_wsi; -#else - lwsl_err("%s: ws role not configured\n", __func__); - - goto fail_wsi; -#endif - goto bind_h1; - } - - /* if a recognized http method, bind to it */ - - for (n = 0; n < (int)LWS_ARRAY_SIZE(http_methods); n++) - if (!strcmp(i->method, http_methods[n])) - goto bind_h1; - - /* other roles may bind to it */ - - return 0; /* no match */ - -bind_h1: - /* assert the mode and union status (hdr) clearly */ - lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, &role_ops_h1); - - return 1; /* matched */ - -fail_wsi: - return -1; -} -#endif - -#if 0 -static int -rops_perform_user_POLLOUT_h1(struct lws *wsi) -{ - volatile struct lws *vwsi = (volatile struct lws *)wsi; - int n; - - /* priority 1: post compression-transform buffered output */ - - if (lws_has_buffered_out(wsi)) { - lwsl_debug("%s: completing partial\n", __func__); - if (lws_issue_raw(wsi, NULL, 0) < 0) { - lwsl_info("%s signalling to close\n", __func__); - return -1; - } - n = 0; - vwsi->leave_pollout_active = 1; - goto cleanup; - } - - /* priority 2: pre compression-transform buffered output */ - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - if (wsi->http.comp_ctx.buflist_comp || - wsi->http.comp_ctx.may_have_more) { - enum lws_write_protocol wp = LWS_WRITE_HTTP; - - lwsl_info("%s: completing comp partial" - "(buflist_comp %p, may %d)\n", - __func__, wsi->http.comp_ctx.buflist_comp, - wsi->http.comp_ctx.may_have_more); - - if (rops_write_role_protocol_h1(wsi, NULL, 0, &wp) < 0) { - lwsl_info("%s signalling to close\n", __func__); - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "comp write fail"); - } - n = 0; - vwsi->leave_pollout_active = 1; - goto cleanup; - } -#endif - - /* priority 3: if no buffered out and waiting for that... */ - - if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE) { - wsi->socket_is_permanently_unusable = 1; - return -1; - } - - /* priority 4: user writeable callback */ - - vwsi = (volatile struct lws *)wsi; - vwsi->leave_pollout_active = 0; - - n = lws_callback_as_writeable(wsi); - -cleanup: - vwsi->handling_pollout = 0; - - if (vwsi->leave_pollout_active) - lws_change_pollfd(wsi, 0, LWS_POLLOUT); - - return n; -} -#endif - -static int -rops_close_kill_connection_h1(struct lws *wsi, enum lws_close_status reason) -{ -#if defined(LWS_WITH_HTTP_PROXY) - struct lws *wsi_eff = lws_client_wsi_effective(wsi); - - if (!wsi_eff->http.proxy_clientside) - return 0; - - wsi_eff->http.proxy_clientside = 0; - - if (user_callback_handle_rxflow(wsi_eff->protocol->callback, wsi_eff, - LWS_CALLBACK_COMPLETED_CLIENT_HTTP, - wsi_eff->user_space, NULL, 0)) - return 0; -#endif - return 0; -} - - -struct lws_role_ops role_ops_h1 = { - /* role name */ "h1", - /* alpn id */ "http/1.1", - /* check_upgrades */ NULL, - /* init_context */ NULL, - /* init_vhost */ NULL, - /* destroy_vhost */ NULL, - /* periodic_checks */ NULL, - /* service_flag_pending */ NULL, - /* handle_POLLIN */ rops_handle_POLLIN_h1, - /* handle_POLLOUT */ rops_handle_POLLOUT_h1, - /* perform_user_POLLOUT */ NULL, - /* callback_on_writable */ NULL, - /* tx_credit */ NULL, - /* write_role_protocol */ rops_write_role_protocol_h1, - /* encapsulation_parent */ NULL, - /* alpn_negotiated */ rops_alpn_negotiated_h1, - /* close_via_role_protocol */ NULL, - /* close_role */ NULL, - /* close_kill_connection */ rops_close_kill_connection_h1, - /* destroy_role */ rops_destroy_role_h1, -#if !defined(LWS_NO_SERVER) - /* adoption_bind */ rops_adoption_bind_h1, -#else - NULL, -#endif -#if !defined(LWS_NO_CLIENT) - /* client_bind */ rops_client_bind_h1, -#else - NULL, -#endif - /* writeable cb clnt, srv */ { LWS_CALLBACK_CLIENT_HTTP_WRITEABLE, - LWS_CALLBACK_HTTP_WRITEABLE }, - /* close cb clnt, srv */ { LWS_CALLBACK_CLOSED_CLIENT_HTTP, - LWS_CALLBACK_CLOSED_HTTP }, - /* protocol_bind cb c, srv */ { LWS_CALLBACK_CLIENT_HTTP_BIND_PROTOCOL, - LWS_CALLBACK_HTTP_BIND_PROTOCOL }, - /* protocol_unbind cb c, srv */ { LWS_CALLBACK_CLIENT_HTTP_DROP_PROTOCOL, - LWS_CALLBACK_HTTP_DROP_PROTOCOL }, - /* file_handle */ 0, -}; diff --git a/thirdparty/libwebsockets/lib/roles/h1/private.h b/thirdparty/libwebsockets/lib/roles/h1/private.h deleted file mode 100644 index 3f53954d33..0000000000 --- a/thirdparty/libwebsockets/lib/roles/h1/private.h +++ /dev/null @@ -1,27 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * This is included from core/private.h if LWS_ROLE_H1 - * - * Most of the h1 business is defined in the h1 / h2 common roles/http dir - */ - -extern struct lws_role_ops role_ops_h1; -#define lwsi_role_h1(wsi) (wsi->role_ops == &role_ops_h1) diff --git a/thirdparty/libwebsockets/lib/roles/http/client/client-handshake.c b/thirdparty/libwebsockets/lib/roles/http/client/client-handshake.c deleted file mode 100644 index 6b4e98f346..0000000000 --- a/thirdparty/libwebsockets/lib/roles/http/client/client-handshake.c +++ /dev/null @@ -1,1066 +0,0 @@ -#include "core/private.h" - -static int -lws_getaddrinfo46(struct lws *wsi, const char *ads, struct addrinfo **result) -{ - struct addrinfo hints; - - memset(&hints, 0, sizeof(hints)); - *result = NULL; - -#ifdef LWS_WITH_IPV6 - if (wsi->ipv6) { - -#if !defined(__ANDROID__) - hints.ai_family = AF_INET6; - hints.ai_flags = AI_V4MAPPED; -#endif - } else -#endif - { - hints.ai_family = PF_UNSPEC; - hints.ai_socktype = SOCK_STREAM; - } - - return getaddrinfo(ads, NULL, &hints, result); -} - -struct lws * -lws_client_connect_2(struct lws *wsi) -{ -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - const char *adsin; - struct lws *wsi_piggyback = NULL; - struct lws_pollfd pfd; - ssize_t plen = 0; -#endif - struct addrinfo *result; -#if defined(LWS_WITH_UNIX_SOCK) - struct sockaddr_un sau; - char unix_skt = 0; -#endif - const char *ads; - sockaddr46 sa46; - const struct sockaddr *psa; - int n, port = 0; - const char *cce = "", *iface; - const char *meth = NULL; -#ifdef LWS_WITH_IPV6 - char ipv6only = lws_check_opt(wsi->vhost->options, - LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY | - LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE); - -#if defined(__ANDROID__) - ipv6only = 0; -#endif -#endif - - lwsl_client("%s: %p\n", __func__, wsi); - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - if (!wsi->http.ah) { - cce = "ah was NULL at cc2"; - lwsl_err("%s\n", cce); - goto oom4; - } - - /* we can only piggyback GET or POST */ - - meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); - if (meth && strcmp(meth, "GET") && strcmp(meth, "POST")) - goto create_new_conn; - - /* we only pipeline connections that said it was okay */ - - if (!wsi->client_pipeline) - goto create_new_conn; - - /* - * let's take a look first and see if there are any already-active - * client connections we can piggy-back on. - */ - - adsin = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); - - lws_vhost_lock(wsi->vhost); /* ----------------------------------- { */ - - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->vhost->dll_active_client_conns.next) { - struct lws *w = lws_container_of(d, struct lws, - dll_active_client_conns); - - lwsl_debug("%s: check %s %s %d %d\n", __func__, adsin, - w->client_hostname_copy, wsi->c_port, w->c_port); - - if (w != wsi && w->client_hostname_copy && - !strcmp(adsin, w->client_hostname_copy) && -#if defined(LWS_WITH_TLS) - (wsi->tls.use_ssl & LCCSCF_USE_SSL) == - (w->tls.use_ssl & LCCSCF_USE_SSL) && -#endif - wsi->c_port == w->c_port) { - - /* someone else is already connected to the right guy */ - - /* do we know for a fact pipelining won't fly? */ - if (w->keepalive_rejected) { - lwsl_info("defeating pipelining due to no " - "keepalive on server\n"); - lws_vhost_unlock(wsi->vhost); /* } ---------- */ - goto create_new_conn; - } -#if defined (LWS_WITH_HTTP2) - /* - * h2: in usable state already: just use it without - * going through the queue - */ - if (w->client_h2_alpn && - (lwsi_state(w) == LRS_H2_WAITING_TO_SEND_HEADERS || - lwsi_state(w) == LRS_ESTABLISHED)) { - - lwsl_info("%s: just join h2 directly\n", - __func__); - - wsi->client_h2_alpn = 1; - lws_wsi_h2_adopt(w, wsi); - lws_vhost_unlock(wsi->vhost); /* } ---------- */ - - return wsi; - } -#endif - - lwsl_info("applying %p to txn queue on %p state 0x%x\n", - wsi, w, w->wsistate); - /* - * ...let's add ourselves to his transaction queue... - * we are adding ourselves at the HEAD - */ - lws_dll_lws_add_front(&wsi->dll_client_transaction_queue, - &w->dll_client_transaction_queue_head); - - /* - * h1: pipeline our headers out on him, - * and wait for our turn at client transaction_complete - * to take over parsing the rx. - */ - - wsi_piggyback = w; - - lws_vhost_unlock(wsi->vhost); /* } ---------- */ - goto send_hs; - } - - } lws_end_foreach_dll_safe(d, d1); - - lws_vhost_unlock(wsi->vhost); /* } ---------------------------------- */ - -create_new_conn: -#endif - - /* - * clients who will create their own fresh connection keep a copy of - * the hostname they originally connected to, in case other connections - * want to use it too - */ - - if (!wsi->client_hostname_copy) - wsi->client_hostname_copy = - lws_strdup(lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_PEER_ADDRESS)); - - /* - * If we made our own connection, and we're doing a method that can take - * a pipeline, we are an "active client connection". - * - * Add ourselves to the vhost list of those so that others can - * piggyback on our transaction queue - */ - - if (meth && (!strcmp(meth, "GET") || !strcmp(meth, "POST")) && - lws_dll_is_null(&wsi->dll_client_transaction_queue) && - lws_dll_is_null(&wsi->dll_active_client_conns)) { - lws_vhost_lock(wsi->vhost); - /* caution... we will have to unpick this on oom4 path */ - lws_dll_lws_add_front(&wsi->dll_active_client_conns, - &wsi->vhost->dll_active_client_conns); - lws_vhost_unlock(wsi->vhost); - } - - /* - * unix socket destination? - */ - - ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); -#if defined(LWS_WITH_UNIX_SOCK) - if (*ads == '+') { - ads++; - memset(&sau, 0, sizeof(sau)); - sau.sun_family = AF_UNIX; - strncpy(sau.sun_path, ads, sizeof(sau.sun_path)); - sau.sun_path[sizeof(sau.sun_path) - 1] = '\0'; - - lwsl_info("%s: Unix skt: %s\n", __func__, ads); - - if (sau.sun_path[0] == '@') - sau.sun_path[0] = '\0'; - - unix_skt = 1; - goto ads_known; - } -#endif - - /* - * start off allowing ipv6 on connection if vhost allows it - */ - wsi->ipv6 = LWS_IPV6_ENABLED(wsi->vhost); - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - - /* Decide what it is we need to connect to: - * - * Priority 1: connect to http proxy */ - - if (wsi->vhost->http.http_proxy_port) { - plen = sprintf((char *)pt->serv_buf, - "CONNECT %s:%u HTTP/1.0\x0d\x0a" - "User-agent: libwebsockets\x0d\x0a", - lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS), - wsi->c_port); - - if (wsi->vhost->proxy_basic_auth_token[0]) - plen += sprintf((char *)pt->serv_buf + plen, - "Proxy-authorization: basic %s\x0d\x0a", - wsi->vhost->proxy_basic_auth_token); - - plen += sprintf((char *)pt->serv_buf + plen, "\x0d\x0a"); - ads = wsi->vhost->http.http_proxy_address; - port = wsi->vhost->http.http_proxy_port; -#else - if (0) { -#endif - -#if defined(LWS_WITH_SOCKS5) - - /* Priority 2: Connect to SOCK5 Proxy */ - - } else if (wsi->vhost->socks_proxy_port) { - socks_generate_msg(wsi, SOCKS_MSG_GREETING, &plen); - lwsl_client("Sending SOCKS Greeting\n"); - ads = wsi->vhost->socks_proxy_address; - port = wsi->vhost->socks_proxy_port; -#endif - } else { - - /* Priority 3: Connect directly */ - - ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); - port = wsi->c_port; - } - - /* - * prepare the actual connection - * to whatever we decided to connect to - */ - - lwsl_info("%s: %p: address %s\n", __func__, wsi, ads); - - n = lws_getaddrinfo46(wsi, ads, &result); - -#ifdef LWS_WITH_IPV6 - if (wsi->ipv6) { - struct sockaddr_in6 *sa6; - - if (n || !result) { - /* lws_getaddrinfo46 failed, there is no usable result */ - lwsl_notice("%s: lws_getaddrinfo46 failed %d\n", - __func__, n); - cce = "ipv6 lws_getaddrinfo46 failed"; - goto oom4; - } - - sa6 = ((struct sockaddr_in6 *)result->ai_addr); - - memset(&sa46, 0, sizeof(sa46)); - - sa46.sa6.sin6_family = AF_INET6; - switch (result->ai_family) { - case AF_INET: - if (ipv6only) - break; - /* map IPv4 to IPv6 */ - bzero((char *)&sa46.sa6.sin6_addr, - sizeof(sa46.sa6.sin6_addr)); - sa46.sa6.sin6_addr.s6_addr[10] = 0xff; - sa46.sa6.sin6_addr.s6_addr[11] = 0xff; - memcpy(&sa46.sa6.sin6_addr.s6_addr[12], - &((struct sockaddr_in *)result->ai_addr)->sin_addr, - sizeof(struct in_addr)); - lwsl_notice("uplevelling AF_INET to AF_INET6\n"); - break; - - case AF_INET6: - memcpy(&sa46.sa6.sin6_addr, &sa6->sin6_addr, - sizeof(struct in6_addr)); - sa46.sa6.sin6_scope_id = sa6->sin6_scope_id; - sa46.sa6.sin6_flowinfo = sa6->sin6_flowinfo; - break; - default: - lwsl_err("Unknown address family\n"); - freeaddrinfo(result); - cce = "unknown address family"; - goto oom4; - } - } else -#endif /* use ipv6 */ - - /* use ipv4 */ - { - void *p = NULL; - - if (!n) { - struct addrinfo *res = result; - - /* pick the first AF_INET (IPv4) result */ - - while (!p && res) { - switch (res->ai_family) { - case AF_INET: - p = &((struct sockaddr_in *)res->ai_addr)->sin_addr; - break; - } - - res = res->ai_next; - } -#if defined(LWS_FALLBACK_GETHOSTBYNAME) - } else if (n == EAI_SYSTEM) { - struct hostent *host; - - lwsl_info("ipv4 getaddrinfo err, try gethostbyname\n"); - host = gethostbyname(ads); - if (host) { - p = host->h_addr; - } else { - lwsl_err("gethostbyname failed\n"); - cce = "gethostbyname (ipv4) failed"; - goto oom4; - } -#endif - } else { - lwsl_err("getaddrinfo failed: %d\n", n); - cce = "getaddrinfo failed"; - goto oom4; - } - - if (!p) { - if (result) - freeaddrinfo(result); - lwsl_err("Couldn't identify address\n"); - cce = "unable to lookup address"; - goto oom4; - } - - sa46.sa4.sin_family = AF_INET; - sa46.sa4.sin_addr = *((struct in_addr *)p); - bzero(&sa46.sa4.sin_zero, 8); - } - - if (result) - freeaddrinfo(result); - -#if defined(LWS_WITH_UNIX_SOCK) -ads_known: -#endif - - /* now we decided on ipv4 or ipv6, set the port */ - - if (!lws_socket_is_valid(wsi->desc.sockfd)) { - - if (wsi->context->event_loop_ops->check_client_connect_ok && - wsi->context->event_loop_ops->check_client_connect_ok(wsi)) { - cce = "waiting for event loop watcher to close"; - goto oom4; - } - -#if defined(LWS_WITH_UNIX_SOCK) - if (unix_skt) { - wsi->unix_skt = 1; - wsi->desc.sockfd = socket(AF_UNIX, SOCK_STREAM, 0); - } else -#endif - { - -#ifdef LWS_WITH_IPV6 - if (wsi->ipv6) - wsi->desc.sockfd = socket(AF_INET6, SOCK_STREAM, 0); - else -#endif - wsi->desc.sockfd = socket(AF_INET, SOCK_STREAM, 0); - } - - if (!lws_socket_is_valid(wsi->desc.sockfd)) { - lwsl_warn("Unable to open socket\n"); - cce = "unable to open socket"; - goto oom4; - } - - if (lws_plat_set_socket_options(wsi->vhost, wsi->desc.sockfd, -#if defined(LWS_WITH_UNIX_SOCK) - unix_skt)) { -#else - 0)) { -#endif - lwsl_err("Failed to set wsi socket options\n"); - compatible_close(wsi->desc.sockfd); - cce = "set socket opts failed"; - goto oom4; - } - - lwsi_set_state(wsi, LRS_WAITING_CONNECT); - - if (wsi->context->event_loop_ops->accept) - if (wsi->context->event_loop_ops->accept(wsi)) { - compatible_close(wsi->desc.sockfd); - cce = "event loop accept failed"; - goto oom4; - } - - if (__insert_wsi_socket_into_fds(wsi->context, wsi)) { - compatible_close(wsi->desc.sockfd); - cce = "insert wsi failed"; - goto oom4; - } - - lws_change_pollfd(wsi, 0, LWS_POLLIN); - - /* - * past here, we can't simply free the structs as error - * handling as oom4 does. We have to run the whole close flow. - */ - - if (!wsi->protocol) - wsi->protocol = &wsi->vhost->protocols[0]; - - wsi->protocol->callback(wsi, LWS_CALLBACK_WSI_CREATE, - wsi->user_space, NULL, 0); - - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CONNECT_RESPONSE, - AWAITING_TIMEOUT); - - iface = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE); - - if (iface) { - n = lws_socket_bind(wsi->vhost, wsi->desc.sockfd, 0, - iface); - if (n < 0) { - cce = "unable to bind socket"; - goto failed; - } - } - } - -#if defined(LWS_WITH_UNIX_SOCK) - if (unix_skt) { - psa = (const struct sockaddr *)&sau; - n = sizeof(sau); - } else -#endif - - { -#ifdef LWS_WITH_IPV6 - if (wsi->ipv6) { - sa46.sa6.sin6_port = htons(port); - n = sizeof(struct sockaddr_in6); - psa = (const struct sockaddr *)&sa46; - } else -#endif - { - sa46.sa4.sin_port = htons(port); - n = sizeof(struct sockaddr); - psa = (const struct sockaddr *)&sa46; - } - } - - if (connect(wsi->desc.sockfd, (const struct sockaddr *)psa, n) == -1 || - LWS_ERRNO == LWS_EISCONN) { - if (LWS_ERRNO == LWS_EALREADY || - LWS_ERRNO == LWS_EINPROGRESS || - LWS_ERRNO == LWS_EWOULDBLOCK -#ifdef _WIN32 - || LWS_ERRNO == WSAEINVAL -#endif - ) { - lwsl_client("nonblocking connect retry (errno = %d)\n", - LWS_ERRNO); - - if (lws_plat_check_connection_error(wsi)) { - cce = "socket connect failed"; - goto failed; - } - - /* - * must do specifically a POLLOUT poll to hear - * about the connect completion - */ - if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) { - cce = "POLLOUT set failed"; - goto failed; - } - - return wsi; - } - - if (LWS_ERRNO != LWS_EISCONN) { - lwsl_notice("Connect failed errno=%d\n", LWS_ERRNO); - cce = "connect failed"; - goto failed; - } - } - - lwsl_client("connected\n"); - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - /* we are connected to server, or proxy */ - - /* http proxy */ - if (wsi->vhost->http.http_proxy_port) { - - /* - * OK from now on we talk via the proxy, so connect to that - * - * (will overwrite existing pointer, - * leaving old string/frag there but unreferenced) - */ - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, - wsi->vhost->http.http_proxy_address)) - goto failed; - wsi->c_port = wsi->vhost->http.http_proxy_port; - - n = send(wsi->desc.sockfd, (char *)pt->serv_buf, (int)plen, - MSG_NOSIGNAL); - if (n < 0) { - lwsl_debug("ERROR writing to proxy socket\n"); - cce = "proxy write failed"; - goto failed; - } - - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_PROXY_RESPONSE, - AWAITING_TIMEOUT); - - lwsi_set_state(wsi, LRS_WAITING_PROXY_REPLY); - - return wsi; - } -#endif -#if defined(LWS_WITH_SOCKS5) - /* socks proxy */ - else if (wsi->vhost->socks_proxy_port) { - n = send(wsi->desc.sockfd, (char *)pt->serv_buf, plen, - MSG_NOSIGNAL); - if (n < 0) { - lwsl_debug("ERROR writing socks greeting\n"); - cce = "socks write failed"; - goto failed; - } - - lws_set_timeout(wsi, - PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY, - AWAITING_TIMEOUT); - - lwsi_set_state(wsi, LRS_WAITING_SOCKS_GREETING_REPLY); - - return wsi; - } -#endif -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) -send_hs: - - if (wsi_piggyback && - !lws_dll_is_null(&wsi->dll_client_transaction_queue)) { - /* - * We are pipelining on an already-established connection... - * we can skip tls establishment. - */ - - lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); - - /* - * we can't send our headers directly, because they have to - * be sent when the parent is writeable. The parent will check - * for anybody on his client transaction queue that is in - * LRS_H1C_ISSUE_HANDSHAKE2, and let them write. - * - * If we are trying to do this too early, before the master - * connection has written his own headers, then it will just - * wait in the queue until it's possible to send them. - */ - lws_callback_on_writable(wsi_piggyback); - lwsl_info("%s: wsi %p: waiting to send hdrs (par state 0x%x)\n", - __func__, wsi, lwsi_state(wsi_piggyback)); - } else { - lwsl_info("%s: wsi %p: client creating own connection\n", - __func__, wsi); - - /* we are making our own connection */ - lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE); - - /* - * provoke service to issue the handshake directly. - * - * we need to do it this way because in the proxy case, this is - * the next state and executed only if and when we get a good - * proxy response inside the state machine... but notice in - * SSL case this may not have sent anything yet with 0 return, - * and won't until many retries from main loop. To stop that - * becoming endless, cover with a timeout. - */ - - lws_set_timeout(wsi, PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE, - AWAITING_TIMEOUT); - - pfd.fd = wsi->desc.sockfd; - pfd.events = LWS_POLLIN; - pfd.revents = LWS_POLLIN; - - n = lws_service_fd(context, &pfd); - if (n < 0) { - cce = "first service failed"; - goto failed; - } - if (n) /* returns 1 on failure after closing wsi */ - return NULL; - } -#endif - return wsi; - -oom4: - if (lwsi_role_client(wsi) /* && lwsi_state_est(wsi) */) { - wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_CONNECTION_ERROR, - wsi->user_space, (void *)cce, strlen(cce)); - wsi->already_did_cce = 1; - } - /* take care that we might be inserted in fds already */ - if (wsi->position_in_fds_table != LWS_NO_FDS_POS) - goto failed1; - - /* - * We can't be an active client connection any more, if we thought - * that was what we were going to be doing. It should be if we are - * failing by oom4 path, we are still called by - * lws_client_connect_via_info() and will be returning NULL to that, - * so nobody else should have had a chance to queue on us. - */ - { - struct lws_vhost *vhost = wsi->vhost; - - lws_vhost_lock(vhost); - __lws_free_wsi(wsi); - lws_vhost_unlock(vhost); - } - - return NULL; - -failed: - wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_CONNECTION_ERROR, - wsi->user_space, (void *)cce, strlen(cce)); - wsi->already_did_cce = 1; -failed1: - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "client_connect2"); - - return NULL; -} - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - -/** - * lws_client_reset() - retarget a connected wsi to start over with a new - * connection (ie, redirect) - * this only works if still in HTTP, ie, not upgraded yet - * wsi: connection to reset - * address: network address of the new server - * port: port to connect to - * path: uri path to connect to on the new server - * host: host header to send to the new server - */ -LWS_VISIBLE struct lws * -lws_client_reset(struct lws **pwsi, int ssl, const char *address, int port, - const char *path, const char *host) -{ - char origin[300] = "", protocol[300] = "", method[32] = "", - iface[16] = "", alpn[32] = "", *p; - struct lws *wsi = *pwsi; - - if (wsi->redirects == 3) { - lwsl_err("%s: Too many redirects\n", __func__); - return NULL; - } - wsi->redirects++; - - p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN); - if (p) - lws_strncpy(origin, p, sizeof(origin)); - - p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); - if (p) - lws_strncpy(protocol, p, sizeof(protocol)); - - p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); - if (p) - lws_strncpy(method, p, sizeof(method)); - - p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE); - if (p) - lws_strncpy(iface, p, sizeof(iface)); - - p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ALPN); - if (p) - lws_strncpy(alpn, p, sizeof(alpn)); - - lwsl_info("redirect ads='%s', port=%d, path='%s', ssl = %d\n", - address, port, path, ssl); - - /* close the connection by hand */ - -#if defined(LWS_WITH_TLS) - lws_ssl_close(wsi); -#endif - - __remove_wsi_socket_from_fds(wsi); - - if (wsi->context->event_loop_ops->close_handle_manually) - wsi->context->event_loop_ops->close_handle_manually(wsi); - else - compatible_close(wsi->desc.sockfd); - -#if defined(LWS_WITH_TLS) - wsi->tls.use_ssl = ssl; -#else - if (ssl) { - lwsl_err("%s: not configured for ssl\n", __func__); - return NULL; - } -#endif - - wsi->desc.sockfd = LWS_SOCK_INVALID; - lwsi_set_state(wsi, LRS_UNCONNECTED); - wsi->protocol = NULL; - wsi->pending_timeout = NO_PENDING_TIMEOUT; - wsi->c_port = port; - wsi->hdr_parsing_completed = 0; - _lws_header_table_reset(wsi->http.ah); - - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, address)) - return NULL; - - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, host)) - return NULL; - - if (origin[0]) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN, - origin)) - return NULL; - if (protocol[0]) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, - protocol)) - return NULL; - if (method[0]) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_METHOD, - method)) - return NULL; - - if (iface[0]) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_IFACE, - iface)) - return NULL; - if (alpn[0]) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ALPN, - alpn)) - return NULL; - - origin[0] = '/'; - strncpy(&origin[1], path, sizeof(origin) - 2); - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, origin)) - return NULL; - - *pwsi = lws_client_connect_2(wsi); - - return *pwsi; -} - -#if defined(LWS_WITH_HTTP_PROXY) && defined(LWS_WITH_HUBBUB) -hubbub_error -html_parser_cb(const hubbub_token *token, void *pw) -{ - struct lws_rewrite *r = (struct lws_rewrite *)pw; - char buf[1024], *start = buf + LWS_PRE, *p = start, - *end = &buf[sizeof(buf) - 1]; - size_t i; - - switch (token->type) { - case HUBBUB_TOKEN_DOCTYPE: - - p += lws_snprintf(p, end - p, "data.doctype.name.len, - token->data.doctype.name.ptr, - token->data.doctype.force_quirks ? - "(force-quirks) " : ""); - - if (token->data.doctype.public_missing) - lwsl_debug("\tpublic: missing\n"); - else - p += lws_snprintf(p, end - p, "PUBLIC \"%.*s\"\n", - (int) token->data.doctype.public_id.len, - token->data.doctype.public_id.ptr); - - if (token->data.doctype.system_missing) - lwsl_debug("\tsystem: missing\n"); - else - p += lws_snprintf(p, end - p, " \"%.*s\">\n", - (int) token->data.doctype.system_id.len, - token->data.doctype.system_id.ptr); - - break; - case HUBBUB_TOKEN_START_TAG: - p += lws_snprintf(p, end - p, "<%.*s", (int)token->data.tag.name.len, - token->data.tag.name.ptr); - -/* (token->data.tag.self_closing) ? - "(self-closing) " : "", - (token->data.tag.n_attributes > 0) ? - "attributes:" : ""); -*/ - for (i = 0; i < token->data.tag.n_attributes; i++) { - if (!hstrcmp(&token->data.tag.attributes[i].name, "href", 4) || - !hstrcmp(&token->data.tag.attributes[i].name, "action", 6) || - !hstrcmp(&token->data.tag.attributes[i].name, "src", 3)) { - const char *pp = (const char *)token->data.tag.attributes[i].value.ptr; - int plen = (int) token->data.tag.attributes[i].value.len; - - if (strncmp(pp, "http:", 5) && strncmp(pp, "https:", 6)) { - - if (!hstrcmp(&token->data.tag.attributes[i].value, - r->from, r->from_len)) { - pp += r->from_len; - plen -= r->from_len; - } - p += lws_snprintf(p, end - p, " %.*s=\"%s/%.*s\"", - (int) token->data.tag.attributes[i].name.len, - token->data.tag.attributes[i].name.ptr, - r->to, plen, pp); - continue; - } - } - - p += lws_snprintf(p, end - p, " %.*s=\"%.*s\"", - (int) token->data.tag.attributes[i].name.len, - token->data.tag.attributes[i].name.ptr, - (int) token->data.tag.attributes[i].value.len, - token->data.tag.attributes[i].value.ptr); - } - p += lws_snprintf(p, end - p, ">"); - break; - case HUBBUB_TOKEN_END_TAG: - p += lws_snprintf(p, end - p, "data.tag.name.len, - token->data.tag.name.ptr); -/* - (token->data.tag.self_closing) ? - "(self-closing) " : "", - (token->data.tag.n_attributes > 0) ? - "attributes:" : ""); -*/ - for (i = 0; i < token->data.tag.n_attributes; i++) { - p += lws_snprintf(p, end - p, " %.*s='%.*s'\n", - (int) token->data.tag.attributes[i].name.len, - token->data.tag.attributes[i].name.ptr, - (int) token->data.tag.attributes[i].value.len, - token->data.tag.attributes[i].value.ptr); - } - p += lws_snprintf(p, end - p, ">"); - break; - case HUBBUB_TOKEN_COMMENT: - p += lws_snprintf(p, end - p, "\n", - (int) token->data.comment.len, - token->data.comment.ptr); - break; - case HUBBUB_TOKEN_CHARACTER: - if (token->data.character.len == 1) { - if (*token->data.character.ptr == '<') { - p += lws_snprintf(p, end - p, "<"); - break; - } - if (*token->data.character.ptr == '>') { - p += lws_snprintf(p, end - p, ">"); - break; - } - if (*token->data.character.ptr == '&') { - p += lws_snprintf(p, end - p, "&"); - break; - } - } - - p += lws_snprintf(p, end - p, "%.*s", (int) token->data.character.len, - token->data.character.ptr); - break; - case HUBBUB_TOKEN_EOF: - p += lws_snprintf(p, end - p, "\n"); - break; - } - - if (user_callback_handle_rxflow(r->wsi->protocol->callback, - r->wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, - r->wsi->user_space, start, p - start)) - return -1; - - return HUBBUB_OK; -} -#endif - -#endif - -struct lws * -lws_http_client_connect_via_info2(struct lws *wsi) -{ - struct client_info_stash *stash = wsi->stash; - - if (!stash) - return wsi; - - /* - * we're not necessarily in a position to action these right away, - * stash them... we only need during connect phase so into a temp - * allocated stash - */ - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, - stash->address)) - goto bail1; - - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, stash->path)) - goto bail1; - - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, stash->host)) - goto bail1; - - if (stash->origin) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN, - stash->origin)) - goto bail1; - /* - * this is a list of protocols we tell the server we're okay with - * stash it for later when we compare server response with it - */ - if (stash->protocol) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, - stash->protocol)) - goto bail1; - if (stash->method) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_METHOD, - stash->method)) - goto bail1; - if (stash->iface) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_IFACE, - stash->iface)) - goto bail1; - if (stash->alpn) - if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ALPN, - stash->alpn)) - goto bail1; - -#if defined(LWS_WITH_SOCKS5) - if (!wsi->vhost->socks_proxy_port) - lws_client_stash_destroy(wsi); -#endif - - wsi->context->count_wsi_allocated++; - - return lws_client_connect_2(wsi); - -bail1: -#if defined(LWS_WITH_SOCKS5) - if (!wsi->vhost->socks_proxy_port) - lws_free_set_NULL(wsi->stash); -#endif - - return NULL; -} - -#if defined(LWS_WITH_SOCKS5) -void socks_generate_msg(struct lws *wsi, enum socks_msg_type type, - ssize_t *msg_len) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - ssize_t len = 0, n, passwd_len; - short net_num; - char *p; - - switch (type) { - case SOCKS_MSG_GREETING: - /* socks version, version 5 only */ - pt->serv_buf[len++] = SOCKS_VERSION_5; - /* number of methods */ - pt->serv_buf[len++] = 2; - /* username password method */ - pt->serv_buf[len++] = SOCKS_AUTH_USERNAME_PASSWORD; - /* no authentication method */ - pt->serv_buf[len++] = SOCKS_AUTH_NO_AUTH; - break; - - case SOCKS_MSG_USERNAME_PASSWORD: - n = strlen(wsi->vhost->socks_user); - passwd_len = strlen(wsi->vhost->socks_password); - - /* the subnegotiation version */ - pt->serv_buf[len++] = SOCKS_SUBNEGOTIATION_VERSION_1; - /* length of the user name */ - pt->serv_buf[len++] = n; - /* user name */ - lws_strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_user, - context->pt_serv_buf_size - len + 1); - len += n; - /* length of the password */ - pt->serv_buf[len++] = passwd_len; - /* password */ - lws_strncpy((char *)&pt->serv_buf[len], - wsi->vhost->socks_password, - context->pt_serv_buf_size - len + 1); - len += passwd_len; - break; - - case SOCKS_MSG_CONNECT: - p = (char*)&net_num; - - /* socks version */ - pt->serv_buf[len++] = SOCKS_VERSION_5; - /* socks command */ - pt->serv_buf[len++] = SOCKS_COMMAND_CONNECT; - /* reserved */ - pt->serv_buf[len++] = 0; - /* address type */ - pt->serv_buf[len++] = SOCKS_ATYP_DOMAINNAME; - /* skip length, we fill it in at the end */ - n = len++; - - /* the address we tell SOCKS proxy to connect to */ - lws_strncpy((char *)&(pt->serv_buf[len]), wsi->stash->address, - context->pt_serv_buf_size - len + 1); - len += strlen(wsi->stash->address); - net_num = htons(wsi->c_port); - - /* the port we tell SOCKS proxy to connect to */ - pt->serv_buf[len++] = p[0]; - pt->serv_buf[len++] = p[1]; - - /* the length of the address, excluding port */ - pt->serv_buf[n] = strlen(wsi->stash->address); - break; - - default: - return; - } - - *msg_len = len; -} -#endif diff --git a/thirdparty/libwebsockets/lib/roles/http/client/client.c b/thirdparty/libwebsockets/lib/roles/http/client/client.c deleted file mode 100644 index 1d6f13dcf8..0000000000 --- a/thirdparty/libwebsockets/lib/roles/http/client/client.c +++ /dev/null @@ -1,1274 +0,0 @@ -/* - * libwebsockets - lib/client/client.c - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -LWS_VISIBLE LWS_EXTERN void -lws_client_http_body_pending(struct lws *wsi, int something_left_to_send) -{ - wsi->client_http_body_pending = !!something_left_to_send; -} - -/* - * return self, or queued client wsi we are acting on behalf of - * - * That is the TAIL of the queue (new queue elements are added at the HEAD) - */ - -struct lws * -lws_client_wsi_effective(struct lws *wsi) -{ - struct lws_dll_lws *tail = NULL; - - if (!wsi->transaction_from_pipeline_queue || - !wsi->dll_client_transaction_queue_head.next) - return wsi; - - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->dll_client_transaction_queue_head.next) { - tail = d; - } lws_end_foreach_dll_safe(d, d1); - - return lws_container_of(tail, struct lws, - dll_client_transaction_queue); -} - -/* - * return self or the guy we are queued under - * - * REQUIRES VHOST LOCK HELD - */ - -static struct lws * -_lws_client_wsi_master(struct lws *wsi) -{ - struct lws *wsi_eff = wsi; - struct lws_dll_lws *d; - - d = wsi->dll_client_transaction_queue.prev; - while (d) { - wsi_eff = lws_container_of(d, struct lws, - dll_client_transaction_queue_head); - - d = d->prev; - } - - return wsi_eff; -} - -int -lws_client_socket_service(struct lws *wsi, struct lws_pollfd *pollfd, - struct lws *wsi_conn) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - char *p = (char *)&pt->serv_buf[0]; - struct lws *w; -#if defined(LWS_WITH_TLS) - char ebuf[128]; -#endif - const char *cce = NULL; -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - ssize_t len = 0; - unsigned char c; -#endif - char *sb = p; - int n = 0; -#if defined(LWS_WITH_SOCKS5) - int conn_mode = 0, pending_timeout = 0; -#endif - - if ((pollfd->revents & LWS_POLLOUT) && - wsi->keepalive_active && - wsi->dll_client_transaction_queue_head.next) { - struct lws *wfound = NULL; - - lwsl_debug("%s: pollout HANDSHAKE2\n", __func__); - - /* - * We have a transaction queued that wants to pipeline. - * - * We have to allow it to send headers strictly in the order - * that it was queued, ie, tail-first. - */ - lws_vhost_lock(wsi->vhost); - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - wsi->dll_client_transaction_queue_head.next) { - struct lws *w = lws_container_of(d, struct lws, - dll_client_transaction_queue); - - lwsl_debug("%s: %p states 0x%x\n", __func__, w, - w->wsistate); - if (lwsi_state(w) == LRS_H1C_ISSUE_HANDSHAKE2) - wfound = w; - } lws_end_foreach_dll_safe(d, d1); - - if (wfound) { - /* - * pollfd has the master sockfd in it... we - * need to use that in HANDSHAKE2 to understand - * which wsi to actually write on - */ - lws_client_socket_service(wfound, pollfd, wsi); - lws_callback_on_writable(wsi); - } else - lwsl_debug("%s: didn't find anything in txn q in HS2\n", - __func__); - - lws_vhost_unlock(wsi->vhost); - - return 0; - } - - switch (lwsi_state(wsi)) { - - case LRS_WAITING_CONNECT: - - /* - * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE - * timeout protection set in client-handshake.c - */ - - if (!lws_client_connect_2(wsi)) { - /* closed */ - lwsl_client("closed\n"); - return -1; - } - - /* either still pending connection, or changed mode */ - return 0; - -#if defined(LWS_WITH_SOCKS5) - /* SOCKS Greeting Reply */ - case LRS_WAITING_SOCKS_GREETING_REPLY: - case LRS_WAITING_SOCKS_AUTH_REPLY: - case LRS_WAITING_SOCKS_CONNECT_REPLY: - - /* handle proxy hung up on us */ - - if (pollfd->revents & LWS_POLLHUP) { - lwsl_warn("SOCKS connection %p (fd=%d) dead\n", - (void *)wsi, pollfd->fd); - goto bail3; - } - - n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0); - if (n < 0) { - if (LWS_ERRNO == LWS_EAGAIN) { - lwsl_debug("SOCKS read EAGAIN, retrying\n"); - return 0; - } - lwsl_err("ERROR reading from SOCKS socket\n"); - goto bail3; - } - - switch (lwsi_state(wsi)) { - - case LRS_WAITING_SOCKS_GREETING_REPLY: - if (pt->serv_buf[0] != SOCKS_VERSION_5) - goto socks_reply_fail; - - if (pt->serv_buf[1] == SOCKS_AUTH_NO_AUTH) { - lwsl_client("SOCKS GR: No Auth Method\n"); - socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len); - conn_mode = LRS_WAITING_SOCKS_CONNECT_REPLY; - pending_timeout = - PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY; - goto socks_send; - } - - if (pt->serv_buf[1] == SOCKS_AUTH_USERNAME_PASSWORD) { - lwsl_client("SOCKS GR: User/Pw Method\n"); - socks_generate_msg(wsi, - SOCKS_MSG_USERNAME_PASSWORD, - &len); - conn_mode = LRS_WAITING_SOCKS_AUTH_REPLY; - pending_timeout = - PENDING_TIMEOUT_AWAITING_SOCKS_AUTH_REPLY; - goto socks_send; - } - goto socks_reply_fail; - - case LRS_WAITING_SOCKS_AUTH_REPLY: - if (pt->serv_buf[0] != SOCKS_SUBNEGOTIATION_VERSION_1 || - pt->serv_buf[1] != - SOCKS_SUBNEGOTIATION_STATUS_SUCCESS) - goto socks_reply_fail; - - lwsl_client("SOCKS password OK, sending connect\n"); - socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len); - conn_mode = LRS_WAITING_SOCKS_CONNECT_REPLY; - pending_timeout = - PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY; -socks_send: - n = send(wsi->desc.sockfd, (char *)pt->serv_buf, len, - MSG_NOSIGNAL); - if (n < 0) { - lwsl_debug("ERROR writing to socks proxy\n"); - goto bail3; - } - - lws_set_timeout(wsi, pending_timeout, AWAITING_TIMEOUT); - lwsi_set_state(wsi, conn_mode); - break; - -socks_reply_fail: - lwsl_notice("socks reply: v%d, err %d\n", - pt->serv_buf[0], pt->serv_buf[1]); - goto bail3; - - case LRS_WAITING_SOCKS_CONNECT_REPLY: - if (pt->serv_buf[0] != SOCKS_VERSION_5 || - pt->serv_buf[1] != SOCKS_REQUEST_REPLY_SUCCESS) - goto socks_reply_fail; - - lwsl_client("socks connect OK\n"); - - /* free stash since we are done with it */ - lws_client_stash_destroy(wsi); - if (lws_hdr_simple_create(wsi, - _WSI_TOKEN_CLIENT_PEER_ADDRESS, - wsi->vhost->socks_proxy_address)) - goto bail3; - - wsi->c_port = wsi->vhost->socks_proxy_port; - - /* clear his proxy connection timeout */ - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - goto start_ws_handshake; - default: - break; - } - break; -#endif - - case LRS_WAITING_PROXY_REPLY: - - /* handle proxy hung up on us */ - - if (pollfd->revents & LWS_POLLHUP) { - - lwsl_warn("Proxy connection %p (fd=%d) dead\n", - (void *)wsi, pollfd->fd); - - goto bail3; - } - - n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0); - if (n < 0) { - if (LWS_ERRNO == LWS_EAGAIN) { - lwsl_debug("Proxy read EAGAIN... retrying\n"); - return 0; - } - lwsl_err("ERROR reading from proxy socket\n"); - goto bail3; - } - - pt->serv_buf[13] = '\0'; - if (strcmp(sb, "HTTP/1.0 200 ") && - strcmp(sb, "HTTP/1.1 200 ")) { - lwsl_err("ERROR proxy: %s\n", sb); - goto bail3; - } - - /* clear his proxy connection timeout */ - - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - - /* fallthru */ - - case LRS_H1C_ISSUE_HANDSHAKE: - - /* - * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE - * timeout protection set in client-handshake.c - * - * take care of our lws_callback_on_writable - * happening at a time when there's no real connection yet - */ -#if defined(LWS_WITH_SOCKS5) -start_ws_handshake: -#endif - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) - return -1; - -#if defined(LWS_WITH_TLS) - /* we can retry this... just cook the SSL BIO the first time */ - - if ((wsi->tls.use_ssl & LCCSCF_USE_SSL) && !wsi->tls.ssl && - lws_ssl_client_bio_create(wsi) < 0) { - cce = "bio_create failed"; - goto bail3; - } - - if (wsi->tls.use_ssl & LCCSCF_USE_SSL) { - n = lws_ssl_client_connect1(wsi); - if (!n) - return 0; - if (n < 0) { - cce = "lws_ssl_client_connect1 failed"; - goto bail3; - } - } else - wsi->tls.ssl = NULL; - - /* fallthru */ - - case LRS_WAITING_SSL: - - if (wsi->tls.use_ssl & LCCSCF_USE_SSL) { - n = lws_ssl_client_connect2(wsi, ebuf, sizeof(ebuf)); - if (!n) - return 0; - if (n < 0) { - cce = ebuf; - goto bail3; - } - } else - wsi->tls.ssl = NULL; -#endif -#if defined (LWS_WITH_HTTP2) - if (wsi->client_h2_alpn) { - /* - * We connected to the server and set up tls, and - * negotiated "h2". - * - * So this is it, we are an h2 master client connection - * now, not an h1 client connection. - */ -#if defined (LWS_WITH_TLS) - lws_tls_server_conn_alpn(wsi); -#endif - - /* send the H2 preface to legitimize the connection */ - if (lws_h2_issue_preface(wsi)) { - cce = "error sending h2 preface"; - goto bail3; - } - - break; - } -#endif - lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND, - context->timeout_secs); - - /* fallthru */ - - case LRS_H1C_ISSUE_HANDSHAKE2: - p = lws_generate_client_handshake(wsi, p); - if (p == NULL) { - if (wsi->role_ops == &role_ops_raw_skt || - wsi->role_ops == &role_ops_raw_file) - return 0; - - lwsl_err("Failed to generate handshake for client\n"); - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "chs"); - return 0; - } - - /* send our request to the server */ - lws_latency_pre(context, wsi); - - w = _lws_client_wsi_master(wsi); - lwsl_info("%s: HANDSHAKE2: %p: sending headers on %p " - "(wsistate 0x%x 0x%x)\n", __func__, wsi, w, - wsi->wsistate, w->wsistate); - - n = lws_ssl_capable_write(w, (unsigned char *)sb, (int)(p - sb)); - lws_latency(context, wsi, "send lws_issue_raw", n, - n == p - sb); - switch (n) { - case LWS_SSL_CAPABLE_ERROR: - lwsl_debug("ERROR writing to client socket\n"); - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, - "cws"); - return 0; - case LWS_SSL_CAPABLE_MORE_SERVICE: - lws_callback_on_writable(wsi); - break; - } - - if (wsi->client_http_body_pending) { - lwsi_set_state(wsi, LRS_ISSUE_HTTP_BODY); - lws_set_timeout(wsi, - PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, - context->timeout_secs); - /* user code must ask for writable callback */ - break; - } - - lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); - wsi->hdr_parsing_completed = 0; - - if (lwsi_state(w) == LRS_IDLING) { - lwsi_set_state(w, LRS_WAITING_SERVER_REPLY); - w->hdr_parsing_completed = 0; -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - w->http.ah->parser_state = WSI_TOKEN_NAME_PART; - w->http.ah->lextable_pos = 0; - /* If we're (re)starting on hdr, need other implied init */ - wsi->http.ah->ues = URIES_IDLE; -#endif - } - - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, - wsi->context->timeout_secs); - - lws_callback_on_writable(w); - - goto client_http_body_sent; - - case LRS_ISSUE_HTTP_BODY: - if (wsi->client_http_body_pending) { - //lws_set_timeout(wsi, - // PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, - // context->timeout_secs); - /* user code must ask for writable callback */ - break; - } -client_http_body_sent: -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - /* prepare ourselves to do the parsing */ - wsi->http.ah->parser_state = WSI_TOKEN_NAME_PART; - wsi->http.ah->lextable_pos = 0; -#endif - lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, - context->timeout_secs); - break; - - case LRS_WAITING_SERVER_REPLY: - /* - * handle server hanging up on us... - * but if there is POLLIN waiting, handle that first - */ - if ((pollfd->revents & (LWS_POLLIN | LWS_POLLHUP)) == - LWS_POLLHUP) { - - lwsl_debug("Server connection %p (fd=%d) dead\n", - (void *)wsi, pollfd->fd); - cce = "Peer hung up"; - goto bail3; - } - - if (!(pollfd->revents & LWS_POLLIN)) - break; - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - /* interpret the server response - * - * HTTP/1.1 101 Switching Protocols - * Upgrade: websocket - * Connection: Upgrade - * Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo= - * Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC== - * Sec-WebSocket-Protocol: chat - * - * we have to take some care here to only take from the - * socket bytewise. The browser may (and has been seen to - * in the case that onopen() performs websocket traffic) - * coalesce both handshake response and websocket traffic - * in one packet, since at that point the connection is - * definitively ready from browser pov. - */ - len = 1; - while (wsi->http.ah->parser_state != WSI_PARSING_COMPLETE && - len > 0) { - int plen = 1; - - n = lws_ssl_capable_read(wsi, &c, 1); - lws_latency(context, wsi, "send lws_issue_raw", n, - n == 1); - switch (n) { - case 0: - case LWS_SSL_CAPABLE_ERROR: - cce = "read failed"; - goto bail3; - case LWS_SSL_CAPABLE_MORE_SERVICE: - return 0; - } - - if (lws_parse(wsi, &c, &plen)) { - lwsl_warn("problems parsing header\n"); - goto bail3; - } - } - - /* - * hs may also be coming in multiple packets, there is a 5-sec - * libwebsocket timeout still active here too, so if parsing did - * not complete just wait for next packet coming in this state - */ - if (wsi->http.ah->parser_state != WSI_PARSING_COMPLETE) - break; - -#endif - - /* - * otherwise deal with the handshake. If there's any - * packet traffic already arrived we'll trigger poll() again - * right away and deal with it that way - */ - return lws_client_interpret_server_handshake(wsi); - -bail3: - lwsl_info("closing conn at LWS_CONNMODE...SERVER_REPLY\n"); - if (cce) - lwsl_info("reason: %s\n", cce); - wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_CONNECTION_ERROR, - wsi->user_space, (void *)cce, cce ? strlen(cce) : 0); - wsi->already_did_cce = 1; - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cbail3"); - return -1; - - default: - break; - } - - return 0; -} - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - -int LWS_WARN_UNUSED_RESULT -lws_http_transaction_completed_client(struct lws *wsi) -{ - struct lws *wsi_eff = lws_client_wsi_effective(wsi); - - lwsl_info("%s: wsi: %p, wsi_eff: %p (%s)\n", __func__, wsi, wsi_eff, - wsi_eff->protocol->name); - - if (user_callback_handle_rxflow(wsi_eff->protocol->callback, wsi_eff, - LWS_CALLBACK_COMPLETED_CLIENT_HTTP, - wsi_eff->user_space, NULL, 0)) { - lwsl_debug("%s: Completed call returned nonzero (role 0x%x)\n", - __func__, lwsi_role(wsi_eff)); - return -1; - } - - /* - * Are we constitutionally capable of having a queue, ie, we are on - * the "active client connections" list? - * - * If not, that's it for us. - */ - - if (lws_dll_is_null(&wsi->dll_active_client_conns)) - return -1; - - /* if this was a queued guy, close him and remove from queue */ - - if (wsi->transaction_from_pipeline_queue) { - lwsl_debug("closing queued wsi %p\n", wsi_eff); - /* so the close doesn't trigger a CCE */ - wsi_eff->already_did_cce = 1; - __lws_close_free_wsi(wsi_eff, - LWS_CLOSE_STATUS_CLIENT_TRANSACTION_DONE, - "queued client done"); - } - - _lws_header_table_reset(wsi->http.ah); - - /* after the first one, they can only be coming from the queue */ - wsi->transaction_from_pipeline_queue = 1; - - wsi->http.rx_content_length = 0; - wsi->hdr_parsing_completed = 0; - - /* is there a new tail after removing that one? */ - wsi_eff = lws_client_wsi_effective(wsi); - - /* - * Do we have something pipelined waiting? - * it's OK if he hasn't managed to send his headers yet... he's next - * in line to do that... - */ - if (wsi_eff == wsi) { - /* - * Nothing pipelined... we should hang around a bit - * in case something turns up... - */ - lwsl_info("%s: nothing pipelined waiting\n", __func__); - lwsi_set_state(wsi, LRS_IDLING); - - lws_set_timeout(wsi, PENDING_TIMEOUT_CLIENT_CONN_IDLE, 5); - - return 0; - } - - /* - * H1: we can serialize the queued guys into the same ah - * H2: everybody needs their own ah until their own STREAM_END - */ - - /* otherwise set ourselves up ready to go again */ - lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); - - wsi->http.ah->parser_state = WSI_TOKEN_NAME_PART; - wsi->http.ah->lextable_pos = 0; - - lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, - wsi->context->timeout_secs); - - /* If we're (re)starting on headers, need other implied init */ - wsi->http.ah->ues = URIES_IDLE; - - lwsl_info("%s: %p: new queued transaction as %p\n", __func__, wsi, - wsi_eff); - lws_callback_on_writable(wsi); - - return 0; -} - -LWS_VISIBLE LWS_EXTERN unsigned int -lws_http_client_http_response(struct lws *_wsi) -{ - struct lws *wsi; - unsigned int resp; - - if (_wsi->http.ah && _wsi->http.ah->http_response) - return _wsi->http.ah->http_response; - - lws_vhost_lock(_wsi->vhost); - wsi = _lws_client_wsi_master(_wsi); - resp = wsi->http.ah->http_response; - lws_vhost_unlock(_wsi->vhost); - - return resp; -} -#endif -#if defined(LWS_PLAT_OPTEE) -char * -strrchr(const char *s, int c) -{ - char *hit = NULL; - - while (*s) - if (*(s++) == (char)c) - hit = (char *)s - 1; - - return hit; -} - -#define atoll atoi -#endif - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) -int -lws_client_interpret_server_handshake(struct lws *wsi) -{ - int n, port = 0, ssl = 0; - int close_reason = LWS_CLOSE_STATUS_PROTOCOL_ERR; - const char *prot, *ads = NULL, *path, *cce = NULL; - struct allocated_headers *ah; - struct lws *w = lws_client_wsi_effective(wsi); - char *p, *q; - char new_path[300]; - - lws_client_stash_destroy(wsi); - - ah = wsi->http.ah; - if (!wsi->do_ws) { - /* we are being an http client... - */ -#if defined(LWS_ROLE_H2) - if (wsi->client_h2_alpn || wsi->client_h2_substream) { - lwsl_debug("%s: %p: transitioning to h2 client\n", - __func__, wsi); - lws_role_transition(wsi, LWSIFR_CLIENT, - LRS_ESTABLISHED, &role_ops_h2); - } else -#endif - { -#if defined(LWS_ROLE_H1) - { - lwsl_debug("%s: %p: transitioning to h1 client\n", - __func__, wsi); - lws_role_transition(wsi, LWSIFR_CLIENT, - LRS_ESTABLISHED, &role_ops_h1); - } -#else - return -1; -#endif - } - - wsi->http.ah = ah; - ah->http_response = 0; - } - - /* - * well, what the server sent looked reasonable for syntax. - * Now let's confirm it sent all the necessary headers - * - * http (non-ws) client will expect something like this - * - * HTTP/1.0.200 - * server:.libwebsockets - * content-type:.text/html - * content-length:.17703 - * set-cookie:.test=LWS_1456736240_336776_COOKIE;Max-Age=360000 - */ - - wsi->http.conn_type = HTTP_CONNECTION_KEEP_ALIVE; - if (!wsi->client_h2_substream) { - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP); - if (wsi->do_ws && !p) { - lwsl_info("no URI\n"); - cce = "HS: URI missing"; - goto bail3; - } - if (!p) { - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP1_0); - wsi->http.conn_type = HTTP_CONNECTION_CLOSE; - } - if (!p) { - cce = "HS: URI missing"; - lwsl_info("no URI\n"); - goto bail3; - } - } else { - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_STATUS); - if (!p) { - cce = "HS: :status missing"; - lwsl_info("no status\n"); - goto bail3; - } - } - n = atoi(p); - if (ah) - ah->http_response = n; - - if (n == 301 || n == 302 || n == 303 || n == 307 || n == 308) { - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_LOCATION); - if (!p) { - cce = "HS: Redirect code but no Location"; - goto bail3; - } - - /* Relative reference absolute path */ - if (p[0] == '/') { -#if defined(LWS_WITH_TLS) - ssl = wsi->tls.use_ssl & LCCSCF_USE_SSL; -#endif - ads = lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_PEER_ADDRESS); - port = wsi->c_port; - /* +1 as lws_client_reset expects leading / omitted */ - path = p + 1; - } - /* Absolute (Full) URI */ - else if (strchr(p, ':')) { - if (lws_parse_uri(p, &prot, &ads, &port, &path)) { - cce = "HS: URI did not parse"; - goto bail3; - } - - if (!strcmp(prot, "wss") || !strcmp(prot, "https")) - ssl = 1; - } - /* Relative reference relative path */ - else { - /* This doesn't try to calculate an absolute path, - * that will be left to the server */ -#if defined(LWS_WITH_TLS) - ssl = wsi->tls.use_ssl & LCCSCF_USE_SSL; -#endif - ads = lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_PEER_ADDRESS); - port = wsi->c_port; - /* +1 as lws_client_reset expects leading / omitted */ - path = new_path + 1; - lws_strncpy(new_path, lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_URI), sizeof(new_path)); - q = strrchr(new_path, '/'); - if (q) - lws_strncpy(q + 1, p, sizeof(new_path) - - (q - new_path) - 1); - else - path = p; - } - -#if defined(LWS_WITH_TLS) - if ((wsi->tls.use_ssl & LCCSCF_USE_SSL) && !ssl) { - cce = "HS: Redirect attempted SSL downgrade"; - goto bail3; - } -#endif - - if (!lws_client_reset(&wsi, ssl, ads, port, path, ads)) { - /* there are two ways to fail out with NULL return... - * simple, early problem where the wsi is intact, or - * we went through with the reconnect attempt and the - * wsi is already closed. In the latter case, the wsi - * has beet set to NULL additionally. - */ - lwsl_err("Redirect failed\n"); - cce = "HS: Redirect failed"; - if (wsi) - goto bail3; - - return 1; - } - return 0; - } - - if (!wsi->do_ws) { - - /* if h1 KA is allowed, enable the queued pipeline guys */ - - if (!wsi->client_h2_alpn && !wsi->client_h2_substream && - w == wsi) { /* ie, coming to this for the first time */ - if (wsi->http.conn_type == HTTP_CONNECTION_KEEP_ALIVE) - wsi->keepalive_active = 1; - else { - /* - * Ugh... now the main http connection has seen - * both sides, we learn the server doesn't - * support keepalive. - * - * That means any guys queued on us are going - * to have to be restarted from connect2 with - * their own connections. - */ - - /* - * stick around telling any new guys they can't - * pipeline to this server - */ - wsi->keepalive_rejected = 1; - - lws_vhost_lock(wsi->vhost); - lws_start_foreach_dll_safe(struct lws_dll_lws *, - d, d1, - wsi->dll_client_transaction_queue_head.next) { - struct lws *ww = lws_container_of(d, - struct lws, - dll_client_transaction_queue); - - /* remove him from our queue */ - lws_dll_lws_remove( - &ww->dll_client_transaction_queue); - /* give up on pipelining */ - ww->client_pipeline = 0; - - /* go back to "trying to connect" state */ - lws_role_transition(ww, LWSIFR_CLIENT, - LRS_UNCONNECTED, -#if defined(LWS_ROLE_H1) - &role_ops_h1); -#else -#if defined (LWS_ROLE_H2) - &role_ops_h2); -#else - &role_ops_raw); -#endif -#endif - ww->user_space = NULL; - } lws_end_foreach_dll_safe(d, d1); - lws_vhost_unlock(wsi->vhost); - } - } - -#ifdef LWS_WITH_HTTP_PROXY - wsi->http.perform_rewrite = 0; - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE)) { - if (!strncmp(lws_hdr_simple_ptr(wsi, - WSI_TOKEN_HTTP_CONTENT_TYPE), - "text/html", 9)) - wsi->http.perform_rewrite = 0; - } -#endif - - /* allocate the per-connection user memory (if any) */ - if (lws_ensure_user_space(wsi)) { - lwsl_err("Problem allocating wsi user mem\n"); - cce = "HS: OOM"; - goto bail2; - } - - /* he may choose to send us stuff in chunked transfer-coding */ - wsi->chunked = 0; - wsi->chunk_remaining = 0; /* ie, next thing is chunk size */ - if (lws_hdr_total_length(wsi, - WSI_TOKEN_HTTP_TRANSFER_ENCODING)) { - wsi->chunked = !strcmp(lws_hdr_simple_ptr(wsi, - WSI_TOKEN_HTTP_TRANSFER_ENCODING), - "chunked"); - /* first thing is hex, after payload there is crlf */ - wsi->chunk_parser = ELCP_HEX; - } - - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { - wsi->http.rx_content_length = - atoll(lws_hdr_simple_ptr(wsi, - WSI_TOKEN_HTTP_CONTENT_LENGTH)); - lwsl_info("%s: incoming content length %llu\n", - __func__, (unsigned long long) - wsi->http.rx_content_length); - wsi->http.rx_content_remain = - wsi->http.rx_content_length; - } else /* can't do 1.1 without a content length or chunked */ - if (!wsi->chunked) - wsi->http.conn_type = HTTP_CONNECTION_CLOSE; - - /* - * we seem to be good to go, give client last chance to check - * headers and OK it - */ - if (w->protocol->callback(w, - LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH, - w->user_space, NULL, 0)) { - - cce = "HS: disallowed by client filter"; - goto bail2; - } - - /* clear his proxy connection timeout */ - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - - wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; - - /* call him back to inform him he is up */ - if (w->protocol->callback(w, - LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP, - w->user_space, NULL, 0)) { - cce = "HS: disallowed at ESTABLISHED"; - goto bail3; - } - - /* - * for pipelining, master needs to keep his ah... guys who - * queued on him can drop it now though. - */ - - if (w != wsi) - /* free up parsing allocations for queued guy */ - lws_header_table_detach(w, 0); - - lwsl_info("%s: client connection up\n", __func__); - - /* - * Did we get a response from the server with an explicit - * content-length of zero? If so, this transaction is already - * completed at the end of the header processing... - */ - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH) && - !wsi->http.rx_content_length) - return !!lws_http_transaction_completed_client(wsi); - - return 0; - } - -#if defined(LWS_ROLE_WS) - switch (lws_client_ws_upgrade(wsi, &cce)) { - case 2: - goto bail2; - case 3: - goto bail3; - } - - return 0; -#endif - -bail3: - close_reason = LWS_CLOSE_STATUS_NOSTATUS; - -bail2: - if (wsi->protocol) { - n = 0; - if (cce) - n = (int)strlen(cce); - w->protocol->callback(w, - LWS_CALLBACK_CLIENT_CONNECTION_ERROR, - w->user_space, (void *)cce, - (unsigned int)n); - } - wsi->already_did_cce = 1; - - lwsl_info("closing connection (prot %s) " - "due to bail2 connection error: %s\n", wsi->protocol ? - wsi->protocol->name : "unknown", cce); - - /* closing will free up his parsing allocations */ - lws_close_free_wsi(wsi, close_reason, "c hs interp"); - - return 1; -} -#endif - -char * -lws_generate_client_handshake(struct lws *wsi, char *pkt) -{ - char *p = pkt; - const char *meth; - const char *pp = lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); - - meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); - if (!meth) { - meth = "GET"; - wsi->do_ws = 1; - } else { - wsi->do_ws = 0; - } - - if (!strcmp(meth, "RAW")) { - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - lwsl_notice("client transition to raw\n"); - - if (pp) { - const struct lws_protocols *pr; - - pr = lws_vhost_name_to_protocol(wsi->vhost, pp); - - if (!pr) { - lwsl_err("protocol %s not enabled on vhost\n", - pp); - return NULL; - } - - lws_bind_protocol(wsi, pr, __func__); - } - - if ((wsi->protocol->callback)(wsi, LWS_CALLBACK_RAW_ADOPT, - wsi->user_space, NULL, 0)) - return NULL; - - lws_role_transition(wsi, 0, LRS_ESTABLISHED, &role_ops_raw_skt); - lws_header_table_detach(wsi, 1); - - return NULL; - } - - /* - * 04 example client handshake - * - * GET /chat HTTP/1.1 - * Host: server.example.com - * Upgrade: websocket - * Connection: Upgrade - * Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== - * Sec-WebSocket-Origin: http://example.com - * Sec-WebSocket-Protocol: chat, superchat - * Sec-WebSocket-Version: 4 - */ - - p += sprintf(p, "%s %s HTTP/1.1\x0d\x0a", meth, - lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI)); - - p += sprintf(p, "Pragma: no-cache\x0d\x0a" - "Cache-Control: no-cache\x0d\x0a"); - - p += sprintf(p, "Host: %s\x0d\x0a", - lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_HOST)); - - if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN)) { - if (lws_check_opt(wsi->context->options, - LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN)) - p += sprintf(p, "Origin: %s\x0d\x0a", - lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_ORIGIN)); - else - p += sprintf(p, "Origin: http://%s\x0d\x0a", - lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_ORIGIN)); - } -#if defined(LWS_ROLE_WS) - if (wsi->do_ws) { - const char *conn1 = ""; - if (!wsi->client_pipeline) - conn1 = "close, "; - p = lws_generate_client_ws_handshake(wsi, p, conn1); - } else -#endif - if (!wsi->client_pipeline) - p += sprintf(p, "connection: close\x0d\x0a"); - - /* give userland a chance to append, eg, cookies */ - - if (wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER, - wsi->user_space, &p, - (pkt + wsi->context->pt_serv_buf_size) - p - 12)) - return NULL; - - p += sprintf(p, "\x0d\x0a"); - - return p; -} - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - -LWS_VISIBLE int -lws_http_client_read(struct lws *wsi, char **buf, int *len) -{ - int rlen, n; - - rlen = lws_ssl_capable_read(wsi, (unsigned char *)*buf, *len); - *len = 0; - - // lwsl_notice("%s: rlen %d\n", __func__, rlen); - - /* allow the source to signal he has data again next time */ - lws_change_pollfd(wsi, 0, LWS_POLLIN); - - if (rlen == LWS_SSL_CAPABLE_ERROR) { - lwsl_debug("%s: SSL capable error\n", __func__); - return -1; - } - - if (rlen <= 0) - return 0; - - *len = rlen; - wsi->client_rx_avail = 0; - - /* - * server may insist on transfer-encoding: chunked, - * so http client must deal with it - */ -spin_chunks: - while (wsi->chunked && (wsi->chunk_parser != ELCP_CONTENT) && *len) { - switch (wsi->chunk_parser) { - case ELCP_HEX: - if ((*buf)[0] == '\x0d') { - wsi->chunk_parser = ELCP_CR; - break; - } - n = char_to_hex((*buf)[0]); - if (n < 0) { - lwsl_info("%s: chunking failure\n", __func__); - return -1; - } - wsi->chunk_remaining <<= 4; - wsi->chunk_remaining |= n; - break; - case ELCP_CR: - if ((*buf)[0] != '\x0a') { - lwsl_info("%s: chunking failure\n", __func__); - return -1; - } - wsi->chunk_parser = ELCP_CONTENT; - lwsl_info("chunk %d\n", wsi->chunk_remaining); - if (wsi->chunk_remaining) - break; - lwsl_info("final chunk\n"); - goto completed; - - case ELCP_CONTENT: - break; - - case ELCP_POST_CR: - if ((*buf)[0] != '\x0d') { - lwsl_info("%s: chunking failure\n", __func__); - - return -1; - } - - wsi->chunk_parser = ELCP_POST_LF; - break; - - case ELCP_POST_LF: - if ((*buf)[0] != '\x0a') { - lwsl_info("%s: chunking failure\n", __func__); - - return -1; - } - - wsi->chunk_parser = ELCP_HEX; - wsi->chunk_remaining = 0; - break; - } - (*buf)++; - (*len)--; - } - - if (wsi->chunked && !wsi->chunk_remaining) - return 0; - - if (wsi->http.rx_content_remain && - wsi->http.rx_content_remain < (unsigned int)*len) - n = (int)wsi->http.rx_content_remain; - else - n = *len; - - if (wsi->chunked && wsi->chunk_remaining && - wsi->chunk_remaining < n) - n = wsi->chunk_remaining; - -#if defined(LWS_WITH_HTTP_PROXY) && defined(LWS_WITH_HUBBUB) - /* hubbub */ - if (wsi->http.perform_rewrite) - lws_rewrite_parse(wsi->http.rw, (unsigned char *)*buf, n); - else -#endif - { - struct lws *wsi_eff = lws_client_wsi_effective(wsi); - - if (user_callback_handle_rxflow(wsi_eff->protocol->callback, - wsi_eff, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, - wsi_eff->user_space, *buf, n)) { - lwsl_info("%s: RECEIVE_CLIENT_HTTP_READ returned -1\n", - __func__); - - return -1; - } - } - - if (wsi->chunked && wsi->chunk_remaining) { - (*buf) += n; - wsi->chunk_remaining -= n; - *len -= n; - } - - if (wsi->chunked && !wsi->chunk_remaining) - wsi->chunk_parser = ELCP_POST_CR; - - if (wsi->chunked && *len) - goto spin_chunks; - - if (wsi->chunked) - return 0; - - /* if we know the content length, decrement the content remaining */ - if (wsi->http.rx_content_length > 0) - wsi->http.rx_content_remain -= n; - - // lwsl_notice("rx_content_remain %lld, rx_content_length %lld\n", - // wsi->http.rx_content_remain, wsi->http.rx_content_length); - - if (wsi->http.rx_content_remain || !wsi->http.rx_content_length) - return 0; - -completed: - - if (lws_http_transaction_completed_client(wsi)) { - lwsl_notice("%s: transaction completed says -1\n", __func__); - return -1; - } - - return 0; -} - -#endif diff --git a/thirdparty/libwebsockets/lib/roles/http/header.c b/thirdparty/libwebsockets/lib/roles/http/header.c deleted file mode 100644 index 448c5a8b5c..0000000000 --- a/thirdparty/libwebsockets/lib/roles/http/header.c +++ /dev/null @@ -1,529 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" -#include "lextable-strings.h" - - -const unsigned char * -lws_token_to_string(enum lws_token_indexes token) -{ - if ((unsigned int)token >= LWS_ARRAY_SIZE(set)) - return NULL; - - return (unsigned char *)set[token]; -} - -int -lws_add_http_header_by_name(struct lws *wsi, const unsigned char *name, - const unsigned char *value, int length, - unsigned char **p, unsigned char *end) -{ -#ifdef LWS_WITH_HTTP2 - if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) - return lws_add_http2_header_by_name(wsi, name, - value, length, p, end); -#else - (void)wsi; -#endif - if (name) { - while (*p < end && *name) - *((*p)++) = *name++; - if (*p == end) - return 1; - *((*p)++) = ' '; - } - if (*p + length + 3 >= end) - return 1; - - memcpy(*p, value, length); - *p += length; - *((*p)++) = '\x0d'; - *((*p)++) = '\x0a'; - - return 0; -} - -int lws_finalize_http_header(struct lws *wsi, unsigned char **p, - unsigned char *end) -{ -#ifdef LWS_WITH_HTTP2 - if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) - return 0; -#else - (void)wsi; -#endif - if ((lws_intptr_t)(end - *p) < 3) - return 1; - *((*p)++) = '\x0d'; - *((*p)++) = '\x0a'; - - return 0; -} - -int -lws_finalize_write_http_header(struct lws *wsi, unsigned char *start, - unsigned char **pp, unsigned char *end) -{ - unsigned char *p; - int len; - - if (lws_finalize_http_header(wsi, pp, end)) - return 1; - - p = *pp; - len = lws_ptr_diff(p, start); - - if (lws_write(wsi, start, len, LWS_WRITE_HTTP_HEADERS) != len) - return 1; - - return 0; -} - -int -lws_add_http_header_by_token(struct lws *wsi, enum lws_token_indexes token, - const unsigned char *value, int length, - unsigned char **p, unsigned char *end) -{ - const unsigned char *name; -#ifdef LWS_WITH_HTTP2 - if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) - return lws_add_http2_header_by_token(wsi, token, value, - length, p, end); -#endif - name = lws_token_to_string(token); - if (!name) - return 1; - - return lws_add_http_header_by_name(wsi, name, value, length, p, end); -} - -int -lws_add_http_header_content_length(struct lws *wsi, - lws_filepos_t content_length, - unsigned char **p, unsigned char *end) -{ - char b[24]; - int n; - - n = sprintf(b, "%llu", (unsigned long long)content_length); - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, - (unsigned char *)b, n, p, end)) - return 1; - wsi->http.tx_content_length = content_length; - wsi->http.tx_content_remain = content_length; - - lwsl_info("%s: wsi %p: tx_content_length/remain %llu\n", __func__, - wsi, (unsigned long long)content_length); - - return 0; -} - -int -lws_add_http_common_headers(struct lws *wsi, unsigned int code, - const char *content_type, lws_filepos_t content_len, - unsigned char **p, unsigned char *end) -{ - const char *ka[] = { "close", "keep-alive" }; - int types[] = { HTTP_CONNECTION_CLOSE, HTTP_CONNECTION_KEEP_ALIVE }, - t = 0; - - if (lws_add_http_header_status(wsi, code, p, end)) - return 1; - - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, - (unsigned char *)content_type, - (int)strlen(content_type), p, end)) - return 1; - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - if (!wsi->http.lcs && - (!strncmp(content_type, "text/", 5) || - !strcmp(content_type, "application/javascript") || - !strcmp(content_type, "image/svg+xml"))) - lws_http_compression_apply(wsi, NULL, p, end, 0); -#endif - - /* - * if we decided to compress it, we don't know the content length... - * the compressed data will go out chunked on h1 - */ - if ( -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - !wsi->http.lcs && -#endif - content_len != LWS_ILLEGAL_HTTP_CONTENT_LEN) { - if (lws_add_http_header_content_length(wsi, content_len, - p, end)) - return 1; - } else { - /* there was no length... it normally means CONNECTION_CLOSE */ -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - - if (!wsi->http2_substream && wsi->http.lcs) { - /* so... - * - h1 connection - * - http compression transform active - * - did not send content length - * - * then mark as chunked... - */ - wsi->http.comp_ctx.chunking = 1; - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_TRANSFER_ENCODING, - (unsigned char *)"chunked", 7, p, end)) - return -1; - - /* ... but h1 compression is chunked, if active we can - * still pipeline - */ - if (wsi->http.lcs && - wsi->http.conn_type == HTTP_CONNECTION_KEEP_ALIVE) - t = 1; - } -#endif - if (!wsi->http2_substream) { - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_CONNECTION, - (unsigned char *)ka[t], - (int)strlen(ka[t]), p, end)) - return 1; - - wsi->http.conn_type = types[t]; - } - } - - return 0; -} - -static const char * const err400[] = { - "Bad Request", - "Unauthorized", - "Payment Required", - "Forbidden", - "Not Found", - "Method Not Allowed", - "Not Acceptable", - "Proxy Auth Required", - "Request Timeout", - "Conflict", - "Gone", - "Length Required", - "Precondition Failed", - "Request Entity Too Large", - "Request URI too Long", - "Unsupported Media Type", - "Requested Range Not Satisfiable", - "Expectation Failed" -}; - -static const char * const err500[] = { - "Internal Server Error", - "Not Implemented", - "Bad Gateway", - "Service Unavailable", - "Gateway Timeout", - "HTTP Version Not Supported" -}; - -/* security best practices from Mozilla Observatory */ - -static const -struct lws_protocol_vhost_options pvo_hsbph[] = {{ - NULL, NULL, "referrer-policy:", "no-referrer" -}, { - &pvo_hsbph[0], NULL, "x-frame-options:", "deny" -}, { - &pvo_hsbph[1], NULL, "x-xss-protection:", "1; mode=block" -}, { - &pvo_hsbph[2], NULL, "x-content-type-options:", "nosniff" -}, { - &pvo_hsbph[3], NULL, "content-security-policy:", - "default-src 'none'; img-src 'self' data: ; " - "script-src 'self'; font-src 'self'; " - "style-src 'self'; connect-src 'self'; " - "frame-ancestors 'none'; base-uri 'none';" - "form-action 'self';" -}}; - -int -lws_add_http_header_status(struct lws *wsi, unsigned int _code, - unsigned char **p, unsigned char *end) -{ - static const char * const hver[] = { - "HTTP/1.0", "HTTP/1.1", "HTTP/2" - }; - const struct lws_protocol_vhost_options *headers; - unsigned int code = _code & LWSAHH_CODE_MASK; - const char *description = "", *p1; - unsigned char code_and_desc[60]; - int n; - -#ifdef LWS_WITH_ACCESS_LOG - wsi->http.access_log.response = code; -#endif - -#ifdef LWS_WITH_HTTP2 - if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) { - n = lws_add_http2_header_status(wsi, code, p, end); - if (n) - return n; - } else -#endif - { - if (code >= 400 && code < (400 + LWS_ARRAY_SIZE(err400))) - description = err400[code - 400]; - if (code >= 500 && code < (500 + LWS_ARRAY_SIZE(err500))) - description = err500[code - 500]; - - if (code == 100) - description = "Continue"; - if (code == 200) - description = "OK"; - if (code == 304) - description = "Not Modified"; - else - if (code >= 300 && code < 400) - description = "Redirect"; - - if (wsi->http.request_version < LWS_ARRAY_SIZE(hver)) - p1 = hver[wsi->http.request_version]; - else - p1 = hver[0]; - - n = sprintf((char *)code_and_desc, "%s %u %s", p1, code, - description); - - if (lws_add_http_header_by_name(wsi, NULL, code_and_desc, n, p, - end)) - return 1; - } - - headers = wsi->vhost->headers; - while (headers) { - if (lws_add_http_header_by_name(wsi, - (const unsigned char *)headers->name, - (unsigned char *)headers->value, - (int)strlen(headers->value), p, end)) - return 1; - - headers = headers->next; - } - - if (wsi->vhost->options & - LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE) { - headers = &pvo_hsbph[LWS_ARRAY_SIZE(pvo_hsbph) - 1]; - while (headers) { - if (lws_add_http_header_by_name(wsi, - (const unsigned char *)headers->name, - (unsigned char *)headers->value, - (int)strlen(headers->value), p, end)) - return 1; - - headers = headers->next; - } - } - - if (wsi->context->server_string && - !(_code & LWSAHH_FLAG_NO_SERVER_NAME)) - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_SERVER, - (unsigned char *)wsi->context->server_string, - wsi->context->server_string_len, p, end)) - return 1; - - if (wsi->vhost->options & LWS_SERVER_OPTION_STS) - if (lws_add_http_header_by_name(wsi, (unsigned char *) - "Strict-Transport-Security:", - (unsigned char *)"max-age=15768000 ; " - "includeSubDomains", 36, p, end)) - return 1; - - if (*p >= (end - 2)) { - lwsl_err("%s: reached end of buffer\n", __func__); - - return 1; - } - - return 0; -} - -LWS_VISIBLE int -lws_return_http_status(struct lws *wsi, unsigned int code, - const char *html_body) -{ - struct lws_context *context = lws_get_context(wsi); - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - unsigned char *p = pt->serv_buf + LWS_PRE; - unsigned char *start = p; - unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE; - char *body = (char *)start + context->pt_serv_buf_size - 512; - int n = 0, m = 0, len; - char slen[20]; - - if (!wsi->vhost) { - lwsl_err("%s: wsi not bound to vhost\n", __func__); - - return 1; - } -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - if (!wsi->handling_404 && - wsi->vhost->http.error_document_404 && - code == HTTP_STATUS_NOT_FOUND) - /* we should do a redirect, and do the 404 there */ - if (lws_http_redirect(wsi, HTTP_STATUS_FOUND, - (uint8_t *)wsi->vhost->http.error_document_404, - (int)strlen(wsi->vhost->http.error_document_404), - &p, end) > 0) - return 0; -#endif - - /* if the redirect failed, just do a simple status */ - p = start; - - if (!html_body) - html_body = ""; - - if (lws_add_http_header_status(wsi, code, &p, end)) - return 1; - - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, - (unsigned char *)"text/html", 9, - &p, end)) - return 1; - - len = lws_snprintf(body, 510, "" - "" - "" - "

%u

%s", code, html_body); - - - n = sprintf(slen, "%d", len); - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, - (unsigned char *)slen, n, &p, end)) - return 1; - - if (lws_finalize_http_header(wsi, &p, end)) - return 1; - -#if defined(LWS_WITH_HTTP2) - if (wsi->http2_substream) { - - /* - * for HTTP/2, the headers must be sent separately, since they - * go out in their own frame. That puts us in a bind that - * we won't always be able to get away with two lws_write()s in - * sequence, since the first may use up the writability due to - * the pipe being choked or SSL_WANT_. - * - * However we do need to send the human-readable body, and the - * END_STREAM. - * - * Solve it by writing the headers now... - */ - m = lws_write(wsi, start, lws_ptr_diff(p, start), - LWS_WRITE_HTTP_HEADERS); - if (m != lws_ptr_diff(p, start)) - return 1; - - /* - * ... but stash the body and send it as a priority next - * handle_POLLOUT - */ - wsi->http.tx_content_length = len; - wsi->http.tx_content_remain = len; - - wsi->h2.pending_status_body = lws_malloc(len + LWS_PRE + 1, - "pending status body"); - if (!wsi->h2.pending_status_body) - return -1; - - strcpy(wsi->h2.pending_status_body + LWS_PRE, body); - lws_callback_on_writable(wsi); - - return 0; - } else -#endif - { - /* - * for http/1, we can just append the body after the finalized - * headers and send it all in one go. - */ - - n = lws_ptr_diff(p, start) + len; - memcpy(p, body, len); - m = lws_write(wsi, start, n, LWS_WRITE_HTTP); - if (m != n) - return 1; - } - - return m != n; -} - -LWS_VISIBLE int -lws_http_redirect(struct lws *wsi, int code, const unsigned char *loc, int len, - unsigned char **p, unsigned char *end) -{ - unsigned char *start = *p; - - if (lws_add_http_header_status(wsi, code, p, end)) - return -1; - - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_LOCATION, loc, len, - p, end)) - return -1; - /* - * if we're going with http/1.1 and keepalive, we have to give fake - * content metadata so the client knows we completed the transaction and - * it can do the redirect... - */ - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, - (unsigned char *)"text/html", 9, p, - end)) - return -1; - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, - (unsigned char *)"0", 1, p, end)) - return -1; - - if (lws_finalize_http_header(wsi, p, end)) - return -1; - - return lws_write(wsi, start, *p - start, LWS_WRITE_HTTP_HEADERS | - LWS_WRITE_H2_STREAM_END); -} - -#if !defined(LWS_WITH_HTTP_STREAM_COMPRESSION) -LWS_VISIBLE int -lws_http_compression_apply(struct lws *wsi, const char *name, - unsigned char **p, unsigned char *end, char decomp) -{ - (void)wsi; - (void)name; - (void)p; - (void)end; - (void)decomp; - - return 0; -} -#endif - - diff --git a/thirdparty/libwebsockets/lib/roles/http/lextable-strings.h b/thirdparty/libwebsockets/lib/roles/http/lextable-strings.h deleted file mode 100644 index 1e4fee855f..0000000000 --- a/thirdparty/libwebsockets/lib/roles/http/lextable-strings.h +++ /dev/null @@ -1,104 +0,0 @@ -/* set of parsable strings -- ALL LOWER CASE */ - -static const char * const set[] = { - "get ", - "post ", - "options ", - "host:", - "connection:", - "upgrade:", - "origin:", - "sec-websocket-draft:", - "\x0d\x0a", - - "sec-websocket-extensions:", - "sec-websocket-key1:", - "sec-websocket-key2:", - "sec-websocket-protocol:", - - "sec-websocket-accept:", - "sec-websocket-nonce:", - "http/1.1 ", - "http2-settings:", - - "accept:", - "access-control-request-headers:", - "if-modified-since:", - "if-none-match:", - "accept-encoding:", - "accept-language:", - "pragma:", - "cache-control:", - "authorization:", - "cookie:", - "content-length:", - "content-type:", - "date:", - "range:", - "referer:", - "sec-websocket-key:", - "sec-websocket-version:", - "sec-websocket-origin:", - - ":authority", - ":method", - ":path", - ":scheme", - ":status", - - "accept-charset:", - "accept-ranges:", - "access-control-allow-origin:", - "age:", - "allow:", - "content-disposition:", - "content-encoding:", - "content-language:", - "content-location:", - "content-range:", - "etag:", - "expect:", - "expires:", - "from:", - "if-match:", - "if-range:", - "if-unmodified-since:", - "last-modified:", - "link:", - "location:", - "max-forwards:", - "proxy-authenticate:", - "proxy-authorization:", - "refresh:", - "retry-after:", - "server:", - "set-cookie:", - "strict-transport-security:", - "transfer-encoding:", - "user-agent:", - "vary:", - "via:", - "www-authenticate:", - - "patch", - "put", - "delete", - - "uri-args", /* fake header used for uri-only storage */ - - "proxy ", - "x-real-ip:", - "http/1.0 ", - - "x-forwarded-for", - "connect ", - "head ", - "te:", /* http/2 wants it to reject it */ - "replay-nonce:", /* ACME */ - ":protocol", /* defined in mcmanus-httpbis-h2-ws-02 */ - - "x-auth-token:", - - "", /* not matchable */ - -}; diff --git a/thirdparty/libwebsockets/lib/roles/http/lextable.h b/thirdparty/libwebsockets/lib/roles/http/lextable.h deleted file mode 100644 index 9a8063b157..0000000000 --- a/thirdparty/libwebsockets/lib/roles/http/lextable.h +++ /dev/null @@ -1,838 +0,0 @@ -/* pos 0000: 0 */ 0x67 /* 'g' */, 0x40, 0x00 /* (to 0x0040 state 1) */, - 0x70 /* 'p' */, 0x42, 0x00 /* (to 0x0045 state 5) */, - 0x6F /* 'o' */, 0x51, 0x00 /* (to 0x0057 state 10) */, - 0x68 /* 'h' */, 0x5D, 0x00 /* (to 0x0066 state 18) */, - 0x63 /* 'c' */, 0x69, 0x00 /* (to 0x0075 state 23) */, - 0x75 /* 'u' */, 0x8A, 0x00 /* (to 0x0099 state 34) */, - 0x73 /* 's' */, 0xA0, 0x00 /* (to 0x00B2 state 48) */, - 0x0D /* '.' */, 0xD9, 0x00 /* (to 0x00EE state 68) */, - 0x61 /* 'a' */, 0x31, 0x01 /* (to 0x0149 state 129) */, - 0x69 /* 'i' */, 0x70, 0x01 /* (to 0x018B state 163) */, - 0x64 /* 'd' */, 0x19, 0x02 /* (to 0x0237 state 265) */, - 0x72 /* 'r' */, 0x22, 0x02 /* (to 0x0243 state 270) */, - 0x3A /* ':' */, 0x56, 0x02 /* (to 0x027A state 299) */, - 0x65 /* 'e' */, 0xE8, 0x02 /* (to 0x030F state 409) */, - 0x66 /* 'f' */, 0x04, 0x03 /* (to 0x032E state 425) */, - 0x6C /* 'l' */, 0x26, 0x03 /* (to 0x0353 state 458) */, - 0x6D /* 'm' */, 0x49, 0x03 /* (to 0x0379 state 484) */, - 0x74 /* 't' */, 0xB8, 0x03 /* (to 0x03EB state 578) */, - 0x76 /* 'v' */, 0xD9, 0x03 /* (to 0x040F state 606) */, - 0x77 /* 'w' */, 0xE6, 0x03 /* (to 0x041F state 614) */, - 0x78 /* 'x' */, 0x0D, 0x04 /* (to 0x0449 state 650) */, - 0x08, /* fail */ -/* pos 0040: 1 */ 0xE5 /* 'e' -> */, -/* pos 0041: 2 */ 0xF4 /* 't' -> */, -/* pos 0042: 3 */ 0xA0 /* ' ' -> */, -/* pos 0043: 4 */ 0x00, 0x00 /* - terminal marker 0 - */, -/* pos 0045: 5 */ 0x6F /* 'o' */, 0x0D, 0x00 /* (to 0x0052 state 6) */, - 0x72 /* 'r' */, 0x95, 0x01 /* (to 0x01DD state 211) */, - 0x61 /* 'a' */, 0xE6, 0x03 /* (to 0x0431 state 631) */, - 0x75 /* 'u' */, 0xE8, 0x03 /* (to 0x0436 state 635) */, - 0x08, /* fail */ -/* pos 0052: 6 */ 0xF3 /* 's' -> */, -/* pos 0053: 7 */ 0xF4 /* 't' -> */, -/* pos 0054: 8 */ 0xA0 /* ' ' -> */, -/* pos 0055: 9 */ 0x00, 0x01 /* - terminal marker 1 - */, -/* pos 0057: 10 */ 0x70 /* 'p' */, 0x07, 0x00 /* (to 0x005E state 11) */, - 0x72 /* 'r' */, 0x51, 0x00 /* (to 0x00AB state 42) */, - 0x08, /* fail */ -/* pos 005e: 11 */ 0xF4 /* 't' -> */, -/* pos 005f: 12 */ 0xE9 /* 'i' -> */, -/* pos 0060: 13 */ 0xEF /* 'o' -> */, -/* pos 0061: 14 */ 0xEE /* 'n' -> */, -/* pos 0062: 15 */ 0xF3 /* 's' -> */, -/* pos 0063: 16 */ 0xA0 /* ' ' -> */, -/* pos 0064: 17 */ 0x00, 0x02 /* - terminal marker 2 - */, -/* pos 0066: 18 */ 0x6F /* 'o' */, 0x0A, 0x00 /* (to 0x0070 state 19) */, - 0x74 /* 't' */, 0xBF, 0x00 /* (to 0x0128 state 110) */, - 0x65 /* 'e' */, 0x04, 0x04 /* (to 0x0470 state 676) */, - 0x08, /* fail */ -/* pos 0070: 19 */ 0xF3 /* 's' -> */, -/* pos 0071: 20 */ 0xF4 /* 't' -> */, -/* pos 0072: 21 */ 0xBA /* ':' -> */, -/* pos 0073: 22 */ 0x00, 0x03 /* - terminal marker 3 - */, -/* pos 0075: 23 */ 0x6F /* 'o' */, 0x07, 0x00 /* (to 0x007C state 24) */, - 0x61 /* 'a' */, 0x72, 0x01 /* (to 0x01EA state 217) */, - 0x08, /* fail */ -/* pos 007c: 24 */ 0x6E /* 'n' */, 0x07, 0x00 /* (to 0x0083 state 25) */, - 0x6F /* 'o' */, 0x87, 0x01 /* (to 0x0206 state 243) */, - 0x08, /* fail */ -/* pos 0083: 25 */ 0x6E /* 'n' */, 0x07, 0x00 /* (to 0x008A state 26) */, - 0x74 /* 't' */, 0x86, 0x01 /* (to 0x020C state 248) */, - 0x08, /* fail */ -/* pos 008a: 26 */ 0xE5 /* 'e' -> */, -/* pos 008b: 27 */ 0xE3 /* 'c' -> */, -/* pos 008c: 28 */ 0xF4 /* 't' -> */, -/* pos 008d: 29 */ 0x69 /* 'i' */, 0x07, 0x00 /* (to 0x0094 state 30) */, - 0x20 /* ' ' */, 0xDE, 0x03 /* (to 0x046E state 675) */, - 0x08, /* fail */ -/* pos 0094: 30 */ 0xEF /* 'o' -> */, -/* pos 0095: 31 */ 0xEE /* 'n' -> */, -/* pos 0096: 32 */ 0xBA /* ':' -> */, -/* pos 0097: 33 */ 0x00, 0x04 /* - terminal marker 4 - */, -/* pos 0099: 34 */ 0x70 /* 'p' */, 0x0A, 0x00 /* (to 0x00A3 state 35) */, - 0x73 /* 's' */, 0x68, 0x03 /* (to 0x0404 state 596) */, - 0x72 /* 'r' */, 0xA0, 0x03 /* (to 0x043F state 642) */, - 0x08, /* fail */ -/* pos 00a3: 35 */ 0xE7 /* 'g' -> */, -/* pos 00a4: 36 */ 0xF2 /* 'r' -> */, -/* pos 00a5: 37 */ 0xE1 /* 'a' -> */, -/* pos 00a6: 38 */ 0xE4 /* 'd' -> */, -/* pos 00a7: 39 */ 0xE5 /* 'e' -> */, -/* pos 00a8: 40 */ 0xBA /* ':' -> */, -/* pos 00a9: 41 */ 0x00, 0x05 /* - terminal marker 5 - */, -/* pos 00ab: 42 */ 0xE9 /* 'i' -> */, -/* pos 00ac: 43 */ 0xE7 /* 'g' -> */, -/* pos 00ad: 44 */ 0xE9 /* 'i' -> */, -/* pos 00ae: 45 */ 0xEE /* 'n' -> */, -/* pos 00af: 46 */ 0xBA /* ':' -> */, -/* pos 00b0: 47 */ 0x00, 0x06 /* - terminal marker 6 - */, -/* pos 00b2: 48 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x00B9 state 49) */, - 0x74 /* 't' */, 0x1C, 0x03 /* (to 0x03D1 state 553) */, - 0x08, /* fail */ -/* pos 00b9: 49 */ 0x63 /* 'c' */, 0x0A, 0x00 /* (to 0x00C3 state 50) */, - 0x72 /* 'r' */, 0x05, 0x03 /* (to 0x03C1 state 539) */, - 0x74 /* 't' */, 0x08, 0x03 /* (to 0x03C7 state 544) */, - 0x08, /* fail */ -/* pos 00c3: 50 */ 0xAD /* '-' -> */, -/* pos 00c4: 51 */ 0xF7 /* 'w' -> */, -/* pos 00c5: 52 */ 0xE5 /* 'e' -> */, -/* pos 00c6: 53 */ 0xE2 /* 'b' -> */, -/* pos 00c7: 54 */ 0xF3 /* 's' -> */, -/* pos 00c8: 55 */ 0xEF /* 'o' -> */, -/* pos 00c9: 56 */ 0xE3 /* 'c' -> */, -/* pos 00ca: 57 */ 0xEB /* 'k' -> */, -/* pos 00cb: 58 */ 0xE5 /* 'e' -> */, -/* pos 00cc: 59 */ 0xF4 /* 't' -> */, -/* pos 00cd: 60 */ 0xAD /* '-' -> */, -/* pos 00ce: 61 */ 0x64 /* 'd' */, 0x19, 0x00 /* (to 0x00E7 state 62) */, - 0x65 /* 'e' */, 0x20, 0x00 /* (to 0x00F1 state 70) */, - 0x6B /* 'k' */, 0x29, 0x00 /* (to 0x00FD state 81) */, - 0x70 /* 'p' */, 0x38, 0x00 /* (to 0x010F state 88) */, - 0x61 /* 'a' */, 0x3F, 0x00 /* (to 0x0119 state 97) */, - 0x6E /* 'n' */, 0x44, 0x00 /* (to 0x0121 state 104) */, - 0x76 /* 'v' */, 0x89, 0x01 /* (to 0x0269 state 284) */, - 0x6F /* 'o' */, 0x8F, 0x01 /* (to 0x0272 state 292) */, - 0x08, /* fail */ -/* pos 00e7: 62 */ 0xF2 /* 'r' -> */, -/* pos 00e8: 63 */ 0xE1 /* 'a' -> */, -/* pos 00e9: 64 */ 0xE6 /* 'f' -> */, -/* pos 00ea: 65 */ 0xF4 /* 't' -> */, -/* pos 00eb: 66 */ 0xBA /* ':' -> */, -/* pos 00ec: 67 */ 0x00, 0x07 /* - terminal marker 7 - */, -/* pos 00ee: 68 */ 0x8A /* '.' -> */, -/* pos 00ef: 69 */ 0x00, 0x08 /* - terminal marker 8 - */, -/* pos 00f1: 70 */ 0xF8 /* 'x' -> */, -/* pos 00f2: 71 */ 0xF4 /* 't' -> */, -/* pos 00f3: 72 */ 0xE5 /* 'e' -> */, -/* pos 00f4: 73 */ 0xEE /* 'n' -> */, -/* pos 00f5: 74 */ 0xF3 /* 's' -> */, -/* pos 00f6: 75 */ 0xE9 /* 'i' -> */, -/* pos 00f7: 76 */ 0xEF /* 'o' -> */, -/* pos 00f8: 77 */ 0xEE /* 'n' -> */, -/* pos 00f9: 78 */ 0xF3 /* 's' -> */, -/* pos 00fa: 79 */ 0xBA /* ':' -> */, -/* pos 00fb: 80 */ 0x00, 0x09 /* - terminal marker 9 - */, -/* pos 00fd: 81 */ 0xE5 /* 'e' -> */, -/* pos 00fe: 82 */ 0xF9 /* 'y' -> */, -/* pos 00ff: 83 */ 0x31 /* '1' */, 0x0A, 0x00 /* (to 0x0109 state 84) */, - 0x32 /* '2' */, 0x0A, 0x00 /* (to 0x010C state 86) */, - 0x3A /* ':' */, 0x62, 0x01 /* (to 0x0267 state 283) */, - 0x08, /* fail */ -/* pos 0109: 84 */ 0xBA /* ':' -> */, -/* pos 010a: 85 */ 0x00, 0x0A /* - terminal marker 10 - */, -/* pos 010c: 86 */ 0xBA /* ':' -> */, -/* pos 010d: 87 */ 0x00, 0x0B /* - terminal marker 11 - */, -/* pos 010f: 88 */ 0xF2 /* 'r' -> */, -/* pos 0110: 89 */ 0xEF /* 'o' -> */, -/* pos 0111: 90 */ 0xF4 /* 't' -> */, -/* pos 0112: 91 */ 0xEF /* 'o' -> */, -/* pos 0113: 92 */ 0xE3 /* 'c' -> */, -/* pos 0114: 93 */ 0xEF /* 'o' -> */, -/* pos 0115: 94 */ 0xEC /* 'l' -> */, -/* pos 0116: 95 */ 0xBA /* ':' -> */, -/* pos 0117: 96 */ 0x00, 0x0C /* - terminal marker 12 - */, -/* pos 0119: 97 */ 0xE3 /* 'c' -> */, -/* pos 011a: 98 */ 0xE3 /* 'c' -> */, -/* pos 011b: 99 */ 0xE5 /* 'e' -> */, -/* pos 011c: 100 */ 0xF0 /* 'p' -> */, -/* pos 011d: 101 */ 0xF4 /* 't' -> */, -/* pos 011e: 102 */ 0xBA /* ':' -> */, -/* pos 011f: 103 */ 0x00, 0x0D /* - terminal marker 13 - */, -/* pos 0121: 104 */ 0xEF /* 'o' -> */, -/* pos 0122: 105 */ 0xEE /* 'n' -> */, -/* pos 0123: 106 */ 0xE3 /* 'c' -> */, -/* pos 0124: 107 */ 0xE5 /* 'e' -> */, -/* pos 0125: 108 */ 0xBA /* ':' -> */, -/* pos 0126: 109 */ 0x00, 0x0E /* - terminal marker 14 - */, -/* pos 0128: 110 */ 0xF4 /* 't' -> */, -/* pos 0129: 111 */ 0xF0 /* 'p' -> */, -/* pos 012a: 112 */ 0x2F /* '/' */, 0x07, 0x00 /* (to 0x0131 state 113) */, - 0x32 /* '2' */, 0x10, 0x00 /* (to 0x013D state 118) */, - 0x08, /* fail */ -/* pos 0131: 113 */ 0xB1 /* '1' -> */, -/* pos 0132: 114 */ 0xAE /* '.' -> */, -/* pos 0133: 115 */ 0x31 /* '1' */, 0x07, 0x00 /* (to 0x013A state 116) */, - 0x30 /* '0' */, 0x27, 0x03 /* (to 0x045D state 660) */, - 0x08, /* fail */ -/* pos 013a: 116 */ 0xA0 /* ' ' -> */, -/* pos 013b: 117 */ 0x00, 0x0F /* - terminal marker 15 - */, -/* pos 013d: 118 */ 0xAD /* '-' -> */, -/* pos 013e: 119 */ 0xF3 /* 's' -> */, -/* pos 013f: 120 */ 0xE5 /* 'e' -> */, -/* pos 0140: 121 */ 0xF4 /* 't' -> */, -/* pos 0141: 122 */ 0xF4 /* 't' -> */, -/* pos 0142: 123 */ 0xE9 /* 'i' -> */, -/* pos 0143: 124 */ 0xEE /* 'n' -> */, -/* pos 0144: 125 */ 0xE7 /* 'g' -> */, -/* pos 0145: 126 */ 0xF3 /* 's' -> */, -/* pos 0146: 127 */ 0xBA /* ':' -> */, -/* pos 0147: 128 */ 0x00, 0x10 /* - terminal marker 16 - */, -/* pos 0149: 129 */ 0x63 /* 'c' */, 0x0D, 0x00 /* (to 0x0156 state 130) */, - 0x75 /* 'u' */, 0xAC, 0x00 /* (to 0x01F8 state 230) */, - 0x67 /* 'g' */, 0x86, 0x01 /* (to 0x02D5 state 358) */, - 0x6C /* 'l' */, 0x87, 0x01 /* (to 0x02D9 state 361) */, - 0x08, /* fail */ -/* pos 0156: 130 */ 0xE3 /* 'c' -> */, -/* pos 0157: 131 */ 0xE5 /* 'e' -> */, -/* pos 0158: 132 */ 0x70 /* 'p' */, 0x07, 0x00 /* (to 0x015F state 133) */, - 0x73 /* 's' */, 0x0E, 0x00 /* (to 0x0169 state 136) */, - 0x08, /* fail */ -/* pos 015f: 133 */ 0xF4 /* 't' -> */, -/* pos 0160: 134 */ 0x3A /* ':' */, 0x07, 0x00 /* (to 0x0167 state 135) */, - 0x2D /* '-' */, 0x59, 0x00 /* (to 0x01BC state 192) */, - 0x08, /* fail */ -/* pos 0167: 135 */ 0x00, 0x11 /* - terminal marker 17 - */, -/* pos 0169: 136 */ 0xF3 /* 's' -> */, -/* pos 016a: 137 */ 0xAD /* '-' -> */, -/* pos 016b: 138 */ 0xE3 /* 'c' -> */, -/* pos 016c: 139 */ 0xEF /* 'o' -> */, -/* pos 016d: 140 */ 0xEE /* 'n' -> */, -/* pos 016e: 141 */ 0xF4 /* 't' -> */, -/* pos 016f: 142 */ 0xF2 /* 'r' -> */, -/* pos 0170: 143 */ 0xEF /* 'o' -> */, -/* pos 0171: 144 */ 0xEC /* 'l' -> */, -/* pos 0172: 145 */ 0xAD /* '-' -> */, -/* pos 0173: 146 */ 0x72 /* 'r' */, 0x07, 0x00 /* (to 0x017A state 147) */, - 0x61 /* 'a' */, 0x51, 0x01 /* (to 0x02C7 state 345) */, - 0x08, /* fail */ -/* pos 017a: 147 */ 0xE5 /* 'e' -> */, -/* pos 017b: 148 */ 0xF1 /* 'q' -> */, -/* pos 017c: 149 */ 0xF5 /* 'u' -> */, -/* pos 017d: 150 */ 0xE5 /* 'e' -> */, -/* pos 017e: 151 */ 0xF3 /* 's' -> */, -/* pos 017f: 152 */ 0xF4 /* 't' -> */, -/* pos 0180: 153 */ 0xAD /* '-' -> */, -/* pos 0181: 154 */ 0xE8 /* 'h' -> */, -/* pos 0182: 155 */ 0xE5 /* 'e' -> */, -/* pos 0183: 156 */ 0xE1 /* 'a' -> */, -/* pos 0184: 157 */ 0xE4 /* 'd' -> */, -/* pos 0185: 158 */ 0xE5 /* 'e' -> */, -/* pos 0186: 159 */ 0xF2 /* 'r' -> */, -/* pos 0187: 160 */ 0xF3 /* 's' -> */, -/* pos 0188: 161 */ 0xBA /* ':' -> */, -/* pos 0189: 162 */ 0x00, 0x12 /* - terminal marker 18 - */, -/* pos 018b: 163 */ 0xE6 /* 'f' -> */, -/* pos 018c: 164 */ 0xAD /* '-' -> */, -/* pos 018d: 165 */ 0x6D /* 'm' */, 0x0D, 0x00 /* (to 0x019A state 166) */, - 0x6E /* 'n' */, 0x20, 0x00 /* (to 0x01B0 state 181) */, - 0x72 /* 'r' */, 0xA7, 0x01 /* (to 0x033A state 435) */, - 0x75 /* 'u' */, 0xAB, 0x01 /* (to 0x0341 state 441) */, - 0x08, /* fail */ -/* pos 019a: 166 */ 0x6F /* 'o' */, 0x07, 0x00 /* (to 0x01A1 state 167) */, - 0x61 /* 'a' */, 0x97, 0x01 /* (to 0x0334 state 430) */, - 0x08, /* fail */ -/* pos 01a1: 167 */ 0xE4 /* 'd' -> */, -/* pos 01a2: 168 */ 0xE9 /* 'i' -> */, -/* pos 01a3: 169 */ 0xE6 /* 'f' -> */, -/* pos 01a4: 170 */ 0xE9 /* 'i' -> */, -/* pos 01a5: 171 */ 0xE5 /* 'e' -> */, -/* pos 01a6: 172 */ 0xE4 /* 'd' -> */, -/* pos 01a7: 173 */ 0xAD /* '-' -> */, -/* pos 01a8: 174 */ 0xF3 /* 's' -> */, -/* pos 01a9: 175 */ 0xE9 /* 'i' -> */, -/* pos 01aa: 176 */ 0xEE /* 'n' -> */, -/* pos 01ab: 177 */ 0xE3 /* 'c' -> */, -/* pos 01ac: 178 */ 0xE5 /* 'e' -> */, -/* pos 01ad: 179 */ 0xBA /* ':' -> */, -/* pos 01ae: 180 */ 0x00, 0x13 /* - terminal marker 19 - */, -/* pos 01b0: 181 */ 0xEF /* 'o' -> */, -/* pos 01b1: 182 */ 0xEE /* 'n' -> */, -/* pos 01b2: 183 */ 0xE5 /* 'e' -> */, -/* pos 01b3: 184 */ 0xAD /* '-' -> */, -/* pos 01b4: 185 */ 0xED /* 'm' -> */, -/* pos 01b5: 186 */ 0xE1 /* 'a' -> */, -/* pos 01b6: 187 */ 0xF4 /* 't' -> */, -/* pos 01b7: 188 */ 0xE3 /* 'c' -> */, -/* pos 01b8: 189 */ 0xE8 /* 'h' -> */, -/* pos 01b9: 190 */ 0xBA /* ':' -> */, -/* pos 01ba: 191 */ 0x00, 0x14 /* - terminal marker 20 - */, -/* pos 01bc: 192 */ 0x65 /* 'e' */, 0x0D, 0x00 /* (to 0x01C9 state 193) */, - 0x6C /* 'l' */, 0x14, 0x00 /* (to 0x01D3 state 202) */, - 0x63 /* 'c' */, 0xF4, 0x00 /* (to 0x02B6 state 330) */, - 0x72 /* 'r' */, 0xFA, 0x00 /* (to 0x02BF state 338) */, - 0x08, /* fail */ -/* pos 01c9: 193 */ 0xEE /* 'n' -> */, -/* pos 01ca: 194 */ 0xE3 /* 'c' -> */, -/* pos 01cb: 195 */ 0xEF /* 'o' -> */, -/* pos 01cc: 196 */ 0xE4 /* 'd' -> */, -/* pos 01cd: 197 */ 0xE9 /* 'i' -> */, -/* pos 01ce: 198 */ 0xEE /* 'n' -> */, -/* pos 01cf: 199 */ 0xE7 /* 'g' -> */, -/* pos 01d0: 200 */ 0xBA /* ':' -> */, -/* pos 01d1: 201 */ 0x00, 0x15 /* - terminal marker 21 - */, -/* pos 01d3: 202 */ 0xE1 /* 'a' -> */, -/* pos 01d4: 203 */ 0xEE /* 'n' -> */, -/* pos 01d5: 204 */ 0xE7 /* 'g' -> */, -/* pos 01d6: 205 */ 0xF5 /* 'u' -> */, -/* pos 01d7: 206 */ 0xE1 /* 'a' -> */, -/* pos 01d8: 207 */ 0xE7 /* 'g' -> */, -/* pos 01d9: 208 */ 0xE5 /* 'e' -> */, -/* pos 01da: 209 */ 0xBA /* ':' -> */, -/* pos 01db: 210 */ 0x00, 0x16 /* - terminal marker 22 - */, -/* pos 01dd: 211 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x01E4 state 212) */, - 0x6F /* 'o' */, 0xA7, 0x01 /* (to 0x0387 state 497) */, - 0x08, /* fail */ -/* pos 01e4: 212 */ 0xE7 /* 'g' -> */, -/* pos 01e5: 213 */ 0xED /* 'm' -> */, -/* pos 01e6: 214 */ 0xE1 /* 'a' -> */, -/* pos 01e7: 215 */ 0xBA /* ':' -> */, -/* pos 01e8: 216 */ 0x00, 0x17 /* - terminal marker 23 - */, -/* pos 01ea: 217 */ 0xE3 /* 'c' -> */, -/* pos 01eb: 218 */ 0xE8 /* 'h' -> */, -/* pos 01ec: 219 */ 0xE5 /* 'e' -> */, -/* pos 01ed: 220 */ 0xAD /* '-' -> */, -/* pos 01ee: 221 */ 0xE3 /* 'c' -> */, -/* pos 01ef: 222 */ 0xEF /* 'o' -> */, -/* pos 01f0: 223 */ 0xEE /* 'n' -> */, -/* pos 01f1: 224 */ 0xF4 /* 't' -> */, -/* pos 01f2: 225 */ 0xF2 /* 'r' -> */, -/* pos 01f3: 226 */ 0xEF /* 'o' -> */, -/* pos 01f4: 227 */ 0xEC /* 'l' -> */, -/* pos 01f5: 228 */ 0xBA /* ':' -> */, -/* pos 01f6: 229 */ 0x00, 0x18 /* - terminal marker 24 - */, -/* pos 01f8: 230 */ 0xF4 /* 't' -> */, -/* pos 01f9: 231 */ 0xE8 /* 'h' -> */, -/* pos 01fa: 232 */ 0xEF /* 'o' -> */, -/* pos 01fb: 233 */ 0xF2 /* 'r' -> */, -/* pos 01fc: 234 */ 0xE9 /* 'i' -> */, -/* pos 01fd: 235 */ 0xFA /* 'z' -> */, -/* pos 01fe: 236 */ 0xE1 /* 'a' -> */, -/* pos 01ff: 237 */ 0xF4 /* 't' -> */, -/* pos 0200: 238 */ 0xE9 /* 'i' -> */, -/* pos 0201: 239 */ 0xEF /* 'o' -> */, -/* pos 0202: 240 */ 0xEE /* 'n' -> */, -/* pos 0203: 241 */ 0xBA /* ':' -> */, -/* pos 0204: 242 */ 0x00, 0x19 /* - terminal marker 25 - */, -/* pos 0206: 243 */ 0xEB /* 'k' -> */, -/* pos 0207: 244 */ 0xE9 /* 'i' -> */, -/* pos 0208: 245 */ 0xE5 /* 'e' -> */, -/* pos 0209: 246 */ 0xBA /* ':' -> */, -/* pos 020a: 247 */ 0x00, 0x1A /* - terminal marker 26 - */, -/* pos 020c: 248 */ 0xE5 /* 'e' -> */, -/* pos 020d: 249 */ 0xEE /* 'n' -> */, -/* pos 020e: 250 */ 0xF4 /* 't' -> */, -/* pos 020f: 251 */ 0xAD /* '-' -> */, -/* pos 0210: 252 */ 0x6C /* 'l' */, 0x10, 0x00 /* (to 0x0220 state 253) */, - 0x74 /* 't' */, 0x1E, 0x00 /* (to 0x0231 state 260) */, - 0x64 /* 'd' */, 0xC9, 0x00 /* (to 0x02DF state 366) */, - 0x65 /* 'e' */, 0xD3, 0x00 /* (to 0x02EC state 378) */, - 0x72 /* 'r' */, 0xEC, 0x00 /* (to 0x0308 state 403) */, - 0x08, /* fail */ -/* pos 0220: 253 */ 0x65 /* 'e' */, 0x0A, 0x00 /* (to 0x022A state 254) */, - 0x61 /* 'a' */, 0xD3, 0x00 /* (to 0x02F6 state 387) */, - 0x6F /* 'o' */, 0xD9, 0x00 /* (to 0x02FF state 395) */, - 0x08, /* fail */ -/* pos 022a: 254 */ 0xEE /* 'n' -> */, -/* pos 022b: 255 */ 0xE7 /* 'g' -> */, -/* pos 022c: 256 */ 0xF4 /* 't' -> */, -/* pos 022d: 257 */ 0xE8 /* 'h' -> */, -/* pos 022e: 258 */ 0xBA /* ':' -> */, -/* pos 022f: 259 */ 0x00, 0x1B /* - terminal marker 27 - */, -/* pos 0231: 260 */ 0xF9 /* 'y' -> */, -/* pos 0232: 261 */ 0xF0 /* 'p' -> */, -/* pos 0233: 262 */ 0xE5 /* 'e' -> */, -/* pos 0234: 263 */ 0xBA /* ':' -> */, -/* pos 0235: 264 */ 0x00, 0x1C /* - terminal marker 28 - */, -/* pos 0237: 265 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x023E state 266) */, - 0x65 /* 'e' */, 0xFF, 0x01 /* (to 0x0439 state 637) */, - 0x08, /* fail */ -/* pos 023e: 266 */ 0xF4 /* 't' -> */, -/* pos 023f: 267 */ 0xE5 /* 'e' -> */, -/* pos 0240: 268 */ 0xBA /* ':' -> */, -/* pos 0241: 269 */ 0x00, 0x1D /* - terminal marker 29 - */, -/* pos 0243: 270 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x024A state 271) */, - 0x65 /* 'e' */, 0x0A, 0x00 /* (to 0x0250 state 276) */, - 0x08, /* fail */ -/* pos 024a: 271 */ 0xEE /* 'n' -> */, -/* pos 024b: 272 */ 0xE7 /* 'g' -> */, -/* pos 024c: 273 */ 0xE5 /* 'e' -> */, -/* pos 024d: 274 */ 0xBA /* ':' -> */, -/* pos 024e: 275 */ 0x00, 0x1E /* - terminal marker 30 - */, -/* pos 0250: 276 */ 0x66 /* 'f' */, 0x0A, 0x00 /* (to 0x025A state 277) */, - 0x74 /* 't' */, 0x63, 0x01 /* (to 0x03B6 state 529) */, - 0x70 /* 'p' */, 0x22, 0x02 /* (to 0x0478 state 682) */, - 0x08, /* fail */ -/* pos 025a: 277 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x0261 state 278) */, - 0x72 /* 'r' */, 0x53, 0x01 /* (to 0x03B0 state 524) */, - 0x08, /* fail */ -/* pos 0261: 278 */ 0xF2 /* 'r' -> */, -/* pos 0262: 279 */ 0xE5 /* 'e' -> */, -/* pos 0263: 280 */ 0xF2 /* 'r' -> */, -/* pos 0264: 281 */ 0xBA /* ':' -> */, -/* pos 0265: 282 */ 0x00, 0x1F /* - terminal marker 31 - */, -/* pos 0267: 283 */ 0x00, 0x20 /* - terminal marker 32 - */, -/* pos 0269: 284 */ 0xE5 /* 'e' -> */, -/* pos 026a: 285 */ 0xF2 /* 'r' -> */, -/* pos 026b: 286 */ 0xF3 /* 's' -> */, -/* pos 026c: 287 */ 0xE9 /* 'i' -> */, -/* pos 026d: 288 */ 0xEF /* 'o' -> */, -/* pos 026e: 289 */ 0xEE /* 'n' -> */, -/* pos 026f: 290 */ 0xBA /* ':' -> */, -/* pos 0270: 291 */ 0x00, 0x21 /* - terminal marker 33 - */, -/* pos 0272: 292 */ 0xF2 /* 'r' -> */, -/* pos 0273: 293 */ 0xE9 /* 'i' -> */, -/* pos 0274: 294 */ 0xE7 /* 'g' -> */, -/* pos 0275: 295 */ 0xE9 /* 'i' -> */, -/* pos 0276: 296 */ 0xEE /* 'n' -> */, -/* pos 0277: 297 */ 0xBA /* ':' -> */, -/* pos 0278: 298 */ 0x00, 0x22 /* - terminal marker 34 - */, -/* pos 027a: 299 */ 0x61 /* 'a' */, 0x0D, 0x00 /* (to 0x0287 state 300) */, - 0x6D /* 'm' */, 0x14, 0x00 /* (to 0x0291 state 309) */, - 0x70 /* 'p' */, 0x18, 0x00 /* (to 0x0298 state 315) */, - 0x73 /* 's' */, 0x20, 0x00 /* (to 0x02A3 state 319) */, - 0x08, /* fail */ -/* pos 0287: 300 */ 0xF5 /* 'u' -> */, -/* pos 0288: 301 */ 0xF4 /* 't' -> */, -/* pos 0289: 302 */ 0xE8 /* 'h' -> */, -/* pos 028a: 303 */ 0xEF /* 'o' -> */, -/* pos 028b: 304 */ 0xF2 /* 'r' -> */, -/* pos 028c: 305 */ 0xE9 /* 'i' -> */, -/* pos 028d: 306 */ 0xF4 /* 't' -> */, -/* pos 028e: 307 */ 0xF9 /* 'y' -> */, -/* pos 028f: 308 */ 0x00, 0x23 /* - terminal marker 35 - */, -/* pos 0291: 309 */ 0xE5 /* 'e' -> */, -/* pos 0292: 310 */ 0xF4 /* 't' -> */, -/* pos 0293: 311 */ 0xE8 /* 'h' -> */, -/* pos 0294: 312 */ 0xEF /* 'o' -> */, -/* pos 0295: 313 */ 0xE4 /* 'd' -> */, -/* pos 0296: 314 */ 0x00, 0x24 /* - terminal marker 36 - */, -/* pos 0298: 315 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x029F state 316) */, - 0x72 /* 'r' */, 0xE9, 0x01 /* (to 0x0484 state 693) */, - 0x08, /* fail */ -/* pos 029f: 316 */ 0xF4 /* 't' -> */, -/* pos 02a0: 317 */ 0xE8 /* 'h' -> */, -/* pos 02a1: 318 */ 0x00, 0x25 /* - terminal marker 37 - */, -/* pos 02a3: 319 */ 0x63 /* 'c' */, 0x07, 0x00 /* (to 0x02AA state 320) */, - 0x74 /* 't' */, 0x0A, 0x00 /* (to 0x02B0 state 325) */, - 0x08, /* fail */ -/* pos 02aa: 320 */ 0xE8 /* 'h' -> */, -/* pos 02ab: 321 */ 0xE5 /* 'e' -> */, -/* pos 02ac: 322 */ 0xED /* 'm' -> */, -/* pos 02ad: 323 */ 0xE5 /* 'e' -> */, -/* pos 02ae: 324 */ 0x00, 0x26 /* - terminal marker 38 - */, -/* pos 02b0: 325 */ 0xE1 /* 'a' -> */, -/* pos 02b1: 326 */ 0xF4 /* 't' -> */, -/* pos 02b2: 327 */ 0xF5 /* 'u' -> */, -/* pos 02b3: 328 */ 0xF3 /* 's' -> */, -/* pos 02b4: 329 */ 0x00, 0x27 /* - terminal marker 39 - */, -/* pos 02b6: 330 */ 0xE8 /* 'h' -> */, -/* pos 02b7: 331 */ 0xE1 /* 'a' -> */, -/* pos 02b8: 332 */ 0xF2 /* 'r' -> */, -/* pos 02b9: 333 */ 0xF3 /* 's' -> */, -/* pos 02ba: 334 */ 0xE5 /* 'e' -> */, -/* pos 02bb: 335 */ 0xF4 /* 't' -> */, -/* pos 02bc: 336 */ 0xBA /* ':' -> */, -/* pos 02bd: 337 */ 0x00, 0x28 /* - terminal marker 40 - */, -/* pos 02bf: 338 */ 0xE1 /* 'a' -> */, -/* pos 02c0: 339 */ 0xEE /* 'n' -> */, -/* pos 02c1: 340 */ 0xE7 /* 'g' -> */, -/* pos 02c2: 341 */ 0xE5 /* 'e' -> */, -/* pos 02c3: 342 */ 0xF3 /* 's' -> */, -/* pos 02c4: 343 */ 0xBA /* ':' -> */, -/* pos 02c5: 344 */ 0x00, 0x29 /* - terminal marker 41 - */, -/* pos 02c7: 345 */ 0xEC /* 'l' -> */, -/* pos 02c8: 346 */ 0xEC /* 'l' -> */, -/* pos 02c9: 347 */ 0xEF /* 'o' -> */, -/* pos 02ca: 348 */ 0xF7 /* 'w' -> */, -/* pos 02cb: 349 */ 0xAD /* '-' -> */, -/* pos 02cc: 350 */ 0xEF /* 'o' -> */, -/* pos 02cd: 351 */ 0xF2 /* 'r' -> */, -/* pos 02ce: 352 */ 0xE9 /* 'i' -> */, -/* pos 02cf: 353 */ 0xE7 /* 'g' -> */, -/* pos 02d0: 354 */ 0xE9 /* 'i' -> */, -/* pos 02d1: 355 */ 0xEE /* 'n' -> */, -/* pos 02d2: 356 */ 0xBA /* ':' -> */, -/* pos 02d3: 357 */ 0x00, 0x2A /* - terminal marker 42 - */, -/* pos 02d5: 358 */ 0xE5 /* 'e' -> */, -/* pos 02d6: 359 */ 0xBA /* ':' -> */, -/* pos 02d7: 360 */ 0x00, 0x2B /* - terminal marker 43 - */, -/* pos 02d9: 361 */ 0xEC /* 'l' -> */, -/* pos 02da: 362 */ 0xEF /* 'o' -> */, -/* pos 02db: 363 */ 0xF7 /* 'w' -> */, -/* pos 02dc: 364 */ 0xBA /* ':' -> */, -/* pos 02dd: 365 */ 0x00, 0x2C /* - terminal marker 44 - */, -/* pos 02df: 366 */ 0xE9 /* 'i' -> */, -/* pos 02e0: 367 */ 0xF3 /* 's' -> */, -/* pos 02e1: 368 */ 0xF0 /* 'p' -> */, -/* pos 02e2: 369 */ 0xEF /* 'o' -> */, -/* pos 02e3: 370 */ 0xF3 /* 's' -> */, -/* pos 02e4: 371 */ 0xE9 /* 'i' -> */, -/* pos 02e5: 372 */ 0xF4 /* 't' -> */, -/* pos 02e6: 373 */ 0xE9 /* 'i' -> */, -/* pos 02e7: 374 */ 0xEF /* 'o' -> */, -/* pos 02e8: 375 */ 0xEE /* 'n' -> */, -/* pos 02e9: 376 */ 0xBA /* ':' -> */, -/* pos 02ea: 377 */ 0x00, 0x2D /* - terminal marker 45 - */, -/* pos 02ec: 378 */ 0xEE /* 'n' -> */, -/* pos 02ed: 379 */ 0xE3 /* 'c' -> */, -/* pos 02ee: 380 */ 0xEF /* 'o' -> */, -/* pos 02ef: 381 */ 0xE4 /* 'd' -> */, -/* pos 02f0: 382 */ 0xE9 /* 'i' -> */, -/* pos 02f1: 383 */ 0xEE /* 'n' -> */, -/* pos 02f2: 384 */ 0xE7 /* 'g' -> */, -/* pos 02f3: 385 */ 0xBA /* ':' -> */, -/* pos 02f4: 386 */ 0x00, 0x2E /* - terminal marker 46 - */, -/* pos 02f6: 387 */ 0xEE /* 'n' -> */, -/* pos 02f7: 388 */ 0xE7 /* 'g' -> */, -/* pos 02f8: 389 */ 0xF5 /* 'u' -> */, -/* pos 02f9: 390 */ 0xE1 /* 'a' -> */, -/* pos 02fa: 391 */ 0xE7 /* 'g' -> */, -/* pos 02fb: 392 */ 0xE5 /* 'e' -> */, -/* pos 02fc: 393 */ 0xBA /* ':' -> */, -/* pos 02fd: 394 */ 0x00, 0x2F /* - terminal marker 47 - */, -/* pos 02ff: 395 */ 0xE3 /* 'c' -> */, -/* pos 0300: 396 */ 0xE1 /* 'a' -> */, -/* pos 0301: 397 */ 0xF4 /* 't' -> */, -/* pos 0302: 398 */ 0xE9 /* 'i' -> */, -/* pos 0303: 399 */ 0xEF /* 'o' -> */, -/* pos 0304: 400 */ 0xEE /* 'n' -> */, -/* pos 0305: 401 */ 0xBA /* ':' -> */, -/* pos 0306: 402 */ 0x00, 0x30 /* - terminal marker 48 - */, -/* pos 0308: 403 */ 0xE1 /* 'a' -> */, -/* pos 0309: 404 */ 0xEE /* 'n' -> */, -/* pos 030a: 405 */ 0xE7 /* 'g' -> */, -/* pos 030b: 406 */ 0xE5 /* 'e' -> */, -/* pos 030c: 407 */ 0xBA /* ':' -> */, -/* pos 030d: 408 */ 0x00, 0x31 /* - terminal marker 49 - */, -/* pos 030f: 409 */ 0x74 /* 't' */, 0x07, 0x00 /* (to 0x0316 state 410) */, - 0x78 /* 'x' */, 0x09, 0x00 /* (to 0x031B state 414) */, - 0x08, /* fail */ -/* pos 0316: 410 */ 0xE1 /* 'a' -> */, -/* pos 0317: 411 */ 0xE7 /* 'g' -> */, -/* pos 0318: 412 */ 0xBA /* ':' -> */, -/* pos 0319: 413 */ 0x00, 0x32 /* - terminal marker 50 - */, -/* pos 031b: 414 */ 0xF0 /* 'p' -> */, -/* pos 031c: 415 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x0323 state 416) */, - 0x69 /* 'i' */, 0x09, 0x00 /* (to 0x0328 state 420) */, - 0x08, /* fail */ -/* pos 0323: 416 */ 0xE3 /* 'c' -> */, -/* pos 0324: 417 */ 0xF4 /* 't' -> */, -/* pos 0325: 418 */ 0xBA /* ':' -> */, -/* pos 0326: 419 */ 0x00, 0x33 /* - terminal marker 51 - */, -/* pos 0328: 420 */ 0xF2 /* 'r' -> */, -/* pos 0329: 421 */ 0xE5 /* 'e' -> */, -/* pos 032a: 422 */ 0xF3 /* 's' -> */, -/* pos 032b: 423 */ 0xBA /* ':' -> */, -/* pos 032c: 424 */ 0x00, 0x34 /* - terminal marker 52 - */, -/* pos 032e: 425 */ 0xF2 /* 'r' -> */, -/* pos 032f: 426 */ 0xEF /* 'o' -> */, -/* pos 0330: 427 */ 0xED /* 'm' -> */, -/* pos 0331: 428 */ 0xBA /* ':' -> */, -/* pos 0332: 429 */ 0x00, 0x35 /* - terminal marker 53 - */, -/* pos 0334: 430 */ 0xF4 /* 't' -> */, -/* pos 0335: 431 */ 0xE3 /* 'c' -> */, -/* pos 0336: 432 */ 0xE8 /* 'h' -> */, -/* pos 0337: 433 */ 0xBA /* ':' -> */, -/* pos 0338: 434 */ 0x00, 0x36 /* - terminal marker 54 - */, -/* pos 033a: 435 */ 0xE1 /* 'a' -> */, -/* pos 033b: 436 */ 0xEE /* 'n' -> */, -/* pos 033c: 437 */ 0xE7 /* 'g' -> */, -/* pos 033d: 438 */ 0xE5 /* 'e' -> */, -/* pos 033e: 439 */ 0xBA /* ':' -> */, -/* pos 033f: 440 */ 0x00, 0x37 /* - terminal marker 55 - */, -/* pos 0341: 441 */ 0xEE /* 'n' -> */, -/* pos 0342: 442 */ 0xED /* 'm' -> */, -/* pos 0343: 443 */ 0xEF /* 'o' -> */, -/* pos 0344: 444 */ 0xE4 /* 'd' -> */, -/* pos 0345: 445 */ 0xE9 /* 'i' -> */, -/* pos 0346: 446 */ 0xE6 /* 'f' -> */, -/* pos 0347: 447 */ 0xE9 /* 'i' -> */, -/* pos 0348: 448 */ 0xE5 /* 'e' -> */, -/* pos 0349: 449 */ 0xE4 /* 'd' -> */, -/* pos 034a: 450 */ 0xAD /* '-' -> */, -/* pos 034b: 451 */ 0xF3 /* 's' -> */, -/* pos 034c: 452 */ 0xE9 /* 'i' -> */, -/* pos 034d: 453 */ 0xEE /* 'n' -> */, -/* pos 034e: 454 */ 0xE3 /* 'c' -> */, -/* pos 034f: 455 */ 0xE5 /* 'e' -> */, -/* pos 0350: 456 */ 0xBA /* ':' -> */, -/* pos 0351: 457 */ 0x00, 0x38 /* - terminal marker 56 - */, -/* pos 0353: 458 */ 0x61 /* 'a' */, 0x0A, 0x00 /* (to 0x035D state 459) */, - 0x69 /* 'i' */, 0x15, 0x00 /* (to 0x036B state 472) */, - 0x6F /* 'o' */, 0x17, 0x00 /* (to 0x0370 state 476) */, - 0x08, /* fail */ -/* pos 035d: 459 */ 0xF3 /* 's' -> */, -/* pos 035e: 460 */ 0xF4 /* 't' -> */, -/* pos 035f: 461 */ 0xAD /* '-' -> */, -/* pos 0360: 462 */ 0xED /* 'm' -> */, -/* pos 0361: 463 */ 0xEF /* 'o' -> */, -/* pos 0362: 464 */ 0xE4 /* 'd' -> */, -/* pos 0363: 465 */ 0xE9 /* 'i' -> */, -/* pos 0364: 466 */ 0xE6 /* 'f' -> */, -/* pos 0365: 467 */ 0xE9 /* 'i' -> */, -/* pos 0366: 468 */ 0xE5 /* 'e' -> */, -/* pos 0367: 469 */ 0xE4 /* 'd' -> */, -/* pos 0368: 470 */ 0xBA /* ':' -> */, -/* pos 0369: 471 */ 0x00, 0x39 /* - terminal marker 57 - */, -/* pos 036b: 472 */ 0xEE /* 'n' -> */, -/* pos 036c: 473 */ 0xEB /* 'k' -> */, -/* pos 036d: 474 */ 0xBA /* ':' -> */, -/* pos 036e: 475 */ 0x00, 0x3A /* - terminal marker 58 - */, -/* pos 0370: 476 */ 0xE3 /* 'c' -> */, -/* pos 0371: 477 */ 0xE1 /* 'a' -> */, -/* pos 0372: 478 */ 0xF4 /* 't' -> */, -/* pos 0373: 479 */ 0xE9 /* 'i' -> */, -/* pos 0374: 480 */ 0xEF /* 'o' -> */, -/* pos 0375: 481 */ 0xEE /* 'n' -> */, -/* pos 0376: 482 */ 0xBA /* ':' -> */, -/* pos 0377: 483 */ 0x00, 0x3B /* - terminal marker 59 - */, -/* pos 0379: 484 */ 0xE1 /* 'a' -> */, -/* pos 037a: 485 */ 0xF8 /* 'x' -> */, -/* pos 037b: 486 */ 0xAD /* '-' -> */, -/* pos 037c: 487 */ 0xE6 /* 'f' -> */, -/* pos 037d: 488 */ 0xEF /* 'o' -> */, -/* pos 037e: 489 */ 0xF2 /* 'r' -> */, -/* pos 037f: 490 */ 0xF7 /* 'w' -> */, -/* pos 0380: 491 */ 0xE1 /* 'a' -> */, -/* pos 0381: 492 */ 0xF2 /* 'r' -> */, -/* pos 0382: 493 */ 0xE4 /* 'd' -> */, -/* pos 0383: 494 */ 0xF3 /* 's' -> */, -/* pos 0384: 495 */ 0xBA /* ':' -> */, -/* pos 0385: 496 */ 0x00, 0x3C /* - terminal marker 60 - */, -/* pos 0387: 497 */ 0xF8 /* 'x' -> */, -/* pos 0388: 498 */ 0xF9 /* 'y' -> */, -/* pos 0389: 499 */ 0x2D /* '-' */, 0x07, 0x00 /* (to 0x0390 state 500) */, - 0x20 /* ' ' */, 0xBB, 0x00 /* (to 0x0447 state 649) */, - 0x08, /* fail */ -/* pos 0390: 500 */ 0xE1 /* 'a' -> */, -/* pos 0391: 501 */ 0xF5 /* 'u' -> */, -/* pos 0392: 502 */ 0xF4 /* 't' -> */, -/* pos 0393: 503 */ 0xE8 /* 'h' -> */, -/* pos 0394: 504 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x039B state 505) */, - 0x6F /* 'o' */, 0x0E, 0x00 /* (to 0x03A5 state 514) */, - 0x08, /* fail */ -/* pos 039b: 505 */ 0xEE /* 'n' -> */, -/* pos 039c: 506 */ 0xF4 /* 't' -> */, -/* pos 039d: 507 */ 0xE9 /* 'i' -> */, -/* pos 039e: 508 */ 0xE3 /* 'c' -> */, -/* pos 039f: 509 */ 0xE1 /* 'a' -> */, -/* pos 03a0: 510 */ 0xF4 /* 't' -> */, -/* pos 03a1: 511 */ 0xE5 /* 'e' -> */, -/* pos 03a2: 512 */ 0xBA /* ':' -> */, -/* pos 03a3: 513 */ 0x00, 0x3D /* - terminal marker 61 - */, -/* pos 03a5: 514 */ 0xF2 /* 'r' -> */, -/* pos 03a6: 515 */ 0xE9 /* 'i' -> */, -/* pos 03a7: 516 */ 0xFA /* 'z' -> */, -/* pos 03a8: 517 */ 0xE1 /* 'a' -> */, -/* pos 03a9: 518 */ 0xF4 /* 't' -> */, -/* pos 03aa: 519 */ 0xE9 /* 'i' -> */, -/* pos 03ab: 520 */ 0xEF /* 'o' -> */, -/* pos 03ac: 521 */ 0xEE /* 'n' -> */, -/* pos 03ad: 522 */ 0xBA /* ':' -> */, -/* pos 03ae: 523 */ 0x00, 0x3E /* - terminal marker 62 - */, -/* pos 03b0: 524 */ 0xE5 /* 'e' -> */, -/* pos 03b1: 525 */ 0xF3 /* 's' -> */, -/* pos 03b2: 526 */ 0xE8 /* 'h' -> */, -/* pos 03b3: 527 */ 0xBA /* ':' -> */, -/* pos 03b4: 528 */ 0x00, 0x3F /* - terminal marker 63 - */, -/* pos 03b6: 529 */ 0xF2 /* 'r' -> */, -/* pos 03b7: 530 */ 0xF9 /* 'y' -> */, -/* pos 03b8: 531 */ 0xAD /* '-' -> */, -/* pos 03b9: 532 */ 0xE1 /* 'a' -> */, -/* pos 03ba: 533 */ 0xE6 /* 'f' -> */, -/* pos 03bb: 534 */ 0xF4 /* 't' -> */, -/* pos 03bc: 535 */ 0xE5 /* 'e' -> */, -/* pos 03bd: 536 */ 0xF2 /* 'r' -> */, -/* pos 03be: 537 */ 0xBA /* ':' -> */, -/* pos 03bf: 538 */ 0x00, 0x40 /* - terminal marker 64 - */, -/* pos 03c1: 539 */ 0xF6 /* 'v' -> */, -/* pos 03c2: 540 */ 0xE5 /* 'e' -> */, -/* pos 03c3: 541 */ 0xF2 /* 'r' -> */, -/* pos 03c4: 542 */ 0xBA /* ':' -> */, -/* pos 03c5: 543 */ 0x00, 0x41 /* - terminal marker 65 - */, -/* pos 03c7: 544 */ 0xAD /* '-' -> */, -/* pos 03c8: 545 */ 0xE3 /* 'c' -> */, -/* pos 03c9: 546 */ 0xEF /* 'o' -> */, -/* pos 03ca: 547 */ 0xEF /* 'o' -> */, -/* pos 03cb: 548 */ 0xEB /* 'k' -> */, -/* pos 03cc: 549 */ 0xE9 /* 'i' -> */, -/* pos 03cd: 550 */ 0xE5 /* 'e' -> */, -/* pos 03ce: 551 */ 0xBA /* ':' -> */, -/* pos 03cf: 552 */ 0x00, 0x42 /* - terminal marker 66 - */, -/* pos 03d1: 553 */ 0xF2 /* 'r' -> */, -/* pos 03d2: 554 */ 0xE9 /* 'i' -> */, -/* pos 03d3: 555 */ 0xE3 /* 'c' -> */, -/* pos 03d4: 556 */ 0xF4 /* 't' -> */, -/* pos 03d5: 557 */ 0xAD /* '-' -> */, -/* pos 03d6: 558 */ 0xF4 /* 't' -> */, -/* pos 03d7: 559 */ 0xF2 /* 'r' -> */, -/* pos 03d8: 560 */ 0xE1 /* 'a' -> */, -/* pos 03d9: 561 */ 0xEE /* 'n' -> */, -/* pos 03da: 562 */ 0xF3 /* 's' -> */, -/* pos 03db: 563 */ 0xF0 /* 'p' -> */, -/* pos 03dc: 564 */ 0xEF /* 'o' -> */, -/* pos 03dd: 565 */ 0xF2 /* 'r' -> */, -/* pos 03de: 566 */ 0xF4 /* 't' -> */, -/* pos 03df: 567 */ 0xAD /* '-' -> */, -/* pos 03e0: 568 */ 0xF3 /* 's' -> */, -/* pos 03e1: 569 */ 0xE5 /* 'e' -> */, -/* pos 03e2: 570 */ 0xE3 /* 'c' -> */, -/* pos 03e3: 571 */ 0xF5 /* 'u' -> */, -/* pos 03e4: 572 */ 0xF2 /* 'r' -> */, -/* pos 03e5: 573 */ 0xE9 /* 'i' -> */, -/* pos 03e6: 574 */ 0xF4 /* 't' -> */, -/* pos 03e7: 575 */ 0xF9 /* 'y' -> */, -/* pos 03e8: 576 */ 0xBA /* ':' -> */, -/* pos 03e9: 577 */ 0x00, 0x43 /* - terminal marker 67 - */, -/* pos 03eb: 578 */ 0x72 /* 'r' */, 0x07, 0x00 /* (to 0x03F2 state 579) */, - 0x65 /* 'e' */, 0x87, 0x00 /* (to 0x0475 state 680) */, - 0x08, /* fail */ -/* pos 03f2: 579 */ 0xE1 /* 'a' -> */, -/* pos 03f3: 580 */ 0xEE /* 'n' -> */, -/* pos 03f4: 581 */ 0xF3 /* 's' -> */, -/* pos 03f5: 582 */ 0xE6 /* 'f' -> */, -/* pos 03f6: 583 */ 0xE5 /* 'e' -> */, -/* pos 03f7: 584 */ 0xF2 /* 'r' -> */, -/* pos 03f8: 585 */ 0xAD /* '-' -> */, -/* pos 03f9: 586 */ 0xE5 /* 'e' -> */, -/* pos 03fa: 587 */ 0xEE /* 'n' -> */, -/* pos 03fb: 588 */ 0xE3 /* 'c' -> */, -/* pos 03fc: 589 */ 0xEF /* 'o' -> */, -/* pos 03fd: 590 */ 0xE4 /* 'd' -> */, -/* pos 03fe: 591 */ 0xE9 /* 'i' -> */, -/* pos 03ff: 592 */ 0xEE /* 'n' -> */, -/* pos 0400: 593 */ 0xE7 /* 'g' -> */, -/* pos 0401: 594 */ 0xBA /* ':' -> */, -/* pos 0402: 595 */ 0x00, 0x44 /* - terminal marker 68 - */, -/* pos 0404: 596 */ 0xE5 /* 'e' -> */, -/* pos 0405: 597 */ 0xF2 /* 'r' -> */, -/* pos 0406: 598 */ 0xAD /* '-' -> */, -/* pos 0407: 599 */ 0xE1 /* 'a' -> */, -/* pos 0408: 600 */ 0xE7 /* 'g' -> */, -/* pos 0409: 601 */ 0xE5 /* 'e' -> */, -/* pos 040a: 602 */ 0xEE /* 'n' -> */, -/* pos 040b: 603 */ 0xF4 /* 't' -> */, -/* pos 040c: 604 */ 0xBA /* ':' -> */, -/* pos 040d: 605 */ 0x00, 0x45 /* - terminal marker 69 - */, -/* pos 040f: 606 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x0416 state 607) */, - 0x69 /* 'i' */, 0x09, 0x00 /* (to 0x041B state 611) */, - 0x08, /* fail */ -/* pos 0416: 607 */ 0xF2 /* 'r' -> */, -/* pos 0417: 608 */ 0xF9 /* 'y' -> */, -/* pos 0418: 609 */ 0xBA /* ':' -> */, -/* pos 0419: 610 */ 0x00, 0x46 /* - terminal marker 70 - */, -/* pos 041b: 611 */ 0xE1 /* 'a' -> */, -/* pos 041c: 612 */ 0xBA /* ':' -> */, -/* pos 041d: 613 */ 0x00, 0x47 /* - terminal marker 71 - */, -/* pos 041f: 614 */ 0xF7 /* 'w' -> */, -/* pos 0420: 615 */ 0xF7 /* 'w' -> */, -/* pos 0421: 616 */ 0xAD /* '-' -> */, -/* pos 0422: 617 */ 0xE1 /* 'a' -> */, -/* pos 0423: 618 */ 0xF5 /* 'u' -> */, -/* pos 0424: 619 */ 0xF4 /* 't' -> */, -/* pos 0425: 620 */ 0xE8 /* 'h' -> */, -/* pos 0426: 621 */ 0xE5 /* 'e' -> */, -/* pos 0427: 622 */ 0xEE /* 'n' -> */, -/* pos 0428: 623 */ 0xF4 /* 't' -> */, -/* pos 0429: 624 */ 0xE9 /* 'i' -> */, -/* pos 042a: 625 */ 0xE3 /* 'c' -> */, -/* pos 042b: 626 */ 0xE1 /* 'a' -> */, -/* pos 042c: 627 */ 0xF4 /* 't' -> */, -/* pos 042d: 628 */ 0xE5 /* 'e' -> */, -/* pos 042e: 629 */ 0xBA /* ':' -> */, -/* pos 042f: 630 */ 0x00, 0x48 /* - terminal marker 72 - */, -/* pos 0431: 631 */ 0xF4 /* 't' -> */, -/* pos 0432: 632 */ 0xE3 /* 'c' -> */, -/* pos 0433: 633 */ 0xE8 /* 'h' -> */, -/* pos 0434: 634 */ 0x00, 0x49 /* - terminal marker 73 - */, -/* pos 0436: 635 */ 0xF4 /* 't' -> */, -/* pos 0437: 636 */ 0x00, 0x4A /* - terminal marker 74 - */, -/* pos 0439: 637 */ 0xEC /* 'l' -> */, -/* pos 043a: 638 */ 0xE5 /* 'e' -> */, -/* pos 043b: 639 */ 0xF4 /* 't' -> */, -/* pos 043c: 640 */ 0xE5 /* 'e' -> */, -/* pos 043d: 641 */ 0x00, 0x4B /* - terminal marker 75 - */, -/* pos 043f: 642 */ 0xE9 /* 'i' -> */, -/* pos 0440: 643 */ 0xAD /* '-' -> */, -/* pos 0441: 644 */ 0xE1 /* 'a' -> */, -/* pos 0442: 645 */ 0xF2 /* 'r' -> */, -/* pos 0443: 646 */ 0xE7 /* 'g' -> */, -/* pos 0444: 647 */ 0xF3 /* 's' -> */, -/* pos 0445: 648 */ 0x00, 0x4C /* - terminal marker 76 - */, -/* pos 0447: 649 */ 0x00, 0x4D /* - terminal marker 77 - */, -/* pos 0449: 650 */ 0xAD /* '-' -> */, -/* pos 044a: 651 */ 0x72 /* 'r' */, 0x0A, 0x00 /* (to 0x0454 state 652) */, - 0x66 /* 'f' */, 0x13, 0x00 /* (to 0x0460 state 662) */, - 0x61 /* 'a' */, 0x3C, 0x00 /* (to 0x048C state 700) */, - 0x08, /* fail */ -/* pos 0454: 652 */ 0xE5 /* 'e' -> */, -/* pos 0455: 653 */ 0xE1 /* 'a' -> */, -/* pos 0456: 654 */ 0xEC /* 'l' -> */, -/* pos 0457: 655 */ 0xAD /* '-' -> */, -/* pos 0458: 656 */ 0xE9 /* 'i' -> */, -/* pos 0459: 657 */ 0xF0 /* 'p' -> */, -/* pos 045a: 658 */ 0xBA /* ':' -> */, -/* pos 045b: 659 */ 0x00, 0x4E /* - terminal marker 78 - */, -/* pos 045d: 660 */ 0xA0 /* ' ' -> */, -/* pos 045e: 661 */ 0x00, 0x4F /* - terminal marker 79 - */, -/* pos 0460: 662 */ 0xEF /* 'o' -> */, -/* pos 0461: 663 */ 0xF2 /* 'r' -> */, -/* pos 0462: 664 */ 0xF7 /* 'w' -> */, -/* pos 0463: 665 */ 0xE1 /* 'a' -> */, -/* pos 0464: 666 */ 0xF2 /* 'r' -> */, -/* pos 0465: 667 */ 0xE4 /* 'd' -> */, -/* pos 0466: 668 */ 0xE5 /* 'e' -> */, -/* pos 0467: 669 */ 0xE4 /* 'd' -> */, -/* pos 0468: 670 */ 0xAD /* '-' -> */, -/* pos 0469: 671 */ 0xE6 /* 'f' -> */, -/* pos 046a: 672 */ 0xEF /* 'o' -> */, -/* pos 046b: 673 */ 0xF2 /* 'r' -> */, -/* pos 046c: 674 */ 0x00, 0x50 /* - terminal marker 80 - */, -/* pos 046e: 675 */ 0x00, 0x51 /* - terminal marker 81 - */, -/* pos 0470: 676 */ 0xE1 /* 'a' -> */, -/* pos 0471: 677 */ 0xE4 /* 'd' -> */, -/* pos 0472: 678 */ 0xA0 /* ' ' -> */, -/* pos 0473: 679 */ 0x00, 0x52 /* - terminal marker 82 - */, -/* pos 0475: 680 */ 0xBA /* ':' -> */, -/* pos 0476: 681 */ 0x00, 0x53 /* - terminal marker 83 - */, -/* pos 0478: 682 */ 0xEC /* 'l' -> */, -/* pos 0479: 683 */ 0xE1 /* 'a' -> */, -/* pos 047a: 684 */ 0xF9 /* 'y' -> */, -/* pos 047b: 685 */ 0xAD /* '-' -> */, -/* pos 047c: 686 */ 0xEE /* 'n' -> */, -/* pos 047d: 687 */ 0xEF /* 'o' -> */, -/* pos 047e: 688 */ 0xEE /* 'n' -> */, -/* pos 047f: 689 */ 0xE3 /* 'c' -> */, -/* pos 0480: 690 */ 0xE5 /* 'e' -> */, -/* pos 0481: 691 */ 0xBA /* ':' -> */, -/* pos 0482: 692 */ 0x00, 0x54 /* - terminal marker 84 - */, -/* pos 0484: 693 */ 0xEF /* 'o' -> */, -/* pos 0485: 694 */ 0xF4 /* 't' -> */, -/* pos 0486: 695 */ 0xEF /* 'o' -> */, -/* pos 0487: 696 */ 0xE3 /* 'c' -> */, -/* pos 0488: 697 */ 0xEF /* 'o' -> */, -/* pos 0489: 698 */ 0xEC /* 'l' -> */, -/* pos 048a: 699 */ 0x00, 0x55 /* - terminal marker 85 - */, -/* pos 048c: 700 */ 0xF5 /* 'u' -> */, -/* pos 048d: 701 */ 0xF4 /* 't' -> */, -/* pos 048e: 702 */ 0xE8 /* 'h' -> */, -/* pos 048f: 703 */ 0xAD /* '-' -> */, -/* pos 0490: 704 */ 0xF4 /* 't' -> */, -/* pos 0491: 705 */ 0xEF /* 'o' -> */, -/* pos 0492: 706 */ 0xEB /* 'k' -> */, -/* pos 0493: 707 */ 0xE5 /* 'e' -> */, -/* pos 0494: 708 */ 0xEE /* 'n' -> */, -/* pos 0495: 709 */ 0xBA /* ':' -> */, -/* pos 0496: 710 */ 0x00, 0x56 /* - terminal marker 86 - */, -/* total size 1176 bytes */ diff --git a/thirdparty/libwebsockets/lib/roles/http/private.h b/thirdparty/libwebsockets/lib/roles/http/private.h deleted file mode 100644 index ff8b0581cc..0000000000 --- a/thirdparty/libwebsockets/lib/roles/http/private.h +++ /dev/null @@ -1,277 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * This is included from core/private.h if either H1 or H2 roles are - * enabled - */ - -#if defined(LWS_WITH_HUBBUB) - #include - #include - #endif - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) -#include "roles/http/compression/private.h" -#endif - -#define lwsi_role_http(wsi) (lwsi_role_h1(wsi) || lwsi_role_h2(wsi)) - -enum http_version { - HTTP_VERSION_1_0, - HTTP_VERSION_1_1, - HTTP_VERSION_2 -}; - -enum http_conn_type { - HTTP_CONNECTION_CLOSE, - HTTP_CONNECTION_KEEP_ALIVE -}; - -/* - * This is totally opaque to code using the library. It's exported as a - * forward-reference pointer-only declaration; the user can use the pointer with - * other APIs to get information out of it. - */ - -#if defined(LWS_WITH_ESP32) -typedef uint16_t ah_data_idx_t; -#else -typedef uint32_t ah_data_idx_t; -#endif - -struct lws_fragments { - ah_data_idx_t offset; - uint16_t len; - uint8_t nfrag; /* which ah->frag[] continues this content, or 0 */ - uint8_t flags; /* only http2 cares */ -}; - -#if defined(LWS_WITH_RANGES) -enum range_states { - LWSRS_NO_ACTIVE_RANGE, - LWSRS_BYTES_EQ, - LWSRS_FIRST, - LWSRS_STARTING, - LWSRS_ENDING, - LWSRS_COMPLETED, - LWSRS_SYNTAX, -}; - -struct lws_range_parsing { - unsigned long long start, end, extent, agg, budget; - const char buf[128]; - int pos; - enum range_states state; - char start_valid, end_valid, ctr, count_ranges, did_try, inside, send_ctr; -}; - -int -lws_ranges_init(struct lws *wsi, struct lws_range_parsing *rp, - unsigned long long extent); -int -lws_ranges_next(struct lws_range_parsing *rp); -void -lws_ranges_reset(struct lws_range_parsing *rp); -#endif - -/* - * these are assigned from a pool held in the context. - * Both client and server mode uses them for http header analysis - */ - -struct allocated_headers { - struct allocated_headers *next; /* linked list */ - struct lws *wsi; /* owner */ - char *data; /* prepared by context init to point to dedicated storage */ - ah_data_idx_t data_length; - /* - * the randomly ordered fragments, indexed by frag_index and - * lws_fragments->nfrag for continuation. - */ - struct lws_fragments frags[WSI_TOKEN_COUNT]; - time_t assigned; - /* - * for each recognized token, frag_index says which frag[] his data - * starts in (0 means the token did not appear) - * the actual header data gets dumped as it comes in, into data[] - */ - uint8_t frag_index[WSI_TOKEN_COUNT]; - -#ifndef LWS_NO_CLIENT - char initial_handshake_hash_base64[30]; -#endif - - uint32_t pos; - uint32_t http_response; - uint32_t current_token_limit; - int hdr_token_idx; - - int16_t lextable_pos; - - uint8_t in_use; - uint8_t nfrag; - char /*enum uri_path_states */ ups; - char /*enum uri_esc_states */ ues; - - char esc_stash; - char post_literal_equal; - uint8_t /* enum lws_token_indexes */ parser_state; -}; - - - -#if defined(LWS_WITH_HUBBUB) -struct lws_rewrite { - hubbub_parser *parser; - hubbub_parser_optparams params; - const char *from, *to; - int from_len, to_len; - unsigned char *p, *end; - struct lws *wsi; -}; -static LWS_INLINE int hstrcmp(hubbub_string *s, const char *p, int len) -{ - if ((int)s->len != len) - return 1; - - return strncmp((const char *)s->ptr, p, len); -} -typedef hubbub_error (*hubbub_callback_t)(const hubbub_token *token, void *pw); -LWS_EXTERN struct lws_rewrite * -lws_rewrite_create(struct lws *wsi, hubbub_callback_t cb, const char *from, const char *to); -LWS_EXTERN void -lws_rewrite_destroy(struct lws_rewrite *r); -LWS_EXTERN int -lws_rewrite_parse(struct lws_rewrite *r, const unsigned char *in, int in_len); -#endif - -struct lws_pt_role_http { - struct allocated_headers *ah_list; - struct lws *ah_wait_list; -#ifdef LWS_WITH_CGI - struct lws_cgi *cgi_list; -#endif - int ah_wait_list_length; - uint32_t ah_pool_length; - - int ah_count_in_use; -}; - -struct lws_peer_role_http { - uint32_t count_ah; - uint32_t total_ah; -}; - -struct lws_vhost_role_http { - char http_proxy_address[128]; - const struct lws_http_mount *mount_list; - const char *error_document_404; - unsigned int http_proxy_port; -}; - -#ifdef LWS_WITH_ACCESS_LOG -struct lws_access_log { - char *header_log; - char *user_agent; - char *referrer; - unsigned long sent; - int response; -}; -#endif - -#define LWS_HTTP_CHUNK_HDR_MAX_SIZE (6 + 2) /* 6 hex digits and then CRLF */ -#define LWS_HTTP_CHUNK_TRL_MAX_SIZE (2 + 5) /* CRLF, then maybe 0 CRLF CRLF */ - -struct _lws_http_mode_related { - struct lws *new_wsi_list; - - unsigned char *pending_return_headers; - size_t pending_return_headers_len; - -#if defined(LWS_WITH_HTTP_PROXY) - struct lws_rewrite *rw; -#endif - struct allocated_headers *ah; - struct lws *ah_wait_list; - - lws_filepos_t filepos; - lws_filepos_t filelen; - lws_fop_fd_t fop_fd; - -#if defined(LWS_WITH_RANGES) - struct lws_range_parsing range; - char multipart_content_type[64]; -#endif - -#ifdef LWS_WITH_ACCESS_LOG - struct lws_access_log access_log; -#endif -#ifdef LWS_WITH_CGI - struct lws_cgi *cgi; /* wsi being cgi master have one of these */ -#endif -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - struct lws_compression_support *lcs; - lws_comp_ctx_t comp_ctx; - unsigned char comp_accept_mask; -#endif - - enum http_version request_version; - enum http_conn_type conn_type; - lws_filepos_t tx_content_length; - lws_filepos_t tx_content_remain; - lws_filepos_t rx_content_length; - lws_filepos_t rx_content_remain; - -#if defined(LWS_WITH_HTTP_PROXY) - unsigned int perform_rewrite:1; - unsigned int proxy_clientside:1; - unsigned int proxy_parent_chunked:1; -#endif - unsigned int deferred_transaction_completed:1; - unsigned int content_length_explicitly_zero:1; - unsigned int did_stream_close:1; -}; - - -#ifndef LWS_NO_CLIENT -enum lws_chunk_parser { - ELCP_HEX, - ELCP_CR, - ELCP_CONTENT, - ELCP_POST_CR, - ELCP_POST_LF, -}; -#endif - -enum lws_parse_urldecode_results { - LPUR_CONTINUE, - LPUR_SWALLOW, - LPUR_FORBID, - LPUR_EXCESSIVE, -}; - -int -lws_read_h1(struct lws *wsi, unsigned char *buf, lws_filepos_t len); - -void -_lws_header_table_reset(struct allocated_headers *ah); - -LWS_EXTERN int -_lws_destroy_ah(struct lws_context_per_thread *pt, struct allocated_headers *ah); diff --git a/thirdparty/libwebsockets/lib/roles/http/server/fops-zip.c b/thirdparty/libwebsockets/lib/roles/http/server/fops-zip.c deleted file mode 100644 index 4db83ce621..0000000000 --- a/thirdparty/libwebsockets/lib/roles/http/server/fops-zip.c +++ /dev/null @@ -1,668 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Original code used in this source file: - * - * https://github.com/PerBothner/DomTerm.git @912add15f3d0aec - * - * ./lws-term/io.c - * ./lws-term/junzip.c - * - * Copyright (C) 2017 Per Bothner - * - * MIT License - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * ( copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - * SOFTWARE. - * - * - * lws rewrite: - * - * Copyright (C) 2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -#include - -/* - * This code works with zip format containers which may have files compressed - * with gzip deflate (type 8) or store uncompressed (type 0). - * - * Linux zip produces such zipfiles by default, eg - * - * $ zip ../myzip.zip file1 file2 file3 - */ - -#define ZIP_COMPRESSION_METHOD_STORE 0 -#define ZIP_COMPRESSION_METHOD_DEFLATE 8 - -typedef struct { - lws_filepos_t filename_start; - uint32_t crc32; - uint32_t comp_size; - uint32_t uncomp_size; - uint32_t offset; - uint32_t mod_time; - uint16_t filename_len; - uint16_t extra; - uint16_t method; - uint16_t file_com_len; -} lws_fops_zip_hdr_t; - -typedef struct { - struct lws_fop_fd fop_fd; /* MUST BE FIRST logical fop_fd into - * file inside zip: fops_zip fops */ - lws_fop_fd_t zip_fop_fd; /* logical fop fd on to zip file - * itself: using platform fops */ - lws_fops_zip_hdr_t hdr; - z_stream inflate; - lws_filepos_t content_start; - lws_filepos_t exp_uncomp_pos; - union { - uint8_t trailer8[8]; - uint32_t trailer32[2]; - } u; - uint8_t rbuf[128]; /* decompression chunk size */ - int entry_count; - - unsigned int decompress:1; /* 0 = direct from file */ - unsigned int add_gzip_container:1; -} *lws_fops_zip_t; - -struct lws_plat_file_ops fops_zip; -#define fop_fd_to_priv(FD) ((lws_fops_zip_t)(FD)) - -static const uint8_t hd[] = { 31, 139, 8, 0, 0, 0, 0, 0, 0, 3 }; - -enum { - ZC_SIGNATURE = 0, - ZC_VERSION_MADE_BY = 4, - ZC_VERSION_NEEDED_TO_EXTRACT = 6, - ZC_GENERAL_PURPOSE_BIT_FLAG = 8, - ZC_COMPRESSION_METHOD = 10, - ZC_LAST_MOD_FILE_TIME = 12, - ZC_LAST_MOD_FILE_DATE = 14, - ZC_CRC32 = 16, - ZC_COMPRESSED_SIZE = 20, - ZC_UNCOMPRESSED_SIZE = 24, - ZC_FILE_NAME_LENGTH = 28, - ZC_EXTRA_FIELD_LENGTH = 30, - - ZC_FILE_COMMENT_LENGTH = 32, - ZC_DISK_NUMBER_START = 34, - ZC_INTERNAL_FILE_ATTRIBUTES = 36, - ZC_EXTERNAL_FILE_ATTRIBUTES = 38, - ZC_REL_OFFSET_LOCAL_HEADER = 42, - ZC_DIRECTORY_LENGTH = 46, - - ZE_SIGNATURE_OFFSET = 0, - ZE_DESK_NUMBER = 4, - ZE_CENTRAL_DIRECTORY_DISK_NUMBER = 6, - ZE_NUM_ENTRIES_THIS_DISK = 8, - ZE_NUM_ENTRIES = 10, - ZE_CENTRAL_DIRECTORY_SIZE = 12, - ZE_CENTRAL_DIR_OFFSET = 16, - ZE_ZIP_COMMENT_LENGTH = 20, - ZE_DIRECTORY_LENGTH = 22, - - ZL_REL_OFFSET_CONTENT = 28, - ZL_HEADER_LENGTH = 30, - - LWS_FZ_ERR_SEEK_END_RECORD = 1, - LWS_FZ_ERR_READ_END_RECORD, - LWS_FZ_ERR_END_RECORD_MAGIC, - LWS_FZ_ERR_END_RECORD_SANITY, - LWS_FZ_ERR_CENTRAL_SEEK, - LWS_FZ_ERR_CENTRAL_READ, - LWS_FZ_ERR_CENTRAL_SANITY, - LWS_FZ_ERR_NAME_TOO_LONG, - LWS_FZ_ERR_NAME_SEEK, - LWS_FZ_ERR_NAME_READ, - LWS_FZ_ERR_CONTENT_SANITY, - LWS_FZ_ERR_CONTENT_SEEK, - LWS_FZ_ERR_SCAN_SEEK, - LWS_FZ_ERR_NOT_FOUND, - LWS_FZ_ERR_ZLIB_INIT, - LWS_FZ_ERR_READ_CONTENT, - LWS_FZ_ERR_SEEK_COMPRESSED, -}; - -static uint16_t -get_u16(void *p) -{ - const uint8_t *c = (const uint8_t *)p; - - return (uint16_t)((c[0] | (c[1] << 8))); -} - -static uint32_t -get_u32(void *p) -{ - const uint8_t *c = (const uint8_t *)p; - - return (uint32_t)((c[0] | (c[1] << 8) | (c[2] << 16) | (c[3] << 24))); -} - -int -lws_fops_zip_scan(lws_fops_zip_t priv, const char *name, int len) -{ - lws_filepos_t amount; - uint8_t buf[96]; - int i; - - if (lws_vfs_file_seek_end(priv->zip_fop_fd, -ZE_DIRECTORY_LENGTH) < 0) - return LWS_FZ_ERR_SEEK_END_RECORD; - - if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf, - ZE_DIRECTORY_LENGTH)) - return LWS_FZ_ERR_READ_END_RECORD; - - if (amount != ZE_DIRECTORY_LENGTH) - return LWS_FZ_ERR_READ_END_RECORD; - - /* - * We require the zip to have the last record right at the end - * Linux zip always does this if no zip comment. - */ - if (buf[0] != 'P' || buf[1] != 'K' || buf[2] != 5 || buf[3] != 6) - return LWS_FZ_ERR_END_RECORD_MAGIC; - - i = get_u16(buf + ZE_NUM_ENTRIES); - - if (get_u16(buf + ZE_DESK_NUMBER) || - get_u16(buf + ZE_CENTRAL_DIRECTORY_DISK_NUMBER) || - i != get_u16(buf + ZE_NUM_ENTRIES_THIS_DISK)) - return LWS_FZ_ERR_END_RECORD_SANITY; - - /* end record is OK... look for our file in the central dir */ - - if (lws_vfs_file_seek_set(priv->zip_fop_fd, - get_u32(buf + ZE_CENTRAL_DIR_OFFSET)) < 0) - return LWS_FZ_ERR_CENTRAL_SEEK; - - while (i--) { - priv->content_start = lws_vfs_tell(priv->zip_fop_fd); - - if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf, - ZC_DIRECTORY_LENGTH)) - return LWS_FZ_ERR_CENTRAL_READ; - - if (amount != ZC_DIRECTORY_LENGTH) - return LWS_FZ_ERR_CENTRAL_READ; - - if (get_u32(buf + ZC_SIGNATURE) != 0x02014B50) - return LWS_FZ_ERR_CENTRAL_SANITY; - - lwsl_debug("cstart 0x%lx\n", (unsigned long)priv->content_start); - - priv->hdr.filename_len = get_u16(buf + ZC_FILE_NAME_LENGTH); - priv->hdr.extra = get_u16(buf + ZC_EXTRA_FIELD_LENGTH); - priv->hdr.filename_start = lws_vfs_tell(priv->zip_fop_fd); - - priv->hdr.method = get_u16(buf + ZC_COMPRESSION_METHOD); - priv->hdr.crc32 = get_u32(buf + ZC_CRC32); - priv->hdr.comp_size = get_u32(buf + ZC_COMPRESSED_SIZE); - priv->hdr.uncomp_size = get_u32(buf + ZC_UNCOMPRESSED_SIZE); - priv->hdr.offset = get_u32(buf + ZC_REL_OFFSET_LOCAL_HEADER); - priv->hdr.mod_time = get_u32(buf + ZC_LAST_MOD_FILE_TIME); - priv->hdr.file_com_len = get_u16(buf + ZC_FILE_COMMENT_LENGTH); - - if (priv->hdr.filename_len != len) - goto next; - - if (len >= (int)sizeof(buf) - 1) - return LWS_FZ_ERR_NAME_TOO_LONG; - - if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, - &amount, buf, len)) - return LWS_FZ_ERR_NAME_READ; - if ((int)amount != len) - return LWS_FZ_ERR_NAME_READ; - - buf[len] = '\0'; - lwsl_debug("check %s vs %s\n", buf, name); - - if (strcmp((const char *)buf, name)) - goto next; - - /* we found a match */ - if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->hdr.offset) < 0) - return LWS_FZ_ERR_NAME_SEEK; - if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, - &amount, buf, - ZL_HEADER_LENGTH)) - return LWS_FZ_ERR_NAME_READ; - if (amount != ZL_HEADER_LENGTH) - return LWS_FZ_ERR_NAME_READ; - - priv->content_start = priv->hdr.offset + - ZL_HEADER_LENGTH + - priv->hdr.filename_len + - get_u16(buf + ZL_REL_OFFSET_CONTENT); - - lwsl_debug("content supposed to start at 0x%lx\n", - (unsigned long)priv->content_start); - - if (priv->content_start > priv->zip_fop_fd->len) - return LWS_FZ_ERR_CONTENT_SANITY; - - if (lws_vfs_file_seek_set(priv->zip_fop_fd, - priv->content_start) < 0) - return LWS_FZ_ERR_CONTENT_SEEK; - - /* we are aligned at the start of the content */ - - priv->exp_uncomp_pos = 0; - - return 0; - -next: - if (i && lws_vfs_file_seek_set(priv->zip_fop_fd, - priv->content_start + - ZC_DIRECTORY_LENGTH + - priv->hdr.filename_len + - priv->hdr.extra + - priv->hdr.file_com_len) < 0) - return LWS_FZ_ERR_SCAN_SEEK; - } - - return LWS_FZ_ERR_NOT_FOUND; -} - -static int -lws_fops_zip_reset_inflate(lws_fops_zip_t priv) -{ - if (priv->decompress) - inflateEnd(&priv->inflate); - - priv->inflate.zalloc = Z_NULL; - priv->inflate.zfree = Z_NULL; - priv->inflate.opaque = Z_NULL; - priv->inflate.avail_in = 0; - priv->inflate.next_in = Z_NULL; - - if (inflateInit2(&priv->inflate, -MAX_WBITS) != Z_OK) { - lwsl_err("inflate init failed\n"); - return LWS_FZ_ERR_ZLIB_INIT; - } - - if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->content_start) < 0) - return LWS_FZ_ERR_CONTENT_SEEK; - - priv->exp_uncomp_pos = 0; - - return 0; -} - -static lws_fop_fd_t -lws_fops_zip_open(const struct lws_plat_file_ops *fops, const char *vfs_path, - const char *vpath, lws_fop_flags_t *flags) -{ - lws_fop_flags_t local_flags = 0; - lws_fops_zip_t priv; - char rp[192]; - int m; - - /* - * vpath points at the / after the fops signature in vfs_path, eg - * with a vfs_path "/var/www/docs/manual.zip/index.html", vpath - * will come pointing at "/index.html" - */ - - priv = lws_zalloc(sizeof(*priv), "fops_zip priv"); - if (!priv) - return NULL; - - priv->fop_fd.fops = &fops_zip; - - m = sizeof(rp) - 1; - if ((vpath - vfs_path - 1) < m) - m = lws_ptr_diff(vpath, vfs_path) - 1; - lws_strncpy(rp, vfs_path, m + 1); - - /* open the zip file itself using the incoming fops, not fops_zip */ - - priv->zip_fop_fd = fops->LWS_FOP_OPEN(fops, rp, NULL, &local_flags); - if (!priv->zip_fop_fd) { - lwsl_err("unable to open zip %s\n", rp); - goto bail1; - } - - if (*vpath == '/') - vpath++; - - m = lws_fops_zip_scan(priv, vpath, (int)strlen(vpath)); - if (m) { - lwsl_err("unable to find record matching '%s' %d\n", vpath, m); - goto bail2; - } - - /* the directory metadata tells us modification time, so pass it on */ - priv->fop_fd.mod_time = priv->hdr.mod_time; - *flags |= LWS_FOP_FLAG_MOD_TIME_VALID | LWS_FOP_FLAG_VIRTUAL; - priv->fop_fd.flags = *flags; - - /* The zip fop_fd is left pointing at the start of the content. - * - * 1) Content could be uncompressed (STORE), and we can always serve - * that directly - * - * 2) Content could be compressed (GZIP), and the client can handle - * receiving GZIP... we can wrap it in a GZIP header and trailer - * and serve the content part directly. The flag indicating we - * are providing GZIP directly is set so lws will send the right - * headers. - * - * 3) Content could be compressed (GZIP) but the client can't handle - * receiving GZIP... we can decompress it and serve as it is - * inflated piecemeal. - * - * 4) Content may be compressed some unknown way... fail - * - */ - if (priv->hdr.method == ZIP_COMPRESSION_METHOD_STORE) { - /* - * it is stored uncompressed, leave it indicated as - * uncompressed, and just serve it from inside the - * zip with no gzip container; - */ - - lwsl_info("direct zip serving (stored)\n"); - - priv->fop_fd.len = priv->hdr.uncomp_size; - - return &priv->fop_fd; - } - - if ((*flags & LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP) && - priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) { - - /* - * We can serve the gzipped file contents directly as gzip - * from inside the zip container; client says it is OK. - * - * To convert to standalone gzip, we have to add a 10-byte - * constant header and a variable 8-byte trailer around the - * content. - * - * The 8-byte trailer is prepared now and held in the priv. - */ - - lwsl_info("direct zip serving (gzipped)\n"); - - priv->fop_fd.len = sizeof(hd) + priv->hdr.comp_size + - sizeof(priv->u); - - if (lws_is_be()) { - uint8_t *p = priv->u.trailer8; - - *p++ = (uint8_t)priv->hdr.crc32; - *p++ = (uint8_t)(priv->hdr.crc32 >> 8); - *p++ = (uint8_t)(priv->hdr.crc32 >> 16); - *p++ = (uint8_t)(priv->hdr.crc32 >> 24); - *p++ = (uint8_t)priv->hdr.uncomp_size; - *p++ = (uint8_t)(priv->hdr.uncomp_size >> 8); - *p++ = (uint8_t)(priv->hdr.uncomp_size >> 16); - *p = (uint8_t)(priv->hdr.uncomp_size >> 24); - } else { - priv->u.trailer32[0] = priv->hdr.crc32; - priv->u.trailer32[1] = priv->hdr.uncomp_size; - } - - *flags |= LWS_FOP_FLAG_COMPR_IS_GZIP; - priv->fop_fd.flags = *flags; - priv->add_gzip_container = 1; - - return &priv->fop_fd; - } - - if (priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) { - - /* we must decompress it to serve it */ - - lwsl_info("decompressed zip serving\n"); - - priv->fop_fd.len = priv->hdr.uncomp_size; - - if (lws_fops_zip_reset_inflate(priv)) { - lwsl_err("inflate init failed\n"); - goto bail2; - } - - priv->decompress = 1; - - return &priv->fop_fd; - } - - /* we can't handle it ... */ - - lwsl_err("zipped file %s compressed in unknown way (%d)\n", vfs_path, - priv->hdr.method); - -bail2: - lws_vfs_file_close(&priv->zip_fop_fd); -bail1: - free(priv); - - return NULL; -} - -/* ie, we are closing the fop_fd for the file inside the gzip */ - -static int -lws_fops_zip_close(lws_fop_fd_t *fd) -{ - lws_fops_zip_t priv = fop_fd_to_priv(*fd); - - if (priv->decompress) - inflateEnd(&priv->inflate); - - lws_vfs_file_close(&priv->zip_fop_fd); /* close the gzip fop_fd */ - - free(priv); - *fd = NULL; - - return 0; -} - -static lws_fileofs_t -lws_fops_zip_seek_cur(lws_fop_fd_t fd, lws_fileofs_t offset_from_cur_pos) -{ - fd->pos += offset_from_cur_pos; - - return fd->pos; -} - -static int -lws_fops_zip_read(lws_fop_fd_t fd, lws_filepos_t *amount, uint8_t *buf, - lws_filepos_t len) -{ - lws_fops_zip_t priv = fop_fd_to_priv(fd); - lws_filepos_t ramount, rlen, cur = lws_vfs_tell(fd); - int ret; - - if (priv->decompress) { - - if (priv->exp_uncomp_pos != fd->pos) { - /* - * there has been a seek in the uncompressed fop_fd - * we have to restart the decompression and loop eating - * the decompressed data up to the seek point - */ - lwsl_info("seek in decompressed\n"); - - lws_fops_zip_reset_inflate(priv); - - while (priv->exp_uncomp_pos != fd->pos) { - rlen = len; - if (rlen > fd->pos - priv->exp_uncomp_pos) - rlen = fd->pos - priv->exp_uncomp_pos; - if (lws_fops_zip_read(fd, amount, buf, rlen)) - return LWS_FZ_ERR_SEEK_COMPRESSED; - } - *amount = 0; - } - - priv->inflate.avail_out = (unsigned int)len; - priv->inflate.next_out = buf; - -spin: - if (!priv->inflate.avail_in) { - rlen = sizeof(priv->rbuf); - if (rlen > priv->hdr.comp_size - - (cur - priv->content_start)) - rlen = priv->hdr.comp_size - - (priv->hdr.comp_size - - priv->content_start); - - if (priv->zip_fop_fd->fops->LWS_FOP_READ( - priv->zip_fop_fd, &ramount, priv->rbuf, - rlen)) - return LWS_FZ_ERR_READ_CONTENT; - - cur += ramount; - - priv->inflate.avail_in = (unsigned int)ramount; - priv->inflate.next_in = priv->rbuf; - } - - ret = inflate(&priv->inflate, Z_NO_FLUSH); - if (ret == Z_STREAM_ERROR) - return ret; - - switch (ret) { - case Z_NEED_DICT: - ret = Z_DATA_ERROR; - /* fallthru */ - case Z_DATA_ERROR: - case Z_MEM_ERROR: - - return ret; - } - - if (!priv->inflate.avail_in && priv->inflate.avail_out && - cur != priv->content_start + priv->hdr.comp_size) - goto spin; - - *amount = len - priv->inflate.avail_out; - - priv->exp_uncomp_pos += *amount; - fd->pos += *amount; - - return 0; - } - - if (priv->add_gzip_container) { - - lwsl_info("%s: gzip + container\n", __func__); - *amount = 0; - - /* place the canned header at the start */ - - if (len && fd->pos < sizeof(hd)) { - rlen = sizeof(hd) - fd->pos; - if (rlen > len) - rlen = len; - /* provide stuff from canned header */ - memcpy(buf, hd + fd->pos, (size_t)rlen); - fd->pos += rlen; - buf += rlen; - len -= rlen; - *amount += rlen; - } - - /* serve gzipped data direct from zipfile */ - - if (len && fd->pos >= sizeof(hd) && - fd->pos < priv->hdr.comp_size + sizeof(hd)) { - - rlen = priv->hdr.comp_size - (priv->zip_fop_fd->pos - - priv->content_start); - if (rlen > len) - rlen = len; - - if (rlen && - priv->zip_fop_fd->pos < (priv->hdr.comp_size + - priv->content_start)) { - if (lws_vfs_file_read(priv->zip_fop_fd, - &ramount, buf, rlen)) - return LWS_FZ_ERR_READ_CONTENT; - *amount += ramount; - fd->pos += ramount; // virtual pos - buf += ramount; - len -= ramount; - } - } - - /* place the prepared trailer at the end */ - - if (len && fd->pos >= priv->hdr.comp_size + sizeof(hd) && - fd->pos < priv->hdr.comp_size + sizeof(hd) + - sizeof(priv->u)) { - cur = fd->pos - priv->hdr.comp_size - sizeof(hd); - rlen = sizeof(priv->u) - cur; - if (rlen > len) - rlen = len; - - memcpy(buf, priv->u.trailer8 + cur, (size_t)rlen); - - *amount += rlen; - fd->pos += rlen; - } - - return 0; - } - - lwsl_info("%s: store\n", __func__); - - if (len > priv->hdr.uncomp_size - (cur - priv->content_start)) - len = priv->hdr.comp_size - (priv->hdr.comp_size - - priv->content_start); - - if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, - amount, buf, len)) - return LWS_FZ_ERR_READ_CONTENT; - - return 0; -} - -struct lws_plat_file_ops fops_zip = { - lws_fops_zip_open, - lws_fops_zip_close, - lws_fops_zip_seek_cur, - lws_fops_zip_read, - NULL, - { { ".zip/", 5 }, { ".jar/", 5 }, { ".war/", 5 } }, - NULL, -}; diff --git a/thirdparty/libwebsockets/lib/roles/http/server/lejp-conf.c b/thirdparty/libwebsockets/lib/roles/http/server/lejp-conf.c deleted file mode 100644 index 0dd701d835..0000000000 --- a/thirdparty/libwebsockets/lib/roles/http/server/lejp-conf.c +++ /dev/null @@ -1,1036 +0,0 @@ -/* - * libwebsockets web server application - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -#ifndef _WIN32 -/* this is needed for Travis CI */ -#include -#endif - -#define ESC_INSTALL_DATADIR "_lws_ddir_" - -static const char * const paths_global[] = { - "global.uid", - "global.gid", - "global.count-threads", - "global.init-ssl", - "global.server-string", - "global.plugin-dir", - "global.ws-pingpong-secs", - "global.timeout-secs", - "global.reject-service-keywords[].*", - "global.reject-service-keywords[]", - "global.default-alpn", -}; - -enum lejp_global_paths { - LEJPGP_UID, - LEJPGP_GID, - LEJPGP_COUNT_THREADS, - LWJPGP_INIT_SSL, - LEJPGP_SERVER_STRING, - LEJPGP_PLUGIN_DIR, - LWJPGP_PINGPONG_SECS, - LWJPGP_TIMEOUT_SECS, - LWJPGP_REJECT_SERVICE_KEYWORDS_NAME, - LWJPGP_REJECT_SERVICE_KEYWORDS, - LWJPGP_DEFAULT_ALPN, -}; - -static const char * const paths_vhosts[] = { - "vhosts[]", - "vhosts[].mounts[]", - "vhosts[].name", - "vhosts[].port", - "vhosts[].interface", - "vhosts[].unix-socket", - "vhosts[].sts", - "vhosts[].host-ssl-key", - "vhosts[].host-ssl-cert", - "vhosts[].host-ssl-ca", - "vhosts[].access-log", - "vhosts[].mounts[].mountpoint", - "vhosts[].mounts[].origin", - "vhosts[].mounts[].protocol", - "vhosts[].mounts[].default", - "vhosts[].mounts[].auth-mask", - "vhosts[].mounts[].cgi-timeout", - "vhosts[].mounts[].cgi-env[].*", - "vhosts[].mounts[].cache-max-age", - "vhosts[].mounts[].cache-reuse", - "vhosts[].mounts[].cache-revalidate", - "vhosts[].mounts[].basic-auth", - "vhosts[].mounts[].cache-intermediaries", - "vhosts[].mounts[].extra-mimetypes.*", - "vhosts[].mounts[].interpret.*", - "vhosts[].ws-protocols[].*.*", - "vhosts[].ws-protocols[].*", - "vhosts[].ws-protocols[]", - "vhosts[].keepalive_timeout", - "vhosts[].enable-client-ssl", - "vhosts[].ciphers", - "vhosts[].ecdh-curve", - "vhosts[].noipv6", - "vhosts[].ipv6only", - "vhosts[].ssl-option-set", - "vhosts[].ssl-option-clear", - "vhosts[].mounts[].pmo[].*", - "vhosts[].headers[].*", - "vhosts[].headers[]", - "vhosts[].client-ssl-key", - "vhosts[].client-ssl-cert", - "vhosts[].client-ssl-ca", - "vhosts[].client-ssl-ciphers", - "vhosts[].onlyraw", - "vhosts[].client-cert-required", - "vhosts[].ignore-missing-cert", - "vhosts[].error-document-404", - "vhosts[].alpn", - "vhosts[].ssl-client-option-set", - "vhosts[].ssl-client-option-clear", - "vhosts[].tls13-ciphers", - "vhosts[].client-tls13-ciphers", - "vhosts[].strict-host-check", -}; - -enum lejp_vhost_paths { - LEJPVP, - LEJPVP_MOUNTS, - LEJPVP_NAME, - LEJPVP_PORT, - LEJPVP_INTERFACE, - LEJPVP_UNIXSKT, - LEJPVP_STS, - LEJPVP_HOST_SSL_KEY, - LEJPVP_HOST_SSL_CERT, - LEJPVP_HOST_SSL_CA, - LEJPVP_ACCESS_LOG, - LEJPVP_MOUNTPOINT, - LEJPVP_ORIGIN, - LEJPVP_MOUNT_PROTOCOL, - LEJPVP_DEFAULT, - LEJPVP_DEFAULT_AUTH_MASK, - LEJPVP_CGI_TIMEOUT, - LEJPVP_CGI_ENV, - LEJPVP_MOUNT_CACHE_MAX_AGE, - LEJPVP_MOUNT_CACHE_REUSE, - LEJPVP_MOUNT_CACHE_REVALIDATE, - LEJPVP_MOUNT_BASIC_AUTH, - LEJPVP_MOUNT_CACHE_INTERMEDIARIES, - LEJPVP_MOUNT_EXTRA_MIMETYPES, - LEJPVP_MOUNT_INTERPRET, - LEJPVP_PROTOCOL_NAME_OPT, - LEJPVP_PROTOCOL_NAME, - LEJPVP_PROTOCOL, - LEJPVP_KEEPALIVE_TIMEOUT, - LEJPVP_ENABLE_CLIENT_SSL, - LEJPVP_CIPHERS, - LEJPVP_ECDH_CURVE, - LEJPVP_NOIPV6, - LEJPVP_IPV6ONLY, - LEJPVP_SSL_OPTION_SET, - LEJPVP_SSL_OPTION_CLEAR, - LEJPVP_PMO, - LEJPVP_HEADERS_NAME, - LEJPVP_HEADERS, - LEJPVP_CLIENT_SSL_KEY, - LEJPVP_CLIENT_SSL_CERT, - LEJPVP_CLIENT_SSL_CA, - LEJPVP_CLIENT_CIPHERS, - LEJPVP_FLAG_ONLYRAW, - LEJPVP_FLAG_CLIENT_CERT_REQUIRED, - LEJPVP_IGNORE_MISSING_CERT, - LEJPVP_ERROR_DOCUMENT_404, - LEJPVP_ALPN, - LEJPVP_SSL_CLIENT_OPTION_SET, - LEJPVP_SSL_CLIENT_OPTION_CLEAR, - LEJPVP_TLS13_CIPHERS, - LEJPVP_CLIENT_TLS13_CIPHERS, - LEJPVP_FLAG_STRICT_HOST_CHECK, -}; - -static const char * const parser_errs[] = { - "", - "", - "No opening '{'", - "Expected closing '}'", - "Expected '\"'", - "String underrun", - "Illegal unescaped control char", - "Illegal escape format", - "Illegal hex number", - "Expected ':'", - "Illegal value start", - "Digit required after decimal point", - "Bad number format", - "Bad exponent format", - "Unknown token", - "Too many ']'", - "Mismatched ']'", - "Expected ']'", - "JSON nesting limit exceeded", - "Nesting tracking used up", - "Number too long", - "Comma or block end expected", - "Unknown", - "Parser callback errored (see earlier error)", -}; - -#define MAX_PLUGIN_DIRS 10 - -struct jpargs { - struct lws_context_creation_info *info; - struct lws_context *context; - const struct lws_protocols *protocols; - const struct lws_extension *extensions; - char *p, *end, valid; - struct lws_http_mount *head, *last; - - struct lws_protocol_vhost_options *pvo; - struct lws_protocol_vhost_options *pvo_em; - struct lws_protocol_vhost_options *pvo_int; - struct lws_http_mount m; - const char **plugin_dirs; - int count_plugin_dirs; - - unsigned int enable_client_ssl:1; - unsigned int fresh_mount:1; - unsigned int any_vhosts:1; - unsigned int chunk:1; -}; - -static void * -lwsws_align(struct jpargs *a) -{ - if ((lws_intptr_t)(a->p) & 15) - a->p += 16 - ((lws_intptr_t)(a->p) & 15); - - a->chunk = 0; - - return a->p; -} - -static int -arg_to_bool(const char *s) -{ - static const char * const on[] = { "on", "yes", "true" }; - int n = atoi(s); - - if (n) - return 1; - - for (n = 0; n < (int)LWS_ARRAY_SIZE(on); n++) - if (!strcasecmp(s, on[n])) - return 1; - - return 0; -} - -static signed char -lejp_globals_cb(struct lejp_ctx *ctx, char reason) -{ - struct jpargs *a = (struct jpargs *)ctx->user; - struct lws_protocol_vhost_options *rej; - int n; - - /* we only match on the prepared path strings */ - if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match) - return 0; - - /* this catches, eg, vhosts[].headers[].xxx */ - if (reason == LEJPCB_VAL_STR_END && - ctx->path_match == LWJPGP_REJECT_SERVICE_KEYWORDS_NAME + 1) { - rej = lwsws_align(a); - a->p += sizeof(*rej); - - n = lejp_get_wildcard(ctx, 0, a->p, lws_ptr_diff(a->end, a->p)); - rej->next = a->info->reject_service_keywords; - a->info->reject_service_keywords = rej; - rej->name = a->p; - lwsl_notice(" adding rej %s=%s\n", a->p, ctx->buf); - a->p += n - 1; - *(a->p++) = '\0'; - rej->value = a->p; - rej->options = NULL; - goto dostring; - } - - switch (ctx->path_match - 1) { - case LEJPGP_UID: - a->info->uid = atoi(ctx->buf); - return 0; - case LEJPGP_GID: - a->info->gid = atoi(ctx->buf); - return 0; - case LEJPGP_COUNT_THREADS: - a->info->count_threads = atoi(ctx->buf); - return 0; - case LWJPGP_INIT_SSL: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; - return 0; - case LEJPGP_SERVER_STRING: - a->info->server_string = a->p; - break; - case LEJPGP_PLUGIN_DIR: - if (a->count_plugin_dirs == MAX_PLUGIN_DIRS - 1) { - lwsl_err("Too many plugin dirs\n"); - return -1; - } - a->plugin_dirs[a->count_plugin_dirs++] = a->p; - break; - - case LWJPGP_PINGPONG_SECS: - a->info->ws_ping_pong_interval = atoi(ctx->buf); - return 0; - - case LWJPGP_TIMEOUT_SECS: - a->info->timeout_secs = atoi(ctx->buf); - return 0; - - case LWJPGP_DEFAULT_ALPN: - a->info->alpn = a->p; - break; - - default: - return 0; - } - -dostring: - a->p += lws_snprintf(a->p, a->end - a->p, "%s", ctx->buf); - *(a->p)++ = '\0'; - - return 0; -} - -static signed char -lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) -{ - struct jpargs *a = (struct jpargs *)ctx->user; - struct lws_protocol_vhost_options *pvo, *mp_cgienv, *headers; - struct lws_http_mount *m; - char *p, *p1; - int n; - -#if 0 - lwsl_notice(" %d: %s (%d)\n", reason, ctx->path, ctx->path_match); - for (n = 0; n < ctx->wildcount; n++) - lwsl_notice(" %d\n", ctx->wild[n]); -#endif - - if (reason == LEJPCB_OBJECT_START && ctx->path_match == LEJPVP + 1) { - uint32_t i[4]; - const char *ss; - - /* set the defaults for this vhost */ - a->valid = 1; - a->head = NULL; - a->last = NULL; - - i[0] = a->info->count_threads; - i[1] = a->info->options & ( - LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME | - LWS_SERVER_OPTION_LIBUV | - LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT | - LWS_SERVER_OPTION_EXPLICIT_VHOSTS | - LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN | - LWS_SERVER_OPTION_LIBEVENT | - LWS_SERVER_OPTION_LIBEV - ); - ss = a->info->server_string; - i[2] = a->info->ws_ping_pong_interval; - i[3] = a->info->timeout_secs; - - memset(a->info, 0, sizeof(*a->info)); - - a->info->count_threads = i[0]; - a->info->options = i[1]; - a->info->server_string = ss; - a->info->ws_ping_pong_interval = i[2]; - a->info->timeout_secs = i[3]; - - a->info->protocols = a->protocols; - a->info->extensions = a->extensions; -#if defined(LWS_WITH_TLS) - a->info->client_ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-GCM-SHA384:" - "DHE-RSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-SHA384:" - "HIGH:!aNULL:!eNULL:!EXPORT:" - "!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:" - "!SHA1:!DHE-RSA-AES128-GCM-SHA256:" - "!DHE-RSA-AES128-SHA256:" - "!AES128-GCM-SHA256:" - "!AES128-SHA256:" - "!DHE-RSA-AES256-SHA256:" - "!AES256-GCM-SHA384:" - "!AES256-SHA256"; -#endif - a->info->ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-GCM-SHA384:" - "DHE-RSA-AES256-GCM-SHA384:" - "ECDHE-RSA-AES256-SHA384:" - "HIGH:!aNULL:!eNULL:!EXPORT:" - "!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:" - "!SHA1:!DHE-RSA-AES128-GCM-SHA256:" - "!DHE-RSA-AES128-SHA256:" - "!AES128-GCM-SHA256:" - "!AES128-SHA256:" - "!DHE-RSA-AES256-SHA256:" - "!AES256-GCM-SHA384:" - "!AES256-SHA256"; - a->info->keepalive_timeout = 5; - } - - if (reason == LEJPCB_OBJECT_START && - ctx->path_match == LEJPVP_MOUNTS + 1) { - a->fresh_mount = 1; - memset(&a->m, 0, sizeof(a->m)); - } - - /* this catches, eg, vhosts[].ws-protocols[].xxx-protocol */ - if (reason == LEJPCB_OBJECT_START && - ctx->path_match == LEJPVP_PROTOCOL_NAME + 1) { - a->pvo = lwsws_align(a); - a->p += sizeof(*a->pvo); - - n = lejp_get_wildcard(ctx, 0, a->p, lws_ptr_diff(a->end, a->p)); - /* ie, enable this protocol, no options yet */ - a->pvo->next = a->info->pvo; - a->info->pvo = a->pvo; - a->pvo->name = a->p; - lwsl_info(" adding protocol %s\n", a->p); - a->p += n; - a->pvo->value = a->p; - a->pvo->options = NULL; - goto dostring; - } - - /* this catches, eg, vhosts[].headers[].xxx */ - if ((reason == LEJPCB_VAL_STR_END || reason == LEJPCB_VAL_STR_CHUNK) && - ctx->path_match == LEJPVP_HEADERS_NAME + 1) { - - if (!a->chunk) { - headers = lwsws_align(a); - a->p += sizeof(*headers); - - n = lejp_get_wildcard(ctx, 0, a->p, - lws_ptr_diff(a->end, a->p)); - /* ie, add this header */ - headers->next = a->info->headers; - a->info->headers = headers; - headers->name = a->p; - - lwsl_notice(" adding header %s=%s\n", a->p, ctx->buf); - a->p += n - 1; - *(a->p++) = ':'; - if (a->p < a->end) - *(a->p++) = '\0'; - else - *(a->p - 1) = '\0'; - headers->value = a->p; - headers->options = NULL; - } - a->chunk = reason == LEJPCB_VAL_STR_CHUNK; - goto dostring; - } - - if (reason == LEJPCB_OBJECT_END && - (ctx->path_match == LEJPVP + 1 || !ctx->path[0]) && - a->valid) { - - struct lws_vhost *vhost; - - //lwsl_notice("%s\n", ctx->path); - if (!a->info->port && - !(a->info->options & LWS_SERVER_OPTION_UNIX_SOCK)) { - lwsl_err("Port required (eg, 443)\n"); - return 1; - } - a->valid = 0; - a->info->mounts = a->head; - - vhost = lws_create_vhost(a->context, a->info); - if (!vhost) { - lwsl_err("Failed to create vhost %s\n", - a->info->vhost_name); - return 1; - } - a->any_vhosts = 1; - -#if defined(LWS_WITH_TLS) - if (a->enable_client_ssl) { - const char *cert_filepath = - a->info->client_ssl_cert_filepath; - const char *private_key_filepath = - a->info->client_ssl_private_key_filepath; - const char *ca_filepath = - a->info->client_ssl_ca_filepath; - const char *cipher_list = - a->info->client_ssl_cipher_list; - - memset(a->info, 0, sizeof(*a->info)); - a->info->client_ssl_cert_filepath = cert_filepath; - a->info->client_ssl_private_key_filepath = - private_key_filepath; - a->info->client_ssl_ca_filepath = ca_filepath; - a->info->client_ssl_cipher_list = cipher_list; - a->info->options = LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; - lws_init_vhost_client_ssl(a->info, vhost); - } -#endif - - return 0; - } - - if (reason == LEJPCB_OBJECT_END && - ctx->path_match == LEJPVP_MOUNTS + 1) { - static const char * const mount_protocols[] = { - "http://", - "https://", - "file://", - "cgi://", - ">http://", - ">https://", - "callback://", - "gzip://", - }; - - if (!a->fresh_mount) - return 0; - - if (!a->m.mountpoint || !a->m.origin) { - lwsl_err("mountpoint and origin required\n"); - return 1; - } - lwsl_debug("adding mount %s\n", a->m.mountpoint); - m = lwsws_align(a); - memcpy(m, &a->m, sizeof(*m)); - if (a->last) - a->last->mount_next = m; - - for (n = 0; n < (int)LWS_ARRAY_SIZE(mount_protocols); n++) - if (!strncmp(a->m.origin, mount_protocols[n], - strlen(mount_protocols[n]))) { - lwsl_info("----%s\n", a->m.origin); - m->origin_protocol = n; - m->origin = a->m.origin + - strlen(mount_protocols[n]); - break; - } - - if (n == (int)LWS_ARRAY_SIZE(mount_protocols)) { - lwsl_err("unsupported protocol:// %s\n", a->m.origin); - return 1; - } - - a->p += sizeof(*m); - if (!a->head) - a->head = m; - - a->last = m; - a->fresh_mount = 0; - } - - /* we only match on the prepared path strings */ - if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match) - return 0; - - switch (ctx->path_match - 1) { - case LEJPVP_NAME: - a->info->vhost_name = a->p; - break; - case LEJPVP_PORT: - a->info->port = atoi(ctx->buf); - return 0; - case LEJPVP_INTERFACE: - a->info->iface = a->p; - break; - case LEJPVP_UNIXSKT: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_UNIX_SOCK; - else - a->info->options &= ~(LWS_SERVER_OPTION_UNIX_SOCK); - return 0; - case LEJPVP_STS: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_STS; - else - a->info->options &= ~(LWS_SERVER_OPTION_STS); - return 0; - case LEJPVP_HOST_SSL_KEY: - a->info->ssl_private_key_filepath = a->p; - break; - case LEJPVP_HOST_SSL_CERT: - a->info->ssl_cert_filepath = a->p; - break; - case LEJPVP_HOST_SSL_CA: - a->info->ssl_ca_filepath = a->p; - break; - case LEJPVP_ACCESS_LOG: - a->info->log_filepath = a->p; - break; - case LEJPVP_MOUNTPOINT: - a->m.mountpoint = a->p; - a->m.mountpoint_len = (unsigned char)strlen(ctx->buf); - break; - case LEJPVP_ORIGIN: - if (!strncmp(ctx->buf, "callback://", 11)) - a->m.protocol = a->p + 11; - - if (!a->m.origin) - a->m.origin = a->p; - break; - case LEJPVP_DEFAULT: - a->m.def = a->p; - break; - case LEJPVP_DEFAULT_AUTH_MASK: - a->m.auth_mask = atoi(ctx->buf); - return 0; - case LEJPVP_MOUNT_CACHE_MAX_AGE: - a->m.cache_max_age = atoi(ctx->buf); - return 0; - case LEJPVP_MOUNT_CACHE_REUSE: - a->m.cache_reusable = arg_to_bool(ctx->buf); - return 0; - case LEJPVP_MOUNT_CACHE_REVALIDATE: - a->m.cache_revalidate = arg_to_bool(ctx->buf); - return 0; - case LEJPVP_MOUNT_CACHE_INTERMEDIARIES: - a->m.cache_intermediaries = arg_to_bool(ctx->buf);; - return 0; - case LEJPVP_MOUNT_BASIC_AUTH: - a->m.basic_auth_login_file = a->p; - break; - case LEJPVP_CGI_TIMEOUT: - a->m.cgi_timeout = atoi(ctx->buf); - return 0; - case LEJPVP_KEEPALIVE_TIMEOUT: - a->info->keepalive_timeout = atoi(ctx->buf); - return 0; -#if defined(LWS_WITH_TLS) - case LEJPVP_CLIENT_CIPHERS: - a->info->client_ssl_cipher_list = a->p; - break; -#endif - case LEJPVP_CIPHERS: - a->info->ssl_cipher_list = a->p; - break; - case LEJPVP_TLS13_CIPHERS: - a->info->tls1_3_plus_cipher_list = a->p; - break; - case LEJPVP_CLIENT_TLS13_CIPHERS: - a->info->client_tls_1_3_plus_cipher_list = a->p; - break; - - case LEJPVP_ECDH_CURVE: - a->info->ecdh_curve = a->p; - break; - case LEJPVP_PMO: - case LEJPVP_CGI_ENV: - mp_cgienv = lwsws_align(a); - a->p += sizeof(*a->m.cgienv); - - mp_cgienv->next = a->m.cgienv; - a->m.cgienv = mp_cgienv; - - n = lejp_get_wildcard(ctx, 0, a->p, lws_ptr_diff(a->end, a->p)); - mp_cgienv->name = a->p; - a->p += n; - mp_cgienv->value = a->p; - mp_cgienv->options = NULL; - //lwsl_notice(" adding pmo / cgi-env '%s' = '%s'\n", - // mp_cgienv->name, mp_cgienv->value); - goto dostring; - - case LEJPVP_PROTOCOL_NAME_OPT: - /* this catches, eg, - * vhosts[].ws-protocols[].xxx-protocol.yyy-option - * ie, these are options attached to a protocol with { } - */ - pvo = lwsws_align(a); - a->p += sizeof(*a->pvo); - - n = lejp_get_wildcard(ctx, 1, a->p, lws_ptr_diff(a->end, a->p)); - /* ie, enable this protocol, no options yet */ - pvo->next = a->pvo->options; - a->pvo->options = pvo; - pvo->name = a->p; - a->p += n; - pvo->value = a->p; - pvo->options = NULL; - break; - - case LEJPVP_MOUNT_EXTRA_MIMETYPES: - a->pvo_em = lwsws_align(a); - a->p += sizeof(*a->pvo_em); - - n = lejp_get_wildcard(ctx, 0, a->p, lws_ptr_diff(a->end, a->p)); - /* ie, enable this protocol, no options yet */ - a->pvo_em->next = a->m.extra_mimetypes; - a->m.extra_mimetypes = a->pvo_em; - a->pvo_em->name = a->p; - lwsl_notice(" + extra-mimetypes %s -> %s\n", a->p, ctx->buf); - a->p += n; - a->pvo_em->value = a->p; - a->pvo_em->options = NULL; - break; - - case LEJPVP_MOUNT_INTERPRET: - a->pvo_int = lwsws_align(a); - a->p += sizeof(*a->pvo_int); - - n = lejp_get_wildcard(ctx, 0, a->p, lws_ptr_diff(a->end, a->p)); - /* ie, enable this protocol, no options yet */ - a->pvo_int->next = a->m.interpret; - a->m.interpret = a->pvo_int; - a->pvo_int->name = a->p; - lwsl_notice(" adding interpret %s -> %s\n", a->p, - ctx->buf); - a->p += n; - a->pvo_int->value = a->p; - a->pvo_int->options = NULL; - break; - - case LEJPVP_ENABLE_CLIENT_SSL: - a->enable_client_ssl = arg_to_bool(ctx->buf); - return 0; -#if defined(LWS_WITH_TLS) - case LEJPVP_CLIENT_SSL_KEY: - a->info->client_ssl_private_key_filepath = a->p; - break; - case LEJPVP_CLIENT_SSL_CERT: - a->info->client_ssl_cert_filepath = a->p; - break; - case LEJPVP_CLIENT_SSL_CA: - a->info->client_ssl_ca_filepath = a->p; - break; -#endif - - case LEJPVP_NOIPV6: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_DISABLE_IPV6; - else - a->info->options &= ~(LWS_SERVER_OPTION_DISABLE_IPV6); - return 0; - - case LEJPVP_FLAG_ONLYRAW: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_ONLY_RAW; - else - a->info->options &= ~(LWS_SERVER_OPTION_ONLY_RAW); - return 0; - - case LEJPVP_IPV6ONLY: - a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY; - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE; - else - a->info->options &= ~(LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE); - return 0; - - case LEJPVP_FLAG_CLIENT_CERT_REQUIRED: - if (arg_to_bool(ctx->buf)) - a->info->options |= - LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT; - return 0; - - case LEJPVP_IGNORE_MISSING_CERT: - if (arg_to_bool(ctx->buf)) - a->info->options |= LWS_SERVER_OPTION_IGNORE_MISSING_CERT; - else - a->info->options &= ~(LWS_SERVER_OPTION_IGNORE_MISSING_CERT); - - return 0; - - case LEJPVP_FLAG_STRICT_HOST_CHECK: - if (arg_to_bool(ctx->buf)) - a->info->options |= - LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK; - else - a->info->options &= - ~(LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK); - return 0; - - case LEJPVP_ERROR_DOCUMENT_404: - a->info->error_document_404 = a->p; - break; - - case LEJPVP_SSL_OPTION_SET: - a->info->ssl_options_set |= atol(ctx->buf); - return 0; - case LEJPVP_SSL_OPTION_CLEAR: - a->info->ssl_options_clear |= atol(ctx->buf); - return 0; - - case LEJPVP_SSL_CLIENT_OPTION_SET: - a->info->ssl_client_options_set |= atol(ctx->buf); - return 0; - case LEJPVP_SSL_CLIENT_OPTION_CLEAR: - a->info->ssl_client_options_clear |= atol(ctx->buf); - return 0; - - case LEJPVP_ALPN: - a->info->alpn = a->p; - break; - - default: - return 0; - } - -dostring: - p = ctx->buf; - p[LEJP_STRING_CHUNK] = '\0'; - p1 = strstr(p, ESC_INSTALL_DATADIR); - if (p1) { - n = lws_ptr_diff(p1, p); - if (n > a->end - a->p) - n = lws_ptr_diff(a->end, a->p); - lws_strncpy(a->p, p, n + 1); - a->p += n; - a->p += lws_snprintf(a->p, a->end - a->p, "%s", - LWS_INSTALL_DATADIR); - p += n + strlen(ESC_INSTALL_DATADIR); - } - - a->p += lws_snprintf(a->p, a->end - a->p, "%s", p); - if (reason == LEJPCB_VAL_STR_END) - *(a->p)++ = '\0'; - - return 0; -} - -/* - * returns 0 = OK, 1 = can't open, 2 = parsing error - */ - -static int -lwsws_get_config(void *user, const char *f, const char * const *paths, - int count_paths, lejp_callback cb) -{ - unsigned char buf[128]; - struct lejp_ctx ctx; - int n, m, fd; - - fd = lws_open(f, O_RDONLY); - if (fd < 0) { - lwsl_err("Cannot open %s\n", f); - return 2; - } - lwsl_info("%s: %s\n", __func__, f); - lejp_construct(&ctx, cb, user, paths, count_paths); - - do { - n = read(fd, buf, sizeof(buf)); - if (!n) - break; - - m = (int)(signed char)lejp_parse(&ctx, buf, n); - } while (m == LEJP_CONTINUE); - - close(fd); - n = ctx.line; - lejp_destruct(&ctx); - - if (m < 0) { - lwsl_err("%s(%u): parsing error %d: %s\n", f, n, m, - parser_errs[-m]); - return 2; - } - - return 0; -} - -#if defined(LWS_WITH_LIBUV) && UV_VERSION_MAJOR > 0 - -static int -lwsws_get_config_d(void *user, const char *d, const char * const *paths, - int count_paths, lejp_callback cb) -{ - uv_dirent_t dent; - uv_fs_t req; - char path[256]; - int ret = 0, ir; - uv_loop_t loop; - - ir = uv_loop_init(&loop); - if (ir) { - lwsl_err("%s: loop init failed %d\n", __func__, ir); - } - - if (!uv_fs_scandir(&loop, &req, d, 0, NULL)) { - lwsl_err("Scandir on %s failed\n", d); - return 2; - } - - while (uv_fs_scandir_next(&req, &dent) != UV_EOF) { - lws_snprintf(path, sizeof(path) - 1, "%s/%s", d, dent.name); - ret = lwsws_get_config(user, path, paths, count_paths, cb); - if (ret) - goto bail; - } - -bail: - uv_fs_req_cleanup(&req); - while (uv_loop_close(&loop)) - ; - - return ret; -} - -#else - -#ifndef _WIN32 -static int filter(const struct dirent *ent) -{ - if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, "..")) - return 0; - - return 1; -} -#endif - -static int -lwsws_get_config_d(void *user, const char *d, const char * const *paths, - int count_paths, lejp_callback cb) -{ -#if !defined(_WIN32) && !defined(LWS_WITH_ESP32) - struct dirent **namelist; - char path[256]; - int n, i, ret = 0; - - n = scandir(d, &namelist, filter, alphasort); - if (n < 0) { - lwsl_err("Scandir on %s failed\n", d); - return 1; - } - - for (i = 0; i < n; i++) { - if (strchr(namelist[i]->d_name, '~')) - goto skip; - lws_snprintf(path, sizeof(path) - 1, "%s/%s", d, - namelist[i]->d_name); - ret = lwsws_get_config(user, path, paths, count_paths, cb); - if (ret) { - while (i++ < n) - free(namelist[i]); - goto bail; - } -skip: - free(namelist[i]); - } - -bail: - free(namelist); - - return ret; -#else - return 0; -#endif -} - -#endif - -int -lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, - char **cs, int *len) -{ - struct jpargs a; - const char * const *old = info->plugin_dirs; - char dd[128]; - - memset(&a, 0, sizeof(a)); - - a.info = info; - a.p = *cs; - a.end = (a.p + *len) - 1; - a.valid = 0; - - lwsws_align(&a); - info->plugin_dirs = (void *)a.p; - a.plugin_dirs = (void *)a.p; /* writeable version */ - a.p += MAX_PLUGIN_DIRS * sizeof(void *); - - /* copy any default paths */ - - while (old && *old) { - a.plugin_dirs[a.count_plugin_dirs++] = *old; - old++; - } - - lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d); - if (lwsws_get_config(&a, dd, paths_global, - LWS_ARRAY_SIZE(paths_global), lejp_globals_cb) > 1) - return 1; - lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d); - if (lwsws_get_config_d(&a, dd, paths_global, - LWS_ARRAY_SIZE(paths_global), - lejp_globals_cb) > 1) - return 1; - - a.plugin_dirs[a.count_plugin_dirs] = NULL; - - *cs = a.p; - *len = lws_ptr_diff(a.end, a.p); - - return 0; -} - -int -lwsws_get_config_vhosts(struct lws_context *context, - struct lws_context_creation_info *info, const char *d, - char **cs, int *len) -{ - struct jpargs a; - char dd[128]; - - memset(&a, 0, sizeof(a)); - - a.info = info; - a.p = *cs; - a.end = a.p + *len; - a.valid = 0; - a.context = context; - a.protocols = info->protocols; - a.extensions = info->extensions; - - lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d); - if (lwsws_get_config(&a, dd, paths_vhosts, - LWS_ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1) - return 1; - lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d); - if (lwsws_get_config_d(&a, dd, paths_vhosts, - LWS_ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1) - return 1; - - *cs = a.p; - *len = lws_ptr_diff(a.end, a.p); - - if (!a.any_vhosts) { - lwsl_err("Need at least one vhost\n"); - return 1; - } - -// lws_finalize_startup(context); - - return 0; -} diff --git a/thirdparty/libwebsockets/lib/roles/http/server/parsers.c b/thirdparty/libwebsockets/lib/roles/http/server/parsers.c deleted file mode 100644 index 641e9b8dac..0000000000 --- a/thirdparty/libwebsockets/lib/roles/http/server/parsers.c +++ /dev/null @@ -1,1168 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -static const unsigned char lextable[] = { - #include "../lextable.h" -}; - -#define FAIL_CHAR 0x08 - -static struct allocated_headers * -_lws_create_ah(struct lws_context_per_thread *pt, ah_data_idx_t data_size) -{ - struct allocated_headers *ah = lws_zalloc(sizeof(*ah), "ah struct"); - - if (!ah) - return NULL; - - ah->data = lws_malloc(data_size, "ah data"); - if (!ah->data) { - lws_free(ah); - - return NULL; - } - ah->next = pt->http.ah_list; - pt->http.ah_list = ah; - ah->data_length = data_size; - pt->http.ah_pool_length++; - - lwsl_info("%s: created ah %p (size %d): pool length %d\n", __func__, - ah, (int)data_size, pt->http.ah_pool_length); - - return ah; -} - -int -_lws_destroy_ah(struct lws_context_per_thread *pt, struct allocated_headers *ah) -{ - lws_start_foreach_llp(struct allocated_headers **, a, pt->http.ah_list) { - if ((*a) == ah) { - *a = ah->next; - pt->http.ah_pool_length--; - lwsl_info("%s: freed ah %p : pool length %d\n", - __func__, ah, pt->http.ah_pool_length); - if (ah->data) - lws_free(ah->data); - lws_free(ah); - - return 0; - } - } lws_end_foreach_llp(a, next); - - return 1; -} - -void -_lws_header_table_reset(struct allocated_headers *ah) -{ - /* init the ah to reflect no headers or data have appeared yet */ - memset(ah->frag_index, 0, sizeof(ah->frag_index)); - memset(ah->frags, 0, sizeof(ah->frags)); - ah->nfrag = 0; - ah->pos = 0; - ah->http_response = 0; - ah->parser_state = WSI_TOKEN_NAME_PART; - ah->lextable_pos = 0; -} - -// doesn't scrub the ah rxbuffer by default, parent must do if needed - -void -__lws_header_table_reset(struct lws *wsi, int autoservice) -{ - struct allocated_headers *ah = wsi->http.ah; - struct lws_context_per_thread *pt; - struct lws_pollfd *pfd; - - /* if we have the idea we're resetting 'our' ah, must be bound to one */ - assert(ah); - /* ah also concurs with ownership */ - assert(ah->wsi == wsi); - - _lws_header_table_reset(ah); - - /* since we will restart the ah, our new headers are not completed */ - wsi->hdr_parsing_completed = 0; - - /* while we hold the ah, keep a timeout on the wsi */ - __lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH, - wsi->vhost->timeout_secs_ah_idle); - - time(&ah->assigned); - - if (wsi->position_in_fds_table != LWS_NO_FDS_POS && - lws_buflist_next_segment_len(&wsi->buflist, NULL) && - autoservice) { - lwsl_debug("%s: service on readbuf ah\n", __func__); - - pt = &wsi->context->pt[(int)wsi->tsi]; - /* - * Unlike a normal connect, we have the headers already - * (or the first part of them anyway) - */ - pfd = &pt->fds[wsi->position_in_fds_table]; - pfd->revents |= LWS_POLLIN; - lwsl_err("%s: calling service\n", __func__); - lws_service_fd_tsi(wsi->context, pfd, wsi->tsi); - } -} - -void -lws_header_table_reset(struct lws *wsi, int autoservice) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - lws_pt_lock(pt, __func__); - - __lws_header_table_reset(wsi, autoservice); - - lws_pt_unlock(pt); -} - -static void -_lws_header_ensure_we_are_on_waiting_list(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - struct lws_pollargs pa; - struct lws **pwsi = &pt->http.ah_wait_list; - - while (*pwsi) { - if (*pwsi == wsi) - return; - pwsi = &(*pwsi)->http.ah_wait_list; - } - - lwsl_info("%s: wsi: %p\n", __func__, wsi); - wsi->http.ah_wait_list = pt->http.ah_wait_list; - pt->http.ah_wait_list = wsi; - pt->http.ah_wait_list_length++; - - /* we cannot accept input then */ - - _lws_change_pollfd(wsi, LWS_POLLIN, 0, &pa); -} - -static int -__lws_remove_from_ah_waiting_list(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - struct lws **pwsi =&pt->http.ah_wait_list; - - while (*pwsi) { - if (*pwsi == wsi) { - lwsl_info("%s: wsi %p\n", __func__, wsi); - /* point prev guy to our next */ - *pwsi = wsi->http.ah_wait_list; - /* we shouldn't point anywhere now */ - wsi->http.ah_wait_list = NULL; - pt->http.ah_wait_list_length--; - - return 1; - } - pwsi = &(*pwsi)->http.ah_wait_list; - } - - return 0; -} - -int LWS_WARN_UNUSED_RESULT -lws_header_table_attach(struct lws *wsi, int autoservice) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - struct lws_pollargs pa; - int n; - - lwsl_info("%s: wsi %p: ah %p (tsi %d, count = %d) in\n", __func__, - (void *)wsi, (void *)wsi->http.ah, wsi->tsi, - pt->http.ah_count_in_use); - - lws_pt_lock(pt, __func__); - - /* if we are already bound to one, just clear it down */ - if (wsi->http.ah) { - lwsl_info("%s: cleardown\n", __func__); - goto reset; - } - - n = pt->http.ah_count_in_use == context->max_http_header_pool; -#if defined(LWS_WITH_PEER_LIMITS) - if (!n) { - n = lws_peer_confirm_ah_attach_ok(context, wsi->peer); - if (n) - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1); - } -#endif - if (n) { - /* - * Pool is either all busy, or we don't want to give this - * particular guy an ah right now... - * - * Make sure we are on the waiting list, and return that we - * weren't able to provide the ah - */ - _lws_header_ensure_we_are_on_waiting_list(wsi); - - goto bail; - } - - __lws_remove_from_ah_waiting_list(wsi); - - wsi->http.ah = _lws_create_ah(pt, context->max_http_header_data); - if (!wsi->http.ah) { /* we could not create an ah */ - _lws_header_ensure_we_are_on_waiting_list(wsi); - - goto bail; - } - - wsi->http.ah->in_use = 1; - wsi->http.ah->wsi = wsi; /* mark our owner */ - pt->http.ah_count_in_use++; - -#if defined(LWS_WITH_PEER_LIMITS) && (defined(LWS_ROLE_H1) || \ - defined(LWS_ROLE_H2)) - lws_context_lock(context, "ah attach"); /* <========================= */ - if (wsi->peer) - wsi->peer->http.count_ah++; - lws_context_unlock(context); /* ====================================> */ -#endif - - _lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa); - - lwsl_info("%s: did attach wsi %p: ah %p: count %d (on exit)\n", __func__, - (void *)wsi, (void *)wsi->http.ah, pt->http.ah_count_in_use); - -reset: - __lws_header_table_reset(wsi, autoservice); - - lws_pt_unlock(pt); - -#ifndef LWS_NO_CLIENT - if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED) - if (!lws_http_client_connect_via_info2(wsi)) - /* our client connect has failed, the wsi - * has been closed - */ - return -1; -#endif - - return 0; - -bail: - lws_pt_unlock(pt); - - return 1; -} - -int __lws_header_table_detach(struct lws *wsi, int autoservice) -{ - struct lws_context *context = wsi->context; - struct allocated_headers *ah = wsi->http.ah; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - struct lws_pollargs pa; - struct lws **pwsi, **pwsi_eligible; - time_t now; - - __lws_remove_from_ah_waiting_list(wsi); - - if (!ah) - return 0; - - lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__, - (void *)wsi, (void *)ah, wsi->tsi, - pt->http.ah_count_in_use); - - /* we did have an ah attached */ - time(&now); - if (ah->assigned && now - ah->assigned > 3) { - /* - * we're detaching the ah, but it was held an - * unreasonably long time - */ - lwsl_debug("%s: wsi %p: ah held %ds, role/state 0x%x 0x%x," - "\n", __func__, wsi, (int)(now - ah->assigned), - lwsi_role(wsi), lwsi_state(wsi)); - } - - ah->assigned = 0; - - /* if we think we're detaching one, there should be one in use */ - assert(pt->http.ah_count_in_use > 0); - /* and this specific one should have been in use */ - assert(ah->in_use); - memset(&wsi->http.ah, 0, sizeof(wsi->http.ah)); - -#if defined(LWS_WITH_PEER_LIMITS) - if (ah->wsi) - lws_peer_track_ah_detach(context, wsi->peer); -#endif - ah->wsi = NULL; /* no owner */ - - pwsi = &pt->http.ah_wait_list; - - /* oh there is nobody on the waiting list... leave the ah unattached */ - if (!*pwsi) - goto nobody_usable_waiting; - - /* - * at least one wsi on the same tsi is waiting, give it to oldest guy - * who is allowed to take it (if any) - */ - lwsl_info("pt wait list %p\n", *pwsi); - wsi = NULL; - pwsi_eligible = NULL; - - while (*pwsi) { -#if defined(LWS_WITH_PEER_LIMITS) - /* are we willing to give this guy an ah? */ - if (!lws_peer_confirm_ah_attach_ok(context, (*pwsi)->peer)) -#endif - { - wsi = *pwsi; - pwsi_eligible = pwsi; - } -#if defined(LWS_WITH_PEER_LIMITS) - else - if (!(*pwsi)->http.ah_wait_list) - lws_stats_atomic_bump(context, pt, - LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1); -#endif - pwsi = &(*pwsi)->http.ah_wait_list; - } - - if (!wsi) /* everybody waiting already has too many ah... */ - goto nobody_usable_waiting; - - lwsl_info("%s: transferring ah to last eligible wsi in wait list " - "%p (wsistate 0x%x)\n", __func__, wsi, wsi->wsistate); - - wsi->http.ah = ah; - ah->wsi = wsi; /* new owner */ - - __lws_header_table_reset(wsi, autoservice); -#if defined(LWS_WITH_PEER_LIMITS) && (defined(LWS_ROLE_H1) || \ - defined(LWS_ROLE_H2)) - lws_context_lock(context, "ah detach"); /* <========================= */ - if (wsi->peer) - wsi->peer->http.count_ah++; - lws_context_unlock(context); /* ====================================> */ -#endif - - /* clients acquire the ah and then insert themselves in fds table... */ - if (wsi->position_in_fds_table != LWS_NO_FDS_POS) { - lwsl_info("%s: Enabling %p POLLIN\n", __func__, wsi); - - /* he has been stuck waiting for an ah, but now his wait is - * over, let him progress */ - - _lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa); - } - - /* point prev guy to next guy in list instead */ - *pwsi_eligible = wsi->http.ah_wait_list; - /* the guy who got one is out of the list */ - wsi->http.ah_wait_list = NULL; - pt->http.ah_wait_list_length--; - -#ifndef LWS_NO_CLIENT - if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED) { - lws_pt_unlock(pt); - - if (!lws_http_client_connect_via_info2(wsi)) { - /* our client connect has failed, the wsi - * has been closed - */ - - return -1; - } - return 0; - } -#endif - - assert(!!pt->http.ah_wait_list_length == - !!(lws_intptr_t)pt->http.ah_wait_list); -bail: - lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__, - (void *)wsi, (void *)ah, pt->tid, pt->http.ah_count_in_use); - - return 0; - -nobody_usable_waiting: - lwsl_info("%s: nobody usable waiting\n", __func__); - _lws_destroy_ah(pt, ah); - pt->http.ah_count_in_use--; - - goto bail; -} - -int lws_header_table_detach(struct lws *wsi, int autoservice) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - int n; - - lws_pt_lock(pt, __func__); - n = __lws_header_table_detach(wsi, autoservice); - lws_pt_unlock(pt); - - return n; -} - -LWS_VISIBLE int -lws_hdr_fragment_length(struct lws *wsi, enum lws_token_indexes h, int frag_idx) -{ - int n; - - if (!wsi->http.ah) - return 0; - - n = wsi->http.ah->frag_index[h]; - if (!n) - return 0; - do { - if (!frag_idx) - return wsi->http.ah->frags[n].len; - n = wsi->http.ah->frags[n].nfrag; - } while (frag_idx-- && n); - - return 0; -} - -LWS_VISIBLE int lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h) -{ - int n; - int len = 0; - - if (!wsi->http.ah) - return 0; - - n = wsi->http.ah->frag_index[h]; - if (!n) - return 0; - do { - len += wsi->http.ah->frags[n].len; - n = wsi->http.ah->frags[n].nfrag; - - if (n && h != WSI_TOKEN_HTTP_COOKIE) - ++len; - - } while (n); - - return len; -} - -LWS_VISIBLE int lws_hdr_copy_fragment(struct lws *wsi, char *dst, int len, - enum lws_token_indexes h, int frag_idx) -{ - int n = 0; - int f; - - if (!wsi->http.ah) - return -1; - - f = wsi->http.ah->frag_index[h]; - - if (!f) - return -1; - - while (n < frag_idx) { - f = wsi->http.ah->frags[f].nfrag; - if (!f) - return -1; - n++; - } - - if (wsi->http.ah->frags[f].len >= len) - return -1; - - memcpy(dst, wsi->http.ah->data + wsi->http.ah->frags[f].offset, - wsi->http.ah->frags[f].len); - dst[wsi->http.ah->frags[f].len] = '\0'; - - return wsi->http.ah->frags[f].len; -} - -LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len, - enum lws_token_indexes h) -{ - int toklen = lws_hdr_total_length(wsi, h); - int n; - int comma; - - *dst = '\0'; - if (!toklen) - return 0; - - if (toklen >= len) - return -1; - - if (!wsi->http.ah) - return -1; - - n = wsi->http.ah->frag_index[h]; - if (!n) - return 0; - - do { - comma = (wsi->http.ah->frags[n].nfrag && - h != WSI_TOKEN_HTTP_COOKIE) ? 1 : 0; - - if (wsi->http.ah->frags[n].len + comma >= len) - return -1; - strncpy(dst, &wsi->http.ah->data[wsi->http.ah->frags[n].offset], - wsi->http.ah->frags[n].len); - dst += wsi->http.ah->frags[n].len; - len -= wsi->http.ah->frags[n].len; - n = wsi->http.ah->frags[n].nfrag; - - if (comma) - *dst++ = ','; - - } while (n); - *dst = '\0'; - - return toklen; -} - -char *lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h) -{ - int n; - - if (!wsi->http.ah) - return NULL; - - n = wsi->http.ah->frag_index[h]; - if (!n) - return NULL; - - return wsi->http.ah->data + wsi->http.ah->frags[n].offset; -} - -static int LWS_WARN_UNUSED_RESULT -lws_pos_in_bounds(struct lws *wsi) -{ - if (!wsi->http.ah) - return -1; - - if (wsi->http.ah->pos < - (unsigned int)wsi->context->max_http_header_data) - return 0; - - if ((int)wsi->http.ah->pos == wsi->context->max_http_header_data) { - lwsl_err("Ran out of header data space\n"); - return 1; - } - - /* - * with these tests everywhere, it should never be able to exceed - * the limit, only meet it - */ - lwsl_err("%s: pos %d, limit %d\n", __func__, wsi->http.ah->pos, - wsi->context->max_http_header_data); - assert(0); - - return 1; -} - -int LWS_WARN_UNUSED_RESULT -lws_hdr_simple_create(struct lws *wsi, enum lws_token_indexes h, const char *s) -{ - wsi->http.ah->nfrag++; - if (wsi->http.ah->nfrag == LWS_ARRAY_SIZE(wsi->http.ah->frags)) { - lwsl_warn("More hdr frags than we can deal with, dropping\n"); - return -1; - } - - wsi->http.ah->frag_index[h] = wsi->http.ah->nfrag; - - wsi->http.ah->frags[wsi->http.ah->nfrag].offset = wsi->http.ah->pos; - wsi->http.ah->frags[wsi->http.ah->nfrag].len = 0; - wsi->http.ah->frags[wsi->http.ah->nfrag].nfrag = 0; - - do { - if (lws_pos_in_bounds(wsi)) - return -1; - - wsi->http.ah->data[wsi->http.ah->pos++] = *s; - if (*s) - wsi->http.ah->frags[wsi->http.ah->nfrag].len++; - } while (*s++); - - return 0; -} - -static int LWS_WARN_UNUSED_RESULT -issue_char(struct lws *wsi, unsigned char c) -{ - unsigned short frag_len; - - if (lws_pos_in_bounds(wsi)) - return -1; - - frag_len = wsi->http.ah->frags[wsi->http.ah->nfrag].len; - /* - * If we haven't hit the token limit, just copy the character into - * the header - */ - if (!wsi->http.ah->current_token_limit || - frag_len < wsi->http.ah->current_token_limit) { - wsi->http.ah->data[wsi->http.ah->pos++] = c; - if (c) - wsi->http.ah->frags[wsi->http.ah->nfrag].len++; - return 0; - } - - /* Insert a null character when we *hit* the limit: */ - if (frag_len == wsi->http.ah->current_token_limit) { - if (lws_pos_in_bounds(wsi)) - return -1; - - wsi->http.ah->data[wsi->http.ah->pos++] = '\0'; - lwsl_warn("header %i exceeds limit %d\n", - wsi->http.ah->parser_state, - wsi->http.ah->current_token_limit); - } - - return 1; -} - -int -lws_parse_urldecode(struct lws *wsi, uint8_t *_c) -{ - struct allocated_headers *ah = wsi->http.ah; - unsigned int enc = 0; - uint8_t c = *_c; - - // lwsl_notice("ah->ups %d\n", ah->ups); - - /* - * PRIORITY 1 - * special URI processing... convert %xx - */ - switch (ah->ues) { - case URIES_IDLE: - if (c == '%') { - ah->ues = URIES_SEEN_PERCENT; - goto swallow; - } - break; - case URIES_SEEN_PERCENT: - if (char_to_hex(c) < 0) - /* illegal post-% char */ - goto forbid; - - ah->esc_stash = c; - ah->ues = URIES_SEEN_PERCENT_H1; - goto swallow; - - case URIES_SEEN_PERCENT_H1: - if (char_to_hex(c) < 0) - /* illegal post-% char */ - goto forbid; - - *_c = (char_to_hex(ah->esc_stash) << 4) | - char_to_hex(c); - c = *_c; - enc = 1; - ah->ues = URIES_IDLE; - break; - } - - /* - * PRIORITY 2 - * special URI processing... - * convert /.. or /... or /../ etc to / - * convert /./ to / - * convert // or /// etc to / - * leave /.dir or whatever alone - */ - - switch (ah->ups) { - case URIPS_IDLE: - if (!c) - return -1; - /* genuine delimiter */ - if ((c == '&' || c == ';') && !enc) { - if (issue_char(wsi, '\0') < 0) - return -1; - /* link to next fragment */ - ah->frags[ah->nfrag].nfrag = ah->nfrag + 1; - ah->nfrag++; - if (ah->nfrag >= LWS_ARRAY_SIZE(ah->frags)) - goto excessive; - /* start next fragment after the & */ - ah->post_literal_equal = 0; - ah->frags[ah->nfrag].offset = ++ah->pos; - ah->frags[ah->nfrag].len = 0; - ah->frags[ah->nfrag].nfrag = 0; - goto swallow; - } - /* uriencoded = in the name part, disallow */ - if (c == '=' && enc && - ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] && - !ah->post_literal_equal) { - c = '_'; - *_c =c; - } - - /* after the real =, we don't care how many = */ - if (c == '=' && !enc) - ah->post_literal_equal = 1; - - /* + to space */ - if (c == '+' && !enc) { - c = ' '; - *_c = c; - } - /* issue the first / always */ - if (c == '/' && !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS]) - ah->ups = URIPS_SEEN_SLASH; - break; - case URIPS_SEEN_SLASH: - /* swallow subsequent slashes */ - if (c == '/') - goto swallow; - /* track and swallow the first . after / */ - if (c == '.') { - ah->ups = URIPS_SEEN_SLASH_DOT; - goto swallow; - } - ah->ups = URIPS_IDLE; - break; - case URIPS_SEEN_SLASH_DOT: - /* swallow second . */ - if (c == '.') { - ah->ups = URIPS_SEEN_SLASH_DOT_DOT; - goto swallow; - } - /* change /./ to / */ - if (c == '/') { - ah->ups = URIPS_SEEN_SLASH; - goto swallow; - } - /* it was like /.dir ... regurgitate the . */ - ah->ups = URIPS_IDLE; - if (issue_char(wsi, '.') < 0) - return -1; - break; - - case URIPS_SEEN_SLASH_DOT_DOT: - - /* /../ or /..[End of URI] --> backup to last / */ - if (c == '/' || c == '?') { - /* - * back up one dir level if possible - * safe against header fragmentation because - * the method URI can only be in 1 fragment - */ - if (ah->frags[ah->nfrag].len > 2) { - ah->pos--; - ah->frags[ah->nfrag].len--; - do { - ah->pos--; - ah->frags[ah->nfrag].len--; - } while (ah->frags[ah->nfrag].len > 1 && - ah->data[ah->pos] != '/'); - } - ah->ups = URIPS_SEEN_SLASH; - if (ah->frags[ah->nfrag].len > 1) - break; - goto swallow; - } - - /* /..[^/] ... regurgitate and allow */ - - if (issue_char(wsi, '.') < 0) - return -1; - if (issue_char(wsi, '.') < 0) - return -1; - ah->ups = URIPS_IDLE; - break; - } - - if (c == '?' && !enc && - !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS]) { /* start of URI args */ - if (ah->ues != URIES_IDLE) - goto forbid; - - /* seal off uri header */ - if (issue_char(wsi, '\0') < 0) - return -1; - - /* move to using WSI_TOKEN_HTTP_URI_ARGS */ - ah->nfrag++; - if (ah->nfrag >= LWS_ARRAY_SIZE(ah->frags)) - goto excessive; - ah->frags[ah->nfrag].offset = ++ah->pos; - ah->frags[ah->nfrag].len = 0; - ah->frags[ah->nfrag].nfrag = 0; - - ah->post_literal_equal = 0; - ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] = ah->nfrag; - ah->ups = URIPS_IDLE; - goto swallow; - } - - return LPUR_CONTINUE; - -swallow: - return LPUR_SWALLOW; - -forbid: - return LPUR_FORBID; - -excessive: - return LPUR_EXCESSIVE; -} - -static const unsigned char methods[] = { - WSI_TOKEN_GET_URI, - WSI_TOKEN_POST_URI, - WSI_TOKEN_OPTIONS_URI, - WSI_TOKEN_PUT_URI, - WSI_TOKEN_PATCH_URI, - WSI_TOKEN_DELETE_URI, - WSI_TOKEN_CONNECT, - WSI_TOKEN_HEAD_URI, -}; - -/* - * possible returns:, -1 fail, 0 ok or 2, transition to raw - */ - -int LWS_WARN_UNUSED_RESULT -lws_parse(struct lws *wsi, unsigned char *buf, int *len) -{ - struct allocated_headers *ah = wsi->http.ah; - struct lws_context *context = wsi->context; - unsigned int n, m; - unsigned char c; - int r, pos; - - assert(wsi->http.ah); - - do { - (*len)--; - c = *buf++; - - switch (ah->parser_state) { - default: - - lwsl_parser("WSI_TOK_(%d) '%c'\n", ah->parser_state, c); - - /* collect into malloc'd buffers */ - /* optional initial space swallow */ - if (!ah->frags[ah->frag_index[ah->parser_state]].len && - c == ' ') - break; - - for (m = 0; m < LWS_ARRAY_SIZE(methods); m++) - if (ah->parser_state == methods[m]) - break; - if (m == LWS_ARRAY_SIZE(methods)) - /* it was not any of the methods */ - goto check_eol; - - /* special URI processing... end at space */ - - if (c == ' ') { - /* enforce starting with / */ - if (!ah->frags[ah->nfrag].len) - if (issue_char(wsi, '/') < 0) - return -1; - - if (ah->ups == URIPS_SEEN_SLASH_DOT_DOT) { - /* - * back up one dir level if possible - * safe against header fragmentation - * because the method URI can only be - * in 1 fragment - */ - if (ah->frags[ah->nfrag].len > 2) { - ah->pos--; - ah->frags[ah->nfrag].len--; - do { - ah->pos--; - ah->frags[ah->nfrag].len--; - } while (ah->frags[ah->nfrag].len > 1 && - ah->data[ah->pos] != '/'); - } - } - - /* begin parsing HTTP version: */ - if (issue_char(wsi, '\0') < 0) - return -1; - ah->parser_state = WSI_TOKEN_HTTP; - goto start_fragment; - } - - r = lws_parse_urldecode(wsi, &c); - switch (r) { - case LPUR_CONTINUE: - break; - case LPUR_SWALLOW: - goto swallow; - case LPUR_FORBID: - goto forbid; - case LPUR_EXCESSIVE: - goto excessive; - default: - return -1; - } -check_eol: - /* bail at EOL */ - if (ah->parser_state != WSI_TOKEN_CHALLENGE && - c == '\x0d') { - if (ah->ues != URIES_IDLE) - goto forbid; - - c = '\0'; - ah->parser_state = WSI_TOKEN_SKIPPING_SAW_CR; - lwsl_parser("*\n"); - } - - n = issue_char(wsi, c); - if ((int)n < 0) - return -1; - if (n > 0) - ah->parser_state = WSI_TOKEN_SKIPPING; - -swallow: - /* per-protocol end of headers management */ - - if (ah->parser_state == WSI_TOKEN_CHALLENGE) - goto set_parsing_complete; - break; - - /* collecting and checking a name part */ - case WSI_TOKEN_NAME_PART: - lwsl_parser("WSI_TOKEN_NAME_PART '%c' 0x%02X (role=0x%x) " - "wsi->lextable_pos=%d\n", c, c, lwsi_role(wsi), - ah->lextable_pos); - - if (c >= 'A' && c <= 'Z') - c += 'a' - 'A'; - - pos = ah->lextable_pos; - - while (1) { - if (lextable[pos] & (1 << 7)) { - /* 1-byte, fail on mismatch */ - if ((lextable[pos] & 0x7f) != c) { -nope: - ah->lextable_pos = -1; - break; - } - /* fall thru */ - pos++; - if (lextable[pos] == FAIL_CHAR) - goto nope; - - ah->lextable_pos = pos; - break; - } - - if (lextable[pos] == FAIL_CHAR) - goto nope; - - /* b7 = 0, end or 3-byte */ - if (lextable[pos] < FAIL_CHAR) { /* term mark */ - ah->lextable_pos = pos; - break; - } - - if (lextable[pos] == c) { /* goto */ - ah->lextable_pos = pos + - (lextable[pos + 1]) + - (lextable[pos + 2] << 8); - break; - } - - /* fall thru goto */ - pos += 3; - /* continue */ - } - - /* - * If it's h1, server needs to look out for unknown - * methods... - */ - if (ah->lextable_pos < 0 && lwsi_role_h1(wsi) && - lwsi_role_server(wsi)) { - /* this is not a header we know about */ - for (m = 0; m < LWS_ARRAY_SIZE(methods); m++) - if (ah->frag_index[methods[m]]) { - /* - * already had the method, no idea what - * this crap from the client is, ignore - */ - ah->parser_state = WSI_TOKEN_SKIPPING; - break; - } - /* - * hm it's an unknown http method from a client in fact, - * it cannot be valid http - */ - if (m == LWS_ARRAY_SIZE(methods)) { - /* - * are we set up to accept raw in these cases? - */ - if (lws_check_opt(wsi->vhost->options, - LWS_SERVER_OPTION_FALLBACK_TO_RAW)) - return 2; /* transition to raw */ - - lwsl_info("Unknown method - dropping\n"); - goto forbid; - } - break; - } - /* - * ...otherwise for a client, let him ignore unknown headers - * coming from the server - */ - if (ah->lextable_pos < 0) { - ah->parser_state = WSI_TOKEN_SKIPPING; - break; - } - - if (lextable[ah->lextable_pos] < FAIL_CHAR) { - /* terminal state */ - - n = ((unsigned int)lextable[ah->lextable_pos] << 8) | - lextable[ah->lextable_pos + 1]; - - lwsl_parser("known hdr %d\n", n); - for (m = 0; m < LWS_ARRAY_SIZE(methods); m++) - if (n == methods[m] && - ah->frag_index[methods[m]]) { - lwsl_warn("Duplicated method\n"); - return -1; - } - - /* - * WSORIGIN is protocol equiv to ORIGIN, - * JWebSocket likes to send it, map to ORIGIN - */ - if (n == WSI_TOKEN_SWORIGIN) - n = WSI_TOKEN_ORIGIN; - - ah->parser_state = (enum lws_token_indexes) - (WSI_TOKEN_GET_URI + n); - ah->ups = URIPS_IDLE; - - if (context->token_limits) - ah->current_token_limit = context-> - token_limits->token_limit[ - ah->parser_state]; - else - ah->current_token_limit = - wsi->context->max_http_header_data; - - if (ah->parser_state == WSI_TOKEN_CHALLENGE) - goto set_parsing_complete; - - goto start_fragment; - } - break; - -start_fragment: - ah->nfrag++; -excessive: - if (ah->nfrag == LWS_ARRAY_SIZE(ah->frags)) { - lwsl_warn("More hdr frags than we can deal with\n"); - return -1; - } - - ah->frags[ah->nfrag].offset = ah->pos; - ah->frags[ah->nfrag].len = 0; - ah->frags[ah->nfrag].nfrag = 0; - ah->frags[ah->nfrag].flags = 2; - - n = ah->frag_index[ah->parser_state]; - if (!n) { /* first fragment */ - ah->frag_index[ah->parser_state] = ah->nfrag; - ah->hdr_token_idx = ah->parser_state; - break; - } - /* continuation */ - while (ah->frags[n].nfrag) - n = ah->frags[n].nfrag; - ah->frags[n].nfrag = ah->nfrag; - - if (issue_char(wsi, ' ') < 0) - return -1; - break; - - /* skipping arg part of a name we didn't recognize */ - case WSI_TOKEN_SKIPPING: - lwsl_parser("WSI_TOKEN_SKIPPING '%c'\n", c); - - if (c == '\x0d') - ah->parser_state = WSI_TOKEN_SKIPPING_SAW_CR; - break; - - case WSI_TOKEN_SKIPPING_SAW_CR: - lwsl_parser("WSI_TOKEN_SKIPPING_SAW_CR '%c'\n", c); - if (ah->ues != URIES_IDLE) - goto forbid; - if (c == '\x0a') { - ah->parser_state = WSI_TOKEN_NAME_PART; - ah->lextable_pos = 0; - } else - ah->parser_state = WSI_TOKEN_SKIPPING; - break; - /* we're done, ignore anything else */ - - case WSI_PARSING_COMPLETE: - lwsl_parser("WSI_PARSING_COMPLETE '%c'\n", c); - break; - } - - } while (*len); - - return 0; - -set_parsing_complete: - if (ah->ues != URIES_IDLE) - goto forbid; - - if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) { - if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION)) - wsi->rx_frame_type = /* temp for ws version index */ - atoi(lws_hdr_simple_ptr(wsi, WSI_TOKEN_VERSION)); - - lwsl_parser("v%02d hdrs done\n", wsi->rx_frame_type); - } - ah->parser_state = WSI_PARSING_COMPLETE; - wsi->hdr_parsing_completed = 1; - - return 0; - -forbid: - lwsl_notice(" forbidding on uri sanitation\n"); - lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL); - - return -1; -} - diff --git a/thirdparty/libwebsockets/lib/roles/http/server/server.c b/thirdparty/libwebsockets/lib/roles/http/server/server.c deleted file mode 100644 index 729315602c..0000000000 --- a/thirdparty/libwebsockets/lib/roles/http/server/server.c +++ /dev/null @@ -1,2743 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -const char * const method_names[] = { - "GET", "POST", "OPTIONS", "PUT", "PATCH", "DELETE", "CONNECT", "HEAD", -#ifdef LWS_WITH_HTTP2 - ":path", -#endif - }; - -static const char * const intermediates[] = { "private", "public" }; - -/* - * return 0: all done - * 1: nonfatal error - * <0: fatal error - * - * REQUIRES CONTEXT LOCK HELD - */ - -int -_lws_vhost_init_server(const struct lws_context_creation_info *info, - struct lws_vhost *vhost) -{ - int n, opt = 1, limit = 1; - lws_sockfd_type sockfd; - struct lws_vhost *vh; - struct lws *wsi; - int m = 0, is; - - (void)method_names; - (void)opt; - - if (info) { - vhost->iface = info->iface; - vhost->listen_port = info->port; - } - - /* set up our external listening socket we serve on */ - - if (vhost->listen_port == CONTEXT_PORT_NO_LISTEN || - vhost->listen_port == CONTEXT_PORT_NO_LISTEN_SERVER) - return 0; - - vh = vhost->context->vhost_list; - while (vh) { - if (vh->listen_port == vhost->listen_port) { - if (((!vhost->iface && !vh->iface) || - (vhost->iface && vh->iface && - !strcmp(vhost->iface, vh->iface))) && - vh->lserv_wsi - ) { - lwsl_notice(" using listen skt from vhost %s\n", - vh->name); - return 0; - } - } - vh = vh->vhost_next; - } - - if (vhost->iface) { - /* - * let's check before we do anything else about the disposition - * of the interface he wants to bind to... - */ - is = lws_socket_bind(vhost, LWS_SOCK_INVALID, vhost->listen_port, - vhost->iface); - lwsl_debug("initial if check says %d\n", is); - - if (is == LWS_ITOSA_BUSY) - /* treat as fatal */ - return -1; - -deal: - - lws_start_foreach_llp(struct lws_vhost **, pv, - vhost->context->no_listener_vhost_list) { - if (is >= LWS_ITOSA_USABLE && *pv == vhost) { - /* on the list and shouldn't be: remove it */ - lwsl_debug("deferred iface: removing vh %s\n", - (*pv)->name); - *pv = vhost->no_listener_vhost_list; - vhost->no_listener_vhost_list = NULL; - goto done_list; - } - if (is < LWS_ITOSA_USABLE && *pv == vhost) - goto done_list; - } lws_end_foreach_llp(pv, no_listener_vhost_list); - - /* not on the list... */ - - if (is < LWS_ITOSA_USABLE) { - - /* ... but needs to be: so add it */ - - lwsl_debug("deferred iface: adding vh %s\n", vhost->name); - vhost->no_listener_vhost_list = - vhost->context->no_listener_vhost_list; - vhost->context->no_listener_vhost_list = vhost; - } - -done_list: - - switch (is) { - default: - break; - case LWS_ITOSA_NOT_EXIST: - /* can't add it */ - if (info) /* first time */ - lwsl_err("VH %s: iface %s port %d DOESN'T EXIST\n", - vhost->name, vhost->iface, vhost->listen_port); - return 1; - case LWS_ITOSA_NOT_USABLE: - /* can't add it */ - if (info) /* first time */ - lwsl_err("VH %s: iface %s port %d NOT USABLE\n", - vhost->name, vhost->iface, vhost->listen_port); - return 1; - } - } - - (void)n; -#if defined(__linux__) -#ifdef LWS_WITH_UNIX_SOCK - /* - * A Unix domain sockets cannot be bound for several times, even if we set - * the SO_REUSE* options on. - * However, fortunately, each thread is able to independently listen when - * running on a reasonably new Linux kernel. So we can safely assume - * creating just one listening socket for a multi-threaded environment won't - * fail in most cases. - */ - if (!LWS_UNIX_SOCK_ENABLED(vhost)) -#endif - limit = vhost->context->count_threads; -#endif - - for (m = 0; m < limit; m++) { -#ifdef LWS_WITH_UNIX_SOCK - if (LWS_UNIX_SOCK_ENABLED(vhost)) - sockfd = socket(AF_UNIX, SOCK_STREAM, 0); - else -#endif -#ifdef LWS_WITH_IPV6 - if (LWS_IPV6_ENABLED(vhost)) - sockfd = socket(AF_INET6, SOCK_STREAM, 0); - else -#endif - sockfd = socket(AF_INET, SOCK_STREAM, 0); - - if (sockfd == LWS_SOCK_INVALID) { - lwsl_err("ERROR opening socket\n"); - return 1; - } -#if !defined(LWS_WITH_ESP32) -#if (defined(WIN32) || defined(_WIN32)) && defined(SO_EXCLUSIVEADDRUSE) - /* - * only accept that we are the only listener on the port - * https://msdn.microsoft.com/zh-tw/library/ - * windows/desktop/ms740621(v=vs.85).aspx - * - * for lws, to match Linux, we default to exclusive listen - */ - if (!lws_check_opt(vhost->options, - LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE)) { - if (setsockopt(sockfd, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, - (const void *)&opt, sizeof(opt)) < 0) { - lwsl_err("reuseaddr failed\n"); - compatible_close(sockfd); - return -1; - } - } else -#endif - - /* - * allow us to restart even if old sockets in TIME_WAIT - */ - if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, - (const void *)&opt, sizeof(opt)) < 0) { - lwsl_err("reuseaddr failed\n"); - compatible_close(sockfd); - return -1; - } - -#if defined(LWS_WITH_IPV6) && defined(IPV6_V6ONLY) - if (LWS_IPV6_ENABLED(vhost) && - vhost->options & LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY) { - int value = (vhost->options & - LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE) ? 1 : 0; - if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY, - (const void*)&value, sizeof(value)) < 0) { - compatible_close(sockfd); - return -1; - } - } -#endif - -#if defined(__linux__) && defined(SO_REUSEPORT) - /* keep coverity happy */ -#if LWS_MAX_SMP > 1 - n = 1; -#else - n = lws_check_opt(vhost->options, - LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE); -#endif - if (n && vhost->context->count_threads > 1) - if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEPORT, - (const void *)&opt, sizeof(opt)) < 0) { - compatible_close(sockfd); - return -1; - } -#endif -#endif - lws_plat_set_socket_options(vhost, sockfd, 0); - - is = lws_socket_bind(vhost, sockfd, vhost->listen_port, vhost->iface); - if (is == LWS_ITOSA_BUSY) { - /* treat as fatal */ - compatible_close(sockfd); - - return -1; - } - - /* - * There is a race where the network device may come up and then - * go away and fail here. So correctly handle unexpected failure - * here despite we earlier confirmed it. - */ - if (is < 0) { - lwsl_info("%s: lws_socket_bind says %d\n", __func__, is); - compatible_close(sockfd); - goto deal; - } - - wsi = lws_zalloc(sizeof(struct lws), "listen wsi"); - if (wsi == NULL) { - lwsl_err("Out of mem\n"); - goto bail; - } - -#ifdef LWS_WITH_UNIX_SOCK - if (!LWS_UNIX_SOCK_ENABLED(vhost)) -#endif - { - wsi->unix_skt = 1; - vhost->listen_port = is; - - lwsl_debug("%s: lws_socket_bind says %d\n", __func__, is); - } - - wsi->context = vhost->context; - wsi->desc.sockfd = sockfd; - lws_role_transition(wsi, 0, LRS_UNCONNECTED, &role_ops_listen); - wsi->protocol = vhost->protocols; - wsi->tsi = m; - lws_vhost_bind_wsi(vhost, wsi); - wsi->listener = 1; - - if (wsi->context->event_loop_ops->init_vhost_listen_wsi) - wsi->context->event_loop_ops->init_vhost_listen_wsi(wsi); - - if (__insert_wsi_socket_into_fds(vhost->context, wsi)) { - lwsl_notice("inserting wsi socket into fds failed\n"); - goto bail; - } - - vhost->context->count_wsi_allocated++; - vhost->lserv_wsi = wsi; - - n = listen(wsi->desc.sockfd, LWS_SOMAXCONN); - if (n < 0) { - lwsl_err("listen failed with error %d\n", LWS_ERRNO); - vhost->lserv_wsi = NULL; - vhost->context->count_wsi_allocated--; - __remove_wsi_socket_from_fds(wsi); - goto bail; - } - } /* for each thread able to independently listen */ - - if (!lws_check_opt(vhost->context->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) { -#ifdef LWS_WITH_UNIX_SOCK - if (LWS_UNIX_SOCK_ENABLED(vhost)) - lwsl_info(" Listening on \"%s\"\n", vhost->iface); - else -#endif - lwsl_info(" Listening on port %d\n", vhost->listen_port); - } - - // info->port = vhost->listen_port; - - return 0; - -bail: - compatible_close(sockfd); - - return -1; -} - -struct lws_vhost * -lws_select_vhost(struct lws_context *context, int port, const char *servername) -{ - struct lws_vhost *vhost = context->vhost_list; - const char *p; - int n, colon; - - n = (int)strlen(servername); - colon = n; - p = strchr(servername, ':'); - if (p) - colon = lws_ptr_diff(p, servername); - - /* Priotity 1: first try exact matches */ - - while (vhost) { - if (port == vhost->listen_port && - !strncmp(vhost->name, servername, colon)) { - lwsl_info("SNI: Found: %s\n", servername); - return vhost; - } - vhost = vhost->vhost_next; - } - - /* - * Priority 2: if no exact matches, try matching *.vhost-name - * unintentional matches are possible but resolve to x.com for *.x.com - * which is reasonable. If exact match exists we already chose it and - * never reach here. SSL will still fail it if the cert doesn't allow - * *.x.com. - */ - vhost = context->vhost_list; - while (vhost) { - int m = (int)strlen(vhost->name); - if (port && port == vhost->listen_port && - m <= (colon - 2) && - servername[colon - m - 1] == '.' && - !strncmp(vhost->name, servername + colon - m, m)) { - lwsl_info("SNI: Found %s on wildcard: %s\n", - servername, vhost->name); - return vhost; - } - vhost = vhost->vhost_next; - } - - /* Priority 3: match the first vhost on our port */ - - vhost = context->vhost_list; - while (vhost) { - if (port && port == vhost->listen_port) { - lwsl_info("%s: vhost match to %s based on port %d\n", - __func__, vhost->name, port); - return vhost; - } - vhost = vhost->vhost_next; - } - - /* no match */ - - return NULL; -} - -LWS_VISIBLE LWS_EXTERN const char * -lws_get_mimetype(const char *file, const struct lws_http_mount *m) -{ - const struct lws_protocol_vhost_options *pvo = NULL; - int n = (int)strlen(file); - - if (m) - pvo = m->extra_mimetypes; - - if (n < 5) - return NULL; - - if (!strcmp(&file[n - 4], ".ico")) - return "image/x-icon"; - - if (!strcmp(&file[n - 4], ".gif")) - return "image/gif"; - - if (!strcmp(&file[n - 3], ".js")) - return "text/javascript"; - - if (!strcmp(&file[n - 4], ".png")) - return "image/png"; - - if (!strcmp(&file[n - 4], ".jpg")) - return "image/jpeg"; - - if (!strcmp(&file[n - 3], ".gz")) - return "application/gzip"; - - if (!strcmp(&file[n - 4], ".JPG")) - return "image/jpeg"; - - if (!strcmp(&file[n - 5], ".html")) - return "text/html"; - - if (!strcmp(&file[n - 4], ".css")) - return "text/css"; - - if (!strcmp(&file[n - 4], ".txt")) - return "text/plain"; - - if (!strcmp(&file[n - 4], ".svg")) - return "image/svg+xml"; - - if (!strcmp(&file[n - 4], ".ttf")) - return "application/x-font-ttf"; - - if (!strcmp(&file[n - 4], ".otf")) - return "application/font-woff"; - - if (!strcmp(&file[n - 5], ".woff")) - return "application/font-woff"; - - if (!strcmp(&file[n - 4], ".xml")) - return "application/xml"; - - while (pvo) { - if (pvo->name[0] == '*') /* ie, match anything */ - return pvo->value; - - if (!strcmp(&file[n - strlen(pvo->name)], pvo->name)) - return pvo->value; - - pvo = pvo->next; - } - - return NULL; -} -static lws_fop_flags_t -lws_vfs_prepare_flags(struct lws *wsi) -{ - lws_fop_flags_t f = 0; - - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING)) - return f; - - if (strstr(lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING), - "gzip")) { - lwsl_info("client indicates GZIP is acceptable\n"); - f |= LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP; - } - - return f; -} - -static int -lws_http_serve(struct lws *wsi, char *uri, const char *origin, - const struct lws_http_mount *m) -{ - const struct lws_protocol_vhost_options *pvo = m->interpret; - struct lws_process_html_args args; - const char *mimetype; -#if !defined(_WIN32_WCE) - const struct lws_plat_file_ops *fops; - const char *vpath; - lws_fop_flags_t fflags = LWS_O_RDONLY; -#if defined(WIN32) && defined(LWS_HAVE__STAT32I64) - struct _stat32i64 st; -#else - struct stat st; -#endif - int spin = 0; -#endif - char path[256], sym[2048]; - unsigned char *p = (unsigned char *)sym + 32 + LWS_PRE, *start = p; - unsigned char *end = p + sizeof(sym) - 32 - LWS_PRE; -#if !defined(WIN32) && !defined(LWS_WITH_ESP32) - size_t len; -#endif - int n; - - wsi->handling_404 = 0; - if (!wsi->vhost) - return -1; - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - if (wsi->vhost->http.error_document_404 && - !strcmp(uri, wsi->vhost->http.error_document_404)) - wsi->handling_404 = 1; -#endif - - lws_snprintf(path, sizeof(path) - 1, "%s/%s", origin, uri); - -#if !defined(_WIN32_WCE) - - fflags |= lws_vfs_prepare_flags(wsi); - - do { - spin++; - fops = lws_vfs_select_fops(wsi->context->fops, path, &vpath); - - if (wsi->http.fop_fd) - lws_vfs_file_close(&wsi->http.fop_fd); - - wsi->http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops, - path, vpath, &fflags); - if (!wsi->http.fop_fd) { - lwsl_info("%s: Unable to open '%s': errno %d\n", - __func__, path, errno); - - return 1; - } - - /* if it can't be statted, don't try */ - if (fflags & LWS_FOP_FLAG_VIRTUAL) - break; -#if defined(LWS_WITH_ESP32) - break; -#endif -#if !defined(WIN32) - if (fstat(wsi->http.fop_fd->fd, &st)) { - lwsl_info("unable to stat %s\n", path); - goto notfound; - } -#else -#if defined(LWS_HAVE__STAT32I64) - if (_stat32i64(path, &st)) { - lwsl_info("unable to stat %s\n", path); - goto notfound; - } -#else - if (stat(path, &st)) { - lwsl_info("unable to stat %s\n", path); - goto notfound; - } -#endif -#endif - - wsi->http.fop_fd->mod_time = (uint32_t)st.st_mtime; - fflags |= LWS_FOP_FLAG_MOD_TIME_VALID; - -#if !defined(WIN32) && !defined(LWS_WITH_ESP32) - if ((S_IFMT & st.st_mode) == S_IFLNK) { - len = readlink(path, sym, sizeof(sym) - 1); - if (len) { - lwsl_err("Failed to read link %s\n", path); - goto notfound; - } - sym[len] = '\0'; - lwsl_debug("symlink %s -> %s\n", path, sym); - lws_snprintf(path, sizeof(path) - 1, "%s", sym); - } -#endif - if ((S_IFMT & st.st_mode) == S_IFDIR) { - lwsl_debug("default filename append to dir\n"); - lws_snprintf(path, sizeof(path) - 1, "%s/%s/index.html", - origin, uri); - } - - } while ((S_IFMT & st.st_mode) != S_IFREG && spin < 5); - - if (spin == 5) - lwsl_err("symlink loop %s \n", path); - - n = sprintf(sym, "%08llX%08lX", - (unsigned long long)lws_vfs_get_length(wsi->http.fop_fd), - (unsigned long)lws_vfs_get_mod_time(wsi->http.fop_fd)); - - /* disable ranges if IF_RANGE token invalid */ - - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_RANGE)) - if (strcmp(sym, lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_IF_RANGE))) - /* differs - defeat Range: */ - wsi->http.ah->frag_index[WSI_TOKEN_HTTP_RANGE] = 0; - - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_NONE_MATCH)) { - /* - * he thinks he has some version of it already, - * check if the tag matches - */ - if (!strcmp(sym, lws_hdr_simple_ptr(wsi, - WSI_TOKEN_HTTP_IF_NONE_MATCH))) { - - char cache_control[50], *cc = "no-store"; - int cclen = 8; - - lwsl_debug("%s: ETAG match %s %s\n", __func__, - uri, origin); - - /* we don't need to send the payload */ - if (lws_add_http_header_status(wsi, - HTTP_STATUS_NOT_MODIFIED, &p, end)) { - lwsl_err("%s: failed adding not modified\n", - __func__); - return -1; - } - - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_ETAG, - (unsigned char *)sym, n, &p, end)) - return -1; - - /* but we still need to send cache control... */ - - if (m->cache_max_age && m->cache_reusable) { - if (!m->cache_revalidate) { - cc = cache_control; - cclen = sprintf(cache_control, - "%s, max-age=%u", - intermediates[wsi->cache_intermediaries], - m->cache_max_age); - } else { - cc = cache_control; - cclen = sprintf(cache_control, - "must-revalidate, %s, max-age=%u", - intermediates[wsi->cache_intermediaries], - m->cache_max_age); - } - } - - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_CACHE_CONTROL, - (unsigned char *)cc, cclen, &p, end)) - return -1; - - if (lws_finalize_http_header(wsi, &p, end)) - return -1; - - n = lws_write(wsi, start, p - start, - LWS_WRITE_HTTP_HEADERS | - LWS_WRITE_H2_STREAM_END); - if (n != (p - start)) { - lwsl_err("_write returned %d from %ld\n", n, - (long)(p - start)); - return -1; - } - - lws_vfs_file_close(&wsi->http.fop_fd); - - if (lws_http_transaction_completed(wsi)) - return -1; - - return 0; - } - } - - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ETAG, - (unsigned char *)sym, n, &p, end)) - return -1; -#endif - - mimetype = lws_get_mimetype(path, m); - if (!mimetype) { - lwsl_info("unknown mimetype for %s\n", path); - if (lws_return_http_status(wsi, - HTTP_STATUS_UNSUPPORTED_MEDIA_TYPE, NULL) || - lws_http_transaction_completed(wsi)) - return -1; - - return 0; - } - if (!mimetype[0]) - lwsl_debug("sending no mimetype for %s\n", path); - - wsi->sending_chunked = 0; - - /* - * check if this is in the list of file suffixes to be interpreted by - * a protocol - */ - while (pvo) { - n = (int)strlen(path); - if (n > (int)strlen(pvo->name) && - !strcmp(&path[n - strlen(pvo->name)], pvo->name)) { - wsi->interpreting = 1; - if (!wsi->http2_substream) - wsi->sending_chunked = 1; - wsi->protocol_interpret_idx = - (char)(lws_intptr_t)pvo->value; - lwsl_info("want %s interpreted by %s\n", path, - wsi->vhost->protocols[ - (int)(lws_intptr_t)(pvo->value)].name); - wsi->protocol = &wsi->vhost->protocols[ - (int)(lws_intptr_t)(pvo->value)]; - if (lws_ensure_user_space(wsi)) - return -1; - break; - } - pvo = pvo->next; - } - - if (m->protocol) { - const struct lws_protocols *pp = lws_vhost_name_to_protocol( - wsi->vhost, m->protocol); - - if (lws_bind_protocol(wsi, pp, __func__)) - return -1; - args.p = (char *)p; - args.max_len = lws_ptr_diff(end, p); - if (pp->callback(wsi, LWS_CALLBACK_ADD_HEADERS, - wsi->user_space, &args, 0)) - return -1; - p = (unsigned char *)args.p; - } - - *p = '\0'; - n = lws_serve_http_file(wsi, path, mimetype, (char *)start, - lws_ptr_diff(p, start)); - - if (n < 0 || ((n > 0) && lws_http_transaction_completed(wsi))) - return -1; /* error or can't reuse connection: close the socket */ - - return 0; - -notfound: - - return 1; -} - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) -const struct lws_http_mount * -lws_find_mount(struct lws *wsi, const char *uri_ptr, int uri_len) -{ - const struct lws_http_mount *hm, *hit = NULL; - int best = 0; - - hm = wsi->vhost->http.mount_list; - while (hm) { - if (uri_len >= hm->mountpoint_len && - !strncmp(uri_ptr, hm->mountpoint, hm->mountpoint_len) && - (uri_ptr[hm->mountpoint_len] == '\0' || - uri_ptr[hm->mountpoint_len] == '/' || - hm->mountpoint_len == 1) - ) { - if (hm->origin_protocol == LWSMPRO_CALLBACK || - ((hm->origin_protocol == LWSMPRO_CGI || - lws_hdr_total_length(wsi, WSI_TOKEN_GET_URI) || - (wsi->http2_substream && - lws_hdr_total_length(wsi, - WSI_TOKEN_HTTP_COLON_PATH)) || - hm->protocol) && - hm->mountpoint_len > best)) { - best = hm->mountpoint_len; - hit = hm; - } - } - hm = hm->mount_next; - } - - return hit; -} -#endif - -#if !defined(LWS_WITH_ESP32) -static int -lws_find_string_in_file(const char *filename, const char *string, int stringlen) -{ - char buf[128]; - int fd, match = 0, pos = 0, n = 0, hit = 0; - - fd = lws_open(filename, O_RDONLY); - if (fd < 0) { - lwsl_err("can't open auth file: %s\n", filename); - return 0; - } - - while (1) { - if (pos == n) { - n = read(fd, buf, sizeof(buf)); - if (n <= 0) { - if (match == stringlen) - hit = 1; - break; - } - pos = 0; - } - - if (match == stringlen) { - if (buf[pos] == '\r' || buf[pos] == '\n') { - hit = 1; - break; - } - match = 0; - } - - if (buf[pos] == string[match]) - match++; - else - match = 0; - - pos++; - } - - close(fd); - - return hit; -} -#endif - -static int -lws_unauthorised_basic_auth(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - unsigned char *start = pt->serv_buf + LWS_PRE, - *p = start, *end = p + 2048; - char buf[64]; - int n; - - /* no auth... tell him it is required */ - - if (lws_add_http_header_status(wsi, HTTP_STATUS_UNAUTHORIZED, &p, end)) - return -1; - - n = lws_snprintf(buf, sizeof(buf), "Basic realm=\"lwsws\""); - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_WWW_AUTHENTICATE, - (unsigned char *)buf, n, &p, end)) - return -1; - - if (lws_finalize_http_header(wsi, &p, end)) - return -1; - - n = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS | - LWS_WRITE_H2_STREAM_END); - if (n < 0) - return -1; - - return lws_http_transaction_completed(wsi); - -} - -int lws_clean_url(char *p) -{ - if (p[0] == 'h' && p[1] == 't' && p[2] == 't' && p[3] == 'p') { - p += 4; - if (*p == 's') - p++; - if (*p == ':') { - p++; - if (*p == '/') - p++; - } - } - - while (*p) { - if (p[0] == '/' && p[1] == '/') { - char *p1 = p; - while (*p1) { - *p1 = p1[1]; - p1++; - } - continue; - } - p++; - } - - return 0; -} - -static const unsigned char methods[] = { - WSI_TOKEN_GET_URI, - WSI_TOKEN_POST_URI, - WSI_TOKEN_OPTIONS_URI, - WSI_TOKEN_PUT_URI, - WSI_TOKEN_PATCH_URI, - WSI_TOKEN_DELETE_URI, - WSI_TOKEN_CONNECT, - WSI_TOKEN_HEAD_URI, -#ifdef LWS_WITH_HTTP2 - WSI_TOKEN_HTTP_COLON_PATH, -#endif -}; - -static int -lws_http_get_uri_and_method(struct lws *wsi, char **puri_ptr, int *puri_len) -{ - int n, count = 0; - - for (n = 0; n < (int)LWS_ARRAY_SIZE(methods); n++) - if (lws_hdr_total_length(wsi, methods[n])) - count++; - if (!count) { - lwsl_warn("Missing URI in HTTP request\n"); - return -1; - } - - if (count != 1 && - !(wsi->http2_substream && - lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COLON_PATH))) { - lwsl_warn("multiple methods?\n"); - return -1; - } - - for (n = 0; n < (int)LWS_ARRAY_SIZE(methods); n++) - if (lws_hdr_total_length(wsi, methods[n])) { - *puri_ptr = lws_hdr_simple_ptr(wsi, methods[n]); - *puri_len = lws_hdr_total_length(wsi, methods[n]); - return n; - } - - return -1; -} - -static const char * const oprot[] = { - "http://", "https://" -}; - -int -lws_http_action(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - const struct lws_http_mount *hit = NULL; - enum http_version request_version; - struct lws_process_html_args args; - enum http_conn_type conn_type; - char content_length_str[32]; - char http_version_str[12]; - char *uri_ptr = NULL, *s; - int uri_len = 0, meth, m; - char http_conn_str[25]; - int http_version_len; - unsigned int n; - - meth = lws_http_get_uri_and_method(wsi, &uri_ptr, &uri_len); - if (meth < 0 || meth >= (int)LWS_ARRAY_SIZE(method_names)) - goto bail_nuke_ah; - - /* we insist on absolute paths */ - - if (!uri_ptr || uri_ptr[0] != '/') { - lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL); - - goto bail_nuke_ah; - } - - lwsl_info("Method: '%s' (%d), request for '%s'\n", method_names[meth], - meth, uri_ptr); - - if (wsi->role_ops && wsi->role_ops->check_upgrades) - switch (wsi->role_ops->check_upgrades(wsi)) { - case LWS_UPG_RET_DONE: - return 0; - case LWS_UPG_RET_CONTINUE: - break; - case LWS_UPG_RET_BAIL: - goto bail_nuke_ah; - } - - if (lws_ensure_user_space(wsi)) - goto bail_nuke_ah; - - /* HTTP header had a content length? */ - - wsi->http.rx_content_length = 0; - wsi->http.content_length_explicitly_zero = 0; - if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI) || - lws_hdr_total_length(wsi, WSI_TOKEN_PATCH_URI) || - lws_hdr_total_length(wsi, WSI_TOKEN_PUT_URI)) - wsi->http.rx_content_length = 100 * 1024 * 1024; - - if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH) && - lws_hdr_copy(wsi, content_length_str, - sizeof(content_length_str) - 1, - WSI_TOKEN_HTTP_CONTENT_LENGTH) > 0) { - wsi->http.rx_content_length = atoll(content_length_str); - if (!wsi->http.rx_content_length) { - wsi->http.content_length_explicitly_zero = 1; - lwsl_debug("%s: explicit 0 content-length\n", __func__); - } - } - - if (wsi->http2_substream) { - wsi->http.request_version = HTTP_VERSION_2; - } else { - /* http_version? Default to 1.0, override with token: */ - request_version = HTTP_VERSION_1_0; - - /* Works for single digit HTTP versions. : */ - http_version_len = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP); - if (http_version_len > 7 && - lws_hdr_copy(wsi, http_version_str, - sizeof(http_version_str) - 1, - WSI_TOKEN_HTTP) > 0 && - http_version_str[5] == '1' && http_version_str[7] == '1') - request_version = HTTP_VERSION_1_1; - - wsi->http.request_version = request_version; - - /* HTTP/1.1 defaults to "keep-alive", 1.0 to "close" */ - if (request_version == HTTP_VERSION_1_1) - conn_type = HTTP_CONNECTION_KEEP_ALIVE; - else - conn_type = HTTP_CONNECTION_CLOSE; - - /* Override default if http "Connection:" header: */ - if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECTION) && - lws_hdr_copy(wsi, http_conn_str, sizeof(http_conn_str) - 1, - WSI_TOKEN_CONNECTION) > 0) { - http_conn_str[sizeof(http_conn_str) - 1] = '\0'; - if (!strcasecmp(http_conn_str, "keep-alive")) - conn_type = HTTP_CONNECTION_KEEP_ALIVE; - else - if (!strcasecmp(http_conn_str, "close")) - conn_type = HTTP_CONNECTION_CLOSE; - } - wsi->http.conn_type = conn_type; - } - - n = wsi->protocol->callback(wsi, LWS_CALLBACK_FILTER_HTTP_CONNECTION, - wsi->user_space, uri_ptr, uri_len); - if (n) { - lwsl_info("LWS_CALLBACK_HTTP closing\n"); - - return 1; - } - /* - * if there is content supposed to be coming, - * put a timeout on it having arrived - */ - lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, - wsi->context->timeout_secs); -#ifdef LWS_WITH_TLS - if (wsi->tls.redirect_to_https) { - /* - * we accepted http:// only so we could redirect to - * https://, so issue the redirect. Create the redirection - * URI from the host: header and ignore the path part - */ - unsigned char *start = pt->serv_buf + LWS_PRE, *p = start, - *end = p + wsi->context->pt_serv_buf_size - LWS_PRE; - - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) - goto bail_nuke_ah; - - n = sprintf((char *)end, "https://%s/", - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)); - - n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY, - end, n, &p, end); - if ((int)n < 0) - goto bail_nuke_ah; - - return lws_http_transaction_completed(wsi); - } -#endif - -#ifdef LWS_WITH_ACCESS_LOG - lws_prepare_access_log_info(wsi, uri_ptr, uri_len, meth); -#endif - - /* can we serve it from the mount list? */ - - hit = lws_find_mount(wsi, uri_ptr, uri_len); - if (!hit) { - /* deferred cleanup and reset to protocols[0] */ - - lwsl_info("no hit\n"); - - if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0], - "no mount hit")) - return 1; - - lwsi_set_state(wsi, LRS_DOING_TRANSACTION); - - m = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, - wsi->user_space, uri_ptr, uri_len); - - goto after; - } - - s = uri_ptr + hit->mountpoint_len; - - /* - * if we have a mountpoint like https://xxx.com/yyy - * there is an implied / at the end for our purposes since - * we can only mount on a "directory". - * - * But if we just go with that, the browser cannot understand - * that he is actually looking down one "directory level", so - * even though we give him /yyy/abc.html he acts like the - * current directory level is /. So relative urls like "x.png" - * wrongly look outside the mountpoint. - * - * Therefore if we didn't come in on a url with an explicit - * / at the end, we must redirect to add it so the browser - * understands he is one "directory level" down. - */ - if ((hit->mountpoint_len > 1 || - (hit->origin_protocol == LWSMPRO_REDIR_HTTP || - hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) && - (*s != '/' || - (hit->origin_protocol == LWSMPRO_REDIR_HTTP || - hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) && - (hit->origin_protocol != LWSMPRO_CGI && - hit->origin_protocol != LWSMPRO_CALLBACK)) { - unsigned char *start = pt->serv_buf + LWS_PRE, *p = start, - *end = p + wsi->context->pt_serv_buf_size - - LWS_PRE - 512; - - lwsl_info("Doing 301 '%s' org %s\n", s, hit->origin); - - /* > at start indicates deal with by redirect */ - if (hit->origin_protocol == LWSMPRO_REDIR_HTTP || - hit->origin_protocol == LWSMPRO_REDIR_HTTPS) - n = lws_snprintf((char *)end, 256, "%s%s", - oprot[hit->origin_protocol & 1], - hit->origin); - else { - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { - if (!lws_hdr_total_length(wsi, - WSI_TOKEN_HTTP_COLON_AUTHORITY)) - goto bail_nuke_ah; - n = lws_snprintf((char *)end, 256, - "%s%s%s/", oprot[!!lws_is_ssl(wsi)], - lws_hdr_simple_ptr(wsi, - WSI_TOKEN_HTTP_COLON_AUTHORITY), - uri_ptr); - } else - n = lws_snprintf((char *)end, 256, - "%s%s%s/", oprot[!!lws_is_ssl(wsi)], - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST), - uri_ptr); - } - - lws_clean_url((char *)end); - n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY, - end, n, &p, end); - if ((int)n < 0) - goto bail_nuke_ah; - - return lws_http_transaction_completed(wsi); - } - - /* basic auth? */ - - if (hit->basic_auth_login_file) { - char b64[160], plain[(sizeof(b64) * 3) / 4], *pcolon; - int m, ml, fi; - - /* Did he send auth? */ - ml = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION); - if (!ml) - return lws_unauthorised_basic_auth(wsi); - - /* Disallow fragmentation monkey business */ - - fi = wsi->http.ah->frag_index[WSI_TOKEN_HTTP_AUTHORIZATION]; - if (wsi->http.ah->frags[fi].nfrag) { - lwsl_err("fragmented basic auth header not allowed\n"); - return lws_unauthorised_basic_auth(wsi); - } - - n = HTTP_STATUS_FORBIDDEN; - - m = lws_hdr_copy(wsi, b64, sizeof(b64), - WSI_TOKEN_HTTP_AUTHORIZATION); - if (m < 7) { - lwsl_err("b64 auth too long\n"); - goto transaction_result_n; - } - - b64[5] = '\0'; - if (strcasecmp(b64, "Basic")) { - lwsl_err("auth missing basic: %s\n", b64); - goto transaction_result_n; - } - - /* It'll be like Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l */ - - m = lws_b64_decode_string(b64 + 6, plain, sizeof(plain) - 1); - if (m < 0) { - lwsl_err("plain auth too long\n"); - goto transaction_result_n; - } - - plain[m] = '\0'; - pcolon = strchr(plain, ':'); - if (!pcolon) { - lwsl_err("basic auth format broken\n"); - return lws_unauthorised_basic_auth(wsi); - } - if (!lws_find_string_in_file(hit->basic_auth_login_file, - plain, m)) { - lwsl_err("basic auth lookup failed\n"); - return lws_unauthorised_basic_auth(wsi); - } - - /* - * Rewrite WSI_TOKEN_HTTP_AUTHORIZATION so it is just the - * authorized username - */ - - *pcolon = '\0'; - wsi->http.ah->frags[fi].len = lws_ptr_diff(pcolon, plain); - pcolon = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_AUTHORIZATION); - strncpy(pcolon, plain, ml - 1); - pcolon[ml - 1] = '\0'; - lwsl_info("%s: basic auth accepted for %s\n", __func__, - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_AUTHORIZATION)); - } - -#if defined(LWS_WITH_HTTP_PROXY) - /* - * The mount is a reverse proxy? - */ - - // lwsl_notice("%s: origin_protocol: %d\n", __func__, hit->origin_protocol); - - if (hit->origin_protocol == LWSMPRO_HTTPS || - hit->origin_protocol == LWSMPRO_HTTP) { - char ads[96], rpath[256], *pcolon, *pslash, unix_skt = 0; - struct lws_client_connect_info i; - struct lws *cwsi; - int n, na; - - memset(&i, 0, sizeof(i)); - i.context = lws_get_context(wsi); - - if (hit->origin[0] == '+') - unix_skt = 1; - - pcolon = strchr(hit->origin, ':'); - pslash = strchr(hit->origin, '/'); - if (!pslash) { - lwsl_err("Proxy mount origin '%s' must have /\n", - hit->origin); - return -1; - } - - if (unix_skt) { - if (!pcolon) { - lwsl_err("Proxy mount origin for unix skt must " - "have address delimited by :\n"); - - return -1; - } - n = lws_ptr_diff(pcolon, hit->origin); - pslash = pcolon; - } else { - if (pcolon > pslash) - pcolon = NULL; - - if (pcolon) - n = (int)(pcolon - hit->origin); - else - n = (int)(pslash - hit->origin); - - if (n >= (int)sizeof(ads) - 2) - n = sizeof(ads) - 2; - } - - memcpy(ads, hit->origin, n); - ads[n] = '\0'; - - i.address = ads; - i.port = 80; - if (hit->origin_protocol == LWSMPRO_HTTPS) { - i.port = 443; - i.ssl_connection = 1; - } - if (pcolon) - i.port = atoi(pcolon + 1); - - n = lws_snprintf(rpath, sizeof(rpath) - 1, "/%s/%s", - pslash + 1, uri_ptr + hit->mountpoint_len) - 2; - lws_clean_url(rpath); - na = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_URI_ARGS); - if (na) { - char *p = rpath + n; - - if (na >= (int)sizeof(rpath) - n - 2) { - lwsl_info("%s: query string %d longer " - "than we can handle\n", __func__, - na); - - return -1; - } - - *p++ = '?'; - if (lws_hdr_copy(wsi, p, - (int)(&rpath[sizeof(rpath) - 1] - p), - WSI_TOKEN_HTTP_URI_ARGS) > 0) - while (na--) { - if (*p == '\0') - *p = '&'; - p++; - } - *p = '\0'; - } - - i.path = rpath; - if (i.address[0] != '+' || - !lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)) - i.host = i.address; - else - i.host = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST); - i.origin = NULL; - i.method = "GET"; - i.alpn = "http/1.1"; - i.parent_wsi = wsi; - i.pwsi = &cwsi; - - // i.uri_replace_from = hit->origin; - // i.uri_replace_to = hit->mountpoint; - - lwsl_info("proxying to %s port %d url %s, ssl %d, " - "from %s, to %s\n", - i.address, i.port, i.path, i.ssl_connection, - i.uri_replace_from, i.uri_replace_to); - - if (!lws_client_connect_via_info(&i)) { - lwsl_err("proxy connect fail\n"); - - /* - * ... we can't do the proxy action, but we can - * cleanly return him a 503 and a description - */ - - lws_return_http_status(wsi, - HTTP_STATUS_SERVICE_UNAVAILABLE, - "

Service Temporarily Unavailable

" - "The server is temporarily unable to service " - "your request due to maintenance downtime or " - "capacity problems. Please try again later."); - - return 1; - } - - lwsl_info("%s: setting proxy clientside on %p (parent %p)\n", - __func__, cwsi, lws_get_parent(cwsi)); - cwsi->http.proxy_clientside = 1; - - return 0; - } -#endif - - /* - * A particular protocol callback is mounted here? - * - * For the duration of this http transaction, bind us to the - * associated protocol - */ - if (hit->origin_protocol == LWSMPRO_CALLBACK || hit->protocol) { - const struct lws_protocols *pp; - const char *name = hit->origin; - if (hit->protocol) - name = hit->protocol; - - pp = lws_vhost_name_to_protocol(wsi->vhost, name); - if (!pp) { - n = -1; - lwsl_err("Unable to find plugin '%s'\n", - hit->origin); - return 1; - } - - if (lws_bind_protocol(wsi, pp, "http action CALLBACK bind")) - return 1; - - args.p = uri_ptr; - args.len = uri_len; - args.max_len = hit->auth_mask; - args.final = 0; /* used to signal callback dealt with it */ - args.chunked = 0; - - n = wsi->protocol->callback(wsi, - LWS_CALLBACK_CHECK_ACCESS_RIGHTS, - wsi->user_space, &args, 0); - if (n) { - lws_return_http_status(wsi, HTTP_STATUS_UNAUTHORIZED, - NULL); - goto bail_nuke_ah; - } - if (args.final) /* callback completely handled it well */ - return 0; - - if (hit->cgienv && wsi->protocol->callback(wsi, - LWS_CALLBACK_HTTP_PMO, - wsi->user_space, (void *)hit->cgienv, 0)) - return 1; - - if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI)) { - m = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, - wsi->user_space, - uri_ptr + hit->mountpoint_len, - uri_len - hit->mountpoint_len); - goto after; - } - } - -#ifdef LWS_WITH_CGI - /* did we hit something with a cgi:// origin? */ - if (hit->origin_protocol == LWSMPRO_CGI) { - const char *cmd[] = { - NULL, /* replace with cgi path */ - NULL - }; - - lwsl_debug("%s: cgi\n", __func__); - cmd[0] = hit->origin; - - n = 5; - if (hit->cgi_timeout) - n = hit->cgi_timeout; - - n = lws_cgi(wsi, cmd, hit->mountpoint_len, n, - hit->cgienv); - if (n) { - lwsl_err("%s: cgi failed\n", __func__); - return -1; - } - - goto deal_body; - } -#endif - - n = uri_len - lws_ptr_diff(s, uri_ptr); // (int)strlen(s); - if (s[0] == '\0' || (n == 1 && s[n - 1] == '/')) - s = (char *)hit->def; - if (!s) - s = "index.html"; - - wsi->cache_secs = hit->cache_max_age; - wsi->cache_reuse = hit->cache_reusable; - wsi->cache_revalidate = hit->cache_revalidate; - wsi->cache_intermediaries = hit->cache_intermediaries; - - m = 1; - if (hit->origin_protocol == LWSMPRO_FILE) - m = lws_http_serve(wsi, s, hit->origin, hit); - - if (m > 0) { - /* - * lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL); - */ - if (hit->protocol) { - const struct lws_protocols *pp = - lws_vhost_name_to_protocol( - wsi->vhost, hit->protocol); - - lwsi_set_state(wsi, LRS_DOING_TRANSACTION); - - if (lws_bind_protocol(wsi, pp, "http_action HTTP")) - return 1; - - m = pp->callback(wsi, LWS_CALLBACK_HTTP, - wsi->user_space, - uri_ptr + hit->mountpoint_len, - uri_len - hit->mountpoint_len); - } else - m = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, - wsi->user_space, uri_ptr, uri_len); - } - -after: - if (m) { - lwsl_info("LWS_CALLBACK_HTTP closing\n"); - - return 1; - } - -#ifdef LWS_WITH_CGI -deal_body: -#endif - /* - * If we're not issuing a file, check for content_length or - * HTTP keep-alive. No keep-alive header allocation for - * ISSUING_FILE, as this uses HTTP/1.0. - * - * In any case, return 0 and let lws_read decide how to - * proceed based on state - */ - if (lwsi_state(wsi) != LRS_ISSUING_FILE) { - /* Prepare to read body if we have a content length: */ - lwsl_debug("wsi->http.rx_content_length %lld %d %d\n", - (long long)wsi->http.rx_content_length, - wsi->upgraded_to_http2, wsi->http2_substream); - - if (wsi->http.content_length_explicitly_zero && - lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI)) { - - /* - * POST with an explicit content-length of zero - * - * If we don't give the user code the empty HTTP_BODY - * callback, he may become confused to hear the - * HTTP_BODY_COMPLETION (due to, eg, instantiation of - * lws_spa never happened). - * - * HTTP_BODY_COMPLETION is responsible for sending the - * result status code and result body if any, and - * do the transaction complete processing. - */ - if (wsi->protocol->callback(wsi, - LWS_CALLBACK_HTTP_BODY, - wsi->user_space, NULL, 0)) - return 1; - if (wsi->protocol->callback(wsi, - LWS_CALLBACK_HTTP_BODY_COMPLETION, - wsi->user_space, NULL, 0)) - return 1; - - return 0; - } - - if (wsi->http.rx_content_length > 0) { - - lwsi_set_state(wsi, LRS_BODY); - lwsl_info("%s: %p: LRS_BODY state set (0x%x)\n", - __func__, wsi, wsi->wsistate); - wsi->http.rx_content_remain = - wsi->http.rx_content_length; - - /* - * At this point we have transitioned from deferred - * action to expecting BODY on the stream wsi, if it's - * in a bundle like h2. So if the stream wsi has its - * own buflist, we need to deal with that first. - */ - - while (1) { - struct lws_tokens ebuf; - int m; - - ebuf.len = (int)lws_buflist_next_segment_len( - &wsi->buflist, - (uint8_t **)&ebuf.token); - if (!ebuf.len) - break; - lwsl_notice("%s: consuming %d\n", __func__, - (int)ebuf.len); - m = lws_read_h1(wsi, (uint8_t *)ebuf.token, - ebuf.len); - if (m < 0) - return -1; - - if (lws_buflist_aware_consume(wsi, &ebuf, m, 1)) - return -1; - } - } - } - - return 0; - -bail_nuke_ah: - lws_header_table_detach(wsi, 1); - - return 1; - -transaction_result_n: - lws_return_http_status(wsi, n, NULL); - - return lws_http_transaction_completed(wsi); -} - -int -lws_confirm_host_header(struct lws *wsi) -{ - struct lws_tokenize ts; - lws_tokenize_elem e; - char buf[128]; - int port = 80; - - /* - * this vhost wants us to validate what the - * client sent against our vhost name - */ - - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { - lwsl_info("%s: missing host on upgrade\n", __func__); - - return 1; - } - -#if defined(LWS_WITH_TLS) - if (wsi->tls.ssl) - port = 443; -#endif - - lws_tokenize_init(&ts, buf, LWS_TOKENIZE_F_DOT_NONTERM /* server.com */| - LWS_TOKENIZE_F_NO_FLOATS /* 1.server.com */| - LWS_TOKENIZE_F_MINUS_NONTERM /* a-b.com */); - ts.len = lws_hdr_copy(wsi, buf, sizeof(buf) - 1, WSI_TOKEN_HOST); - if (ts.len <= 0) { - lwsl_info("%s: missing or oversize host header\n", __func__); - return 1; - } - - if (lws_tokenize(&ts) != LWS_TOKZE_TOKEN) - goto bad_format; - - if (strncmp(ts.token, wsi->vhost->name, ts.token_len)) { - buf[(ts.token - buf) + ts.token_len] = '\0'; - lwsl_info("%s: '%s' in host hdr but vhost name %s\n", - __func__, ts.token, wsi->vhost->name); - return 1; - } - - e = lws_tokenize(&ts); - if (e == LWS_TOKZE_DELIMITER && ts.token[0] == ':') { - if (lws_tokenize(&ts) != LWS_TOKZE_INTEGER) - goto bad_format; - else - port = atoi(ts.token); - } else - if (e != LWS_TOKZE_ENDED) - goto bad_format; - - if (wsi->vhost->listen_port != port) { - lwsl_info("%s: host port %d mismatches vhost port %d\n", - __func__, port, wsi->vhost->listen_port); - return 1; - } - - lwsl_debug("%s: host header OK\n", __func__); - - return 0; - -bad_format: - lwsl_info("%s: bad host header format\n", __func__); - - return 1; -} - -int -lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len) -{ - struct lws_context *context = lws_get_context(wsi); - unsigned char *obuf = *buf; -#if defined(LWS_WITH_HTTP2) - char tbuf[128], *p; -#endif - size_t olen = len; - int n = 0, m, i; - - if (len >= 10000000) { - lwsl_err("%s: assert: len %ld\n", __func__, (long)len); - assert(0); - } - - if (!wsi->http.ah) { - lwsl_err("%s: assert: NULL ah\n", __func__); - assert(0); - } - - while (len) { - if (!lwsi_role_server(wsi) || !lwsi_role_http(wsi)) { - lwsl_err("%s: bad wsi role 0x%x\n", __func__, - lwsi_role(wsi)); - goto bail_nuke_ah; - } - - i = (int)len; - m = lws_parse(wsi, *buf, &i); - lwsl_info("%s: parsed count %d\n", __func__, (int)len - i); - (*buf) += (int)len - i; - len = i; - if (m) { - if (m == 2) { - /* - * we are transitioning from http with - * an AH, to raw. Drop the ah and set - * the mode. - */ -raw_transition: - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - lws_bind_protocol(wsi, &wsi->vhost->protocols[ - wsi->vhost-> - raw_protocol_index], - __func__); - lwsl_info("transition to raw vh %s prot %d\n", - wsi->vhost->name, - wsi->vhost->raw_protocol_index); - if ((wsi->protocol->callback)(wsi, - LWS_CALLBACK_RAW_ADOPT, - wsi->user_space, NULL, 0)) - goto bail_nuke_ah; - - lws_role_transition(wsi, 0, LRS_ESTABLISHED, - &role_ops_raw_skt); - lws_header_table_detach(wsi, 1); - - if (wsi->protocol->callback(wsi, - LWS_CALLBACK_RAW_RX, - wsi->user_space, obuf, olen)) - return 1; - - return 0; - } - lwsl_info("lws_parse failed\n"); - goto bail_nuke_ah; - } - - if (wsi->http.ah->parser_state != WSI_PARSING_COMPLETE) - continue; - - lwsl_parser("%s: lws_parse sees parsing complete\n", __func__); - - /* select vhost */ - - if (wsi->vhost->listen_port && - lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { - struct lws_vhost *vhost = lws_select_vhost( - context, wsi->vhost->listen_port, - lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)); - - if (vhost) - lws_vhost_bind_wsi(vhost, wsi); - } else - lwsl_info("no host\n"); - - if (!lwsi_role_h2(wsi) || !lwsi_role_server(wsi)) { - wsi->vhost->conn_stats.h1_trans++; - if (!wsi->conn_stat_done) { - wsi->vhost->conn_stats.h1_conn++; - wsi->conn_stat_done = 1; - } - } - - /* check for unwelcome guests */ - - if (wsi->context->reject_service_keywords) { - const struct lws_protocol_vhost_options *rej = - wsi->context->reject_service_keywords; - char ua[384], *msg = NULL; - - if (lws_hdr_copy(wsi, ua, sizeof(ua) - 1, - WSI_TOKEN_HTTP_USER_AGENT) > 0) { -#ifdef LWS_WITH_ACCESS_LOG - char *uri_ptr = NULL; - int meth, uri_len; -#endif - ua[sizeof(ua) - 1] = '\0'; - while (rej) { - if (!strstr(ua, rej->name)) { - rej = rej->next; - continue; - } - - msg = strchr(rej->value, ' '); - if (msg) - msg++; - lws_return_http_status(wsi, - atoi(rej->value), msg); -#ifdef LWS_WITH_ACCESS_LOG - meth = lws_http_get_uri_and_method(wsi, - &uri_ptr, &uri_len); - if (meth >= 0) - lws_prepare_access_log_info(wsi, - uri_ptr, uri_len, meth); - - /* wsi close will do the log */ -#endif - wsi->vhost->conn_stats.rejected++; - /* - * We don't want anything from - * this rejected guy. Follow - * the close flow, not the - * transaction complete flow. - */ - goto bail_nuke_ah; - } - } - } - - - if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECT)) { - lwsl_info("Changing to RAW mode\n"); - m = 0; - goto raw_transition; - } - - lwsi_set_state(wsi, LRS_PRE_WS_SERVING_ACCEPT); - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - - if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) { - - const char *up = lws_hdr_simple_ptr(wsi, - WSI_TOKEN_UPGRADE); - - if (strcasecmp(up, "websocket") && - strcasecmp(up, "h2c")) { - lwsl_info("Unknown upgrade '%s'\n", up); - - if (lws_return_http_status(wsi, - HTTP_STATUS_FORBIDDEN, NULL) || - lws_http_transaction_completed(wsi)) - goto bail_nuke_ah; - } - - n = user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_HTTP_CONFIRM_UPGRADE, - wsi->user_space, (char *)up, 0); - - /* just hang up? */ - - if (n < 0) - goto bail_nuke_ah; - - /* callback returned headers already, do t_c? */ - - if (n > 0) { - if (lws_http_transaction_completed(wsi)) - goto bail_nuke_ah; - - /* continue on */ - - return 0; - } - - /* callback said 0, it was allowed */ - - if (wsi->vhost->options & - LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK && - lws_confirm_host_header(wsi)) - goto bail_nuke_ah; - - if (!strcasecmp(up, "websocket")) { -#if defined(LWS_ROLE_WS) - wsi->vhost->conn_stats.ws_upg++; - lwsl_info("Upgrade to ws\n"); - goto upgrade_ws; -#endif - } -#if defined(LWS_WITH_HTTP2) - if (!strcasecmp(up, "h2c")) { - wsi->vhost->conn_stats.h2_upg++; - lwsl_info("Upgrade to h2c\n"); - goto upgrade_h2c; - } -#endif - } - - /* no upgrade ack... he remained as HTTP */ - - lwsl_info("%s: %p: No upgrade\n", __func__, wsi); - - lwsi_set_state(wsi, LRS_ESTABLISHED); - wsi->http.fop_fd = NULL; - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - lws_http_compression_validate(wsi); -#endif - - lwsl_debug("%s: wsi %p: ah %p\n", __func__, (void *)wsi, - (void *)wsi->http.ah); - - n = lws_http_action(wsi); - - return n; - -#if defined(LWS_WITH_HTTP2) -upgrade_h2c: - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP2_SETTINGS)) { - lwsl_info("missing http2_settings\n"); - goto bail_nuke_ah; - } - - lwsl_info("h2c upgrade...\n"); - - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP2_SETTINGS); - /* convert the peer's HTTP-Settings */ - n = lws_b64_decode_string(p, tbuf, sizeof(tbuf)); - if (n < 0) { - lwsl_parser("HTTP2_SETTINGS too long\n"); - return 1; - } - - /* adopt the header info */ - - if (!wsi->h2.h2n) { - wsi->h2.h2n = lws_zalloc(sizeof(*wsi->h2.h2n), - "h2n"); - if (!wsi->h2.h2n) - return 1; - } - - lws_h2_init(wsi); - - /* HTTP2 union */ - - lws_h2_settings(wsi, &wsi->h2.h2n->set, (unsigned char *)tbuf, n); - - lws_hpack_dynamic_size(wsi, wsi->h2.h2n->set.s[ - H2SET_HEADER_TABLE_SIZE]); - - strcpy(tbuf, "HTTP/1.1 101 Switching Protocols\x0d\x0a" - "Connection: Upgrade\x0d\x0a" - "Upgrade: h2c\x0d\x0a\x0d\x0a"); - m = (int)strlen(tbuf); - n = lws_issue_raw(wsi, (unsigned char *)tbuf, m); - if (n != m) { - lwsl_debug("http2 switch: ERROR writing to socket\n"); - return 1; - } - - lwsi_set_state(wsi, LRS_H2_AWAIT_PREFACE); - wsi->upgraded_to_http2 = 1; - - return 0; -#endif -#if defined(LWS_ROLE_WS) -upgrade_ws: - if (lws_process_ws_upgrade(wsi)) - goto bail_nuke_ah; - - return 0; -#endif - } /* while all chars are handled */ - - return 0; - -bail_nuke_ah: - /* drop the header info */ - lws_header_table_detach(wsi, 1); - - return 1; -} - - -LWS_VISIBLE int LWS_WARN_UNUSED_RESULT -lws_http_transaction_completed(struct lws *wsi) -{ - int n = NO_PENDING_TIMEOUT; - - if (lws_has_buffered_out(wsi) -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - || wsi->http.comp_ctx.buflist_comp || - wsi->http.comp_ctx.may_have_more -#endif - ) { - /* - * ...so he tried to send something large as the http reply, - * it went as a partial, but he immediately said the - * transaction was completed. - * - * Defer the transaction completed until the last part of the - * partial is sent. - */ - lwsl_debug("%s: %p: deferring due to partial\n", __func__, wsi); - wsi->http.deferred_transaction_completed = 1; - lws_callback_on_writable(wsi); - - return 0; - } - - lwsl_info("%s: wsi %p\n", __func__, wsi); - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - lws_http_compression_destroy(wsi); -#endif - lws_access_log(wsi); - - if (!wsi->hdr_parsing_completed) { - char peer[64]; - lws_get_peer_simple(wsi, peer, sizeof(peer) - 1); - peer[sizeof(peer) - 1] = '\0'; - lwsl_notice("%s: (from %s) ignoring, ah parsing incomplete\n", - __func__, peer); - return 0; - } - - /* if we can't go back to accept new headers, drop the connection */ - if (wsi->http2_substream) - return 1; - - if (wsi->seen_zero_length_recv) - return 1; - - if (wsi->http.conn_type != HTTP_CONNECTION_KEEP_ALIVE) { - lwsl_info("%s: %p: close connection\n", __func__, wsi); - return 1; - } - - if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0], __func__)) - return 1; - - /* - * otherwise set ourselves up ready to go again, but because we have no - * idea about the wsi writability, we make put it in a holding state - * until we can verify POLLOUT. The part of this that confirms POLLOUT - * with no partials is in lws_server_socket_service() below. - */ - lwsl_debug("%s: %p: setting DEF_ACT from 0x%x\n", __func__, - wsi, wsi->wsistate); - lwsi_set_state(wsi, LRS_DEFERRING_ACTION); - wsi->http.tx_content_length = 0; - wsi->http.tx_content_remain = 0; - wsi->hdr_parsing_completed = 0; - wsi->sending_chunked = 0; -#ifdef LWS_WITH_ACCESS_LOG - wsi->http.access_log.sent = 0; -#endif - - if (wsi->vhost->keepalive_timeout) - n = PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE; - lws_set_timeout(wsi, n, wsi->vhost->keepalive_timeout); - - /* - * We already know we are on http1.1 / keepalive and the next thing - * coming will be another header set. - * - * If there is no pending rx and we still have the ah, drop it and - * reacquire a new ah when the new headers start to arrive. (Otherwise - * we needlessly hog an ah indefinitely.) - * - * However if there is pending rx and we know from the keepalive state - * that is already at least the start of another header set, simply - * reset the existing header table and keep it. - */ - if (wsi->http.ah) { - // lws_buflist_describe(&wsi->buflist, wsi); - if (!lws_buflist_next_segment_len(&wsi->buflist, NULL)) { - lwsl_debug("%s: %p: nothing in buflist, detaching ah\n", - __func__, wsi); - lws_header_table_detach(wsi, 1); -#ifdef LWS_WITH_TLS - /* - * additionally... if we are hogging an SSL instance - * with no pending pipelined headers (or ah now), and - * SSL is scarce, drop this connection without waiting - */ - - if (wsi->vhost->tls.use_ssl && - wsi->context->simultaneous_ssl_restriction && - wsi->context->simultaneous_ssl == - wsi->context->simultaneous_ssl_restriction) { - lwsl_info("%s: simultaneous_ssl_restriction\n", - __func__); - return 1; - } -#endif - } else { - lwsl_info("%s: %p: resetting/keeping ah as pipeline\n", - __func__, wsi); - lws_header_table_reset(wsi, 0); - /* - * If we kept the ah, we should restrict the amount - * of time we are willing to keep it. Otherwise it - * will be bound the whole time the connection remains - * open. - */ - lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH, - wsi->vhost->keepalive_timeout); - } - /* If we're (re)starting on headers, need other implied init */ - if (wsi->http.ah) - wsi->http.ah->ues = URIES_IDLE; - - //lwsi_set_state(wsi, LRS_ESTABLISHED); // !!! - } else - if (lws_buflist_next_segment_len(&wsi->buflist, NULL)) - if (lws_header_table_attach(wsi, 0)) - lwsl_debug("acquired ah\n"); - - lwsl_debug("%s: %p: keep-alive await new transaction (state 0x%x)\n", - __func__, wsi, wsi->wsistate); - lws_callback_on_writable(wsi); - - return 0; -} - - -LWS_VISIBLE int -lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, - const char *other_headers, int other_headers_len) -{ - struct lws_context *context = lws_get_context(wsi); - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - unsigned char *response = pt->serv_buf + LWS_PRE; -#if defined(LWS_WITH_RANGES) - struct lws_range_parsing *rp = &wsi->http.range; -#endif - int ret = 0, cclen = 8, n = HTTP_STATUS_OK; - char cache_control[50], *cc = "no-store"; - lws_fop_flags_t fflags = LWS_O_RDONLY; - const struct lws_plat_file_ops *fops; - lws_filepos_t total_content_length; - unsigned char *p = response; - unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE; - const char *vpath; -#if defined(LWS_WITH_RANGES) - int ranges; -#endif - - if (wsi->handling_404) - n = HTTP_STATUS_NOT_FOUND; - - /* - * We either call the platform fops .open with first arg platform fops, - * or we call fops_zip .open with first arg platform fops, and fops_zip - * open will decide whether to switch to fops_zip or stay with fops_def. - * - * If wsi->http.fop_fd is already set, the caller already opened it - */ - if (!wsi->http.fop_fd) { - fops = lws_vfs_select_fops(wsi->context->fops, file, &vpath); - fflags |= lws_vfs_prepare_flags(wsi); - wsi->http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops, - file, vpath, &fflags); - if (!wsi->http.fop_fd) { - lwsl_info("%s: Unable to open: '%s': errno %d\n", - __func__, file, errno); - if (lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, - NULL)) - return -1; - return !wsi->http2_substream; - } - } - wsi->http.filelen = lws_vfs_get_length(wsi->http.fop_fd); - total_content_length = wsi->http.filelen; - -#if defined(LWS_WITH_RANGES) - ranges = lws_ranges_init(wsi, rp, wsi->http.filelen); - - lwsl_debug("Range count %d\n", ranges); - /* - * no ranges -> 200; - * 1 range -> 206 + Content-Type: normal; Content-Range; - * more -> 206 + Content-Type: multipart/byteranges - * Repeat the true Content-Type in each multipart header - * along with Content-Range - */ - if (ranges < 0) { - /* it means he expressed a range in Range:, but it was illegal */ - lws_return_http_status(wsi, - HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE, NULL); - if (lws_http_transaction_completed(wsi)) - return -1; /* <0 means just hang up */ - - lws_vfs_file_close(&wsi->http.fop_fd); - - return 0; /* == 0 means we did the transaction complete */ - } - if (ranges) - n = HTTP_STATUS_PARTIAL_CONTENT; -#endif - - if (lws_add_http_header_status(wsi, n, &p, end)) - return -1; - - if ((wsi->http.fop_fd->flags & (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP | - LWS_FOP_FLAG_COMPR_IS_GZIP)) == - (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP | LWS_FOP_FLAG_COMPR_IS_GZIP)) { - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_CONTENT_ENCODING, - (unsigned char *)"gzip", 4, &p, end)) - return -1; - lwsl_info("file is being provided in gzip\n"); - } -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - else { - /* - * if we know its very compressible, and we can use - * compression, then use the most preferred compression - * method that the client said he will accept - */ - - if (!strncmp(content_type, "text/", 5) || - !strcmp(content_type, "application/javascript") || - !strcmp(content_type, "image/svg+xml")) - lws_http_compression_apply(wsi, NULL, &p, end, 0); - } -#endif - - if ( -#if defined(LWS_WITH_RANGES) - ranges < 2 && -#endif - content_type && content_type[0]) - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_CONTENT_TYPE, - (unsigned char *)content_type, - (int)strlen(content_type), - &p, end)) - return -1; - -#if defined(LWS_WITH_RANGES) - if (ranges >= 2) { /* multipart byteranges */ - lws_strncpy(wsi->http.multipart_content_type, content_type, - sizeof(wsi->http.multipart_content_type)); - - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_CONTENT_TYPE, - (unsigned char *) - "multipart/byteranges; " - "boundary=_lws", - 20, &p, end)) - return -1; - - /* - * our overall content length has to include - * - * - (n + 1) x "_lws\r\n" - * - n x Content-Type: xxx/xxx\r\n - * - n x Content-Range: bytes xxx-yyy/zzz\r\n - * - n x /r/n - * - the actual payloads (aggregated in rp->agg) - * - * Precompute it for the main response header - */ - - total_content_length = (lws_filepos_t)rp->agg + - 6 /* final _lws\r\n */; - - lws_ranges_reset(rp); - while (lws_ranges_next(rp)) { - n = lws_snprintf(cache_control, sizeof(cache_control), - "bytes %llu-%llu/%llu", - rp->start, rp->end, rp->extent); - - total_content_length += - 6 /* header _lws\r\n */ + - /* Content-Type: xxx/xxx\r\n */ - 14 + strlen(content_type) + 2 + - /* Content-Range: xxxx\r\n */ - 15 + n + 2 + - 2; /* /r/n */ - } - - lws_ranges_reset(rp); - lws_ranges_next(rp); - } - - if (ranges == 1) { - total_content_length = (lws_filepos_t)rp->agg; - n = lws_snprintf(cache_control, sizeof(cache_control), - "bytes %llu-%llu/%llu", - rp->start, rp->end, rp->extent); - - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_CONTENT_RANGE, - (unsigned char *)cache_control, - n, &p, end)) - return -1; - } - - wsi->http.range.inside = 0; - - if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ACCEPT_RANGES, - (unsigned char *)"bytes", 5, &p, end)) - return -1; -#endif - - if (!wsi->http2_substream) { - /* for http/1.1 ... */ - if (!wsi->sending_chunked -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - && !wsi->http.lcs -#endif - ) { - /* ... if not already using chunked and not using an - * http compression translation, then send the naive - * content length - */ - if (lws_add_http_header_content_length(wsi, - total_content_length, &p, end)) - return -1; - } else { - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - if (wsi->http.lcs) { - - /* ...otherwise, for http 1 it must go chunked. - * For the compression case, the reason is we - * compress on the fly and do not know the - * compressed content-length until it has all - * been sent. Http/1.1 pipelining must be able - * to know where the transaction boundaries are - * ... so chunking... - */ - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_TRANSFER_ENCODING, - (unsigned char *)"chunked", 7, - &p, end)) - return -1; - - /* - * ...this is fun, isn't it :-) For h1 that is - * using an http compression translation, the - * compressor must chunk its output privately. - * - * h2 doesn't need (or support) any of this - * crap. - */ - lwsl_debug("setting chunking\n"); - wsi->http.comp_ctx.chunking = 1; - } -#endif - } - } - - if (wsi->cache_secs && wsi->cache_reuse) { - if (!wsi->cache_revalidate) { - cc = cache_control; - cclen = sprintf(cache_control, "%s, max-age=%u", - intermediates[wsi->cache_intermediaries], - wsi->cache_secs); - } else { - cc = cache_control; - cclen = sprintf(cache_control, - "must-revalidate, %s, max-age=%u", - intermediates[wsi->cache_intermediaries], - wsi->cache_secs); - - } - } - - /* Only add cache control if its not specified by any other_headers. */ - if (!other_headers || - (!strstr(other_headers, "cache-control") && - !strstr(other_headers, "Cache-Control"))) { - if (lws_add_http_header_by_token(wsi, - WSI_TOKEN_HTTP_CACHE_CONTROL, - (unsigned char *)cc, cclen, &p, end)) - return -1; - } - - if (other_headers) { - if ((end - p) < other_headers_len) - return -1; - memcpy(p, other_headers, other_headers_len); - p += other_headers_len; - } - - if (lws_finalize_http_header(wsi, &p, end)) - return -1; - - ret = lws_write(wsi, response, p - response, LWS_WRITE_HTTP_HEADERS); - if (ret != (p - response)) { - lwsl_err("_write returned %d from %ld\n", ret, - (long)(p - response)); - return -1; - } - - wsi->http.filepos = 0; - lwsi_set_state(wsi, LRS_ISSUING_FILE); - - lws_callback_on_writable(wsi); - - return 0; -} - -LWS_VISIBLE int lws_serve_http_file_fragment(struct lws *wsi) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - struct lws_process_html_args args; - lws_filepos_t amount, poss; - unsigned char *p, *pstart; -#if defined(LWS_WITH_RANGES) - unsigned char finished = 0; -#endif - int n, m; - - lwsl_debug("wsi->http2_substream %d\n", wsi->http2_substream); - - do { - - /* priority 1: buffered output */ - - if (lws_has_buffered_out(wsi)) { - if (lws_issue_raw(wsi, NULL, 0) < 0) { - lwsl_info("%s: closing\n", __func__); - goto file_had_it; - } - break; - } - - /* priority 2: buffered pre-compression-transform */ - -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - if (wsi->http.comp_ctx.buflist_comp || - wsi->http.comp_ctx.may_have_more) { - enum lws_write_protocol wp = LWS_WRITE_HTTP; - - lwsl_info("%s: completing comp partial (buflist %p, may %d)\n", - __func__, wsi->http.comp_ctx.buflist_comp, - wsi->http.comp_ctx.may_have_more); - - if (wsi->role_ops->write_role_protocol(wsi, NULL, 0, &wp) < 0) { - lwsl_info("%s signalling to close\n", __func__); - goto file_had_it; - } - lws_callback_on_writable(wsi); - - break; - } -#endif - - if (wsi->http.filepos == wsi->http.filelen) - goto all_sent; - - n = 0; - - pstart = pt->serv_buf + LWS_H2_FRAME_HEADER_LENGTH; - - p = pstart; - -#if defined(LWS_WITH_RANGES) - if (wsi->http.range.count_ranges && !wsi->http.range.inside) { - - lwsl_notice("%s: doing range start %llu\n", __func__, - wsi->http.range.start); - - if ((long long)lws_vfs_file_seek_cur(wsi->http.fop_fd, - wsi->http.range.start - - wsi->http.filepos) < 0) - goto file_had_it; - - wsi->http.filepos = wsi->http.range.start; - - if (wsi->http.range.count_ranges > 1) { - n = lws_snprintf((char *)p, - context->pt_serv_buf_size - - LWS_H2_FRAME_HEADER_LENGTH, - "_lws\x0d\x0a" - "Content-Type: %s\x0d\x0a" - "Content-Range: bytes " - "%llu-%llu/%llu\x0d\x0a" - "\x0d\x0a", - wsi->http.multipart_content_type, - wsi->http.range.start, - wsi->http.range.end, - wsi->http.range.extent); - p += n; - } - - wsi->http.range.budget = wsi->http.range.end - - wsi->http.range.start + 1; - wsi->http.range.inside = 1; - } -#endif - - poss = context->pt_serv_buf_size - n - - LWS_H2_FRAME_HEADER_LENGTH; - - if (wsi->http.tx_content_length) - if (poss > wsi->http.tx_content_remain) - poss = wsi->http.tx_content_remain; - - /* - * if there is a hint about how much we will do well to send at - * one time, restrict ourselves to only trying to send that. - */ - if (wsi->protocol->tx_packet_size && - poss > wsi->protocol->tx_packet_size) - poss = wsi->protocol->tx_packet_size; - - if (wsi->role_ops->tx_credit) { - lws_filepos_t txc = wsi->role_ops->tx_credit(wsi); - - if (!txc) { - lwsl_info("%s: came here with no tx credit\n", - __func__); - return 0; - } - if (txc < poss) - poss = txc; - - /* - * consumption of the actual payload amount sent will be - * handled when the role data frame is sent - */ - } - -#if defined(LWS_WITH_RANGES) - if (wsi->http.range.count_ranges) { - if (wsi->http.range.count_ranges > 1) - poss -= 7; /* allow for final boundary */ - if (poss > wsi->http.range.budget) - poss = wsi->http.range.budget; - } -#endif - if (wsi->sending_chunked) { - /* we need to drop the chunk size in here */ - p += 10; - /* allow for the chunk to grow by 128 in translation */ - poss -= 10 + 128; - } - - if (lws_vfs_file_read(wsi->http.fop_fd, &amount, p, poss) < 0) - goto file_had_it; /* caller will close */ - - if (wsi->sending_chunked) - n = (int)amount; - else - n = lws_ptr_diff(p, pstart) + (int)amount; - - lwsl_debug("%s: sending %d\n", __func__, n); - - if (n) { - lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, - context->timeout_secs); - - if (wsi->interpreting) { - args.p = (char *)p; - args.len = n; - args.max_len = (unsigned int)poss + 128; - args.final = wsi->http.filepos + n == - wsi->http.filelen; - args.chunked = wsi->sending_chunked; - if (user_callback_handle_rxflow( - wsi->vhost->protocols[ - (int)wsi->protocol_interpret_idx].callback, - wsi, LWS_CALLBACK_PROCESS_HTML, - wsi->user_space, &args, 0) < 0) - goto file_had_it; - n = args.len; - p = (unsigned char *)args.p; - } else - p = pstart; - -#if defined(LWS_WITH_RANGES) - if (wsi->http.range.send_ctr + 1 == - wsi->http.range.count_ranges && // last range - wsi->http.range.count_ranges > 1 && // was 2+ ranges (ie, multipart) - wsi->http.range.budget - amount == 0) {// final part - n += lws_snprintf((char *)pstart + n, 6, - "_lws\x0d\x0a"); // append trailing boundary - lwsl_debug("added trailing boundary\n"); - } -#endif - m = lws_write(wsi, p, n, wsi->http.filepos + amount == - wsi->http.filelen ? - LWS_WRITE_HTTP_FINAL : LWS_WRITE_HTTP); - if (m < 0) - goto file_had_it; - - wsi->http.filepos += amount; - -#if defined(LWS_WITH_RANGES) - if (wsi->http.range.count_ranges >= 1) { - wsi->http.range.budget -= amount; - if (wsi->http.range.budget == 0) { - lwsl_notice("range budget exhausted\n"); - wsi->http.range.inside = 0; - wsi->http.range.send_ctr++; - - if (lws_ranges_next(&wsi->http.range) < 1) { - finished = 1; - goto all_sent; - } - } - } -#endif - - if (m != n) { - /* adjust for what was not sent */ - if (lws_vfs_file_seek_cur(wsi->http.fop_fd, - m - n) == - (lws_fileofs_t)-1) - goto file_had_it; - } - } - -all_sent: - if ((!lws_has_buffered_out(wsi) -#if defined(LWS_WITH_HTTP_STREAM_COMPRESSION) - && !wsi->http.comp_ctx.buflist_comp && - !wsi->http.comp_ctx.may_have_more -#endif - ) && (wsi->http.filepos >= wsi->http.filelen -#if defined(LWS_WITH_RANGES) - || finished) -#else - ) -#endif - ) - { - lwsi_set_state(wsi, LRS_ESTABLISHED); - /* we might be in keepalive, so close it off here */ - lws_vfs_file_close(&wsi->http.fop_fd); - - lwsl_debug("file completed\n"); - - if (wsi->protocol->callback && - user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_HTTP_FILE_COMPLETION, - wsi->user_space, NULL, 0) < 0) { - /* - * For http/1.x, the choices from - * transaction_completed are either - * 0 to use the connection for pipelined - * or nonzero to hang it up. - * - * However for http/2. while we are - * still interested in hanging up the - * nwsi if there was a network-level - * fatal error, simply completing the - * transaction is a matter of the stream - * state, not the root connection at the - * network level - */ - if (wsi->http2_substream) - return 1; - else - return -1; - } - - return 1; /* >0 indicates completed */ - } - } while (1); //(!lws_send_pipe_choked(wsi)); - - lws_callback_on_writable(wsi); - - return 0; /* indicates further processing must be done */ - -file_had_it: - lws_vfs_file_close(&wsi->http.fop_fd); - - return -1; -} - - -LWS_VISIBLE void -lws_server_get_canonical_hostname(struct lws_context *context, - const struct lws_context_creation_info *info) -{ - if (lws_check_opt(info->options, - LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME)) - return; -#if !defined(LWS_WITH_ESP32) - /* find canonical hostname */ - gethostname((char *)context->canonical_hostname, - sizeof(context->canonical_hostname) - 1); - - lwsl_info(" canonical_hostname = %s\n", context->canonical_hostname); -#else - (void)context; -#endif -} - - -LWS_VISIBLE LWS_EXTERN int -lws_chunked_html_process(struct lws_process_html_args *args, - struct lws_process_html_state *s) -{ - char *sp, buffer[32]; - const char *pc; - int old_len, n; - - /* do replacements */ - sp = args->p; - old_len = args->len; - args->len = 0; - s->start = sp; - while (sp < args->p + old_len) { - - if (args->len + 7 >= args->max_len) { - lwsl_err("Used up interpret padding\n"); - return -1; - } - - if ((!s->pos && *sp == '$') || s->pos) { - int hits = 0, hit = 0; - - if (!s->pos) - s->start = sp; - s->swallow[s->pos++] = *sp; - if (s->pos == sizeof(s->swallow) - 1) - goto skip; - for (n = 0; n < s->count_vars; n++) - if (!strncmp(s->swallow, s->vars[n], s->pos)) { - hits++; - hit = n; - } - if (!hits) { -skip: - s->swallow[s->pos] = '\0'; - memcpy(s->start, s->swallow, s->pos); - args->len++; - s->pos = 0; - sp = s->start + 1; - continue; - } - if (hits == 1 && s->pos == (int)strlen(s->vars[hit])) { - pc = s->replace(s->data, hit); - if (!pc) - pc = "NULL"; - n = (int)strlen(pc); - s->swallow[s->pos] = '\0'; - if (n != s->pos) { - memmove(s->start + n, s->start + s->pos, - old_len - (sp - args->p)); - old_len += (n - s->pos) + 1; - } - memcpy(s->start, pc, n); - args->len++; - sp = s->start + 1; - - s->pos = 0; - } - sp++; - continue; - } - - args->len++; - sp++; - } - - if (args->chunked) { - /* no space left for final chunk trailer */ - if (args->final && args->len + 7 >= args->max_len) - return -1; - - n = sprintf(buffer, "%X\x0d\x0a", args->len); - - args->p -= n; - memcpy(args->p, buffer, n); - args->len += n; - - if (args->final) { - sp = args->p + args->len; - *sp++ = '\x0d'; - *sp++ = '\x0a'; - *sp++ = '0'; - *sp++ = '\x0d'; - *sp++ = '\x0a'; - *sp++ = '\x0d'; - *sp++ = '\x0a'; - args->len += 7; - } else { - sp = args->p + args->len; - *sp++ = '\x0d'; - *sp++ = '\x0a'; - args->len += 2; - } - } - - return 0; -} diff --git a/thirdparty/libwebsockets/lib/roles/listen/ops-listen.c b/thirdparty/libwebsockets/lib/roles/listen/ops-listen.c deleted file mode 100644 index 977c4b0377..0000000000 --- a/thirdparty/libwebsockets/lib/roles/listen/ops-listen.c +++ /dev/null @@ -1,188 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include - -static int -rops_handle_POLLIN_listen(struct lws_context_per_thread *pt, struct lws *wsi, - struct lws_pollfd *pollfd) -{ - struct lws_context *context = wsi->context; - lws_sockfd_type accept_fd = LWS_SOCK_INVALID; - lws_sock_file_fd_type fd; - int opts = LWS_ADOPT_SOCKET | LWS_ADOPT_ALLOW_SSL; - struct sockaddr_storage cli_addr; - socklen_t clilen; - - /* if our vhost is going down, ignore it */ - - if (wsi->vhost->being_destroyed) - return LWS_HPI_RET_HANDLED; - - /* pollin means a client has connected to us then - * - * pollout is a hack on esp32 for background accepts signalling - * they completed - */ - - do { - struct lws *cwsi; - - if (!(pollfd->revents & (LWS_POLLIN | LWS_POLLOUT)) || - !(pollfd->events & LWS_POLLIN)) - break; - -#if defined(LWS_WITH_TLS) - /* - * can we really accept it, with regards to SSL limit? - * another vhost may also have had POLLIN on his - * listener this round and used it up already - */ - if (wsi->vhost->tls.use_ssl && - context->simultaneous_ssl_restriction && - context->simultaneous_ssl == - context->simultaneous_ssl_restriction) - /* - * no... ignore it, he won't come again until - * we are below the simultaneous_ssl_restriction - * limit and POLLIN is enabled on him again - */ - break; -#endif - /* listen socket got an unencrypted connection... */ - - clilen = sizeof(cli_addr); - lws_latency_pre(context, wsi); - - /* - * We cannot identify the peer who is in the listen - * socket connect queue before we accept it; even if - * we could, not accepting it due to PEER_LIMITS would - * block the connect queue for other legit peers. - */ - - accept_fd = accept((int)pollfd->fd, - (struct sockaddr *)&cli_addr, &clilen); - lws_latency(context, wsi, "listener accept", - (int)accept_fd, accept_fd != LWS_SOCK_INVALID); - if (accept_fd == LWS_SOCK_INVALID) { - if (LWS_ERRNO == LWS_EAGAIN || - LWS_ERRNO == LWS_EWOULDBLOCK) { - break; - } - lwsl_err("accept: %s\n", strerror(LWS_ERRNO)); - return LWS_HPI_RET_HANDLED; - } - - lws_plat_set_socket_options(wsi->vhost, accept_fd, 0); - -#if defined(LWS_WITH_IPV6) - lwsl_debug("accepted new conn port %u on fd=%d\n", - ((cli_addr.ss_family == AF_INET6) ? - ntohs(((struct sockaddr_in6 *) &cli_addr)->sin6_port) : - ntohs(((struct sockaddr_in *) &cli_addr)->sin_port)), - accept_fd); -#else - lwsl_debug("accepted new conn port %u on fd=%d\n", - ntohs(((struct sockaddr_in *) &cli_addr)->sin_port), - accept_fd); -#endif - - /* - * look at who we connected to and give user code a - * chance to reject based on client IP. There's no - * protocol selected yet so we issue this to - * protocols[0] - */ - if ((wsi->vhost->protocols[0].callback)(wsi, - LWS_CALLBACK_FILTER_NETWORK_CONNECTION, - NULL, - (void *)(lws_intptr_t)accept_fd, 0)) { - lwsl_debug("Callback denied net connection\n"); - compatible_close(accept_fd); - break; - } - - if (!(wsi->vhost->options & LWS_SERVER_OPTION_ONLY_RAW)) - opts |= LWS_ADOPT_HTTP; - else - opts = LWS_ADOPT_SOCKET; - - fd.sockfd = accept_fd; - cwsi = lws_adopt_descriptor_vhost(wsi->vhost, opts, fd, - NULL, NULL); - if (!cwsi) { - lwsl_err("%s: lws_adopt_descriptor_vhost failed\n", - __func__); - /* already closed cleanly as necessary */ - return LWS_HPI_RET_WSI_ALREADY_DIED; - } - - if (lws_server_socket_service_ssl(cwsi, accept_fd)) { - lws_close_free_wsi(cwsi, LWS_CLOSE_STATUS_NOSTATUS, - "listen svc fail"); - return LWS_HPI_RET_WSI_ALREADY_DIED; - } - - lwsl_info("%s: new wsi %p: wsistate 0x%x, role_ops %s\n", - __func__, cwsi, cwsi->wsistate, cwsi->role_ops->name); - - } while (pt->fds_count < context->fd_limit_per_thread - 1 && - wsi->position_in_fds_table != LWS_NO_FDS_POS && - lws_poll_listen_fd(&pt->fds[wsi->position_in_fds_table]) > 0); - - return LWS_HPI_RET_HANDLED; -} - -int rops_handle_POLLOUT_listen(struct lws *wsi) -{ - return LWS_HP_RET_USER_SERVICE; -} - -struct lws_role_ops role_ops_listen = { - /* role name */ "listen", - /* alpn id */ NULL, - /* check_upgrades */ NULL, - /* init_context */ NULL, - /* init_vhost */ NULL, - /* destroy_vhost */ NULL, - /* periodic_checks */ NULL, - /* service_flag_pending */ NULL, - /* handle_POLLIN */ rops_handle_POLLIN_listen, - /* handle_POLLOUT */ rops_handle_POLLOUT_listen, - /* perform_user_POLLOUT */ NULL, - /* callback_on_writable */ NULL, - /* tx_credit */ NULL, - /* write_role_protocol */ NULL, - /* encapsulation_parent */ NULL, - /* alpn_negotiated */ NULL, - /* close_via_role_protocol */ NULL, - /* close_role */ NULL, - /* close_kill_connection */ NULL, - /* destroy_role */ NULL, - /* adoption_bind */ NULL, - /* client_bind */ NULL, - /* writeable cb clnt, srv */ { 0, 0 }, - /* close cb clnt, srv */ { 0, 0 }, - /* protocol_bind_cb c,s */ { 0, 0 }, - /* protocol_unbind_cb c,s */ { 0, 0 }, - /* file_handle */ 0, -}; diff --git a/thirdparty/libwebsockets/lib/roles/pipe/ops-pipe.c b/thirdparty/libwebsockets/lib/roles/pipe/ops-pipe.c deleted file mode 100644 index 659c9bd935..0000000000 --- a/thirdparty/libwebsockets/lib/roles/pipe/ops-pipe.c +++ /dev/null @@ -1,97 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include - -static int -rops_handle_POLLIN_pipe(struct lws_context_per_thread *pt, struct lws *wsi, - struct lws_pollfd *pollfd) -{ -#if !defined(WIN32) && !defined(_WIN32) - char s[100]; - int n; - - /* - * discard the byte(s) that signaled us - * We really don't care about the number of bytes, but coverity - * thinks we should. - */ - n = read(wsi->desc.sockfd, s, sizeof(s)); - (void)n; - if (n < 0) - return LWS_HPI_RET_PLEASE_CLOSE_ME; -#endif - -#if defined(LWS_WITH_THREADPOOL) - /* - * threadpools that need to call for on_writable callbacks do it by - * marking the task as needing one for its wsi, then cancelling service. - * - * Each tsi will call this to perform the actual callback_on_writable - * from the correct service thread context - */ - lws_threadpool_tsi_context(pt->context, pt->tid); -#endif - - /* - * the poll() wait, or the event loop for libuv etc is a - * process-wide resource that we interrupted. So let every - * protocol that may be interested in the pipe event know that - * it happened. - */ - if (lws_broadcast(wsi->context, LWS_CALLBACK_EVENT_WAIT_CANCELLED, - NULL, 0)) { - lwsl_info("closed in event cancel\n"); - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - - return LWS_HPI_RET_HANDLED; -} - -struct lws_role_ops role_ops_pipe = { - /* role name */ "pipe", - /* alpn id */ NULL, - /* check_upgrades */ NULL, - /* init_context */ NULL, - /* init_vhost */ NULL, - /* destroy_vhost */ NULL, - /* periodic_checks */ NULL, - /* service_flag_pending */ NULL, - /* handle_POLLIN */ rops_handle_POLLIN_pipe, - /* handle_POLLOUT */ NULL, - /* perform_user_POLLOUT */ NULL, - /* callback_on_writable */ NULL, - /* tx_credit */ NULL, - /* write_role_protocol */ NULL, - /* encapsulation_parent */ NULL, - /* alpn_negotiated */ NULL, - /* close_via_role_protocol */ NULL, - /* close_role */ NULL, - /* close_kill_connection */ NULL, - /* destroy_role */ NULL, - /* adoption_bind */ NULL, - /* client_bind */ NULL, - /* writeable cb clnt, srv */ { 0, 0 }, - /* close cb clnt, srv */ { 0, 0 }, - /* protocol_bind_cb c,s */ { 0, 0 }, - /* protocol_unbind_cb c,s */ { 0, 0 }, - /* file_handle */ 1, -}; diff --git a/thirdparty/libwebsockets/lib/roles/private.h b/thirdparty/libwebsockets/lib/roles/private.h deleted file mode 100644 index 5f93b86e8f..0000000000 --- a/thirdparty/libwebsockets/lib/roles/private.h +++ /dev/null @@ -1,315 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * This is included from core/private.h - */ - -typedef uint32_t lws_wsi_state_t; - -/* - * The wsi->role_ops pointer decides almost everything about what role the wsi - * will play, h2, raw, ws, etc. - * - * However there are a few additional flags needed that vary, such as if the - * role is a client or server side, if it has that concept. And the connection - * fulfilling the role, has a separate dynamic state. - * - * 31 16 15 0 - * [ role flags ] [ state ] - * - * The role flags part is generally invariant for the lifetime of the wsi, - * although it can change if the connection role itself does, eg, if the - * connection upgrades from H1 -> WS1 the role flags may be changed at that - * point. - * - * The state part reflects the dynamic connection state, and the states are - * reused between roles. - * - * None of the internal role or state representations are made available outside - * of lws internals. Even for lws internals, if you add stuff here, please keep - * the constants inside this header only by adding necessary helpers here and - * use the helpers in the actual code. This is to ease any future refactors. - * - * Notice LWSIFR_ENCAP means we have a parent wsi that actually carries our - * data as a stream inside a different protocol. - */ - -#define _RS 16 - -#define LWSIFR_CLIENT (0x1000 << _RS) /* client side */ -#define LWSIFR_SERVER (0x2000 << _RS) /* server side */ - -#define LWSIFR_P_ENCAP_H2 (0x0100 << _RS) /* we are encapsulated by h2 */ - -enum lwsi_role { - LWSI_ROLE_MASK = (0xffff << _RS), - LWSI_ROLE_ENCAP_MASK = (0x0f00 << _RS), -}; - -#define lwsi_role(wsi) (wsi->wsistate & LWSI_ROLE_MASK) -#if !defined (_DEBUG) -#define lwsi_set_role(wsi, role) wsi->wsistate = \ - (wsi->wsistate & (~LWSI_ROLE_MASK)) | role -#else -void lwsi_set_role(struct lws *wsi, lws_wsi_state_t role); -#endif - -#define lwsi_role_client(wsi) (!!(wsi->wsistate & LWSIFR_CLIENT)) -#define lwsi_role_server(wsi) (!!(wsi->wsistate & LWSIFR_SERVER)) -#define lwsi_role_h2_ENCAPSULATION(wsi) \ - ((wsi->wsistate & LWSI_ROLE_ENCAP_MASK) == LWSIFR_P_ENCAP_H2) - -/* Pollout wants a callback in this state */ -#define LWSIFS_POCB (0x100) -/* Before any protocol connection was established */ -#define LWSIFS_NOT_EST (0x200) - -enum lwsi_state { - - /* Phase 1: pre-transport */ - - LRS_UNCONNECTED = LWSIFS_NOT_EST | 0, - LRS_WAITING_CONNECT = LWSIFS_NOT_EST | 1, - - /* Phase 2: establishing intermediaries on top of transport */ - - LRS_WAITING_PROXY_REPLY = LWSIFS_NOT_EST | 2, - LRS_WAITING_SSL = LWSIFS_NOT_EST | 3, - LRS_WAITING_SOCKS_GREETING_REPLY = LWSIFS_NOT_EST | 4, - LRS_WAITING_SOCKS_CONNECT_REPLY = LWSIFS_NOT_EST | 5, - LRS_WAITING_SOCKS_AUTH_REPLY = LWSIFS_NOT_EST | 6, - - /* Phase 3: establishing tls tunnel */ - - LRS_SSL_INIT = LWSIFS_NOT_EST | 7, - LRS_SSL_ACK_PENDING = LWSIFS_NOT_EST | 8, - LRS_PRE_WS_SERVING_ACCEPT = LWSIFS_NOT_EST | 9, - - /* Phase 4: connected */ - - LRS_WAITING_SERVER_REPLY = LWSIFS_NOT_EST | 10, - LRS_H2_AWAIT_PREFACE = LWSIFS_NOT_EST | 11, - LRS_H2_AWAIT_SETTINGS = LWSIFS_NOT_EST | - LWSIFS_POCB | 12, - - /* Phase 5: protocol logically established */ - - LRS_H2_CLIENT_SEND_SETTINGS = LWSIFS_POCB | 13, - LRS_H2_WAITING_TO_SEND_HEADERS = LWSIFS_POCB | 14, - LRS_DEFERRING_ACTION = LWSIFS_POCB | 15, - LRS_IDLING = 16, - LRS_H1C_ISSUE_HANDSHAKE = 17, - LRS_H1C_ISSUE_HANDSHAKE2 = 18, - LRS_ISSUE_HTTP_BODY = 19, - LRS_ISSUING_FILE = 20, - LRS_HEADERS = 21, - LRS_BODY = 22, - LRS_ESTABLISHED = LWSIFS_POCB | 23, - /* we are established, but we have embarked on serving a single - * transaction. Other transaction input may be pending, but we will - * not service it while we are busy dealing with the current - * transaction. - * - * When we complete the current transaction, we would reset our state - * back to ESTABLISHED and start to process the next transaction. - */ - LRS_DOING_TRANSACTION = LWSIFS_POCB | 24, - - /* Phase 6: finishing */ - - LRS_WAITING_TO_SEND_CLOSE = LWSIFS_POCB | 25, - LRS_RETURNED_CLOSE = LWSIFS_POCB | 26, - LRS_AWAITING_CLOSE_ACK = LWSIFS_POCB | 27, - LRS_FLUSHING_BEFORE_CLOSE = LWSIFS_POCB | 28, - LRS_SHUTDOWN = 29, - - /* Phase 7: dead */ - - LRS_DEAD_SOCKET = 30, - - LRS_MASK = 0xffff -}; - -#define lwsi_state(wsi) ((enum lwsi_state)(wsi->wsistate & LRS_MASK)) -#define lwsi_state_PRE_CLOSE(wsi) \ - ((enum lwsi_state)(wsi->wsistate_pre_close & LRS_MASK)) -#define lwsi_state_est(wsi) (!(wsi->wsistate & LWSIFS_NOT_EST)) -#define lwsi_state_est_PRE_CLOSE(wsi) \ - (!(wsi->wsistate_pre_close & LWSIFS_NOT_EST)) -#define lwsi_state_can_handle_POLLOUT(wsi) (wsi->wsistate & LWSIFS_POCB) -#if !defined (_DEBUG) -#define lwsi_set_state(wsi, lrs) wsi->wsistate = \ - (wsi->wsistate & (~LRS_MASK)) | lrs -#else -void lwsi_set_state(struct lws *wsi, lws_wsi_state_t lrs); -#endif - -#define _LWS_ADOPT_FINISH (1 << 24) - -/* - * internal role-specific ops - */ -struct lws_context_per_thread; -struct lws_role_ops { - const char *name; - const char *alpn; - /* - * After http headers have parsed, this is the last chance for a role - * to upgrade the connection to something else using the headers. - * ws-over-h2 is upgraded from h2 like this. - */ - int (*check_upgrades)(struct lws *wsi); - /* role-specific context init during context creation */ - int (*init_context)(struct lws_context *context, - const struct lws_context_creation_info *info); - /* role-specific per-vhost init during vhost creation */ - int (*init_vhost)(struct lws_vhost *vh, - const struct lws_context_creation_info *info); - /* role-specific per-vhost destructor during vhost destroy */ - int (*destroy_vhost)(struct lws_vhost *vh); - /* generic 1Hz callback for the role itself */ - int (*periodic_checks)(struct lws_context *context, int tsi, - time_t now); - /* chance for the role to force POLLIN without network activity */ - int (*service_flag_pending)(struct lws_context *context, int tsi); - /* an fd using this role has POLLIN signalled */ - int (*handle_POLLIN)(struct lws_context_per_thread *pt, struct lws *wsi, - struct lws_pollfd *pollfd); - /* an fd using the role wanted a POLLOUT callback and now has it */ - int (*handle_POLLOUT)(struct lws *wsi); - /* perform user pollout */ - int (*perform_user_POLLOUT)(struct lws *wsi); - /* do effective callback on writeable */ - int (*callback_on_writable)(struct lws *wsi); - /* connection-specific tx credit in bytes */ - lws_fileofs_t (*tx_credit)(struct lws *wsi); - /* role-specific write formatting */ - int (*write_role_protocol)(struct lws *wsi, unsigned char *buf, - size_t len, enum lws_write_protocol *wp); - - /* get encapsulation parent */ - struct lws * (*encapsulation_parent)(struct lws *wsi); - - /* role-specific destructor */ - int (*alpn_negotiated)(struct lws *wsi, const char *alpn); - - /* chance for the role to handle close in the protocol */ - int (*close_via_role_protocol)(struct lws *wsi, - enum lws_close_status reason); - /* role-specific close processing */ - int (*close_role)(struct lws_context_per_thread *pt, struct lws *wsi); - /* role-specific connection close processing */ - int (*close_kill_connection)(struct lws *wsi, - enum lws_close_status reason); - /* role-specific destructor */ - int (*destroy_role)(struct lws *wsi); - - /* role-specific socket-adopt */ - int (*adoption_bind)(struct lws *wsi, int type, const char *prot); - /* role-specific client-bind: - * ret 1 = bound, 0 = not bound, -1 = fail out - * i may be NULL, indicating client_bind is being called after - * a successful bind earlier, to finalize the binding. In that - * case ret 0 = OK, 1 = fail, wsi needs freeing, -1 = fail, wsi freed */ - int (*client_bind)(struct lws *wsi, - const struct lws_client_connect_info *i); - - /* - * the callback reasons for WRITEABLE for client, server - * (just client applies if no concept of client or server) - */ - uint16_t writeable_cb[2]; - /* - * the callback reasons for CLOSE for client, server - * (just client applies if no concept of client or server) - */ - uint16_t close_cb[2]; - /* - * the callback reasons for protocol bind for client, server - * (just client applies if no concept of client or server) - */ - uint16_t protocol_bind_cb[2]; - /* - * the callback reasons for protocol unbind for client, server - * (just client applies if no concept of client or server) - */ - uint16_t protocol_unbind_cb[2]; - - unsigned int file_handle:1; /* role operates on files not sockets */ -}; - -/* core roles */ -extern struct lws_role_ops role_ops_raw_skt, role_ops_raw_file, role_ops_listen, - role_ops_pipe; - -/* bring in role private declarations */ - -#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) - #include "roles/http/private.h" -#else - #define lwsi_role_http(wsi) (0) -#endif - -#if defined(LWS_ROLE_H1) - #include "roles/h1/private.h" -#else - #define lwsi_role_h1(wsi) (0) -#endif - -#if defined(LWS_ROLE_H2) - #include "roles/h2/private.h" -#else - #define lwsi_role_h2(wsi) (0) -#endif - -#if defined(LWS_ROLE_WS) - #include "roles/ws/private.h" -#else - #define lwsi_role_ws(wsi) (0) -#endif - -#if defined(LWS_ROLE_CGI) - #include "roles/cgi/private.h" -#else - #define lwsi_role_cgi(wsi) (0) -#endif - -#if defined(LWS_ROLE_DBUS) - #include "roles/dbus/private.h" -#else - #define lwsi_role_dbus(wsi) (0) -#endif - -enum { - LWS_HP_RET_BAIL_OK, - LWS_HP_RET_BAIL_DIE, - LWS_HP_RET_USER_SERVICE, - - LWS_HPI_RET_WSI_ALREADY_DIED, /* we closed it */ - LWS_HPI_RET_HANDLED, /* no probs */ - LWS_HPI_RET_PLEASE_CLOSE_ME, /* close it for us */ - - LWS_UPG_RET_DONE, - LWS_UPG_RET_CONTINUE, - LWS_UPG_RET_BAIL -}; - -int -lws_role_call_adoption_bind(struct lws *wsi, int type, const char *prot); diff --git a/thirdparty/libwebsockets/lib/roles/raw-file/ops-raw-file.c b/thirdparty/libwebsockets/lib/roles/raw-file/ops-raw-file.c deleted file mode 100644 index 075a2ee8b1..0000000000 --- a/thirdparty/libwebsockets/lib/roles/raw-file/ops-raw-file.c +++ /dev/null @@ -1,108 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include - -static int -rops_handle_POLLIN_raw_file(struct lws_context_per_thread *pt, struct lws *wsi, - struct lws_pollfd *pollfd) -{ - int n; - - if (pollfd->revents & LWS_POLLOUT) { - n = lws_callback_as_writeable(wsi); - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_info("failed at set pollfd\n"); - return LWS_HPI_RET_WSI_ALREADY_DIED; - } - if (n) - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - - if (pollfd->revents & LWS_POLLIN) { - if (user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_RAW_RX_FILE, - wsi->user_space, NULL, 0)) { - lwsl_debug("raw rx callback closed it\n"); - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - } - - if (pollfd->revents & LWS_POLLHUP) - return LWS_HPI_RET_PLEASE_CLOSE_ME; - - return LWS_HPI_RET_HANDLED; -} - -#if !defined(LWS_NO_SERVER) -static int -rops_adoption_bind_raw_file(struct lws *wsi, int type, const char *vh_prot_name) -{ - /* no socket or http: it can only be a raw file */ - if ((type & LWS_ADOPT_HTTP) || (type & LWS_ADOPT_SOCKET) || - (type & _LWS_ADOPT_FINISH)) - return 0; /* no match */ - - lws_role_transition(wsi, 0, LRS_ESTABLISHED, &role_ops_raw_file); - - if (!vh_prot_name) - wsi->protocol = &wsi->vhost->protocols[ - wsi->vhost->default_protocol_index]; - - return 1; /* bound */ -} -#endif - -struct lws_role_ops role_ops_raw_file = { - /* role name */ "raw-file", - /* alpn id */ NULL, - /* check_upgrades */ NULL, - /* init_context */ NULL, - /* init_vhost */ NULL, - /* destroy_vhost */ NULL, - /* periodic_checks */ NULL, - /* service_flag_pending */ NULL, - /* handle_POLLIN */ rops_handle_POLLIN_raw_file, - /* handle_POLLOUT */ NULL, - /* perform_user_POLLOUT */ NULL, - /* callback_on_writable */ NULL, - /* tx_credit */ NULL, - /* write_role_protocol */ NULL, - /* encapsulation_parent */ NULL, - /* alpn_negotiated */ NULL, - /* close_via_role_protocol */ NULL, - /* close_role */ NULL, - /* close_kill_connection */ NULL, - /* destroy_role */ NULL, -#if !defined(LWS_NO_SERVER) - /* adoption_bind */ rops_adoption_bind_raw_file, -#else - NULL, -#endif - /* client_bind */ NULL, - /* writeable cb clnt, srv */ { LWS_CALLBACK_RAW_WRITEABLE_FILE, 0 }, - /* close cb clnt, srv */ { LWS_CALLBACK_RAW_CLOSE_FILE, 0 }, - /* protocol_bind cb c, srv */ { LWS_CALLBACK_RAW_FILE_BIND_PROTOCOL, - LWS_CALLBACK_RAW_FILE_BIND_PROTOCOL }, - /* protocol_unbind cb c, srv */ { LWS_CALLBACK_RAW_FILE_DROP_PROTOCOL, - LWS_CALLBACK_RAW_FILE_DROP_PROTOCOL }, - /* file_handle */ 1, -}; diff --git a/thirdparty/libwebsockets/lib/roles/raw-skt/ops-raw-skt.c b/thirdparty/libwebsockets/lib/roles/raw-skt/ops-raw-skt.c deleted file mode 100644 index 8b94de4bed..0000000000 --- a/thirdparty/libwebsockets/lib/roles/raw-skt/ops-raw-skt.c +++ /dev/null @@ -1,233 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include - -static int -rops_handle_POLLIN_raw_skt(struct lws_context_per_thread *pt, struct lws *wsi, - struct lws_pollfd *pollfd) -{ - struct lws_tokens ebuf; - int n, buffered; - - /* pending truncated sends have uber priority */ - - if (lws_has_buffered_out(wsi)) { - if (!(pollfd->revents & LWS_POLLOUT)) - return LWS_HPI_RET_HANDLED; - - /* drain the output buflist */ - if (lws_issue_raw(wsi, NULL, 0) < 0) - goto fail; - /* - * we can't afford to allow input processing to send - * something new, so spin around he event loop until - * he doesn't have any partials - */ - return LWS_HPI_RET_HANDLED; - } - - if ((pollfd->revents & pollfd->events & LWS_POLLIN) && - /* any tunnel has to have been established... */ - lwsi_state(wsi) != LRS_SSL_ACK_PENDING && - !(wsi->favoured_pollin && - (pollfd->revents & pollfd->events & LWS_POLLOUT))) { - - buffered = lws_buflist_aware_read(pt, wsi, &ebuf); - switch (ebuf.len) { - case 0: - lwsl_info("%s: read 0 len\n", __func__); - wsi->seen_zero_length_recv = 1; - lws_change_pollfd(wsi, LWS_POLLIN, 0); - - /* - * we need to go to fail here, since it's the only - * chance we get to understand that the socket has - * closed - */ - // goto try_pollout; - goto fail; - - case LWS_SSL_CAPABLE_ERROR: - goto fail; - case LWS_SSL_CAPABLE_MORE_SERVICE: - goto try_pollout; - } - - n = user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_RAW_RX, - wsi->user_space, ebuf.token, - ebuf.len); - if (n < 0) { - lwsl_info("LWS_CALLBACK_RAW_RX_fail\n"); - goto fail; - } - - if (lws_buflist_aware_consume(wsi, &ebuf, ebuf.len, buffered)) - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } else - if (wsi->favoured_pollin && - (pollfd->revents & pollfd->events & LWS_POLLOUT)) - /* we balanced the last favouring of pollin */ - wsi->favoured_pollin = 0; - -try_pollout: - - /* this handles POLLOUT for http serving fragments */ - - if (!(pollfd->revents & LWS_POLLOUT)) - return LWS_HPI_RET_HANDLED; - - /* one shot */ - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_notice("%s a\n", __func__); - goto fail; - } - - /* clear back-to-back write detection */ - wsi->could_have_pending = 0; - - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_WRITEABLE_CB, 1); -#if defined(LWS_WITH_STATS) - if (wsi->active_writable_req_us) { - uint64_t ul = lws_time_in_microseconds() - - wsi->active_writable_req_us; - - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_MS_WRITABLE_DELAY, ul); - lws_stats_atomic_max(wsi->context, pt, - LWSSTATS_MS_WORST_WRITABLE_DELAY, ul); - wsi->active_writable_req_us = 0; - } -#endif - n = user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_RAW_WRITEABLE, - wsi->user_space, NULL, 0); - if (n < 0) { - lwsl_info("writeable_fail\n"); - goto fail; - } - - return LWS_HPI_RET_HANDLED; - -fail: - lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "raw svc fail"); - - return LWS_HPI_RET_WSI_ALREADY_DIED; -} - -#if !defined(LWS_NO_SERVER) -static int -rops_adoption_bind_raw_skt(struct lws *wsi, int type, const char *vh_prot_name) -{ - /* no http but socket... must be raw skt */ - if ((type & LWS_ADOPT_HTTP) || !(type & LWS_ADOPT_SOCKET) || - (type & _LWS_ADOPT_FINISH)) - return 0; /* no match */ - -#if !defined(LWS_WITH_ESP32) - if (type & LWS_ADOPT_FLAG_UDP) - /* - * these can be >128 bytes, so just alloc for UDP - */ - wsi->udp = lws_malloc(sizeof(*wsi->udp), "udp struct"); -#endif - - lws_role_transition(wsi, 0, (type & LWS_ADOPT_ALLOW_SSL) ? LRS_SSL_INIT : - LRS_ESTABLISHED, &role_ops_raw_skt); - - if (vh_prot_name) - lws_bind_protocol(wsi, wsi->protocol, __func__); - else - /* this is the only time he will transition */ - lws_bind_protocol(wsi, - &wsi->vhost->protocols[wsi->vhost->raw_protocol_index], - __func__); - - return 1; /* bound */ -} -#endif - -#if !defined(LWS_NO_CLIENT) -static int -rops_client_bind_raw_skt(struct lws *wsi, - const struct lws_client_connect_info *i) -{ - if (!i) { - - /* finalize */ - - if (!wsi->user_space && wsi->stash->method) - if (lws_ensure_user_space(wsi)) - return 1; - - return 0; - } - - /* we are a fallback if nothing else matched */ - - lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, - &role_ops_raw_skt); - - return 1; /* matched */ -} -#endif - -struct lws_role_ops role_ops_raw_skt = { - /* role name */ "raw-skt", - /* alpn id */ NULL, - /* check_upgrades */ NULL, - /* init_context */ NULL, - /* init_vhost */ NULL, - /* destroy_vhost */ NULL, - /* periodic_checks */ NULL, - /* service_flag_pending */ NULL, - /* handle_POLLIN */ rops_handle_POLLIN_raw_skt, - /* handle_POLLOUT */ NULL, - /* perform_user_POLLOUT */ NULL, - /* callback_on_writable */ NULL, - /* tx_credit */ NULL, - /* write_role_protocol */ NULL, - /* encapsulation_parent */ NULL, - /* alpn_negotiated */ NULL, - /* close_via_role_protocol */ NULL, - /* close_role */ NULL, - /* close_kill_connection */ NULL, - /* destroy_role */ NULL, -#if !defined(LWS_NO_SERVER) - /* adoption_bind */ rops_adoption_bind_raw_skt, -#else - NULL, -#endif -#if !defined(LWS_NO_CLIENT) - /* client_bind */ rops_client_bind_raw_skt, -#else - NULL, -#endif - /* writeable cb clnt, srv */ { LWS_CALLBACK_RAW_WRITEABLE, 0 }, - /* close cb clnt, srv */ { LWS_CALLBACK_RAW_CLOSE, 0 }, - /* protocol_bind cb c, srv */ { LWS_CALLBACK_RAW_SKT_BIND_PROTOCOL, - LWS_CALLBACK_RAW_SKT_BIND_PROTOCOL }, - /* protocol_unbind cb c, srv */ { LWS_CALLBACK_RAW_SKT_DROP_PROTOCOL, - LWS_CALLBACK_RAW_SKT_DROP_PROTOCOL }, - /* file_handle */ 0, -}; diff --git a/thirdparty/libwebsockets/lib/roles/ws/client-parser-ws.c b/thirdparty/libwebsockets/lib/roles/ws/client-parser-ws.c deleted file mode 100644 index f5aaa6dbb5..0000000000 --- a/thirdparty/libwebsockets/lib/roles/ws/client-parser-ws.c +++ /dev/null @@ -1,607 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -/* - * parsers.c: lws_ws_rx_sm() needs to be roughly kept in - * sync with changes here, esp related to ext draining - */ - -int lws_ws_client_rx_sm(struct lws *wsi, unsigned char c) -{ - int callback_action = LWS_CALLBACK_CLIENT_RECEIVE; - int handled, m; - unsigned short close_code; - struct lws_tokens ebuf; - unsigned char *pp; -#if !defined(LWS_WITHOUT_EXTENSIONS) - int rx_draining_ext = 0, n; -#endif - - ebuf.token = NULL; - ebuf.len = 0; - -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (wsi->ws->rx_draining_ext) { - assert(!c); - - lws_remove_wsi_from_draining_ext_list(wsi); - rx_draining_ext = 1; - lwsl_debug("%s: doing draining flow\n", __func__); - - goto drain_extension; - } -#endif - - if (wsi->socket_is_permanently_unusable) - return -1; - - switch (wsi->lws_rx_parse_state) { - case LWS_RXPS_NEW: - /* control frames (PING) may interrupt checkable sequences */ - wsi->ws->defeat_check_utf8 = 0; - - switch (wsi->ws->ietf_spec_revision) { - case 13: - wsi->ws->opcode = c & 0xf; - /* revisit if an extension wants them... */ - switch (wsi->ws->opcode) { - case LWSWSOPC_TEXT_FRAME: - wsi->ws->rsv_first_msg = (c & 0x70); - wsi->ws->continuation_possible = 1; - wsi->ws->check_utf8 = lws_check_opt( - wsi->context->options, - LWS_SERVER_OPTION_VALIDATE_UTF8); - wsi->ws->utf8 = 0; - wsi->ws->first_fragment = 1; - break; - case LWSWSOPC_BINARY_FRAME: - wsi->ws->rsv_first_msg = (c & 0x70); - wsi->ws->check_utf8 = 0; - wsi->ws->continuation_possible = 1; - wsi->ws->first_fragment = 1; - break; - case LWSWSOPC_CONTINUATION: - if (!wsi->ws->continuation_possible) { - lwsl_info("disordered continuation\n"); - return -1; - } - wsi->ws->first_fragment = 0; - break; - case LWSWSOPC_CLOSE: - wsi->ws->check_utf8 = 0; - wsi->ws->utf8 = 0; - break; - case 3: - case 4: - case 5: - case 6: - case 7: - case 0xb: - case 0xc: - case 0xd: - case 0xe: - case 0xf: - lwsl_info("illegal opcode\n"); - return -1; - default: - wsi->ws->defeat_check_utf8 = 1; - break; - } - wsi->ws->rsv = (c & 0x70); - /* revisit if an extension wants them... */ - if ( -#if !defined(LWS_WITHOUT_EXTENSIONS) - !wsi->ws->count_act_ext && -#endif - wsi->ws->rsv) { - lwsl_info("illegal rsv bits set\n"); - return -1; - } - wsi->ws->final = !!((c >> 7) & 1); - lwsl_ext("%s: This RX frame Final %d\n", __func__, - wsi->ws->final); - - if (wsi->ws->owed_a_fin && - (wsi->ws->opcode == LWSWSOPC_TEXT_FRAME || - wsi->ws->opcode == LWSWSOPC_BINARY_FRAME)) { - lwsl_info("hey you owed us a FIN\n"); - return -1; - } - if ((!(wsi->ws->opcode & 8)) && wsi->ws->final) { - wsi->ws->continuation_possible = 0; - wsi->ws->owed_a_fin = 0; - } - - if ((wsi->ws->opcode & 8) && !wsi->ws->final) { - lwsl_info("control msg can't be fragmented\n"); - return -1; - } - if (!wsi->ws->final) - wsi->ws->owed_a_fin = 1; - - switch (wsi->ws->opcode) { - case LWSWSOPC_TEXT_FRAME: - case LWSWSOPC_BINARY_FRAME: - wsi->ws->frame_is_binary = wsi->ws->opcode == - LWSWSOPC_BINARY_FRAME; - break; - } - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN; - break; - - default: - lwsl_err("unknown spec version %02d\n", - wsi->ws->ietf_spec_revision); - break; - } - break; - - case LWS_RXPS_04_FRAME_HDR_LEN: - - wsi->ws->this_frame_masked = !!(c & 0x80); - - switch (c & 0x7f) { - case 126: - /* control frames are not allowed to have big lengths */ - if (wsi->ws->opcode & 8) - goto illegal_ctl_length; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2; - break; - case 127: - /* control frames are not allowed to have big lengths */ - if (wsi->ws->opcode & 8) - goto illegal_ctl_length; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8; - break; - default: - wsi->ws->rx_packet_length = c & 0x7f; - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = - LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else { - if (wsi->ws->rx_packet_length) { - wsi->lws_rx_parse_state = - LWS_RXPS_WS_FRAME_PAYLOAD; - } else { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - } - break; - } - break; - - case LWS_RXPS_04_FRAME_HDR_LEN16_2: - wsi->ws->rx_packet_length = c << 8; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN16_1: - wsi->ws->rx_packet_length |= c; - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else { - if (wsi->ws->rx_packet_length) - wsi->lws_rx_parse_state = - LWS_RXPS_WS_FRAME_PAYLOAD; - else { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - } - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_8: - if (c & 0x80) { - lwsl_warn("b63 of length must be zero\n"); - /* kill the connection */ - return -1; - } -#if defined __LP64__ - wsi->ws->rx_packet_length = ((size_t)c) << 56; -#else - wsi->ws->rx_packet_length = 0; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_7: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 48; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_6: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 40; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_5: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 32; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_4: - wsi->ws->rx_packet_length |= ((size_t)c) << 24; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_3: - wsi->ws->rx_packet_length |= ((size_t)c) << 16; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_2: - wsi->ws->rx_packet_length |= ((size_t)c) << 8; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_1: - wsi->ws->rx_packet_length |= (size_t)c; - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = - LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else { - if (wsi->ws->rx_packet_length) - wsi->lws_rx_parse_state = - LWS_RXPS_WS_FRAME_PAYLOAD; - else { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - } - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_1: - wsi->ws->mask[0] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_2: - wsi->ws->mask[1] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_3: - wsi->ws->mask[2] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_4: - wsi->ws->mask[3] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - - if (wsi->ws->rx_packet_length) - wsi->lws_rx_parse_state = - LWS_RXPS_WS_FRAME_PAYLOAD; - else { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - break; - - case LWS_RXPS_WS_FRAME_PAYLOAD: - - assert(wsi->ws->rx_ubuf); -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (wsi->ws->rx_draining_ext) - goto drain_extension; -#endif - if (wsi->ws->this_frame_masked && !wsi->ws->all_zero_nonce) - c ^= wsi->ws->mask[(wsi->ws->mask_idx++) & 3]; - - wsi->ws->rx_ubuf[LWS_PRE + (wsi->ws->rx_ubuf_head++)] = c; - - if (--wsi->ws->rx_packet_length == 0) { - /* spill because we have the whole frame */ - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - - /* - * if there's no protocol max frame size given, we are - * supposed to default to context->pt_serv_buf_size - */ - if (!wsi->protocol->rx_buffer_size && - wsi->ws->rx_ubuf_head != wsi->context->pt_serv_buf_size) - break; - - if (wsi->protocol->rx_buffer_size && - wsi->ws->rx_ubuf_head != wsi->protocol->rx_buffer_size) - break; - - /* spill because we filled our rx buffer */ -spill: - - handled = 0; - - /* - * is this frame a control packet we should take care of at this - * layer? If so service it and hide it from the user callback - */ - - switch (wsi->ws->opcode) { - case LWSWSOPC_CLOSE: - pp = (unsigned char *)&wsi->ws->rx_ubuf[LWS_PRE]; - if (lws_check_opt(wsi->context->options, - LWS_SERVER_OPTION_VALIDATE_UTF8) && - wsi->ws->rx_ubuf_head > 2 && - lws_check_utf8(&wsi->ws->utf8, pp + 2, - wsi->ws->rx_ubuf_head - 2)) - goto utf8_fail; - - /* is this an acknowledgment of our close? */ - if (lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { - /* - * fine he has told us he is closing too, let's - * finish our close - */ - lwsl_parser("seen server's close ack\n"); - return -1; - } - - lwsl_parser("client sees server close len = %d\n", - wsi->ws->rx_ubuf_head); - if (wsi->ws->rx_ubuf_head >= 2) { - close_code = (pp[0] << 8) | pp[1]; - if (close_code < 1000 || - close_code == 1004 || - close_code == 1005 || - close_code == 1006 || - close_code == 1012 || - close_code == 1013 || - close_code == 1014 || - close_code == 1015 || - (close_code >= 1016 && close_code < 3000) - ) { - pp[0] = (LWS_CLOSE_STATUS_PROTOCOL_ERR >> 8) & 0xff; - pp[1] = LWS_CLOSE_STATUS_PROTOCOL_ERR & 0xff; - } - } - if (user_callback_handle_rxflow( - wsi->protocol->callback, wsi, - LWS_CALLBACK_WS_PEER_INITIATED_CLOSE, - wsi->user_space, pp, - wsi->ws->rx_ubuf_head)) - return -1; - - memcpy(wsi->ws->ping_payload_buf + LWS_PRE, pp, - wsi->ws->rx_ubuf_head); - wsi->ws->close_in_ping_buffer_len = - wsi->ws->rx_ubuf_head; - - lwsl_info("%s: scheduling return close as ack\n", - __func__); - __lws_change_pollfd(wsi, LWS_POLLIN, 0); - lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_SEND, 3); - wsi->waiting_to_send_close_frame = 1; - wsi->close_needs_ack = 0; - lwsi_set_state(wsi, LRS_WAITING_TO_SEND_CLOSE); - lws_callback_on_writable(wsi); - handled = 1; - break; - - case LWSWSOPC_PING: - lwsl_info("received %d byte ping, sending pong\n", - wsi->ws->rx_ubuf_head); - - /* he set a close reason on this guy, ignore PING */ - if (wsi->ws->close_in_ping_buffer_len) - goto ping_drop; - - if (wsi->ws->ping_pending_flag) { - /* - * there is already a pending ping payload - * we should just log and drop - */ - lwsl_parser("DROP PING since one pending\n"); - goto ping_drop; - } - - /* control packets can only be < 128 bytes long */ - if (wsi->ws->rx_ubuf_head > 128 - 3) { - lwsl_parser("DROP PING payload too large\n"); - goto ping_drop; - } - - /* stash the pong payload */ - memcpy(wsi->ws->ping_payload_buf + LWS_PRE, - &wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head); - - wsi->ws->ping_payload_len = wsi->ws->rx_ubuf_head; - wsi->ws->ping_pending_flag = 1; - - /* get it sent as soon as possible */ - lws_callback_on_writable(wsi); -ping_drop: - wsi->ws->rx_ubuf_head = 0; - handled = 1; - break; - - case LWSWSOPC_PONG: - lwsl_info("client received pong\n"); - lwsl_hexdump(&wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head); - - if (wsi->pending_timeout == - PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG) { - lwsl_info("%p: received expected PONG\n", wsi); - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - } - - /* issue it */ - callback_action = LWS_CALLBACK_CLIENT_RECEIVE_PONG; - break; - - case LWSWSOPC_CONTINUATION: - case LWSWSOPC_TEXT_FRAME: - case LWSWSOPC_BINARY_FRAME: - break; - - default: - /* not handled or failed */ - lwsl_ext("Unhandled ext opc 0x%x\n", wsi->ws->opcode); - wsi->ws->rx_ubuf_head = 0; - - return -1; - } - - /* - * No it's real payload, pass it up to the user callback. - * It's nicely buffered with the pre-padding taken care of - * so it can be sent straight out again using lws_write - */ - if (handled) - goto already_done; - - ebuf.token = &wsi->ws->rx_ubuf[LWS_PRE]; - ebuf.len = wsi->ws->rx_ubuf_head; - -#if !defined(LWS_WITHOUT_EXTENSIONS) -drain_extension: - lwsl_ext("%s: passing %d to ext\n", __func__, ebuf.len); - - n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &ebuf, 0); - lwsl_ext("Ext RX returned %d\n", n); - if (n < 0) { - wsi->socket_is_permanently_unusable = 1; - return -1; - } -#endif - lwsl_debug("post inflate ebuf len %d\n", ebuf.len); - -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (rx_draining_ext && !ebuf.len) { - lwsl_debug(" --- ending drain on 0 read result\n"); - goto already_done; - } -#endif - - if (wsi->ws->check_utf8 && !wsi->ws->defeat_check_utf8) { - if (lws_check_utf8(&wsi->ws->utf8, - (unsigned char *)ebuf.token, - ebuf.len)) { - lws_close_reason(wsi, - LWS_CLOSE_STATUS_INVALID_PAYLOAD, - (uint8_t *)"bad utf8", 8); - goto utf8_fail; - } - - /* we are ending partway through utf-8 character? */ - if (!wsi->ws->rx_packet_length && wsi->ws->final && - wsi->ws->utf8 -#if !defined(LWS_WITHOUT_EXTENSIONS) - && !n -#endif - ) { - lwsl_info("FINAL utf8 error\n"); - lws_close_reason(wsi, - LWS_CLOSE_STATUS_INVALID_PAYLOAD, - (uint8_t *)"partial utf8", 12); -utf8_fail: - lwsl_info("utf8 error\n"); - lwsl_hexdump_info(ebuf.token, ebuf.len); - - return -1; - } - } - - if (ebuf.len < 0 && - callback_action != LWS_CALLBACK_CLIENT_RECEIVE_PONG) - goto already_done; - - if (!ebuf.token) - goto already_done; - - ebuf.token[ebuf.len] = '\0'; - - if (!wsi->protocol->callback) - goto already_done; - - if (callback_action == LWS_CALLBACK_CLIENT_RECEIVE_PONG) - lwsl_info("Client doing pong callback\n"); - - if ( - /* coverity says dead code otherwise */ -#if !defined(LWS_WITHOUT_EXTENSIONS) - n && -#endif - ebuf.len) - /* extension had more... main loop will come back - * we want callback to be done with this set, if so, - * because lws_is_final() hides it was final until the - * last chunk - */ - lws_add_wsi_to_draining_ext_list(wsi); - else - lws_remove_wsi_from_draining_ext_list(wsi); - - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || - lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE || - lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) - goto already_done; - - m = wsi->protocol->callback(wsi, - (enum lws_callback_reasons)callback_action, - wsi->user_space, ebuf.token, ebuf.len); - - wsi->ws->first_fragment = 0; - - // lwsl_notice("%s: bulk ws rx: input used %d, output %d\n", - // __func__, wsi->ws->rx_ubuf_head, ebuf.len); - - /* if user code wants to close, let caller know */ - if (m) - return 1; - -already_done: - wsi->ws->rx_ubuf_head = 0; - break; - default: - lwsl_err("client rx illegal state\n"); - return 1; - } - - return 0; - -illegal_ctl_length: - lwsl_warn("Control frame asking for extended length is illegal\n"); - - /* kill the connection */ - return -1; -} - - diff --git a/thirdparty/libwebsockets/lib/roles/ws/client-ws.c b/thirdparty/libwebsockets/lib/roles/ws/client-ws.c deleted file mode 100644 index d88833f381..0000000000 --- a/thirdparty/libwebsockets/lib/roles/ws/client-ws.c +++ /dev/null @@ -1,634 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include - -/* - * In-place str to lower case - */ - -static void -strtolower(char *s) -{ - while (*s) { -#ifdef LWS_PLAT_OPTEE - int tolower_optee(int c); - *s = tolower_optee((int)*s); -#else - *s = tolower((int)*s); -#endif - s++; - } -} - -int -lws_create_client_ws_object(const struct lws_client_connect_info *i, - struct lws *wsi) -{ - int v = SPEC_LATEST_SUPPORTED; - - /* allocate the ws struct for the wsi */ - wsi->ws = lws_zalloc(sizeof(*wsi->ws), "client ws struct"); - if (!wsi->ws) { - lwsl_notice("OOM\n"); - return 1; - } - - /* -1 means just use latest supported */ - if (i->ietf_version_or_minus_one != -1 && - i->ietf_version_or_minus_one) - v = i->ietf_version_or_minus_one; - - wsi->ws->ietf_spec_revision = v; - - return 0; -} - -#if !defined(LWS_NO_CLIENT) -int -lws_ws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len) -{ - if ((lwsi_state(wsi) != LRS_WAITING_PROXY_REPLY) && - (lwsi_state(wsi) != LRS_H1C_ISSUE_HANDSHAKE) && - (lwsi_state(wsi) != LRS_WAITING_SERVER_REPLY) && - !lwsi_role_client(wsi)) - return 0; - - // lwsl_notice("%s: hs client gets %d in\n", __func__, (int)len); - - while (len) { - /* - * we were accepting input but now we stopped doing so - */ - if (lws_is_flowcontrolled(wsi)) { - //lwsl_notice("%s: caching %ld\n", __func__, (long)len); - lws_rxflow_cache(wsi, *buf, 0, (int)len); - *buf += len; - return 0; - } -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (wsi->ws->rx_draining_ext) { - int m; - - //lwsl_notice("%s: draining ext\n", __func__); - if (lwsi_role_client(wsi)) - m = lws_ws_client_rx_sm(wsi, 0); - else - m = lws_ws_rx_sm(wsi, 0, 0); - if (m < 0) - return -1; - continue; - } -#endif - /* caller will account for buflist usage */ - - if (lws_ws_client_rx_sm(wsi, *(*buf)++)) { - lwsl_notice("%s: client_rx_sm exited, DROPPING %d\n", - __func__, (int)len); - return -1; - } - len--; - } - // lwsl_notice("%s: finished with %ld\n", __func__, (long)len); - - return 0; -} -#endif - -char * -lws_generate_client_ws_handshake(struct lws *wsi, char *p, const char *conn1) -{ - char buf[128], hash[20], key_b64[40]; - int n; -#if !defined(LWS_WITHOUT_EXTENSIONS) - const struct lws_extension *ext; - int ext_count = 0; -#endif - - /* - * create the random key - */ - n = lws_get_random(wsi->context, hash, 16); - if (n != 16) { - lwsl_err("Unable to read from random dev %s\n", - SYSTEM_RANDOM_FILEPATH); - return NULL; - } - - lws_b64_encode_string(hash, 16, key_b64, sizeof(key_b64)); - - p += sprintf(p, "Upgrade: websocket\x0d\x0a" - "Connection: %sUpgrade\x0d\x0a" - "Sec-WebSocket-Key: ", conn1); - strcpy(p, key_b64); - p += strlen(key_b64); - p += sprintf(p, "\x0d\x0a"); - if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS)) - p += sprintf(p, "Sec-WebSocket-Protocol: %s\x0d\x0a", - lws_hdr_simple_ptr(wsi, - _WSI_TOKEN_CLIENT_SENT_PROTOCOLS)); - - /* tell the server what extensions we could support */ - -#if !defined(LWS_WITHOUT_EXTENSIONS) - ext = wsi->vhost->ws.extensions; - while (ext && ext->callback) { - - n = wsi->vhost->protocols[0].callback(wsi, - LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED, - wsi->user_space, (char *)ext->name, 0); - - /* - * zero return from callback means go ahead and allow - * the extension, it's what we get if the callback is - * unhandled - */ - - if (n) { - ext++; - continue; - } - - /* apply it */ - - if (ext_count) - *p++ = ','; - else - p += sprintf(p, "Sec-WebSocket-Extensions: "); - p += sprintf(p, "%s", ext->client_offer); - ext_count++; - - ext++; - } - if (ext_count) - p += sprintf(p, "\x0d\x0a"); -#endif - - if (wsi->ws->ietf_spec_revision) - p += sprintf(p, "Sec-WebSocket-Version: %d\x0d\x0a", - wsi->ws->ietf_spec_revision); - - /* prepare the expected server accept response */ - - key_b64[39] = '\0'; /* enforce composed length below buf sizeof */ - n = sprintf(buf, "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", - key_b64); - - lws_SHA1((unsigned char *)buf, n, (unsigned char *)hash); - - lws_b64_encode_string(hash, 20, - wsi->http.ah->initial_handshake_hash_base64, - sizeof(wsi->http.ah->initial_handshake_hash_base64)); - - return p; -} - -int -lws_client_ws_upgrade(struct lws *wsi, const char **cce) -{ - struct lws_context *context = wsi->context; - struct lws_tokenize ts; - int n, len, okay = 0; - lws_tokenize_elem e; - char *p, buf[64]; - const char *pc; -#if !defined(LWS_WITHOUT_EXTENSIONS) - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - char *sb = (char *)&pt->serv_buf[0]; - const struct lws_ext_options *opts; - const struct lws_extension *ext; - char ext_name[128]; - const char *c, *a; - int more = 1; - char ignore; -#endif - - if (wsi->client_h2_substream) {/* !!! client ws-over-h2 not there yet */ - lwsl_warn("%s: client ws-over-h2 upgrade not supported yet\n", - __func__); - *cce = "HS: h2 / ws upgrade unsupported"; - goto bail3; - } - - if (wsi->http.ah->http_response == 401) { - lwsl_warn( - "lws_client_handshake: got bad HTTP response '%d'\n", - wsi->http.ah->http_response); - *cce = "HS: ws upgrade unauthorized"; - goto bail3; - } - - if (wsi->http.ah->http_response != 101) { - lwsl_warn( - "lws_client_handshake: got bad HTTP response '%d'\n", - wsi->http.ah->http_response); - *cce = "HS: ws upgrade response not 101"; - goto bail3; - } - - if (lws_hdr_total_length(wsi, WSI_TOKEN_ACCEPT) == 0) { - lwsl_info("no ACCEPT\n"); - *cce = "HS: ACCEPT missing"; - goto bail3; - } - - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_UPGRADE); - if (!p) { - lwsl_info("no UPGRADE\n"); - *cce = "HS: UPGRADE missing"; - goto bail3; - } - strtolower(p); - if (strcmp(p, "websocket")) { - lwsl_warn( - "lws_client_handshake: got bad Upgrade header '%s'\n", p); - *cce = "HS: Upgrade to something other than websocket"; - goto bail3; - } - - /* connection: must have "upgrade" */ - - lws_tokenize_init(&ts, buf, LWS_TOKENIZE_F_COMMA_SEP_LIST | - LWS_TOKENIZE_F_MINUS_NONTERM); - ts.len = lws_hdr_copy(wsi, buf, sizeof(buf) - 1, WSI_TOKEN_CONNECTION); - if (ts.len <= 0) /* won't fit, or absent */ - goto bad_conn_format; - - do { - e = lws_tokenize(&ts); - switch (e) { - case LWS_TOKZE_TOKEN: - if (!strcasecmp(ts.token, "upgrade")) - e = LWS_TOKZE_ENDED; - break; - - case LWS_TOKZE_DELIMITER: - break; - - default: /* includes ENDED */ -bad_conn_format: - *cce = "HS: UPGRADE malformed"; - goto bail3; - } - } while (e > 0); - - pc = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); - if (!pc) { - lwsl_parser("lws_client_int_s_hs: no protocol list\n"); - } else - lwsl_parser("lws_client_int_s_hs: protocol list '%s'\n", pc); - - /* - * confirm the protocol the server wants to talk was in the list - * of protocols we offered - */ - - len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL); - if (!len) { - lwsl_info("%s: WSI_TOKEN_PROTOCOL is null\n", __func__); - /* - * no protocol name to work from, - * default to first protocol - */ - n = 0; - wsi->protocol = &wsi->vhost->protocols[0]; - goto check_extensions; - } - - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL); - len = (int)strlen(p); - - while (pc && *pc && !okay) { - if (!strncmp(pc, p, len) && - (pc[len] == ',' || pc[len] == '\0')) { - okay = 1; - continue; - } - while (*pc && *pc++ != ',') - ; - while (*pc == ' ') - pc++; - } - - if (!okay) { - lwsl_info("%s: got bad protocol %s\n", __func__, p); - *cce = "HS: PROTOCOL malformed"; - goto bail2; - } - - /* - * identify the selected protocol struct and set it - */ - n = 0; - /* keep client connection pre-bound protocol */ - if (!lwsi_role_client(wsi)) - wsi->protocol = NULL; - - while (wsi->vhost->protocols[n].callback) { - if (!wsi->protocol && - strcmp(p, wsi->vhost->protocols[n].name) == 0) { - wsi->protocol = &wsi->vhost->protocols[n]; - break; - } - n++; - } - - if (!wsi->vhost->protocols[n].callback) { /* no match */ - /* if server, that's already fatal */ - if (!lwsi_role_client(wsi)) { - lwsl_info("%s: fail protocol %s\n", __func__, p); - *cce = "HS: Cannot match protocol"; - goto bail2; - } - - /* for client, find the index of our pre-bound protocol */ - - n = 0; - while (wsi->vhost->protocols[n].callback) { - if (wsi->protocol && strcmp(wsi->protocol->name, - wsi->vhost->protocols[n].name) == 0) { - wsi->protocol = &wsi->vhost->protocols[n]; - break; - } - n++; - } - - if (!wsi->vhost->protocols[n].callback) { - if (wsi->protocol) - lwsl_err("Failed to match protocol %s\n", - wsi->protocol->name); - else - lwsl_err("No protocol on client\n"); - goto bail2; - } - } - - lwsl_debug("Selected protocol %s\n", wsi->protocol->name); - -check_extensions: - /* - * stitch protocol choice into the vh protocol linked list - * We always insert ourselves at the start of the list - * - * X <-> B - * X <-> pAn <-> pB - */ - - lws_same_vh_protocol_insert(wsi, n); - -#if !defined(LWS_WITHOUT_EXTENSIONS) - /* instantiate the accepted extensions */ - - if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS)) { - lwsl_ext("no client extensions allowed by server\n"); - goto check_accept; - } - - /* - * break down the list of server accepted extensions - * and go through matching them or identifying bogons - */ - - if (lws_hdr_copy(wsi, sb, context->pt_serv_buf_size, - WSI_TOKEN_EXTENSIONS) < 0) { - lwsl_warn("ext list from server failed to copy\n"); - *cce = "HS: EXT: list too big"; - goto bail2; - } - - c = sb; - n = 0; - ignore = 0; - a = NULL; - while (more) { - - if (*c && (*c != ',' && *c != '\t')) { - if (*c == ';') { - ignore = 1; - if (!a) - a = c + 1; - } - if (ignore || *c == ' ') { - c++; - continue; - } - - ext_name[n] = *c++; - if (n < (int)sizeof(ext_name) - 1) - n++; - continue; - } - ext_name[n] = '\0'; - ignore = 0; - if (!*c) - more = 0; - else { - c++; - if (!n) - continue; - } - - /* check we actually support it */ - - lwsl_notice("checking client ext %s\n", ext_name); - - n = 0; - ext = wsi->vhost->ws.extensions; - while (ext && ext->callback) { - if (strcmp(ext_name, ext->name)) { - ext++; - continue; - } - - n = 1; - lwsl_notice("instantiating client ext %s\n", ext_name); - - /* instantiate the extension on this conn */ - - wsi->ws->active_extensions[wsi->ws->count_act_ext] = ext; - - /* allow him to construct his ext instance */ - - if (ext->callback(lws_get_context(wsi), ext, wsi, - LWS_EXT_CB_CLIENT_CONSTRUCT, - (void *)&wsi->ws->act_ext_user[ - wsi->ws->count_act_ext], - (void *)&opts, 0)) { - lwsl_info(" ext %s failed construction\n", - ext_name); - ext++; - continue; - } - - /* - * allow the user code to override ext defaults if it - * wants to - */ - ext_name[0] = '\0'; - if (user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_WS_EXT_DEFAULTS, - (char *)ext->name, ext_name, - sizeof(ext_name))) { - *cce = "HS: EXT: failed setting defaults"; - goto bail2; - } - - if (ext_name[0] && - lws_ext_parse_options(ext, wsi, - wsi->ws->act_ext_user[ - wsi->ws->count_act_ext], - opts, ext_name, - (int)strlen(ext_name))) { - lwsl_err("%s: unable to parse user defaults '%s'", - __func__, ext_name); - *cce = "HS: EXT: failed parsing defaults"; - goto bail2; - } - - /* - * give the extension the server options - */ - if (a && lws_ext_parse_options(ext, wsi, - wsi->ws->act_ext_user[ - wsi->ws->count_act_ext], - opts, a, lws_ptr_diff(c, a))) { - lwsl_err("%s: unable to parse remote def '%s'", - __func__, a); - *cce = "HS: EXT: failed parsing options"; - goto bail2; - } - - if (ext->callback(lws_get_context(wsi), ext, wsi, - LWS_EXT_CB_OPTION_CONFIRM, - wsi->ws->act_ext_user[wsi->ws->count_act_ext], - NULL, 0)) { - lwsl_err("%s: ext %s rejects server options %s", - __func__, ext->name, a); - *cce = "HS: EXT: Rejects server options"; - goto bail2; - } - - wsi->ws->count_act_ext++; - - ext++; - } - - if (n == 0) { - lwsl_warn("Unknown ext '%s'!\n", ext_name); - *cce = "HS: EXT: unknown ext"; - goto bail2; - } - - a = NULL; - n = 0; - } - -check_accept: -#endif - - /* - * Confirm his accept token is the one we precomputed - */ - - p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_ACCEPT); - if (strcmp(p, wsi->http.ah->initial_handshake_hash_base64)) { - lwsl_warn("lws_client_int_s_hs: accept '%s' wrong vs '%s'\n", p, - wsi->http.ah->initial_handshake_hash_base64); - *cce = "HS: Accept hash wrong"; - goto bail2; - } - - /* allocate the per-connection user memory (if any) */ - if (lws_ensure_user_space(wsi)) { - lwsl_err("Problem allocating wsi user mem\n"); - *cce = "HS: OOM"; - goto bail2; - } - - /* - * we seem to be good to go, give client last chance to check - * headers and OK it - */ - if (wsi->protocol->callback(wsi, - LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH, - wsi->user_space, NULL, 0)) { - *cce = "HS: Rejected by filter cb"; - goto bail2; - } - - /* clear his proxy connection timeout */ - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - - /* free up his parsing allocations */ - lws_header_table_detach(wsi, 0); - - lws_role_transition(wsi, LWSIFR_CLIENT, LRS_ESTABLISHED, - &role_ops_ws); - lws_restart_ws_ping_pong_timer(wsi); - - wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; - - /* - * create the frame buffer for this connection according to the - * size mentioned in the protocol definition. If 0 there, then - * use a big default for compatibility - */ - n = (int)wsi->protocol->rx_buffer_size; - if (!n) - n = context->pt_serv_buf_size; - n += LWS_PRE; - wsi->ws->rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */, - "client frame buffer"); - if (!wsi->ws->rx_ubuf) { - lwsl_err("Out of Mem allocating rx buffer %d\n", n); - *cce = "HS: OOM"; - goto bail2; - } - wsi->ws->rx_ubuf_alloc = n; - lwsl_info("Allocating client RX buffer %d\n", n); - -#if !defined(LWS_WITH_ESP32) - if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF, - (const char *)&n, sizeof n)) { - lwsl_warn("Failed to set SNDBUF to %d", n); - *cce = "HS: SO_SNDBUF failed"; - goto bail3; - } -#endif - - lwsl_debug("handshake OK for protocol %s\n", wsi->protocol->name); - - /* call him back to inform him he is up */ - - if (wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_ESTABLISHED, - wsi->user_space, NULL, 0)) { - *cce = "HS: Rejected at CLIENT_ESTABLISHED"; - goto bail3; - } - - return 0; - -bail3: - return 3; - -bail2: - return 2; -} diff --git a/thirdparty/libwebsockets/lib/roles/ws/ops-ws.c b/thirdparty/libwebsockets/lib/roles/ws/ops-ws.c deleted file mode 100644 index 1cbc6ac6a6..0000000000 --- a/thirdparty/libwebsockets/lib/roles/ws/ops-ws.c +++ /dev/null @@ -1,2021 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include - -#define LWS_CPYAPP(ptr, str) { strcpy(ptr, str); ptr += strlen(str); } - -/* - * client-parser.c: lws_ws_client_rx_sm() needs to be roughly kept in - * sync with changes here, esp related to ext draining - */ - -int -lws_ws_rx_sm(struct lws *wsi, char already_processed, unsigned char c) -{ - int callback_action = LWS_CALLBACK_RECEIVE; - int ret = 0; - unsigned short close_code; - struct lws_tokens ebuf; - unsigned char *pp; - int n = 0; -#if !defined(LWS_WITHOUT_EXTENSIONS) - int rx_draining_ext = 0; - int lin; -#endif - - ebuf.token = NULL; - ebuf.len = 0; - if (wsi->socket_is_permanently_unusable) - return -1; - - switch (wsi->lws_rx_parse_state) { - case LWS_RXPS_NEW: -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (wsi->ws->rx_draining_ext) { - ebuf.token = NULL; - ebuf.len = 0; - lws_remove_wsi_from_draining_ext_list(wsi); - rx_draining_ext = 1; - lwsl_debug("%s: doing draining flow\n", __func__); - - goto drain_extension; - } -#endif - switch (wsi->ws->ietf_spec_revision) { - case 13: - /* - * no prepended frame key any more - */ - wsi->ws->all_zero_nonce = 1; - goto handle_first; - - default: - lwsl_warn("lws_ws_rx_sm: unknown spec version %d\n", - wsi->ws->ietf_spec_revision); - break; - } - break; - case LWS_RXPS_04_mask_1: - wsi->ws->mask[1] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_04_mask_2; - break; - case LWS_RXPS_04_mask_2: - wsi->ws->mask[2] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_04_mask_3; - break; - case LWS_RXPS_04_mask_3: - wsi->ws->mask[3] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - - /* - * start from the zero'th byte in the XOR key buffer since - * this is the start of a frame with a new key - */ - - wsi->ws->mask_idx = 0; - - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_1; - break; - - /* - * 04 logical framing from the spec (all this is masked when incoming - * and has to be unmasked) - * - * We ignore the possibility of extension data because we don't - * negotiate any extensions at the moment. - * - * 0 1 2 3 - * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - * +-+-+-+-+-------+-+-------------+-------------------------------+ - * |F|R|R|R| opcode|R| Payload len | Extended payload length | - * |I|S|S|S| (4) |S| (7) | (16/63) | - * |N|V|V|V| |V| | (if payload len==126/127) | - * | |1|2|3| |4| | | - * +-+-+-+-+-------+-+-------------+ - - - - - - - - - - - - - - - + - * | Extended payload length continued, if payload len == 127 | - * + - - - - - - - - - - - - - - - +-------------------------------+ - * | | Extension data | - * +-------------------------------+ - - - - - - - - - - - - - - - + - * : : - * +---------------------------------------------------------------+ - * : Application data : - * +---------------------------------------------------------------+ - * - * We pass payload through to userland as soon as we get it, ignoring - * FIN. It's up to userland to buffer it up if it wants to see a - * whole unfragmented block of the original size (which may be up to - * 2^63 long!) - */ - - case LWS_RXPS_04_FRAME_HDR_1: -handle_first: - - wsi->ws->opcode = c & 0xf; - wsi->ws->rsv = c & 0x70; - wsi->ws->final = !!((c >> 7) & 1); - wsi->ws->defeat_check_utf8 = 0; - - if (((wsi->ws->opcode) & 8) && !wsi->ws->final) { - lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, - (uint8_t *)"frag ctl", 8); - return -1; - } - - switch (wsi->ws->opcode) { - case LWSWSOPC_TEXT_FRAME: - wsi->ws->check_utf8 = lws_check_opt( - wsi->context->options, - LWS_SERVER_OPTION_VALIDATE_UTF8); - /* fallthru */ - case LWSWSOPC_BINARY_FRAME: - if (wsi->ws->opcode == LWSWSOPC_BINARY_FRAME) - wsi->ws->check_utf8 = 0; - if (wsi->ws->continuation_possible) { - lws_close_reason(wsi, - LWS_CLOSE_STATUS_PROTOCOL_ERR, - (uint8_t *)"bad cont", 8); - return -1; - } - wsi->ws->rsv_first_msg = (c & 0x70); - wsi->ws->frame_is_binary = - wsi->ws->opcode == LWSWSOPC_BINARY_FRAME; - wsi->ws->first_fragment = 1; - wsi->ws->continuation_possible = !wsi->ws->final; - break; - case LWSWSOPC_CONTINUATION: - if (!wsi->ws->continuation_possible) { - lws_close_reason(wsi, - LWS_CLOSE_STATUS_PROTOCOL_ERR, - (uint8_t *)"bad cont", 8); - return -1; - } - break; - case LWSWSOPC_CLOSE: - wsi->ws->check_utf8 = 0; - wsi->ws->utf8 = 0; - break; - case 3: - case 4: - case 5: - case 6: - case 7: - case 0xb: - case 0xc: - case 0xd: - case 0xe: - case 0xf: - lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, - (uint8_t *)"bad opc", 7); - lwsl_info("illegal opcode\n"); - return -1; - } - - if (wsi->ws->owed_a_fin && - (wsi->ws->opcode == LWSWSOPC_TEXT_FRAME || - wsi->ws->opcode == LWSWSOPC_BINARY_FRAME)) { - lwsl_info("hey you owed us a FIN\n"); - lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, - (uint8_t *)"bad fin", 7); - return -1; - } - if ((!(wsi->ws->opcode & 8)) && wsi->ws->final) { - wsi->ws->continuation_possible = 0; - wsi->ws->owed_a_fin = 0; - } - - if (!wsi->ws->final) - wsi->ws->owed_a_fin = 1; - - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN; - if (wsi->ws->rsv && - ( -#if !defined(LWS_WITHOUT_EXTENSIONS) - !wsi->ws->count_act_ext || -#endif - (wsi->ws->rsv & ~0x40))) { - lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, - (uint8_t *)"rsv bits", 8); - return -1; - } - break; - - case LWS_RXPS_04_FRAME_HDR_LEN: - - wsi->ws->this_frame_masked = !!(c & 0x80); - - switch (c & 0x7f) { - case 126: - /* control frames are not allowed to have big lengths */ - if (wsi->ws->opcode & 8) - goto illegal_ctl_length; - - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2; - break; - case 127: - /* control frames are not allowed to have big lengths */ - if (wsi->ws->opcode & 8) - goto illegal_ctl_length; - - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8; - break; - default: - wsi->ws->rx_packet_length = c & 0x7f; - - - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = - LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else - if (wsi->ws->rx_packet_length) { - wsi->lws_rx_parse_state = - LWS_RXPS_WS_FRAME_PAYLOAD; - } else { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - break; - } - break; - - case LWS_RXPS_04_FRAME_HDR_LEN16_2: - wsi->ws->rx_packet_length = c << 8; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN16_1: - wsi->ws->rx_packet_length |= c; - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = - LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else { - wsi->lws_rx_parse_state = - LWS_RXPS_WS_FRAME_PAYLOAD; - } - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_8: - if (c & 0x80) { - lwsl_warn("b63 of length must be zero\n"); - /* kill the connection */ - return -1; - } -#if defined __LP64__ - wsi->ws->rx_packet_length = ((size_t)c) << 56; -#else - wsi->ws->rx_packet_length = 0; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_7: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 48; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_6: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 40; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_5: -#if defined __LP64__ - wsi->ws->rx_packet_length |= ((size_t)c) << 32; -#endif - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_4: - wsi->ws->rx_packet_length |= ((size_t)c) << 24; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_3: - wsi->ws->rx_packet_length |= ((size_t)c) << 16; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_2: - wsi->ws->rx_packet_length |= ((size_t)c) << 8; - wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1; - break; - - case LWS_RXPS_04_FRAME_HDR_LEN64_1: - wsi->ws->rx_packet_length |= ((size_t)c); - if (wsi->ws->this_frame_masked) - wsi->lws_rx_parse_state = - LWS_RXPS_07_COLLECT_FRAME_KEY_1; - else - wsi->lws_rx_parse_state = LWS_RXPS_WS_FRAME_PAYLOAD; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_1: - wsi->ws->mask[0] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_2: - wsi->ws->mask[1] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_3: - wsi->ws->mask[2] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4; - break; - - case LWS_RXPS_07_COLLECT_FRAME_KEY_4: - wsi->ws->mask[3] = c; - if (c) - wsi->ws->all_zero_nonce = 0; - wsi->lws_rx_parse_state = LWS_RXPS_WS_FRAME_PAYLOAD; - wsi->ws->mask_idx = 0; - if (wsi->ws->rx_packet_length == 0) { - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } - break; - - - case LWS_RXPS_WS_FRAME_PAYLOAD: - assert(wsi->ws->rx_ubuf); - - if (wsi->ws->rx_ubuf_head + LWS_PRE >= wsi->ws->rx_ubuf_alloc) { - lwsl_err("Attempted overflow \n"); - return -1; - } - if (!(already_processed & ALREADY_PROCESSED_IGNORE_CHAR)) { - if (wsi->ws->all_zero_nonce) - wsi->ws->rx_ubuf[LWS_PRE + - (wsi->ws->rx_ubuf_head++)] = c; - else - wsi->ws->rx_ubuf[LWS_PRE + - (wsi->ws->rx_ubuf_head++)] = - c ^ wsi->ws->mask[(wsi->ws->mask_idx++) & 3]; - - --wsi->ws->rx_packet_length; - } - - if (!wsi->ws->rx_packet_length) { - lwsl_debug("%s: ws fragment length exhausted\n", - __func__); - /* spill because we have the whole frame */ - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - goto spill; - } -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (wsi->ws->rx_draining_ext) { - lwsl_debug("%s: UNTIL_EXHAUSTED draining\n", __func__); - goto drain_extension; - } -#endif - /* - * if there's no protocol max frame size given, we are - * supposed to default to context->pt_serv_buf_size - */ - if (!wsi->protocol->rx_buffer_size && - wsi->ws->rx_ubuf_head != wsi->context->pt_serv_buf_size) - break; - - if (wsi->protocol->rx_buffer_size && - wsi->ws->rx_ubuf_head != wsi->protocol->rx_buffer_size) - break; - - /* spill because we filled our rx buffer */ -spill: - /* - * is this frame a control packet we should take care of at this - * layer? If so service it and hide it from the user callback - */ - - lwsl_parser("spill on %s\n", wsi->protocol->name); - - switch (wsi->ws->opcode) { - case LWSWSOPC_CLOSE: - - if (wsi->ws->peer_has_sent_close) - break; - - wsi->ws->peer_has_sent_close = 1; - - pp = (unsigned char *)&wsi->ws->rx_ubuf[LWS_PRE]; - if (lws_check_opt(wsi->context->options, - LWS_SERVER_OPTION_VALIDATE_UTF8) && - wsi->ws->rx_ubuf_head > 2 && - lws_check_utf8(&wsi->ws->utf8, pp + 2, - wsi->ws->rx_ubuf_head - 2)) - goto utf8_fail; - - /* is this an acknowledgment of our close? */ - if (lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { - /* - * fine he has told us he is closing too, let's - * finish our close - */ - lwsl_parser("seen client close ack\n"); - return -1; - } - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) - /* if he sends us 2 CLOSE, kill him */ - return -1; - - if (lws_partial_buffered(wsi)) { - /* - * if we're in the middle of something, - * we can't do a normal close response and - * have to just close our end. - */ - wsi->socket_is_permanently_unusable = 1; - lwsl_parser("Closing on peer close " - "due to pending tx\n"); - return -1; - } - - if (wsi->ws->rx_ubuf_head >= 2) { - close_code = (pp[0] << 8) | pp[1]; - if (close_code < 1000 || - close_code == 1004 || - close_code == 1005 || - close_code == 1006 || - close_code == 1012 || - close_code == 1013 || - close_code == 1014 || - close_code == 1015 || - (close_code >= 1016 && close_code < 3000) - ) { - pp[0] = (LWS_CLOSE_STATUS_PROTOCOL_ERR >> 8) & 0xff; - pp[1] = LWS_CLOSE_STATUS_PROTOCOL_ERR & 0xff; - } - } - - if (user_callback_handle_rxflow( - wsi->protocol->callback, wsi, - LWS_CALLBACK_WS_PEER_INITIATED_CLOSE, - wsi->user_space, - &wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head)) - return -1; - - lwsl_parser("server sees client close packet\n"); - lwsi_set_state(wsi, LRS_RETURNED_CLOSE); - /* deal with the close packet contents as a PONG */ - wsi->ws->payload_is_close = 1; - goto process_as_ping; - - case LWSWSOPC_PING: - lwsl_info("received %d byte ping, sending pong\n", - wsi->ws->rx_ubuf_head); - - if (wsi->ws->ping_pending_flag) { - /* - * there is already a pending ping payload - * we should just log and drop - */ - lwsl_parser("DROP PING since one pending\n"); - goto ping_drop; - } -process_as_ping: - /* control packets can only be < 128 bytes long */ - if (wsi->ws->rx_ubuf_head > 128 - 3) { - lwsl_parser("DROP PING payload too large\n"); - goto ping_drop; - } - - /* stash the pong payload */ - memcpy(wsi->ws->ping_payload_buf + LWS_PRE, - &wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head); - - wsi->ws->ping_payload_len = wsi->ws->rx_ubuf_head; - wsi->ws->ping_pending_flag = 1; - - /* get it sent as soon as possible */ - lws_callback_on_writable(wsi); -ping_drop: - wsi->ws->rx_ubuf_head = 0; - return 0; - - case LWSWSOPC_PONG: - lwsl_info("received pong\n"); - lwsl_hexdump(&wsi->ws->rx_ubuf[LWS_PRE], - wsi->ws->rx_ubuf_head); - - if (wsi->pending_timeout == - PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG) { - lwsl_info("received expected PONG on wsi %p\n", - wsi); - lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); - } - - /* issue it */ - callback_action = LWS_CALLBACK_RECEIVE_PONG; - break; - - case LWSWSOPC_TEXT_FRAME: - case LWSWSOPC_BINARY_FRAME: - case LWSWSOPC_CONTINUATION: - break; - - default: - lwsl_parser("unknown opc %x\n", wsi->ws->opcode); - - return -1; - } - - /* - * No it's real payload, pass it up to the user callback. - * It's nicely buffered with the pre-padding taken care of - * so it can be sent straight out again using lws_write - */ - - ebuf.token = &wsi->ws->rx_ubuf[LWS_PRE]; - ebuf.len = wsi->ws->rx_ubuf_head; - - if (wsi->ws->opcode == LWSWSOPC_PONG && !ebuf.len) - goto already_done; -#if !defined(LWS_WITHOUT_EXTENSIONS) -drain_extension: -#endif - // lwsl_notice("%s: passing %d to ext\n", __func__, ebuf.len); - - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || - lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) - goto already_done; -#if !defined(LWS_WITHOUT_EXTENSIONS) - lin = ebuf.len; - //if (lin) - // lwsl_hexdump_notice(ebuf.token, ebuf.len); - n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &ebuf, 0); - lwsl_debug("%s: ext says %d / ebuf.len %d\n", __func__, - n, ebuf.len); - if (wsi->ws->rx_draining_ext) - already_processed &= ~ALREADY_PROCESSED_NO_CB; -#endif - /* - * ebuf may be pointing somewhere completely different now, - * it's the output - */ -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (n < 0) { - /* - * we may rely on this to get RX, just drop connection - */ - wsi->socket_is_permanently_unusable = 1; - return -1; - } -#endif - if ( -#if !defined(LWS_WITHOUT_EXTENSIONS) - rx_draining_ext && -#endif - ebuf.len == 0) - goto already_done; - - if ( -#if !defined(LWS_WITHOUT_EXTENSIONS) - n && -#endif - ebuf.len) - /* extension had more... main loop will come back */ - lws_add_wsi_to_draining_ext_list(wsi); - else - lws_remove_wsi_from_draining_ext_list(wsi); - - if (wsi->ws->check_utf8 && !wsi->ws->defeat_check_utf8) { - if (lws_check_utf8(&wsi->ws->utf8, - (unsigned char *)ebuf.token, - ebuf.len)) { - lws_close_reason(wsi, - LWS_CLOSE_STATUS_INVALID_PAYLOAD, - (uint8_t *)"bad utf8", 8); - goto utf8_fail; - } - - /* we are ending partway through utf-8 character? */ - if (!wsi->ws->rx_packet_length && wsi->ws->final && - wsi->ws->utf8 && !n) { - lwsl_info("FINAL utf8 error\n"); - lws_close_reason(wsi, - LWS_CLOSE_STATUS_INVALID_PAYLOAD, - (uint8_t *)"partial utf8", 12); -utf8_fail: - lwsl_notice("utf8 error\n"); - lwsl_hexdump_notice(ebuf.token, ebuf.len); - - return -1; - } - } - - if (!wsi->wsistate_pre_close && (ebuf.len >= 0 || - callback_action == LWS_CALLBACK_RECEIVE_PONG)) { - if (ebuf.len) - ebuf.token[ebuf.len] = '\0'; - - if (wsi->protocol->callback && - !(already_processed & ALREADY_PROCESSED_NO_CB)) { - if (callback_action == LWS_CALLBACK_RECEIVE_PONG) - lwsl_info("Doing pong callback\n"); - - ret = user_callback_handle_rxflow( - wsi->protocol->callback, - wsi, (enum lws_callback_reasons) - callback_action, - wsi->user_space, - ebuf.token, - ebuf.len); - } - wsi->ws->first_fragment = 0; - } - -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (!lin) - break; -#endif - -already_done: - wsi->ws->rx_ubuf_head = 0; - break; - } - - return ret; - -illegal_ctl_length: - - lwsl_warn("Control frame with xtended length is illegal\n"); - /* kill the connection */ - return -1; -} - - -LWS_VISIBLE size_t -lws_remaining_packet_payload(struct lws *wsi) -{ - return wsi->ws->rx_packet_length; -} - -LWS_VISIBLE int lws_frame_is_binary(struct lws *wsi) -{ - return wsi->ws->frame_is_binary; -} - -void -lws_add_wsi_to_draining_ext_list(struct lws *wsi) -{ -#if !defined(LWS_WITHOUT_EXTENSIONS) - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - if (wsi->ws->rx_draining_ext) - return; - - lwsl_debug("%s: RX EXT DRAINING: Adding to list\n", __func__); - - wsi->ws->rx_draining_ext = 1; - wsi->ws->rx_draining_ext_list = pt->ws.rx_draining_ext_list; - pt->ws.rx_draining_ext_list = wsi; -#endif -} - -void -lws_remove_wsi_from_draining_ext_list(struct lws *wsi) -{ -#if !defined(LWS_WITHOUT_EXTENSIONS) - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - struct lws **w = &pt->ws.rx_draining_ext_list; - - if (!wsi->ws->rx_draining_ext) - return; - - lwsl_debug("%s: RX EXT DRAINING: Removing from list\n", __func__); - - wsi->ws->rx_draining_ext = 0; - - /* remove us from context draining ext list */ - while (*w) { - if (*w == wsi) { - /* if us, point it instead to who we were pointing to */ - *w = wsi->ws->rx_draining_ext_list; - break; - } - w = &((*w)->ws->rx_draining_ext_list); - } - wsi->ws->rx_draining_ext_list = NULL; -#endif -} - -LWS_EXTERN void -lws_restart_ws_ping_pong_timer(struct lws *wsi) -{ - if (!wsi->context->ws_ping_pong_interval || - !lwsi_role_ws(wsi)) - return; - - wsi->ws->time_next_ping_check = (time_t)lws_now_secs(); -} - -static int -lws_0405_frame_mask_generate(struct lws *wsi) -{ - int n; - /* fetch the per-frame nonce */ - - n = lws_get_random(lws_get_context(wsi), wsi->ws->mask, 4); - if (n != 4) { - lwsl_parser("Unable to read from random device %s %d\n", - SYSTEM_RANDOM_FILEPATH, n); - return 1; - } - - /* start masking from first byte of masking key buffer */ - wsi->ws->mask_idx = 0; - - return 0; -} - -int -lws_server_init_wsi_for_ws(struct lws *wsi) -{ - int n; - - lwsi_set_state(wsi, LRS_ESTABLISHED); - lws_restart_ws_ping_pong_timer(wsi); - - /* - * create the frame buffer for this connection according to the - * size mentioned in the protocol definition. If 0 there, use - * a big default for compatibility - */ - - n = (int)wsi->protocol->rx_buffer_size; - if (!n) - n = wsi->context->pt_serv_buf_size; - n += LWS_PRE; - wsi->ws->rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */, "rx_ubuf"); - if (!wsi->ws->rx_ubuf) { - lwsl_err("Out of Mem allocating rx buffer %d\n", n); - return 1; - } - wsi->ws->rx_ubuf_alloc = n; - lwsl_debug("Allocating RX buffer %d\n", n); - -#if !defined(LWS_WITH_ESP32) - if (!wsi->h2_stream_carries_ws) - if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF, - (const char *)&n, sizeof n)) { - lwsl_warn("Failed to set SNDBUF to %d", n); - return 1; - } -#endif - - /* notify user code that we're ready to roll */ - - if (wsi->protocol->callback) - if (wsi->protocol->callback(wsi, LWS_CALLBACK_ESTABLISHED, - wsi->user_space, -#ifdef LWS_WITH_TLS - wsi->tls.ssl, -#else - NULL, -#endif - wsi->h2_stream_carries_ws)) - return 1; - - lwsl_debug("ws established\n"); - - return 0; -} - - - -LWS_VISIBLE int -lws_is_final_fragment(struct lws *wsi) -{ -#if !defined(LWS_WITHOUT_EXTENSIONS) - lwsl_debug("%s: final %d, rx pk length %ld, draining %ld\n", __func__, - wsi->ws->final, (long)wsi->ws->rx_packet_length, - (long)wsi->ws->rx_draining_ext); - return wsi->ws->final && !wsi->ws->rx_packet_length && - !wsi->ws->rx_draining_ext; -#else - return wsi->ws->final && !wsi->ws->rx_packet_length; -#endif -} - -LWS_VISIBLE int -lws_is_first_fragment(struct lws *wsi) -{ - return wsi->ws->first_fragment; -} - -LWS_VISIBLE unsigned char -lws_get_reserved_bits(struct lws *wsi) -{ - return wsi->ws->rsv; -} - -LWS_VISIBLE LWS_EXTERN int -lws_get_close_length(struct lws *wsi) -{ - return wsi->ws->close_in_ping_buffer_len; -} - -LWS_VISIBLE LWS_EXTERN unsigned char * -lws_get_close_payload(struct lws *wsi) -{ - return &wsi->ws->ping_payload_buf[LWS_PRE]; -} - -LWS_VISIBLE LWS_EXTERN void -lws_close_reason(struct lws *wsi, enum lws_close_status status, - unsigned char *buf, size_t len) -{ - unsigned char *p, *start; - int budget = sizeof(wsi->ws->ping_payload_buf) - LWS_PRE; - - assert(lwsi_role_ws(wsi)); - - start = p = &wsi->ws->ping_payload_buf[LWS_PRE]; - - *p++ = (((int)status) >> 8) & 0xff; - *p++ = ((int)status) & 0xff; - - if (buf) - while (len-- && p < start + budget) - *p++ = *buf++; - - wsi->ws->close_in_ping_buffer_len = lws_ptr_diff(p, start); -} - -static int -lws_is_ws_with_ext(struct lws *wsi) -{ -#if defined(LWS_WITHOUT_EXTENSIONS) - return 0; -#else - return lwsi_role_ws(wsi) && !!wsi->ws->count_act_ext; -#endif -} - -static int -rops_handle_POLLIN_ws(struct lws_context_per_thread *pt, struct lws *wsi, - struct lws_pollfd *pollfd) -{ - unsigned int pending = 0; - struct lws_tokens ebuf; - char buffered = 0; - int n = 0, m; -#if defined(LWS_WITH_HTTP2) - struct lws *wsi1; -#endif - - if (!wsi->ws) { - lwsl_err("ws role wsi with no ws\n"); - return 1; - } - - // lwsl_notice("%s: %s\n", __func__, wsi->protocol->name); - - //lwsl_info("%s: wsistate 0x%x, pollout %d\n", __func__, - // wsi->wsistate, pollfd->revents & LWS_POLLOUT); - - /* - * something went wrong with parsing the handshake, and - * we ended up back in the event loop without completing it - */ - if (lwsi_state(wsi) == LRS_PRE_WS_SERVING_ACCEPT) { - wsi->socket_is_permanently_unusable = 1; - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - - ebuf.token = NULL; - ebuf.len = 0; - - if (lwsi_state(wsi) == LRS_WAITING_CONNECT) { -#if !defined(LWS_NO_CLIENT) - if ((pollfd->revents & LWS_POLLOUT) && - lws_handle_POLLOUT_event(wsi, pollfd)) { - lwsl_debug("POLLOUT event closed it\n"); - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - - n = lws_client_socket_service(wsi, pollfd, NULL); - if (n) - return LWS_HPI_RET_WSI_ALREADY_DIED; -#endif - return LWS_HPI_RET_HANDLED; - } - - //lwsl_notice("%s: wsi->ws->tx_draining_ext %d revents 0x%x 0x%x %d\n", - //__func__, wsi->ws->tx_draining_ext, pollfd->revents, wsi->wsistate, - //lwsi_state_can_handle_POLLOUT(wsi)); - - /* 1: something requested a callback when it was OK to write */ - - if ((pollfd->revents & LWS_POLLOUT) && - lwsi_state_can_handle_POLLOUT(wsi) && - lws_handle_POLLOUT_event(wsi, pollfd)) { - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) - lwsi_set_state(wsi, LRS_FLUSHING_BEFORE_CLOSE); - - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || - lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE) { - /* - * we stopped caring about anything except control - * packets. Force flow control off, defeat tx - * draining. - */ - lws_rx_flow_control(wsi, 1); -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (wsi->ws) - wsi->ws->tx_draining_ext = 0; -#endif - } -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (wsi->ws->tx_draining_ext) - /* - * We cannot deal with new RX until the TX ext path has - * been drained. It's because new rx will, eg, crap on - * the wsi rx buf that may be needed to retain state. - * - * TX ext drain path MUST go through event loop to avoid - * blocking. - */ - return LWS_HPI_RET_HANDLED; -#endif - if (lws_is_flowcontrolled(wsi)) { - /* We cannot deal with any kind of new RX because we are - * RX-flowcontrolled. - */ - lwsl_info("flowcontrolled\n"); - return LWS_HPI_RET_HANDLED; - } - -#if defined(LWS_WITH_HTTP2) - if (wsi->http2_substream || wsi->upgraded_to_http2) { - wsi1 = lws_get_network_wsi(wsi); - if (wsi1 && lws_has_buffered_out(wsi1)) - /* We cannot deal with any kind of new RX - * because we are dealing with a partial send - * (new RX may trigger new http_action() that - * expect to be able to send) - */ - return LWS_HPI_RET_HANDLED; - } -#endif - -#if !defined(LWS_WITHOUT_EXTENSIONS) - /* 2: RX Extension needs to be drained - */ - - if (wsi->ws->rx_draining_ext) { - - lwsl_debug("%s: RX EXT DRAINING: Service\n", __func__); -#ifndef LWS_NO_CLIENT - if (lwsi_role_client(wsi)) { - n = lws_ws_client_rx_sm(wsi, 0); - if (n < 0) - /* we closed wsi */ - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } else -#endif - n = lws_ws_rx_sm(wsi, ALREADY_PROCESSED_IGNORE_CHAR, 0); - - return LWS_HPI_RET_HANDLED; - } - - if (wsi->ws->rx_draining_ext) - /* - * We have RX EXT content to drain, but can't do it - * right now. That means we cannot do anything lower - * priority either. - */ - return LWS_HPI_RET_HANDLED; -#endif - - /* 3: buflist needs to be drained - */ -read: - //lws_buflist_describe(&wsi->buflist, wsi); - ebuf.len = (int)lws_buflist_next_segment_len(&wsi->buflist, - (uint8_t **)&ebuf.token); - if (ebuf.len) { - lwsl_info("draining buflist (len %d)\n", ebuf.len); - buffered = 1; - goto drain; - } - - if (!(pollfd->revents & pollfd->events & LWS_POLLIN) && !wsi->http.ah) - return LWS_HPI_RET_HANDLED; - - if (lws_is_flowcontrolled(wsi)) { - lwsl_info("%s: %p should be rxflow (bm 0x%x)..\n", - __func__, wsi, wsi->rxflow_bitmap); - return LWS_HPI_RET_HANDLED; - } - - if (!(lwsi_role_client(wsi) && - (lwsi_state(wsi) != LRS_ESTABLISHED && - lwsi_state(wsi) != LRS_AWAITING_CLOSE_ACK && - lwsi_state(wsi) != LRS_H2_WAITING_TO_SEND_HEADERS))) { - /* - * In case we are going to react to this rx by scheduling - * writes, we need to restrict the amount of rx to the size - * the protocol reported for rx buffer. - * - * Otherwise we get a situation we have to absorb possibly a - * lot of reads before we get a chance to drain them by writing - * them, eg, with echo type tests in autobahn. - */ - - buffered = 0; - ebuf.token = (char *)pt->serv_buf; - if (lwsi_role_ws(wsi)) - ebuf.len = wsi->ws->rx_ubuf_alloc; - else - ebuf.len = wsi->context->pt_serv_buf_size; - - if ((unsigned int)ebuf.len > wsi->context->pt_serv_buf_size) - ebuf.len = wsi->context->pt_serv_buf_size; - - if ((int)pending > ebuf.len) - pending = ebuf.len; - - ebuf.len = lws_ssl_capable_read(wsi, (uint8_t *)ebuf.token, - pending ? (int)pending : - ebuf.len); - switch (ebuf.len) { - case 0: - lwsl_info("%s: zero length read\n", - __func__); - return LWS_HPI_RET_PLEASE_CLOSE_ME; - case LWS_SSL_CAPABLE_MORE_SERVICE: - lwsl_info("SSL Capable more service\n"); - return LWS_HPI_RET_HANDLED; - case LWS_SSL_CAPABLE_ERROR: - lwsl_info("%s: LWS_SSL_CAPABLE_ERROR\n", - __func__); - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - // lwsl_notice("Actual RX %d\n", ebuf.len); - - lws_restart_ws_ping_pong_timer(wsi); - - /* - * coverity thinks ssl_capable_read() may read over - * 2GB. Dissuade it... - */ - ebuf.len &= 0x7fffffff; - } - -drain: - - /* - * give any active extensions a chance to munge the buffer - * before parse. We pass in a pointer to an lws_tokens struct - * prepared with the default buffer and content length that's in - * there. Rather than rewrite the default buffer, extensions - * that expect to grow the buffer can adapt .token to - * point to their own per-connection buffer in the extension - * user allocation. By default with no extensions or no - * extension callback handling, just the normal input buffer is - * used then so it is efficient. - */ - m = 0; - do { - - /* service incoming data */ - //lws_buflist_describe(&wsi->buflist, wsi); - if (ebuf.len) { -#if defined(LWS_ROLE_H2) - if (lwsi_role_h2(wsi) && lwsi_state(wsi) != LRS_BODY) - n = lws_read_h2(wsi, (unsigned char *)ebuf.token, - ebuf.len); - else -#endif - n = lws_read_h1(wsi, (unsigned char *)ebuf.token, - ebuf.len); - - if (n < 0) { - /* we closed wsi */ - n = 0; - return LWS_HPI_RET_WSI_ALREADY_DIED; - } - //lws_buflist_describe(&wsi->buflist, wsi); - //lwsl_notice("%s: consuming %d / %d\n", __func__, n, ebuf.len); - if (lws_buflist_aware_consume(wsi, &ebuf, n, buffered)) - return LWS_HPI_RET_PLEASE_CLOSE_ME; - } - - ebuf.token = NULL; - ebuf.len = 0; - } while (m); - - if (wsi->http.ah -#if !defined(LWS_NO_CLIENT) - && !wsi->client_h2_alpn -#endif - ) { - lwsl_info("%s: %p: detaching ah\n", __func__, wsi); - lws_header_table_detach(wsi, 0); - } - - pending = lws_ssl_pending(wsi); - if (pending) { - if (lws_is_ws_with_ext(wsi)) - pending = pending > wsi->ws->rx_ubuf_alloc ? - wsi->ws->rx_ubuf_alloc : pending; - else - pending = pending > wsi->context->pt_serv_buf_size ? - wsi->context->pt_serv_buf_size : pending; - goto read; - } - - if (buffered && /* were draining, now nothing left */ - !lws_buflist_next_segment_len(&wsi->buflist, NULL)) { - lwsl_info("%s: %p flow buf: drained\n", __func__, wsi); - /* having drained the rxflow buffer, can rearm POLLIN */ -#ifdef LWS_NO_SERVER - n = -#endif - __lws_rx_flow_control(wsi); - /* n ignored, needed for NO_SERVER case */ - } - - /* n = 0 */ - return LWS_HPI_RET_HANDLED; -} - - -int rops_handle_POLLOUT_ws(struct lws *wsi) -{ - int write_type = LWS_WRITE_PONG; -#if !defined(LWS_WITHOUT_EXTENSIONS) - struct lws_tokens ebuf; - int ret, m; -#endif - int n; - -#if !defined(LWS_WITHOUT_EXTENSIONS) - lwsl_debug("%s: %s: wsi->ws->tx_draining_ext %d\n", __func__, - wsi->protocol->name, wsi->ws->tx_draining_ext); -#endif - - /* Priority 3: pending control packets (pong or close) - * - * 3a: close notification packet requested from close api - */ - - if (lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE) { - lwsl_debug("sending close packet\n"); - lwsl_hexdump_debug(&wsi->ws->ping_payload_buf[LWS_PRE], - wsi->ws->close_in_ping_buffer_len); - wsi->waiting_to_send_close_frame = 0; - n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], - wsi->ws->close_in_ping_buffer_len, - LWS_WRITE_CLOSE); - if (n >= 0) { - if (wsi->close_needs_ack) { - lwsi_set_state(wsi, LRS_AWAITING_CLOSE_ACK); - lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_ACK, - 5); - lwsl_debug("sent close, await ack\n"); - - return LWS_HP_RET_BAIL_OK; - } - wsi->close_needs_ack = 0; - lwsi_set_state(wsi, LRS_RETURNED_CLOSE); - } - - return LWS_HP_RET_BAIL_DIE; - } - - /* else, the send failed and we should just hang up */ - - if ((lwsi_role_ws(wsi) && wsi->ws->ping_pending_flag) || - (lwsi_state(wsi) == LRS_RETURNED_CLOSE && - wsi->ws->payload_is_close)) { - - if (wsi->ws->payload_is_close) - write_type = LWS_WRITE_CLOSE; - else { - if (wsi->wsistate_pre_close) { - /* we started close flow, forget pong */ - wsi->ws->ping_pending_flag = 0; - return LWS_HP_RET_BAIL_OK; - } - lwsl_info("issuing pong %d on wsi %p\n", - wsi->ws->ping_payload_len, wsi); - } - - n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], - wsi->ws->ping_payload_len, write_type); - if (n < 0) - return LWS_HP_RET_BAIL_DIE; - - /* well he is sent, mark him done */ - wsi->ws->ping_pending_flag = 0; - if (wsi->ws->payload_is_close) { - // assert(0); - /* oh... a close frame was it... then we are done */ - return LWS_HP_RET_BAIL_DIE; - } - - /* otherwise for PING, leave POLLOUT active either way */ - return LWS_HP_RET_BAIL_OK; - } - - if (!wsi->socket_is_permanently_unusable && wsi->ws->send_check_ping) { - - lwsl_info("issuing ping on wsi %p\n", wsi); - wsi->ws->send_check_ping = 0; - n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], - 0, LWS_WRITE_PING); - if (n < 0) - return LWS_HP_RET_BAIL_DIE; - - /* - * we apparently were able to send the PING in a reasonable time - * now reset the clock on our peer to be able to send the - * PONG in a reasonable time. - */ - - lws_set_timeout(wsi, PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG, - wsi->context->timeout_secs); - - return LWS_HP_RET_BAIL_OK; - } - - /* Priority 4: if we are closing, not allowed to send more data frags - * which means user callback or tx ext flush banned now - */ - if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) - return LWS_HP_RET_USER_SERVICE; - -#if !defined(LWS_WITHOUT_EXTENSIONS) - /* Priority 5: Tx path extension with more to send - * - * These are handled as new fragments each time around - * So while we must block new writeable callback to enforce - * payload ordering, but since they are always complete - * fragments control packets can interleave OK. - */ - if (wsi->ws->tx_draining_ext) { - lwsl_ext("SERVICING TX EXT DRAINING\n"); - if (lws_write(wsi, NULL, 0, LWS_WRITE_CONTINUATION) < 0) - return LWS_HP_RET_BAIL_DIE; - /* leave POLLOUT active */ - return LWS_HP_RET_BAIL_OK; - } - - /* Priority 6: extensions - */ - if (!wsi->ws->extension_data_pending && !wsi->ws->tx_draining_ext) { - lwsl_ext("%s: !wsi->ws->extension_data_pending\n", __func__); - return LWS_HP_RET_USER_SERVICE; - } - - /* - * check in on the active extensions, see if they - * had pending stuff to spill... they need to get the - * first look-in otherwise sequence will be disordered - * - * NULL, zero-length ebuf means just spill pending - */ - - ret = 1; - if (wsi->role_ops == &role_ops_raw_skt || - wsi->role_ops == &role_ops_raw_file) - ret = 0; - - while (ret == 1) { - - /* default to nobody has more to spill */ - - ret = 0; - ebuf.token = NULL; - ebuf.len = 0; - - /* give every extension a chance to spill */ - - m = lws_ext_cb_active(wsi, LWS_EXT_CB_PACKET_TX_PRESEND, - &ebuf, 0); - if (m < 0) { - lwsl_err("ext reports fatal error\n"); - return LWS_HP_RET_BAIL_DIE; - } - if (m) - /* - * at least one extension told us he has more - * to spill, so we will go around again after - */ - ret = 1; - - /* assuming they gave us something to send, send it */ - - if (ebuf.len) { - n = lws_issue_raw(wsi, (unsigned char *)ebuf.token, - ebuf.len); - if (n < 0) { - lwsl_info("closing from POLLOUT spill\n"); - return LWS_HP_RET_BAIL_DIE; - } - /* - * Keep amount spilled small to minimize chance of this - */ - if (n != ebuf.len) { - lwsl_err("Unable to spill ext %d vs %d\n", - ebuf.len, n); - return LWS_HP_RET_BAIL_DIE; - } - } else - continue; - - /* no extension has more to spill */ - - if (!ret) - continue; - - /* - * There's more to spill from an extension, but we just sent - * something... did that leave the pipe choked? - */ - - if (!lws_send_pipe_choked(wsi)) - /* no we could add more */ - continue; - - lwsl_info("choked in POLLOUT service\n"); - - /* - * Yes, he's choked. Leave the POLLOUT masked on so we will - * come back here when he is unchoked. Don't call the user - * callback to enforce ordering of spilling, he'll get called - * when we come back here and there's nothing more to spill. - */ - - return LWS_HP_RET_BAIL_OK; - } - - wsi->ws->extension_data_pending = 0; -#endif - - return LWS_HP_RET_USER_SERVICE; -} - -static int -rops_periodic_checks_ws(struct lws_context *context, int tsi, time_t now) -{ - struct lws_vhost *vh; - - if (!context->ws_ping_pong_interval || - context->last_ws_ping_pong_check_s >= now + 10) - return 0; - - vh = context->vhost_list; - context->last_ws_ping_pong_check_s = now; - - while (vh) { - int n; - - lws_vhost_lock(vh); - - for (n = 0; n < vh->count_protocols; n++) { - - lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, - vh->same_vh_protocol_heads[n].next) { - struct lws *wsi = lws_container_of(d, - struct lws, same_vh_protocol); - - if (lwsi_role_ws(wsi) && - !wsi->socket_is_permanently_unusable && - !wsi->ws->send_check_ping && - wsi->ws->time_next_ping_check && - lws_compare_time_t(context, now, - wsi->ws->time_next_ping_check) > - context->ws_ping_pong_interval) { - - lwsl_info("req pp on wsi %p\n", wsi); - wsi->ws->send_check_ping = 1; - lws_set_timeout(wsi, - PENDING_TIMEOUT_WS_PONG_CHECK_SEND_PING, - context->timeout_secs); - lws_callback_on_writable(wsi); - wsi->ws->time_next_ping_check = now; - } - - } lws_end_foreach_dll_safe(d, d1); - } - - lws_vhost_unlock(vh); - vh = vh->vhost_next; - } - - return 0; -} - -static int -rops_service_flag_pending_ws(struct lws_context *context, int tsi) -{ -#if !defined(LWS_WITHOUT_EXTENSIONS) - struct lws_context_per_thread *pt = &context->pt[tsi]; - struct lws *wsi; - int forced = 0; - - /* POLLIN faking (the pt lock is taken by the parent) */ - - /* - * 1) For all guys with already-available ext data to drain, if they are - * not flowcontrolled, fake their POLLIN status - */ - wsi = pt->ws.rx_draining_ext_list; - while (wsi && wsi->position_in_fds_table != LWS_NO_FDS_POS) { - pt->fds[wsi->position_in_fds_table].revents |= - pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN; - if (pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN) - forced = 1; - - wsi = wsi->ws->rx_draining_ext_list; - } - - return forced; -#else - return 0; -#endif -} - -static int -rops_close_via_role_protocol_ws(struct lws *wsi, enum lws_close_status reason) -{ - if (!wsi->ws) - return 0; - - if (!wsi->ws->close_in_ping_buffer_len && /* already a reason */ - (reason == LWS_CLOSE_STATUS_NOSTATUS || - reason == LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY)) - return 0; - - lwsl_debug("%s: sending close indication...\n", __func__); - - /* if no prepared close reason, use 1000 and no aux data */ - - if (!wsi->ws->close_in_ping_buffer_len) { - wsi->ws->close_in_ping_buffer_len = 2; - wsi->ws->ping_payload_buf[LWS_PRE] = (reason >> 8) & 0xff; - wsi->ws->ping_payload_buf[LWS_PRE + 1] = reason & 0xff; - } - - wsi->waiting_to_send_close_frame = 1; - wsi->close_needs_ack = 1; - lwsi_set_state(wsi, LRS_WAITING_TO_SEND_CLOSE); - __lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_SEND, 5); - - lws_callback_on_writable(wsi); - - return 1; -} - -static int -rops_close_role_ws(struct lws_context_per_thread *pt, struct lws *wsi) -{ - if (!wsi->ws) - return 0; - -#if !defined(LWS_WITHOUT_EXTENSIONS) - - if (wsi->ws->rx_draining_ext) { - struct lws **w = &pt->ws.rx_draining_ext_list; - - wsi->ws->rx_draining_ext = 0; - /* remove us from context draining ext list */ - while (*w) { - if (*w == wsi) { - *w = wsi->ws->rx_draining_ext_list; - break; - } - w = &((*w)->ws->rx_draining_ext_list); - } - wsi->ws->rx_draining_ext_list = NULL; - } - - if (wsi->ws->tx_draining_ext) { - struct lws **w = &pt->ws.tx_draining_ext_list; - lwsl_ext("%s: CLEARING tx_draining_ext\n", __func__); - wsi->ws->tx_draining_ext = 0; - /* remove us from context draining ext list */ - while (*w) { - if (*w == wsi) { - *w = wsi->ws->tx_draining_ext_list; - break; - } - w = &((*w)->ws->tx_draining_ext_list); - } - wsi->ws->tx_draining_ext_list = NULL; - } -#endif - lws_free_set_NULL(wsi->ws->rx_ubuf); - - wsi->ws->ping_payload_len = 0; - wsi->ws->ping_pending_flag = 0; - - /* deallocate any active extension contexts */ - - if (lws_ext_cb_active(wsi, LWS_EXT_CB_DESTROY, NULL, 0) < 0) - lwsl_warn("extension destruction failed\n"); - - return 0; -} - -static int -rops_write_role_protocol_ws(struct lws *wsi, unsigned char *buf, size_t len, - enum lws_write_protocol *wp) -{ -#if !defined(LWS_WITHOUT_EXTENSIONS) - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - enum lws_write_protocol wpt; -#endif - int masked7 = lwsi_role_client(wsi); - unsigned char is_masked_bit = 0; - unsigned char *dropmask = NULL; - struct lws_tokens ebuf; - size_t orig_len = len; - int pre = 0, n = 0; - - // lwsl_err("%s: wp 0x%x len %d\n", __func__, *wp, (int)len); -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (wsi->ws->tx_draining_ext) { - /* remove us from the list */ - struct lws **w = &pt->ws.tx_draining_ext_list; - - lwsl_ext("%s: CLEARING tx_draining_ext\n", __func__); - wsi->ws->tx_draining_ext = 0; - /* remove us from context draining ext list */ - while (*w) { - if (*w == wsi) { - *w = wsi->ws->tx_draining_ext_list; - break; - } - w = &((*w)->ws->tx_draining_ext_list); - } - wsi->ws->tx_draining_ext_list = NULL; - - wpt = *wp; - *wp = (wsi->ws->tx_draining_stashed_wp & 0xc0)| - LWS_WRITE_CONTINUATION; - - /* - * When we are just flushing (len == 0), we can trust the - * stashed wp info completely. Otherwise adjust it to the - * FIN status of the incoming packet. - */ - - if (!(wpt & LWS_WRITE_NO_FIN) && len) - *wp &= ~LWS_WRITE_NO_FIN; - - lwsl_ext("FORCED draining wp to 0x%02X " - "(stashed 0x%02X, incoming 0x%02X)\n", *wp, - wsi->ws->tx_draining_stashed_wp, wpt); - // assert(0); - } -#endif - lws_restart_ws_ping_pong_timer(wsi); - - if (((*wp) & 0x1f) == LWS_WRITE_HTTP || - ((*wp) & 0x1f) == LWS_WRITE_HTTP_FINAL || - ((*wp) & 0x1f) == LWS_WRITE_HTTP_HEADERS_CONTINUATION || - ((*wp) & 0x1f) == LWS_WRITE_HTTP_HEADERS) - goto send_raw; - - - - /* if we are continuing a frame that already had its header done */ - - if (wsi->ws->inside_frame) { - lwsl_debug("INSIDE FRAME\n"); - goto do_more_inside_frame; - } - - wsi->ws->clean_buffer = 1; - - /* - * give a chance to the extensions to modify payload - * the extension may decide to produce unlimited payload erratically - * (eg, compression extension), so we require only that if he produces - * something, it will be a complete fragment of the length known at - * the time (just the fragment length known), and if he has - * more we will come back next time he is writeable and allow him to - * produce more fragments until he's drained. - * - * This allows what is sent each time it is writeable to be limited to - * a size that can be sent without partial sends or blocking, allows - * interleaving of control frames and other connection service. - */ - ebuf.token = (char *)buf; - ebuf.len = (int)len; - - switch ((int)*wp) { - case LWS_WRITE_PING: - case LWS_WRITE_PONG: - case LWS_WRITE_CLOSE: - break; - default: -#if !defined(LWS_WITHOUT_EXTENSIONS) - // lwsl_notice("LWS_EXT_CB_PAYLOAD_TX\n"); - // m = (int)ebuf.len; - /* returns 0 if no more tx pending, 1 if more pending */ - n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_TX, &ebuf, *wp); - if (n < 0) - return -1; - // lwsl_notice("ext processed %d plaintext into %d compressed" - // " (wp 0x%x)\n", m, (int)ebuf.len, *wp); - - if (n && ebuf.len) { - lwsl_ext("write drain len %d (wp 0x%x) SETTING " - "tx_draining_ext\n", (int)ebuf.len, *wp); - /* extension requires further draining */ - wsi->ws->tx_draining_ext = 1; - wsi->ws->tx_draining_ext_list = - pt->ws.tx_draining_ext_list; - pt->ws.tx_draining_ext_list = wsi; - /* we must come back to do more */ - lws_callback_on_writable(wsi); - /* - * keep a copy of the write type for the overall - * action that has provoked generation of these - * fragments, so the last guy can use its FIN state. - */ - wsi->ws->tx_draining_stashed_wp = *wp; - /* this is definitely not actually the last fragment - * because the extension asserted he has more coming - * So make sure this intermediate one doesn't go out - * with a FIN. - */ - *wp |= LWS_WRITE_NO_FIN; - } -#endif - if (ebuf.len && wsi->ws->stashed_write_pending) { - wsi->ws->stashed_write_pending = 0; - *wp = ((*wp) & 0xc0) | (int)wsi->ws->stashed_write_type; - } - } - - /* - * an extension did something we need to keep... for example, if - * compression extension, it has already updated its state according - * to this being issued - */ - if ((char *)buf != ebuf.token) { - /* - * ext might eat it, but not have anything to issue yet. - * In that case we have to follow his lead, but stash and - * replace the write type that was lost here the first time. - */ - if (len && !ebuf.len) { - if (!wsi->ws->stashed_write_pending) - wsi->ws->stashed_write_type = - (char)(*wp) & 0x3f; - wsi->ws->stashed_write_pending = 1; - return (int)len; - } - /* - * extension recreated it: - * need to buffer this if not all sent - */ - wsi->ws->clean_buffer = 0; - } - - buf = (unsigned char *)ebuf.token; - len = ebuf.len; - - if (!buf) { - lwsl_err("null buf (%d)\n", (int)len); - return -1; - } - - switch (wsi->ws->ietf_spec_revision) { - case 13: - if (masked7) { - pre += 4; - dropmask = &buf[0 - pre]; - is_masked_bit = 0x80; - } - - switch ((*wp) & 0xf) { - case LWS_WRITE_TEXT: - n = LWSWSOPC_TEXT_FRAME; - break; - case LWS_WRITE_BINARY: - n = LWSWSOPC_BINARY_FRAME; - break; - case LWS_WRITE_CONTINUATION: - n = LWSWSOPC_CONTINUATION; - break; - - case LWS_WRITE_CLOSE: - n = LWSWSOPC_CLOSE; - break; - case LWS_WRITE_PING: - n = LWSWSOPC_PING; - break; - case LWS_WRITE_PONG: - n = LWSWSOPC_PONG; - break; - default: - lwsl_warn("lws_write: unknown write opc / wp\n"); - return -1; - } - - if (!((*wp) & LWS_WRITE_NO_FIN)) - n |= 1 << 7; - - if (len < 126) { - pre += 2; - buf[-pre] = n; - buf[-pre + 1] = (unsigned char)(len | is_masked_bit); - } else { - if (len < 65536) { - pre += 4; - buf[-pre] = n; - buf[-pre + 1] = 126 | is_masked_bit; - buf[-pre + 2] = (unsigned char)(len >> 8); - buf[-pre + 3] = (unsigned char)len; - } else { - pre += 10; - buf[-pre] = n; - buf[-pre + 1] = 127 | is_masked_bit; -#if defined __LP64__ - buf[-pre + 2] = (len >> 56) & 0x7f; - buf[-pre + 3] = len >> 48; - buf[-pre + 4] = len >> 40; - buf[-pre + 5] = len >> 32; -#else - buf[-pre + 2] = 0; - buf[-pre + 3] = 0; - buf[-pre + 4] = 0; - buf[-pre + 5] = 0; -#endif - buf[-pre + 6] = (unsigned char)(len >> 24); - buf[-pre + 7] = (unsigned char)(len >> 16); - buf[-pre + 8] = (unsigned char)(len >> 8); - buf[-pre + 9] = (unsigned char)len; - } - } - break; - } - -do_more_inside_frame: - - /* - * Deal with masking if we are in client -> server direction and - * the wp demands it - */ - - if (masked7) { - if (!wsi->ws->inside_frame) - if (lws_0405_frame_mask_generate(wsi)) { - lwsl_err("frame mask generation failed\n"); - return -1; - } - - /* - * in v7, just mask the payload - */ - if (dropmask) { /* never set if already inside frame */ - for (n = 4; n < (int)len + 4; n++) - dropmask[n] = dropmask[n] ^ wsi->ws->mask[ - (wsi->ws->mask_idx++) & 3]; - - /* copy the frame nonce into place */ - memcpy(dropmask, wsi->ws->mask, 4); - } - } - - if (lwsi_role_h2_ENCAPSULATION(wsi)) { - struct lws *encap = lws_get_network_wsi(wsi); - - assert(encap != wsi); - return encap->role_ops->write_role_protocol(wsi, buf - pre, - len + pre, wp); - } - - switch ((*wp) & 0x1f) { - case LWS_WRITE_TEXT: - case LWS_WRITE_BINARY: - case LWS_WRITE_CONTINUATION: - if (!wsi->h2_stream_carries_ws) { - - /* - * give any active extensions a chance to munge the - * buffer before send. We pass in a pointer to an - * lws_tokens struct prepared with the default buffer - * and content length that's in there. Rather than - * rewrite the default buffer, extensions that expect - * to grow the buffer can adapt .token to point to their - * own per-connection buffer in the extension user - * allocation. By default with no extensions or no - * extension callback handling, just the normal input - * buffer is used then so it is efficient. - * - * callback returns 1 in case it wants to spill more - * buffers - * - * This takes care of holding the buffer if send is - * incomplete, ie, if wsi->ws->clean_buffer is 0 - * (meaning an extension meddled with the buffer). If - * wsi->ws->clean_buffer is 1, it will instead return - * to the user code how much OF THE USER BUFFER was - * consumed. - */ - - n = lws_issue_raw_ext_access(wsi, buf - pre, len + pre); - wsi->ws->inside_frame = 1; - if (n <= 0) - return n; - - if (n == (int)len + pre) { - /* everything in the buffer was handled - * (or rebuffered...) */ - wsi->ws->inside_frame = 0; - return (int)orig_len; - } - - /* - * it is how many bytes of user buffer got sent... may - * be < orig_len in which case callback when writable - * has already been arranged and user code can call - * lws_write() again with the rest later. - */ - - return n - pre; - } - break; - default: - break; - } - -send_raw: - return lws_issue_raw(wsi, (unsigned char *)buf - pre, len + pre); -} - -static int -rops_close_kill_connection_ws(struct lws *wsi, enum lws_close_status reason) -{ - /* deal with ws encapsulation in h2 */ -#if defined(LWS_WITH_HTTP2) - if (wsi->http2_substream && wsi->h2_stream_carries_ws) - return role_ops_h2.close_kill_connection(wsi, reason); - - return 0; -#else - return 0; -#endif -} - -static int -rops_callback_on_writable_ws(struct lws *wsi) -{ -#if defined(LWS_WITH_HTTP2) - if (lwsi_role_h2_ENCAPSULATION(wsi)) { - /* we know then that it has an h2 parent */ - struct lws *enc = role_ops_h2.encapsulation_parent(wsi); - - assert(enc); - if (enc->role_ops->callback_on_writable(wsi)) - return 1; - } -#endif - return 0; -} - -static int -rops_init_vhost_ws(struct lws_vhost *vh, - const struct lws_context_creation_info *info) -{ -#if !defined(LWS_WITHOUT_EXTENSIONS) -#ifdef LWS_WITH_PLUGINS - struct lws_plugin *plugin = vh->context->plugin_list; - int m; - - if (vh->context->plugin_extension_count) { - - m = 0; - while (info->extensions && info->extensions[m].callback) - m++; - - /* - * give the vhost a unified list of extensions including the - * ones that came from plugins - */ - vh->ws.extensions = lws_zalloc(sizeof(struct lws_extension) * - (m + vh->context->plugin_extension_count + 1), - "extensions"); - if (!vh->ws.extensions) - return 1; - - memcpy((struct lws_extension *)vh->ws.extensions, info->extensions, - sizeof(struct lws_extension) * m); - plugin = vh->context->plugin_list; - while (plugin) { - memcpy((struct lws_extension *)&vh->ws.extensions[m], - plugin->caps.extensions, - sizeof(struct lws_extension) * - plugin->caps.count_extensions); - m += plugin->caps.count_extensions; - plugin = plugin->list; - } - } else -#endif - vh->ws.extensions = info->extensions; -#endif - - return 0; -} - -static int -rops_destroy_vhost_ws(struct lws_vhost *vh) -{ -#ifdef LWS_WITH_PLUGINS -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (vh->context->plugin_extension_count) - lws_free((void *)vh->ws.extensions); -#endif -#endif - - return 0; -} - -static int -rops_destroy_role_ws(struct lws *wsi) -{ - lws_free_set_NULL(wsi->ws); - - return 0; -} - -struct lws_role_ops role_ops_ws = { - /* role name */ "ws", - /* alpn id */ NULL, - /* check_upgrades */ NULL, - /* init_context */ NULL, - /* init_vhost */ rops_init_vhost_ws, - /* destroy_vhost */ rops_destroy_vhost_ws, - /* periodic_checks */ rops_periodic_checks_ws, - /* service_flag_pending */ rops_service_flag_pending_ws, - /* handle_POLLIN */ rops_handle_POLLIN_ws, - /* handle_POLLOUT */ rops_handle_POLLOUT_ws, - /* perform_user_POLLOUT */ NULL, - /* callback_on_writable */ rops_callback_on_writable_ws, - /* tx_credit */ NULL, - /* write_role_protocol */ rops_write_role_protocol_ws, - /* encapsulation_parent */ NULL, - /* alpn_negotiated */ NULL, - /* close_via_role_protocol */ rops_close_via_role_protocol_ws, - /* close_role */ rops_close_role_ws, - /* close_kill_connection */ rops_close_kill_connection_ws, - /* destroy_role */ rops_destroy_role_ws, - /* adoption_bind */ NULL, - /* client_bind */ NULL, - /* writeable cb clnt, srv */ { LWS_CALLBACK_CLIENT_WRITEABLE, - LWS_CALLBACK_SERVER_WRITEABLE }, - /* close cb clnt, srv */ { LWS_CALLBACK_CLIENT_CLOSED, - LWS_CALLBACK_CLOSED }, - /* protocol_bind cb c, srv */ { LWS_CALLBACK_WS_CLIENT_BIND_PROTOCOL, - LWS_CALLBACK_WS_SERVER_BIND_PROTOCOL }, - /* protocol_unbind cb c, srv */ { LWS_CALLBACK_WS_CLIENT_DROP_PROTOCOL, - LWS_CALLBACK_WS_SERVER_DROP_PROTOCOL }, - /* file handles */ 0 -}; diff --git a/thirdparty/libwebsockets/lib/roles/ws/private.h b/thirdparty/libwebsockets/lib/roles/ws/private.h deleted file mode 100644 index 71ffcaea96..0000000000 --- a/thirdparty/libwebsockets/lib/roles/ws/private.h +++ /dev/null @@ -1,164 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * This is included from core/private.h if LWS_ROLE_WS - */ - -extern struct lws_role_ops role_ops_ws; - -#define lwsi_role_ws(wsi) (wsi->role_ops == &role_ops_ws) - -enum lws_rx_parse_state { - LWS_RXPS_NEW, - - LWS_RXPS_04_mask_1, - LWS_RXPS_04_mask_2, - LWS_RXPS_04_mask_3, - - LWS_RXPS_04_FRAME_HDR_1, - LWS_RXPS_04_FRAME_HDR_LEN, - LWS_RXPS_04_FRAME_HDR_LEN16_2, - LWS_RXPS_04_FRAME_HDR_LEN16_1, - LWS_RXPS_04_FRAME_HDR_LEN64_8, - LWS_RXPS_04_FRAME_HDR_LEN64_7, - LWS_RXPS_04_FRAME_HDR_LEN64_6, - LWS_RXPS_04_FRAME_HDR_LEN64_5, - LWS_RXPS_04_FRAME_HDR_LEN64_4, - LWS_RXPS_04_FRAME_HDR_LEN64_3, - LWS_RXPS_04_FRAME_HDR_LEN64_2, - LWS_RXPS_04_FRAME_HDR_LEN64_1, - - LWS_RXPS_07_COLLECT_FRAME_KEY_1, - LWS_RXPS_07_COLLECT_FRAME_KEY_2, - LWS_RXPS_07_COLLECT_FRAME_KEY_3, - LWS_RXPS_07_COLLECT_FRAME_KEY_4, - - LWS_RXPS_WS_FRAME_PAYLOAD -}; - -enum lws_websocket_opcodes_07 { - LWSWSOPC_CONTINUATION = 0, - LWSWSOPC_TEXT_FRAME = 1, - LWSWSOPC_BINARY_FRAME = 2, - - LWSWSOPC_NOSPEC__MUX = 7, - - /* control extensions 8+ */ - - LWSWSOPC_CLOSE = 8, - LWSWSOPC_PING = 9, - LWSWSOPC_PONG = 0xa, -}; - -/* this is not usable directly by user code any more, lws_close_reason() */ -#define LWS_WRITE_CLOSE 4 - -#define ALREADY_PROCESSED_IGNORE_CHAR 1 -#define ALREADY_PROCESSED_NO_CB 2 - -#if !defined(LWS_WITHOUT_EXTENSIONS) -struct lws_vhost_role_ws { - const struct lws_extension *extensions; -}; - -struct lws_pt_role_ws { - struct lws *rx_draining_ext_list; - struct lws *tx_draining_ext_list; -}; -#endif - -struct _lws_websocket_related { - char *rx_ubuf; -#if !defined(LWS_WITHOUT_EXTENSIONS) - const struct lws_extension *active_extensions[LWS_MAX_EXTENSIONS_ACTIVE]; - void *act_ext_user[LWS_MAX_EXTENSIONS_ACTIVE]; - struct lws *rx_draining_ext_list; - struct lws *tx_draining_ext_list; -#endif - /* Also used for close content... control opcode == < 128 */ - uint8_t ping_payload_buf[128 - 3 + LWS_PRE]; - uint8_t mask[4]; - - time_t time_next_ping_check; - size_t rx_packet_length; - uint32_t rx_ubuf_head; - uint32_t rx_ubuf_alloc; - - uint8_t ping_payload_len; - uint8_t mask_idx; - uint8_t opcode; - uint8_t rsv; - uint8_t rsv_first_msg; - /* zero if no info, or length including 2-byte close code */ - uint8_t close_in_ping_buffer_len; - uint8_t utf8; - uint8_t stashed_write_type; - uint8_t tx_draining_stashed_wp; - uint8_t ietf_spec_revision; - - unsigned int final:1; - unsigned int frame_is_binary:1; - unsigned int all_zero_nonce:1; - unsigned int this_frame_masked:1; - unsigned int inside_frame:1; /* next write will be more of frame */ - unsigned int clean_buffer:1; /* buffer not rewritten by extension */ - unsigned int payload_is_close:1; /* process as PONG, but it is close */ - unsigned int ping_pending_flag:1; - unsigned int continuation_possible:1; - unsigned int owed_a_fin:1; - unsigned int check_utf8:1; - unsigned int defeat_check_utf8:1; - unsigned int stashed_write_pending:1; - unsigned int send_check_ping:1; - unsigned int first_fragment:1; - unsigned int peer_has_sent_close:1; -#if !defined(LWS_WITHOUT_EXTENSIONS) - unsigned int extension_data_pending:1; - unsigned int rx_draining_ext:1; - unsigned int tx_draining_ext:1; - - uint8_t count_act_ext; -#endif -}; - -int -lws_ws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len); - -#if !defined(LWS_WITHOUT_EXTENSIONS) -LWS_VISIBLE void -lws_context_init_extensions(const struct lws_context_creation_info *info, - struct lws_context *context); -LWS_EXTERN int -lws_any_extension_handled(struct lws *wsi, enum lws_extension_callback_reasons r, - void *v, size_t len); - -LWS_EXTERN int -lws_ext_cb_active(struct lws *wsi, int reason, void *buf, int len); -LWS_EXTERN int -lws_ext_cb_all_exts(struct lws_context *context, struct lws *wsi, int reason, - void *arg, int len); -#endif - -int -handshake_0405(struct lws_context *context, struct lws *wsi); -int -lws_process_ws_upgrade(struct lws *wsi); -int -lws_server_init_wsi_for_ws(struct lws *wsi); diff --git a/thirdparty/libwebsockets/lib/roles/ws/server-ws.c b/thirdparty/libwebsockets/lib/roles/ws/server-ws.c deleted file mode 100644 index bdc45367d4..0000000000 --- a/thirdparty/libwebsockets/lib/roles/ws/server-ws.c +++ /dev/null @@ -1,874 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include - -#define LWS_CPYAPP(ptr, str) { strcpy(ptr, str); ptr += strlen(str); } - -#if !defined(LWS_WITHOUT_EXTENSIONS) -static int -lws_extension_server_handshake(struct lws *wsi, char **p, int budget) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - char ext_name[64], *args, *end = (*p) + budget - 1; - const struct lws_ext_options *opts, *po; - const struct lws_extension *ext; - struct lws_ext_option_arg oa; - int n, m, more = 1; - int ext_count = 0; - char ignore; - char *c; - - /* - * Figure out which extensions the client has that we want to - * enable on this connection, and give him back the list - */ - if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS)) - return 0; - - /* - * break down the list of client extensions - * and go through them - */ - - if (lws_hdr_copy(wsi, (char *)pt->serv_buf, context->pt_serv_buf_size, - WSI_TOKEN_EXTENSIONS) < 0) - return 1; - - c = (char *)pt->serv_buf; - lwsl_parser("WSI_TOKEN_EXTENSIONS = '%s'\n", c); - wsi->ws->count_act_ext = 0; - ignore = 0; - n = 0; - args = NULL; - - /* - * We may get a simple request - * - * Sec-WebSocket-Extensions: permessage-deflate - * - * or an elaborated one with requested options - * - * Sec-WebSocket-Extensions: permessage-deflate; \ - * server_no_context_takeover; \ - * client_no_context_takeover - */ - - while (more) { - - if (c >= (char *)pt->serv_buf + 255) - return -1; - - if (*c && (*c != ',' && *c != '\t')) { - if (*c == ';') { - ignore = 1; - if (!args) - args = c + 1; - } - if (ignore || *c == ' ') { - c++; - continue; - } - ext_name[n] = *c++; - if (n < (int)sizeof(ext_name) - 1) - n++; - continue; - } - ext_name[n] = '\0'; - - ignore = 0; - if (!*c) - more = 0; - else { - c++; - if (!n) - continue; - } - - while (args && *args == ' ') - args++; - - /* check a client's extension against our support */ - - ext = wsi->vhost->ws.extensions; - - while (ext && ext->callback) { - - if (strcmp(ext_name, ext->name)) { - ext++; - continue; - } - - /* - * oh, we do support this one he asked for... but let's - * confirm he only gave it once - */ - for (m = 0; m < wsi->ws->count_act_ext; m++) - if (wsi->ws->active_extensions[m] == ext) { - lwsl_info("ext mentioned twice\n"); - return 1; /* shenanigans */ - } - - /* - * ask user code if it's OK to apply it on this - * particular connection + protocol - */ - m = (wsi->protocol->callback)(wsi, - LWS_CALLBACK_CONFIRM_EXTENSION_OKAY, - wsi->user_space, ext_name, 0); - - /* - * zero return from callback means go ahead and allow - * the extension, it's what we get if the callback is - * unhandled - */ - if (m) { - ext++; - continue; - } - - /* apply it */ - - ext_count++; - - /* instantiate the extension on this conn */ - - wsi->ws->active_extensions[wsi->ws->count_act_ext] = ext; - - /* allow him to construct his context */ - - if (ext->callback(lws_get_context(wsi), ext, wsi, - LWS_EXT_CB_CONSTRUCT, - (void *)&wsi->ws->act_ext_user[ - wsi->ws->count_act_ext], - (void *)&opts, 0)) { - lwsl_info("ext %s failed construction\n", - ext_name); - ext_count--; - ext++; - - continue; - } - - if (ext_count > 1) - *(*p)++ = ','; - else - LWS_CPYAPP(*p, - "\x0d\x0aSec-WebSocket-Extensions: "); - *p += lws_snprintf(*p, (end - *p), "%s", ext_name); - - /* - * The client may send a bunch of different option - * sets for the same extension, we are supposed to - * pick one we like the look of. The option sets are - * separated by comma. - * - * Actually we just either accept the first one or - * nothing. - * - * Go through the options trying to apply the - * recognized ones - */ - - lwsl_info("ext args %s\n", args); - - while (args && *args && *args != ',') { - while (*args == ' ') - args++; - po = opts; - while (po->name) { - /* only support arg-less options... */ - if (po->type != EXTARG_NONE || - strncmp(args, po->name, - strlen(po->name))) { - po++; - continue; - } - oa.option_name = NULL; - oa.option_index = (int)(po - opts); - oa.start = NULL; - oa.len = 0; - lwsl_info("setting '%s'\n", po->name); - if (!ext->callback(lws_get_context(wsi), - ext, wsi, - LWS_EXT_CB_OPTION_SET, - wsi->ws->act_ext_user[ - wsi->ws->count_act_ext], - &oa, (end - *p))) { - - *p += lws_snprintf(*p, - (end - *p), - "; %s", po->name); - lwsl_debug("adding option %s\n", - po->name); - } - po++; - } - while (*args && *args != ',' && *args != ';') - args++; - - if (*args == ';') - args++; - } - - wsi->ws->count_act_ext++; - lwsl_parser("cnt_act_ext <- %d\n", - wsi->ws->count_act_ext); - - if (args && *args == ',') - more = 0; - - ext++; - } - - n = 0; - args = NULL; - } - - return 0; -} -#endif - -int -lws_process_ws_upgrade(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - const struct lws_protocols *pcol = NULL; - char buf[128], name[64]; - struct lws_tokenize ts; - lws_tokenize_elem e; - - if (!wsi->protocol) - lwsl_err("NULL protocol at lws_read\n"); - - /* - * We are upgrading to ws, so http/1.1 + h2 and keepalive + pipelined - * header considerations about keeping the ah around no longer apply. - * - * However it's common for the first ws protocol data to have been - * coalesced with the browser upgrade request and to already be in the - * ah rx buffer. - */ - - lws_pt_lock(pt, __func__); - - if (!wsi->h2_stream_carries_ws) - lws_role_transition(wsi, LWSIFR_SERVER, LRS_ESTABLISHED, - &role_ops_ws); - - lws_pt_unlock(pt); - - /* - * It's either websocket or h2->websocket - * - * If we are on h1, confirm we got the required "connection: upgrade" - * header. h2 / ws-over-h2 does not have this. - */ - -#if defined(LWS_WITH_HTTP2) - if (wsi->http2_substream) - goto check_protocol; -#endif - - lws_tokenize_init(&ts, buf, LWS_TOKENIZE_F_COMMA_SEP_LIST | - LWS_TOKENIZE_F_MINUS_NONTERM); - ts.len = lws_hdr_copy(wsi, buf, sizeof(buf) - 1, WSI_TOKEN_CONNECTION); - if (ts.len <= 0) - goto bad_conn_format; - - do { - e = lws_tokenize(&ts); - switch (e) { - case LWS_TOKZE_TOKEN: - if (!strcasecmp(ts.token, "upgrade")) - e = LWS_TOKZE_ENDED; - break; - - case LWS_TOKZE_DELIMITER: - break; - - default: /* includes ENDED */ -bad_conn_format: - lwsl_err("%s: malformed or absent connection hdr\n", - __func__); - - return 1; - } - } while (e > 0); - -#if defined(LWS_WITH_HTTP2) -check_protocol: -#endif - - /* - * Select the first protocol we support from the list - * the client sent us. - */ - - lws_tokenize_init(&ts, buf, LWS_TOKENIZE_F_COMMA_SEP_LIST | - LWS_TOKENIZE_F_MINUS_NONTERM | - LWS_TOKENIZE_F_RFC7230_DELIMS); - ts.len = lws_hdr_copy(wsi, buf, sizeof(buf) - 1, WSI_TOKEN_PROTOCOL); - if (ts.len < 0) { - lwsl_err("%s: protocol list too long\n", __func__); - return 1; - } - if (!ts.len) { - int n = wsi->vhost->default_protocol_index; - /* - * some clients only have one protocol and do not send the - * protocol list header... allow it and match to the vhost's - * default protocol (which itself defaults to zero) - */ - lwsl_info("%s: defaulting to prot handler %d\n", __func__, n); - - lws_bind_protocol(wsi, &wsi->vhost->protocols[n], - "ws upgrade default pcol"); - - goto alloc_ws; - } - - /* otherwise go through the user-provided protocol list */ - - do { - e = lws_tokenize(&ts); - switch (e) { - case LWS_TOKZE_TOKEN: - - if (lws_tokenize_cstr(&ts, name, sizeof(name))) { - lwsl_err("%s: pcol name too long\n", __func__); - - return 1; - } - lwsl_debug("checking %s\n", name); - pcol = lws_vhost_name_to_protocol(wsi->vhost, name); - if (pcol) { - /* if we know it, bind to it and stop looking */ - lws_bind_protocol(wsi, pcol, "ws upg pcol"); - e = LWS_TOKZE_ENDED; - } - break; - - case LWS_TOKZE_DELIMITER: - case LWS_TOKZE_ENDED: - break; - - default: - lwsl_err("%s: malformatted protocol list", __func__); - - return 1; - } - } while (e > 0); - - /* we didn't find a protocol he wanted? */ - - if (!pcol) { - lwsl_notice("No supported protocol \"%s\"\n", buf); - - return 1; - } - -alloc_ws: - - /* allocate the ws struct for the wsi */ - - wsi->ws = lws_zalloc(sizeof(*wsi->ws), "ws struct"); - if (!wsi->ws) { - lwsl_notice("OOM\n"); - return 1; - } - - if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION)) - wsi->ws->ietf_spec_revision = - atoi(lws_hdr_simple_ptr(wsi, WSI_TOKEN_VERSION)); - - /* allocate wsi->user storage */ - if (lws_ensure_user_space(wsi)) { - lwsl_notice("problem with user space\n"); - return 1; - } - - /* - * Give the user code a chance to study the request and - * have the opportunity to deny it - */ - if ((wsi->protocol->callback)(wsi, - LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION, - wsi->user_space, - lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL), 0)) { - lwsl_warn("User code denied connection\n"); - return 1; - } - - /* - * Perform the handshake according to the protocol version the - * client announced - */ - - switch (wsi->ws->ietf_spec_revision) { - default: - lwsl_notice("Unknown client spec version %d\n", - wsi->ws->ietf_spec_revision); - wsi->ws->ietf_spec_revision = 13; - //return 1; - /* fallthru */ - case 13: -#if defined(LWS_WITH_HTTP2) - if (wsi->h2_stream_carries_ws) { - if (lws_h2_ws_handshake(wsi)) { - lwsl_notice("h2 ws handshake failed\n"); - return 1; - } - lws_role_transition(wsi, - LWSIFR_SERVER | LWSIFR_P_ENCAP_H2, - LRS_ESTABLISHED, &role_ops_ws); - } else -#endif - { - lwsl_parser("lws_parse calling handshake_04\n"); - if (handshake_0405(wsi->context, wsi)) { - lwsl_notice("hs0405 has failed the connection\n"); - return 1; - } - } - break; - } - - lws_server_init_wsi_for_ws(wsi); - lwsl_parser("accepted v%02d connection\n", wsi->ws->ietf_spec_revision); - - lwsl_info("%s: %p: dropping ah on ws upgrade\n", __func__, wsi); - lws_header_table_detach(wsi, 1); - - return 0; -} - -int -handshake_0405(struct lws_context *context, struct lws *wsi) -{ - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - struct lws_process_html_args args; - unsigned char hash[20]; - int n, accept_len; - char *response; - char *p; - - if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST) || - !lws_hdr_total_length(wsi, WSI_TOKEN_KEY)) { - lwsl_info("handshake_04 missing pieces\n"); - /* completed header processing, but missing some bits */ - goto bail; - } - - if (lws_hdr_total_length(wsi, WSI_TOKEN_KEY) >= - MAX_WEBSOCKET_04_KEY_LEN) { - lwsl_warn("Client key too long %d\n", MAX_WEBSOCKET_04_KEY_LEN); - goto bail; - } - - /* - * since key length is restricted above (currently 128), cannot - * overflow - */ - n = sprintf((char *)pt->serv_buf, - "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", - lws_hdr_simple_ptr(wsi, WSI_TOKEN_KEY)); - - lws_SHA1(pt->serv_buf, n, hash); - - accept_len = lws_b64_encode_string((char *)hash, 20, - (char *)pt->serv_buf, context->pt_serv_buf_size); - if (accept_len < 0) { - lwsl_warn("Base64 encoded hash too long\n"); - goto bail; - } - - /* allocate the per-connection user memory (if any) */ - if (lws_ensure_user_space(wsi)) - goto bail; - - /* create the response packet */ - - /* make a buffer big enough for everything */ - - response = (char *)pt->serv_buf + MAX_WEBSOCKET_04_KEY_LEN + - 256 + LWS_PRE; - p = response; - LWS_CPYAPP(p, "HTTP/1.1 101 Switching Protocols\x0d\x0a" - "Upgrade: WebSocket\x0d\x0a" - "Connection: Upgrade\x0d\x0a" - "Sec-WebSocket-Accept: "); - strcpy(p, (char *)pt->serv_buf); - p += accept_len; - - /* we can only return the protocol header if: - * - one came in, and ... */ - if (lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL) && - /* - it is not an empty string */ - wsi->protocol->name && - wsi->protocol->name[0]) { - LWS_CPYAPP(p, "\x0d\x0aSec-WebSocket-Protocol: "); - p += lws_snprintf(p, 128, "%s", wsi->protocol->name); - } - -#if !defined(LWS_WITHOUT_EXTENSIONS) - /* - * Figure out which extensions the client has that we want to - * enable on this connection, and give him back the list. - * - * Give him a limited write bugdet - */ - if (lws_extension_server_handshake(wsi, &p, 192)) - goto bail; -#endif - LWS_CPYAPP(p, "\x0d\x0a"); - - args.p = p; - args.max_len = lws_ptr_diff((char *)pt->serv_buf + - context->pt_serv_buf_size, p); - if (user_callback_handle_rxflow(wsi->protocol->callback, wsi, - LWS_CALLBACK_ADD_HEADERS, - wsi->user_space, &args, 0)) - goto bail; - - p = args.p; - - /* end of response packet */ - - LWS_CPYAPP(p, "\x0d\x0a"); - - /* okay send the handshake response accepting the connection */ - - lwsl_parser("issuing resp pkt %d len\n", - lws_ptr_diff(p, response)); -#if defined(DEBUG) - fwrite(response, 1, p - response, stderr); -#endif - n = lws_write(wsi, (unsigned char *)response, p - response, - LWS_WRITE_HTTP_HEADERS); - if (n != (p - response)) { - lwsl_info("%s: ERROR writing to socket %d\n", __func__, n); - goto bail; - } - - /* alright clean up and set ourselves into established state */ - - lwsi_set_state(wsi, LRS_ESTABLISHED); - wsi->lws_rx_parse_state = LWS_RXPS_NEW; - - { - const char * uri_ptr = - lws_hdr_simple_ptr(wsi, WSI_TOKEN_GET_URI); - int uri_len = lws_hdr_total_length(wsi, WSI_TOKEN_GET_URI); - const struct lws_http_mount *hit = - lws_find_mount(wsi, uri_ptr, uri_len); - if (hit && hit->cgienv && - wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_PMO, - wsi->user_space, (void *)hit->cgienv, 0)) - return 1; - } - - return 0; - -bail: - /* caller will free up his parsing allocations */ - return -1; -} - - - -/* - * Once we reach LWS_RXPS_WS_FRAME_PAYLOAD, we know how much - * to expect in that state and can deal with it in bulk more efficiently. - */ - -static int -lws_ws_frame_rest_is_payload(struct lws *wsi, uint8_t **buf, size_t len) -{ - unsigned int avail = (unsigned int)len; - uint8_t *buffer = *buf, mask[4]; - struct lws_tokens ebuf; -#if !defined(LWS_WITHOUT_EXTENSIONS) - unsigned int old_packet_length = (int)wsi->ws->rx_packet_length; -#endif - int n = 0; - - /* - * With zlib, we can give it as much input as we like. The pmd - * extension will draw it down in chunks (default 1024). - * - * If we try to restrict how much we give it, because we must go - * back to the event loop each time, we will drop the remainder... - */ - -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (!wsi->ws->count_act_ext) -#endif - { - if (wsi->protocol->rx_buffer_size) - avail = (int)wsi->protocol->rx_buffer_size; - else - avail = wsi->context->pt_serv_buf_size; - } - - /* do not consume more than we should */ - if (avail > wsi->ws->rx_packet_length) - avail = (unsigned int)wsi->ws->rx_packet_length; - - /* do not consume more than what is in the buffer */ - if (avail > len) - avail = (unsigned int)len; - - if (!avail) - return 0; - - ebuf.token = (char *)buffer; - ebuf.len = avail; - - //lwsl_hexdump_notice(ebuf.token, ebuf.len); - - if (!wsi->ws->all_zero_nonce) { - - for (n = 0; n < 4; n++) - mask[n] = wsi->ws->mask[(wsi->ws->mask_idx + n) & 3]; - - /* deal with 4-byte chunks using unwrapped loop */ - n = avail >> 2; - while (n--) { - *(buffer) = *(buffer) ^ mask[0]; - buffer++; - *(buffer) = *(buffer) ^ mask[1]; - buffer++; - *(buffer) = *(buffer) ^ mask[2]; - buffer++; - *(buffer) = *(buffer) ^ mask[3]; - buffer++; - } - /* and the remaining bytes bytewise */ - for (n = 0; n < (int)(avail & 3); n++) { - *(buffer) = *(buffer) ^ mask[n]; - buffer++; - } - - wsi->ws->mask_idx = (wsi->ws->mask_idx + avail) & 3; - } - - lwsl_info("%s: using %d of raw input (total %d on offer)\n", __func__, - avail, (int)len); - - (*buf) += avail; - len -= avail; - -#if !defined(LWS_WITHOUT_EXTENSIONS) - n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &ebuf, 0); - lwsl_info("%s: ext says %d / ebuf.len %d\n", __func__, n, ebuf.len); -#endif - /* - * ebuf may be pointing somewhere completely different now, - * it's the output - */ - -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (n < 0) { - /* - * we may rely on this to get RX, just drop connection - */ - lwsl_notice("%s: LWS_EXT_CB_PAYLOAD_RX blew out\n", __func__); - wsi->socket_is_permanently_unusable = 1; - return -1; - } -#endif - - wsi->ws->rx_packet_length -= avail; - -#if !defined(LWS_WITHOUT_EXTENSIONS) - /* - * if we had an rx fragment right at the last compressed byte of the - * message, we can get a zero length inflated output, where no prior - * rx inflated output marked themselves with FIN, since there was - * raw ws payload still to drain at that time. - * - * Then we need to generate a zero length ws rx that can be understood - * as the message completion. - */ - - if (!ebuf.len && /* zero-length inflation output */ - !n && /* nothing left to drain from the inflator */ - wsi->ws->count_act_ext && /* we are using pmd */ - old_packet_length && /* we gave the inflator new input */ - !wsi->ws->rx_packet_length && /* raw ws packet payload all gone */ - wsi->ws->final && /* the raw ws packet is a FIN guy */ - wsi->protocol->callback && - !wsi->wsistate_pre_close) { - - if (user_callback_handle_rxflow(wsi->protocol->callback, wsi, - LWS_CALLBACK_RECEIVE, - wsi->user_space, NULL, 0)) - return -1; - - return avail; - } -#endif - - if (!ebuf.len) - return avail; - - if ( -#if !defined(LWS_WITHOUT_EXTENSIONS) - n && -#endif - ebuf.len) - /* extension had more... main loop will come back */ - lws_add_wsi_to_draining_ext_list(wsi); - else - lws_remove_wsi_from_draining_ext_list(wsi); - - if (wsi->ws->check_utf8 && !wsi->ws->defeat_check_utf8) { - if (lws_check_utf8(&wsi->ws->utf8, - (unsigned char *)ebuf.token, ebuf.len)) { - lws_close_reason(wsi, LWS_CLOSE_STATUS_INVALID_PAYLOAD, - (uint8_t *)"bad utf8", 8); - goto utf8_fail; - } - - /* we are ending partway through utf-8 character? */ - if (!wsi->ws->rx_packet_length && wsi->ws->final && - wsi->ws->utf8 && !n) { - lwsl_info("FINAL utf8 error\n"); - lws_close_reason(wsi, LWS_CLOSE_STATUS_INVALID_PAYLOAD, - (uint8_t *)"partial utf8", 12); - -utf8_fail: - lwsl_info("utf8 error\n"); - lwsl_hexdump_info(ebuf.token, ebuf.len); - - return -1; - } - } - - if (wsi->protocol->callback && !wsi->wsistate_pre_close) - if (user_callback_handle_rxflow(wsi->protocol->callback, wsi, - LWS_CALLBACK_RECEIVE, - wsi->user_space, - ebuf.token, ebuf.len)) - return -1; - - wsi->ws->first_fragment = 0; - -#if !defined(LWS_WITHOUT_EXTENSIONS) - lwsl_info("%s: input used %d, output %d, rem len %d, rx_draining_ext %d\n", - __func__, avail, ebuf.len, (int)len, wsi->ws->rx_draining_ext); -#endif - - return avail; /* how much we used from the input */ -} - - -int -lws_parse_ws(struct lws *wsi, unsigned char **buf, size_t len) -{ - int m, bulk = 0; - - lwsl_debug("%s: received %d byte packet\n", __func__, (int)len); - - //lwsl_hexdump_notice(*buf, len); - - /* let the rx protocol state machine have as much as it needs */ - - while (len) { - /* - * we were accepting input but now we stopped doing so - */ - if (wsi->rxflow_bitmap) { - lwsl_info("%s: doing rxflow\n", __func__); - lws_rxflow_cache(wsi, *buf, 0, (int)len); - lwsl_parser("%s: cached %ld\n", __func__, (long)len); - *buf += len; /* stashing it is taking care of it */ - return 1; - } -#if !defined(LWS_WITHOUT_EXTENSIONS) - if (wsi->ws->rx_draining_ext) { - lwsl_debug("%s: draining rx ext\n", __func__); - m = lws_ws_rx_sm(wsi, ALREADY_PROCESSED_IGNORE_CHAR, 0); - if (m < 0) - return -1; - continue; - } -#endif - - /* consume payload bytes efficiently */ - while (wsi->lws_rx_parse_state == LWS_RXPS_WS_FRAME_PAYLOAD && - (wsi->ws->opcode == LWSWSOPC_TEXT_FRAME || - wsi->ws->opcode == LWSWSOPC_BINARY_FRAME || - wsi->ws->opcode == LWSWSOPC_CONTINUATION) && - len) { - uint8_t *bin = *buf; - - bulk = 1; - m = lws_ws_frame_rest_is_payload(wsi, buf, len); - assert((int)lws_ptr_diff(*buf, bin) <= (int)len); - len -= lws_ptr_diff(*buf, bin); - - if (!m) { - - break; - } - if (m < 0) { - lwsl_info("%s: rest_is_payload bailed\n", - __func__); - return -1; - } - } - - if (!bulk) { - /* process the byte */ - m = lws_ws_rx_sm(wsi, 0, *(*buf)++); - len--; - } else { - /* - * We already handled this byte in bulk, just deal - * with the ramifications - */ -#if !defined(LWS_WITHOUT_EXTENSIONS) - lwsl_debug("%s: coming out of bulk with len %d, " - "wsi->ws->rx_draining_ext %d\n", - __func__, (int)len, - wsi->ws->rx_draining_ext); -#endif - m = lws_ws_rx_sm(wsi, ALREADY_PROCESSED_IGNORE_CHAR | - ALREADY_PROCESSED_NO_CB, 0); - } - - if (m < 0) { - lwsl_info("%s: lws_ws_rx_sm bailed %d\n", __func__, - bulk); - - return -1; - } - - bulk = 0; - } - - lwsl_debug("%s: exit with %d unused\n", __func__, (int)len); - - return 0; -} diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genhash.c b/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genhash.c deleted file mode 100644 index ce4ee6e382..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genhash.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * libwebsockets - generic hash and HMAC api hiding the backend - * - * Copyright (C) 2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * lws_genhash provides a hash / hmac abstraction api in lws that works the - * same whether you are using openssl or mbedtls hash functions underneath. - */ -#include "libwebsockets.h" -#include - -#if (MBEDTLS_VERSION_NUMBER >= 0x02070000) -#define MBA(fn) fn##_ret -#else -#define MBA(fn) fn -#endif - -size_t -lws_genhash_size(enum lws_genhash_types type) -{ - switch(type) { - case LWS_GENHASH_TYPE_SHA1: - return 20; - case LWS_GENHASH_TYPE_SHA256: - return 32; - case LWS_GENHASH_TYPE_SHA384: - return 48; - case LWS_GENHASH_TYPE_SHA512: - return 64; - } - - return 0; -} - -int -lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type) -{ - ctx->type = type; - - switch (ctx->type) { - case LWS_GENHASH_TYPE_SHA1: - mbedtls_sha1_init(&ctx->u.sha1); - MBA(mbedtls_sha1_starts)(&ctx->u.sha1); - break; - case LWS_GENHASH_TYPE_SHA256: - mbedtls_sha256_init(&ctx->u.sha256); - MBA(mbedtls_sha256_starts)(&ctx->u.sha256, 0); - break; - case LWS_GENHASH_TYPE_SHA384: - mbedtls_sha512_init(&ctx->u.sha512); - MBA(mbedtls_sha512_starts)(&ctx->u.sha512, 1 /* is384 */); - break; - case LWS_GENHASH_TYPE_SHA512: - mbedtls_sha512_init(&ctx->u.sha512); - MBA(mbedtls_sha512_starts)(&ctx->u.sha512, 0); - break; - default: - return 1; - } - - return 0; -} - -int -lws_genhash_update(struct lws_genhash_ctx *ctx, const void *in, size_t len) -{ - switch (ctx->type) { - case LWS_GENHASH_TYPE_SHA1: - MBA(mbedtls_sha1_update)(&ctx->u.sha1, in, len); - break; - case LWS_GENHASH_TYPE_SHA256: - MBA(mbedtls_sha256_update)(&ctx->u.sha256, in, len); - break; - case LWS_GENHASH_TYPE_SHA384: - MBA(mbedtls_sha512_update)(&ctx->u.sha512, in, len); - break; - case LWS_GENHASH_TYPE_SHA512: - MBA(mbedtls_sha512_update)(&ctx->u.sha512, in, len); - break; - } - - return 0; -} - -int -lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result) -{ - switch (ctx->type) { - case LWS_GENHASH_TYPE_SHA1: - MBA(mbedtls_sha1_finish)(&ctx->u.sha1, result); - mbedtls_sha1_free(&ctx->u.sha1); - break; - case LWS_GENHASH_TYPE_SHA256: - MBA(mbedtls_sha256_finish)(&ctx->u.sha256, result); - mbedtls_sha256_free(&ctx->u.sha256); - break; - case LWS_GENHASH_TYPE_SHA384: - MBA(mbedtls_sha512_finish)(&ctx->u.sha512, result); - mbedtls_sha512_free(&ctx->u.sha512); - break; - case LWS_GENHASH_TYPE_SHA512: - MBA(mbedtls_sha512_finish)(&ctx->u.sha512, result); - mbedtls_sha512_free(&ctx->u.sha512); - break; - } - - return 0; -} - -size_t -lws_genhmac_size(enum lws_genhmac_types type) -{ - switch(type) { - case LWS_GENHMAC_TYPE_SHA256: - return 32; - case LWS_GENHMAC_TYPE_SHA384: - return 48; - case LWS_GENHMAC_TYPE_SHA512: - return 64; - } - - return 0; -} - -int -lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type, - const uint8_t *key, size_t key_len) -{ - int t; - - ctx->type = type; - - switch (type) { - case LWS_GENHMAC_TYPE_SHA256: - t = MBEDTLS_MD_SHA256; - break; - case LWS_GENHMAC_TYPE_SHA384: - t = MBEDTLS_MD_SHA384; - break; - case LWS_GENHMAC_TYPE_SHA512: - t = MBEDTLS_MD_SHA512; - break; - default: - return -1; - } - - ctx->hmac = mbedtls_md_info_from_type(t); - if (!ctx->hmac) - return -1; - - if (mbedtls_md_init_ctx(&ctx->ctx, ctx->hmac)) - return -1; - - if (mbedtls_md_hmac_starts(&ctx->ctx, key, key_len)) { - mbedtls_md_free(&ctx->ctx); - ctx->hmac = NULL; - - return -1; - } - - return 0; -} - -int -lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len) -{ - if (mbedtls_md_hmac_update(&ctx->ctx, in, len)) - return -1; - - return 0; -} - -int -lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result) -{ - int n = 0; - - if (result) - n = mbedtls_md_hmac_finish(&ctx->ctx, result); - - mbedtls_md_free(&ctx->ctx); - ctx->hmac = NULL; - if (n) - return -1; - - return 0; -} diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c b/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c deleted file mode 100644 index 99b2e75653..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c +++ /dev/null @@ -1,329 +0,0 @@ -/* - * libwebsockets - generic RSA api hiding the backend - * - * Copyright (C) 2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * lws_genhash provides a hash / hmac abstraction api in lws that works the - * same whether you are using openssl or mbedtls hash functions underneath. - */ -#include "core/private.h" - -LWS_VISIBLE void -lws_jwk_destroy_genrsa_elements(struct lws_genrsa_elements *el) -{ - int n; - - for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++) - if (el->e[n].buf) - lws_free_set_NULL(el->e[n].buf); -} - -LWS_VISIBLE int -lws_genrsa_create(struct lws_genrsa_ctx *ctx, struct lws_genrsa_elements *el) -{ - memset(ctx, 0, sizeof(*ctx)); - ctx->ctx = lws_zalloc(sizeof(*ctx->ctx), "genrsa"); - if (!ctx->ctx) - return 1; - - mbedtls_rsa_init(ctx->ctx, MBEDTLS_RSA_PKCS_V15, 0); - - { - int n; - - mbedtls_mpi *mpi[LWS_COUNT_RSA_ELEMENTS] = { - &ctx->ctx->E, &ctx->ctx->N, &ctx->ctx->D, &ctx->ctx->P, - &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ, - &ctx->ctx->QP, - }; - - for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++) - if (el->e[n].buf && - mbedtls_mpi_read_binary(mpi[n], el->e[n].buf, - el->e[n].len)) { - lwsl_notice("mpi load failed\n"); - lws_free_set_NULL(ctx->ctx); - - return -1; - } - } - - ctx->ctx->len = el->e[JWK_KEY_N].len; - - return 0; -} - -static int -_rngf(void *context, unsigned char *buf, size_t len) -{ - if ((size_t)lws_get_random(context, buf, len) == len) - return 0; - - return -1; -} - -LWS_VISIBLE int -lws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx, - struct lws_genrsa_elements *el, int bits) -{ - int n; - - memset(ctx, 0, sizeof(*ctx)); - ctx->ctx = lws_zalloc(sizeof(*ctx->ctx), "genrsa"); - if (!ctx->ctx) - return -1; - - mbedtls_rsa_init(ctx->ctx, MBEDTLS_RSA_PKCS_V15, 0); - - n = mbedtls_rsa_gen_key(ctx->ctx, _rngf, context, bits, 65537); - if (n) { - lwsl_err("mbedtls_rsa_gen_key failed 0x%x\n", -n); - goto cleanup_1; - } - - { - mbedtls_mpi *mpi[LWS_COUNT_RSA_ELEMENTS] = { - &ctx->ctx->E, &ctx->ctx->N, &ctx->ctx->D, &ctx->ctx->P, - &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ, - &ctx->ctx->QP, - }; - - for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++) - if (mbedtls_mpi_size(mpi[n])) { - el->e[n].buf = lws_malloc( - mbedtls_mpi_size(mpi[n]), "genrsakey"); - if (!el->e[n].buf) - goto cleanup; - el->e[n].len = mbedtls_mpi_size(mpi[n]); - mbedtls_mpi_write_binary(mpi[n], el->e[n].buf, - el->e[n].len); - } - } - - return 0; - -cleanup: - for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++) - if (el->e[n].buf) - lws_free_set_NULL(el->e[n].buf); -cleanup_1: - lws_free(ctx->ctx); - - return -1; -} - -LWS_VISIBLE int -lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, - size_t in_len, uint8_t *out, size_t out_max) -{ - size_t olen = 0; - int n; - - ctx->ctx->len = in_len; - n = mbedtls_rsa_rsaes_pkcs1_v15_decrypt(ctx->ctx, NULL, NULL, - MBEDTLS_RSA_PUBLIC, - &olen, in, out, out_max); - if (n) { - lwsl_notice("%s: -0x%x\n", __func__, -n); - - return -1; - } - - return olen; -} - -LWS_VISIBLE int -lws_genrsa_public_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, - size_t in_len, uint8_t *out) -{ - int n; - - ctx->ctx->len = in_len; - n = mbedtls_rsa_rsaes_pkcs1_v15_encrypt(ctx->ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, - in_len, in, out); - if (n) { - lwsl_notice("%s: -0x%x\n", __func__, -n); - - return -1; - } - - return 0; -} - -static int -lws_genrsa_genrsa_hash_to_mbed_hash(enum lws_genhash_types hash_type) -{ - int h = -1; - - switch (hash_type) { - case LWS_GENHASH_TYPE_SHA1: - h = MBEDTLS_MD_SHA1; - break; - case LWS_GENHASH_TYPE_SHA256: - h = MBEDTLS_MD_SHA256; - break; - case LWS_GENHASH_TYPE_SHA384: - h = MBEDTLS_MD_SHA384; - break; - case LWS_GENHASH_TYPE_SHA512: - h = MBEDTLS_MD_SHA512; - break; - } - - return h; -} - -LWS_VISIBLE int -lws_genrsa_public_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in, - enum lws_genhash_types hash_type, const uint8_t *sig, - size_t sig_len) -{ - int n, h = lws_genrsa_genrsa_hash_to_mbed_hash(hash_type); - - if (h < 0) - return -1; - - n = mbedtls_rsa_rsassa_pkcs1_v15_verify(ctx->ctx, NULL, NULL, - MBEDTLS_RSA_PUBLIC, - h, 0, in, sig); - if (n < 0) { - lwsl_notice("%s: -0x%x\n", __func__, -n); - - return -1; - } - - return n; -} - -LWS_VISIBLE int -lws_genrsa_public_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in, - enum lws_genhash_types hash_type, uint8_t *sig, - size_t sig_len) -{ - int n, h = lws_genrsa_genrsa_hash_to_mbed_hash(hash_type); - - if (h < 0) - return -1; - - /* - * The "sig" buffer must be as large as the size of ctx->N - * (eg. 128 bytes if RSA-1024 is used). - */ - if (sig_len < ctx->ctx->len) - return -1; - - n = mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx->ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, h, 0, in, - sig); - if (n < 0) { - lwsl_notice("%s: -0x%x\n", __func__, -n); - - return -1; - } - - return ctx->ctx->len; -} - -LWS_VISIBLE int -lws_genrsa_render_pkey_asn1(struct lws_genrsa_ctx *ctx, int _private, - uint8_t *pkey_asn1, size_t pkey_asn1_len) -{ - uint8_t *p = pkey_asn1, *totlen, *end = pkey_asn1 + pkey_asn1_len - 1; - mbedtls_mpi *mpi[LWS_COUNT_RSA_ELEMENTS] = { - &ctx->ctx->N, &ctx->ctx->E, &ctx->ctx->D, &ctx->ctx->P, - &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ, - &ctx->ctx->QP, - }; - int n; - - /* 30 82 - sequence - * 09 29 <-- length(0x0929) less 4 bytes - * 02 01 <- length (1) - * 00 - * 02 82 - * 02 01 <- length (513) N - * ... - * - * 02 03 <- length (3) E - * 01 00 01 - * - * 02 82 - * 02 00 <- length (512) D P Q EXP1 EXP2 COEFF - * - * */ - - *p++ = 0x30; - *p++ = 0x82; - totlen = p; - p += 2; - - *p++ = 0x02; - *p++ = 0x01; - *p++ = 0x00; - - for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++) { - int m = mbedtls_mpi_size(mpi[n]); - uint8_t *elen; - - *p++ = 0x02; - elen = p; - if (m < 0x7f) - *p++ = m; - else { - *p++ = 0x82; - *p++ = m >> 8; - *p++ = m & 0xff; - } - - if (p + m > end) - return -1; - - mbedtls_mpi_write_binary(mpi[n], p, m); - if (p[0] & 0x80) { - p[0] = 0x00; - mbedtls_mpi_write_binary(mpi[n], &p[1], m); - m++; - } - if (m < 0x7f) - *elen = m; - else { - *elen++ = 0x82; - *elen++ = m >> 8; - *elen = m & 0xff; - } - p += m; - } - - n = lws_ptr_diff(p, pkey_asn1); - - *totlen++ = (n - 4) >> 8; - *totlen = (n - 4) & 0xff; - - return n; -} - -LWS_VISIBLE void -lws_genrsa_destroy(struct lws_genrsa_ctx *ctx) -{ - if (!ctx->ctx) - return; - mbedtls_rsa_free(ctx->ctx); - lws_free(ctx->ctx); - ctx->ctx = NULL; -} diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-client.c b/thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-client.c deleted file mode 100644 index 84270c15bc..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-client.c +++ /dev/null @@ -1,245 +0,0 @@ -/* - * libwebsockets - mbedtls-specific client TLS code - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -static int -OpenSSL_client_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) -{ - return 0; -} - -int -lws_ssl_client_bio_create(struct lws *wsi) -{ - char hostname[128], *p; - const char *alpn_comma = wsi->context->tls.alpn_default; - struct alpn_ctx protos; - - if (lws_hdr_copy(wsi, hostname, sizeof(hostname), - _WSI_TOKEN_CLIENT_HOST) <= 0) { - lwsl_err("%s: Unable to get hostname\n", __func__); - - return -1; - } - - /* - * remove any :port part on the hostname... necessary for network - * connection but typical certificates do not contain it - */ - p = hostname; - while (*p) { - if (*p == ':') { - *p = '\0'; - break; - } - p++; - } - - wsi->tls.ssl = SSL_new(wsi->vhost->tls.ssl_client_ctx); - if (!wsi->tls.ssl) - return -1; - - if (wsi->vhost->tls.ssl_info_event_mask) - SSL_set_info_callback(wsi->tls.ssl, lws_ssl_info_callback); - - if (!(wsi->tls.use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) { - X509_VERIFY_PARAM *param = SSL_get0_param(wsi->tls.ssl); - /* Enable automatic hostname checks */ - // X509_VERIFY_PARAM_set_hostflags(param, - // X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); - X509_VERIFY_PARAM_set1_host(param, hostname, 0); - } - - if (wsi->vhost->tls.alpn) - alpn_comma = wsi->vhost->tls.alpn; - - if (lws_hdr_copy(wsi, hostname, sizeof(hostname), - _WSI_TOKEN_CLIENT_ALPN) > 0) - alpn_comma = hostname; - - lwsl_info("%s: %p: client conn sending ALPN list '%s'\n", - __func__, wsi, alpn_comma); - - protos.len = lws_alpn_comma_to_openssl(alpn_comma, protos.data, - sizeof(protos.data) - 1); - - /* with mbedtls, protos is not pointed to after exit from this call */ - SSL_set_alpn_select_cb(wsi->tls.ssl, &protos); - - /* - * use server name indication (SNI), if supported, - * when establishing connection - */ - SSL_set_verify(wsi->tls.ssl, SSL_VERIFY_PEER, - OpenSSL_client_verify_callback); - - SSL_set_fd(wsi->tls.ssl, wsi->desc.sockfd); - - return 0; -} - -int ERR_get_error(void) -{ - return 0; -} - -enum lws_ssl_capable_status -lws_tls_client_connect(struct lws *wsi) -{ - int m, n = SSL_connect(wsi->tls.ssl); - const unsigned char *prot; - unsigned int len; - - if (n == 1) { - SSL_get0_alpn_selected(wsi->tls.ssl, &prot, &len); - lws_role_call_alpn_negotiated(wsi, (const char *)prot); - lwsl_info("client connect OK\n"); - return LWS_SSL_CAPABLE_DONE; - } - - m = SSL_get_error(wsi->tls.ssl, n); - - if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) - return LWS_SSL_CAPABLE_MORE_SERVICE_READ; - - if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) - return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE; - - if (!n) /* we don't know what he wants, but he says to retry */ - return LWS_SSL_CAPABLE_MORE_SERVICE; - - return LWS_SSL_CAPABLE_ERROR; -} - -int -lws_tls_client_confirm_peer_cert(struct lws *wsi, char *ebuf, int ebuf_len) -{ - int n; - X509 *peer = SSL_get_peer_certificate(wsi->tls.ssl); - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - char *sb = (char *)&pt->serv_buf[0]; - - if (!peer) { - lwsl_info("peer did not provide cert\n"); - - return -1; - } - lwsl_info("peer provided cert\n"); - - n = SSL_get_verify_result(wsi->tls.ssl); - lws_latency(wsi->context, wsi, - "SSL_get_verify_result LWS_CONNMODE..HANDSHAKE", n, n > 0); - - lwsl_debug("get_verify says %d\n", n); - - if (n == X509_V_OK) - return 0; - - if (n == X509_V_ERR_HOSTNAME_MISMATCH && - (wsi->tls.use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) { - lwsl_info("accepting certificate for invalid hostname\n"); - return 0; - } - - if (n == X509_V_ERR_INVALID_CA && - (wsi->tls.use_ssl & LCCSCF_ALLOW_SELFSIGNED)) { - lwsl_info("accepting certificate from untrusted CA\n"); - return 0; - } - - if ((n == X509_V_ERR_CERT_NOT_YET_VALID || - n == X509_V_ERR_CERT_HAS_EXPIRED) && - (wsi->tls.use_ssl & LCCSCF_ALLOW_EXPIRED)) { - lwsl_info("accepting expired or not yet valid certificate\n"); - - return 0; - } - lws_snprintf(ebuf, ebuf_len, - "server's cert didn't look good, X509_V_ERR = %d: %s\n", - n, ERR_error_string(n, sb)); - lwsl_info("%s\n", ebuf); - lws_ssl_elaborate_error(); - - return -1; -} - -int -lws_tls_client_create_vhost_context(struct lws_vhost *vh, - const struct lws_context_creation_info *info, - const char *cipher_list, - const char *ca_filepath, - const void *ca_mem, - unsigned int ca_mem_len, - const char *cert_filepath, - const char *private_key_filepath) -{ - X509 *d2i_X509(X509 **cert, const unsigned char *buffer, long len); - SSL_METHOD *method = (SSL_METHOD *)TLS_client_method(); - unsigned long error; - lws_filepos_t len; - uint8_t *buf; - - if (!method) { - error = ERR_get_error(); - lwsl_err("problem creating ssl method %lu: %s\n", - error, ERR_error_string(error, - (char *)vh->context->pt[0].serv_buf)); - return 1; - } - /* create context */ - vh->tls.ssl_client_ctx = SSL_CTX_new(method); - if (!vh->tls.ssl_client_ctx) { - error = ERR_get_error(); - lwsl_err("problem creating ssl context %lu: %s\n", - error, ERR_error_string(error, - (char *)vh->context->pt[0].serv_buf)); - return 1; - } - - if (!ca_filepath && (!ca_mem || !ca_mem_len)) - return 0; - - if (ca_filepath) { - if (alloc_file(vh->context, ca_filepath, &buf, &len)) { - lwsl_err("Load CA cert file %s failed\n", ca_filepath); - return 1; - } - vh->tls.x509_client_CA = d2i_X509(NULL, buf, len); - free(buf); - } else { - vh->tls.x509_client_CA = d2i_X509(NULL, (uint8_t*)ca_mem, ca_mem_len); - } - - if (!vh->tls.x509_client_CA) { - lwsl_err("client CA: x509 parse failed\n"); - return 1; - } - - if (!vh->tls.ssl_ctx) - SSL_CTX_add_client_CA(vh->tls.ssl_client_ctx, vh->tls.x509_client_CA); - else - SSL_CTX_add_client_CA(vh->tls.ssl_ctx, vh->tls.x509_client_CA); - - lwsl_notice("client loaded CA for verification %s\n", ca_filepath); - - return 0; -} diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-server.c b/thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-server.c deleted file mode 100644 index df6ddf2c61..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/mbedtls-server.c +++ /dev/null @@ -1,699 +0,0 @@ -/* - * libwebsockets - mbedTLS-specific server functions - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" -#include - -int -lws_tls_server_client_cert_verify_config(struct lws_vhost *vh) -{ - int verify_options = SSL_VERIFY_PEER; - - /* as a server, are we requiring clients to identify themselves? */ - if (!lws_check_opt(vh->options, - LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT)) { - lwsl_notice("no client cert required\n"); - return 0; - } - - /* - * The wrapper has this messed-up mapping: - * - * else if (ctx->verify_mode == SSL_VERIFY_FAIL_IF_NO_PEER_CERT) - * mode = MBEDTLS_SSL_VERIFY_OPTIONAL; - * - * ie the meaning is inverted. So where we should test for ! we don't - */ - if (lws_check_opt(vh->options, LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED)) - verify_options = SSL_VERIFY_FAIL_IF_NO_PEER_CERT; - - lwsl_notice("%s: vh %s requires client cert %d\n", __func__, vh->name, - verify_options); - - SSL_CTX_set_verify(vh->tls.ssl_ctx, verify_options, NULL); - - return 0; -} - -static int -lws_mbedtls_sni_cb(void *arg, mbedtls_ssl_context *mbedtls_ctx, - const unsigned char *servername, size_t len) -{ - SSL *ssl = SSL_SSL_from_mbedtls_ssl_context(mbedtls_ctx); - struct lws_context *context = (struct lws_context *)arg; - struct lws_vhost *vhost, *vh; - - lwsl_notice("%s: %s\n", __func__, servername); - - /* - * We can only get ssl accepted connections by using a vhost's ssl_ctx - * find out which listening one took us and only match vhosts on the - * same port. - */ - vh = context->vhost_list; - while (vh) { - if (!vh->being_destroyed && - vh->tls.ssl_ctx == SSL_get_SSL_CTX(ssl)) - break; - vh = vh->vhost_next; - } - - if (!vh) { - assert(vh); /* can't match the incoming vh? */ - return 0; - } - - vhost = lws_select_vhost(context, vh->listen_port, - (const char *)servername); - if (!vhost) { - lwsl_info("SNI: none: %s:%d\n", servername, vh->listen_port); - - return 0; - } - - lwsl_info("SNI: Found: %s:%d at vhost '%s'\n", servername, - vh->listen_port, vhost->name); - - /* select the ssl ctx from the selected vhost for this conn */ - SSL_set_SSL_CTX(ssl, vhost->tls.ssl_ctx); - - return 0; -} - -int -lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi, - const char *cert, const char *private_key, - const char *mem_cert, size_t len_mem_cert, - const char *mem_privkey, size_t mem_privkey_len) -{ - int n, f = 0; - const char *filepath = private_key; - uint8_t *mem = NULL, *p = NULL; - size_t mem_len = 0; - lws_filepos_t flen; - long err; - - if ((!cert || !private_key) && (!mem_cert || !mem_privkey)) { - lwsl_notice("%s: no usable input\n", __func__); - return 0; - } - - n = lws_tls_generic_cert_checks(vhost, cert, private_key); - - if (n == LWS_TLS_EXTANT_NO && (!mem_cert || !mem_privkey)) - return 0; - - /* - * we can't read the root-privs files. But if mem_cert is provided, - * we should use that. - */ - if (n == LWS_TLS_EXTANT_NO) - n = LWS_TLS_EXTANT_ALTERNATIVE; - - if (n == LWS_TLS_EXTANT_ALTERNATIVE && (!mem_cert || !mem_privkey)) - return 1; /* no alternative */ - - if (n == LWS_TLS_EXTANT_ALTERNATIVE) { - /* - * Although we have prepared update certs, we no longer have - * the rights to read our own cert + key we saved. - * - * If we were passed copies in memory buffers, use those - * instead. - * - * The passed memory-buffer cert image is in DER, and the - * memory-buffer private key image is PEM. - */ - /* mem cert is already DER */ - p = (uint8_t *)mem_cert; - flen = len_mem_cert; - /* mem private key is PEM, so go through the motions */ - mem = (uint8_t *)mem_privkey; - mem_len = mem_privkey_len; - filepath = NULL; - } else { - if (lws_tls_alloc_pem_to_der_file(vhost->context, cert, NULL, - 0, &p, &flen)) { - lwsl_err("couldn't find cert file %s\n", cert); - - return 1; - } - f = 1; - } - err = SSL_CTX_use_certificate_ASN1(vhost->tls.ssl_ctx, flen, p); - if (!err) { - free(p); - lwsl_err("Problem loading cert\n"); - return 1; - } - - if (f) - free(p); - p = NULL; - - if (private_key || n == LWS_TLS_EXTANT_ALTERNATIVE) { - if (lws_tls_alloc_pem_to_der_file(vhost->context, filepath, - (char *)mem, mem_len, &p, - &flen)) { - lwsl_err("couldn't find private key file %s\n", - private_key); - - return 1; - } - err = SSL_CTX_use_PrivateKey_ASN1(0, vhost->tls.ssl_ctx, p, flen); - if (!err) { - free(p); - lwsl_err("Problem loading key\n"); - - return 1; - } - } - - if (p && !mem_privkey) { - free(p); - p = NULL; - } - - if (!private_key && !mem_privkey && - vhost->protocols[0].callback(wsi, - LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY, - vhost->tls.ssl_ctx, NULL, 0)) { - lwsl_err("ssl private key not set\n"); - - return 1; - } - - vhost->tls.skipped_certs = 0; - - return 0; -} - -int -lws_tls_server_vhost_backend_init(const struct lws_context_creation_info *info, - struct lws_vhost *vhost, struct lws *wsi) -{ - const SSL_METHOD *method = TLS_server_method(); - uint8_t *p; - lws_filepos_t flen; - int n; - - vhost->tls.ssl_ctx = SSL_CTX_new(method); /* create context */ - if (!vhost->tls.ssl_ctx) { - lwsl_err("problem creating ssl context\n"); - return 1; - } - - if (!vhost->tls.use_ssl || !info->ssl_cert_filepath) - return 0; - - if (info->ssl_ca_filepath) { - lwsl_notice("%s: vh %s: loading CA filepath %s\n", __func__, - vhost->name, info->ssl_ca_filepath); - if (lws_tls_alloc_pem_to_der_file(vhost->context, - info->ssl_ca_filepath, NULL, 0, &p, &flen)) { - lwsl_err("couldn't find client CA file %s\n", - info->ssl_ca_filepath); - - return 1; - } - - if (SSL_CTX_add_client_CA_ASN1(vhost->tls.ssl_ctx, (int)flen, p) != 1) { - lwsl_err("%s: SSL_CTX_add_client_CA_ASN1 unhappy\n", - __func__); - free(p); - return 1; - } - free(p); - } - - n = lws_tls_server_certs_load(vhost, wsi, info->ssl_cert_filepath, - info->ssl_private_key_filepath, NULL, - 0, NULL, 0); - if (n) - return n; - - return 0; -} - -int -lws_tls_server_new_nonblocking(struct lws *wsi, lws_sockfd_type accept_fd) -{ - errno = 0; - wsi->tls.ssl = SSL_new(wsi->vhost->tls.ssl_ctx); - if (wsi->tls.ssl == NULL) { - lwsl_err("SSL_new failed: errno %d\n", errno); - - lws_ssl_elaborate_error(); - return 1; - } - - SSL_set_fd(wsi->tls.ssl, accept_fd); - - if (wsi->vhost->tls.ssl_info_event_mask) - SSL_set_info_callback(wsi->tls.ssl, lws_ssl_info_callback); - - SSL_set_sni_callback(wsi->tls.ssl, lws_mbedtls_sni_cb, wsi->context); - - return 0; -} - -int -lws_tls_server_abort_connection(struct lws *wsi) -{ - __lws_tls_shutdown(wsi); - SSL_free(wsi->tls.ssl); - - return 0; -} - -enum lws_ssl_capable_status -lws_tls_server_accept(struct lws *wsi) -{ - union lws_tls_cert_info_results ir; - int m, n; - - n = SSL_accept(wsi->tls.ssl); - if (n == 1) { - - if (strstr(wsi->vhost->name, ".invalid")) { - lwsl_notice("%s: vhost has .invalid, " - "rejecting accept\n", __func__); - - return LWS_SSL_CAPABLE_ERROR; - } - - n = lws_tls_peer_cert_info(wsi, LWS_TLS_CERT_INFO_COMMON_NAME, - &ir, sizeof(ir.ns.name)); - if (!n) - lwsl_notice("%s: client cert CN '%s'\n", - __func__, ir.ns.name); - else - lwsl_info("%s: couldn't get client cert CN\n", - __func__); - return LWS_SSL_CAPABLE_DONE; - } - - m = SSL_get_error(wsi->tls.ssl, n); - lwsl_debug("%s: %p: accept SSL_get_error %d errno %d\n", __func__, - wsi, m, errno); - - // mbedtls wrapper only - if (m == SSL_ERROR_SYSCALL && errno == 11) - return LWS_SSL_CAPABLE_MORE_SERVICE_READ; - - if (m == SSL_ERROR_SYSCALL || m == SSL_ERROR_SSL) - return LWS_SSL_CAPABLE_ERROR; - - if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) { - if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) { - lwsl_info("%s: WANT_READ change_pollfd failed\n", - __func__); - return LWS_SSL_CAPABLE_ERROR; - } - - lwsl_info("SSL_ERROR_WANT_READ\n"); - return LWS_SSL_CAPABLE_MORE_SERVICE_READ; - } - if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) { - lwsl_debug("%s: WANT_WRITE\n", __func__); - - if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) { - lwsl_info("%s: WANT_WRITE change_pollfd failed\n", - __func__); - return LWS_SSL_CAPABLE_ERROR; - } - return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE; - } - - return LWS_SSL_CAPABLE_ERROR; -} - -#if defined(LWS_WITH_ACME) -/* - * mbedtls doesn't support SAN for cert creation. So we use a known-good - * tls-sni-01 cert from OpenSSL that worked on Let's Encrypt, and just replace - * the pubkey n part and the signature part. - * - * This will need redoing for tls-sni-02... - */ - -static uint8_t ss_cert_leadin[] = { - 0x30, 0x82, - 0x05, 0x56, /* total length: LEN1 (+2 / +3) (correct for 513 + 512)*/ - - 0x30, 0x82, /* length: LEN2 (+6 / +7) (correct for 513) */ - 0x03, 0x3e, - - /* addition: v3 cert (+5 bytes)*/ - 0xa0, 0x03, - 0x02, 0x01, 0x02, - - 0x02, 0x01, 0x01, - 0x30, 0x0d, 0x06, 0x09, 0x2a, - 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3f, - 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, - 0x42, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0b, - 0x73, 0x6f, 0x6d, 0x65, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x31, - 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x11, 0x74, 0x65, - 0x6d, 0x70, 0x2e, 0x61, 0x63, 0x6d, 0x65, 0x2e, 0x69, 0x6e, 0x76, 0x61, - 0x6c, 0x69, 0x64, 0x30, 0x1e, 0x17, 0x0d, - - /* from 2017-10-29 ... */ - 0x31, 0x37, 0x31, 0x30, 0x32, 0x39, 0x31, 0x31, 0x34, 0x39, 0x34, 0x35, - 0x5a, 0x17, 0x0d, - - /* thru 2049-10-29 we immediately discard the private key, no worries */ - 0x34, 0x39, 0x31, 0x30, 0x32, 0x39, 0x31, 0x32, 0x34, 0x39, 0x34, 0x35, - 0x5a, - - 0x30, 0x3f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x47, 0x42, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, - 0x0c, 0x0b, 0x73, 0x6f, 0x6d, 0x65, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x6e, - 0x79, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x11, - 0x74, 0x65, 0x6d, 0x70, 0x2e, 0x61, 0x63, 0x6d, 0x65, 0x2e, 0x69, 0x6e, - 0x76, 0x61, 0x6c, 0x69, 0x64, 0x30, - - 0x82, - 0x02, 0x22, /* LEN3 (+C3 / C4) */ - 0x30, 0x0d, 0x06, - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, - 0x03, - - 0x82, - 0x02, 0x0f, /* LEN4 (+D6 / D7) */ - - 0x00, 0x30, 0x82, - - 0x02, 0x0a, /* LEN5 (+ DB / DC) */ - - 0x02, 0x82, - - //0x02, 0x01, /* length of n in bytes (including leading 00 if any) */ - }, - - /* 1 + (keybits / 8) bytes N */ - - ss_cert_san_leadin[] = { - /* e - fixed */ - 0x02, 0x03, 0x01, 0x00, 0x01, - - 0xa3, 0x5d, 0x30, 0x5b, 0x30, 0x59, 0x06, 0x03, 0x55, 0x1d, - 0x11, 0x04, 0x52, 0x30, 0x50, /* <-- SAN length + 2 */ - - 0x82, 0x4e, /* <-- SAN length */ - }, - - /* 78 bytes of SAN (tls-sni-01) - 0x61, 0x64, 0x34, 0x31, 0x61, 0x66, 0x62, 0x65, 0x30, 0x63, 0x61, 0x34, - 0x36, 0x34, 0x32, 0x66, 0x30, 0x61, 0x34, 0x34, 0x39, 0x64, 0x39, 0x63, - 0x61, 0x37, 0x36, 0x65, 0x62, 0x61, 0x61, 0x62, 0x2e, 0x32, 0x38, 0x39, - 0x34, 0x64, 0x34, 0x31, 0x36, 0x63, 0x39, 0x38, 0x33, 0x66, 0x31, 0x32, - 0x65, 0x64, 0x37, 0x33, 0x31, 0x61, 0x33, 0x30, 0x66, 0x35, 0x63, 0x34, - 0x34, 0x37, 0x37, 0x66, 0x65, 0x2e, 0x61, 0x63, 0x6d, 0x65, 0x2e, 0x69, - 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, */ - - /* end of LEN2 area */ - - ss_cert_sig_leadin[] = { - /* it's saying that the signature is SHA256 + RSA */ - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, - - 0x82, - 0x02, 0x01, - 0x00, - }; - - /* (keybits / 8) bytes signature to end of LEN1 area */ - -#define SAN_A_LENGTH 78 - -LWS_VISIBLE int -lws_tls_acme_sni_cert_create(struct lws_vhost *vhost, const char *san_a, - const char *san_b) -{ - int buflen = 0x560; - uint8_t *buf = lws_malloc(buflen, "tmp cert buf"), *p = buf, *pkey_asn1; - struct lws_genrsa_ctx ctx; - struct lws_genrsa_elements el; - uint8_t digest[32]; - struct lws_genhash_ctx hash_ctx; - int pkey_asn1_len = 3 * 1024; - int n, m, keybits = lws_plat_recommended_rsa_bits(), adj; - - if (!buf) - return 1; - - n = lws_genrsa_new_keypair(vhost->context, &ctx, &el, keybits); - if (n < 0) { - lws_jwk_destroy_genrsa_elements(&el); - goto bail1; - } - - n = sizeof(ss_cert_leadin); - memcpy(p, ss_cert_leadin, n); - p += n; - - adj = (0x0556 - 0x401) + (keybits / 4) + 1; - buf[2] = adj >> 8; - buf[3] = adj & 0xff; - - adj = (0x033e - 0x201) + (keybits / 8) + 1; - buf[6] = adj >> 8; - buf[7] = adj & 0xff; - - adj = (0x0222 - 0x201) + (keybits / 8) + 1; - buf[0xc3] = adj >> 8; - buf[0xc4] = adj & 0xff; - - adj = (0x020f - 0x201) + (keybits / 8) + 1; - buf[0xd6] = adj >> 8; - buf[0xd7] = adj & 0xff; - - adj = (0x020a - 0x201) + (keybits / 8) + 1; - buf[0xdb] = adj >> 8; - buf[0xdc] = adj & 0xff; - - *p++ = ((keybits / 8) + 1) >> 8; - *p++ = ((keybits / 8) + 1) & 0xff; - - /* we need to drop 1 + (keybits / 8) bytes of n in here, 00 + key */ - - *p++ = 0x00; - memcpy(p, el.e[JWK_KEY_N].buf, el.e[JWK_KEY_N].len); - p += el.e[JWK_KEY_N].len; - - memcpy(p, ss_cert_san_leadin, sizeof(ss_cert_san_leadin)); - p += sizeof(ss_cert_san_leadin); - - /* drop in 78 bytes of san_a */ - - memcpy(p, san_a, SAN_A_LENGTH); - p += SAN_A_LENGTH; - memcpy(p, ss_cert_sig_leadin, sizeof(ss_cert_sig_leadin)); - - p[17] = ((keybits / 8) + 1) >> 8; - p[18] = ((keybits / 8) + 1) & 0xff; - - p += sizeof(ss_cert_sig_leadin); - - /* hash the cert plaintext */ - - if (lws_genhash_init(&hash_ctx, LWS_GENHASH_TYPE_SHA256)) - goto bail2; - - if (lws_genhash_update(&hash_ctx, buf, lws_ptr_diff(p, buf))) { - lws_genhash_destroy(&hash_ctx, NULL); - - goto bail2; - } - if (lws_genhash_destroy(&hash_ctx, digest)) - goto bail2; - - /* sign the hash */ - - n = lws_genrsa_public_sign(&ctx, digest, LWS_GENHASH_TYPE_SHA256, p, - buflen - lws_ptr_diff(p, buf)); - if (n < 0) - goto bail2; - p += n; - - pkey_asn1 = lws_malloc(pkey_asn1_len, "mbed crt tmp"); - if (!pkey_asn1) - goto bail2; - - m = lws_genrsa_render_pkey_asn1(&ctx, 1, pkey_asn1, pkey_asn1_len); - if (m < 0) { - lws_free(pkey_asn1); - goto bail2; - } - -// lwsl_hexdump_level(LLL_DEBUG, buf, lws_ptr_diff(p, buf)); - n = SSL_CTX_use_certificate_ASN1(vhost->tls.ssl_ctx, - lws_ptr_diff(p, buf), buf); - if (n != 1) { - lws_free(pkey_asn1); - lwsl_err("%s: generated cert failed to load 0x%x\n", - __func__, -n); - } else { - //lwsl_debug("private key\n"); - //lwsl_hexdump_level(LLL_DEBUG, pkey_asn1, n); - - /* and to use our generated private key */ - n = SSL_CTX_use_PrivateKey_ASN1(0, vhost->tls.ssl_ctx, - pkey_asn1, m); - lws_free(pkey_asn1); - if (n != 1) { - lwsl_err("%s: SSL_CTX_use_PrivateKey_ASN1 failed\n", - __func__); - } - } - - lws_genrsa_destroy(&ctx); - lws_jwk_destroy_genrsa_elements(&el); - - lws_free(buf); - - return n != 1; - -bail2: - lws_genrsa_destroy(&ctx); - lws_jwk_destroy_genrsa_elements(&el); -bail1: - lws_free(buf); - - return -1; -} - -void -lws_tls_acme_sni_cert_destroy(struct lws_vhost *vhost) -{ -} - -#if defined(LWS_WITH_JWS) -static int -_rngf(void *context, unsigned char *buf, size_t len) -{ - if ((size_t)lws_get_random(context, buf, len) == len) - return 0; - - return -1; -} - -static const char *x5[] = { "C", "ST", "L", "O", "CN" }; - -/* - * CSR is output formatted as b64url(DER) - * Private key is output as a PEM in memory - */ -LWS_VISIBLE LWS_EXTERN int -lws_tls_acme_sni_csr_create(struct lws_context *context, const char *elements[], - uint8_t *dcsr, size_t csr_len, char **privkey_pem, - size_t *privkey_len) -{ - mbedtls_x509write_csr csr; - mbedtls_pk_context mpk; - int buf_size = 4096, n; - char subject[200], *p = subject, *end = p + sizeof(subject) - 1; - uint8_t *buf = malloc(buf_size); /* malloc because given to user code */ - - if (!buf) - return -1; - - mbedtls_x509write_csr_init(&csr); - - mbedtls_pk_init(&mpk); - if (mbedtls_pk_setup(&mpk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA))) { - lwsl_notice("%s: pk_setup failed\n", __func__); - goto fail; - } - - n = mbedtls_rsa_gen_key(mbedtls_pk_rsa(mpk), _rngf, context, - lws_plat_recommended_rsa_bits(), 65537); - if (n) { - lwsl_notice("%s: failed to generate keys\n", __func__); - - goto fail1; - } - - /* subject must be formatted like "C=TW,O=warmcat,CN=myserver" */ - - for (n = 0; n < (int)LWS_ARRAY_SIZE(x5); n++) { - if (p != subject) - *p++ = ','; - if (elements[n]) - p += lws_snprintf(p, end - p, "%s=%s", x5[n], - elements[n]); - } - - if (mbedtls_x509write_csr_set_subject_name(&csr, subject)) - goto fail1; - - mbedtls_x509write_csr_set_key(&csr, &mpk); - mbedtls_x509write_csr_set_md_alg(&csr, MBEDTLS_MD_SHA256); - - /* - * data is written at the end of the buffer! Use the - * return value to determine where you should start - * using the buffer - */ - n = mbedtls_x509write_csr_der(&csr, buf, buf_size, _rngf, context); - if (n < 0) { - lwsl_notice("%s: write csr der failed\n", __func__); - goto fail1; - } - - /* we have it in DER, we need it in b64URL */ - - n = lws_jws_base64_enc((char *)(buf + buf_size) - n, n, - (char *)dcsr, csr_len); - if (n < 0) - goto fail1; - - /* - * okay, the CSR is done, last we need the private key in PEM - * re-use the DER CSR buf as the result buffer since we cn do it in - * one step - */ - - if (mbedtls_pk_write_key_pem(&mpk, buf, buf_size)) { - lwsl_notice("write key pem failed\n"); - goto fail1; - } - - *privkey_pem = (char *)buf; - *privkey_len = strlen((const char *)buf); - - mbedtls_pk_free(&mpk); - mbedtls_x509write_csr_free(&csr); - - return n; - -fail1: - mbedtls_pk_free(&mpk); -fail: - mbedtls_x509write_csr_free(&csr); - free(buf); - - return -1; -} -#endif -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/ssl.c b/thirdparty/libwebsockets/lib/tls/mbedtls/ssl.c deleted file mode 100644 index b81f88862b..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/ssl.c +++ /dev/null @@ -1,509 +0,0 @@ -/* - * libwebsockets - mbedTLS-specific lws apis - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" -#include - -void -lws_ssl_elaborate_error(void) -{ -} - -int -lws_context_init_ssl_library(const struct lws_context_creation_info *info) -{ - lwsl_info(" Compiled with MbedTLS support\n"); - - if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) - lwsl_info(" SSL disabled: no " - "LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT\n"); - - return 0; -} - -LWS_VISIBLE void -lws_ssl_destroy(struct lws_vhost *vhost) -{ - if (!lws_check_opt(vhost->context->options, - LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) - return; - - if (vhost->tls.ssl_ctx) - SSL_CTX_free(vhost->tls.ssl_ctx); - if (!vhost->tls.user_supplied_ssl_ctx && vhost->tls.ssl_client_ctx) - SSL_CTX_free(vhost->tls.ssl_client_ctx); - - if (vhost->tls.x509_client_CA) - X509_free(vhost->tls.x509_client_CA); -} - -LWS_VISIBLE int -lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, int len) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - int n = 0, m; - - if (!wsi->tls.ssl) - return lws_ssl_capable_read_no_ssl(wsi, buf, len); - - lws_stats_atomic_bump(context, pt, LWSSTATS_C_API_READ, 1); - - errno = 0; - n = SSL_read(wsi->tls.ssl, buf, len); -#if defined(LWS_WITH_ESP32) - if (!n && errno == LWS_ENOTCONN) { - lwsl_debug("%p: SSL_read ENOTCONN\n", wsi); - return LWS_SSL_CAPABLE_ERROR; - } -#endif -#if defined(LWS_WITH_STATS) - if (!wsi->seen_rx && wsi->accept_start_us) { - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_MS_SSL_RX_DELAY, - lws_time_in_microseconds() - - wsi->accept_start_us); - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_SSL_CONNS_HAD_RX, 1); - wsi->seen_rx = 1; - } -#endif - - - lwsl_debug("%p: SSL_read says %d\n", wsi, n); - /* manpage: returning 0 means connection shut down */ - if (!n) { - wsi->socket_is_permanently_unusable = 1; - - return LWS_SSL_CAPABLE_ERROR; - } - - if (n < 0) { - m = SSL_get_error(wsi->tls.ssl, n); - lwsl_debug("%p: ssl err %d errno %d\n", wsi, m, errno); - if (m == SSL_ERROR_ZERO_RETURN || - m == SSL_ERROR_SYSCALL) - return LWS_SSL_CAPABLE_ERROR; - - if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) { - lwsl_debug("%s: WANT_READ\n", __func__); - lwsl_debug("%p: LWS_SSL_CAPABLE_MORE_SERVICE\n", wsi); - return LWS_SSL_CAPABLE_MORE_SERVICE; - } - if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) { - lwsl_debug("%s: WANT_WRITE\n", __func__); - lwsl_debug("%p: LWS_SSL_CAPABLE_MORE_SERVICE\n", wsi); - return LWS_SSL_CAPABLE_MORE_SERVICE; - } - wsi->socket_is_permanently_unusable = 1; - - return LWS_SSL_CAPABLE_ERROR; - } - - lws_stats_atomic_bump(context, pt, LWSSTATS_B_READ, n); - - if (wsi->vhost) - wsi->vhost->conn_stats.rx += n; - - /* - * if it was our buffer that limited what we read, - * check if SSL has additional data pending inside SSL buffers. - * - * Because these won't signal at the network layer with POLLIN - * and if we don't realize, this data will sit there forever - */ - if (n != len) - goto bail; - if (!wsi->tls.ssl) - goto bail; - - if (SSL_pending(wsi->tls.ssl) && - lws_dll_is_null(&wsi->tls.pending_tls_list)) { - - lws_dll_lws_add_front(&wsi->tls.pending_tls_list, - &pt->tls.pending_tls_head); - } - - return n; -bail: - lws_ssl_remove_wsi_from_buffered_list(wsi); - - return n; -} - -LWS_VISIBLE int -lws_ssl_pending(struct lws *wsi) -{ - if (!wsi->tls.ssl) - return 0; - - return SSL_pending(wsi->tls.ssl); -} - -LWS_VISIBLE int -lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, int len) -{ - int n, m; - - if (!wsi->tls.ssl) - return lws_ssl_capable_write_no_ssl(wsi, buf, len); - - n = SSL_write(wsi->tls.ssl, buf, len); - if (n > 0) - return n; - - m = SSL_get_error(wsi->tls.ssl, n); - if (m != SSL_ERROR_SYSCALL) { - if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) { - lwsl_notice("%s: want read\n", __func__); - - return LWS_SSL_CAPABLE_MORE_SERVICE; - } - - if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) { - lws_set_blocking_send(wsi); - lwsl_debug("%s: want write\n", __func__); - - return LWS_SSL_CAPABLE_MORE_SERVICE; - } - } - - lwsl_debug("%s failed: %d\n",__func__, m); - wsi->socket_is_permanently_unusable = 1; - - return LWS_SSL_CAPABLE_ERROR; -} - -int openssl_SSL_CTX_private_data_index; - -void -lws_ssl_info_callback(const SSL *ssl, int where, int ret) -{ - struct lws *wsi; - struct lws_context *context; - struct lws_ssl_info si; - - context = (struct lws_context *)SSL_CTX_get_ex_data( - SSL_get_SSL_CTX(ssl), - openssl_SSL_CTX_private_data_index); - if (!context) - return; - wsi = wsi_from_fd(context, SSL_get_fd(ssl)); - if (!wsi) - return; - - if (!(where & wsi->vhost->tls.ssl_info_event_mask)) - return; - - si.where = where; - si.ret = ret; - - if (user_callback_handle_rxflow(wsi->protocol->callback, - wsi, LWS_CALLBACK_SSL_INFO, - wsi->user_space, &si, 0)) - lws_set_timeout(wsi, PENDING_TIMEOUT_KILLED_BY_SSL_INFO, -1); -} - - -LWS_VISIBLE int -lws_ssl_close(struct lws *wsi) -{ - lws_sockfd_type n; - - if (!wsi->tls.ssl) - return 0; /* not handled */ - -#if defined (LWS_HAVE_SSL_SET_INFO_CALLBACK) - /* kill ssl callbacks, becausse we will remove the fd from the - * table linking it to the wsi - */ - if (wsi->vhost->tls.ssl_info_event_mask) - SSL_set_info_callback(wsi->tls.ssl, NULL); -#endif - - n = SSL_get_fd(wsi->tls.ssl); - if (!wsi->socket_is_permanently_unusable) - SSL_shutdown(wsi->tls.ssl); - compatible_close(n); - SSL_free(wsi->tls.ssl); - wsi->tls.ssl = NULL; - - if (!lwsi_role_client(wsi) && - wsi->context->simultaneous_ssl_restriction && - wsi->context->simultaneous_ssl-- == - wsi->context->simultaneous_ssl_restriction) - /* we made space and can do an accept */ - lws_gate_accepts(wsi->context, 1); - -#if defined(LWS_WITH_STATS) - wsi->context->updated = 1; -#endif - - return 1; /* handled */ -} - -void -lws_ssl_SSL_CTX_destroy(struct lws_vhost *vhost) -{ - if (vhost->tls.ssl_ctx) - SSL_CTX_free(vhost->tls.ssl_ctx); - - if (!vhost->tls.user_supplied_ssl_ctx && vhost->tls.ssl_client_ctx) - SSL_CTX_free(vhost->tls.ssl_client_ctx); -#if defined(LWS_WITH_ACME) - lws_tls_acme_sni_cert_destroy(vhost); -#endif -} - -void -lws_ssl_context_destroy(struct lws_context *context) -{ -} - -lws_tls_ctx * -lws_tls_ctx_from_wsi(struct lws *wsi) -{ - if (!wsi->tls.ssl) - return NULL; - - return SSL_get_SSL_CTX(wsi->tls.ssl); -} - -enum lws_ssl_capable_status -__lws_tls_shutdown(struct lws *wsi) -{ - int n = SSL_shutdown(wsi->tls.ssl); - - lwsl_debug("SSL_shutdown=%d for fd %d\n", n, wsi->desc.sockfd); - - switch (n) { - case 1: /* successful completion */ - n = shutdown(wsi->desc.sockfd, SHUT_WR); - return LWS_SSL_CAPABLE_DONE; - - case 0: /* needs a retry */ - __lws_change_pollfd(wsi, 0, LWS_POLLIN); - return LWS_SSL_CAPABLE_MORE_SERVICE; - - default: /* fatal error, or WANT */ - n = SSL_get_error(wsi->tls.ssl, n); - if (n != SSL_ERROR_SYSCALL && n != SSL_ERROR_SSL) { - if (SSL_want_read(wsi->tls.ssl)) { - lwsl_debug("(wants read)\n"); - __lws_change_pollfd(wsi, 0, LWS_POLLIN); - return LWS_SSL_CAPABLE_MORE_SERVICE_READ; - } - if (SSL_want_write(wsi->tls.ssl)) { - lwsl_debug("(wants write)\n"); - __lws_change_pollfd(wsi, 0, LWS_POLLOUT); - return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE; - } - } - return LWS_SSL_CAPABLE_ERROR; - } -} - -static time_t -lws_tls_mbedtls_time_to_unix(mbedtls_x509_time *xtime) -{ - struct tm t; - - if (!xtime || !xtime->year || xtime->year < 0) - return (time_t)(long long)-1; - - memset(&t, 0, sizeof(t)); - - t.tm_year = xtime->year - 1900; - t.tm_mon = xtime->mon - 1; /* mbedtls months are 1+, tm are 0+ */ - t.tm_mday = xtime->day - 1; /* mbedtls days are 1+, tm are 0+ */ - t.tm_hour = xtime->hour; - t.tm_min = xtime->min; - t.tm_sec = xtime->sec; - t.tm_isdst = -1; - - return mktime(&t); -} - -static int -lws_tls_mbedtls_get_x509_name(mbedtls_x509_name *name, - union lws_tls_cert_info_results *buf, size_t len) -{ - while (name) { - if (MBEDTLS_OID_CMP(MBEDTLS_OID_AT_CN, &name->oid)) { - name = name->next; - continue; - } - - if (len - 1 < name->val.len) - return -1; - - memcpy(&buf->ns.name[0], name->val.p, name->val.len); - buf->ns.name[name->val.len] = '\0'; - buf->ns.len = name->val.len; - - return 0; - } - - return -1; -} - -static int -lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, - union lws_tls_cert_info_results *buf, size_t len) -{ - if (!x509) - return -1; - - switch (type) { - case LWS_TLS_CERT_INFO_VALIDITY_FROM: - buf->time = lws_tls_mbedtls_time_to_unix(&x509->valid_from); - if (buf->time == (time_t)(long long)-1) - return -1; - break; - - case LWS_TLS_CERT_INFO_VALIDITY_TO: - buf->time = lws_tls_mbedtls_time_to_unix(&x509->valid_to); - if (buf->time == (time_t)(long long)-1) - return -1; - break; - - case LWS_TLS_CERT_INFO_COMMON_NAME: - return lws_tls_mbedtls_get_x509_name(&x509->subject, buf, len); - - case LWS_TLS_CERT_INFO_ISSUER_NAME: - return lws_tls_mbedtls_get_x509_name(&x509->issuer, buf, len); - - case LWS_TLS_CERT_INFO_USAGE: - buf->usage = x509->key_usage; - break; - - case LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY: - { - char *p = buf->ns.name; - size_t r = len, u; - - switch (mbedtls_pk_get_type(&x509->pk)) { - case MBEDTLS_PK_RSA: - { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa(x509->pk); - - if (mbedtls_mpi_write_string(&rsa->N, 16, p, r, &u)) - return -1; - r -= u; - p += u; - if (mbedtls_mpi_write_string(&rsa->E, 16, p, r, &u)) - return -1; - - p += u; - buf->ns.len = lws_ptr_diff(p, buf->ns.name); - break; - } - case MBEDTLS_PK_ECKEY: - { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(x509->pk); - - if (mbedtls_mpi_write_string(&ecp->Q.X, 16, p, r, &u)) - return -1; - r -= u; - p += u; - if (mbedtls_mpi_write_string(&ecp->Q.Y, 16, p, r, &u)) - return -1; - r -= u; - p += u; - if (mbedtls_mpi_write_string(&ecp->Q.Z, 16, p, r, &u)) - return -1; - p += u; - buf->ns.len = lws_ptr_diff(p, buf->ns.name); - break; - } - default: - lwsl_notice("%s: x509 has unsupported pubkey type %d\n", - __func__, - mbedtls_pk_get_type(&x509->pk)); - - return -1; - } - break; - } - - default: - return -1; - } - - return 0; -} - -LWS_VISIBLE LWS_EXTERN int -lws_tls_vhost_cert_info(struct lws_vhost *vhost, enum lws_tls_cert_info type, - union lws_tls_cert_info_results *buf, size_t len) -{ - mbedtls_x509_crt *x509 = ssl_ctx_get_mbedtls_x509_crt(vhost->tls.ssl_ctx); - - return lws_tls_mbedtls_cert_info(x509, type, buf, len); -} - -LWS_VISIBLE int -lws_tls_peer_cert_info(struct lws *wsi, enum lws_tls_cert_info type, - union lws_tls_cert_info_results *buf, size_t len) -{ - mbedtls_x509_crt *x509; - - wsi = lws_get_network_wsi(wsi); - - x509 = ssl_get_peer_mbedtls_x509_crt(wsi->tls.ssl); - - if (!x509) - return -1; - - switch (type) { - case LWS_TLS_CERT_INFO_VERIFIED: - buf->verified = SSL_get_verify_result(wsi->tls.ssl) == X509_V_OK; - return 0; - default: - return lws_tls_mbedtls_cert_info(x509, type, buf, len); - } - - return -1; -} - -static int -tops_fake_POLLIN_for_buffered_mbedtls(struct lws_context_per_thread *pt) -{ - return lws_tls_fake_POLLIN_for_buffered(pt); -} - -static int -tops_periodic_housekeeping_mbedtls(struct lws_context *context, time_t now) -{ - int n; - - n = lws_compare_time_t(context, now, context->tls.last_cert_check_s); - if ((!context->tls.last_cert_check_s || n > (24 * 60 * 60)) && - !lws_tls_check_all_cert_lifetimes(context)) - context->tls.last_cert_check_s = now; - - return 0; -} - -const struct lws_tls_ops tls_ops_mbedtls = { - /* fake_POLLIN_for_buffered */ tops_fake_POLLIN_for_buffered_mbedtls, - /* periodic_housekeeping */ tops_periodic_housekeeping_mbedtls, -}; diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl3.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl3.h deleted file mode 100644 index 007b392f3e..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl3.h +++ /dev/null @@ -1,44 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL3_H_ -#define _SSL3_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -# define SSL3_AD_CLOSE_NOTIFY 0 -# define SSL3_AD_UNEXPECTED_MESSAGE 10/* fatal */ -# define SSL3_AD_BAD_RECORD_MAC 20/* fatal */ -# define SSL3_AD_DECOMPRESSION_FAILURE 30/* fatal */ -# define SSL3_AD_HANDSHAKE_FAILURE 40/* fatal */ -# define SSL3_AD_NO_CERTIFICATE 41 -# define SSL3_AD_BAD_CERTIFICATE 42 -# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43 -# define SSL3_AD_CERTIFICATE_REVOKED 44 -# define SSL3_AD_CERTIFICATE_EXPIRED 45 -# define SSL3_AD_CERTIFICATE_UNKNOWN 46 -# define SSL3_AD_ILLEGAL_PARAMETER 47/* fatal */ - -# define SSL3_AL_WARNING 1 -# define SSL3_AL_FATAL 2 - -#define SSL3_VERSION 0x0300 - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_cert.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_cert.h deleted file mode 100644 index 86cf31ad51..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_cert.h +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL_CERT_H_ -#define _SSL_CERT_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -#include "ssl_types.h" - -/** - * @brief create a certification object include private key object according to input certification - * - * @param ic - input certification point - * - * @return certification object point - */ -CERT *__ssl_cert_new(CERT *ic); - -/** - * @brief create a certification object include private key object - * - * @param none - * - * @return certification object point - */ -CERT* ssl_cert_new(void); - -/** - * @brief free a certification object - * - * @param cert - certification object point - * - * @return none - */ -void ssl_cert_free(CERT *cert); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_code.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_code.h deleted file mode 100644 index 80fdbb20f3..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_code.h +++ /dev/null @@ -1,124 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL_CODE_H_ -#define _SSL_CODE_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -#include "ssl3.h" -#include "tls1.h" -#include "x509_vfy.h" - -/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ -# define SSL_SENT_SHUTDOWN 1 -# define SSL_RECEIVED_SHUTDOWN 2 - -# define SSL_VERIFY_NONE 0x00 -# define SSL_VERIFY_PEER 0x01 -# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 -# define SSL_VERIFY_CLIENT_ONCE 0x04 - -/* - * The following 3 states are kept in ssl->rlayer.rstate when reads fail, you - * should not need these - */ -# define SSL_ST_READ_HEADER 0xF0 -# define SSL_ST_READ_BODY 0xF1 -# define SSL_ST_READ_DONE 0xF2 - -# define SSL_NOTHING 1 -# define SSL_WRITING 2 -# define SSL_READING 3 -# define SSL_X509_LOOKUP 4 -# define SSL_ASYNC_PAUSED 5 -# define SSL_ASYNC_NO_JOBS 6 - - -# define SSL_ERROR_NONE 0 -# define SSL_ERROR_SSL 1 -# define SSL_ERROR_WANT_READ 2 -# define SSL_ERROR_WANT_WRITE 3 -# define SSL_ERROR_WANT_X509_LOOKUP 4 -# define SSL_ERROR_SYSCALL 5/* look at error stack/return value/errno */ -# define SSL_ERROR_ZERO_RETURN 6 -# define SSL_ERROR_WANT_CONNECT 7 -# define SSL_ERROR_WANT_ACCEPT 8 -# define SSL_ERROR_WANT_ASYNC 9 -# define SSL_ERROR_WANT_ASYNC_JOB 10 - -/* Message flow states */ -typedef enum { - /* No handshake in progress */ - MSG_FLOW_UNINITED, - /* A permanent error with this connection */ - MSG_FLOW_ERROR, - /* We are about to renegotiate */ - MSG_FLOW_RENEGOTIATE, - /* We are reading messages */ - MSG_FLOW_READING, - /* We are writing messages */ - MSG_FLOW_WRITING, - /* Handshake has finished */ - MSG_FLOW_FINISHED -} MSG_FLOW_STATE; - -/* SSL subsystem states */ -typedef enum { - TLS_ST_BEFORE, - TLS_ST_OK, - DTLS_ST_CR_HELLO_VERIFY_REQUEST, - TLS_ST_CR_SRVR_HELLO, - TLS_ST_CR_CERT, - TLS_ST_CR_CERT_STATUS, - TLS_ST_CR_KEY_EXCH, - TLS_ST_CR_CERT_REQ, - TLS_ST_CR_SRVR_DONE, - TLS_ST_CR_SESSION_TICKET, - TLS_ST_CR_CHANGE, - TLS_ST_CR_FINISHED, - TLS_ST_CW_CLNT_HELLO, - TLS_ST_CW_CERT, - TLS_ST_CW_KEY_EXCH, - TLS_ST_CW_CERT_VRFY, - TLS_ST_CW_CHANGE, - TLS_ST_CW_NEXT_PROTO, - TLS_ST_CW_FINISHED, - TLS_ST_SW_HELLO_REQ, - TLS_ST_SR_CLNT_HELLO, - DTLS_ST_SW_HELLO_VERIFY_REQUEST, - TLS_ST_SW_SRVR_HELLO, - TLS_ST_SW_CERT, - TLS_ST_SW_KEY_EXCH, - TLS_ST_SW_CERT_REQ, - TLS_ST_SW_SRVR_DONE, - TLS_ST_SR_CERT, - TLS_ST_SR_KEY_EXCH, - TLS_ST_SR_CERT_VRFY, - TLS_ST_SR_NEXT_PROTO, - TLS_ST_SR_CHANGE, - TLS_ST_SR_FINISHED, - TLS_ST_SW_SESSION_TICKET, - TLS_ST_SW_CERT_STATUS, - TLS_ST_SW_CHANGE, - TLS_ST_SW_FINISHED -} OSSL_HANDSHAKE_STATE; - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_dbg.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_dbg.h deleted file mode 100644 index ad32cb92ff..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_dbg.h +++ /dev/null @@ -1,190 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL_DEBUG_H_ -#define _SSL_DEBUG_H_ - -#include "platform/ssl_port.h" - -#ifdef __cplusplus - extern "C" { -#endif - -#ifdef CONFIG_OPENSSL_DEBUG_LEVEL - #define SSL_DEBUG_LEVEL CONFIG_OPENSSL_DEBUG_LEVEL -#else - #define SSL_DEBUG_LEVEL 0 -#endif - -#define SSL_DEBUG_ON (SSL_DEBUG_LEVEL + 1) -#define SSL_DEBUG_OFF (SSL_DEBUG_LEVEL - 1) - -#ifdef CONFIG_OPENSSL_DEBUG - #ifndef SSL_DEBUG_LOG - #error "SSL_DEBUG_LOG is not defined" - #endif - - #ifndef SSL_DEBUG_FL - #define SSL_DEBUG_FL "\n" - #endif - - #define SSL_SHOW_LOCATION() \ - SSL_DEBUG_LOG("SSL assert : %s %d\n", \ - __FILE__, __LINE__) - - #define SSL_DEBUG(level, fmt, ...) \ - { \ - if (level > SSL_DEBUG_LEVEL) { \ - SSL_DEBUG_LOG(fmt SSL_DEBUG_FL, ##__VA_ARGS__); \ - } \ - } -#else /* CONFIG_OPENSSL_DEBUG */ - #define SSL_SHOW_LOCATION() - - #define SSL_DEBUG(level, fmt, ...) -#endif /* CONFIG_OPENSSL_DEBUG */ - -/** - * OpenSSL assert function - * - * if select "CONFIG_OPENSSL_ASSERT_DEBUG", SSL_ASSERT* will show error file name and line - * if select "CONFIG_OPENSSL_ASSERT_EXIT", SSL_ASSERT* will just return error code. - * if select "CONFIG_OPENSSL_ASSERT_DEBUG_EXIT" SSL_ASSERT* will show error file name and line, - * then return error code. - * if select "CONFIG_OPENSSL_ASSERT_DEBUG_BLOCK", SSL_ASSERT* will show error file name and line, - * then block here with "while (1)" - * - * SSL_ASSERT1 may will return "-1", so function's return argument is integer. - * SSL_ASSERT2 may will return "NULL", so function's return argument is a point. - * SSL_ASSERT2 may will return nothing, so function's return argument is "void". - */ -#if defined(CONFIG_OPENSSL_ASSERT_DEBUG) - #define SSL_ASSERT1(s) \ - { \ - if (!(s)) { \ - SSL_SHOW_LOCATION(); \ - } \ - } - - #define SSL_ASSERT2(s) \ - { \ - if (!(s)) { \ - SSL_SHOW_LOCATION(); \ - } \ - } - - #define SSL_ASSERT3(s) \ - { \ - if (!(s)) { \ - SSL_SHOW_LOCATION(); \ - } \ - } -#elif defined(CONFIG_OPENSSL_ASSERT_EXIT) - #define SSL_ASSERT1(s) \ - { \ - if (!(s)) { \ - return -1; \ - } \ - } - - #define SSL_ASSERT2(s) \ - { \ - if (!(s)) { \ - return NULL; \ - } \ - } - - #define SSL_ASSERT3(s) \ - { \ - if (!(s)) { \ - return ; \ - } \ - } -#elif defined(CONFIG_OPENSSL_ASSERT_DEBUG_EXIT) - #define SSL_ASSERT1(s) \ - { \ - if (!(s)) { \ - SSL_SHOW_LOCATION(); \ - return -1; \ - } \ - } - - #define SSL_ASSERT2(s) \ - { \ - if (!(s)) { \ - SSL_SHOW_LOCATION(); \ - return NULL; \ - } \ - } - - #define SSL_ASSERT3(s) \ - { \ - if (!(s)) { \ - SSL_SHOW_LOCATION(); \ - return ; \ - } \ - } -#elif defined(CONFIG_OPENSSL_ASSERT_DEBUG_BLOCK) - #define SSL_ASSERT1(s) \ - { \ - if (!(s)) { \ - SSL_SHOW_LOCATION(); \ - while (1); \ - } \ - } - - #define SSL_ASSERT2(s) \ - { \ - if (!(s)) { \ - SSL_SHOW_LOCATION(); \ - while (1); \ - } \ - } - - #define SSL_ASSERT3(s) \ - { \ - if (!(s)) { \ - SSL_SHOW_LOCATION(); \ - while (1); \ - } \ - } -#else - #define SSL_ASSERT1(s) - #define SSL_ASSERT2(s) - #define SSL_ASSERT3(s) -#endif - -#define SSL_PLATFORM_DEBUG_LEVEL SSL_DEBUG_OFF -#define SSL_PLATFORM_ERROR_LEVEL SSL_DEBUG_ON - -#define SSL_CERT_DEBUG_LEVEL SSL_DEBUG_OFF -#define SSL_CERT_ERROR_LEVEL SSL_DEBUG_ON - -#define SSL_PKEY_DEBUG_LEVEL SSL_DEBUG_OFF -#define SSL_PKEY_ERROR_LEVEL SSL_DEBUG_ON - -#define SSL_X509_DEBUG_LEVEL SSL_DEBUG_OFF -#define SSL_X509_ERROR_LEVEL SSL_DEBUG_ON - -#define SSL_LIB_DEBUG_LEVEL SSL_DEBUG_OFF -#define SSL_LIB_ERROR_LEVEL SSL_DEBUG_ON - -#define SSL_STACK_DEBUG_LEVEL SSL_DEBUG_OFF -#define SSL_STACK_ERROR_LEVEL SSL_DEBUG_ON - -#ifdef __cplusplus - } -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_lib.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_lib.h deleted file mode 100644 index 42b2de7501..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_lib.h +++ /dev/null @@ -1,30 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL_LIB_H_ -#define _SSL_LIB_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -#include "ssl_types.h" - - void _ssl_set_alpn_list(const SSL *ssl); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_methods.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_methods.h deleted file mode 100644 index cd2f8c0533..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_methods.h +++ /dev/null @@ -1,121 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL_METHODS_H_ -#define _SSL_METHODS_H_ - -#include "ssl_types.h" - -#ifdef __cplusplus - extern "C" { -#endif - -/** - * TLS method function implement - */ -#define IMPLEMENT_TLS_METHOD_FUNC(func_name, \ - new, free, \ - handshake, shutdown, clear, \ - read, send, pending, \ - set_fd, get_fd, \ - set_bufflen, \ - get_verify_result, \ - get_state) \ - static const SSL_METHOD_FUNC func_name LOCAL_ATRR = { \ - new, \ - free, \ - handshake, \ - shutdown, \ - clear, \ - read, \ - send, \ - pending, \ - set_fd, \ - get_fd, \ - set_bufflen, \ - get_verify_result, \ - get_state \ - }; - -#define IMPLEMENT_TLS_METHOD(ver, mode, fun, func_name) \ - const SSL_METHOD* func_name(void) { \ - static const SSL_METHOD func_name##_data LOCAL_ATRR = { \ - ver, \ - mode, \ - &(fun), \ - }; \ - return &func_name##_data; \ - } - -#define IMPLEMENT_SSL_METHOD(ver, mode, fun, func_name) \ - const SSL_METHOD* func_name(void) { \ - static const SSL_METHOD func_name##_data LOCAL_ATRR = { \ - ver, \ - mode, \ - &(fun), \ - }; \ - return &func_name##_data; \ - } - -#define IMPLEMENT_X509_METHOD(func_name, \ - new, \ - free, \ - load, \ - show_info) \ - const X509_METHOD* func_name(void) { \ - static const X509_METHOD func_name##_data LOCAL_ATRR = { \ - new, \ - free, \ - load, \ - show_info \ - }; \ - return &func_name##_data; \ - } - -#define IMPLEMENT_PKEY_METHOD(func_name, \ - new, \ - free, \ - load) \ - const PKEY_METHOD* func_name(void) { \ - static const PKEY_METHOD func_name##_data LOCAL_ATRR = { \ - new, \ - free, \ - load \ - }; \ - return &func_name##_data; \ - } - -/** - * @brief get X509 object method - * - * @param none - * - * @return X509 object method point - */ -const X509_METHOD* X509_method(void); - -/** - * @brief get private key object method - * - * @param none - * - * @return private key object method point - */ -const PKEY_METHOD* EVP_PKEY_method(void); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_pkey.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_pkey.h deleted file mode 100644 index e790fcc995..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_pkey.h +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL_PKEY_H_ -#define _SSL_PKEY_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -#include "ssl_types.h" - -/** - * @brief create a private key object according to input private key - * - * @param ipk - input private key point - * - * @return new private key object point - */ -EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk); - -/** - * @brief create a private key object - * - * @param none - * - * @return private key object point - */ -EVP_PKEY* EVP_PKEY_new(void); - -/** - * @brief load a character key context into system context. If '*a' is pointed to the - * private key, then load key into it. Or create a new private key object - * - * @param type - private key type - * @param a - a point pointed to a private key point - * @param pp - a point pointed to the key context memory point - * @param length - key bytes - * - * @return private key object point - */ -EVP_PKEY* d2i_PrivateKey(int type, - EVP_PKEY **a, - const unsigned char **pp, - long length); - -/** - * @brief free a private key object - * - * @param pkey - private key object point - * - * @return none - */ -void EVP_PKEY_free(EVP_PKEY *x); - -/** - * @brief load private key into the SSL - * - * @param type - private key type - * @param ssl - SSL point - * @param len - data bytes - * @param d - data point - * - * @return result - * 0 : failed - * 1 : OK - */ - int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len); - - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_stack.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_stack.h deleted file mode 100644 index 7a7051a026..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_stack.h +++ /dev/null @@ -1,52 +0,0 @@ -#ifndef _SSL_STACK_H_ -#define _SSL_STACK_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -#include "ssl_types.h" - -#define STACK_OF(type) struct stack_st_##type - -#define SKM_DEFINE_STACK_OF(t1, t2, t3) \ - STACK_OF(t1); \ - static ossl_inline STACK_OF(t1) *sk_##t1##_new_null(void) \ - { \ - return (STACK_OF(t1) *)OPENSSL_sk_new_null(); \ - } \ - -#define DEFINE_STACK_OF(t) SKM_DEFINE_STACK_OF(t, t, t) - -/** - * @brief create a openssl stack object - * - * @param c - stack function - * - * @return openssl stack object point - */ -OPENSSL_STACK* OPENSSL_sk_new(OPENSSL_sk_compfunc c); - -/** - * @brief create a NULL function openssl stack object - * - * @param none - * - * @return openssl stack object point - */ -OPENSSL_STACK *OPENSSL_sk_new_null(void); - -/** - * @brief free openssl stack object - * - * @param openssl stack object point - * - * @return none - */ -void OPENSSL_sk_free(OPENSSL_STACK *stack); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_types.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_types.h deleted file mode 100644 index 68ac748a28..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_types.h +++ /dev/null @@ -1,303 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL_TYPES_H_ -#define _SSL_TYPES_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -#include -#if defined(LWS_WITH_ESP32) -#undef MBEDTLS_CONFIG_FILE -#define MBEDTLS_CONFIG_FILE -#endif - -#include "ssl_code.h" - -typedef void SSL_CIPHER; - -typedef void X509_STORE_CTX; -typedef void X509_STORE; - -typedef void RSA; - -typedef void STACK; -typedef void BIO; - -#if defined(WIN32) || defined(_WIN32) -#define ossl_inline __inline -#else -#define ossl_inline inline -#endif - -#define SSL_METHOD_CALL(f, s, ...) s->method->func->ssl_##f(s, ##__VA_ARGS__) -#define X509_METHOD_CALL(f, x, ...) x->method->x509_##f(x, ##__VA_ARGS__) -#define EVP_PKEY_METHOD_CALL(f, k, ...) k->method->pkey_##f(k, ##__VA_ARGS__) - -typedef int (*OPENSSL_sk_compfunc)(const void *, const void *); - -struct stack_st; -typedef struct stack_st OPENSSL_STACK; - -struct ssl_method_st; -typedef struct ssl_method_st SSL_METHOD; - -struct ssl_method_func_st; -typedef struct ssl_method_func_st SSL_METHOD_FUNC; - -struct record_layer_st; -typedef struct record_layer_st RECORD_LAYER; - -struct ossl_statem_st; -typedef struct ossl_statem_st OSSL_STATEM; - -struct ssl_session_st; -typedef struct ssl_session_st SSL_SESSION; - -struct ssl_ctx_st; -typedef struct ssl_ctx_st SSL_CTX; - -struct ssl_st; -typedef struct ssl_st SSL; - -struct cert_st; -typedef struct cert_st CERT; - -struct x509_st; -typedef struct x509_st X509; - -struct X509_VERIFY_PARAM_st; -typedef struct X509_VERIFY_PARAM_st X509_VERIFY_PARAM; - -struct evp_pkey_st; -typedef struct evp_pkey_st EVP_PKEY; - -struct x509_method_st; -typedef struct x509_method_st X509_METHOD; - -struct pkey_method_st; -typedef struct pkey_method_st PKEY_METHOD; - -struct stack_st { - - char **data; - - int num_alloc; - - OPENSSL_sk_compfunc c; -}; - -struct evp_pkey_st { - - void *pkey_pm; - - const PKEY_METHOD *method; -}; - -struct x509_st { - - /* X509 certification platform private point */ - void *x509_pm; - - const X509_METHOD *method; -}; - -struct cert_st { - - int sec_level; - - X509 *x509; - - EVP_PKEY *pkey; - -}; - -struct ossl_statem_st { - - MSG_FLOW_STATE state; - - int hand_state; -}; - -struct record_layer_st { - - int rstate; - - int read_ahead; -}; - -struct ssl_session_st { - - long timeout; - - long time; - - X509 *peer; -}; - -struct X509_VERIFY_PARAM_st { - - int depth; - -}; - -typedef int (*next_proto_cb)(SSL *ssl, unsigned char **out, - unsigned char *outlen, const unsigned char *in, - unsigned int inlen, void *arg); - -struct ssl_ctx_st -{ - int version; - - int references; - - unsigned long options; - - const SSL_METHOD *method; - - CERT *cert; - - X509 *client_CA; - - const char **alpn_protos; - - next_proto_cb alpn_cb; - - int verify_mode; - - int (*default_verify_callback) (int ok, X509_STORE_CTX *ctx); - - long session_timeout; - - int read_ahead; - - int read_buffer_len; - - X509_VERIFY_PARAM param; -}; - -struct ssl_st -{ - /* protocol version(one of SSL3.0, TLS1.0, etc.) */ - int version; - - unsigned long options; - - /* shut things down(0x01 : sent, 0x02 : received) */ - int shutdown; - - CERT *cert; - - X509 *client_CA; - - SSL_CTX *ctx; - - const SSL_METHOD *method; - - const char **alpn_protos; - - RECORD_LAYER rlayer; - - /* where we are */ - OSSL_STATEM statem; - - SSL_SESSION *session; - - int verify_mode; - - int (*verify_callback) (int ok, X509_STORE_CTX *ctx); - - int rwstate; - int interrupted_remaining_write; - - long verify_result; - - X509_VERIFY_PARAM param; - - int err; - - void (*info_callback) (const SSL *ssl, int type, int val); - - /* SSL low-level system arch point */ - void *ssl_pm; -}; - -struct ssl_method_st { - /* protocol version(one of SSL3.0, TLS1.0, etc.) */ - int version; - - /* SSL mode(client(0) , server(1), not known(-1)) */ - int endpoint; - - const SSL_METHOD_FUNC *func; -}; - -struct ssl_method_func_st { - - int (*ssl_new)(SSL *ssl); - - void (*ssl_free)(SSL *ssl); - - int (*ssl_handshake)(SSL *ssl); - - int (*ssl_shutdown)(SSL *ssl); - - int (*ssl_clear)(SSL *ssl); - - int (*ssl_read)(SSL *ssl, void *buffer, int len); - - int (*ssl_send)(SSL *ssl, const void *buffer, int len); - - int (*ssl_pending)(const SSL *ssl); - - void (*ssl_set_fd)(SSL *ssl, int fd, int mode); - - int (*ssl_get_fd)(const SSL *ssl, int mode); - - void (*ssl_set_bufflen)(SSL *ssl, int len); - - long (*ssl_get_verify_result)(const SSL *ssl); - - OSSL_HANDSHAKE_STATE (*ssl_get_state)(const SSL *ssl); -}; - -struct x509_method_st { - - int (*x509_new)(X509 *x, X509 *m_x); - - void (*x509_free)(X509 *x); - - int (*x509_load)(X509 *x, const unsigned char *buf, int len); - - int (*x509_show_info)(X509 *x); -}; - -struct pkey_method_st { - - int (*pkey_new)(EVP_PKEY *pkey, EVP_PKEY *m_pkey); - - void (*pkey_free)(EVP_PKEY *pkey); - - int (*pkey_load)(EVP_PKEY *pkey, const unsigned char *buf, int len); -}; - -#define OPENSSL_NPN_NEGOTIATED 1 - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_x509.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_x509.h deleted file mode 100644 index 7594d064b4..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/ssl_x509.h +++ /dev/null @@ -1,110 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL_X509_H_ -#define _SSL_X509_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -#include "ssl_types.h" -#include "ssl_stack.h" - -DEFINE_STACK_OF(X509_NAME) - -/** - * @brief create a X509 certification object according to input X509 certification - * - * @param ix - input X509 certification point - * - * @return new X509 certification object point - */ -X509* __X509_new(X509 *ix); - -/** - * @brief create a X509 certification object - * - * @param none - * - * @return X509 certification object point - */ -X509* X509_new(void); - -/** - * @brief load a character certification context into system context. If '*cert' is pointed to the - * certification, then load certification into it. Or create a new X509 certification object - * - * @param cert - a point pointed to X509 certification - * @param buffer - a point pointed to the certification context memory point - * @param length - certification bytes - * - * @return X509 certification object point - */ -X509* d2i_X509(X509 **cert, const unsigned char *buffer, long len); - -/** - * @brief free a X509 certification object - * - * @param x - X509 certification object point - * - * @return none - */ -void X509_free(X509 *x); - -/** - * @brief set SSL context client CA certification - * - * @param ctx - SSL context point - * @param x - X509 certification point - * - * @return result - * 0 : failed - * 1 : OK - */ -int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x); - -/** - * @brief add CA client certification into the SSL - * - * @param ssl - SSL point - * @param x - X509 certification point - * - * @return result - * 0 : failed - * 1 : OK - */ -int SSL_add_client_CA(SSL *ssl, X509 *x); - -/** - * @brief load certification into the SSL - * - * @param ssl - SSL point - * @param len - data bytes - * @param d - data point - * - * @return result - * 0 : failed - * 1 : OK - * - */ -int SSL_use_certificate_ASN1(SSL *ssl, int len, const unsigned char *d); - -const char *X509_verify_cert_error_string(long n); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/tls1.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/tls1.h deleted file mode 100644 index 7af1b0157d..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/tls1.h +++ /dev/null @@ -1,58 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _TLS1_H_ -#define _TLS1_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -# define TLS1_AD_DECRYPTION_FAILED 21 -# define TLS1_AD_RECORD_OVERFLOW 22 -# define TLS1_AD_UNKNOWN_CA 48/* fatal */ -# define TLS1_AD_ACCESS_DENIED 49/* fatal */ -# define TLS1_AD_DECODE_ERROR 50/* fatal */ -# define TLS1_AD_DECRYPT_ERROR 51 -# define TLS1_AD_EXPORT_RESTRICTION 60/* fatal */ -# define TLS1_AD_PROTOCOL_VERSION 70/* fatal */ -# define TLS1_AD_INSUFFICIENT_SECURITY 71/* fatal */ -# define TLS1_AD_INTERNAL_ERROR 80/* fatal */ -# define TLS1_AD_INAPPROPRIATE_FALLBACK 86/* fatal */ -# define TLS1_AD_USER_CANCELLED 90 -# define TLS1_AD_NO_RENEGOTIATION 100 -/* codes 110-114 are from RFC3546 */ -# define TLS1_AD_UNSUPPORTED_EXTENSION 110 -# define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111 -# define TLS1_AD_UNRECOGNIZED_NAME 112 -# define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113 -# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114 -# define TLS1_AD_UNKNOWN_PSK_IDENTITY 115/* fatal */ -# define TLS1_AD_NO_APPLICATION_PROTOCOL 120 /* fatal */ - -/* Special value for method supporting multiple versions */ -#define TLS_ANY_VERSION 0x10000 - -#define TLS1_VERSION 0x0301 -#define TLS1_1_VERSION 0x0302 -#define TLS1_2_VERSION 0x0303 - -#define SSL_TLSEXT_ERR_OK 0 -#define SSL_TLSEXT_ERR_NOACK 3 - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/x509_vfy.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/x509_vfy.h deleted file mode 100644 index 26bf6c88a8..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/internal/x509_vfy.h +++ /dev/null @@ -1,116 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _X509_VFY_H_ -#define _X509_VFY_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -#define X509_V_OK 0 -#define X509_V_ERR_UNSPECIFIED 1 -#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 -#define X509_V_ERR_UNABLE_TO_GET_CRL 3 -#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4 -#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5 -#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6 -#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7 -#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8 -#define X509_V_ERR_CERT_NOT_YET_VALID 9 -#define X509_V_ERR_CERT_HAS_EXPIRED 10 -#define X509_V_ERR_CRL_NOT_YET_VALID 11 -#define X509_V_ERR_CRL_HAS_EXPIRED 12 -#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13 -#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14 -#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15 -#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16 -#define X509_V_ERR_OUT_OF_MEM 17 -#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18 -#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19 -#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20 -#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21 -#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22 -#define X509_V_ERR_CERT_REVOKED 23 -#define X509_V_ERR_INVALID_CA 24 -#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25 -#define X509_V_ERR_INVALID_PURPOSE 26 -#define X509_V_ERR_CERT_UNTRUSTED 27 -#define X509_V_ERR_CERT_REJECTED 28 -/* These are 'informational' when looking for issuer cert */ -#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29 -#define X509_V_ERR_AKID_SKID_MISMATCH 30 -#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31 -#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32 -#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33 -#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34 -#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35 -#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36 -#define X509_V_ERR_INVALID_NON_CA 37 -#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38 -#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39 -#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40 -#define X509_V_ERR_INVALID_EXTENSION 41 -#define X509_V_ERR_INVALID_POLICY_EXTENSION 42 -#define X509_V_ERR_NO_EXPLICIT_POLICY 43 -#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44 -#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45 -#define X509_V_ERR_UNNESTED_RESOURCE 46 -#define X509_V_ERR_PERMITTED_VIOLATION 47 -#define X509_V_ERR_EXCLUDED_VIOLATION 48 -#define X509_V_ERR_SUBTREE_MINMAX 49 -/* The application is not happy */ -#define X509_V_ERR_APPLICATION_VERIFICATION 50 -#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51 -#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52 -#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53 -#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54 -/* Another issuer check debug option */ -#define X509_V_ERR_PATH_LOOP 55 -/* Suite B mode algorithm violation */ -#define X509_V_ERR_SUITE_B_INVALID_VERSION 56 -#define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57 -#define X509_V_ERR_SUITE_B_INVALID_CURVE 58 -#define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59 -#define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60 -#define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61 -/* Host, email and IP check errors */ -#define X509_V_ERR_HOSTNAME_MISMATCH 62 -#define X509_V_ERR_EMAIL_MISMATCH 63 -#define X509_V_ERR_IP_ADDRESS_MISMATCH 64 -/* DANE TLSA errors */ -#define X509_V_ERR_DANE_NO_MATCH 65 -/* security level errors */ -#define X509_V_ERR_EE_KEY_TOO_SMALL 66 -#define X509_V_ERR_CA_KEY_TOO_SMALL 67 -#define X509_V_ERR_CA_MD_TOO_WEAK 68 -/* Caller error */ -#define X509_V_ERR_INVALID_CALL 69 -/* Issuer lookup error */ -#define X509_V_ERR_STORE_LOOKUP 70 -/* Certificate transparency */ -#define X509_V_ERR_NO_VALID_SCTS 71 - -#define X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION 72 - -typedef void X509_STORE_CTX; -int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); -int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); - - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/openssl/ssl.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/openssl/ssl.h deleted file mode 100755 index e2b74fc6af..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/openssl/ssl.h +++ /dev/null @@ -1,1833 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL_H_ -#define _SSL_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -#include -#include "internal/ssl_x509.h" -#include "internal/ssl_pkey.h" - -/* -{ -*/ - -#define SSL_CB_ALERT 0x4000 - -#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT (1 << 0) -#define X509_CHECK_FLAG_NO_WILDCARDS (1 << 1) -#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS (1 << 2) -#define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS (1 << 3) -#define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS (1 << 4) - - mbedtls_x509_crt * - ssl_ctx_get_mbedtls_x509_crt(SSL_CTX *ssl_ctx); - - mbedtls_x509_crt * - ssl_get_peer_mbedtls_x509_crt(SSL *ssl); - - int SSL_set_sni_callback(SSL *ssl, int(*cb)(void *, mbedtls_ssl_context *, - const unsigned char *, size_t), void *param); - - void SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx); - - int SSL_CTX_add_client_CA_ASN1(SSL_CTX *ssl, int len, - const unsigned char *d); - - SSL *SSL_SSL_from_mbedtls_ssl_context(mbedtls_ssl_context *msc); - -/** - * @brief create a SSL context - * - * @param method - the SSL context method point - * - * @return the context point - */ -SSL_CTX* SSL_CTX_new(const SSL_METHOD *method); - -/** - * @brief free a SSL context - * - * @param method - the SSL context point - * - * @return none - */ -void SSL_CTX_free(SSL_CTX *ctx); - -/** - * @brief create a SSL - * - * @param ctx - the SSL context point - * - * @return the SSL point - */ -SSL* SSL_new(SSL_CTX *ctx); - -/** - * @brief free the SSL - * - * @param ssl - the SSL point - * - * @return none - */ -void SSL_free(SSL *ssl); - -/** - * @brief connect to the remote SSL server - * - * @param ssl - the SSL point - * - * @return result - * 1 : OK - * -1 : failed - */ -int SSL_connect(SSL *ssl); - -/** - * @brief accept the remote connection - * - * @param ssl - the SSL point - * - * @return result - * 1 : OK - * -1 : failed - */ -int SSL_accept(SSL *ssl); - -/** - * @brief read data from to remote - * - * @param ssl - the SSL point which has been connected - * @param buffer - the received data buffer point - * @param len - the received data length - * - * @return result - * > 0 : OK, and return received data bytes - * = 0 : connection is closed - * < 0 : an error catch - */ -int SSL_read(SSL *ssl, void *buffer, int len); - -/** - * @brief send the data to remote - * - * @param ssl - the SSL point which has been connected - * @param buffer - the send data buffer point - * @param len - the send data length - * - * @return result - * > 0 : OK, and return sent data bytes - * = 0 : connection is closed - * < 0 : an error catch - */ -int SSL_write(SSL *ssl, const void *buffer, int len); - -/** - * @brief get the verifying result of the SSL certification - * - * @param ssl - the SSL point - * - * @return the result of verifying - */ -long SSL_get_verify_result(const SSL *ssl); - -/** - * @brief shutdown the connection - * - * @param ssl - the SSL point - * - * @return result - * 1 : OK - * 0 : shutdown is not finished - * -1 : an error catch - */ -int SSL_shutdown(SSL *ssl); - -/** - * @brief bind the socket file description into the SSL - * - * @param ssl - the SSL point - * @param fd - socket handle - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_set_fd(SSL *ssl, int fd); - -/** - * @brief These functions load the private key into the SSL_CTX or SSL object - * - * @param ctx - the SSL context point - * @param pkey - private key object point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); - -/** - * @brief These functions load the certification into the SSL_CTX or SSL object - * - * @param ctx - the SSL context point - * @param pkey - certification object point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); - -/** - * @brief create the target SSL context client method - * - * @param none - * - * @return the SSLV2.3 version SSL context client method - */ -const SSL_METHOD* SSLv23_client_method(void); - -/** - * @brief create the target SSL context client method - * - * @param none - * - * @return the TLSV1.0 version SSL context client method - */ -const SSL_METHOD* TLSv1_client_method(void); - -/** - * @brief create the target SSL context client method - * - * @param none - * - * @return the SSLV1.0 version SSL context client method - */ -const SSL_METHOD* SSLv3_client_method(void); - -/** - * @brief create the target SSL context client method - * - * @param none - * - * @return the TLSV1.1 version SSL context client method - */ -const SSL_METHOD* TLSv1_1_client_method(void); - -/** - * @brief create the target SSL context client method - * - * @param none - * - * @return the TLSV1.2 version SSL context client method - */ -const SSL_METHOD* TLSv1_2_client_method(void); - -/** - * @brief create the target SSL context server method - * - * @param none - * - * @return the TLS any version SSL context client method - */ -const SSL_METHOD* TLS_client_method(void); - -/** - * @brief create the target SSL context server method - * - * @param none - * - * @return the SSLV2.3 version SSL context server method - */ -const SSL_METHOD* SSLv23_server_method(void); - -/** - * @brief create the target SSL context server method - * - * @param none - * - * @return the TLSV1.1 version SSL context server method - */ -const SSL_METHOD* TLSv1_1_server_method(void); - -/** - * @brief create the target SSL context server method - * - * @param none - * - * @return the TLSV1.2 version SSL context server method - */ -const SSL_METHOD* TLSv1_2_server_method(void); - -/** - * @brief create the target SSL context server method - * - * @param none - * - * @return the TLSV1.0 version SSL context server method - */ -const SSL_METHOD* TLSv1_server_method(void); - -/** - * @brief create the target SSL context server method - * - * @param none - * - * @return the SSLV3.0 version SSL context server method - */ -const SSL_METHOD* SSLv3_server_method(void); - -/** - * @brief create the target SSL context server method - * - * @param none - * - * @return the TLS any version SSL context server method - */ -const SSL_METHOD* TLS_server_method(void); - - -/** - * @brief set the SSL context ALPN select callback function - * - * @param ctx - SSL context point - * @param cb - ALPN select callback function - * @param arg - ALPN select callback function entry private data point - * - * @return none - */ -void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, - int (*cb) (SSL *ssl, - const unsigned char **out, - unsigned char *outlen, - const unsigned char *in, - unsigned int inlen, - void *arg), - void *arg); - -void SSL_set_alpn_select_cb(SSL *ssl, void *arg); - -/** - * @brief set the SSL context ALPN select protocol - * - * @param ctx - SSL context point - * @param protos - ALPN protocol name - * @param protos_len - ALPN protocol name bytes - * - * @return result - * 0 : OK - * 1 : failed - */ -int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, unsigned int protos_len); - -/** - * @brief set the SSL context next ALPN select callback function - * - * @param ctx - SSL context point - * @param cb - ALPN select callback function - * @param arg - ALPN select callback function entry private data point - * - * @return none - */ -void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, - int (*cb) (SSL *ssl, - unsigned char **out, - unsigned char *outlen, - const unsigned char *in, - unsigned int inlen, - void *arg), - void *arg); - -void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, - unsigned int *len); - -void _ssl_set_alpn_list(const SSL *ssl); - -/** - * @brief get SSL error code - * - * @param ssl - SSL point - * @param ret_code - SSL return code - * - * @return SSL error number - */ -int SSL_get_error(const SSL *ssl, int ret_code); - -/** - * @brief clear the SSL error code - * - * @param none - * - * @return none - */ -void ERR_clear_error(void); - -/** - * @brief get the current SSL error code - * - * @param none - * - * @return current SSL error number - */ -int ERR_get_error(void); - -/** - * @brief register the SSL error strings - * - * @param none - * - * @return none - */ -void ERR_load_SSL_strings(void); - -/** - * @brief initialize the SSL library - * - * @param none - * - * @return none - */ -void SSL_library_init(void); - -/** - * @brief generates a human-readable string representing the error code e - * and store it into the "ret" point memory - * - * @param e - error code - * @param ret - memory point to store the string - * - * @return the result string point - */ -char *ERR_error_string(unsigned long e, char *ret); - -/** - * @brief add the SSL context option - * - * @param ctx - SSL context point - * @param opt - new SSL context option - * - * @return the SSL context option - */ -unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long opt); - -/** - * @brief add the SSL context mode - * - * @param ctx - SSL context point - * @param mod - new SSL context mod - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_set_mode(SSL_CTX *ctx, int mod); - -/* -} -*/ - -/** - * @brief perform the SSL handshake - * - * @param ssl - SSL point - * - * @return result - * 1 : OK - * 0 : failed - * -1 : a error catch - */ -int SSL_do_handshake(SSL *ssl); - -/** - * @brief get the SSL current version - * - * @param ssl - SSL point - * - * @return the version string - */ -const char *SSL_get_version(const SSL *ssl); - -/** - * @brief set the SSL context version - * - * @param ctx - SSL context point - * @param meth - SSL method point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); - -/** - * @brief get the bytes numbers which are to be read - * - * @param ssl - SSL point - * - * @return bytes number - */ -int SSL_pending(const SSL *ssl); - -/** - * @brief check if SSL want nothing - * - * @param ssl - SSL point - * - * @return result - * 0 : false - * 1 : true - */ -int SSL_want_nothing(const SSL *ssl); - -/** - * @brief check if SSL want to read - * - * @param ssl - SSL point - * - * @return result - * 0 : false - * 1 : true - */ -int SSL_want_read(const SSL *ssl); - -/** - * @brief check if SSL want to write - * - * @param ssl - SSL point - * - * @return result - * 0 : false - * 1 : true - */ -int SSL_want_write(const SSL *ssl); - -/** - * @brief get the SSL context current method - * - * @param ctx - SSL context point - * - * @return the SSL context current method - */ -const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx); - -/** - * @brief get the SSL current method - * - * @param ssl - SSL point - * - * @return the SSL current method - */ -const SSL_METHOD *SSL_get_ssl_method(SSL *ssl); - -/** - * @brief set the SSL method - * - * @param ssl - SSL point - * @param meth - SSL method point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *method); - -/** - * @brief add CA client certification into the SSL - * - * @param ssl - SSL point - * @param x - CA certification point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_add_client_CA(SSL *ssl, X509 *x); - -/** - * @brief add CA client certification into the SSL context - * - * @param ctx - SSL context point - * @param x - CA certification point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x); - -/** - * @brief set the SSL CA certification list - * - * @param ssl - SSL point - * @param name_list - CA certification list - * - * @return none - */ -void SSL_set_client_CA_list(SSL *ssl, STACK_OF(X509_NAME) *name_list); - -/** - * @brief set the SSL context CA certification list - * - * @param ctx - SSL context point - * @param name_list - CA certification list - * - * @return none - */ -void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list); - -/** - * @briefget the SSL CA certification list - * - * @param ssl - SSL point - * - * @return CA certification list - */ -STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *ssl); - -/** - * @brief get the SSL context CA certification list - * - * @param ctx - SSL context point - * - * @return CA certification list - */ -STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx); - -/** - * @brief get the SSL certification point - * - * @param ssl - SSL point - * - * @return SSL certification point - */ -X509 *SSL_get_certificate(const SSL *ssl); - -/** - * @brief get the SSL private key point - * - * @param ssl - SSL point - * - * @return SSL private key point - */ -EVP_PKEY *SSL_get_privatekey(const SSL *ssl); - -/** - * @brief set the SSL information callback function - * - * @param ssl - SSL point - * @param cb - information callback function - * - * @return none - */ -void SSL_set_info_callback(SSL *ssl, void (*cb) (const SSL *ssl, int type, int val)); - -/** - * @brief get the SSL state - * - * @param ssl - SSL point - * - * @return SSL state - */ -OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl); - -/** - * @brief set the SSL context read buffer length - * - * @param ctx - SSL context point - * @param len - read buffer length - * - * @return none - */ -void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len); - -/** - * @brief set the SSL read buffer length - * - * @param ssl - SSL point - * @param len - read buffer length - * - * @return none - */ -void SSL_set_default_read_buffer_len(SSL *ssl, size_t len); - -/** - * @brief set the SSL security level - * - * @param ssl - SSL point - * @param level - security level - * - * @return none - */ -void SSL_set_security_level(SSL *ssl, int level); - -/** - * @brief get the SSL security level - * - * @param ssl - SSL point - * - * @return security level - */ -int SSL_get_security_level(const SSL *ssl); - -/** - * @brief get the SSL verifying mode of the SSL context - * - * @param ctx - SSL context point - * - * @return verifying mode - */ -int SSL_CTX_get_verify_mode(const SSL_CTX *ctx); - -/** - * @brief get the SSL verifying depth of the SSL context - * - * @param ctx - SSL context point - * - * @return verifying depth - */ -int SSL_CTX_get_verify_depth(const SSL_CTX *ctx); - -/** - * @brief set the SSL context verifying of the SSL context - * - * @param ctx - SSL context point - * @param mode - verifying mode - * @param verify_callback - verifying callback function - * - * @return none - */ -void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*verify_callback)(int, X509_STORE_CTX *)); - -/** - * @brief set the SSL verifying of the SSL context - * - * @param ctx - SSL point - * @param mode - verifying mode - * @param verify_callback - verifying callback function - * - * @return none - */ -void SSL_set_verify(SSL *s, int mode, int (*verify_callback)(int, X509_STORE_CTX *)); - -/** - * @brief set the SSL verify depth of the SSL context - * - * @param ctx - SSL context point - * @param depth - verifying depth - * - * @return none - */ -void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth); - -/** - * @brief certification verifying callback function - * - * @param preverify_ok - verifying result - * @param x509_ctx - X509 certification point - * - * @return verifying result - */ -int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx); - -/** - * @brief set the session timeout time - * - * @param ctx - SSL context point - * @param t - new session timeout time - * - * @return old session timeout time - */ -long SSL_CTX_set_timeout(SSL_CTX *ctx, long t); - -/** - * @brief get the session timeout time - * - * @param ctx - SSL context point - * - * @return current session timeout time - */ -long SSL_CTX_get_timeout(const SSL_CTX *ctx); - -/** - * @brief set the SSL context cipher through the list string - * - * @param ctx - SSL context point - * @param str - cipher controller list string - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str); - -/** - * @brief set the SSL cipher through the list string - * - * @param ssl - SSL point - * @param str - cipher controller list string - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_set_cipher_list(SSL *ssl, const char *str); - -/** - * @brief get the SSL cipher list string - * - * @param ssl - SSL point - * - * @return cipher controller list string - */ -const char *SSL_get_cipher_list(const SSL *ssl, int n); - -/** - * @brief get the SSL cipher - * - * @param ssl - SSL point - * - * @return current cipher - */ -const SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl); - -/** - * @brief get the SSL cipher string - * - * @param ssl - SSL point - * - * @return cipher string - */ -const char *SSL_get_cipher(const SSL *ssl); - -/** - * @brief get the SSL context object X509 certification storage - * - * @param ctx - SSL context point - * - * @return x509 certification storage - */ -X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx); - -/** - * @brief set the SSL context object X509 certification store - * - * @param ctx - SSL context point - * @param store - X509 certification store - * - * @return none - */ -void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store); - -/** - * @brief get the SSL specifical statement - * - * @param ssl - SSL point - * - * @return specifical statement - */ -int SSL_want(const SSL *ssl); - -/** - * @brief check if the SSL is SSL_X509_LOOKUP state - * - * @param ssl - SSL point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_want_x509_lookup(const SSL *ssl); - -/** - * @brief reset the SSL - * - * @param ssl - SSL point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_clear(SSL *ssl); - -/** - * @brief get the socket handle of the SSL - * - * @param ssl - SSL point - * - * @return result - * >= 0 : yes, and return socket handle - * < 0 : a error catch - */ -int SSL_get_fd(const SSL *ssl); - -/** - * @brief get the read only socket handle of the SSL - * - * @param ssl - SSL point - * - * @return result - * >= 0 : yes, and return socket handle - * < 0 : a error catch - */ -int SSL_get_rfd(const SSL *ssl); - -/** - * @brief get the write only socket handle of the SSL - * - * @param ssl - SSL point - * - * @return result - * >= 0 : yes, and return socket handle - * < 0 : a error catch - */ -int SSL_get_wfd(const SSL *ssl); - -/** - * @brief set the SSL if we can read as many as data - * - * @param ssl - SSL point - * @param yes - enable the function - * - * @return none - */ -void SSL_set_read_ahead(SSL *s, int yes); - -/** - * @brief set the SSL context if we can read as many as data - * - * @param ctx - SSL context point - * @param yes - enbale the function - * - * @return none - */ -void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes); - -/** - * @brief get the SSL ahead signal if we can read as many as data - * - * @param ssl - SSL point - * - * @return SSL context ahead signal - */ -int SSL_get_read_ahead(const SSL *ssl); - -/** - * @brief get the SSL context ahead signal if we can read as many as data - * - * @param ctx - SSL context point - * - * @return SSL context ahead signal - */ -long SSL_CTX_get_read_ahead(SSL_CTX *ctx); - -/** - * @brief check if some data can be read - * - * @param ssl - SSL point - * - * @return - * 1 : there are bytes to be read - * 0 : no data - */ -int SSL_has_pending(const SSL *ssl); - -/** - * @brief load the X509 certification into SSL context - * - * @param ctx - SSL context point - * @param x - X509 certification point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);//loads the certificate x into ctx - -/** - * @brief load the ASN1 certification into SSL context - * - * @param ctx - SSL context point - * @param len - certification length - * @param d - data point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d); - -/** - * @brief load the certification file into SSL context - * - * @param ctx - SSL context point - * @param file - certification file name - * @param type - certification encoding type - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type); - -/** - * @brief load the certification chain file into SSL context - * - * @param ctx - SSL context point - * @param file - certification chain file name - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); - - -/** - * @brief load the ASN1 private key into SSL context - * - * @param ctx - SSL context point - * @param d - data point - * @param len - private key length - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, const unsigned char *d, long len);//adds the private key of type pk stored at memory location d (length len) to ctx - -/** - * @brief load the private key file into SSL context - * - * @param ctx - SSL context point - * @param file - private key file name - * @param type - private key encoding type - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type); - -/** - * @brief load the RSA private key into SSL context - * - * @param ctx - SSL context point - * @param x - RSA private key point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); - -/** - * @brief load the RSA ASN1 private key into SSL context - * - * @param ctx - SSL context point - * @param d - data point - * @param len - RSA private key length - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len); - -/** - * @brief load the RSA private key file into SSL context - * - * @param ctx - SSL context point - * @param file - RSA private key file name - * @param type - private key encoding type - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type); - - -/** - * @brief check if the private key and certification is matched - * - * @param ctx - SSL context point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_check_private_key(const SSL_CTX *ctx); - -/** - * @brief set the SSL context server information - * - * @param ctx - SSL context point - * @param serverinfo - server information string - * @param serverinfo_length - server information length - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo, size_t serverinfo_length); - -/** - * @brief load the SSL context server infomation file into SSL context - * - * @param ctx - SSL context point - * @param file - server information file - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file); - -/** - * @brief SSL select next function - * - * @param out - point of output data point - * @param outlen - output data length - * @param in - input data - * @param inlen - input data length - * @param client - client data point - * @param client_len -client data length - * - * @return NPN state - * OPENSSL_NPN_UNSUPPORTED : not support - * OPENSSL_NPN_NEGOTIATED : negotiated - * OPENSSL_NPN_NO_OVERLAP : no overlap - */ -int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, - const unsigned char *in, unsigned int inlen, - const unsigned char *client, unsigned int client_len); - -/** - * @brief load the extra certification chain into the SSL context - * - * @param ctx - SSL context point - * @param x509 - X509 certification - * - * @return result - * 1 : OK - * 0 : failed - */ -long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *); - -/** - * @brief control the SSL context - * - * @param ctx - SSL context point - * @param cmd - command - * @param larg - parameter length - * @param parg - parameter point - * - * @return result - * 1 : OK - * 0 : failed - */ -long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg); - -/** - * @brief get the SSL context cipher - * - * @param ctx - SSL context point - * - * @return SSL context cipher - */ -STACK *SSL_CTX_get_ciphers(const SSL_CTX *ctx); - -/** - * @brief check if the SSL context can read as many as data - * - * @param ctx - SSL context point - * - * @return result - * 1 : OK - * 0 : failed - */ -long SSL_CTX_get_default_read_ahead(SSL_CTX *ctx); - -/** - * @brief get the SSL context extra data - * - * @param ctx - SSL context point - * @param idx - index - * - * @return data point - */ -char *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx); - -/** - * @brief get the SSL context quiet shutdown option - * - * @param ctx - SSL context point - * - * @return quiet shutdown option - */ -int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx); - -/** - * @brief load the SSL context CA file - * - * @param ctx - SSL context point - * @param CAfile - CA certification file - * @param CApath - CA certification file path - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath); - -/** - * @brief add SSL context reference count by '1' - * - * @param ctx - SSL context point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_up_ref(SSL_CTX *ctx); - -/** - * @brief set SSL context application private data - * - * @param ctx - SSL context point - * @param arg - private data - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_set_app_data(SSL_CTX *ctx, void *arg); - -/** - * @brief set SSL context client certification callback function - * - * @param ctx - SSL context point - * @param cb - callback function - * - * @return none - */ -void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); - -/** - * @brief set the SSL context if we can read as many as data - * - * @param ctx - SSL context point - * @param m - enable the fuction - * - * @return none - */ -void SSL_CTX_set_default_read_ahead(SSL_CTX *ctx, int m); - -/** - * @brief set SSL context default verifying path - * - * @param ctx - SSL context point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx); - -/** - * @brief set SSL context default verifying directory - * - * @param ctx - SSL context point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx); - -/** - * @brief set SSL context default verifying file - * - * @param ctx - SSL context point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_set_default_verify_file(SSL_CTX *ctx); - -/** - * @brief set SSL context extra data - * - * @param ctx - SSL context point - * @param idx - data index - * @param arg - data point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, char *arg); - -/** - * @brief clear the SSL context option bit of "op" - * - * @param ctx - SSL context point - * @param op - option - * - * @return SSL context option - */ -unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op); - -/** - * @brief get the SSL context option - * - * @param ctx - SSL context point - * @param op - option - * - * @return SSL context option - */ -unsigned long SSL_CTX_get_options(SSL_CTX *ctx); - -/** - * @brief set the SSL context quiet shutdown mode - * - * @param ctx - SSL context point - * @param mode - mode - * - * @return none - */ -void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode); - -/** - * @brief get the SSL context X509 certification - * - * @param ctx - SSL context point - * - * @return X509 certification - */ -X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx); - -/** - * @brief get the SSL context private key - * - * @param ctx - SSL context point - * - * @return private key - */ -EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx); - -/** - * @brief set SSL context PSK identity hint - * - * @param ctx - SSL context point - * @param hint - PSK identity hint - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint); - -/** - * @brief set SSL context PSK server callback function - * - * @param ctx - SSL context point - * @param callback - callback function - * - * @return none - */ -void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, - unsigned int (*callback)(SSL *ssl, - const char *identity, - unsigned char *psk, - int max_psk_len)); -/** - * @brief get alert description string - * - * @param value - alert value - * - * @return alert description string - */ -const char *SSL_alert_desc_string(int value); - -/** - * @brief get alert description long string - * - * @param value - alert value - * - * @return alert description long string - */ -const char *SSL_alert_desc_string_long(int value); - -/** - * @brief get alert type string - * - * @param value - alert value - * - * @return alert type string - */ -const char *SSL_alert_type_string(int value); - -/** - * @brief get alert type long string - * - * @param value - alert value - * - * @return alert type long string - */ -const char *SSL_alert_type_string_long(int value); - -/** - * @brief get SSL context of the SSL - * - * @param ssl - SSL point - * - * @return SSL context - */ -SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl); - -/** - * @brief get SSL application data - * - * @param ssl - SSL point - * - * @return application data - */ -char *SSL_get_app_data(SSL *ssl); - -/** - * @brief get SSL cipher bits - * - * @param ssl - SSL point - * @param alg_bits - algorithm bits - * - * @return strength bits - */ -int SSL_get_cipher_bits(const SSL *ssl, int *alg_bits); - -/** - * @brief get SSL cipher name - * - * @param ssl - SSL point - * - * @return SSL cipher name - */ -char *SSL_get_cipher_name(const SSL *ssl); - -/** - * @brief get SSL cipher version - * - * @param ssl - SSL point - * - * @return SSL cipher version - */ -char *SSL_get_cipher_version(const SSL *ssl); - -/** - * @brief get SSL extra data - * - * @param ssl - SSL point - * @param idx - data index - * - * @return extra data - */ -char *SSL_get_ex_data(const SSL *ssl, int idx); - -/** - * @brief get index of the SSL extra data X509 storage context - * - * @param none - * - * @return data index - */ -int SSL_get_ex_data_X509_STORE_CTX_idx(void); - -/** - * @brief get peer certification chain - * - * @param ssl - SSL point - * - * @return certification chain - */ -STACK *SSL_get_peer_cert_chain(const SSL *ssl); - -/** - * @brief get peer certification - * - * @param ssl - SSL point - * - * @return certification - */ -X509 *SSL_get_peer_certificate(const SSL *ssl); - -/** - * @brief get SSL quiet shutdown mode - * - * @param ssl - SSL point - * - * @return quiet shutdown mode - */ -int SSL_get_quiet_shutdown(const SSL *ssl); - -/** - * @brief get SSL read only IO handle - * - * @param ssl - SSL point - * - * @return IO handle - */ -BIO *SSL_get_rbio(const SSL *ssl); - -/** - * @brief get SSL shared ciphers - * - * @param ssl - SSL point - * @param buf - buffer to store the ciphers - * @param len - buffer len - * - * @return shared ciphers - */ -char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len); - -/** - * @brief get SSL shutdown mode - * - * @param ssl - SSL point - * - * @return shutdown mode - */ -int SSL_get_shutdown(const SSL *ssl); - -/** - * @brief get SSL session time - * - * @param ssl - SSL point - * - * @return session time - */ -long SSL_get_time(const SSL *ssl); - -/** - * @brief get SSL session timeout time - * - * @param ssl - SSL point - * - * @return session timeout time - */ -long SSL_get_timeout(const SSL *ssl); - -/** - * @brief get SSL verifying mode - * - * @param ssl - SSL point - * - * @return verifying mode - */ -int SSL_get_verify_mode(const SSL *ssl); - -/** - * @brief get SSL verify parameters - * - * @param ssl - SSL point - * - * @return verify parameters - */ -X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl); - -/** - * @brief set expected hostname the peer cert CN should have - * - * @param param - verify parameters from SSL_get0_param() - * - * @param name - the expected hostname - * - * @param namelen - the length of the hostname, or 0 if NUL terminated - * - * @return verify parameters - */ -int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, - const char *name, size_t namelen); - -/** - * @brief set parameters for X509 host verify action - * - * @param param -verify parameters from SSL_get0_param() - * - * @param flags - bitfield of X509_CHECK_FLAG_... parameters to set - * - * @return 1 for success, 0 for failure - */ -int X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, - unsigned long flags); - -/** - * @brief clear parameters for X509 host verify action - * - * @param param -verify parameters from SSL_get0_param() - * - * @param flags - bitfield of X509_CHECK_FLAG_... parameters to clear - * - * @return 1 for success, 0 for failure - */ -int X509_VERIFY_PARAM_clear_hostflags(X509_VERIFY_PARAM *param, - unsigned long flags); - -/** - * @brief get SSL write only IO handle - * - * @param ssl - SSL point - * - * @return IO handle - */ -BIO *SSL_get_wbio(const SSL *ssl); - -/** - * @brief load SSL client CA certification file - * - * @param file - file name - * - * @return certification loading object - */ -STACK *SSL_load_client_CA_file(const char *file); - -/** - * @brief add SSL reference by '1' - * - * @param ssl - SSL point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_up_ref(SSL *ssl); - -/** - * @brief read and put data into buf, but not clear the SSL low-level storage - * - * @param ssl - SSL point - * @param buf - storage buffer point - * @param num - data bytes - * - * @return result - * > 0 : OK, and return read bytes - * = 0 : connect is closed - * < 0 : a error catch - */ -int SSL_peek(SSL *ssl, void *buf, int num); - -/** - * @brief make SSL renegotiate - * - * @param ssl - SSL point - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_renegotiate(SSL *ssl); - -/** - * @brief get the state string where SSL is reading - * - * @param ssl - SSL point - * - * @return state string - */ -const char *SSL_rstate_string(SSL *ssl); - -/** - * @brief get the statement long string where SSL is reading - * - * @param ssl - SSL point - * - * @return statement long string - */ -const char *SSL_rstate_string_long(SSL *ssl); - -/** - * @brief set SSL accept statement - * - * @param ssl - SSL point - * - * @return none - */ -void SSL_set_accept_state(SSL *ssl); - -/** - * @brief set SSL application data - * - * @param ssl - SSL point - * @param arg - SSL application data point - * - * @return none - */ -void SSL_set_app_data(SSL *ssl, char *arg); - -/** - * @brief set SSL BIO - * - * @param ssl - SSL point - * @param rbio - read only IO - * @param wbio - write only IO - * - * @return none - */ -void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio); - -/** - * @brief clear SSL option - * - * @param ssl - SSL point - * @param op - clear option - * - * @return SSL option - */ -unsigned long SSL_clear_options(SSL *ssl, unsigned long op); - -/** - * @brief get SSL option - * - * @param ssl - SSL point - * - * @return SSL option - */ -unsigned long SSL_get_options(SSL *ssl); - -/** - * @brief clear SSL option - * - * @param ssl - SSL point - * @param op - setting option - * - * @return SSL option - */ -unsigned long SSL_set_options(SSL *ssl, unsigned long op); - -/** - * @brief set SSL quiet shutdown mode - * - * @param ssl - SSL point - * @param mode - quiet shutdown mode - * - * @return none - */ -void SSL_set_quiet_shutdown(SSL *ssl, int mode); - -/** - * @brief set SSL shutdown mode - * - * @param ssl - SSL point - * @param mode - shutdown mode - * - * @return none - */ -void SSL_set_shutdown(SSL *ssl, int mode); - -/** - * @brief set SSL session time - * - * @param ssl - SSL point - * @param t - session time - * - * @return session time - */ -void SSL_set_time(SSL *ssl, long t); - -/** - * @brief set SSL session timeout time - * - * @param ssl - SSL point - * @param t - session timeout time - * - * @return session timeout time - */ -void SSL_set_timeout(SSL *ssl, long t); - -/** - * @brief get SSL statement string - * - * @param ssl - SSL point - * - * @return SSL statement string - */ -char *SSL_state_string(const SSL *ssl); - -/** - * @brief get SSL statement long string - * - * @param ssl - SSL point - * - * @return SSL statement long string - */ -char *SSL_state_string_long(const SSL *ssl); - -/** - * @brief get SSL renegotiation count - * - * @param ssl - SSL point - * - * @return renegotiation count - */ -long SSL_total_renegotiations(SSL *ssl); - -/** - * @brief get SSL version - * - * @param ssl - SSL point - * - * @return SSL version - */ -int SSL_version(const SSL *ssl); - -/** - * @brief set SSL PSK identity hint - * - * @param ssl - SSL point - * @param hint - identity hint - * - * @return result - * 1 : OK - * 0 : failed - */ -int SSL_use_psk_identity_hint(SSL *ssl, const char *hint); - -/** - * @brief get SSL PSK identity hint - * - * @param ssl - SSL point - * - * @return identity hint - */ -const char *SSL_get_psk_identity_hint(SSL *ssl); - -/** - * @brief get SSL PSK identity - * - * @param ssl - SSL point - * - * @return identity - */ -const char *SSL_get_psk_identity(SSL *ssl); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_pm.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_pm.h deleted file mode 100644 index cbbe3aa3a2..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_pm.h +++ /dev/null @@ -1,61 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL_PM_H_ -#define _SSL_PM_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -#include -#include "ssl_types.h" -#include "ssl_port.h" - -#define LOCAL_ATRR - -int ssl_pm_new(SSL *ssl); -void ssl_pm_free(SSL *ssl); - -int ssl_pm_handshake(SSL *ssl); -int ssl_pm_shutdown(SSL *ssl); -int ssl_pm_clear(SSL *ssl); - -int ssl_pm_read(SSL *ssl, void *buffer, int len); -int ssl_pm_send(SSL *ssl, const void *buffer, int len); -int ssl_pm_pending(const SSL *ssl); - -void ssl_pm_set_fd(SSL *ssl, int fd, int mode); -int ssl_pm_get_fd(const SSL *ssl, int mode); - -OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl); - -void ssl_pm_set_bufflen(SSL *ssl, int len); - -int x509_pm_show_info(X509 *x); -int x509_pm_new(X509 *x, X509 *m_x); -void x509_pm_free(X509 *x); -int x509_pm_load(X509 *x, const unsigned char *buffer, int len); - -int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pk); -void pkey_pm_free(EVP_PKEY *pk); -int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len); - -long ssl_pm_get_verify_result(const SSL *ssl); - -#ifdef __cplusplus - } -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_port.h b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_port.h deleted file mode 100644 index 74c7634355..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/include/platform/ssl_port.h +++ /dev/null @@ -1,46 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef _SSL_PORT_H_ -#define _SSL_PORT_H_ - -#ifdef __cplusplus - extern "C" { -#endif - -#include "string.h" -#include "stdlib.h" -#if defined(LWS_HAVE_MALLOC_H) -#include "malloc.h" -#endif - -void *ssl_mem_zalloc(size_t size); - -#define ssl_mem_malloc malloc -#define ssl_mem_free free - -#define ssl_memcpy memcpy -#define ssl_strlen strlen - -#define ssl_speed_up_enter() -#define ssl_speed_up_exit() - -#define SSL_DEBUG_FL -#define SSL_DEBUG_LOG(fmt, ...) ESP_LOGI("openssl", fmt, ##__VA_ARGS__) - -#ifdef __cplusplus - } -#endif - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_cert.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_cert.c deleted file mode 100644 index 5c608125ac..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_cert.c +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "ssl_cert.h" -#include "ssl_pkey.h" -#include "ssl_x509.h" -#include "ssl_dbg.h" -#include "ssl_port.h" - -/** - * @brief create a certification object according to input certification - */ -CERT *__ssl_cert_new(CERT *ic) -{ - CERT *cert; - - X509 *ix; - EVP_PKEY *ipk; - - cert = ssl_mem_zalloc(sizeof(CERT)); - if (!cert) { - SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "no enough memory > (cert)"); - goto no_mem; - } - - if (ic) { - ipk = ic->pkey; - ix = ic->x509; - } else { - ipk = NULL; - ix = NULL; - } - - cert->pkey = __EVP_PKEY_new(ipk); - if (!cert->pkey) { - SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "__EVP_PKEY_new() return NULL"); - goto pkey_err; - } - - cert->x509 = __X509_new(ix); - if (!cert->x509) { - SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "__X509_new() return NULL"); - goto x509_err; - } - - return cert; - -x509_err: - EVP_PKEY_free(cert->pkey); -pkey_err: - ssl_mem_free(cert); -no_mem: - return NULL; -} - -/** - * @brief create a certification object include private key object - */ -CERT *ssl_cert_new(void) -{ - return __ssl_cert_new(NULL); -} - -/** - * @brief free a certification object - */ -void ssl_cert_free(CERT *cert) -{ - SSL_ASSERT3(cert); - - X509_free(cert->x509); - - EVP_PKEY_free(cert->pkey); - - ssl_mem_free(cert); -} diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_lib.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_lib.c deleted file mode 100644 index 2f688ca9ef..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_lib.c +++ /dev/null @@ -1,1736 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "ssl_lib.h" -#include "ssl_pkey.h" -#include "ssl_x509.h" -#include "ssl_cert.h" -#include "ssl_dbg.h" -#include "ssl_port.h" - -char * -lws_strncpy(char *dest, const char *src, size_t size); - -#define SSL_SEND_DATA_MAX_LENGTH 1460 - -/** - * @brief create a new SSL session object - */ -static SSL_SESSION* SSL_SESSION_new(void) -{ - SSL_SESSION *session; - - session = ssl_mem_zalloc(sizeof(SSL_SESSION)); - if (!session) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no enough memory > (session)"); - goto failed1; - } - - session->peer = X509_new(); - if (!session->peer) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "X509_new() return NULL"); - goto failed2; - } - - return session; - -failed2: - ssl_mem_free(session); -failed1: - return NULL; -} - -/** - * @brief free a new SSL session object - */ -static void SSL_SESSION_free(SSL_SESSION *session) -{ - X509_free(session->peer); - ssl_mem_free(session); -} - -/** - * @brief Discover whether the current connection is in the error state - */ -int ossl_statem_in_error(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - if (ssl->statem.state == MSG_FLOW_ERROR) - return 1; - - return 0; -} - -/** - * @brief get the SSL specifical statement - */ -int SSL_want(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - return ssl->rwstate; -} - -/** - * @brief check if SSL want nothing - */ -int SSL_want_nothing(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - if (ssl->err) - return 1; - - return (SSL_want(ssl) == SSL_NOTHING); -} - -/** - * @brief check if SSL want to read - */ -int SSL_want_read(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - if (ssl->err) - return 0; - - return (SSL_want(ssl) == SSL_READING); -} - -/** - * @brief check if SSL want to write - */ -int SSL_want_write(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - if (ssl->err) - return 0; - - return (SSL_want(ssl) == SSL_WRITING); -} - -/** - * @brief check if SSL want to lookup X509 certification - */ -int SSL_want_x509_lookup(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - return (SSL_want(ssl) == SSL_WRITING); -} - -/** - * @brief get SSL error code - */ -int SSL_get_error(const SSL *ssl, int ret_code) -{ - int ret = SSL_ERROR_SYSCALL; - - SSL_ASSERT1(ssl); - - if (ret_code > 0) - ret = SSL_ERROR_NONE; - else if (ret_code < 0) - { - if (ssl->err == SSL_ERROR_WANT_READ || SSL_want_read(ssl)) - ret = SSL_ERROR_WANT_READ; - else if (ssl->err == SSL_ERROR_WANT_WRITE || SSL_want_write(ssl)) - ret = SSL_ERROR_WANT_WRITE; - else - ret = SSL_ERROR_SYSCALL; //unknown - } - else // ret_code == 0 - { - if (ssl->shutdown & SSL_RECEIVED_SHUTDOWN) - ret = SSL_ERROR_ZERO_RETURN; - else - ret = SSL_ERROR_SYSCALL; - } - - return ret; -} - -/** - * @brief get the SSL state - */ -OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl) -{ - OSSL_HANDSHAKE_STATE state; - - SSL_ASSERT1(ssl); - - state = SSL_METHOD_CALL(get_state, ssl); - - return state; -} - -/** - * @brief create a SSL context - */ -SSL_CTX* SSL_CTX_new(const SSL_METHOD *method) -{ - SSL_CTX *ctx; - CERT *cert; - X509 *client_ca; - - if (!method) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no no_method"); - return NULL; - } - - client_ca = X509_new(); - if (!client_ca) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "X509_new() return NULL"); - goto failed1; - } - - cert = ssl_cert_new(); - if (!cert) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "ssl_cert_new() return NULL"); - goto failed2; - } - - ctx = (SSL_CTX *)ssl_mem_zalloc(sizeof(SSL_CTX)); - if (!ctx) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no enough memory > (ctx)"); - goto failed3; - } - - ctx->method = method; - ctx->client_CA = client_ca; - ctx->cert = cert; - - ctx->version = method->version; - - return ctx; - -failed3: - ssl_cert_free(cert); -failed2: - X509_free(client_ca); -failed1: - return NULL; -} - -/** - * @brief free a SSL context - */ -void SSL_CTX_free(SSL_CTX* ctx) -{ - SSL_ASSERT3(ctx); - - ssl_cert_free(ctx->cert); - - X509_free(ctx->client_CA); - - if (ctx->alpn_protos) - ssl_mem_free(ctx->alpn_protos); - - ssl_mem_free(ctx); -} - -/** - * @brief set the SSL context version - */ -int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth) -{ - SSL_ASSERT1(ctx); - SSL_ASSERT1(meth); - - ctx->method = meth; - - ctx->version = meth->version; - - return 1; -} - -/** - * @brief get the SSL context current method - */ -const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx) -{ - SSL_ASSERT2(ctx); - - return ctx->method; -} - -/** - * @brief create a SSL - */ -SSL *SSL_new(SSL_CTX *ctx) -{ - int ret = 0; - SSL *ssl; - - if (!ctx) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no ctx"); - return NULL; - } - - ssl = (SSL *)ssl_mem_zalloc(sizeof(SSL)); - if (!ssl) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no enough memory > (ssl)"); - goto failed1; - } - - ssl->session = SSL_SESSION_new(); - if (!ssl->session) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_SESSION_new() return NULL"); - goto failed2; - } - - ssl->cert = __ssl_cert_new(ctx->cert); - if (!ssl->cert) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "__ssl_cert_new() return NULL"); - goto failed3; - } - - ssl->client_CA = __X509_new(ctx->client_CA); - if (!ssl->client_CA) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "__X509_new() return NULL"); - goto failed4; - } - - ssl->ctx = ctx; - ssl->method = ctx->method; - - ssl->version = ctx->version; - ssl->options = ctx->options; - - ssl->verify_mode = ctx->verify_mode; - - ret = SSL_METHOD_CALL(new, ssl); - if (ret) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_METHOD_CALL(new) return %d", ret); - goto failed5; - } - - _ssl_set_alpn_list(ssl); - - ssl->rwstate = SSL_NOTHING; - - return ssl; - -failed5: - X509_free(ssl->client_CA); -failed4: - ssl_cert_free(ssl->cert); -failed3: - SSL_SESSION_free(ssl->session); -failed2: - ssl_mem_free(ssl); -failed1: - return NULL; -} - -/** - * @brief free the SSL - */ -void SSL_free(SSL *ssl) -{ - SSL_ASSERT3(ssl); - - SSL_METHOD_CALL(free, ssl); - - X509_free(ssl->client_CA); - - ssl_cert_free(ssl->cert); - - SSL_SESSION_free(ssl->session); - - if (ssl->alpn_protos) - ssl_mem_free(ssl->alpn_protos); - - ssl_mem_free(ssl); -} - -/** - * @brief perform the SSL handshake - */ -int SSL_do_handshake(SSL *ssl) -{ - int ret; - - SSL_ASSERT1(ssl); - - ret = SSL_METHOD_CALL(handshake, ssl); - - return ret; -} - -/** - * @brief connect to the remote SSL server - */ -int SSL_connect(SSL *ssl) -{ - SSL_ASSERT1(ssl); - - return SSL_do_handshake(ssl); -} - -/** - * @brief accept the remote connection - */ -int SSL_accept(SSL *ssl) -{ - SSL_ASSERT1(ssl); - - return SSL_do_handshake(ssl); -} - -/** - * @brief shutdown the connection - */ -int SSL_shutdown(SSL *ssl) -{ - int ret; - - SSL_ASSERT1(ssl); - - if (SSL_get_state(ssl) != TLS_ST_OK) return 1; - - ret = SSL_METHOD_CALL(shutdown, ssl); - - return ret; -} - -/** - * @brief reset the SSL - */ -int SSL_clear(SSL *ssl) -{ - int ret; - - SSL_ASSERT1(ssl); - - ret = SSL_shutdown(ssl); - if (1 != ret) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_shutdown return %d", ret); - goto failed1; - } - - SSL_METHOD_CALL(free, ssl); - - ret = SSL_METHOD_CALL(new, ssl); - if (!ret) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_METHOD_CALL(new) return %d", ret); - goto failed1; - } - - return 1; - -failed1: - return ret; -} - -/** - * @brief read data from to remote - */ -int SSL_read(SSL *ssl, void *buffer, int len) -{ - int ret; - - SSL_ASSERT1(ssl); - SSL_ASSERT1(buffer); - SSL_ASSERT1(len); - - ssl->rwstate = SSL_READING; - - ret = SSL_METHOD_CALL(read, ssl, buffer, len); - - if (ret == len) - ssl->rwstate = SSL_NOTHING; - - return ret; -} - -/** - * @brief send the data to remote - */ -int SSL_write(SSL *ssl, const void *buffer, int len) -{ - int ret; - int send_bytes, bytes; - const unsigned char *pbuf; - - SSL_ASSERT1(ssl); - SSL_ASSERT1(buffer); - SSL_ASSERT1(len); - - ssl->rwstate = SSL_WRITING; - - send_bytes = len; - pbuf = (const unsigned char *)buffer; - - do { - if (send_bytes > SSL_SEND_DATA_MAX_LENGTH) - bytes = SSL_SEND_DATA_MAX_LENGTH; - else - bytes = send_bytes; - - if (ssl->interrupted_remaining_write) { - bytes = ssl->interrupted_remaining_write; - ssl->interrupted_remaining_write = 0; - } - - ret = SSL_METHOD_CALL(send, ssl, pbuf, bytes); - //printf("%s: ssl_pm said %d for %d requested (cum %d)\n", __func__, ret, bytes, len -send_bytes); - /* the return is a NEGATIVE OpenSSL error code, or the length sent */ - if (ret > 0) { - pbuf += ret; - send_bytes -= ret; - } else - ssl->interrupted_remaining_write = bytes; - } while (ret > 0 && send_bytes && ret == bytes); - - if (ret >= 0) { - ret = len - send_bytes; - if (!ret) - ssl->rwstate = SSL_NOTHING; - } else { - if (send_bytes == len) - ret = -1; - else - ret = len - send_bytes; - } - - return ret; -} - -/** - * @brief get SSL context of the SSL - */ -SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl) -{ - SSL_ASSERT2(ssl); - - return ssl->ctx; -} - -/** - * @brief get the SSL current method - */ -const SSL_METHOD *SSL_get_ssl_method(SSL *ssl) -{ - SSL_ASSERT2(ssl); - - return ssl->method; -} - -/** - * @brief set the SSL method - */ -int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *method) -{ - int ret; - - SSL_ASSERT1(ssl); - SSL_ASSERT1(method); - - if (ssl->version != method->version) { - - ret = SSL_shutdown(ssl); - if (1 != ret) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_shutdown return %d", ret); - goto failed1; - } - - SSL_METHOD_CALL(free, ssl); - - ssl->method = method; - - ret = SSL_METHOD_CALL(new, ssl); - if (!ret) { - SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_METHOD_CALL(new) return %d", ret); - goto failed1; - } - } else { - ssl->method = method; - } - - - return 1; - -failed1: - return ret; -} - -/** - * @brief get SSL shutdown mode - */ -int SSL_get_shutdown(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - return ssl->shutdown; -} - -/** - * @brief set SSL shutdown mode - */ -void SSL_set_shutdown(SSL *ssl, int mode) -{ - SSL_ASSERT3(ssl); - - ssl->shutdown = mode; -} - - -/** - * @brief get the number of the bytes to be read - */ -int SSL_pending(const SSL *ssl) -{ - int ret; - - SSL_ASSERT1(ssl); - - ret = SSL_METHOD_CALL(pending, ssl); - - return ret; -} - -/** - * @brief check if some data can be read - */ -int SSL_has_pending(const SSL *ssl) -{ - int ret; - - SSL_ASSERT1(ssl); - - if (SSL_pending(ssl)) - ret = 1; - else - ret = 0; - - return ret; -} - -/** - * @brief clear the SSL context option bit of "op" - */ -unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op) -{ - SSL_ASSERT1(ctx); - - return ctx->options &= ~op; -} - -/** - * @brief get the SSL context option - */ -unsigned long SSL_CTX_get_options(SSL_CTX *ctx) -{ - SSL_ASSERT1(ctx); - - return ctx->options; -} - -/** - * @brief set the option of the SSL context - */ -unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long opt) -{ - SSL_ASSERT1(ctx); - - return ctx->options |= opt; -} - -/** - * @brief clear SSL option - */ -unsigned long SSL_clear_options(SSL *ssl, unsigned long op) -{ - SSL_ASSERT1(ssl); - - return ssl->options & ~op; -} - -/** - * @brief get SSL option - */ -unsigned long SSL_get_options(SSL *ssl) -{ - SSL_ASSERT1(ssl); - - return ssl->options; -} - -/** - * @brief clear SSL option - */ -unsigned long SSL_set_options(SSL *ssl, unsigned long op) -{ - SSL_ASSERT1(ssl); - - return ssl->options |= op; -} - -/** - * @brief get the socket handle of the SSL - */ -int SSL_get_fd(const SSL *ssl) -{ - int ret; - - SSL_ASSERT1(ssl); - - ret = SSL_METHOD_CALL(get_fd, ssl, 0); - - return ret; -} - -/** - * @brief get the read only socket handle of the SSL - */ -int SSL_get_rfd(const SSL *ssl) -{ - int ret; - - SSL_ASSERT1(ssl); - - ret = SSL_METHOD_CALL(get_fd, ssl, 0); - - return ret; -} - -/** - * @brief get the write only socket handle of the SSL - */ -int SSL_get_wfd(const SSL *ssl) -{ - int ret; - - SSL_ASSERT1(ssl); - - ret = SSL_METHOD_CALL(get_fd, ssl, 0); - - return ret; -} - -/** - * @brief bind the socket file description into the SSL - */ -int SSL_set_fd(SSL *ssl, int fd) -{ - SSL_ASSERT1(ssl); - SSL_ASSERT1(fd >= 0); - - SSL_METHOD_CALL(set_fd, ssl, fd, 0); - - return 1; -} - -/** - * @brief bind the read only socket file description into the SSL - */ -int SSL_set_rfd(SSL *ssl, int fd) -{ - SSL_ASSERT1(ssl); - SSL_ASSERT1(fd >= 0); - - SSL_METHOD_CALL(set_fd, ssl, fd, 0); - - return 1; -} - -/** - * @brief bind the write only socket file description into the SSL - */ -int SSL_set_wfd(SSL *ssl, int fd) -{ - SSL_ASSERT1(ssl); - SSL_ASSERT1(fd >= 0); - - SSL_METHOD_CALL(set_fd, ssl, fd, 0); - - return 1; -} - -/** - * @brief get SSL version - */ -int SSL_version(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - return ssl->version; -} - -/** - * @brief get the SSL version string - */ -static const char* ssl_protocol_to_string(int version) -{ - const char *str; - - if (version == TLS1_2_VERSION) - str = "TLSv1.2"; - else if (version == TLS1_1_VERSION) - str = "TLSv1.1"; - else if (version == TLS1_VERSION) - str = "TLSv1"; - else if (version == SSL3_VERSION) - str = "SSLv3"; - else - str = "unknown"; - - return str; -} - -/** - * @brief get the SSL current version - */ -const char *SSL_get_version(const SSL *ssl) -{ - SSL_ASSERT2(ssl); - - return ssl_protocol_to_string(SSL_version(ssl)); -} - -/** - * @brief get alert description string - */ -const char* SSL_alert_desc_string(int value) -{ - const char *str; - - switch (value & 0xff) - { - case SSL3_AD_CLOSE_NOTIFY: - str = "CN"; - break; - case SSL3_AD_UNEXPECTED_MESSAGE: - str = "UM"; - break; - case SSL3_AD_BAD_RECORD_MAC: - str = "BM"; - break; - case SSL3_AD_DECOMPRESSION_FAILURE: - str = "DF"; - break; - case SSL3_AD_HANDSHAKE_FAILURE: - str = "HF"; - break; - case SSL3_AD_NO_CERTIFICATE: - str = "NC"; - break; - case SSL3_AD_BAD_CERTIFICATE: - str = "BC"; - break; - case SSL3_AD_UNSUPPORTED_CERTIFICATE: - str = "UC"; - break; - case SSL3_AD_CERTIFICATE_REVOKED: - str = "CR"; - break; - case SSL3_AD_CERTIFICATE_EXPIRED: - str = "CE"; - break; - case SSL3_AD_CERTIFICATE_UNKNOWN: - str = "CU"; - break; - case SSL3_AD_ILLEGAL_PARAMETER: - str = "IP"; - break; - case TLS1_AD_DECRYPTION_FAILED: - str = "DC"; - break; - case TLS1_AD_RECORD_OVERFLOW: - str = "RO"; - break; - case TLS1_AD_UNKNOWN_CA: - str = "CA"; - break; - case TLS1_AD_ACCESS_DENIED: - str = "AD"; - break; - case TLS1_AD_DECODE_ERROR: - str = "DE"; - break; - case TLS1_AD_DECRYPT_ERROR: - str = "CY"; - break; - case TLS1_AD_EXPORT_RESTRICTION: - str = "ER"; - break; - case TLS1_AD_PROTOCOL_VERSION: - str = "PV"; - break; - case TLS1_AD_INSUFFICIENT_SECURITY: - str = "IS"; - break; - case TLS1_AD_INTERNAL_ERROR: - str = "IE"; - break; - case TLS1_AD_USER_CANCELLED: - str = "US"; - break; - case TLS1_AD_NO_RENEGOTIATION: - str = "NR"; - break; - case TLS1_AD_UNSUPPORTED_EXTENSION: - str = "UE"; - break; - case TLS1_AD_CERTIFICATE_UNOBTAINABLE: - str = "CO"; - break; - case TLS1_AD_UNRECOGNIZED_NAME: - str = "UN"; - break; - case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: - str = "BR"; - break; - case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: - str = "BH"; - break; - case TLS1_AD_UNKNOWN_PSK_IDENTITY: - str = "UP"; - break; - default: - str = "UK"; - break; - } - - return str; -} - -/** - * @brief get alert description long string - */ -const char* SSL_alert_desc_string_long(int value) -{ - const char *str; - - switch (value & 0xff) - { - case SSL3_AD_CLOSE_NOTIFY: - str = "close notify"; - break; - case SSL3_AD_UNEXPECTED_MESSAGE: - str = "unexpected_message"; - break; - case SSL3_AD_BAD_RECORD_MAC: - str = "bad record mac"; - break; - case SSL3_AD_DECOMPRESSION_FAILURE: - str = "decompression failure"; - break; - case SSL3_AD_HANDSHAKE_FAILURE: - str = "handshake failure"; - break; - case SSL3_AD_NO_CERTIFICATE: - str = "no certificate"; - break; - case SSL3_AD_BAD_CERTIFICATE: - str = "bad certificate"; - break; - case SSL3_AD_UNSUPPORTED_CERTIFICATE: - str = "unsupported certificate"; - break; - case SSL3_AD_CERTIFICATE_REVOKED: - str = "certificate revoked"; - break; - case SSL3_AD_CERTIFICATE_EXPIRED: - str = "certificate expired"; - break; - case SSL3_AD_CERTIFICATE_UNKNOWN: - str = "certificate unknown"; - break; - case SSL3_AD_ILLEGAL_PARAMETER: - str = "illegal parameter"; - break; - case TLS1_AD_DECRYPTION_FAILED: - str = "decryption failed"; - break; - case TLS1_AD_RECORD_OVERFLOW: - str = "record overflow"; - break; - case TLS1_AD_UNKNOWN_CA: - str = "unknown CA"; - break; - case TLS1_AD_ACCESS_DENIED: - str = "access denied"; - break; - case TLS1_AD_DECODE_ERROR: - str = "decode error"; - break; - case TLS1_AD_DECRYPT_ERROR: - str = "decrypt error"; - break; - case TLS1_AD_EXPORT_RESTRICTION: - str = "export restriction"; - break; - case TLS1_AD_PROTOCOL_VERSION: - str = "protocol version"; - break; - case TLS1_AD_INSUFFICIENT_SECURITY: - str = "insufficient security"; - break; - case TLS1_AD_INTERNAL_ERROR: - str = "internal error"; - break; - case TLS1_AD_USER_CANCELLED: - str = "user canceled"; - break; - case TLS1_AD_NO_RENEGOTIATION: - str = "no renegotiation"; - break; - case TLS1_AD_UNSUPPORTED_EXTENSION: - str = "unsupported extension"; - break; - case TLS1_AD_CERTIFICATE_UNOBTAINABLE: - str = "certificate unobtainable"; - break; - case TLS1_AD_UNRECOGNIZED_NAME: - str = "unrecognized name"; - break; - case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: - str = "bad certificate status response"; - break; - case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: - str = "bad certificate hash value"; - break; - case TLS1_AD_UNKNOWN_PSK_IDENTITY: - str = "unknown PSK identity"; - break; - default: - str = "unknown"; - break; - } - - return str; -} - -/** - * @brief get alert type string - */ -const char *SSL_alert_type_string(int value) -{ - const char *str; - - switch (value >> 8) - { - case SSL3_AL_WARNING: - str = "W"; - break; - case SSL3_AL_FATAL: - str = "F"; - break; - default: - str = "U"; - break; - } - - return str; -} - -/** - * @brief get alert type long string - */ -const char *SSL_alert_type_string_long(int value) -{ - const char *str; - - switch (value >> 8) - { - case SSL3_AL_WARNING: - str = "warning"; - break; - case SSL3_AL_FATAL: - str = "fatal"; - break; - default: - str = "unknown"; - break; - } - - return str; -} - -/** - * @brief get the state string where SSL is reading - */ -const char *SSL_rstate_string(SSL *ssl) -{ - const char *str; - - SSL_ASSERT2(ssl); - - switch (ssl->rlayer.rstate) - { - case SSL_ST_READ_HEADER: - str = "RH"; - break; - case SSL_ST_READ_BODY: - str = "RB"; - break; - case SSL_ST_READ_DONE: - str = "RD"; - break; - default: - str = "unknown"; - break; - } - - return str; -} - -/** - * @brief get the statement long string where SSL is reading - */ -const char *SSL_rstate_string_long(SSL *ssl) -{ - const char *str = "unknown"; - - SSL_ASSERT2(ssl); - - switch (ssl->rlayer.rstate) - { - case SSL_ST_READ_HEADER: - str = "read header"; - break; - case SSL_ST_READ_BODY: - str = "read body"; - break; - case SSL_ST_READ_DONE: - str = "read done"; - break; - default: - break; - } - - return str; -} - -/** - * @brief get SSL statement string - */ -char *SSL_state_string(const SSL *ssl) -{ - char *str = "UNKWN "; - - SSL_ASSERT2(ssl); - - if (ossl_statem_in_error(ssl)) - str = "SSLERR"; - else - { - switch (SSL_get_state(ssl)) - { - case TLS_ST_BEFORE: - str = "PINIT "; - break; - case TLS_ST_OK: - str = "SSLOK "; - break; - case TLS_ST_CW_CLNT_HELLO: - str = "TWCH"; - break; - case TLS_ST_CR_SRVR_HELLO: - str = "TRSH"; - break; - case TLS_ST_CR_CERT: - str = "TRSC"; - break; - case TLS_ST_CR_KEY_EXCH: - str = "TRSKE"; - break; - case TLS_ST_CR_CERT_REQ: - str = "TRCR"; - break; - case TLS_ST_CR_SRVR_DONE: - str = "TRSD"; - break; - case TLS_ST_CW_CERT: - str = "TWCC"; - break; - case TLS_ST_CW_KEY_EXCH: - str = "TWCKE"; - break; - case TLS_ST_CW_CERT_VRFY: - str = "TWCV"; - break; - case TLS_ST_SW_CHANGE: - case TLS_ST_CW_CHANGE: - str = "TWCCS"; - break; - case TLS_ST_SW_FINISHED: - case TLS_ST_CW_FINISHED: - str = "TWFIN"; - break; - case TLS_ST_SR_CHANGE: - case TLS_ST_CR_CHANGE: - str = "TRCCS"; - break; - case TLS_ST_SR_FINISHED: - case TLS_ST_CR_FINISHED: - str = "TRFIN"; - break; - case TLS_ST_SW_HELLO_REQ: - str = "TWHR"; - break; - case TLS_ST_SR_CLNT_HELLO: - str = "TRCH"; - break; - case TLS_ST_SW_SRVR_HELLO: - str = "TWSH"; - break; - case TLS_ST_SW_CERT: - str = "TWSC"; - break; - case TLS_ST_SW_KEY_EXCH: - str = "TWSKE"; - break; - case TLS_ST_SW_CERT_REQ: - str = "TWCR"; - break; - case TLS_ST_SW_SRVR_DONE: - str = "TWSD"; - break; - case TLS_ST_SR_CERT: - str = "TRCC"; - break; - case TLS_ST_SR_KEY_EXCH: - str = "TRCKE"; - break; - case TLS_ST_SR_CERT_VRFY: - str = "TRCV"; - break; - case DTLS_ST_CR_HELLO_VERIFY_REQUEST: - str = "DRCHV"; - break; - case DTLS_ST_SW_HELLO_VERIFY_REQUEST: - str = "DWCHV"; - break; - default: - break; - } - } - - return str; -} - -/** - * @brief get SSL statement long string - */ -char *SSL_state_string_long(const SSL *ssl) -{ - char *str = "UNKWN "; - - SSL_ASSERT2(ssl); - - if (ossl_statem_in_error(ssl)) - str = "SSLERR"; - else - { - switch (SSL_get_state(ssl)) - { - case TLS_ST_BEFORE: - str = "before SSL initialization"; - break; - case TLS_ST_OK: - str = "SSL negotiation finished successfully"; - break; - case TLS_ST_CW_CLNT_HELLO: - str = "SSLv3/TLS write client hello"; - break; - case TLS_ST_CR_SRVR_HELLO: - str = "SSLv3/TLS read server hello"; - break; - case TLS_ST_CR_CERT: - str = "SSLv3/TLS read server certificate"; - break; - case TLS_ST_CR_KEY_EXCH: - str = "SSLv3/TLS read server key exchange"; - break; - case TLS_ST_CR_CERT_REQ: - str = "SSLv3/TLS read server certificate request"; - break; - case TLS_ST_CR_SESSION_TICKET: - str = "SSLv3/TLS read server session ticket"; - break; - case TLS_ST_CR_SRVR_DONE: - str = "SSLv3/TLS read server done"; - break; - case TLS_ST_CW_CERT: - str = "SSLv3/TLS write client certificate"; - break; - case TLS_ST_CW_KEY_EXCH: - str = "SSLv3/TLS write client key exchange"; - break; - case TLS_ST_CW_CERT_VRFY: - str = "SSLv3/TLS write certificate verify"; - break; - case TLS_ST_CW_CHANGE: - case TLS_ST_SW_CHANGE: - str = "SSLv3/TLS write change cipher spec"; - break; - case TLS_ST_CW_FINISHED: - case TLS_ST_SW_FINISHED: - str = "SSLv3/TLS write finished"; - break; - case TLS_ST_CR_CHANGE: - case TLS_ST_SR_CHANGE: - str = "SSLv3/TLS read change cipher spec"; - break; - case TLS_ST_CR_FINISHED: - case TLS_ST_SR_FINISHED: - str = "SSLv3/TLS read finished"; - break; - case TLS_ST_SR_CLNT_HELLO: - str = "SSLv3/TLS read client hello"; - break; - case TLS_ST_SW_HELLO_REQ: - str = "SSLv3/TLS write hello request"; - break; - case TLS_ST_SW_SRVR_HELLO: - str = "SSLv3/TLS write server hello"; - break; - case TLS_ST_SW_CERT: - str = "SSLv3/TLS write certificate"; - break; - case TLS_ST_SW_KEY_EXCH: - str = "SSLv3/TLS write key exchange"; - break; - case TLS_ST_SW_CERT_REQ: - str = "SSLv3/TLS write certificate request"; - break; - case TLS_ST_SW_SESSION_TICKET: - str = "SSLv3/TLS write session ticket"; - break; - case TLS_ST_SW_SRVR_DONE: - str = "SSLv3/TLS write server done"; - break; - case TLS_ST_SR_CERT: - str = "SSLv3/TLS read client certificate"; - break; - case TLS_ST_SR_KEY_EXCH: - str = "SSLv3/TLS read client key exchange"; - break; - case TLS_ST_SR_CERT_VRFY: - str = "SSLv3/TLS read certificate verify"; - break; - case DTLS_ST_CR_HELLO_VERIFY_REQUEST: - str = "DTLS1 read hello verify request"; - break; - case DTLS_ST_SW_HELLO_VERIFY_REQUEST: - str = "DTLS1 write hello verify request"; - break; - default: - break; - } - } - - return str; -} - -/** - * @brief set the SSL context read buffer length - */ -void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len) -{ - SSL_ASSERT3(ctx); - - ctx->read_buffer_len = len; -} - -/** - * @brief set the SSL read buffer length - */ -void SSL_set_default_read_buffer_len(SSL *ssl, size_t len) -{ - SSL_ASSERT3(ssl); - SSL_ASSERT3(len); - - SSL_METHOD_CALL(set_bufflen, ssl, len); -} - -/** - * @brief set the SSL information callback function - */ -void SSL_set_info_callback(SSL *ssl, void (*cb) (const SSL *ssl, int type, int val)) -{ - SSL_ASSERT3(ssl); - - ssl->info_callback = cb; -} - -/** - * @brief add SSL context reference count by '1' - */ -int SSL_CTX_up_ref(SSL_CTX *ctx) -{ - SSL_ASSERT1(ctx); - - /** - * no support multi-thread SSL here - */ - ctx->references++; - - return 1; -} - -/** - * @brief set the SSL security level - */ -void SSL_set_security_level(SSL *ssl, int level) -{ - SSL_ASSERT3(ssl); - - ssl->cert->sec_level = level; -} - -/** - * @brief get the SSL security level - */ -int SSL_get_security_level(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - return ssl->cert->sec_level; -} - -/** - * @brief get the SSL verifying mode of the SSL context - */ -int SSL_CTX_get_verify_mode(const SSL_CTX *ctx) -{ - SSL_ASSERT1(ctx); - - return ctx->verify_mode; -} - -/** - * @brief set the session timeout time - */ -long SSL_CTX_set_timeout(SSL_CTX *ctx, long t) -{ - long l; - - SSL_ASSERT1(ctx); - - l = ctx->session_timeout; - ctx->session_timeout = t; - - return l; -} - -/** - * @brief get the session timeout time - */ -long SSL_CTX_get_timeout(const SSL_CTX *ctx) -{ - SSL_ASSERT1(ctx); - - return ctx->session_timeout; -} - -/** - * @brief set the SSL if we can read as many as data - */ -void SSL_set_read_ahead(SSL *ssl, int yes) -{ - SSL_ASSERT3(ssl); - - ssl->rlayer.read_ahead = yes; -} - -/** - * @brief set the SSL context if we can read as many as data - */ -void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes) -{ - SSL_ASSERT3(ctx); - - ctx->read_ahead = yes; -} - -/** - * @brief get the SSL ahead signal if we can read as many as data - */ -int SSL_get_read_ahead(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - return ssl->rlayer.read_ahead; -} - -/** - * @brief get the SSL context ahead signal if we can read as many as data - */ -long SSL_CTX_get_read_ahead(SSL_CTX *ctx) -{ - SSL_ASSERT1(ctx); - - return ctx->read_ahead; -} - -/** - * @brief check if the SSL context can read as many as data - */ -long SSL_CTX_get_default_read_ahead(SSL_CTX *ctx) -{ - SSL_ASSERT1(ctx); - - return ctx->read_ahead; -} - -/** - * @brief set SSL session time - */ -long SSL_set_time(SSL *ssl, long t) -{ - SSL_ASSERT1(ssl); - - ssl->session->time = t; - - return t; -} - -/** - * @brief set SSL session timeout time - */ -long SSL_set_timeout(SSL *ssl, long t) -{ - SSL_ASSERT1(ssl); - - ssl->session->timeout = t; - - return t; -} - -/** - * @brief get the verifying result of the SSL certification - */ -long SSL_get_verify_result(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - return SSL_METHOD_CALL(get_verify_result, ssl); -} - -/** - * @brief get the SSL verifying depth of the SSL context - */ -int SSL_CTX_get_verify_depth(const SSL_CTX *ctx) -{ - SSL_ASSERT1(ctx); - - return ctx->param.depth; -} - -/** - * @brief set the SSL verify depth of the SSL context - */ -void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth) -{ - SSL_ASSERT3(ctx); - - ctx->param.depth = depth; -} - -/** - * @brief get the SSL verifying depth of the SSL - */ -int SSL_get_verify_depth(const SSL *ssl) -{ - SSL_ASSERT1(ssl); - - return ssl->param.depth; -} - -/** - * @brief set the SSL verify depth of the SSL - */ -void SSL_set_verify_depth(SSL *ssl, int depth) -{ - SSL_ASSERT3(ssl); - - ssl->param.depth = depth; -} - -/** - * @brief set the SSL context verifying of the SSL context - */ -void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*verify_callback)(int, X509_STORE_CTX *)) -{ - SSL_ASSERT3(ctx); - - ctx->verify_mode = mode; - ctx->default_verify_callback = verify_callback; -} - -/** - * @brief set the SSL verifying of the SSL context - */ -void SSL_set_verify(SSL *ssl, int mode, int (*verify_callback)(int, X509_STORE_CTX *)) -{ - SSL_ASSERT3(ssl); - - ssl->verify_mode = mode; - ssl->verify_callback = verify_callback; -} - -void ERR_error_string_n(unsigned long e, char *buf, size_t len) -{ - lws_strncpy(buf, "unknown", len); -} - -void ERR_free_strings(void) -{ -} - -char *ERR_error_string(unsigned long e, char *buf) -{ - if (!buf) - return "unknown"; - - switch(e) { - case X509_V_ERR_INVALID_CA: - strcpy(buf, "CA is not trusted"); - break; - case X509_V_ERR_HOSTNAME_MISMATCH: - strcpy(buf, "Hostname mismatch"); - break; - case X509_V_ERR_CA_KEY_TOO_SMALL: - strcpy(buf, "CA key too small"); - break; - case X509_V_ERR_CA_MD_TOO_WEAK: - strcpy(buf, "MD key too weak"); - break; - case X509_V_ERR_CERT_NOT_YET_VALID: - strcpy(buf, "Cert from the future"); - break; - case X509_V_ERR_CERT_HAS_EXPIRED: - strcpy(buf, "Cert expired"); - break; - default: - strcpy(buf, "unknown"); - break; - } - - return buf; -} - -void *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx) -{ - return NULL; -} - -/* - * Openssl wants the valid protocol names supplied like this: - * - * (unsigned char *)"\x02h2\x08http/1.1", 6 + 9 - * - * Mbedtls wants this: - * - * Pointer to a NULL-terminated list of supported protocols, in decreasing - * preference order. The pointer to the list is recorded by the library for - * later reference as required, so the lifetime of the table must be at least - * as long as the lifetime of the SSL configuration structure. - * - * So accept the OpenSSL style and convert to mbedtls style - */ - -struct alpn_ctx { - unsigned char data[23]; - unsigned char len; -}; - -static void -_openssl_alpn_to_mbedtls(struct alpn_ctx *ac, char ***palpn_protos) -{ - unsigned char *p = ac->data, *q; - unsigned char len; - char **alpn_protos; - int count = 0; - - /* find out how many entries he gave us */ - - len = *p++; - while (p - ac->data < ac->len) { - if (len--) { - p++; - continue; - } - count++; - len = *p++; - if (!len) - break; - } - - if (!len) - count++; - - if (!count) - return; - - /* allocate space for count + 1 pointers and the data afterwards */ - - alpn_protos = ssl_mem_zalloc((count + 1) * sizeof(char *) + ac->len + 1); - if (!alpn_protos) - return; - - *palpn_protos = alpn_protos; - - /* convert to mbedtls format */ - - q = (unsigned char *)alpn_protos + (count + 1) * sizeof(char *); - p = ac->data; - count = 0; - - len = *p++; - alpn_protos[count] = (char *)q; - while (p - ac->data < ac->len) { - if (len--) { - *q++ = *p++; - continue; - } - *q++ = '\0'; - count++; - len = *p++; - alpn_protos[count] = (char *)q; - if (!len) - break; - } - if (!len) { - *q++ = '\0'; - count++; - len = *p++; - alpn_protos[count] = (char *)q; - } - alpn_protos[count] = NULL; /* last pointer ends list with NULL */ -} - -void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, next_proto_cb cb, void *arg) -{ - struct alpn_ctx *ac = arg; - - ctx->alpn_cb = cb; - - _openssl_alpn_to_mbedtls(ac, (char ***)&ctx->alpn_protos); -} - -void SSL_set_alpn_select_cb(SSL *ssl, void *arg) -{ - struct alpn_ctx *ac = arg; - - _openssl_alpn_to_mbedtls(ac, (char ***)&ssl->alpn_protos); - - _ssl_set_alpn_list(ssl); -} diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_methods.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_methods.c deleted file mode 100644 index 0002360846..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_methods.c +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "ssl_methods.h" -#include "ssl_pm.h" - -/** - * TLS method function collection - */ -IMPLEMENT_TLS_METHOD_FUNC(TLS_method_func, - ssl_pm_new, ssl_pm_free, - ssl_pm_handshake, ssl_pm_shutdown, ssl_pm_clear, - ssl_pm_read, ssl_pm_send, ssl_pm_pending, - ssl_pm_set_fd, ssl_pm_get_fd, - ssl_pm_set_bufflen, - ssl_pm_get_verify_result, - ssl_pm_get_state); - -/** - * TLS or SSL client method collection - */ -IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 0, TLS_method_func, TLS_client_method); - -IMPLEMENT_TLS_METHOD(TLS1_2_VERSION, 0, TLS_method_func, TLSv1_2_client_method); - -IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 0, TLS_method_func, TLSv1_1_client_method); - -IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_client_method); - -IMPLEMENT_SSL_METHOD(SSL3_VERSION, 0, TLS_method_func, SSLv3_client_method); - -/** - * TLS or SSL server method collection - */ -IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 1, TLS_method_func, TLS_server_method); - -IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 1, TLS_method_func, TLSv1_1_server_method); - -IMPLEMENT_TLS_METHOD(TLS1_2_VERSION, 1, TLS_method_func, TLSv1_2_server_method); - -IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_server_method); - -IMPLEMENT_SSL_METHOD(SSL3_VERSION, 1, TLS_method_func, SSLv3_server_method); - -/** - * TLS or SSL method collection - */ -IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, -1, TLS_method_func, TLS_method); - -IMPLEMENT_SSL_METHOD(TLS1_2_VERSION, -1, TLS_method_func, TLSv1_2_method); - -IMPLEMENT_SSL_METHOD(TLS1_1_VERSION, -1, TLS_method_func, TLSv1_1_method); - -IMPLEMENT_SSL_METHOD(TLS1_VERSION, -1, TLS_method_func, TLSv1_method); - -IMPLEMENT_SSL_METHOD(SSL3_VERSION, -1, TLS_method_func, SSLv3_method); - -/** - * @brief get X509 object method - */ -IMPLEMENT_X509_METHOD(X509_method, - x509_pm_new, x509_pm_free, - x509_pm_load, x509_pm_show_info); - -/** - * @brief get private key object method - */ -IMPLEMENT_PKEY_METHOD(EVP_PKEY_method, - pkey_pm_new, pkey_pm_free, - pkey_pm_load); diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_pkey.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_pkey.c deleted file mode 100644 index 567a33e2c2..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_pkey.c +++ /dev/null @@ -1,239 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "ssl_pkey.h" -#include "ssl_methods.h" -#include "ssl_dbg.h" -#include "ssl_port.h" - -/** - * @brief create a private key object according to input private key - */ -EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk) -{ - int ret; - EVP_PKEY *pkey; - - pkey = ssl_mem_zalloc(sizeof(EVP_PKEY)); - if (!pkey) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "no enough memory > (pkey)"); - goto no_mem; - } - - if (ipk) { - pkey->method = ipk->method; - } else { - pkey->method = EVP_PKEY_method(); - } - - ret = EVP_PKEY_METHOD_CALL(new, pkey, ipk); - if (ret) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_METHOD_CALL(new) return %d", ret); - goto failed; - } - - return pkey; - -failed: - ssl_mem_free(pkey); -no_mem: - return NULL; -} - -/** - * @brief create a private key object - */ -EVP_PKEY* EVP_PKEY_new(void) -{ - return __EVP_PKEY_new(NULL); -} - -/** - * @brief free a private key object - */ -void EVP_PKEY_free(EVP_PKEY *pkey) -{ - SSL_ASSERT3(pkey); - - EVP_PKEY_METHOD_CALL(free, pkey); - - ssl_mem_free(pkey); -} - -/** - * @brief load a character key context into system context. If '*a' is pointed to the - * private key, then load key into it. Or create a new private key object - */ -EVP_PKEY *d2i_PrivateKey(int type, - EVP_PKEY **a, - const unsigned char **pp, - long length) -{ - int m = 0; - int ret; - EVP_PKEY *pkey; - - SSL_ASSERT2(pp); - SSL_ASSERT2(*pp); - SSL_ASSERT2(length); - - if (a && *a) { - pkey = *a; - } else { - pkey = EVP_PKEY_new();; - if (!pkey) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_new() return NULL"); - goto failed1; - } - - m = 1; - } - - ret = EVP_PKEY_METHOD_CALL(load, pkey, *pp, length); - if (ret) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_METHOD_CALL(load) return %d", ret); - goto failed2; - } - - if (a) - *a = pkey; - - return pkey; - -failed2: - if (m) - EVP_PKEY_free(pkey); -failed1: - return NULL; -} - -/** - * @brief set the SSL context private key - */ -int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) -{ - SSL_ASSERT1(ctx); - SSL_ASSERT1(pkey); - - if (ctx->cert->pkey == pkey) - return 1; - - if (ctx->cert->pkey) - EVP_PKEY_free(ctx->cert->pkey); - - ctx->cert->pkey = pkey; - - return 1; -} - -/** - * @brief set the SSL private key - */ -int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) -{ - SSL_ASSERT1(ssl); - SSL_ASSERT1(pkey); - - if (ssl->cert->pkey == pkey) - return 1; - - if (ssl->cert->pkey) - EVP_PKEY_free(ssl->cert->pkey); - - ssl->cert->pkey = pkey; - - return 1; -} - -/** - * @brief load private key into the SSL context - */ -int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, - const unsigned char *d, long len) -{ - int ret; - EVP_PKEY *pk; - - pk = d2i_PrivateKey(0, NULL, &d, len); - if (!pk) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_PrivateKey() return NULL"); - goto failed1; - } - - ret = SSL_CTX_use_PrivateKey(ctx, pk); - if (!ret) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_CTX_use_PrivateKey() return %d", ret); - goto failed2; - } - - return 1; - -failed2: - EVP_PKEY_free(pk); -failed1: - return 0; -} - -/** - * @brief load private key into the SSL - */ -int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, - const unsigned char *d, long len) -{ - int ret; - EVP_PKEY *pk; - - pk = d2i_PrivateKey(0, NULL, &d, len); - if (!pk) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_PrivateKey() return NULL"); - goto failed1; - } - - ret = SSL_use_PrivateKey(ssl, pk); - if (!ret) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_use_PrivateKey() return %d", ret); - goto failed2; - } - - return 1; - -failed2: - EVP_PKEY_free(pk); -failed1: - return 0; -} - -/** - * @brief load the private key file into SSL context - */ -int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) -{ - return 0; -} - -/** - * @brief load the private key file into SSL - */ -int SSL_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) -{ - return 0; -} - -/** - * @brief load the RSA ASN1 private key into SSL context - */ -int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len) -{ - return SSL_CTX_use_PrivateKey_ASN1(0, ctx, d, len); -} diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_stack.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_stack.c deleted file mode 100644 index da836daf9c..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_stack.c +++ /dev/null @@ -1,74 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "ssl_stack.h" -#include "ssl_dbg.h" -#include "ssl_port.h" - -#ifndef CONFIG_MIN_NODES - #define MIN_NODES 4 -#else - #define MIN_NODES CONFIG_MIN_NODES -#endif - -/** - * @brief create a openssl stack object - */ -OPENSSL_STACK* OPENSSL_sk_new(OPENSSL_sk_compfunc c) -{ - OPENSSL_STACK *stack; - char **data; - - stack = ssl_mem_zalloc(sizeof(OPENSSL_STACK)); - if (!stack) { - SSL_DEBUG(SSL_STACK_ERROR_LEVEL, "no enough memory > (stack)"); - goto no_mem1; - } - - data = ssl_mem_zalloc(sizeof(*data) * MIN_NODES); - if (!data) { - SSL_DEBUG(SSL_STACK_ERROR_LEVEL, "no enough memory > (data)"); - goto no_mem2; - } - - stack->data = data; - stack->num_alloc = MIN_NODES; - stack->c = c; - - return stack; - -no_mem2: - ssl_mem_free(stack); -no_mem1: - return NULL; -} - -/** - * @brief create a NULL function openssl stack object - */ -OPENSSL_STACK *OPENSSL_sk_new_null(void) -{ - return OPENSSL_sk_new((OPENSSL_sk_compfunc)NULL); -} - -/** - * @brief free openssl stack object - */ -void OPENSSL_sk_free(OPENSSL_STACK *stack) -{ - SSL_ASSERT3(stack); - - ssl_mem_free(stack->data); - ssl_mem_free(stack); -} diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_x509.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_x509.c deleted file mode 100644 index ed79150831..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/library/ssl_x509.c +++ /dev/null @@ -1,354 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "ssl_x509.h" -#include "ssl_methods.h" -#include "ssl_dbg.h" -#include "ssl_port.h" - -#include - -/** - * @brief show X509 certification information - */ -int __X509_show_info(X509 *x) -{ - return X509_METHOD_CALL(show_info, x); -} - -/** - * @brief create a X509 certification object according to input X509 certification - */ -X509* __X509_new(X509 *ix) -{ - int ret; - X509 *x; - - x = ssl_mem_zalloc(sizeof(X509)); - if (!x) { - SSL_DEBUG(SSL_X509_ERROR_LEVEL, "no enough memory > (x)"); - goto no_mem; - } - - if (ix) - x->method = ix->method; - else - x->method = X509_method(); - - ret = X509_METHOD_CALL(new, x, ix); - if (ret) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_METHOD_CALL(new) return %d", ret); - goto failed; - } - - return x; - -failed: - ssl_mem_free(x); -no_mem: - return NULL; -} - -/** - * @brief create a X509 certification object - */ -X509* X509_new(void) -{ - return __X509_new(NULL); -} - -/** - * @brief free a X509 certification object - */ -void X509_free(X509 *x) -{ - SSL_ASSERT3(x); - - X509_METHOD_CALL(free, x); - - ssl_mem_free(x); -}; - -/** - * @brief load a character certification context into system context. If '*cert' is pointed to the - * certification, then load certification into it. Or create a new X509 certification object - */ -X509* d2i_X509(X509 **cert, const unsigned char *buffer, long len) -{ - int m = 0; - int ret; - X509 *x; - - SSL_ASSERT2(buffer); - SSL_ASSERT2(len); - - if (cert && *cert) { - x = *cert; - } else { - x = X509_new(); - if (!x) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_new() return NULL"); - goto failed1; - } - m = 1; - } - - ret = X509_METHOD_CALL(load, x, buffer, len); - if (ret) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_METHOD_CALL(load) return %d", ret); - goto failed2; - } - - return x; - -failed2: - if (m) - X509_free(x); -failed1: - return NULL; -} - -/** - * @brief return SSL X509 verify parameters - */ - -X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl) -{ - return &ssl->param; -} - -/** - * @brief set X509 host verification flags - */ - -int X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, - unsigned long flags) -{ - /* flags not supported yet */ - return 0; -} - -/** - * @brief clear X509 host verification flags - */ - -int X509_VERIFY_PARAM_clear_hostflags(X509_VERIFY_PARAM *param, - unsigned long flags) -{ - /* flags not supported yet */ - return 0; -} - -/** - * @brief set SSL context client CA certification - */ -int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x) -{ - SSL_ASSERT1(ctx); - SSL_ASSERT1(x); - assert(ctx); - if (ctx->client_CA == x) - return 1; - - X509_free(ctx->client_CA); - - ctx->client_CA = x; - - return 1; -} - -/** - * @brief add CA client certification into the SSL - */ -int SSL_CTX_add_client_CA_ASN1(SSL_CTX *ctx, int len, - const unsigned char *d) -{ - X509 *x; - - x = d2i_X509(NULL, d, len); - if (!x) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL"); - return 0; - } - SSL_ASSERT1(ctx); - - X509_free(ctx->client_CA); - - ctx->client_CA = x; - - return 1; -} - -/** - * @brief add CA client certification into the SSL - */ -int SSL_add_client_CA(SSL *ssl, X509 *x) -{ - SSL_ASSERT1(ssl); - SSL_ASSERT1(x); - - if (ssl->client_CA == x) - return 1; - - X509_free(ssl->client_CA); - - ssl->client_CA = x; - - return 1; -} - -/** - * @brief set the SSL context certification - */ -int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) -{ - SSL_ASSERT1(ctx); - SSL_ASSERT1(x); - - if (ctx->cert->x509 == x) - return 1; - - X509_free(ctx->cert->x509); - - ctx->cert->x509 = x; - - return 1; -} - -/** - * @brief set the SSL certification - */ -int SSL_use_certificate(SSL *ssl, X509 *x) -{ - SSL_ASSERT1(ssl); - SSL_ASSERT1(x); - - if (ssl->cert->x509 == x) - return 1; - - X509_free(ssl->cert->x509); - - ssl->cert->x509 = x; - - return 1; -} - -/** - * @brief get the SSL certification point - */ -X509 *SSL_get_certificate(const SSL *ssl) -{ - SSL_ASSERT2(ssl); - - return ssl->cert->x509; -} - -/** - * @brief load certification into the SSL context - */ -int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, - const unsigned char *d) -{ - int ret; - X509 *x; - - x = d2i_X509(NULL, d, len); - if (!x) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL"); - goto failed1; - } - - ret = SSL_CTX_use_certificate(ctx, x); - if (!ret) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_CTX_use_certificate() return %d", ret); - goto failed2; - } - - return 1; - -failed2: - X509_free(x); -failed1: - return 0; -} - -/** - * @brief load certification into the SSL - */ -int SSL_use_certificate_ASN1(SSL *ssl, int len, - const unsigned char *d) -{ - int ret; - X509 *x; - - x = d2i_X509(NULL, d, len); - if (!x) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL"); - goto failed1; - } - - ret = SSL_use_certificate(ssl, x); - if (!ret) { - SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_use_certificate() return %d", ret); - goto failed2; - } - - return 1; - -failed2: - X509_free(x); -failed1: - return 0; -} - -/** - * @brief load the certification file into SSL context - */ -int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) -{ - return 0; -} - -/** - * @brief load the certification file into SSL - */ -int SSL_use_certificate_file(SSL *ssl, const char *file, int type) -{ - return 0; -} - -/** - * @brief get peer certification - */ -X509 *SSL_get_peer_certificate(const SSL *ssl) -{ - SSL_ASSERT2(ssl); - - return ssl->session->peer; -} - -int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) -{ - return X509_V_ERR_UNSPECIFIED; -} - -int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) -{ - return 0; -} - -const char *X509_verify_cert_error_string(long n) -{ - return "unknown"; -} diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_pm.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_pm.c deleted file mode 100755 index 4716c1ff56..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_pm.c +++ /dev/null @@ -1,907 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "ssl_pm.h" -#include "ssl_port.h" -#include "ssl_dbg.h" - -/* mbedtls include */ -#include "mbedtls/platform.h" -#include "mbedtls/net_sockets.h" -#include "mbedtls/debug.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/error.h" -#include "mbedtls/certs.h" - -#include - -#define X509_INFO_STRING_LENGTH 8192 - -struct ssl_pm -{ - /* local socket file description */ - mbedtls_net_context fd; - /* remote client socket file description */ - mbedtls_net_context cl_fd; - - mbedtls_ssl_config conf; - - mbedtls_ctr_drbg_context ctr_drbg; - - mbedtls_ssl_context ssl; - - mbedtls_entropy_context entropy; - - SSL *owner; -}; - -struct x509_pm -{ - mbedtls_x509_crt *x509_crt; - - mbedtls_x509_crt *ex_crt; -}; - -struct pkey_pm -{ - mbedtls_pk_context *pkey; - - mbedtls_pk_context *ex_pkey; -}; - -unsigned int max_content_len; - -/*********************************************************************************************/ -/************************************ SSL arch interface *************************************/ - -//#ifdef CONFIG_OPENSSL_LOWLEVEL_DEBUG - -/* mbedtls debug level */ -#define MBEDTLS_DEBUG_LEVEL 4 - -/** - * @brief mbedtls debug function - */ -static void ssl_platform_debug(void *ctx, int level, - const char *file, int line, - const char *str) -{ - /* Shorten 'file' from the whole file path to just the filename - - This is a bit wasteful because the macros are compiled in with - the full _FILE_ path in each case. - */ -// char *file_sep = rindex(file, '/'); - // if(file_sep) - // file = file_sep + 1; - - printf("%s:%d %s", file, line, str); -} -//#endif - -/** - * @brief create SSL low-level object - */ -int ssl_pm_new(SSL *ssl) -{ - struct ssl_pm *ssl_pm; - int ret; - - const unsigned char pers[] = "OpenSSL PM"; - size_t pers_len = sizeof(pers); - - int endpoint; - int version; - - const SSL_METHOD *method = ssl->method; - - ssl_pm = ssl_mem_zalloc(sizeof(struct ssl_pm)); - if (!ssl_pm) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (ssl_pm)"); - goto no_mem; - } - - ssl_pm->owner = ssl; - - if (!ssl->ctx->read_buffer_len) - ssl->ctx->read_buffer_len = 2048; - - max_content_len = ssl->ctx->read_buffer_len; - // printf("ssl->ctx->read_buffer_len = %d ++++++++++++++++++++\n", ssl->ctx->read_buffer_len); - - mbedtls_net_init(&ssl_pm->fd); - mbedtls_net_init(&ssl_pm->cl_fd); - - mbedtls_ssl_config_init(&ssl_pm->conf); - mbedtls_ctr_drbg_init(&ssl_pm->ctr_drbg); - mbedtls_entropy_init(&ssl_pm->entropy); - mbedtls_ssl_init(&ssl_pm->ssl); - - ret = mbedtls_ctr_drbg_seed(&ssl_pm->ctr_drbg, mbedtls_entropy_func, &ssl_pm->entropy, pers, pers_len); - if (ret) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ctr_drbg_seed() return -0x%x", -ret); - goto mbedtls_err1; - } - - if (method->endpoint) { - endpoint = MBEDTLS_SSL_IS_SERVER; - } else { - endpoint = MBEDTLS_SSL_IS_CLIENT; - } - ret = mbedtls_ssl_config_defaults(&ssl_pm->conf, endpoint, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT); - if (ret) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_config_defaults() return -0x%x", -ret); - goto mbedtls_err2; - } - - if (TLS_ANY_VERSION != ssl->version) { - if (TLS1_2_VERSION == ssl->version) - version = MBEDTLS_SSL_MINOR_VERSION_3; - else if (TLS1_1_VERSION == ssl->version) - version = MBEDTLS_SSL_MINOR_VERSION_2; - else if (TLS1_VERSION == ssl->version) - version = MBEDTLS_SSL_MINOR_VERSION_1; - else - version = MBEDTLS_SSL_MINOR_VERSION_0; - - mbedtls_ssl_conf_max_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, version); - mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, version); - } else { - mbedtls_ssl_conf_max_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3); - mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0); - } - - mbedtls_ssl_conf_rng(&ssl_pm->conf, mbedtls_ctr_drbg_random, &ssl_pm->ctr_drbg); - -//#ifdef CONFIG_OPENSSL_LOWLEVEL_DEBUG - // mbedtls_debug_set_threshold(MBEDTLS_DEBUG_LEVEL); -// mbedtls_ssl_conf_dbg(&ssl_pm->conf, ssl_platform_debug, NULL); -//#else - mbedtls_ssl_conf_dbg(&ssl_pm->conf, ssl_platform_debug, NULL); -//#endif - - ret = mbedtls_ssl_setup(&ssl_pm->ssl, &ssl_pm->conf); - if (ret) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_setup() return -0x%x", -ret); - goto mbedtls_err2; - } - - mbedtls_ssl_set_bio(&ssl_pm->ssl, &ssl_pm->fd, mbedtls_net_send, mbedtls_net_recv, NULL); - - ssl->ssl_pm = ssl_pm; - - return 0; - -mbedtls_err2: - mbedtls_ssl_config_free(&ssl_pm->conf); - mbedtls_ctr_drbg_free(&ssl_pm->ctr_drbg); -mbedtls_err1: - mbedtls_entropy_free(&ssl_pm->entropy); - ssl_mem_free(ssl_pm); -no_mem: - return -1; -} - -/** - * @brief free SSL low-level object - */ -void ssl_pm_free(SSL *ssl) -{ - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - - mbedtls_ctr_drbg_free(&ssl_pm->ctr_drbg); - mbedtls_entropy_free(&ssl_pm->entropy); - mbedtls_ssl_config_free(&ssl_pm->conf); - mbedtls_ssl_free(&ssl_pm->ssl); - - ssl_mem_free(ssl_pm); - ssl->ssl_pm = NULL; -} - -/** - * @brief reload SSL low-level certification object - */ -static int ssl_pm_reload_crt(SSL *ssl) -{ - int ret; - int mode; - struct ssl_pm *ssl_pm = ssl->ssl_pm; - struct x509_pm *ca_pm = (struct x509_pm *)ssl->client_CA->x509_pm; - - struct pkey_pm *pkey_pm = (struct pkey_pm *)ssl->cert->pkey->pkey_pm; - struct x509_pm *crt_pm = (struct x509_pm *)ssl->cert->x509->x509_pm; - - if (ssl->verify_mode == SSL_VERIFY_PEER) - mode = MBEDTLS_SSL_VERIFY_OPTIONAL; - else if (ssl->verify_mode == SSL_VERIFY_FAIL_IF_NO_PEER_CERT) - mode = MBEDTLS_SSL_VERIFY_OPTIONAL; - else if (ssl->verify_mode == SSL_VERIFY_CLIENT_ONCE) - mode = MBEDTLS_SSL_VERIFY_UNSET; - else - mode = MBEDTLS_SSL_VERIFY_NONE; - - mbedtls_ssl_conf_authmode(&ssl_pm->conf, mode); - - if (ca_pm->x509_crt) { - mbedtls_ssl_conf_ca_chain(&ssl_pm->conf, ca_pm->x509_crt, NULL); - } else if (ca_pm->ex_crt) { - mbedtls_ssl_conf_ca_chain(&ssl_pm->conf, ca_pm->ex_crt, NULL); - } - - if (crt_pm->x509_crt && pkey_pm->pkey) { - ret = mbedtls_ssl_conf_own_cert(&ssl_pm->conf, crt_pm->x509_crt, pkey_pm->pkey); - } else if (crt_pm->ex_crt && pkey_pm->ex_pkey) { - ret = mbedtls_ssl_conf_own_cert(&ssl_pm->conf, crt_pm->ex_crt, pkey_pm->ex_pkey); - } else { - ret = 0; - } - - if (ret) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_conf_own_cert() return -0x%x", -ret); - ret = -1; - } - - return ret; -} - -/* - * Perform the mbedtls SSL handshake instead of mbedtls_ssl_handshake. - * We can add debug here. - */ -static int mbedtls_handshake( mbedtls_ssl_context *ssl ) -{ - int ret = 0; - - while (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { - ret = mbedtls_ssl_handshake_step(ssl); - - lwsl_info("%s: ssl ret -%x state %d\n", __func__, -ret, ssl->state); - - if (ret != 0) - break; - } - - return ret; -} - -#include - -int ssl_pm_handshake(SSL *ssl) -{ - int ret; - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - - ssl->err = 0; - errno = 0; - - ret = ssl_pm_reload_crt(ssl); - if (ret) { - printf("%s: cert reload failed\n", __func__); - return 0; - } - - if (ssl_pm->ssl.state != MBEDTLS_SSL_HANDSHAKE_OVER) { - ssl_speed_up_enter(); - - /* mbedtls return codes - * 0 = successful, or MBEDTLS_ERR_SSL_WANT_READ/WRITE - * anything else = death - */ - ret = mbedtls_handshake(&ssl_pm->ssl); - ssl_speed_up_exit(); - } else - ret = 0; - - /* - * OpenSSL return codes: - * 0 = did not complete, but may be retried - * 1 = successfully completed - * <0 = death - */ - if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { - ssl->err = ret; - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_handshake() return -0x%x", -ret); - return 0; /* OpenSSL: did not complete but may be retried */ - } - - if (ret == 0) { /* successful */ - struct x509_pm *x509_pm = (struct x509_pm *)ssl->session->peer->x509_pm; - - x509_pm->ex_crt = (mbedtls_x509_crt *)mbedtls_ssl_get_peer_cert(&ssl_pm->ssl); - return 1; /* openssl successful */ - } - - if (errno == 11) { - ssl->err = ret == MBEDTLS_ERR_SSL_WANT_READ; - - return 0; - } - - printf("%s: mbedtls_ssl_handshake() returned -0x%x\n", __func__, -ret); - - /* it's had it */ - - ssl->err = SSL_ERROR_SYSCALL; - - return -1; /* openssl death */ -} - -mbedtls_x509_crt * -ssl_ctx_get_mbedtls_x509_crt(SSL_CTX *ssl_ctx) -{ - struct x509_pm *x509_pm = (struct x509_pm *)ssl_ctx->cert->x509->x509_pm; - - if (!x509_pm) - return NULL; - - return x509_pm->x509_crt; -} - -mbedtls_x509_crt * -ssl_get_peer_mbedtls_x509_crt(SSL *ssl) -{ - struct x509_pm *x509_pm = (struct x509_pm *)ssl->session->peer->x509_pm; - - if (!x509_pm) - return NULL; - - return x509_pm->ex_crt; -} - -int ssl_pm_shutdown(SSL *ssl) -{ - int ret; - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - - ret = mbedtls_ssl_close_notify(&ssl_pm->ssl); - if (ret) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_close_notify() return -0x%x", -ret); - if (ret == MBEDTLS_ERR_NET_CONN_RESET) - ssl->err = SSL_ERROR_SYSCALL; - ret = -1; /* OpenSSL: "Call SSL_get_error with the return value to find the reason */ - } else { - struct x509_pm *x509_pm = (struct x509_pm *)ssl->session->peer->x509_pm; - - x509_pm->ex_crt = NULL; - ret = 1; /* OpenSSL: "The shutdown was successfully completed" - ...0 means retry */ - } - - return ret; -} - -int ssl_pm_clear(SSL *ssl) -{ - return ssl_pm_shutdown(ssl); -} - - -int ssl_pm_read(SSL *ssl, void *buffer, int len) -{ - int ret; - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - - ret = mbedtls_ssl_read(&ssl_pm->ssl, buffer, len); - if (ret < 0) { - // lwsl_notice("%s: mbedtls_ssl_read says -0x%x\n", __func__, -ret); - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_read() return -0x%x", -ret); - if (ret == MBEDTLS_ERR_NET_CONN_RESET || - ret <= MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE) /* fatal errors */ - ssl->err = SSL_ERROR_SYSCALL; - ret = -1; - } - - return ret; -} - -/* - * This returns -1, or the length sent. - * If -1, then you need to find out if the error was - * fatal or recoverable using SSL_get_error() - */ -int ssl_pm_send(SSL *ssl, const void *buffer, int len) -{ - int ret; - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - - ret = mbedtls_ssl_write(&ssl_pm->ssl, buffer, len); - /* - * We can get a positive number, which may be less than len... that - * much was sent successfully and you can call again to send more. - * - * We can get a negative mbedtls error code... if WANT_WRITE or WANT_READ, - * it's nonfatal and means it should be retried as-is. If something else, - * it's fatal actually. - * - * If this function returns something other than a positive value or - * MBEDTLS_ERR_SSL_WANT_READ/WRITE, the ssl context becomes unusable, and - * you should either free it or call mbedtls_ssl_session_reset() on it - * before re-using it for a new connection; the current connection must - * be closed. - * - * When this function returns MBEDTLS_ERR_SSL_WANT_WRITE/READ, it must be - * called later with the same arguments, until it returns a positive value. - */ - - if (ret < 0) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_write() return -0x%x", -ret); - switch (ret) { - case MBEDTLS_ERR_NET_SEND_FAILED: - case MBEDTLS_ERR_NET_CONN_RESET: - ssl->err = SSL_ERROR_SYSCALL; - break; - case MBEDTLS_ERR_SSL_WANT_WRITE: - ssl->err = SSL_ERROR_WANT_WRITE; - break; - case MBEDTLS_ERR_SSL_WANT_READ: - ssl->err = SSL_ERROR_WANT_READ; - break; - default: - break; - } - - ret = -1; - } - - return ret; -} - -int ssl_pm_pending(const SSL *ssl) -{ - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - - return mbedtls_ssl_get_bytes_avail(&ssl_pm->ssl); -} - -void ssl_pm_set_fd(SSL *ssl, int fd, int mode) -{ - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - - ssl_pm->fd.fd = fd; -} - -int ssl_pm_get_fd(const SSL *ssl, int mode) -{ - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - - return ssl_pm->fd.fd; -} - -OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl) -{ - OSSL_HANDSHAKE_STATE state; - - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - - switch (ssl_pm->ssl.state) - { - case MBEDTLS_SSL_CLIENT_HELLO: - state = TLS_ST_CW_CLNT_HELLO; - break; - case MBEDTLS_SSL_SERVER_HELLO: - state = TLS_ST_SW_SRVR_HELLO; - break; - case MBEDTLS_SSL_SERVER_CERTIFICATE: - state = TLS_ST_SW_CERT; - break; - case MBEDTLS_SSL_SERVER_HELLO_DONE: - state = TLS_ST_SW_SRVR_DONE; - break; - case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: - state = TLS_ST_CW_KEY_EXCH; - break; - case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: - state = TLS_ST_CW_CHANGE; - break; - case MBEDTLS_SSL_CLIENT_FINISHED: - state = TLS_ST_CW_FINISHED; - break; - case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: - state = TLS_ST_SW_CHANGE; - break; - case MBEDTLS_SSL_SERVER_FINISHED: - state = TLS_ST_SW_FINISHED; - break; - case MBEDTLS_SSL_CLIENT_CERTIFICATE: - state = TLS_ST_CW_CERT; - break; - case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: - state = TLS_ST_SR_KEY_EXCH; - break; - case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET: - state = TLS_ST_SW_SESSION_TICKET; - break; - case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT: - state = TLS_ST_SW_CERT_REQ; - break; - case MBEDTLS_SSL_HANDSHAKE_OVER: - state = TLS_ST_OK; - break; - default : - state = TLS_ST_BEFORE; - break; - } - - return state; -} - -int x509_pm_show_info(X509 *x) -{ - int ret; - char *buf; - mbedtls_x509_crt *x509_crt; - struct x509_pm *x509_pm = x->x509_pm; - - if (x509_pm->x509_crt) - x509_crt = x509_pm->x509_crt; - else if (x509_pm->ex_crt) - x509_crt = x509_pm->ex_crt; - else - x509_crt = NULL; - - if (!x509_crt) - return -1; - - buf = ssl_mem_malloc(X509_INFO_STRING_LENGTH); - if (!buf) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (buf)"); - goto no_mem; - } - - ret = mbedtls_x509_crt_info(buf, X509_INFO_STRING_LENGTH - 1, "", x509_crt); - if (ret <= 0) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_x509_crt_info() return -0x%x", -ret); - goto mbedtls_err1; - } - - buf[ret] = 0; - - ssl_mem_free(buf); - - SSL_DEBUG(SSL_DEBUG_ON, "%s", buf); - - return 0; - -mbedtls_err1: - ssl_mem_free(buf); -no_mem: - return -1; -} - -int x509_pm_new(X509 *x, X509 *m_x) -{ - struct x509_pm *x509_pm; - - x509_pm = ssl_mem_zalloc(sizeof(struct x509_pm)); - if (!x509_pm) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (x509_pm)"); - goto failed1; - } - - x->x509_pm = x509_pm; - - if (m_x) { - struct x509_pm *m_x509_pm = (struct x509_pm *)m_x->x509_pm; - - x509_pm->ex_crt = m_x509_pm->x509_crt; - } - - return 0; - -failed1: - return -1; -} - -void x509_pm_free(X509 *x) -{ - struct x509_pm *x509_pm = (struct x509_pm *)x->x509_pm; - - if (x509_pm->x509_crt) { - mbedtls_x509_crt_free(x509_pm->x509_crt); - - ssl_mem_free(x509_pm->x509_crt); - x509_pm->x509_crt = NULL; - } - - ssl_mem_free(x->x509_pm); - x->x509_pm = NULL; -} - -int x509_pm_load(X509 *x, const unsigned char *buffer, int len) -{ - int ret; - unsigned char *load_buf; - struct x509_pm *x509_pm = (struct x509_pm *)x->x509_pm; - - if (x509_pm->x509_crt) - mbedtls_x509_crt_free(x509_pm->x509_crt); - - if (!x509_pm->x509_crt) { - x509_pm->x509_crt = ssl_mem_malloc(sizeof(mbedtls_x509_crt)); - if (!x509_pm->x509_crt) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (x509_pm->x509_crt)"); - goto no_mem; - } - } - - mbedtls_x509_crt_init(x509_pm->x509_crt); - if (buffer[0] != 0x30) { - load_buf = ssl_mem_malloc(len + 1); - if (!load_buf) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (load_buf)"); - goto failed; - } - - ssl_memcpy(load_buf, buffer, len); - load_buf[len] = '\0'; - - ret = mbedtls_x509_crt_parse(x509_pm->x509_crt, load_buf, len + 1); - ssl_mem_free(load_buf); - } else { - printf("parsing as der\n"); - - ret = mbedtls_x509_crt_parse_der(x509_pm->x509_crt, buffer, len); - } - - if (ret) { - printf("mbedtls_x509_crt_parse return -0x%x", -ret); - goto failed; - } - - return 0; - -failed: - mbedtls_x509_crt_free(x509_pm->x509_crt); - ssl_mem_free(x509_pm->x509_crt); - x509_pm->x509_crt = NULL; -no_mem: - return -1; -} - -int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pkey) -{ - struct pkey_pm *pkey_pm; - - pkey_pm = ssl_mem_zalloc(sizeof(struct pkey_pm)); - if (!pkey_pm) - return -1; - - pk->pkey_pm = pkey_pm; - - if (m_pkey) { - struct pkey_pm *m_pkey_pm = (struct pkey_pm *)m_pkey->pkey_pm; - - pkey_pm->ex_pkey = m_pkey_pm->pkey; - } - - return 0; -} - -void pkey_pm_free(EVP_PKEY *pk) -{ - struct pkey_pm *pkey_pm = (struct pkey_pm *)pk->pkey_pm; - - if (pkey_pm->pkey) { - mbedtls_pk_free(pkey_pm->pkey); - - ssl_mem_free(pkey_pm->pkey); - pkey_pm->pkey = NULL; - } - - ssl_mem_free(pk->pkey_pm); - pk->pkey_pm = NULL; -} - -int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len) -{ - int ret; - unsigned char *load_buf; - struct pkey_pm *pkey_pm = (struct pkey_pm *)pk->pkey_pm; - - if (pkey_pm->pkey) - mbedtls_pk_free(pkey_pm->pkey); - - if (!pkey_pm->pkey) { - pkey_pm->pkey = ssl_mem_malloc(sizeof(mbedtls_pk_context)); - if (!pkey_pm->pkey) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (pkey_pm->pkey)"); - goto no_mem; - } - } - - load_buf = ssl_mem_malloc(len + 1); - if (!load_buf) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (load_buf)"); - goto failed; - } - - ssl_memcpy(load_buf, buffer, len); - load_buf[len] = '\0'; - - mbedtls_pk_init(pkey_pm->pkey); - - ret = mbedtls_pk_parse_key(pkey_pm->pkey, load_buf, len + 1, NULL, 0); - ssl_mem_free(load_buf); - - if (ret) { - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_pk_parse_key return -0x%x", -ret); - goto failed; - } - - return 0; - -failed: - mbedtls_pk_free(pkey_pm->pkey); - ssl_mem_free(pkey_pm->pkey); - pkey_pm->pkey = NULL; -no_mem: - return -1; -} - - - -void ssl_pm_set_bufflen(SSL *ssl, int len) -{ - max_content_len = len; -} - -long ssl_pm_get_verify_result(const SSL *ssl) -{ - uint32_t ret; - long verify_result; - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - - ret = mbedtls_ssl_get_verify_result(&ssl_pm->ssl); - if (!ret) - return X509_V_OK; - - if (ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED || - (ret & MBEDTLS_X509_BADCRL_NOT_TRUSTED)) - verify_result = X509_V_ERR_INVALID_CA; - - else if (ret & MBEDTLS_X509_BADCERT_CN_MISMATCH) - verify_result = X509_V_ERR_HOSTNAME_MISMATCH; - - else if ((ret & MBEDTLS_X509_BADCERT_BAD_KEY) || - (ret & MBEDTLS_X509_BADCRL_BAD_KEY)) - verify_result = X509_V_ERR_CA_KEY_TOO_SMALL; - - else if ((ret & MBEDTLS_X509_BADCERT_BAD_MD) || - (ret & MBEDTLS_X509_BADCRL_BAD_MD)) - verify_result = X509_V_ERR_CA_MD_TOO_WEAK; - - else if ((ret & MBEDTLS_X509_BADCERT_FUTURE) || - (ret & MBEDTLS_X509_BADCRL_FUTURE)) - verify_result = X509_V_ERR_CERT_NOT_YET_VALID; - - else if ((ret & MBEDTLS_X509_BADCERT_EXPIRED) || - (ret & MBEDTLS_X509_BADCRL_EXPIRED)) - verify_result = X509_V_ERR_CERT_HAS_EXPIRED; - - else - verify_result = X509_V_ERR_UNSPECIFIED; - - SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, - "mbedtls_ssl_get_verify_result() return 0x%x", ret); - - return verify_result; -} - -/** - * @brief set expected hostname on peer cert CN - */ - -int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, - const char *name, size_t namelen) -{ - SSL *ssl = (SSL *)((char *)param - offsetof(SSL, param)); - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - char *name_cstr = NULL; - - if (namelen) { - name_cstr = malloc(namelen + 1); - if (!name_cstr) - return 0; - memcpy(name_cstr, name, namelen); - name_cstr[namelen] = '\0'; - name = name_cstr; - } - - mbedtls_ssl_set_hostname(&ssl_pm->ssl, name); - - if (namelen) - free(name_cstr); - - return 1; -} - -void _ssl_set_alpn_list(const SSL *ssl) -{ - if (ssl->alpn_protos) { - if (mbedtls_ssl_conf_alpn_protocols(&((struct ssl_pm *)(ssl->ssl_pm))->conf, ssl->alpn_protos)) - fprintf(stderr, "mbedtls_ssl_conf_alpn_protocols failed\n"); - - return; - } - if (!ssl->ctx->alpn_protos) - return; - if (mbedtls_ssl_conf_alpn_protocols(&((struct ssl_pm *)(ssl->ssl_pm))->conf, ssl->ctx->alpn_protos)) - fprintf(stderr, "mbedtls_ssl_conf_alpn_protocols failed\n"); -} - -void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, - unsigned int *len) -{ - const char *alp = mbedtls_ssl_get_alpn_protocol(&((struct ssl_pm *)(ssl->ssl_pm))->ssl); - - *data = (const unsigned char *)alp; - if (alp) - *len = strlen(alp); - else - *len = 0; -} - -int SSL_set_sni_callback(SSL *ssl, int(*cb)(void *, mbedtls_ssl_context *, - const unsigned char *, size_t), void *param) -{ - struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - - mbedtls_ssl_conf_sni(&ssl_pm->conf, cb, param); - - return 0; -} - -SSL *SSL_SSL_from_mbedtls_ssl_context(mbedtls_ssl_context *msc) -{ - struct ssl_pm *ssl_pm = (struct ssl_pm *)((char *)msc - offsetof(struct ssl_pm, ssl)); - - return ssl_pm->owner; -} - -#include "ssl_cert.h" - -void SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx) -{ - struct ssl_pm *ssl_pm = ssl->ssl_pm; - struct x509_pm *x509_pm = (struct x509_pm *)ctx->cert->x509->x509_pm; - struct x509_pm *x509_pm_ca = (struct x509_pm *)ctx->client_CA->x509_pm; - - struct pkey_pm *pkey_pm = (struct pkey_pm *)ctx->cert->pkey->pkey_pm; - int mode; - - if (ssl->cert) - ssl_cert_free(ssl->cert); - ssl->ctx = ctx; - ssl->cert = __ssl_cert_new(ctx->cert); - - if (ctx->verify_mode == SSL_VERIFY_PEER) - mode = MBEDTLS_SSL_VERIFY_OPTIONAL; - else if (ctx->verify_mode == SSL_VERIFY_FAIL_IF_NO_PEER_CERT) - mode = MBEDTLS_SSL_VERIFY_OPTIONAL; - else if (ctx->verify_mode == SSL_VERIFY_CLIENT_ONCE) - mode = MBEDTLS_SSL_VERIFY_UNSET; - else - mode = MBEDTLS_SSL_VERIFY_NONE; - - // printf("ssl: %p, client ca x509_crt %p, mbedtls mode %d\n", ssl, x509_pm_ca->x509_crt, mode); - - /* apply new ctx cert to ssl */ - - ssl->verify_mode = ctx->verify_mode; - - mbedtls_ssl_set_hs_ca_chain(&ssl_pm->ssl, x509_pm_ca->x509_crt, NULL); - mbedtls_ssl_set_hs_own_cert(&ssl_pm->ssl, x509_pm->x509_crt, pkey_pm->pkey); - mbedtls_ssl_set_hs_authmode(&ssl_pm->ssl, mode); -} diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_port.c b/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_port.c deleted file mode 100644 index 8c7a31338b..0000000000 --- a/thirdparty/libwebsockets/lib/tls/mbedtls/wrapper/platform/ssl_port.c +++ /dev/null @@ -1,29 +0,0 @@ -// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "ssl_port.h" - -/*********************************************************************************************/ -/********************************* SSL general interface *************************************/ - -void *ssl_mem_zalloc(size_t size) -{ - void *p = malloc(size); - - if (p) - memset(p, 0, size); - - return p; -} - diff --git a/thirdparty/libwebsockets/lib/tls/private.h b/thirdparty/libwebsockets/lib/tls/private.h deleted file mode 100644 index ad01bfd4fb..0000000000 --- a/thirdparty/libwebsockets/lib/tls/private.h +++ /dev/null @@ -1,286 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010 - 2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - * - * This is included from core/private.h if LWS_WITH_TLS - */ - -#if defined(LWS_WITH_TLS) - -#if defined(USE_WOLFSSL) - #if defined(USE_OLD_CYASSL) - #if defined(_WIN32) - #include - #include - #else - #include - #endif - #include - #include - #else - #if defined(_WIN32) - #include - #include - #else - #include - #endif - #include - #include - #define OPENSSL_NO_TLSEXT - #endif /* not USE_OLD_CYASSL */ -#else /* WOLFSSL */ - #if defined(LWS_WITH_ESP32) - #define OPENSSL_NO_TLSEXT - #undef MBEDTLS_CONFIG_FILE - #define MBEDTLS_CONFIG_FILE - #include - #include - #include "tls/mbedtls/wrapper/include/openssl/ssl.h" /* wrapper !!!! */ - #else /* not esp32 */ - #if defined(LWS_WITH_MBEDTLS) - #include - #include - #include - #include "tls/mbedtls/wrapper/include/openssl/ssl.h" /* wrapper !!!! */ - #else - #include - #include - #include - #include - #include - #include - #include - #ifdef LWS_HAVE_OPENSSL_ECDH_H - #include - #endif - #include - #endif /* not mbedtls */ - #if defined(OPENSSL_VERSION_NUMBER) - #if (OPENSSL_VERSION_NUMBER < 0x0009080afL) -/* - * later openssl defines this to negate the presence of tlsext... but it was - * only introduced at 0.9.8j. Earlier versions don't know it exists so don't - * define it... making it look like the feature exists... - */ - #define OPENSSL_NO_TLSEXT - #endif - #endif - #endif /* not ESP32 */ -#endif /* not USE_WOLFSSL */ - -#endif /* LWS_WITH_TLS */ - -enum lws_tls_extant { - LWS_TLS_EXTANT_NO, - LWS_TLS_EXTANT_YES, - LWS_TLS_EXTANT_ALTERNATIVE -}; - -struct lws_context_per_thread; - -struct lws_tls_ops { - int (*fake_POLLIN_for_buffered)(struct lws_context_per_thread *pt); - int (*periodic_housekeeping)(struct lws_context *context, time_t now); -}; - -#if defined(LWS_WITH_TLS) - -typedef SSL lws_tls_conn; -typedef SSL_CTX lws_tls_ctx; -typedef BIO lws_tls_bio; -typedef X509 lws_tls_x509; - - -#define LWS_SSL_ENABLED(context) (context->tls.use_ssl) - -extern const struct lws_tls_ops tls_ops_openssl, tls_ops_mbedtls; - -struct lws_context_tls { - char alpn_discovered[32]; - const char *alpn_default; - time_t last_cert_check_s; -}; - -struct lws_pt_tls { - struct lws_dll_lws pending_tls_head; -}; - -struct lws_tls_ss_pieces; - -struct alpn_ctx { - uint8_t data[23]; - uint8_t len; -}; - -struct lws_vhost_tls { - lws_tls_ctx *ssl_ctx; - lws_tls_ctx *ssl_client_ctx; - const char *alpn; - struct lws_tls_ss_pieces *ss; /* for acme tls certs */ - char *alloc_cert_path; - char *key_path; -#if defined(LWS_WITH_MBEDTLS) - lws_tls_x509 *x509_client_CA; -#endif - char ecdh_curve[16]; - struct alpn_ctx alpn_ctx; - - int use_ssl; - int allow_non_ssl_on_ssl_port; - int ssl_info_event_mask; - - unsigned int user_supplied_ssl_ctx:1; - unsigned int skipped_certs:1; -}; - -struct lws_lws_tls { - lws_tls_conn *ssl; - lws_tls_bio *client_bio; - struct lws_dll_lws pending_tls_list; - unsigned int use_ssl; - unsigned int redirect_to_https:1; -}; - -LWS_EXTERN void -lws_context_init_alpn(struct lws_vhost *vhost); -LWS_EXTERN enum lws_tls_extant -lws_tls_use_any_upgrade_check_extant(const char *name); -LWS_EXTERN int openssl_websocket_private_data_index; -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, int len); -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, int len); -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_ssl_pending(struct lws *wsi); -LWS_EXTERN int -lws_context_init_ssl_library(const struct lws_context_creation_info *info); -LWS_EXTERN int LWS_WARN_UNUSED_RESULT -lws_server_socket_service_ssl(struct lws *new_wsi, lws_sockfd_type accept_fd); -LWS_EXTERN int -lws_ssl_close(struct lws *wsi); -LWS_EXTERN void -lws_ssl_SSL_CTX_destroy(struct lws_vhost *vhost); -LWS_EXTERN void -lws_ssl_context_destroy(struct lws_context *context); -void -__lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi); -LWS_VISIBLE void -lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi); -LWS_EXTERN int -lws_ssl_client_bio_create(struct lws *wsi); -LWS_EXTERN int -lws_ssl_client_connect1(struct lws *wsi); -LWS_EXTERN int -lws_ssl_client_connect2(struct lws *wsi, char *errbuf, int len); -LWS_EXTERN void -lws_ssl_elaborate_error(void); -LWS_EXTERN int -lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt); -LWS_EXTERN int -lws_gate_accepts(struct lws_context *context, int on); -LWS_EXTERN void -lws_ssl_bind_passphrase(lws_tls_ctx *ssl_ctx, - const struct lws_context_creation_info *info); -LWS_EXTERN void -lws_ssl_info_callback(const lws_tls_conn *ssl, int where, int ret); -LWS_EXTERN int -lws_tls_openssl_cert_info(X509 *x509, enum lws_tls_cert_info type, - union lws_tls_cert_info_results *buf, size_t len); -LWS_EXTERN int -lws_tls_check_all_cert_lifetimes(struct lws_context *context); -LWS_EXTERN int -lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi, - const char *cert, const char *private_key, - const char *mem_cert, size_t len_mem_cert, - const char *mem_privkey, size_t mem_privkey_len); -LWS_EXTERN enum lws_tls_extant -lws_tls_generic_cert_checks(struct lws_vhost *vhost, const char *cert, - const char *private_key); -LWS_EXTERN int -lws_tls_alloc_pem_to_der_file(struct lws_context *context, const char *filename, - const char *inbuf, lws_filepos_t inlen, - uint8_t **buf, lws_filepos_t *amount); - -#if !defined(LWS_NO_SERVER) - LWS_EXTERN int - lws_context_init_server_ssl(const struct lws_context_creation_info *info, - struct lws_vhost *vhost); - void - lws_tls_acme_sni_cert_destroy(struct lws_vhost *vhost); -#else - #define lws_context_init_server_ssl(_a, _b) (0) - #define lws_tls_acme_sni_cert_destroy(_a) -#endif - -LWS_EXTERN void -lws_ssl_destroy(struct lws_vhost *vhost); -LWS_EXTERN char * -lws_ssl_get_error_string(int status, int ret, char *buf, size_t len); - -/* - * lws_tls_ abstract backend implementations - */ - -LWS_EXTERN int -lws_tls_server_client_cert_verify_config(struct lws_vhost *vh); -LWS_EXTERN int -lws_tls_server_vhost_backend_init(const struct lws_context_creation_info *info, - struct lws_vhost *vhost, struct lws *wsi); -LWS_EXTERN int -lws_tls_server_new_nonblocking(struct lws *wsi, lws_sockfd_type accept_fd); - -LWS_EXTERN enum lws_ssl_capable_status -lws_tls_server_accept(struct lws *wsi); - -LWS_EXTERN enum lws_ssl_capable_status -lws_tls_server_abort_connection(struct lws *wsi); - -LWS_EXTERN enum lws_ssl_capable_status -__lws_tls_shutdown(struct lws *wsi); - -LWS_EXTERN enum lws_ssl_capable_status -lws_tls_client_connect(struct lws *wsi); -LWS_EXTERN int -lws_tls_client_confirm_peer_cert(struct lws *wsi, char *ebuf, int ebuf_len); -LWS_EXTERN int -lws_tls_client_create_vhost_context(struct lws_vhost *vh, - const struct lws_context_creation_info *info, - const char *cipher_list, - const char *ca_filepath, - const void *ca_mem, - unsigned int ca_mem_len, - const char *cert_filepath, - const char *private_key_filepath); - -LWS_EXTERN lws_tls_ctx * -lws_tls_ctx_from_wsi(struct lws *wsi); -LWS_EXTERN int -lws_ssl_get_error(struct lws *wsi, int n); - -LWS_EXTERN int -lws_context_init_client_ssl(const struct lws_context_creation_info *info, - struct lws_vhost *vhost); - -LWS_EXTERN void -lws_ssl_info_callback(const lws_tls_conn *ssl, int where, int ret); - -int -lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt); - -#endif diff --git a/thirdparty/libwebsockets/lib/tls/tls-client.c b/thirdparty/libwebsockets/lib/tls/tls-client.c deleted file mode 100644 index f69c685fa7..0000000000 --- a/thirdparty/libwebsockets/lib/tls/tls-client.c +++ /dev/null @@ -1,153 +0,0 @@ -/* - * libwebsockets - client-related ssl code independent of backend - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -int -lws_ssl_client_connect1(struct lws *wsi) -{ - struct lws_context *context = wsi->context; - int n = 0; - - lws_latency_pre(context, wsi); - n = lws_tls_client_connect(wsi); - lws_latency(context, wsi, "SSL_connect hs", n, n > 0); - - switch (n) { - case LWS_SSL_CAPABLE_ERROR: - return -1; - case LWS_SSL_CAPABLE_DONE: - return 1; /* connected */ - case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: - lws_callback_on_writable(wsi); - /* fallthru */ - case LWS_SSL_CAPABLE_MORE_SERVICE_READ: - lwsi_set_state(wsi, LRS_WAITING_SSL); - break; - case LWS_SSL_CAPABLE_MORE_SERVICE: - break; - } - - return 0; /* retry */ -} - -int -lws_ssl_client_connect2(struct lws *wsi, char *errbuf, int len) -{ - int n = 0; - - if (lwsi_state(wsi) == LRS_WAITING_SSL) { - lws_latency_pre(wsi->context, wsi); - - n = lws_tls_client_connect(wsi); - lwsl_debug("%s: SSL_connect says %d\n", __func__, n); - lws_latency(wsi->context, wsi, - "SSL_connect LRS_WAITING_SSL", n, n > 0); - - switch (n) { - case LWS_SSL_CAPABLE_ERROR: - lws_snprintf(errbuf, len, "client connect failed"); - return -1; - case LWS_SSL_CAPABLE_DONE: - break; /* connected */ - case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: - lws_callback_on_writable(wsi); - /* fallthru */ - case LWS_SSL_CAPABLE_MORE_SERVICE_READ: - lwsi_set_state(wsi, LRS_WAITING_SSL); - /* fallthru */ - case LWS_SSL_CAPABLE_MORE_SERVICE: - return 0; - } - } - - if (lws_tls_client_confirm_peer_cert(wsi, errbuf, len)) - return -1; - - return 1; -} - - -int lws_context_init_client_ssl(const struct lws_context_creation_info *info, - struct lws_vhost *vhost) -{ - const char *private_key_filepath = info->ssl_private_key_filepath; - const char *cert_filepath = info->ssl_cert_filepath; - const char *ca_filepath = info->ssl_ca_filepath; - const char *cipher_list = info->ssl_cipher_list; - struct lws wsi; - - if (vhost->options & LWS_SERVER_OPTION_ONLY_RAW) - return 0; - - /* - * for backwards-compatibility default to using ssl_... members, but - * if the newer client-specific ones are given, use those - */ - if (info->client_ssl_cipher_list) - cipher_list = info->client_ssl_cipher_list; - if (info->client_ssl_cert_filepath) - cert_filepath = info->client_ssl_cert_filepath; - if (info->client_ssl_private_key_filepath) - private_key_filepath = info->client_ssl_private_key_filepath; - - if (info->client_ssl_ca_filepath) - ca_filepath = info->client_ssl_ca_filepath; - - if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) - return 0; - - if (vhost->tls.ssl_client_ctx) - return 0; - - if (info->provided_client_ssl_ctx) { - /* use the provided OpenSSL context if given one */ - vhost->tls.ssl_client_ctx = info->provided_client_ssl_ctx; - /* nothing for lib to delete */ - vhost->tls.user_supplied_ssl_ctx = 1; - - return 0; - } - - if (lws_tls_client_create_vhost_context(vhost, info, cipher_list, - ca_filepath, - info->client_ssl_ca_mem, - info->client_ssl_ca_mem_len, - cert_filepath, - private_key_filepath)) - return 1; - - lwsl_notice("created client ssl context for %s\n", vhost->name); - - /* - * give him a fake wsi with context set, so he can use - * lws_get_context() in the callback - */ - memset(&wsi, 0, sizeof(wsi)); - wsi.vhost = vhost; /* not a real bound wsi */ - wsi.context = vhost->context; - - vhost->protocols[0].callback(&wsi, - LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS, - vhost->tls.ssl_client_ctx, NULL, 0); - - return 0; -} diff --git a/thirdparty/libwebsockets/lib/tls/tls-server.c b/thirdparty/libwebsockets/lib/tls/tls-server.c deleted file mode 100644 index 9d3f70dbea..0000000000 --- a/thirdparty/libwebsockets/lib/tls/tls-server.c +++ /dev/null @@ -1,388 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2018 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ - OPENSSL_VERSION_NUMBER >= 0x10002000L) -static int -alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen, - const unsigned char *in, unsigned int inlen, void *arg) -{ -#if !defined(LWS_WITH_MBEDTLS) - struct alpn_ctx *alpn_ctx = (struct alpn_ctx *)arg; - - if (SSL_select_next_proto((unsigned char **)out, outlen, alpn_ctx->data, - alpn_ctx->len, in, inlen) != - OPENSSL_NPN_NEGOTIATED) - return SSL_TLSEXT_ERR_NOACK; -#endif - - return SSL_TLSEXT_ERR_OK; -} -#endif - -void -lws_context_init_alpn(struct lws_vhost *vhost) -{ -#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ - OPENSSL_VERSION_NUMBER >= 0x10002000L) - const char *alpn_comma = vhost->context->tls.alpn_default; - - if (vhost->tls.alpn) - alpn_comma = vhost->tls.alpn; - - lwsl_info(" Server '%s' advertising ALPN: %s\n", - vhost->name, alpn_comma); - vhost->tls.alpn_ctx.len = lws_alpn_comma_to_openssl(alpn_comma, - vhost->tls.alpn_ctx.data, - sizeof(vhost->tls.alpn_ctx.data) - 1); - - SSL_CTX_set_alpn_select_cb(vhost->tls.ssl_ctx, alpn_cb, - &vhost->tls.alpn_ctx); -#else - lwsl_err( - " HTTP2 / ALPN configured but not supported by OpenSSL 0x%lx\n", - OPENSSL_VERSION_NUMBER); -#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L -} - -int -lws_tls_server_conn_alpn(struct lws *wsi) -{ -#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ - OPENSSL_VERSION_NUMBER >= 0x10002000L) - const unsigned char *name = NULL; - char cstr[10]; - unsigned len; - - SSL_get0_alpn_selected(wsi->tls.ssl, &name, &len); - if (!len) { - lwsl_info("no ALPN upgrade\n"); - return 0; - } - - if (len > sizeof(cstr) - 1) - len = sizeof(cstr) - 1; - - memcpy(cstr, name, len); - cstr[len] = '\0'; - - lwsl_info("negotiated '%s' using ALPN\n", cstr); - wsi->tls.use_ssl |= LCCSCF_USE_SSL; - - return lws_role_call_alpn_negotiated(wsi, (const char *)cstr); -#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L - - return 0; -} - -LWS_VISIBLE int -lws_context_init_server_ssl(const struct lws_context_creation_info *info, - struct lws_vhost *vhost) -{ - struct lws_context *context = vhost->context; - struct lws wsi; - - if (!lws_check_opt(info->options, - LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) { - vhost->tls.use_ssl = 0; - - return 0; - } - - /* - * If he is giving a cert filepath, take it as a sign he wants to use - * it on this vhost. User code can leave the cert filepath NULL and - * set the LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX option itself, in - * which case he's expected to set up the cert himself at - * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which - * provides the vhost SSL_CTX * in the user parameter. - */ - if (info->ssl_cert_filepath) - vhost->options |= LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX; - - if (info->port != CONTEXT_PORT_NO_LISTEN) { - - vhost->tls.use_ssl = lws_check_opt(vhost->options, - LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX); - - if (vhost->tls.use_ssl && info->ssl_cipher_list) - lwsl_notice(" SSL ciphers: '%s'\n", - info->ssl_cipher_list); - - if (vhost->tls.use_ssl) - lwsl_notice(" Using SSL mode\n"); - else - lwsl_notice(" Using non-SSL mode\n"); - } - - /* - * give him a fake wsi with context + vhost set, so he can use - * lws_get_context() in the callback - */ - memset(&wsi, 0, sizeof(wsi)); - wsi.vhost = vhost; /* not a real bound wsi */ - wsi.context = context; - - /* - * as a server, if we are requiring clients to identify themselves - * then set the backend up for it - */ - if (lws_check_opt(info->options, - LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT)) - /* Normally SSL listener rejects non-ssl, optionally allow */ - vhost->tls.allow_non_ssl_on_ssl_port = 1; - - /* - * give user code a chance to load certs into the server - * allowing it to verify incoming client certs - */ - if (vhost->tls.use_ssl) { - if (lws_tls_server_vhost_backend_init(info, vhost, &wsi)) - return -1; - - lws_tls_server_client_cert_verify_config(vhost); - - if (vhost->protocols[0].callback(&wsi, - LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, - vhost->tls.ssl_ctx, vhost, 0)) - return -1; - } - - if (vhost->tls.use_ssl) - lws_context_init_alpn(vhost); - - return 0; -} - -LWS_VISIBLE int -lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd) -{ - struct lws_context *context = wsi->context; - struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; - struct lws_vhost *vh; - char buf[256]; - int n; - - (void)buf; - - if (!LWS_SSL_ENABLED(wsi->vhost)) - return 0; - - switch (lwsi_state(wsi)) { - case LRS_SSL_INIT: - - if (wsi->tls.ssl) - lwsl_err("%s: leaking ssl\n", __func__); - if (accept_fd == LWS_SOCK_INVALID) - assert(0); - if (context->simultaneous_ssl_restriction && - context->simultaneous_ssl >= - context->simultaneous_ssl_restriction) { - lwsl_notice("unable to deal with SSL connection\n"); - return 1; - } - - if (lws_tls_server_new_nonblocking(wsi, accept_fd)) { - if (accept_fd != LWS_SOCK_INVALID) - compatible_close(accept_fd); - goto fail; - } - - if (context->simultaneous_ssl_restriction && - ++context->simultaneous_ssl == - context->simultaneous_ssl_restriction) - /* that was the last allowed SSL connection */ - lws_gate_accepts(context, 0); - -#if defined(LWS_WITH_STATS) - context->updated = 1; -#endif - /* - * we are not accepted yet, but we need to enter ourselves - * as a live connection. That way we can retry when more - * pieces come if we're not sorted yet - */ - lwsi_set_state(wsi, LRS_SSL_ACK_PENDING); - - lws_pt_lock(pt, __func__); - if (__insert_wsi_socket_into_fds(context, wsi)) { - lwsl_err("%s: failed to insert into fds\n", __func__); - goto fail; - } - lws_pt_unlock(pt); - - lws_set_timeout(wsi, PENDING_TIMEOUT_SSL_ACCEPT, - context->timeout_secs); - - lwsl_debug("inserted SSL accept into fds, trying SSL_accept\n"); - - /* fallthru */ - - case LRS_SSL_ACK_PENDING: - - if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { - lwsl_err("%s: lws_change_pollfd failed\n", __func__); - goto fail; - } - - lws_latency_pre(context, wsi); - - if (wsi->vhost->tls.allow_non_ssl_on_ssl_port) { - - n = recv(wsi->desc.sockfd, (char *)pt->serv_buf, - context->pt_serv_buf_size, MSG_PEEK); - - /* - * optionally allow non-SSL connect on SSL listening socket - * This is disabled by default, if enabled it goes around any - * SSL-level access control (eg, client-side certs) so leave - * it disabled unless you know it's not a problem for you - */ - if (n >= 1 && pt->serv_buf[0] >= ' ') { - /* - * TLS content-type for Handshake is 0x16, and - * for ChangeCipherSpec Record, it's 0x14 - * - * A non-ssl session will start with the HTTP - * method in ASCII. If we see it's not a legit - * SSL handshake kill the SSL for this - * connection and try to handle as a HTTP - * connection upgrade directly. - */ - wsi->tls.use_ssl = 0; - - lws_tls_server_abort_connection(wsi); - /* - * care... this creates wsi with no ssl - * when ssl is enabled and normally - * mandatory - */ - wsi->tls.ssl = NULL; - if (lws_check_opt(context->options, - LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS)) - wsi->tls.redirect_to_https = 1; - lwsl_debug("accepted as non-ssl\n"); - goto accepted; - } - if (!n) { - /* - * connection is gone, fail out - */ - lwsl_debug("PEEKed 0\n"); - goto fail; - } - if (n < 0 && (LWS_ERRNO == LWS_EAGAIN || - LWS_ERRNO == LWS_EWOULDBLOCK)) { - /* - * well, we get no way to know ssl or not - * so go around again waiting for something - * to come and give us a hint, or timeout the - * connection. - */ - if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) { - lwsl_info("%s: change_pollfd failed\n", - __func__); - return -1; - } - - lwsl_info("SSL_ERROR_WANT_READ\n"); - return 0; - } - } - - /* normal SSL connection processing path */ - -#if defined(LWS_WITH_STATS) - /* only set this the first time around */ - if (!wsi->accept_start_us) - wsi->accept_start_us = lws_time_in_microseconds(); -#endif - errno = 0; - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, - 1); - n = lws_tls_server_accept(wsi); - lws_latency(context, wsi, - "SSL_accept LRS_SSL_ACK_PENDING\n", n, n == 1); - lwsl_info("SSL_accept says %d\n", n); - switch (n) { - case LWS_SSL_CAPABLE_DONE: - break; - case LWS_SSL_CAPABLE_ERROR: - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_SSL_CONNECTIONS_FAILED, - 1); - lwsl_info("SSL_accept failed socket %u: %d\n", - wsi->desc.sockfd, n); - wsi->socket_is_permanently_unusable = 1; - goto fail; - - default: /* MORE_SERVICE */ - return 0; - } - - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, 1); -#if defined(LWS_WITH_STATS) - if (wsi->accept_start_us) - lws_stats_atomic_bump(wsi->context, pt, - LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY, - lws_time_in_microseconds() - - wsi->accept_start_us); - wsi->accept_start_us = lws_time_in_microseconds(); -#endif - -accepted: - - /* adapt our vhost to match the SNI SSL_CTX that was chosen */ - vh = context->vhost_list; - while (vh) { - if (!vh->being_destroyed && wsi->tls.ssl && - vh->tls.ssl_ctx == lws_tls_ctx_from_wsi(wsi)) { - lwsl_info("setting wsi to vh %s\n", vh->name); - lws_vhost_bind_wsi(vh, wsi); - break; - } - vh = vh->vhost_next; - } - - /* OK, we are accepted... give him some time to negotiate */ - lws_set_timeout(wsi, PENDING_TIMEOUT_ESTABLISH_WITH_SERVER, - context->timeout_secs); - - lwsi_set_state(wsi, LRS_ESTABLISHED); - if (lws_tls_server_conn_alpn(wsi)) - goto fail; - lwsl_debug("accepted new SSL conn\n"); - break; - - default: - break; - } - - return 0; - -fail: - return 1; -} - diff --git a/thirdparty/libwebsockets/lib/tls/tls.c b/thirdparty/libwebsockets/lib/tls/tls.c deleted file mode 100644 index a32951689f..0000000000 --- a/thirdparty/libwebsockets/lib/tls/tls.c +++ /dev/null @@ -1,505 +0,0 @@ -/* - * libwebsockets - small server side websockets and web server implementation - * - * Copyright (C) 2010-2017 Andy Green - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation: - * version 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, - * MA 02110-1301 USA - */ - -#include "core/private.h" - -/* - * fakes POLLIN on all tls guys with buffered rx - * - * returns nonzero if any tls guys had POLLIN faked - */ - -int -lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt) -{ - int ret = 0; - - lws_start_foreach_dll_safe(struct lws_dll_lws *, p, p1, - pt->tls.pending_tls_head.next) { - struct lws *wsi = lws_container_of(p, struct lws, - tls.pending_tls_list); - - pt->fds[wsi->position_in_fds_table].revents |= - pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN; - ret |= pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN; - - } lws_end_foreach_dll_safe(p, p1); - - return !!ret; -} - -void -__lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi) -{ - if (lws_dll_is_null(&wsi->tls.pending_tls_list)) - return; - - lws_dll_lws_remove(&wsi->tls.pending_tls_list); -} - -void -lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi) -{ - struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; - - lws_pt_lock(pt, __func__); - __lws_ssl_remove_wsi_from_buffered_list(wsi); - lws_pt_unlock(pt); -} - -#if defined(LWS_WITH_ESP32) -int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf, - lws_filepos_t *amount) -{ - nvs_handle nvh; - size_t s; - int n = 0; - - ESP_ERROR_CHECK(nvs_open("lws-station", NVS_READWRITE, &nvh)); - if (nvs_get_blob(nvh, filename, NULL, &s) != ESP_OK) { - n = 1; - goto bail; - } - *buf = lws_malloc(s + 1, "alloc_file"); - if (!*buf) { - n = 2; - goto bail; - } - if (nvs_get_blob(nvh, filename, (char *)*buf, &s) != ESP_OK) { - lws_free(*buf); - n = 1; - goto bail; - } - - *amount = s; - (*buf)[s] = '\0'; - - lwsl_notice("%s: nvs: read %s, %d bytes\n", __func__, filename, (int)s); - -bail: - nvs_close(nvh); - - return n; -} -#else -int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf, - lws_filepos_t *amount) -{ - FILE *f; - size_t s; - int n = 0; - - f = fopen(filename, "rb"); - if (f == NULL) { - n = 1; - goto bail; - } - - if (fseek(f, 0, SEEK_END) != 0) { - n = 1; - goto bail; - } - - s = ftell(f); - if (s == (size_t)-1) { - n = 1; - goto bail; - } - - if (fseek(f, 0, SEEK_SET) != 0) { - n = 1; - goto bail; - } - - *buf = lws_malloc(s, "alloc_file"); - if (!*buf) { - n = 2; - goto bail; - } - - if (fread(*buf, s, 1, f) != 1) { - lws_free(*buf); - n = 1; - goto bail; - } - - *amount = s; - -bail: - if (f) - fclose(f); - - return n; - -} -#endif - -int -lws_tls_alloc_pem_to_der_file(struct lws_context *context, const char *filename, - const char *inbuf, lws_filepos_t inlen, - uint8_t **buf, lws_filepos_t *amount) -{ - const uint8_t *pem, *p, *end; - lws_filepos_t len; - uint8_t *q; - int n; - - if (filename) { - n = alloc_file(context, filename, (uint8_t **)&pem, &len); - if (n) - return n; - } else { - pem = (const uint8_t *)inbuf; - len = inlen; - } - - /* trim the first line */ - - p = pem; - end = p + len; - if (strncmp((char *)p, "-----", 5)) - goto bail; - p += 5; - while (p < end && *p != '\n' && *p != '-') - p++; - - if (*p != '-') - goto bail; - - while (p < end && *p != '\n') - p++; - - if (p >= end) - goto bail; - - p++; - - /* trim the last line */ - - q = (uint8_t *)end - 2; - - while (q > pem && *q != '\n') - q--; - - if (*q != '\n') - goto bail; - - *q = '\0'; - - *amount = lws_b64_decode_string((char *)p, (char *)pem, - (int)(long long)len); - *buf = (uint8_t *)pem; - - return 0; - -bail: - lws_free((uint8_t *)pem); - - return 4; -} - -int -lws_tls_check_cert_lifetime(struct lws_vhost *v) -{ - time_t now = (time_t)lws_now_secs(), life = 0; - struct lws_acme_cert_aging_args caa; - union lws_tls_cert_info_results ir; - int n; - - if (v->tls.ssl_ctx && !v->tls.skipped_certs) { - - if (now < 1542933698) /* Nov 23 2018 00:42 UTC */ - /* our clock is wrong and we can't judge the certs */ - return -1; - - n = lws_tls_vhost_cert_info(v, LWS_TLS_CERT_INFO_VALIDITY_TO, - &ir, 0); - if (n) - return 1; - - life = (ir.time - now) / (24 * 3600); - lwsl_notice(" vhost %s: cert expiry: %dd\n", v->name, - (int)life); - } else - lwsl_notice(" vhost %s: no cert\n", v->name); - - memset(&caa, 0, sizeof(caa)); - caa.vh = v; - lws_broadcast(v->context, LWS_CALLBACK_VHOST_CERT_AGING, (void *)&caa, - (size_t)(ssize_t)life); - - return 0; -} - -int -lws_tls_check_all_cert_lifetimes(struct lws_context *context) -{ - struct lws_vhost *v = context->vhost_list; - - while (v) { - if (lws_tls_check_cert_lifetime(v) < 0) - return -1; - v = v->vhost_next; - } - - return 0; -} -#if !defined(LWS_WITH_ESP32) && !defined(LWS_PLAT_OPTEE) -static int -lws_tls_extant(const char *name) -{ - /* it exists if we can open it... */ - int fd = open(name, O_RDONLY), n; - char buf[1]; - - if (fd < 0) - return 1; - - /* and we can read at least one byte out of it */ - n = read(fd, buf, 1); - close(fd); - - return n != 1; -} -#endif -/* - * Returns 0 if the filepath "name" exists and can be read from. - * - * In addition, if "name".upd exists, backup "name" to "name.old.1" - * and rename "name".upd to "name" before reporting its existence. - * - * There are four situations and three results possible: - * - * 1) LWS_TLS_EXTANT_NO: There are no certs at all (we are waiting for them to - * be provisioned). We also feel like this if we need privs we don't have - * any more to look in the directory. - * - * 2) There are provisioned certs written (xxx.upd) and we still have root - * privs... in this case we rename any existing cert to have a backup name - * and move the upd cert into place with the correct name. This then becomes - * situation 4 for the caller. - * - * 3) LWS_TLS_EXTANT_ALTERNATIVE: There are provisioned certs written (xxx.upd) - * but we no longer have the privs needed to read or rename them. In this - * case, indicate that the caller should use temp copies if any we do have - * rights to access. This is normal after we have updated the cert. - * - * But if we dropped privs, we can't detect the provisioned xxx.upd cert + - * key, because we can't see in the dir. So we have to upgrade NO to - * ALTERNATIVE when we actually have the in-memory alternative. - * - * 4) LWS_TLS_EXTANT_YES: The certs are present with the correct name and we - * have the rights to read them. - */ -enum lws_tls_extant -lws_tls_use_any_upgrade_check_extant(const char *name) -{ -#if !defined(LWS_PLAT_OPTEE) - - int n; - -#if !defined(LWS_WITH_ESP32) - char buf[256]; - - lws_snprintf(buf, sizeof(buf) - 1, "%s.upd", name); - if (!lws_tls_extant(buf)) { - /* ah there is an updated file... how about the desired file? */ - if (!lws_tls_extant(name)) { - /* rename the desired file */ - for (n = 0; n < 50; n++) { - lws_snprintf(buf, sizeof(buf) - 1, - "%s.old.%d", name, n); - if (!rename(name, buf)) - break; - } - if (n == 50) { - lwsl_notice("unable to rename %s\n", name); - - return LWS_TLS_EXTANT_ALTERNATIVE; - } - lws_snprintf(buf, sizeof(buf) - 1, "%s.upd", name); - } - /* desired file is out of the way, rename the updated file */ - if (rename(buf, name)) { - lwsl_notice("unable to rename %s to %s\n", buf, name); - - return LWS_TLS_EXTANT_ALTERNATIVE; - } - } - - if (lws_tls_extant(name)) - return LWS_TLS_EXTANT_NO; -#else - nvs_handle nvh; - size_t s = 8192; - - if (nvs_open("lws-station", NVS_READWRITE, &nvh)) { - lwsl_notice("%s: can't open nvs\n", __func__); - return LWS_TLS_EXTANT_NO; - } - - n = nvs_get_blob(nvh, name, NULL, &s); - nvs_close(nvh); - - if (n) - return LWS_TLS_EXTANT_NO; -#endif -#endif - return LWS_TLS_EXTANT_YES; -} - -/* - * LWS_TLS_EXTANT_NO : skip adding the cert - * LWS_TLS_EXTANT_YES : use the cert and private key paths normally - * LWS_TLS_EXTANT_ALTERNATIVE: normal paths not usable, try alternate if poss - */ -enum lws_tls_extant -lws_tls_generic_cert_checks(struct lws_vhost *vhost, const char *cert, - const char *private_key) -{ - int n, m; - - /* - * The user code can choose to either pass the cert and - * key filepaths using the info members like this, or it can - * leave them NULL; force the vhost SSL_CTX init using the info - * options flag LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX; and - * set up the cert himself using the user callback - * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which - * happened just above and has the vhost SSL_CTX * in the user - * parameter. - */ - - if (!cert || !private_key) - return LWS_TLS_EXTANT_NO; - - n = lws_tls_use_any_upgrade_check_extant(cert); - if (n == LWS_TLS_EXTANT_ALTERNATIVE) - return LWS_TLS_EXTANT_ALTERNATIVE; - m = lws_tls_use_any_upgrade_check_extant(private_key); - if (m == LWS_TLS_EXTANT_ALTERNATIVE) - return LWS_TLS_EXTANT_ALTERNATIVE; - - if ((n == LWS_TLS_EXTANT_NO || m == LWS_TLS_EXTANT_NO) && - (vhost->options & LWS_SERVER_OPTION_IGNORE_MISSING_CERT)) { - lwsl_notice("Ignoring missing %s or %s\n", cert, private_key); - vhost->tls.skipped_certs = 1; - - return LWS_TLS_EXTANT_NO; - } - - /* - * the cert + key exist - */ - - return LWS_TLS_EXTANT_YES; -} - -#if !defined(LWS_NO_SERVER) -/* - * update the cert for every vhost using the given path - */ - -LWS_VISIBLE int -lws_tls_cert_updated(struct lws_context *context, const char *certpath, - const char *keypath, - const char *mem_cert, size_t len_mem_cert, - const char *mem_privkey, size_t len_mem_privkey) -{ - struct lws wsi; - - wsi.context = context; - - lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) { - wsi.vhost = v; /* not a real bound wsi */ - if (v->tls.alloc_cert_path && v->tls.key_path && - !strcmp(v->tls.alloc_cert_path, certpath) && - !strcmp(v->tls.key_path, keypath)) { - lws_tls_server_certs_load(v, &wsi, certpath, keypath, - mem_cert, len_mem_cert, - mem_privkey, len_mem_privkey); - - if (v->tls.skipped_certs) - lwsl_notice("%s: vhost %s: cert unset\n", - __func__, v->name); - } - } lws_end_foreach_ll(v, vhost_next); - - return 0; -} -#endif - -int -lws_gate_accepts(struct lws_context *context, int on) -{ - struct lws_vhost *v = context->vhost_list; - - lwsl_notice("%s: on = %d\n", __func__, on); - -#if defined(LWS_WITH_STATS) - context->updated = 1; -#endif - - while (v) { - if (v->tls.use_ssl && v->lserv_wsi && - lws_change_pollfd(v->lserv_wsi, (LWS_POLLIN) * !on, - (LWS_POLLIN) * on)) - lwsl_notice("Unable to set accept POLLIN %d\n", on); - - v = v->vhost_next; - } - - return 0; -} - -/* comma-separated alpn list, like "h2,http/1.1" to openssl alpn format */ - -int -lws_alpn_comma_to_openssl(const char *comma, uint8_t *os, int len) -{ - uint8_t *oos = os, *plen = NULL; - - while (*comma && len > 1) { - if (!plen && *comma == ' ') { - comma++; - continue; - } - if (!plen) { - plen = os++; - len--; - } - - if (*comma == ',') { - *plen = lws_ptr_diff(os, plen + 1); - plen = NULL; - comma++; - } else { - *os++ = *comma++; - len--; - } - } - - if (plen) - *plen = lws_ptr_diff(os, plen + 1); - - return lws_ptr_diff(os, oos); -} - diff --git a/thirdparty/libwebsockets/libwebsockets.h b/thirdparty/libwebsockets/libwebsockets.h new file mode 100644 index 0000000000..2c01696404 --- /dev/null +++ b/thirdparty/libwebsockets/libwebsockets.h @@ -0,0 +1,7346 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +/** @file */ + +#ifndef LIBWEBSOCKET_H_3060898B846849FF9F88F5DB59B5950C +#define LIBWEBSOCKET_H_3060898B846849FF9F88F5DB59B5950C + +#ifdef __cplusplus +#include +#include + +extern "C" { +#else +#include +#endif + +#include +#include + +#include "lws_config.h" + +/* + * CARE: everything using cmake defines needs to be below here + */ + +#if defined(LWS_HAS_INTPTR_T) +#include +#define lws_intptr_t intptr_t +#else +typedef unsigned long long lws_intptr_t; +#endif + +#if defined(WIN32) || defined(_WIN32) +#ifndef WIN32_LEAN_AND_MEAN +#define WIN32_LEAN_AND_MEAN +#endif + +#include +#include +#include +#include +#include +#ifndef _WIN32_WCE +#include +#else +#define _O_RDONLY 0x0000 +#define O_RDONLY _O_RDONLY +#endif + +#define LWS_INLINE __inline +#define LWS_VISIBLE +#define LWS_WARN_UNUSED_RESULT +#define LWS_WARN_DEPRECATED +#define LWS_FORMAT(string_index) + +#ifdef LWS_DLL +#ifdef LWS_INTERNAL +#define LWS_EXTERN extern __declspec(dllexport) +#else +#define LWS_EXTERN extern __declspec(dllimport) +#endif +#else +#define LWS_EXTERN +#endif + +#define LWS_INVALID_FILE INVALID_HANDLE_VALUE +#define LWS_O_RDONLY _O_RDONLY +#define LWS_O_WRONLY _O_WRONLY +#define LWS_O_CREAT _O_CREAT +#define LWS_O_TRUNC _O_TRUNC + +#ifndef __func__ +#define __func__ __FUNCTION__ +#endif + +#else /* NOT WIN32 */ +#include +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) +#include +#endif + +#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__QNX__) || defined(__OpenBSD__) +#include +#include +#endif + +#define LWS_INLINE inline +#define LWS_O_RDONLY O_RDONLY +#define LWS_O_WRONLY O_WRONLY +#define LWS_O_CREAT O_CREAT +#define LWS_O_TRUNC O_TRUNC + +#if !defined(LWS_PLAT_OPTEE) && !defined(OPTEE_TA) && !defined(LWS_WITH_ESP32) +#include +#include +#define LWS_INVALID_FILE -1 +#else +#define getdtablesize() (30) +#if defined(LWS_WITH_ESP32) +#define LWS_INVALID_FILE NULL +#else +#define LWS_INVALID_FILE NULL +#endif +#endif + +#if defined(__GNUC__) + +/* warn_unused_result attribute only supported by GCC 3.4 or later */ +#if __GNUC__ >= 4 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4) +#define LWS_WARN_UNUSED_RESULT __attribute__((warn_unused_result)) +#else +#define LWS_WARN_UNUSED_RESULT +#endif + +#define LWS_VISIBLE __attribute__((visibility("default"))) +#define LWS_WARN_DEPRECATED __attribute__ ((deprecated)) +#define LWS_FORMAT(string_index) __attribute__ ((format(printf, string_index, string_index+1))) +#else +#define LWS_VISIBLE +#define LWS_WARN_UNUSED_RESULT +#define LWS_WARN_DEPRECATED +#define LWS_FORMAT(string_index) +#endif + +#if defined(__ANDROID__) +#include +#include +#define getdtablesize() sysconf(_SC_OPEN_MAX) +#endif + +#endif + +#if defined(LWS_WITH_LIBEV) +#include +#endif /* LWS_WITH_LIBEV */ +#ifdef LWS_WITH_LIBUV +#include +#ifdef LWS_HAVE_UV_VERSION_H +#include +#endif +#ifdef LWS_HAVE_NEW_UV_VERSION_H +#include +#endif +#endif /* LWS_WITH_LIBUV */ +#if defined(LWS_WITH_LIBEVENT) +#include +#endif /* LWS_WITH_LIBEVENT */ + +#ifndef LWS_EXTERN +#define LWS_EXTERN extern +#endif + +#ifdef _WIN32 +#define random rand +#else +#if !defined(OPTEE_TA) +#include +#include +#endif +#endif + +#if defined(LWS_WITH_TLS) + +#ifdef USE_WOLFSSL +#ifdef USE_OLD_CYASSL +#ifdef _WIN32 +/* + * Include user-controlled settings for windows from + * /IDE/WIN/user_settings.h + */ +#include +#include +#else +#include +#endif +#include +#include + +#else +#ifdef _WIN32 +/* + * Include user-controlled settings for windows from + * /IDE/WIN/user_settings.h + */ +#include +#include +#else +#include +#endif +#include +#include +#endif /* not USE_OLD_CYASSL */ +#else +#if defined(LWS_WITH_MBEDTLS) +#if defined(LWS_WITH_ESP32) +/* this filepath is passed to us but without quotes or <> */ +#undef MBEDTLS_CONFIG_FILE +#define MBEDTLS_CONFIG_FILE +#endif +#include +#else +#include +#if !defined(LWS_WITH_MBEDTLS) +#include +#endif +#endif +#endif /* not USE_WOLFSSL */ +#endif + +/* + * Helpers for pthread mutex in user code... if lws is built for + * multiple service threads, these resolve to pthread mutex + * operations. In the case LWS_MAX_SMP is 1 (the default), they + * are all NOPs and no pthread type or api is referenced. + */ + +#if LWS_MAX_SMP > 1 + +#include + +#define lws_pthread_mutex(name) pthread_mutex_t name; + +static LWS_INLINE void +lws_pthread_mutex_init(pthread_mutex_t *lock) +{ + pthread_mutex_init(lock, NULL); +} + +static LWS_INLINE void +lws_pthread_mutex_destroy(pthread_mutex_t *lock) +{ + pthread_mutex_destroy(lock); +} + +static LWS_INLINE void +lws_pthread_mutex_lock(pthread_mutex_t *lock) +{ + pthread_mutex_lock(lock); +} + +static LWS_INLINE void +lws_pthread_mutex_unlock(pthread_mutex_t *lock) +{ + pthread_mutex_unlock(lock); +} + +#else +#define lws_pthread_mutex(name) +#define lws_pthread_mutex_init(_a) +#define lws_pthread_mutex_destroy(_a) +#define lws_pthread_mutex_lock(_a) +#define lws_pthread_mutex_unlock(_a) +#endif + + +#define CONTEXT_PORT_NO_LISTEN -1 +#define CONTEXT_PORT_NO_LISTEN_SERVER -2 + +/** \defgroup log Logging + * + * ##Logging + * + * Lws provides flexible and filterable logging facilities, which can be + * used inside lws and in user code. + * + * Log categories may be individually filtered bitwise, and directed to built-in + * sinks for syslog-compatible logging, or a user-defined function. + */ +///@{ + +enum lws_log_levels { + LLL_ERR = 1 << 0, + LLL_WARN = 1 << 1, + LLL_NOTICE = 1 << 2, + LLL_INFO = 1 << 3, + LLL_DEBUG = 1 << 4, + LLL_PARSER = 1 << 5, + LLL_HEADER = 1 << 6, + LLL_EXT = 1 << 7, + LLL_CLIENT = 1 << 8, + LLL_LATENCY = 1 << 9, + LLL_USER = 1 << 10, + + LLL_COUNT = 11 /* set to count of valid flags */ +}; + +LWS_VISIBLE LWS_EXTERN void _lws_log(int filter, const char *format, ...) LWS_FORMAT(2); +LWS_VISIBLE LWS_EXTERN void _lws_logv(int filter, const char *format, va_list vl); +/** + * lwsl_timestamp: generate logging timestamp string + * + * \param level: logging level + * \param p: char * buffer to take timestamp + * \param len: length of p + * + * returns length written in p + */ +LWS_VISIBLE LWS_EXTERN int +lwsl_timestamp(int level, char *p, int len); + +/* these guys are unconditionally included */ + +#define lwsl_err(...) _lws_log(LLL_ERR, __VA_ARGS__) +#define lwsl_user(...) _lws_log(LLL_USER, __VA_ARGS__) + +#if !defined(LWS_WITH_NO_LOGS) +/* notice and warn are usually included by being compiled in */ +#define lwsl_warn(...) _lws_log(LLL_WARN, __VA_ARGS__) +#define lwsl_notice(...) _lws_log(LLL_NOTICE, __VA_ARGS__) +#endif +/* + * weaker logging can be deselected by telling CMake to build in RELEASE mode + * that gets rid of the overhead of checking while keeping _warn and _err + * active + */ + +#ifdef _DEBUG +#if defined(LWS_WITH_NO_LOGS) +/* notice, warn and log are always compiled in */ +#define lwsl_warn(...) _lws_log(LLL_WARN, __VA_ARGS__) +#define lwsl_notice(...) _lws_log(LLL_NOTICE, __VA_ARGS__) +#endif +#define lwsl_info(...) _lws_log(LLL_INFO, __VA_ARGS__) +#define lwsl_debug(...) _lws_log(LLL_DEBUG, __VA_ARGS__) +#define lwsl_parser(...) _lws_log(LLL_PARSER, __VA_ARGS__) +#define lwsl_header(...) _lws_log(LLL_HEADER, __VA_ARGS__) +#define lwsl_ext(...) _lws_log(LLL_EXT, __VA_ARGS__) +#define lwsl_client(...) _lws_log(LLL_CLIENT, __VA_ARGS__) +#define lwsl_latency(...) _lws_log(LLL_LATENCY, __VA_ARGS__) + +#else /* no debug */ +#if defined(LWS_WITH_NO_LOGS) +#define lwsl_warn(...) do {} while(0) +#define lwsl_notice(...) do {} while(0) +#endif +#define lwsl_info(...) do {} while(0) +#define lwsl_debug(...) do {} while(0) +#define lwsl_parser(...) do {} while(0) +#define lwsl_header(...) do {} while(0) +#define lwsl_ext(...) do {} while(0) +#define lwsl_client(...) do {} while(0) +#define lwsl_latency(...) do {} while(0) + +#endif + +#define lwsl_hexdump_err(...) lwsl_hexdump_level(LLL_ERR, __VA_ARGS__) +#define lwsl_hexdump_warn(...) lwsl_hexdump_level(LLL_WARN, __VA_ARGS__) +#define lwsl_hexdump_notice(...) lwsl_hexdump_level(LLL_NOTICE, __VA_ARGS__) +#define lwsl_hexdump_info(...) lwsl_hexdump_level(LLL_INFO, __VA_ARGS__) +#define lwsl_hexdump_debug(...) lwsl_hexdump_level(LLL_DEBUG, __VA_ARGS__) + +/** + * lwsl_hexdump_level() - helper to hexdump a buffer at a selected debug level + * + * \param level: one of LLL_ constants + * \param vbuf: buffer start to dump + * \param len: length of buffer to dump + * + * If \p level is visible, does a nice hexdump -C style dump of \p vbuf for + * \p len bytes. This can be extremely convenient while debugging. + */ +LWS_VISIBLE LWS_EXTERN void +lwsl_hexdump_level(int level, const void *vbuf, size_t len); + +/** + * lwsl_hexdump() - helper to hexdump a buffer (DEBUG builds only) + * + * \param buf: buffer start to dump + * \param len: length of buffer to dump + * + * Calls through to lwsl_hexdump_level(LLL_DEBUG, ... for compatability. + * It's better to use lwsl_hexdump_level(level, ... directly so you can control + * the visibility. + */ +LWS_VISIBLE LWS_EXTERN void +lwsl_hexdump(const void *buf, size_t len); + +/** + * lws_is_be() - returns nonzero if the platform is Big Endian + */ +static LWS_INLINE int lws_is_be(void) { + const int probe = ~0xff; + + return *(const char *)&probe; +} + +/** + * lws_set_log_level() - Set the logging bitfield + * \param level: OR together the LLL_ debug contexts you want output from + * \param log_emit_function: NULL to leave it as it is, or a user-supplied + * function to perform log string emission instead of + * the default stderr one. + * + * log level defaults to "err", "warn" and "notice" contexts enabled and + * emission on stderr. If stderr is a tty (according to isatty()) then + * the output is coloured according to the log level using ANSI escapes. + */ +LWS_VISIBLE LWS_EXTERN void +lws_set_log_level(int level, + void (*log_emit_function)(int level, const char *line)); + +/** + * lwsl_emit_syslog() - helper log emit function writes to system log + * + * \param level: one of LLL_ log level indexes + * \param line: log string + * + * You use this by passing the function pointer to lws_set_log_level(), to set + * it as the log emit function, it is not called directly. + */ +LWS_VISIBLE LWS_EXTERN void +lwsl_emit_syslog(int level, const char *line); + +/** + * lwsl_visible() - returns true if the log level should be printed + * + * \param level: one of LLL_ log level indexes + * + * This is useful if you have to do work to generate the log content, you + * can skip the work if the log level used to print it is not actually + * enabled at runtime. + */ +LWS_VISIBLE LWS_EXTERN int +lwsl_visible(int level); + +///@} + + +#include + +#ifndef lws_container_of +#define lws_container_of(P,T,M) ((T *)((char *)(P) - offsetof(T, M))) +#endif + +struct lws; + +typedef int64_t lws_usec_t; + +/* api change list for user code to test against */ + +#define LWS_FEATURE_SERVE_HTTP_FILE_HAS_OTHER_HEADERS_ARG + +/* the struct lws_protocols has the id field present */ +#define LWS_FEATURE_PROTOCOLS_HAS_ID_FIELD + +/* you can call lws_get_peer_write_allowance */ +#define LWS_FEATURE_PROTOCOLS_HAS_PEER_WRITE_ALLOWANCE + +/* extra parameter introduced in 917f43ab821 */ +#define LWS_FEATURE_SERVE_HTTP_FILE_HAS_OTHER_HEADERS_LEN + +/* File operations stuff exists */ +#define LWS_FEATURE_FOPS + + +#if defined(_WIN32) +typedef SOCKET lws_sockfd_type; +typedef HANDLE lws_filefd_type; + +struct lws_pollfd { + lws_sockfd_type fd; /**< file descriptor */ + SHORT events; /**< which events to respond to */ + SHORT revents; /**< which events happened */ +}; +#define LWS_POLLHUP (FD_CLOSE) +#define LWS_POLLIN (FD_READ | FD_ACCEPT) +#define LWS_POLLOUT (FD_WRITE) +#else + + +#if defined(LWS_WITH_ESP32) + +typedef int lws_sockfd_type; +typedef int lws_filefd_type; + +struct pollfd { + lws_sockfd_type fd; /**< fd related to */ + short events; /**< which POLL... events to respond to */ + short revents; /**< which POLL... events occurred */ +}; +#define POLLIN 0x0001 +#define POLLPRI 0x0002 +#define POLLOUT 0x0004 +#define POLLERR 0x0008 +#define POLLHUP 0x0010 +#define POLLNVAL 0x0020 + +#include +#include +#include +#include "esp_wifi.h" +#include "esp_system.h" +#include "esp_event.h" +#include "esp_event_loop.h" +#include "nvs.h" +#include "driver/gpio.h" +#include "esp_spi_flash.h" +#include "freertos/timers.h" + +#if !defined(CONFIG_FREERTOS_HZ) +#define CONFIG_FREERTOS_HZ 100 +#endif + +typedef TimerHandle_t uv_timer_t; +typedef void uv_cb_t(uv_timer_t *); +typedef void * uv_handle_t; + +struct timer_mapping { + uv_cb_t *cb; + uv_timer_t *t; +}; + +#define UV_VERSION_MAJOR 1 + +#define lws_uv_getloop(a, b) (NULL) + +static LWS_INLINE void uv_timer_init(void *l, uv_timer_t *t) +{ + (void)l; + *t = NULL; +} + +extern void esp32_uvtimer_cb(TimerHandle_t t); + +static LWS_INLINE void uv_timer_start(uv_timer_t *t, uv_cb_t *cb, int first, int rep) +{ + struct timer_mapping *tm = (struct timer_mapping *)malloc(sizeof(*tm)); + + if (!tm) + return; + + tm->t = t; + tm->cb = cb; + + *t = xTimerCreate("x", pdMS_TO_TICKS(first), !!rep, tm, + (TimerCallbackFunction_t)esp32_uvtimer_cb); + xTimerStart(*t, 0); +} + +static LWS_INLINE void uv_timer_stop(uv_timer_t *t) +{ + xTimerStop(*t, 0); +} + +static LWS_INLINE void uv_close(uv_handle_t *h, void *v) +{ + free(pvTimerGetTimerID((uv_timer_t)h)); + xTimerDelete(*(uv_timer_t *)h, 0); +} + +/* ESP32 helper declarations */ + +#include +#include + +#define LWS_PLUGIN_STATIC +#define LWS_MAGIC_REBOOT_TYPE_ADS 0x50001ffc +#define LWS_MAGIC_REBOOT_TYPE_REQ_FACTORY 0xb00bcafe +#define LWS_MAGIC_REBOOT_TYPE_FORCED_FACTORY 0xfaceb00b +#define LWS_MAGIC_REBOOT_TYPE_FORCED_FACTORY_BUTTON 0xf0cedfac + + +/* user code provides these */ + +extern void +lws_esp32_identify_physical_device(void); + +/* lws-plat-esp32 provides these */ + +typedef void (*lws_cb_scan_done)(uint16_t count, wifi_ap_record_t *recs, void *arg); + +enum genled_state { + LWSESP32_GENLED__INIT, + LWSESP32_GENLED__LOST_NETWORK, + LWSESP32_GENLED__NO_NETWORK, + LWSESP32_GENLED__CONN_AP, + LWSESP32_GENLED__GOT_IP, + LWSESP32_GENLED__OK, +}; + +struct lws_group_member { + struct lws_group_member *next; + uint64_t last_seen; + char model[16]; + char role[16]; + char host[32]; + char mac[20]; + int width, height; + struct ip4_addr addr; + struct ip6_addr addrv6; + uint8_t flags; +}; + +#define LWS_SYSTEM_GROUP_MEMBER_ADD 1 +#define LWS_SYSTEM_GROUP_MEMBER_CHANGE 2 +#define LWS_SYSTEM_GROUP_MEMBER_REMOVE 3 + +#define LWS_GROUP_FLAG_SELF 1 + +struct lws_esp32 { + char sta_ip[16]; + char sta_mask[16]; + char sta_gw[16]; + char serial[16]; + char opts[16]; + char model[16]; + char group[16]; + char role[16]; + char ssid[4][64]; + char password[4][64]; + char active_ssid[64]; + char access_pw[16]; + char hostname[32]; + char mac[20]; + char le_dns[64]; + char le_email[64]; + char region; + char inet; + char conn_ap; + + enum genled_state genled; + uint64_t genled_t; + + lws_cb_scan_done scan_consumer; + void *scan_consumer_arg; + struct lws_group_member *first; + int extant_group_members; + + char acme; + char upload; + + volatile char button_is_down; +}; + +struct lws_esp32_image { + uint32_t romfs; + uint32_t romfs_len; + uint32_t json; + uint32_t json_len; +}; + +extern struct lws_esp32 lws_esp32; +struct lws_vhost; + +extern esp_err_t +lws_esp32_event_passthru(void *ctx, system_event_t *event); +extern void +lws_esp32_wlan_config(void); +extern void +lws_esp32_wlan_start_ap(void); +extern void +lws_esp32_wlan_start_station(void); +struct lws_context_creation_info; +extern void +lws_esp32_set_creation_defaults(struct lws_context_creation_info *info); +extern struct lws_context * +lws_esp32_init(struct lws_context_creation_info *, struct lws_vhost **pvh); +extern int +lws_esp32_wlan_nvs_get(int retry); +extern esp_err_t +lws_nvs_set_str(nvs_handle handle, const char* key, const char* value); +extern void +lws_esp32_restart_guided(uint32_t type); +extern const esp_partition_t * +lws_esp_ota_get_boot_partition(void); +extern int +lws_esp32_get_image_info(const esp_partition_t *part, struct lws_esp32_image *i, char *json, int json_len); +extern int +lws_esp32_leds_network_indication(void); + +extern uint32_t lws_esp32_get_reboot_type(void); +extern uint16_t lws_esp32_sine_interp(int n); + +/* required in external code by esp32 plat (may just return if no leds) */ +extern void lws_esp32_leds_timer_cb(TimerHandle_t th); +#else +typedef int lws_sockfd_type; +typedef int lws_filefd_type; +#endif + +#define lws_pollfd pollfd +#define LWS_POLLHUP (POLLHUP|POLLERR) +#define LWS_POLLIN (POLLIN) +#define LWS_POLLOUT (POLLOUT) +#endif + + +#if (defined(WIN32) || defined(_WIN32)) && !defined(__MINGW32__) +/* ... */ +#define ssize_t SSIZE_T +#endif + +#if defined(WIN32) && defined(LWS_HAVE__STAT32I64) +#include +#include +#endif + +#if defined(LWS_HAVE_STDINT_H) +#include +#else +#if defined(WIN32) || defined(_WIN32) +/* !!! >:-[ */ +typedef unsigned __int32 uint32_t; +typedef unsigned __int16 uint16_t; +typedef unsigned __int8 uint8_t; +#else +typedef unsigned int uint32_t; +typedef unsigned short uint16_t; +typedef unsigned char uint8_t; +#endif +#endif + +typedef unsigned long long lws_filepos_t; +typedef long long lws_fileofs_t; +typedef uint32_t lws_fop_flags_t; + +/** struct lws_pollargs - argument structure for all external poll related calls + * passed in via 'in' */ +struct lws_pollargs { + lws_sockfd_type fd; /**< applicable socket descriptor */ + int events; /**< the new event mask */ + int prev_events; /**< the previous event mask */ +}; + +struct lws_tokens; +struct lws_token_limits; + +/*! \defgroup wsclose Websocket Close + * + * ##Websocket close frame control + * + * When we close a ws connection, we can send a reason code and a short + * UTF-8 description back with the close packet. + */ +///@{ + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +/** enum lws_close_status - RFC6455 close status codes */ +enum lws_close_status { + LWS_CLOSE_STATUS_NOSTATUS = 0, + LWS_CLOSE_STATUS_NORMAL = 1000, + /**< 1000 indicates a normal closure, meaning that the purpose for + which the connection was established has been fulfilled. */ + LWS_CLOSE_STATUS_GOINGAWAY = 1001, + /**< 1001 indicates that an endpoint is "going away", such as a server + going down or a browser having navigated away from a page. */ + LWS_CLOSE_STATUS_PROTOCOL_ERR = 1002, + /**< 1002 indicates that an endpoint is terminating the connection due + to a protocol error. */ + LWS_CLOSE_STATUS_UNACCEPTABLE_OPCODE = 1003, + /**< 1003 indicates that an endpoint is terminating the connection + because it has received a type of data it cannot accept (e.g., an + endpoint that understands only text data MAY send this if it + receives a binary message). */ + LWS_CLOSE_STATUS_RESERVED = 1004, + /**< Reserved. The specific meaning might be defined in the future. */ + LWS_CLOSE_STATUS_NO_STATUS = 1005, + /**< 1005 is a reserved value and MUST NOT be set as a status code in a + Close control frame by an endpoint. It is designated for use in + applications expecting a status code to indicate that no status + code was actually present. */ + LWS_CLOSE_STATUS_ABNORMAL_CLOSE = 1006, + /**< 1006 is a reserved value and MUST NOT be set as a status code in a + Close control frame by an endpoint. It is designated for use in + applications expecting a status code to indicate that the + connection was closed abnormally, e.g., without sending or + receiving a Close control frame. */ + LWS_CLOSE_STATUS_INVALID_PAYLOAD = 1007, + /**< 1007 indicates that an endpoint is terminating the connection + because it has received data within a message that was not + consistent with the type of the message (e.g., non-UTF-8 [RFC3629] + data within a text message). */ + LWS_CLOSE_STATUS_POLICY_VIOLATION = 1008, + /**< 1008 indicates that an endpoint is terminating the connection + because it has received a message that violates its policy. This + is a generic status code that can be returned when there is no + other more suitable status code (e.g., 1003 or 1009) or if there + is a need to hide specific details about the policy. */ + LWS_CLOSE_STATUS_MESSAGE_TOO_LARGE = 1009, + /**< 1009 indicates that an endpoint is terminating the connection + because it has received a message that is too big for it to + process. */ + LWS_CLOSE_STATUS_EXTENSION_REQUIRED = 1010, + /**< 1010 indicates that an endpoint (client) is terminating the + connection because it has expected the server to negotiate one or + more extension, but the server didn't return them in the response + message of the WebSocket handshake. The list of extensions that + are needed SHOULD appear in the /reason/ part of the Close frame. + Note that this status code is not used by the server, because it + can fail the WebSocket handshake instead */ + LWS_CLOSE_STATUS_UNEXPECTED_CONDITION = 1011, + /**< 1011 indicates that a server is terminating the connection because + it encountered an unexpected condition that prevented it from + fulfilling the request. */ + LWS_CLOSE_STATUS_TLS_FAILURE = 1015, + /**< 1015 is a reserved value and MUST NOT be set as a status code in a + Close control frame by an endpoint. It is designated for use in + applications expecting a status code to indicate that the + connection was closed due to a failure to perform a TLS handshake + (e.g., the server certificate can't be verified). */ + + LWS_CLOSE_STATUS_CLIENT_TRANSACTION_DONE = 2000, + + /****** add new things just above ---^ ******/ + + LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY = 9999, +}; + +/** + * lws_close_reason - Set reason and aux data to send with Close packet + * If you are going to return nonzero from the callback + * requesting the connection to close, you can optionally + * call this to set the reason the peer will be told if + * possible. + * + * \param wsi: The websocket connection to set the close reason on + * \param status: A valid close status from websocket standard + * \param buf: NULL or buffer containing up to 124 bytes of auxiliary data + * \param len: Length of data in \param buf to send + */ +LWS_VISIBLE LWS_EXTERN void +lws_close_reason(struct lws *wsi, enum lws_close_status status, + unsigned char *buf, size_t len); + +///@} + +struct lws; +struct lws_context; +/* needed even with extensions disabled for create context */ +struct lws_extension; + + +/*! \defgroup usercb User Callback + * + * ##User protocol callback + * + * The protocol callback is the primary way lws interacts with + * user code. For one of a list of a few dozen reasons the callback gets + * called at some event to be handled. + * + * All of the events can be ignored, returning 0 is taken as "OK" and returning + * nonzero in most cases indicates that the connection should be closed. + */ +///@{ + +struct lws_ssl_info { + int where; + int ret; +}; + +enum lws_cert_update_state { + LWS_CUS_IDLE, + LWS_CUS_STARTING, + LWS_CUS_SUCCESS, + LWS_CUS_FAILED, + + LWS_CUS_CREATE_KEYS, + LWS_CUS_REG, + LWS_CUS_AUTH, + LWS_CUS_CHALLENGE, + LWS_CUS_CREATE_REQ, + LWS_CUS_REQ, + LWS_CUS_CONFIRM, + LWS_CUS_ISSUE, +}; + +enum { + LWS_TLS_REQ_ELEMENT_COUNTRY, + LWS_TLS_REQ_ELEMENT_STATE, + LWS_TLS_REQ_ELEMENT_LOCALITY, + LWS_TLS_REQ_ELEMENT_ORGANIZATION, + LWS_TLS_REQ_ELEMENT_COMMON_NAME, + LWS_TLS_REQ_ELEMENT_EMAIL, + + LWS_TLS_REQ_ELEMENT_COUNT, + + LWS_TLS_SET_DIR_URL = LWS_TLS_REQ_ELEMENT_COUNT, + LWS_TLS_SET_AUTH_PATH, + LWS_TLS_SET_CERT_PATH, + LWS_TLS_SET_KEY_PATH, + + LWS_TLS_TOTAL_COUNT +}; + +struct lws_acme_cert_aging_args { + struct lws_vhost *vh; + const char *element_overrides[LWS_TLS_TOTAL_COUNT]; /* NULL = use pvo */ +}; + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +/** enum lws_callback_reasons - reason you're getting a protocol callback */ +enum lws_callback_reasons { + + /* --------------------------------------------------------------------- + * ----- Callbacks related to wsi and protocol binding lifecycle ----- + */ + + LWS_CALLBACK_PROTOCOL_INIT = 27, + /**< One-time call per protocol, per-vhost using it, so it can + * do initial setup / allocations etc */ + + LWS_CALLBACK_PROTOCOL_DESTROY = 28, + /**< One-time call per protocol, per-vhost using it, indicating + * this protocol won't get used at all after this callback, the + * vhost is getting destroyed. Take the opportunity to + * deallocate everything that was allocated by the protocol. */ + + LWS_CALLBACK_WSI_CREATE = 29, + /**< outermost (earliest) wsi create notification to protocols[0] */ + + LWS_CALLBACK_WSI_DESTROY = 30, + /**< outermost (latest) wsi destroy notification to protocols[0] */ + + LWS_CALLBACK_HTTP_BIND_PROTOCOL = 49, + /**< By default, all HTTP handling is done in protocols[0]. + * However you can bind different protocols (by name) to + * different parts of the URL space using callback mounts. This + * callback occurs in the new protocol when a wsi is bound + * to that protocol. Any protocol allocation related to the + * http transaction processing should be created then. + * These specific callbacks are necessary because with HTTP/1.1, + * a single connection may perform at series of different + * transactions at different URLs, thus the lifetime of the + * protocol bind is just for one transaction, not connection. */ + + LWS_CALLBACK_HTTP_DROP_PROTOCOL = 50, + /**< This is called when a transaction is unbound from a protocol. + * It indicates the connection completed its transaction and may + * do something different now. Any protocol allocation related + * to the http transaction processing should be destroyed. */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to Server TLS ----- + */ + + LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS = 21, + /**< if configured for + * including OpenSSL support, this callback allows your user code + * to perform extra SSL_CTX_load_verify_locations() or similar + * calls to direct OpenSSL where to find certificates the client + * can use to confirm the remote server identity. user is the + * OpenSSL SSL_CTX* */ + + LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS = 22, + /**< if configured for + * including OpenSSL support, this callback allows your user code + * to load extra certificates into the server which allow it to + * verify the validity of certificates returned by clients. user + * is the server's OpenSSL SSL_CTX* and in is the lws_vhost */ + + LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION = 23, + /**< if the libwebsockets vhost was created with the option + * LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT, then this + * callback is generated during OpenSSL verification of the cert + * sent from the client. It is sent to protocol[0] callback as + * no protocol has been negotiated on the connection yet. + * Notice that the libwebsockets context and wsi are both NULL + * during this callback. See + * http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html + * to understand more detail about the OpenSSL callback that + * generates this libwebsockets callback and the meanings of the + * arguments passed. In this callback, user is the x509_ctx, + * in is the ssl pointer and len is preverify_ok + * Notice that this callback maintains libwebsocket return + * conventions, return 0 to mean the cert is OK or 1 to fail it. + * This also means that if you don't handle this callback then + * the default callback action of returning 0 allows the client + * certificates. */ + + LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY = 37, + /**< if configured for including OpenSSL support but no private key + * file has been specified (ssl_private_key_filepath is NULL), this is + * called to allow the user to set the private key directly via + * libopenssl and perform further operations if required; this might be + * useful in situations where the private key is not directly accessible + * by the OS, for example if it is stored on a smartcard. + * user is the server's OpenSSL SSL_CTX* */ + + LWS_CALLBACK_SSL_INFO = 67, + /**< SSL connections only. An event you registered an + * interest in at the vhost has occurred on a connection + * using the vhost. in is a pointer to a + * struct lws_ssl_info containing information about the + * event*/ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to Client TLS ----- + */ + + LWS_CALLBACK_OPENSSL_PERFORM_SERVER_CERT_VERIFICATION = 58, + /**< Similar to LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION + * this callback is called during OpenSSL verification of the cert + * sent from the server to the client. It is sent to protocol[0] + * callback as no protocol has been negotiated on the connection yet. + * Notice that the wsi is set because lws_client_connect_via_info was + * successful. + * + * See http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html + * to understand more detail about the OpenSSL callback that + * generates this libwebsockets callback and the meanings of the + * arguments passed. In this callback, user is the x509_ctx, + * in is the ssl pointer and len is preverify_ok. + * + * THIS IS NOT RECOMMENDED BUT if a cert validation error shall be + * overruled and cert shall be accepted as ok, + * X509_STORE_CTX_set_error((X509_STORE_CTX*)user, X509_V_OK); must be + * called and return value must be 0 to mean the cert is OK; + * returning 1 will fail the cert in any case. + * + * This also means that if you don't handle this callback then + * the default callback action of returning 0 will not accept the + * certificate in case of a validation error decided by the SSL lib. + * + * This is expected and secure behaviour when validating certificates. + * + * Note: LCCSCF_ALLOW_SELFSIGNED and + * LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK still work without this + * callback being implemented. + */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to HTTP Server ----- + */ + + LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED = 19, + /**< A new client has been accepted by the ws server. This + * callback allows setting any relevant property to it. Because this + * happens immediately after the instantiation of a new client, + * there's no websocket protocol selected yet so this callback is + * issued only to protocol 0. Only wsi is defined, pointing to the + * new client, and the return value is ignored. */ + + LWS_CALLBACK_HTTP = 12, + /**< an http request has come from a client that is not + * asking to upgrade the connection to a websocket + * one. This is a chance to serve http content, + * for example, to send a script to the client + * which will then open the websockets connection. + * in points to the URI path requested and + * lws_serve_http_file() makes it very + * simple to send back a file to the client. + * Normally after sending the file you are done + * with the http connection, since the rest of the + * activity will come by websockets from the script + * that was delivered by http, so you will want to + * return 1; to close and free up the connection. */ + + LWS_CALLBACK_HTTP_BODY = 13, + /**< the next len bytes data from the http + * request body HTTP connection is now available in in. */ + + LWS_CALLBACK_HTTP_BODY_COMPLETION = 14, + /**< the expected amount of http request body has been delivered */ + + LWS_CALLBACK_HTTP_FILE_COMPLETION = 15, + /**< a file requested to be sent down http link has completed. */ + + LWS_CALLBACK_HTTP_WRITEABLE = 16, + /**< you can write more down the http protocol link now. */ + + LWS_CALLBACK_CLOSED_HTTP = 5, + /**< when a HTTP (non-websocket) session ends */ + + LWS_CALLBACK_FILTER_HTTP_CONNECTION = 18, + /**< called when the request has + * been received and parsed from the client, but the response is + * not sent yet. Return non-zero to disallow the connection. + * user is a pointer to the connection user space allocation, + * in is the URI, eg, "/" + * In your handler you can use the public APIs + * lws_hdr_total_length() / lws_hdr_copy() to access all of the + * headers using the header enums lws_token_indexes from + * libwebsockets.h to check for and read the supported header + * presence and content before deciding to allow the http + * connection to proceed or to kill the connection. */ + + LWS_CALLBACK_ADD_HEADERS = 53, + /**< This gives your user code a chance to add headers to a server + * transaction bound to your protocol. `in` points to a + * `struct lws_process_html_args` describing a buffer and length + * you can add headers into using the normal lws apis. + * + * (see LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER to add headers to + * a client transaction) + * + * Only `args->p` and `args->len` are valid, and `args->p` should + * be moved on by the amount of bytes written, if any. Eg + * + * case LWS_CALLBACK_ADD_HEADERS: + * + * struct lws_process_html_args *args = + * (struct lws_process_html_args *)in; + * + * if (lws_add_http_header_by_name(wsi, + * (unsigned char *)"set-cookie:", + * (unsigned char *)cookie, cookie_len, + * (unsigned char **)&args->p, + * (unsigned char *)args->p + args->max_len)) + * return 1; + * + * break; + */ + + LWS_CALLBACK_CHECK_ACCESS_RIGHTS = 51, + /**< This gives the user code a chance to forbid an http access. + * `in` points to a `struct lws_process_html_args`, which + * describes the URL, and a bit mask describing the type of + * authentication required. If the callback returns nonzero, + * the transaction ends with HTTP_STATUS_UNAUTHORIZED. */ + + LWS_CALLBACK_PROCESS_HTML = 52, + /**< This gives your user code a chance to mangle outgoing + * HTML. `in` points to a `struct lws_process_html_args` + * which describes the buffer containing outgoing HTML. + * The buffer may grow up to `.max_len` (currently +128 + * bytes per buffer). + */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to HTTP Client ----- + */ + + LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP = 44, + /**< The HTTP client connection has succeeded, and is now + * connected to the server */ + + LWS_CALLBACK_CLOSED_CLIENT_HTTP = 45, + /**< The HTTP client connection is closing */ + + LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ = 48, + /**< This is generated by lws_http_client_read() used to drain + * incoming data. In the case the incoming data was chunked, it will + * be split into multiple smaller callbacks for each chunk block, + * removing the chunk headers. If not chunked, it will appear all in + * one callback. */ + + LWS_CALLBACK_RECEIVE_CLIENT_HTTP = 46, + /**< This simply indicates data was received on the HTTP client + * connection. It does NOT drain or provide the data. + * This exists to neatly allow a proxying type situation, + * where this incoming data will go out on another connection. + * If the outgoing connection stalls, we should stall processing + * the incoming data. So a handler for this in that case should + * simply set a flag to indicate there is incoming data ready + * and ask for a writeable callback on the outgoing connection. + * In the writable callback he can check the flag and then get + * and drain the waiting incoming data using lws_http_client_read(). + * This will use callbacks to LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ + * to get and drain the incoming data, where it should be sent + * back out on the outgoing connection. */ + LWS_CALLBACK_COMPLETED_CLIENT_HTTP = 47, + /**< The client transaction completed... at the moment this + * is the same as closing since transaction pipelining on + * client side is not yet supported. */ + + LWS_CALLBACK_CLIENT_HTTP_WRITEABLE = 57, + /**< when doing an HTTP type client connection, you can call + * lws_client_http_body_pending(wsi, 1) from + * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER to get these callbacks + * sending the HTTP headers. + * + * From this callback, when you have sent everything, you should let + * lws know by calling lws_client_http_body_pending(wsi, 0) + */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to Websocket Server ----- + */ + + LWS_CALLBACK_ESTABLISHED = 0, + /**< (VH) after the server completes a handshake with an incoming + * client. If you built the library with ssl support, in is a + * pointer to the ssl struct associated with the connection or NULL. + * + * b0 of len is set if the connection was made using ws-over-h2 + */ + + LWS_CALLBACK_CLOSED = 4, + /**< when the websocket session ends */ + + LWS_CALLBACK_SERVER_WRITEABLE = 11, + /**< See LWS_CALLBACK_CLIENT_WRITEABLE */ + + LWS_CALLBACK_RECEIVE = 6, + /**< data has appeared for this server endpoint from a + * remote client, it can be found at *in and is + * len bytes long */ + + LWS_CALLBACK_RECEIVE_PONG = 7, + /**< servers receive PONG packets with this callback reason */ + + LWS_CALLBACK_WS_PEER_INITIATED_CLOSE = 38, + /**< The peer has sent an unsolicited Close WS packet. in and + * len are the optional close code (first 2 bytes, network + * order) and the optional additional information which is not + * defined in the standard, and may be a string or non human-readable + * data. + * If you return 0 lws will echo the close and then close the + * connection. If you return nonzero lws will just close the + * connection. */ + + LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION = 20, + /**< called when the handshake has + * been received and parsed from the client, but the response is + * not sent yet. Return non-zero to disallow the connection. + * user is a pointer to the connection user space allocation, + * in is the requested protocol name + * In your handler you can use the public APIs + * lws_hdr_total_length() / lws_hdr_copy() to access all of the + * headers using the header enums lws_token_indexes from + * libwebsockets.h to check for and read the supported header + * presence and content before deciding to allow the handshake + * to proceed or to kill the connection. */ + + LWS_CALLBACK_CONFIRM_EXTENSION_OKAY = 25, + /**< When the server handshake code + * sees that it does support a requested extension, before + * accepting the extension by additing to the list sent back to + * the client it gives this callback just to check that it's okay + * to use that extension. It calls back to the requested protocol + * and with in being the extension name, len is 0 and user is + * valid. Note though at this time the ESTABLISHED callback hasn't + * happened yet so if you initialize user content there, user + * content during this callback might not be useful for anything. */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to Websocket Client ----- + */ + + LWS_CALLBACK_CLIENT_CONNECTION_ERROR = 1, + /**< the request client connection has been unable to complete a + * handshake with the remote server. If in is non-NULL, you can + * find an error string of length len where it points to + * + * Diagnostic strings that may be returned include + * + * "getaddrinfo (ipv6) failed" + * "unknown address family" + * "getaddrinfo (ipv4) failed" + * "set socket opts failed" + * "insert wsi failed" + * "lws_ssl_client_connect1 failed" + * "lws_ssl_client_connect2 failed" + * "Peer hung up" + * "read failed" + * "HS: URI missing" + * "HS: Redirect code but no Location" + * "HS: URI did not parse" + * "HS: Redirect failed" + * "HS: Server did not return 200" + * "HS: OOM" + * "HS: disallowed by client filter" + * "HS: disallowed at ESTABLISHED" + * "HS: ACCEPT missing" + * "HS: ws upgrade response not 101" + * "HS: UPGRADE missing" + * "HS: Upgrade to something other than websocket" + * "HS: CONNECTION missing" + * "HS: UPGRADE malformed" + * "HS: PROTOCOL malformed" + * "HS: Cannot match protocol" + * "HS: EXT: list too big" + * "HS: EXT: failed setting defaults" + * "HS: EXT: failed parsing defaults" + * "HS: EXT: failed parsing options" + * "HS: EXT: Rejects server options" + * "HS: EXT: unknown ext" + * "HS: Accept hash wrong" + * "HS: Rejected by filter cb" + * "HS: OOM" + * "HS: SO_SNDBUF failed" + * "HS: Rejected at CLIENT_ESTABLISHED" + */ + + LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH = 2, + /**< this is the last chance for the client user code to examine the + * http headers and decide to reject the connection. If the + * content in the headers is interesting to the + * client (url, etc) it needs to copy it out at + * this point since it will be destroyed before + * the CLIENT_ESTABLISHED call */ + + LWS_CALLBACK_CLIENT_ESTABLISHED = 3, + /**< after your client connection completed the websocket upgrade + * handshake with the remote server */ + + LWS_CALLBACK_CLIENT_CLOSED = 75, + /**< when a client websocket session ends */ + + LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER = 24, + /**< this callback happens + * when a client handshake is being compiled. user is NULL, + * in is a char **, it's pointing to a char * which holds the + * next location in the header buffer where you can add + * headers, and len is the remaining space in the header buffer, + * which is typically some hundreds of bytes. So, to add a canned + * cookie, your handler code might look similar to: + * + * char **p = (char **)in; + * + * if (len < 100) + * return 1; + * + * *p += sprintf(*p, "Cookie: a=b\x0d\x0a"); + * + * return 0; + * + * Notice if you add anything, you just have to take care about + * the CRLF on the line you added. Obviously this callback is + * optional, if you don't handle it everything is fine. + * + * Notice the callback is coming to protocols[0] all the time, + * because there is no specific protocol negotiated yet. + * + * See LWS_CALLBACK_ADD_HEADERS for adding headers to server + * transactions. + */ + + LWS_CALLBACK_CLIENT_RECEIVE = 8, + /**< data has appeared from the server for the client connection, it + * can be found at *in and is len bytes long */ + + LWS_CALLBACK_CLIENT_RECEIVE_PONG = 9, + /**< clients receive PONG packets with this callback reason */ + + LWS_CALLBACK_CLIENT_WRITEABLE = 10, + /**< If you call lws_callback_on_writable() on a connection, you will + * get one of these callbacks coming when the connection socket + * is able to accept another write packet without blocking. + * If it already was able to take another packet without blocking, + * you'll get this callback at the next call to the service loop + * function. Notice that CLIENTs get LWS_CALLBACK_CLIENT_WRITEABLE + * and servers get LWS_CALLBACK_SERVER_WRITEABLE. */ + + LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED = 26, + /**< When a ws client + * connection is being prepared to start a handshake to a server, + * each supported extension is checked with protocols[0] callback + * with this reason, giving the user code a chance to suppress the + * claim to support that extension by returning non-zero. If + * unhandled, by default 0 will be returned and the extension + * support included in the header to the server. Notice this + * callback comes to protocols[0]. */ + + LWS_CALLBACK_WS_EXT_DEFAULTS = 39, + /**< Gives client connections an opportunity to adjust negotiated + * extension defaults. `user` is the extension name that was + * negotiated (eg, "permessage-deflate"). `in` points to a + * buffer and `len` is the buffer size. The user callback can + * set the buffer to a string describing options the extension + * should parse. Or just ignore for defaults. */ + + + LWS_CALLBACK_FILTER_NETWORK_CONNECTION = 17, + /**< called when a client connects to + * the server at network level; the connection is accepted but then + * passed to this callback to decide whether to hang up immediately + * or not, based on the client IP. in contains the connection + * socket's descriptor. Since the client connection information is + * not available yet, wsi still pointing to the main server socket. + * Return non-zero to terminate the connection before sending or + * receiving anything. Because this happens immediately after the + * network connection from the client, there's no websocket protocol + * selected yet so this callback is issued only to protocol 0. */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to external poll loop integration ----- + */ + + LWS_CALLBACK_GET_THREAD_ID = 31, + /**< lws can accept callback when writable requests from other + * threads, if you implement this callback and return an opaque + * current thread ID integer. */ + + /* external poll() management support */ + LWS_CALLBACK_ADD_POLL_FD = 32, + /**< lws normally deals with its poll() or other event loop + * internally, but in the case you are integrating with another + * server you will need to have lws sockets share a + * polling array with the other server. This and the other + * POLL_FD related callbacks let you put your specialized + * poll array interface code in the callback for protocol 0, the + * first protocol you support, usually the HTTP protocol in the + * serving case. + * This callback happens when a socket needs to be + * added to the polling loop: in points to a struct + * lws_pollargs; the fd member of the struct is the file + * descriptor, and events contains the active events + * + * If you are using the internal lws polling / event loop + * you can just ignore these callbacks. */ + + LWS_CALLBACK_DEL_POLL_FD = 33, + /**< This callback happens when a socket descriptor + * needs to be removed from an external polling array. in is + * again the struct lws_pollargs containing the fd member + * to be removed. If you are using the internal polling + * loop, you can just ignore it. */ + + LWS_CALLBACK_CHANGE_MODE_POLL_FD = 34, + /**< This callback happens when lws wants to modify the events for + * a connection. + * in is the struct lws_pollargs with the fd to change. + * The new event mask is in events member and the old mask is in + * the prev_events member. + * If you are using the internal polling loop, you can just ignore + * it. */ + + LWS_CALLBACK_LOCK_POLL = 35, + /**< These allow the external poll changes driven + * by lws to participate in an external thread locking + * scheme around the changes, so the whole thing is threadsafe. + * These are called around three activities in the library, + * - inserting a new wsi in the wsi / fd table (len=1) + * - deleting a wsi from the wsi / fd table (len=1) + * - changing a wsi's POLLIN/OUT state (len=0) + * Locking and unlocking external synchronization objects when + * len == 1 allows external threads to be synchronized against + * wsi lifecycle changes if it acquires the same lock for the + * duration of wsi dereference from the other thread context. */ + + LWS_CALLBACK_UNLOCK_POLL = 36, + /**< See LWS_CALLBACK_LOCK_POLL, ignore if using lws internal poll */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to CGI serving ----- + */ + + LWS_CALLBACK_CGI = 40, + /**< CGI: CGI IO events on stdin / out / err are sent here on + * protocols[0]. The provided `lws_callback_http_dummy()` + * handles this and the callback should be directed there if + * you use CGI. */ + + LWS_CALLBACK_CGI_TERMINATED = 41, + /**< CGI: The related CGI process ended, this is called before + * the wsi is closed. Used to, eg, terminate chunking. + * The provided `lws_callback_http_dummy()` + * handles this and the callback should be directed there if + * you use CGI. The child PID that terminated is in len. */ + + LWS_CALLBACK_CGI_STDIN_DATA = 42, + /**< CGI: Data is, to be sent to the CGI process stdin, eg from + * a POST body. The provided `lws_callback_http_dummy()` + * handles this and the callback should be directed there if + * you use CGI. */ + + LWS_CALLBACK_CGI_STDIN_COMPLETED = 43, + /**< CGI: no more stdin is coming. The provided + * `lws_callback_http_dummy()` handles this and the callback + * should be directed there if you use CGI. */ + + LWS_CALLBACK_CGI_PROCESS_ATTACH = 70, + /**< CGI: Sent when the CGI process is spawned for the wsi. The + * len parameter is the PID of the child process */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to Generic Sessions ----- + */ + + LWS_CALLBACK_SESSION_INFO = 54, + /**< This is only generated by user code using generic sessions. + * It's used to get a `struct lws_session_info` filled in by + * generic sessions with information about the logged-in user. + * See the messageboard sample for an example of how to use. */ + + LWS_CALLBACK_GS_EVENT = 55, + /**< Indicates an event happened to the Generic Sessions session. + * `in` contains a `struct lws_gs_event_args` describing the event. */ + + LWS_CALLBACK_HTTP_PMO = 56, + /**< per-mount options for this connection, called before + * the normal LWS_CALLBACK_HTTP when the mount has per-mount + * options. + */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to RAW sockets ----- + */ + + LWS_CALLBACK_RAW_RX = 59, + /**< RAW mode connection RX */ + + LWS_CALLBACK_RAW_CLOSE = 60, + /**< RAW mode connection is closing */ + + LWS_CALLBACK_RAW_WRITEABLE = 61, + /**< RAW mode connection may be written */ + + LWS_CALLBACK_RAW_ADOPT = 62, + /**< RAW mode connection was adopted (equivalent to 'wsi created') */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to RAW file handles ----- + */ + + LWS_CALLBACK_RAW_ADOPT_FILE = 63, + /**< RAW mode file was adopted (equivalent to 'wsi created') */ + + LWS_CALLBACK_RAW_RX_FILE = 64, + /**< This is the indication the RAW mode file has something to read. + * This doesn't actually do the read of the file and len is always + * 0... your code should do the read having been informed there is + * something to read now. */ + + LWS_CALLBACK_RAW_WRITEABLE_FILE = 65, + /**< RAW mode file is writeable */ + + LWS_CALLBACK_RAW_CLOSE_FILE = 66, + /**< RAW mode wsi that adopted a file is closing */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to generic wsi events ----- + */ + + LWS_CALLBACK_TIMER = 73, + /**< When the time elapsed after a call to + * lws_set_timer_usecs(wsi, usecs) is up, the wsi will get one of + * these callbacks. The deadline can be continuously extended into the + * future by later calls to lws_set_timer_usecs() before the deadline + * expires, or cancelled by lws_set_timer_usecs(wsi, -1); + * See the note on lws_set_timer_usecs() about which event loops are + * supported. */ + + LWS_CALLBACK_EVENT_WAIT_CANCELLED = 71, + /**< This is sent to every protocol of every vhost in response + * to lws_cancel_service() or lws_cancel_service_pt(). This + * callback is serialized in the lws event loop normally, even + * if the lws_cancel_service[_pt]() call was from a different + * thread. */ + + LWS_CALLBACK_CHILD_CLOSING = 69, + /**< Sent to parent to notify them a child is closing / being + * destroyed. in is the child wsi. + */ + + LWS_CALLBACK_CHILD_WRITE_VIA_PARENT = 68, + /**< Child has been marked with parent_carries_io attribute, so + * lws_write directs the to this callback at the parent, + * in is a struct lws_write_passthru containing the args + * the lws_write() was called with. + */ + + /* --------------------------------------------------------------------- + * ----- Callbacks related to TLS certificate management ----- + */ + + LWS_CALLBACK_VHOST_CERT_AGING = 72, + /**< When a vhost TLS cert has its expiry checked, this callback + * is broadcast to every protocol of every vhost in case the + * protocol wants to take some action with this information. + * \p in is a pointer to a struct lws_acme_cert_aging_args, + * and \p len is the number of days left before it expires, as + * a (ssize_t). In the struct lws_acme_cert_aging_args, vh + * points to the vhost the cert aging information applies to, + * and element_overrides[] is an optional way to update information + * from the pvos... NULL in an index means use the information from + * from the pvo for the cert renewal, non-NULL in the array index + * means use that pointer instead for the index. */ + + LWS_CALLBACK_VHOST_CERT_UPDATE = 74, + /**< When a vhost TLS cert is being updated, progress is + * reported to the vhost in question here, including completion + * and failure. in points to optional JSON, and len represents the + * connection state using enum lws_cert_update_state */ + + + /****** add new things just above ---^ ******/ + + LWS_CALLBACK_USER = 1000, + /**< user code can use any including above without fear of clashes */ +}; + + + +/** + * typedef lws_callback_function() - User server actions + * \param wsi: Opaque websocket instance pointer + * \param reason: The reason for the call + * \param user: Pointer to per-session user data allocated by library + * \param in: Pointer used for some callback reasons + * \param len: Length set for some callback reasons + * + * This callback is the way the user controls what is served. All the + * protocol detail is hidden and handled by the library. + * + * For each connection / session there is user data allocated that is + * pointed to by "user". You set the size of this user data area when + * the library is initialized with lws_create_server. + */ +typedef int +lws_callback_function(struct lws *wsi, enum lws_callback_reasons reason, + void *user, void *in, size_t len); + +#define LWS_CB_REASON_AUX_BF__CGI 1 +#define LWS_CB_REASON_AUX_BF__PROXY 2 +#define LWS_CB_REASON_AUX_BF__CGI_CHUNK_END 4 +#define LWS_CB_REASON_AUX_BF__CGI_HEADERS 8 +///@} + +struct lws_vhost; + +/*! \defgroup generic hash + * ## Generic Hash related functions + * + * Lws provides generic hash / digest accessors that abstract the ones + * provided by whatever OpenSSL library you are linking against. + * + * It lets you use the same code if you build against mbedtls or OpenSSL + * for example. + */ +///@{ + +#if defined(LWS_WITH_TLS) + +#if defined(LWS_WITH_MBEDTLS) +#include +#include +#include +#endif + +enum lws_genhash_types { + LWS_GENHASH_TYPE_SHA1, + LWS_GENHASH_TYPE_SHA256, + LWS_GENHASH_TYPE_SHA384, + LWS_GENHASH_TYPE_SHA512, +}; + +enum lws_genhmac_types { + LWS_GENHMAC_TYPE_SHA256, + LWS_GENHMAC_TYPE_SHA384, + LWS_GENHMAC_TYPE_SHA512, +}; + +#define LWS_GENHASH_LARGEST 64 + +struct lws_genhash_ctx { + uint8_t type; +#if defined(LWS_WITH_MBEDTLS) + union { + mbedtls_sha1_context sha1; + mbedtls_sha256_context sha256; + mbedtls_sha512_context sha512; /* 384 also uses this */ + const mbedtls_md_info_t *hmac; + } u; +#else + const EVP_MD *evp_type; + EVP_MD_CTX *mdctx; +#endif +}; + +struct lws_genhmac_ctx { + uint8_t type; +#if defined(LWS_WITH_MBEDTLS) + const mbedtls_md_info_t *hmac; + mbedtls_md_context_t ctx; +#else + const EVP_MD *evp_type; + EVP_MD_CTX *ctx; +#endif +}; + +/** lws_genhash_size() - get hash size in bytes + * + * \param type: one of LWS_GENHASH_TYPE_... + * + * Returns number of bytes in this type of hash + */ +LWS_VISIBLE LWS_EXTERN size_t LWS_WARN_UNUSED_RESULT +lws_genhash_size(enum lws_genhash_types type); + +/** lws_genhmac_size() - get hash size in bytes + * + * \param type: one of LWS_GENHASH_TYPE_... + * + * Returns number of bytes in this type of hmac + */ +LWS_VISIBLE LWS_EXTERN size_t LWS_WARN_UNUSED_RESULT +lws_genhmac_size(enum lws_genhmac_types type); + +/** lws_genhash_init() - prepare your struct lws_genhash_ctx for use + * + * \param ctx: your struct lws_genhash_ctx + * \param type: one of LWS_GENHASH_TYPE_... + * + * Initializes the hash context for the type you requested + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type); + +/** lws_genhash_update() - digest len bytes of the buffer starting at in + * + * \param ctx: your struct lws_genhash_ctx + * \param in: start of the bytes to digest + * \param len: count of bytes to digest + * + * Updates the state of your hash context to reflect digesting len bytes from in + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_genhash_update(struct lws_genhash_ctx *ctx, const void *in, size_t len); + +/** lws_genhash_destroy() - copy out the result digest and destroy the ctx + * + * \param ctx: your struct lws_genhash_ctx + * \param result: NULL, or where to copy the result hash + * + * Finalizes the hash and copies out the digest. Destroys any allocations such + * that ctx can safely go out of scope after calling this. + * + * NULL result is supported so that you can destroy the ctx cleanly on error + * conditions, where there is no valid result. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result); + +/** lws_genhmac_init() - prepare your struct lws_genhmac_ctx for use + * + * \param ctx: your struct lws_genhmac_ctx + * \param type: one of LWS_GENHMAC_TYPE_... + * \param key: pointer to the start of the HMAC key + * \param key_len: length of the HMAC key + * + * Initializes the hash context for the type you requested + * + * If the return is nonzero, it failed and there is nothing needing to be + * destroyed. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type, + const uint8_t *key, size_t key_len); + +/** lws_genhmac_update() - digest len bytes of the buffer starting at in + * + * \param ctx: your struct lws_genhmac_ctx + * \param in: start of the bytes to digest + * \param len: count of bytes to digest + * + * Updates the state of your hash context to reflect digesting len bytes from in + * + * If the return is nonzero, it failed and needs destroying. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len); + +/** lws_genhmac_destroy() - copy out the result digest and destroy the ctx + * + * \param ctx: your struct lws_genhmac_ctx + * \param result: NULL, or where to copy the result hash + * + * Finalizes the hash and copies out the digest. Destroys any allocations such + * that ctx can safely go out of scope after calling this. + * + * NULL result is supported so that you can destroy the ctx cleanly on error + * conditions, where there is no valid result. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result); +///@} + +/*! \defgroup generic RSA + * ## Generic RSA related functions + * + * Lws provides generic RSA functions that abstract the ones + * provided by whatever OpenSSL library you are linking against. + * + * It lets you use the same code if you build against mbedtls or OpenSSL + * for example. + */ +///@{ + +enum enum_jwk_tok { + JWK_KEY_E, + JWK_KEY_N, + JWK_KEY_D, + JWK_KEY_P, + JWK_KEY_Q, + JWK_KEY_DP, + JWK_KEY_DQ, + JWK_KEY_QI, + JWK_KTY, /* also serves as count of real elements */ + JWK_KEY, +}; + +#define LWS_COUNT_RSA_ELEMENTS JWK_KTY + +struct lws_genrsa_ctx { +#if defined(LWS_WITH_MBEDTLS) + mbedtls_rsa_context *ctx; +#else + BIGNUM *bn[LWS_COUNT_RSA_ELEMENTS]; + RSA *rsa; +#endif +}; + +struct lws_genrsa_element { + uint8_t *buf; + uint16_t len; +}; + +struct lws_genrsa_elements { + struct lws_genrsa_element e[LWS_COUNT_RSA_ELEMENTS]; +}; + +/** lws_jwk_destroy_genrsa_elements() - Free allocations in genrsa_elements + * + * \param el: your struct lws_genrsa_elements + * + * This is a helper for user code making use of struct lws_genrsa_elements + * where the elements are allocated on the heap, it frees any non-NULL + * buf element and sets the buf to NULL. + * + * NB: lws_genrsa_public_... apis do not need this as they take care of the key + * creation and destruction themselves. + */ +LWS_VISIBLE LWS_EXTERN void +lws_jwk_destroy_genrsa_elements(struct lws_genrsa_elements *el); + +/** lws_genrsa_public_decrypt_create() - Create RSA public decrypt context + * + * \param ctx: your struct lws_genrsa_ctx + * \param el: struct prepared with key element data + * + * Creates an RSA context with a public key associated with it, formed from + * the key elements in \p el. + * + * Returns 0 for OK or nonzero for error. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_create(struct lws_genrsa_ctx *ctx, struct lws_genrsa_elements *el); + +/** lws_genrsa_new_keypair() - Create new RSA keypair + * + * \param context: your struct lws_context (may be used for RNG) + * \param ctx: your struct lws_genrsa_ctx + * \param el: struct to get the new key element data allocated into it + * \param bits: key size, eg, 4096 + * + * Creates a new RSA context and generates a new keypair into it, with \p bits + * bits. + * + * Returns 0 for OK or nonzero for error. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx, + struct lws_genrsa_elements *el, int bits); + +/** lws_genrsa_public_decrypt() - Perform RSA public decryption + * + * \param ctx: your struct lws_genrsa_ctx + * \param in: encrypted input + * \param in_len: length of encrypted input + * \param out: decrypted output + * \param out_max: size of output buffer + * + * Performs the decryption. + * + * Returns <0 for error, or length of decrypted data. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, + size_t in_len, uint8_t *out, size_t out_max); + +/** lws_genrsa_public_verify() - Perform RSA public verification + * + * \param ctx: your struct lws_genrsa_ctx + * \param in: unencrypted payload (usually a recomputed hash) + * \param hash_type: one of LWS_GENHASH_TYPE_ + * \param sig: pointer to the signature we received with the payload + * \param sig_len: length of the signature we are checking in bytes + * + * Returns <0 for error, or 0 if signature matches the payload + key. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_public_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in, + enum lws_genhash_types hash_type, + const uint8_t *sig, size_t sig_len); + +/** lws_genrsa_public_sign() - Create RSA signature + * + * \param ctx: your struct lws_genrsa_ctx + * \param in: precomputed hash + * \param hash_type: one of LWS_GENHASH_TYPE_ + * \param sig: pointer to buffer to take signature + * \param sig_len: length of the buffer (must be >= length of key N) + * + * Returns <0 for error, or 0 for success. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_public_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in, + enum lws_genhash_types hash_type, uint8_t *sig, + size_t sig_len); + +/** lws_genrsa_public_decrypt_destroy() - Destroy RSA public decrypt context + * + * \param ctx: your struct lws_genrsa_ctx + * + * Destroys any allocations related to \p ctx. + * + * This and related APIs operate identically with OpenSSL or mbedTLS backends. + */ +LWS_VISIBLE LWS_EXTERN void +lws_genrsa_destroy(struct lws_genrsa_ctx *ctx); + +/** lws_genrsa_render_pkey_asn1() - Exports public or private key to ASN1/DER + * + * \param ctx: your struct lws_genrsa_ctx + * \param _private: 0 = public part only, 1 = all parts of the key + * \param pkey_asn1: pointer to buffer to take the ASN1 + * \param pkey_asn1_len: max size of the pkey_asn1_len + * + * Returns length of pkey_asn1 written, or -1 for error. + */ +LWS_VISIBLE LWS_EXTERN int +lws_genrsa_render_pkey_asn1(struct lws_genrsa_ctx *ctx, int _private, + uint8_t *pkey_asn1, size_t pkey_asn1_len); +///@} + +/*! \defgroup jwk JSON Web Keys + * ## JSON Web Keys API + * + * Lws provides an API to parse JSON Web Keys into a struct lws_genrsa_elements. + * + * "oct" and "RSA" type keys are supported. For "oct" keys, they are held in + * the "e" member of the struct lws_genrsa_elements. + * + * Keys elements are allocated on the heap. You must destroy the allocations + * in the struct lws_genrsa_elements by calling + * lws_jwk_destroy_genrsa_elements() when you are finished with it. + */ +///@{ + +struct lws_jwk { + char keytype[5]; /**< "oct" or "RSA" */ + struct lws_genrsa_elements el; /**< OCTet key is in el.e */ +}; + +/** lws_jwk_import() - Create a JSON Web key from the textual representation + * + * \param s: the JWK object to create + * \param in: a single JWK JSON stanza in utf-8 + * \param len: the length of the JWK JSON stanza in bytes + * + * Creates an lws_jwk struct filled with data from the JSON representation. + * "oct" and "rsa" key types are supported. + * + * For "oct" type keys, it is loaded into el.e. + */ +LWS_VISIBLE LWS_EXTERN int +lws_jwk_import(struct lws_jwk *s, const char *in, size_t len); + +/** lws_jwk_destroy() - Destroy a JSON Web key + * + * \param s: the JWK object to destroy + * + * All allocations in the lws_jwk are destroyed + */ +LWS_VISIBLE LWS_EXTERN void +lws_jwk_destroy(struct lws_jwk *s); + +/** lws_jwk_export() - Export a JSON Web key to a textual representation + * + * \param s: the JWK object to export + * \param _private: 0 = just export public parts, 1 = export everything + * \param p: the buffer to write the exported JWK to + * \param len: the length of the buffer \p p in bytes + * + * Returns length of the used part of the buffer if OK, or -1 for error. + * + * Serializes the content of the JWK into a char buffer. + */ +LWS_VISIBLE LWS_EXTERN int +lws_jwk_export(struct lws_jwk *s, int _private, char *p, size_t len); + +/** lws_jwk_load() - Import a JSON Web key from a file + * + * \param s: the JWK object to load into + * \param filename: filename to load from + * + * Returns 0 for OK or -1 for failure + */ +LWS_VISIBLE int +lws_jwk_load(struct lws_jwk *s, const char *filename); + +/** lws_jwk_save() - Export a JSON Web key to a file + * + * \param s: the JWK object to save from + * \param filename: filename to save to + * + * Returns 0 for OK or -1 for failure + */ +LWS_VISIBLE int +lws_jwk_save(struct lws_jwk *s, const char *filename); + +/** lws_jwk_rfc7638_fingerprint() - jwk to RFC7638 compliant fingerprint + * + * \param s: the JWK object to fingerprint + * \param digest32: buffer to take 32-byte digest + * + * Returns 0 for OK or -1 for failure + */ +LWS_VISIBLE int +lws_jwk_rfc7638_fingerprint(struct lws_jwk *s, char *digest32); +///@} + + +/*! \defgroup jws JSON Web Signature + * ## JSON Web Signature API + * + * Lws provides an API to check and create RFC7515 JSON Web Signatures + * + * SHA256/384/512 HMAC, and RSA 256/384/512 are supported. + * + * The API uses your TLS library crypto, but works exactly the same no matter + * what you TLS backend is. + */ +///@{ + +LWS_VISIBLE LWS_EXTERN int +lws_jws_confirm_sig(const char *in, size_t len, struct lws_jwk *jwk); + +/** + * lws_jws_sign_from_b64() - add b64 sig to b64 hdr + payload + * + * \param b64_hdr: protected header encoded in b64, may be NULL + * \param hdr_len: bytes in b64 coding of protected header + * \param b64_pay: payload encoded in b64 + * \param pay_len: bytes in b64 coding of payload + * \param b64_sig: buffer to write the b64 encoded signature into + * \param sig_len: max bytes we can write at b64_sig + * \param hash_type: one of LWS_GENHASH_TYPE_SHA[256|384|512] + * \param jwk: the struct lws_jwk containing the signing key + * + * This adds a b64-coded JWS signature of the b64-encoded protected header + * and b64-encoded payload, at \p b64_sig. The signature will be as large + * as the N element of the RSA key when the RSA key is used, eg, 512 bytes for + * a 4096-bit key, and then b64-encoding on top. + * + * In some special cases, there is only payload to sign and no header, in that + * case \p b64_hdr may be NULL, and only the payload will be hashed before + * signing. + * + * Returns the length of the encoded signature written to \p b64_sig, or -1. + */ +LWS_VISIBLE LWS_EXTERN int +lws_jws_sign_from_b64(const char *b64_hdr, size_t hdr_len, const char *b64_pay, + size_t pay_len, char *b64_sig, size_t sig_len, + enum lws_genhash_types hash_type, struct lws_jwk *jwk); + +/** + * lws_jws_create_packet() - add b64 sig to b64 hdr + payload + * + * \param jwk: the struct lws_jwk containing the signing key + * \param payload: unencoded payload JSON + * \param len: length of unencoded payload JSON + * \param nonce: Nonse string to include in protected header + * \param out: buffer to take signed packet + * \param out_len: size of \p out buffer + * + * This creates a "flattened" JWS packet from the jwk and the plaintext + * payload, and signs it. The packet is written into \p out. + * + * This does the whole packet assembly and signing, calling through to + * lws_jws_sign_from_b64() as part of the process. + * + * Returns the length written to \p out, or -1. + */ +LWS_VISIBLE LWS_EXTERN int +lws_jws_create_packet(struct lws_jwk *jwk, const char *payload, size_t len, + const char *nonce, char *out, size_t out_len); + +/** + * lws_jws_base64_enc() - encode input data into b64url data + * + * \param in: the incoming plaintext + * \param in_len: the length of the incoming plaintext in bytes + * \param out: the buffer to store the b64url encoded data to + * \param out_max: the length of \p out in bytes + * + * Returns either -1 if problems, or the number of bytes written to \p out. + */ +LWS_VISIBLE LWS_EXTERN int +lws_jws_base64_enc(const char *in, size_t in_len, char *out, size_t out_max); +///@} +#endif + +/*! \defgroup extensions Extension related functions + * ##Extension releated functions + * + * Ws defines optional extensions, lws provides the ability to implement these + * in user code if so desired. + * + * We provide one extensions permessage-deflate. + */ +///@{ + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +enum lws_extension_callback_reasons { + LWS_EXT_CB_CONSTRUCT = 4, + LWS_EXT_CB_CLIENT_CONSTRUCT = 5, + LWS_EXT_CB_DESTROY = 8, + LWS_EXT_CB_PACKET_TX_PRESEND = 12, + LWS_EXT_CB_PAYLOAD_TX = 21, + LWS_EXT_CB_PAYLOAD_RX = 22, + LWS_EXT_CB_OPTION_DEFAULT = 23, + LWS_EXT_CB_OPTION_SET = 24, + LWS_EXT_CB_OPTION_CONFIRM = 25, + LWS_EXT_CB_NAMED_OPTION_SET = 26, + + /****** add new things just above ---^ ******/ +}; + +/** enum lws_ext_options_types */ +enum lws_ext_options_types { + EXTARG_NONE, /**< does not take an argument */ + EXTARG_DEC, /**< requires a decimal argument */ + EXTARG_OPT_DEC /**< may have an optional decimal argument */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ +}; + +/** struct lws_ext_options - Option arguments to the extension. These are + * used in the negotiation at ws upgrade time. + * The helper function lws_ext_parse_options() + * uses these to generate callbacks */ +struct lws_ext_options { + const char *name; /**< Option name, eg, "server_no_context_takeover" */ + enum lws_ext_options_types type; /**< What kind of args the option can take */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ +}; + +/** struct lws_ext_option_arg */ +struct lws_ext_option_arg { + const char *option_name; /**< may be NULL, option_index used then */ + int option_index; /**< argument ordinal to use if option_name missing */ + const char *start; /**< value */ + int len; /**< length of value */ +}; + +/** + * typedef lws_extension_callback_function() - Hooks to allow extensions to operate + * \param context: Websockets context + * \param ext: This extension + * \param wsi: Opaque websocket instance pointer + * \param reason: The reason for the call + * \param user: Pointer to ptr to per-session user data allocated by library + * \param in: Pointer used for some callback reasons + * \param len: Length set for some callback reasons + * + * Each extension that is active on a particular connection receives + * callbacks during the connection lifetime to allow the extension to + * operate on websocket data and manage itself. + * + * Libwebsockets takes care of allocating and freeing "user" memory for + * each active extension on each connection. That is what is pointed to + * by the user parameter. + * + * LWS_EXT_CB_CONSTRUCT: called when the server has decided to + * select this extension from the list provided by the client, + * just before the server will send back the handshake accepting + * the connection with this extension active. This gives the + * extension a chance to initialize its connection context found + * in user. + * + * LWS_EXT_CB_CLIENT_CONSTRUCT: same as LWS_EXT_CB_CONSTRUCT + * but called when client is instantiating this extension. Some + * extensions will work the same on client and server side and then + * you can just merge handlers for both CONSTRUCTS. + * + * LWS_EXT_CB_DESTROY: called when the connection the extension was + * being used on is about to be closed and deallocated. It's the + * last chance for the extension to deallocate anything it has + * allocated in the user data (pointed to by user) before the + * user data is deleted. This same callback is used whether you + * are in client or server instantiation context. + * + * LWS_EXT_CB_PACKET_TX_PRESEND: this works the same way as + * LWS_EXT_CB_PACKET_RX_PREPARSE above, except it gives the + * extension a chance to change websocket data just before it will + * be sent out. Using the same lws_token pointer scheme in in, + * the extension can change the buffer and the length to be + * transmitted how it likes. Again if it wants to grow the + * buffer safely, it should copy the data into its own buffer and + * set the lws_tokens token pointer to it. + * + * LWS_EXT_CB_ARGS_VALIDATE: + */ +typedef int +lws_extension_callback_function(struct lws_context *context, + const struct lws_extension *ext, struct lws *wsi, + enum lws_extension_callback_reasons reason, + void *user, void *in, size_t len); + +/** struct lws_extension - An extension we support */ +struct lws_extension { + const char *name; /**< Formal extension name, eg, "permessage-deflate" */ + lws_extension_callback_function *callback; /**< Service callback */ + const char *client_offer; /**< String containing exts and options client offers */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ +}; + +/** + * lws_set_extension_option(): set extension option if possible + * + * \param wsi: websocket connection + * \param ext_name: name of ext, like "permessage-deflate" + * \param opt_name: name of option, like "rx_buf_size" + * \param opt_val: value to set option to + */ +LWS_VISIBLE LWS_EXTERN int +lws_set_extension_option(struct lws *wsi, const char *ext_name, + const char *opt_name, const char *opt_val); + +/** + * lws_ext_parse_options() - deal with parsing negotiated extension options + * + * \param ext: related extension struct + * \param wsi: websocket connection + * \param ext_user: per-connection extension private data + * \param opts: list of supported options + * \param o: option string to parse + * \param len: length + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_ext_parse_options(const struct lws_extension *ext, struct lws *wsi, + void *ext_user, const struct lws_ext_options *opts, + const char *o, int len); + +/** lws_extension_callback_pm_deflate() - extension for RFC7692 + * + * \param context: lws context + * \param ext: related lws_extension struct + * \param wsi: websocket connection + * \param reason: incoming callback reason + * \param user: per-connection extension private data + * \param in: pointer parameter + * \param len: length parameter + * + * Built-in callback implementing RFC7692 permessage-deflate + */ +LWS_EXTERN +int lws_extension_callback_pm_deflate( + struct lws_context *context, const struct lws_extension *ext, + struct lws *wsi, enum lws_extension_callback_reasons reason, + void *user, void *in, size_t len); + +/* + * The internal exts are part of the public abi + * If we add more extensions, publish the callback here ------v + */ +///@} + +/*! \defgroup Protocols-and-Plugins Protocols and Plugins + * \ingroup lwsapi + * + * ##Protocol and protocol plugin -related apis + * + * Protocols bind ws protocol names to a custom callback specific to that + * protocol implementaion. + * + * A list of protocols can be passed in at context creation time, but it is + * also legal to leave that NULL and add the protocols and their callback code + * using plugins. + * + * Plugins are much preferable compared to cut and pasting code into an + * application each time, since they can be used standalone. + */ +///@{ +/** struct lws_protocols - List of protocols and handlers client or server + * supports. */ + +struct lws_protocols { + const char *name; + /**< Protocol name that must match the one given in the client + * Javascript new WebSocket(url, 'protocol') name. */ + lws_callback_function *callback; + /**< The service callback used for this protocol. It allows the + * service action for an entire protocol to be encapsulated in + * the protocol-specific callback */ + size_t per_session_data_size; + /**< Each new connection using this protocol gets + * this much memory allocated on connection establishment and + * freed on connection takedown. A pointer to this per-connection + * allocation is passed into the callback in the 'user' parameter */ + size_t rx_buffer_size; + /**< lws allocates this much space for rx data and informs callback + * when something came. Due to rx flow control, the callback may not + * be able to consume it all without having to return to the event + * loop. That is supported in lws. + * + * If .tx_packet_size is 0, this also controls how much may be sent at + * once for backwards compatibility. + */ + unsigned int id; + /**< ignored by lws, but useful to contain user information bound + * to the selected protocol. For example if this protocol was + * called "myprotocol-v2", you might set id to 2, and the user + * code that acts differently according to the version can do so by + * switch (wsi->protocol->id), user code might use some bits as + * capability flags based on selected protocol version, etc. */ + void *user; /**< ignored by lws, but user code can pass a pointer + here it can later access from the protocol callback */ + size_t tx_packet_size; + /**< 0 indicates restrict send() size to .rx_buffer_size for backwards- + * compatibility. + * If greater than zero, a single send() is restricted to this amount + * and any remainder is buffered by lws and sent afterwards also in + * these size chunks. Since that is expensive, it's preferable + * to restrict one fragment you are trying to send to match this + * size. + */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ +}; + +/** + * lws_vhost_name_to_protocol() - get vhost's protocol object from its name + * + * \param vh: vhost to search + * \param name: protocol name + * + * Returns NULL or a pointer to the vhost's protocol of the requested name + */ +LWS_VISIBLE LWS_EXTERN const struct lws_protocols * +lws_vhost_name_to_protocol(struct lws_vhost *vh, const char *name); + +/** + * lws_get_protocol() - Returns a protocol pointer from a websocket + * connection. + * \param wsi: pointer to struct websocket you want to know the protocol of + * + * + * Some apis can act on all live connections of a given protocol, + * this is how you can get a pointer to the active protocol if needed. + */ +LWS_VISIBLE LWS_EXTERN const struct lws_protocols * +lws_get_protocol(struct lws *wsi); + +/** lws_protocol_get() - deprecated: use lws_get_protocol */ +LWS_VISIBLE LWS_EXTERN const struct lws_protocols * +lws_protocol_get(struct lws *wsi) LWS_WARN_DEPRECATED; + +/** + * lws_protocol_vh_priv_zalloc() - Allocate and zero down a protocol's per-vhost + * storage + * \param vhost: vhost the instance is related to + * \param prot: protocol the instance is related to + * \param size: bytes to allocate + * + * Protocols often find it useful to allocate a per-vhost struct, this is a + * helper to be called in the per-vhost init LWS_CALLBACK_PROTOCOL_INIT + */ +LWS_VISIBLE LWS_EXTERN void * +lws_protocol_vh_priv_zalloc(struct lws_vhost *vhost, const struct lws_protocols *prot, + int size); + +/** + * lws_protocol_vh_priv_get() - retreive a protocol's per-vhost storage + * + * \param vhost: vhost the instance is related to + * \param prot: protocol the instance is related to + * + * Recover a pointer to the allocated per-vhost storage for the protocol created + * by lws_protocol_vh_priv_zalloc() earlier + */ +LWS_VISIBLE LWS_EXTERN void * +lws_protocol_vh_priv_get(struct lws_vhost *vhost, const struct lws_protocols *prot); + +/** + * lws_adjust_protocol_psds - change a vhost protocol's per session data size + * + * \param wsi: a connection with the protocol to change + * \param new_size: the new size of the per session data size for the protocol + * + * Returns user_space for the wsi, after allocating + * + * This should not be used except to initalize a vhost protocol's per session + * data size one time, before any connections are accepted. + * + * Sometimes the protocol wraps another protocol and needs to discover and set + * its per session data size at runtime. + */ +LWS_VISIBLE LWS_EXTERN void * +lws_adjust_protocol_psds(struct lws *wsi, size_t new_size); + +/** + * lws_finalize_startup() - drop initial process privileges + * + * \param context: lws context + * + * This is called after the end of the vhost protocol initializations, but + * you may choose to call it earlier + */ +LWS_VISIBLE LWS_EXTERN int +lws_finalize_startup(struct lws_context *context); + +/** + * lws_pvo_search() - helper to find a named pvo in a linked-list + * + * \param pvo: the first pvo in the linked-list + * \param name: the name of the pvo to return if found + * + * Returns NULL, or a pointer to the name pvo in the linked-list + */ +LWS_VISIBLE LWS_EXTERN const struct lws_protocol_vhost_options * +lws_pvo_search(const struct lws_protocol_vhost_options *pvo, const char *name); + +LWS_VISIBLE LWS_EXTERN int +lws_protocol_init(struct lws_context *context); + +#ifdef LWS_WITH_PLUGINS + +/* PLUGINS implies LIBUV */ + +#define LWS_PLUGIN_API_MAGIC 180 + +/** struct lws_plugin_capability - how a plugin introduces itself to lws */ +struct lws_plugin_capability { + unsigned int api_magic; /**< caller fills this in, plugin fills rest */ + const struct lws_protocols *protocols; /**< array of supported protocols provided by plugin */ + int count_protocols; /**< how many protocols */ + const struct lws_extension *extensions; /**< array of extensions provided by plugin */ + int count_extensions; /**< how many extensions */ +}; + +typedef int (*lws_plugin_init_func)(struct lws_context *, + struct lws_plugin_capability *); +typedef int (*lws_plugin_destroy_func)(struct lws_context *); + +/** struct lws_plugin */ +struct lws_plugin { + struct lws_plugin *list; /**< linked list */ +#if (UV_VERSION_MAJOR > 0) + uv_lib_t lib; /**< shared library pointer */ +#else + void *l; /**< so we can compile on ancient libuv */ +#endif + char name[64]; /**< name of the plugin */ + struct lws_plugin_capability caps; /**< plugin capabilities */ +}; + +#endif + +///@} + + +/*! \defgroup generic-sessions plugin: generic-sessions + * \ingroup Protocols-and-Plugins + * + * ##Plugin Generic-sessions related + * + * generic-sessions plugin provides a reusable, generic session and login / + * register / forgot password framework including email verification. + */ +///@{ + +#define LWSGS_EMAIL_CONTENT_SIZE 16384 +/**< Maximum size of email we might send */ + +/* SHA-1 binary and hexified versions */ +/** typedef struct lwsgw_hash_bin */ +typedef struct { unsigned char bin[20]; /**< binary representation of hash */} lwsgw_hash_bin; +/** typedef struct lwsgw_hash */ +typedef struct { char id[41]; /**< ascii hex representation of hash */ } lwsgw_hash; + +/** enum lwsgs_auth_bits */ +enum lwsgs_auth_bits { + LWSGS_AUTH_LOGGED_IN = 1, /**< user is logged in as somebody */ + LWSGS_AUTH_ADMIN = 2, /**< logged in as the admin user */ + LWSGS_AUTH_VERIFIED = 4, /**< user has verified his email */ + LWSGS_AUTH_FORGOT_FLOW = 8, /**< he just completed "forgot password" flow */ +}; + +/** struct lws_session_info - information about user session status */ +struct lws_session_info { + char username[32]; /**< username logged in as, or empty string */ + char email[100]; /**< email address associated with login, or empty string */ + char ip[72]; /**< ip address session was started from */ + unsigned int mask; /**< access rights mask associated with session + * see enum lwsgs_auth_bits */ + char session[42]; /**< session id string, usable as opaque uid when not logged in */ +}; + +/** enum lws_gs_event */ +enum lws_gs_event { + LWSGSE_CREATED, /**< a new user was created */ + LWSGSE_DELETED /**< an existing user was deleted */ +}; + +/** struct lws_gs_event_args */ +struct lws_gs_event_args { + enum lws_gs_event event; /**< which event happened */ + const char *username; /**< which username the event happened to */ + const char *email; /**< the email address of that user */ +}; + +///@} + + +/*! \defgroup context-and-vhost context and vhost related functions + * ##Context and Vhost releated functions + * \ingroup lwsapi + * + * + * LWS requires that there is one context, in which you may define multiple + * vhosts. Each vhost is a virtual host, with either its own listen port + * or sharing an existing one. Each vhost has its own SSL context that can + * be set up individually or left disabled. + * + * If you don't care about multiple "site" support, you can ignore it and + * lws will create a single default vhost at context creation time. + */ +///@{ + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ + +/** enum lws_context_options - context and vhost options */ +enum lws_context_options { + LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT = (1 << 1) | + (1 << 12), + /**< (VH) Don't allow the connection unless the client has a + * client cert that we recognize; provides + * LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */ + LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME = (1 << 2), + /**< (CTX) Don't try to get the server's hostname */ + LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT = (1 << 3) | + (1 << 12), + /**< (VH) Allow non-SSL (plaintext) connections on the same + * port as SSL is listening... undermines the security of SSL; + * provides LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */ + LWS_SERVER_OPTION_LIBEV = (1 << 4), + /**< (CTX) Use libev event loop */ + LWS_SERVER_OPTION_DISABLE_IPV6 = (1 << 5), + /**< (VH) Disable IPV6 support */ + LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS = (1 << 6), + /**< (VH) Don't load OS CA certs, you will need to load your + * own CA cert(s) */ + LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED = (1 << 7), + /**< (VH) Accept connections with no valid Cert (eg, selfsigned) */ + LWS_SERVER_OPTION_VALIDATE_UTF8 = (1 << 8), + /**< (VH) Check UT-8 correctness */ + LWS_SERVER_OPTION_SSL_ECDH = (1 << 9) | + (1 << 12), + /**< (VH) initialize ECDH ciphers */ + LWS_SERVER_OPTION_LIBUV = (1 << 10), + /**< (CTX) Use libuv event loop */ + LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS = (1 << 11) | + (1 << 12), + /**< (VH) Use http redirect to force http to https + * (deprecated: use mount redirection) */ + LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT = (1 << 12), + /**< (CTX) Initialize the SSL library at all */ + LWS_SERVER_OPTION_EXPLICIT_VHOSTS = (1 << 13), + /**< (CTX) Only create the context when calling context + * create api, implies user code will create its own vhosts */ + LWS_SERVER_OPTION_UNIX_SOCK = (1 << 14), + /**< (VH) Use Unix socket */ + LWS_SERVER_OPTION_STS = (1 << 15), + /**< (VH) Send Strict Transport Security header, making + * clients subsequently go to https even if user asked for http */ + LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY = (1 << 16), + /**< (VH) Enable LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE to take effect */ + LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE = (1 << 17), + /**< (VH) if set, only ipv6 allowed on the vhost */ + LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN = (1 << 18), + /**< (CTX) Libuv only: Do not spin on SIGSEGV / SIGFPE. A segfault + * normally makes the lib spin so you can attach a debugger to it + * even if it happened without a debugger in place. You can disable + * that by giving this option. + */ + LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN = (1 << 19), + /**< For backwards-compatibility reasons, by default + * lws prepends "http://" to the origin you give in the client + * connection info struct. If you give this flag when you create + * the context, only the string you give in the client connect + * info for .origin (if any) will be used directly. + */ + LWS_SERVER_OPTION_FALLBACK_TO_RAW = (1 << 20), + /**< (VH) if invalid http is coming in the first line, */ + LWS_SERVER_OPTION_LIBEVENT = (1 << 21), + /**< (CTX) Use libevent event loop */ + LWS_SERVER_OPTION_ONLY_RAW = (1 << 22), + /**< (VH) All connections to this vhost / port are RAW as soon as + * the connection is accepted, no HTTP is going to be coming. + */ + LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE = (1 << 23), + /**< (VH) Set to allow multiple listen sockets on one interface + + * address + port. The default is to strictly allow only one + * listen socket at a time. This is automatically selected if you + * have multiple service threads. + */ + LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX = (1 << 24), + /**< (VH) Force setting up the vhost SSL_CTX, even though the user + * code doesn't explicitly provide a cert in the info struct. It + * implies the user code is going to provide a cert at the + * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS callback, which + * provides the vhost SSL_CTX * in the user parameter. + */ + LWS_SERVER_OPTION_SKIP_PROTOCOL_INIT = (1 << 25), + /**< (VH) You probably don't want this. It forces this vhost to not + * call LWS_CALLBACK_PROTOCOL_INIT on its protocols. It's used in the + * special case of a temporary vhost bound to a single protocol. + */ + LWS_SERVER_OPTION_IGNORE_MISSING_CERT = (1 << 26), + /**< (VH) Don't fail if the vhost TLS cert or key are missing, just + * continue. The vhost won't be able to serve anything, but if for + * example the ACME plugin was configured to fetch a cert, this lets + * you bootstrap your vhost from having no cert to start with. + */ + + /****** add new things just above ---^ ******/ +}; + +#define lws_check_opt(c, f) (((c) & (f)) == (f)) + +struct lws_plat_file_ops; + +/** struct lws_context_creation_info - parameters to create context and /or vhost with + * + * This is also used to create vhosts.... if LWS_SERVER_OPTION_EXPLICIT_VHOSTS + * is not given, then for backwards compatibility one vhost is created at + * context-creation time using the info from this struct. + * + * If LWS_SERVER_OPTION_EXPLICIT_VHOSTS is given, then no vhosts are created + * at the same time as the context, they are expected to be created afterwards. + */ +struct lws_context_creation_info { + int port; + /**< VHOST: Port to listen on. Use CONTEXT_PORT_NO_LISTEN to suppress + * listening for a client. Use CONTEXT_PORT_NO_LISTEN_SERVER if you are + * writing a server but you are using \ref sock-adopt instead of the + * built-in listener. + * + * You can also set port to 0, in which case the kernel will pick + * a random port that is not already in use. You can find out what + * port the vhost is listening on using lws_get_vhost_listen_port() */ + const char *iface; + /**< VHOST: NULL to bind the listen socket to all interfaces, or the + * interface name, eg, "eth2" + * If options specifies LWS_SERVER_OPTION_UNIX_SOCK, this member is + * the pathname of a UNIX domain socket. you can use the UNIX domain + * sockets in abstract namespace, by prepending an at symbol to the + * socket name. */ + const struct lws_protocols *protocols; + /**< VHOST: Array of structures listing supported protocols and a protocol- + * specific callback for each one. The list is ended with an + * entry that has a NULL callback pointer. */ + const struct lws_extension *extensions; + /**< VHOST: NULL or array of lws_extension structs listing the + * extensions this context supports. */ + const struct lws_token_limits *token_limits; + /**< CONTEXT: NULL or struct lws_token_limits pointer which is initialized + * with a token length limit for each possible WSI_TOKEN_ */ + const char *ssl_private_key_password; + /**< VHOST: NULL or the passphrase needed for the private key. (For + * backwards compatibility, this can also be used to pass the client + * cert passphrase when setting up a vhost client SSL context, but it is + * preferred to use .client_ssl_private_key_password for that.) */ + const char *ssl_cert_filepath; + /**< VHOST: If libwebsockets was compiled to use ssl, and you want + * to listen using SSL, set to the filepath to fetch the + * server cert from, otherwise NULL for unencrypted. (For backwards + * compatibility, this can also be used to pass the client certificate + * when setting up a vhost client SSL context, but it is preferred to + * use .client_ssl_cert_filepath for that.) */ + const char *ssl_private_key_filepath; + /**< VHOST: filepath to private key if wanting SSL mode; + * if this is set to NULL but ssl_cert_filepath is set, the + * OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY callback is called + * to allow setting of the private key directly via openSSL + * library calls. (For backwards compatibility, this can also be used + * to pass the client cert private key filepath when setting up a + * vhost client SSL context, but it is preferred to use + * .client_ssl_private_key_filepath for that.) */ + const char *ssl_ca_filepath; + /**< VHOST: CA certificate filepath or NULL. (For backwards + * compatibility, this can also be used to pass the client CA + * filepath when setting up a vhost client SSL context, + * but it is preferred to use .client_ssl_ca_filepath for that.) */ + const char *ssl_cipher_list; + /**< VHOST: List of valid ciphers to use (eg, + * "RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:HIGH:!DSS:!aNULL" + * or you can leave it as NULL to get "DEFAULT" (For backwards + * compatibility, this can also be used to pass the client cipher + * list when setting up a vhost client SSL context, + * but it is preferred to use .client_ssl_cipher_list for that.)*/ + const char *http_proxy_address; + /**< VHOST: If non-NULL, attempts to proxy via the given address. + * If proxy auth is required, use format "username:password\@server:port" */ + unsigned int http_proxy_port; + /**< VHOST: If http_proxy_address was non-NULL, uses this port */ + int gid; + /**< CONTEXT: group id to change to after setting listen socket, or -1. */ + int uid; + /**< CONTEXT: user id to change to after setting listen socket, or -1. */ + unsigned int options; + /**< VHOST + CONTEXT: 0, or LWS_SERVER_OPTION_... bitfields */ + void *user; + /**< VHOST + CONTEXT: optional user pointer that will be associated + * with the context when creating the context (and can be retrieved by + * lws_context_user(context), or with the vhost when creating the vhost + * (and can be retrieved by lws_vhost_user(vhost)). You will need to + * use LWS_SERVER_OPTION_EXPLICIT_VHOSTS and create the vhost separately + * if you care about giving the context and vhost different user pointer + * values. + */ + int ka_time; + /**< CONTEXT: 0 for no TCP keepalive, otherwise apply this keepalive + * timeout to all libwebsocket sockets, client or server */ + int ka_probes; + /**< CONTEXT: if ka_time was nonzero, after the timeout expires how many + * times to try to get a response from the peer before giving up + * and killing the connection */ + int ka_interval; + /**< CONTEXT: if ka_time was nonzero, how long to wait before each ka_probes + * attempt */ +#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) + SSL_CTX *provided_client_ssl_ctx; + /**< CONTEXT: If non-null, swap out libwebsockets ssl + * implementation for the one provided by provided_ssl_ctx. + * Libwebsockets no longer is responsible for freeing the context + * if this option is selected. */ +#else /* maintain structure layout either way */ + void *provided_client_ssl_ctx; /**< dummy if ssl disabled */ +#endif + + short max_http_header_data; + /**< CONTEXT: The max amount of header payload that can be handled + * in an http request (unrecognized header payload is dropped) */ + short max_http_header_pool; + /**< CONTEXT: The max number of connections with http headers that + * can be processed simultaneously (the corresponding memory is + * allocated and deallocated dynamically as needed). If the pool is + * fully busy new incoming connections must wait for accept until one + * becomes free. 0 = allow as many ah as number of availble fds for + * the process */ + + unsigned int count_threads; + /**< CONTEXT: how many contexts to create in an array, 0 = 1 */ + unsigned int fd_limit_per_thread; + /**< CONTEXT: nonzero means restrict each service thread to this + * many fds, 0 means the default which is divide the process fd + * limit by the number of threads. */ + unsigned int timeout_secs; + /**< VHOST: various processes involving network roundtrips in the + * library are protected from hanging forever by timeouts. If + * nonzero, this member lets you set the timeout used in seconds. + * Otherwise a default timeout is used. */ + const char *ecdh_curve; + /**< VHOST: if NULL, defaults to initializing server with "prime256v1" */ + const char *vhost_name; + /**< VHOST: name of vhost, must match external DNS name used to + * access the site, like "warmcat.com" as it's used to match + * Host: header and / or SNI name for SSL. */ + const char * const *plugin_dirs; + /**< CONTEXT: NULL, or NULL-terminated array of directories to + * scan for lws protocol plugins at context creation time */ + const struct lws_protocol_vhost_options *pvo; + /**< VHOST: pointer to optional linked list of per-vhost + * options made accessible to protocols */ + int keepalive_timeout; + /**< VHOST: (default = 0 = 5s) seconds to allow remote + * client to hold on to an idle HTTP/1.1 connection */ + const char *log_filepath; + /**< VHOST: filepath to append logs to... this is opened before + * any dropping of initial privileges */ + const struct lws_http_mount *mounts; + /**< VHOST: optional linked list of mounts for this vhost */ + const char *server_string; + /**< CONTEXT: string used in HTTP headers to identify server + * software, if NULL, "libwebsockets". */ + unsigned int pt_serv_buf_size; + /**< CONTEXT: 0 = default of 4096. This buffer is used by + * various service related features including file serving, it + * defines the max chunk of file that can be sent at once. + * At the risk of lws having to buffer failed large sends, it + * can be increased to, eg, 128KiB to improve throughput. */ + unsigned int max_http_header_data2; + /**< CONTEXT: if max_http_header_data is 0 and this + * is nonzero, this will be used in place of the default. It's + * like this for compatibility with the original short version, + * this is unsigned int length. */ + long ssl_options_set; + /**< VHOST: Any bits set here will be set as SSL options */ + long ssl_options_clear; + /**< VHOST: Any bits set here will be cleared as SSL options */ + unsigned short ws_ping_pong_interval; + /**< CONTEXT: 0 for none, else interval in seconds between sending + * PINGs on idle websocket connections. When the PING is sent, + * the PONG must come within the normal timeout_secs timeout period + * or the connection will be dropped. + * Any RX or TX traffic on the connection restarts the interval timer, + * so a connection which always sends or receives something at intervals + * less than the interval given here will never send PINGs / expect + * PONGs. Conversely as soon as the ws connection is established, an + * idle connection will do the PING / PONG roundtrip as soon as + * ws_ping_pong_interval seconds has passed without traffic + */ + const struct lws_protocol_vhost_options *headers; + /**< VHOST: pointer to optional linked list of per-vhost + * canned headers that are added to server responses */ + + const struct lws_protocol_vhost_options *reject_service_keywords; + /**< CONTEXT: Optional list of keywords and rejection codes + text. + * + * The keywords are checked for existing in the user agent string. + * + * Eg, "badrobot" "404 Not Found" + */ + void *external_baggage_free_on_destroy; + /**< CONTEXT: NULL, or pointer to something externally malloc'd, that + * should be freed when the context is destroyed. This allows you to + * automatically sync the freeing action to the context destruction + * action, so there is no need for an external free() if the context + * succeeded to create. + */ + + const char *client_ssl_private_key_password; + /**< VHOST: Client SSL context init: NULL or the passphrase needed + * for the private key */ + const char *client_ssl_cert_filepath; + /**< VHOST: Client SSL context init:T he certificate the client + * should present to the peer on connection */ + const char *client_ssl_private_key_filepath; + /**< VHOST: Client SSL context init: filepath to client private key + * if this is set to NULL but client_ssl_cert_filepath is set, you + * can handle the LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS + * callback of protocols[0] to allow setting of the private key directly + * via openSSL library calls */ + const char *client_ssl_ca_filepath; + /**< VHOST: Client SSL context init: CA certificate filepath or NULL */ + const char *client_ssl_cipher_list; + /**< VHOST: Client SSL context init: List of valid ciphers to use (eg, + * "RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:HIGH:!DSS:!aNULL" + * or you can leave it as NULL to get "DEFAULT" */ + + const struct lws_plat_file_ops *fops; + /**< CONTEXT: NULL, or pointer to an array of fops structs, terminated + * by a sentinel with NULL .open. + * + * If NULL, lws provides just the platform file operations struct for + * backwards compatibility. + */ + int simultaneous_ssl_restriction; + /**< CONTEXT: 0 (no limit) or limit of simultaneous SSL sessions possible.*/ + const char *socks_proxy_address; + /**< VHOST: If non-NULL, attempts to proxy via the given address. + * If proxy auth is required, use format "username:password\@server:port" */ + unsigned int socks_proxy_port; + /**< VHOST: If socks_proxy_address was non-NULL, uses this port */ +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) + cap_value_t caps[4]; + /**< CONTEXT: array holding Linux capabilities you want to + * continue to be available to the server after it transitions + * to a noprivileged user. Usually none are needed but for, eg, + * .bind_iface, CAP_NET_RAW is required. This gives you a way + * to still have the capability but drop root. + */ + char count_caps; + /**< CONTEXT: count of Linux capabilities in .caps[]. 0 means + * no capabilities will be inherited from root (the default) */ +#endif + int bind_iface; + /**< VHOST: nonzero to strictly bind sockets to the interface name in + * .iface (eg, "eth2"), using SO_BIND_TO_DEVICE. + * + * Requires SO_BINDTODEVICE support from your OS and CAP_NET_RAW + * capability. + * + * Notice that common things like access network interface IP from + * your local machine use your lo / loopback interface and will be + * disallowed by this. + */ + int ssl_info_event_mask; + /**< VHOST: mask of ssl events to be reported on LWS_CALLBACK_SSL_INFO + * callback for connections on this vhost. The mask values are of + * the form SSL_CB_ALERT, defined in openssl/ssl.h. The default of + * 0 means no info events will be reported. + */ + unsigned int timeout_secs_ah_idle; + /**< VHOST: seconds to allow a client to hold an ah without using it. + * 0 defaults to 10s. */ + unsigned short ip_limit_ah; + /**< CONTEXT: max number of ah a single IP may use simultaneously + * 0 is no limit. This is a soft limit: if the limit is + * reached, connections from that IP will wait in the ah + * waiting list and not be able to acquire an ah until + * a connection belonging to the IP relinquishes one it + * already has. + */ + unsigned short ip_limit_wsi; + /**< CONTEXT: max number of wsi a single IP may use simultaneously. + * 0 is no limit. This is a hard limit, connections from + * the same IP will simply be dropped once it acquires the + * amount of simultaneous wsi / accepted connections + * given here. + */ + uint32_t http2_settings[7]; + /**< VHOST: if http2_settings[0] is nonzero, the values given in + * http2_settings[1]..[6] are used instead of the lws + * platform default values. + * Just leave all at 0 if you don't care. + */ + const char *error_document_404; + /**< VHOST: If non-NULL, when asked to serve a non-existent file, + * lws attempts to server this url path instead. Eg, + * "/404.html" */ + const char *alpn; + /**< CONTEXT: If non-NULL, default list of advertised alpn, comma- + * separated + * + * VHOST: If non-NULL, per-vhost list of advertised alpn, comma- + * separated + */ + void **foreign_loops; + /**< CONTEXT: This is ignored if the context is not being started with + * an event loop, ie, .options has a flag like + * LWS_SERVER_OPTION_LIBUV. + * + * NULL indicates lws should start its own even loop for + * each service thread, and deal with closing the loops + * when the context is destroyed. + * + * Non-NULL means it points to an array of external + * ("foreign") event loops that are to be used in turn for + * each service thread. In the default case of 1 service + * thread, it can just point to one foreign event loop. + */ + void (*signal_cb)(void *event_lib_handle, int signum); + /**< CONTEXT: NULL: default signal handling. Otherwise this receives + * the signal handler callback. event_lib_handle is the + * native event library signal handle, eg uv_signal_t * + * for libuv. + */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility + * + * The below is to ensure later library versions with new + * members added above will see 0 (default) even if the app + * was not built against the newer headers. + */ + struct lws_context **pcontext; + /**< CONTEXT: if non-NULL, at the end of context destroy processing, + * the pointer pointed to by pcontext is written with NULL. You can + * use this to let foreign event loops know that lws context destruction + * is fully completed. + */ + + void *_unused[4]; /**< dummy */ +}; + +/** + * lws_create_context() - Create the websocket handler + * \param info: pointer to struct with parameters + * + * This function creates the listening socket (if serving) and takes care + * of all initialization in one step. + * + * If option LWS_SERVER_OPTION_EXPLICIT_VHOSTS is given, no vhost is + * created; you're expected to create your own vhosts afterwards using + * lws_create_vhost(). Otherwise a vhost named "default" is also created + * using the information in the vhost-related members, for compatibility. + * + * After initialization, it returns a struct lws_context * that + * represents this server. After calling, user code needs to take care + * of calling lws_service() with the context pointer to get the + * server's sockets serviced. This must be done in the same process + * context as the initialization call. + * + * The protocol callback functions are called for a handful of events + * including http requests coming in, websocket connections becoming + * established, and data arriving; it's also called periodically to allow + * async transmission. + * + * HTTP requests are sent always to the FIRST protocol in protocol, since + * at that time websocket protocol has not been negotiated. Other + * protocols after the first one never see any HTTP callback activity. + * + * The server created is a simple http server by default; part of the + * websocket standard is upgrading this http connection to a websocket one. + * + * This allows the same server to provide files like scripts and favicon / + * images or whatever over http and dynamic data over websockets all in + * one place; they're all handled in the user callback. + */ +LWS_VISIBLE LWS_EXTERN struct lws_context * +lws_create_context(const struct lws_context_creation_info *info); + + +/** + * lws_context_destroy() - Destroy the websocket context + * \param context: Websocket context + * + * This function closes any active connections and then frees the + * context. After calling this, any further use of the context is + * undefined. + */ +LWS_VISIBLE LWS_EXTERN void +lws_context_destroy(struct lws_context *context); + +typedef int (*lws_reload_func)(void); + +/** + * lws_context_deprecate() - Deprecate the websocket context + * + * \param context: Websocket context + * \param cb: Callback notified when old context listen sockets are closed + * + * This function is used on an existing context before superceding it + * with a new context. + * + * It closes any listen sockets in the context, so new connections are + * not possible. + * + * And it marks the context to be deleted when the number of active + * connections into it falls to zero. + * + * Otherwise if you attach the deprecated context to the replacement + * context when it has been created using lws_context_attach_deprecated() + * both any deprecated and the new context will service their connections. + * + * This is aimed at allowing seamless configuration reloads. + * + * The callback cb will be called after the listen sockets are actually + * closed and may be reopened. In the callback the new context should be + * configured and created. (With libuv, socket close happens async after + * more loop events). + */ +LWS_VISIBLE LWS_EXTERN void +lws_context_deprecate(struct lws_context *context, lws_reload_func cb); + +LWS_VISIBLE LWS_EXTERN int +lws_context_is_deprecated(struct lws_context *context); + +/** + * lws_set_proxy() - Setups proxy to lws_context. + * \param vhost: pointer to struct lws_vhost you want set proxy for + * \param proxy: pointer to c string containing proxy in format address:port + * + * Returns 0 if proxy string was parsed and proxy was setup. + * Returns -1 if proxy is NULL or has incorrect format. + * + * This is only required if your OS does not provide the http_proxy + * environment variable (eg, OSX) + * + * IMPORTANT! You should call this function right after creation of the + * lws_context and before call to connect. If you call this + * function after connect behavior is undefined. + * This function will override proxy settings made on lws_context + * creation with genenv() call. + */ +LWS_VISIBLE LWS_EXTERN int +lws_set_proxy(struct lws_vhost *vhost, const char *proxy); + +/** + * lws_set_socks() - Setup socks to lws_context. + * \param vhost: pointer to struct lws_vhost you want set socks for + * \param socks: pointer to c string containing socks in format address:port + * + * Returns 0 if socks string was parsed and socks was setup. + * Returns -1 if socks is NULL or has incorrect format. + * + * This is only required if your OS does not provide the socks_proxy + * environment variable (eg, OSX) + * + * IMPORTANT! You should call this function right after creation of the + * lws_context and before call to connect. If you call this + * function after connect behavior is undefined. + * This function will override proxy settings made on lws_context + * creation with genenv() call. + */ +LWS_VISIBLE LWS_EXTERN int +lws_set_socks(struct lws_vhost *vhost, const char *socks); + +struct lws_vhost; + +/** + * lws_create_vhost() - Create a vhost (virtual server context) + * \param context: pointer to result of lws_create_context() + * \param info: pointer to struct with parameters + * + * This function creates a virtual server (vhost) using the vhost-related + * members of the info struct. You can create many vhosts inside one context + * if you created the context with the option LWS_SERVER_OPTION_EXPLICIT_VHOSTS + */ +LWS_VISIBLE LWS_EXTERN struct lws_vhost * +lws_create_vhost(struct lws_context *context, + const struct lws_context_creation_info *info); + +/** + * lws_vhost_destroy() - Destroy a vhost (virtual server context) + * + * \param vh: pointer to result of lws_create_vhost() + * + * This function destroys a vhost. Normally, if you just want to exit, + * then lws_destroy_context() will take care of everything. If you want + * to destroy an individual vhost and all connections and allocations, you + * can do it with this. + * + * If the vhost has a listen sockets shared by other vhosts, it will be given + * to one of the vhosts sharing it rather than closed. + */ +LWS_VISIBLE LWS_EXTERN void +lws_vhost_destroy(struct lws_vhost *vh); + +/** + * lwsws_get_config_globals() - Parse a JSON server config file + * \param info: pointer to struct with parameters + * \param d: filepath of the config file + * \param config_strings: storage for the config strings extracted from JSON, + * the pointer is incremented as strings are stored + * \param len: pointer to the remaining length left in config_strings + * the value is decremented as strings are stored + * + * This function prepares a n lws_context_creation_info struct with global + * settings from a file d. + * + * Requires CMake option LWS_WITH_LEJP_CONF to have been enabled + */ +LWS_VISIBLE LWS_EXTERN int +lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, + char **config_strings, int *len); + +/** + * lwsws_get_config_vhosts() - Create vhosts from a JSON server config file + * \param context: pointer to result of lws_create_context() + * \param info: pointer to struct with parameters + * \param d: filepath of the config file + * \param config_strings: storage for the config strings extracted from JSON, + * the pointer is incremented as strings are stored + * \param len: pointer to the remaining length left in config_strings + * the value is decremented as strings are stored + * + * This function creates vhosts into a context according to the settings in + *JSON files found in directory d. + * + * Requires CMake option LWS_WITH_LEJP_CONF to have been enabled + */ +LWS_VISIBLE LWS_EXTERN int +lwsws_get_config_vhosts(struct lws_context *context, + struct lws_context_creation_info *info, const char *d, + char **config_strings, int *len); + +/** lws_vhost_get() - \deprecated deprecated: use lws_get_vhost() */ +LWS_VISIBLE LWS_EXTERN struct lws_vhost * +lws_vhost_get(struct lws *wsi) LWS_WARN_DEPRECATED; + +/** + * lws_get_vhost() - return the vhost a wsi belongs to + * + * \param wsi: which connection + */ +LWS_VISIBLE LWS_EXTERN struct lws_vhost * +lws_get_vhost(struct lws *wsi); + +/** + * lws_get_vhost_name() - returns the name of a vhost + * + * \param vhost: which vhost + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_get_vhost_name(struct lws_vhost *vhost); + +/** + * lws_get_vhost_port() - returns the port a vhost listens on, or -1 + * + * \param vhost: which vhost + */ +LWS_VISIBLE LWS_EXTERN int +lws_get_vhost_port(struct lws_vhost *vhost); + +/** + * lws_get_vhost_user() - returns the user pointer for the vhost + * + * \param vhost: which vhost + */ +LWS_VISIBLE LWS_EXTERN void * +lws_get_vhost_user(struct lws_vhost *vhost); + +/** + * lws_get_vhost_iface() - returns the binding for the vhost listen socket + * + * \param vhost: which vhost + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_get_vhost_iface(struct lws_vhost *vhost); + +/** + * lws_json_dump_vhost() - describe vhost state and stats in JSON + * + * \param vh: the vhost + * \param buf: buffer to fill with JSON + * \param len: max length of buf + */ +LWS_VISIBLE LWS_EXTERN int +lws_json_dump_vhost(const struct lws_vhost *vh, char *buf, int len); + +/** + * lws_json_dump_context() - describe context state and stats in JSON + * + * \param context: the context + * \param buf: buffer to fill with JSON + * \param len: max length of buf + * \param hide_vhosts: nonzero to not provide per-vhost mount etc information + * + * Generates a JSON description of vhost state into buf + */ +LWS_VISIBLE LWS_EXTERN int +lws_json_dump_context(const struct lws_context *context, char *buf, int len, + int hide_vhosts); + +/** + * lws_vhost_user() - get the user data associated with the vhost + * \param vhost: Websocket vhost + * + * This returns the optional user pointer that can be attached to + * a vhost when it was created. Lws never dereferences this pointer, it only + * sets it when the vhost is created, and returns it using this api. + */ +LWS_VISIBLE LWS_EXTERN void * +lws_vhost_user(struct lws_vhost *vhost); + +/** + * lws_context_user() - get the user data associated with the context + * \param context: Websocket context + * + * This returns the optional user allocation that can be attached to + * the context the sockets live in at context_create time. It's a way + * to let all sockets serviced in the same context share data without + * using globals statics in the user code. + */ +LWS_VISIBLE LWS_EXTERN void * +lws_context_user(struct lws_context *context); + +/*! \defgroup vhost-mounts Vhost mounts and options + * \ingroup context-and-vhost-creation + * + * ##Vhost mounts and options + */ +///@{ +/** struct lws_protocol_vhost_options - linked list of per-vhost protocol + * name=value options + * + * This provides a general way to attach a linked-list of name=value pairs, + * which can also have an optional child link-list using the options member. + */ +struct lws_protocol_vhost_options { + const struct lws_protocol_vhost_options *next; /**< linked list */ + const struct lws_protocol_vhost_options *options; /**< child linked-list of more options for this node */ + const char *name; /**< name of name=value pair */ + const char *value; /**< value of name=value pair */ +}; + +/** enum lws_mount_protocols + * This specifies the mount protocol for a mountpoint, whether it is to be + * served from a filesystem, or it is a cgi etc. + */ +enum lws_mount_protocols { + LWSMPRO_HTTP = 0, /**< http reverse proxy */ + LWSMPRO_HTTPS = 1, /**< https reverse proxy */ + LWSMPRO_FILE = 2, /**< serve from filesystem directory */ + LWSMPRO_CGI = 3, /**< pass to CGI to handle */ + LWSMPRO_REDIR_HTTP = 4, /**< redirect to http:// url */ + LWSMPRO_REDIR_HTTPS = 5, /**< redirect to https:// url */ + LWSMPRO_CALLBACK = 6, /**< hand by named protocol's callback */ +}; + +/** struct lws_http_mount + * + * arguments for mounting something in a vhost's url namespace + */ +struct lws_http_mount { + const struct lws_http_mount *mount_next; + /**< pointer to next struct lws_http_mount */ + const char *mountpoint; + /**< mountpoint in http pathspace, eg, "/" */ + const char *origin; + /**< path to be mounted, eg, "/var/www/warmcat.com" */ + const char *def; + /**< default target, eg, "index.html" */ + const char *protocol; + /**<"protocol-name" to handle mount */ + + const struct lws_protocol_vhost_options *cgienv; + /**< optional linked-list of cgi options. These are created + * as environment variables for the cgi process + */ + const struct lws_protocol_vhost_options *extra_mimetypes; + /**< optional linked-list of mimetype mappings */ + const struct lws_protocol_vhost_options *interpret; + /**< optional linked-list of files to be interpreted */ + + int cgi_timeout; + /**< seconds cgi is allowed to live, if cgi://mount type */ + int cache_max_age; + /**< max-age for reuse of client cache of files, seconds */ + unsigned int auth_mask; + /**< bits set here must be set for authorized client session */ + + unsigned int cache_reusable:1; /**< set if client cache may reuse this */ + unsigned int cache_revalidate:1; /**< set if client cache should revalidate on use */ + unsigned int cache_intermediaries:1; /**< set if intermediaries are allowed to cache */ + + unsigned char origin_protocol; /**< one of enum lws_mount_protocols */ + unsigned char mountpoint_len; /**< length of mountpoint string */ + + const char *basic_auth_login_file; + /**revents will be zeroed now. + * + * If the socket is foreign to lws, it leaves revents alone. So you can + * see if you should service yourself by checking the pollfd revents + * after letting lws try to service it. + * + * You should also call this with pollfd = NULL to just allow the + * once-per-second global timeout checks; if less than a second since the last + * check it returns immediately then. + */ +LWS_VISIBLE LWS_EXTERN int +lws_service_fd(struct lws_context *context, struct lws_pollfd *pollfd); + +/** + * lws_service_fd_tsi() - Service polled socket in specific service thread + * \param context: Websocket context + * \param pollfd: The pollfd entry describing the socket fd and which events + * happened. + * \param tsi: thread service index + * + * Same as lws_service_fd() but used with multiple service threads + */ +LWS_VISIBLE LWS_EXTERN int +lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, + int tsi); + +/** + * lws_service_adjust_timeout() - Check for any connection needing forced service + * \param context: Websocket context + * \param timeout_ms: The original poll timeout value. You can just set this + * to 1 if you don't really have a poll timeout. + * \param tsi: thread service index + * + * Under some conditions connections may need service even though there is no + * pending network action on them, this is "forced service". For default + * poll() and libuv / libev, the library takes care of calling this and + * dealing with it for you. But for external poll() integration, you need + * access to the apis. + * + * If anybody needs "forced service", returned timeout is zero. In that case, + * you can call lws_service_tsi() with a timeout of -1 to only service + * guys who need forced service. + */ +LWS_VISIBLE LWS_EXTERN int +lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi); + +/* Backwards compatibility */ +#define lws_plat_service_tsi lws_service_tsi + +LWS_VISIBLE LWS_EXTERN int +lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd); + +///@} + +/*! \defgroup http HTTP + + Modules related to handling HTTP +*/ +//@{ + +/*! \defgroup httpft HTTP File transfer + * \ingroup http + + APIs for sending local files in response to HTTP requests +*/ +//@{ + +/** + * lws_get_mimetype() - Determine mimetype to use from filename + * + * \param file: filename + * \param m: NULL, or mount context + * + * This uses a canned list of known filetypes first, if no match and m is + * non-NULL, then tries a list of per-mount file suffix to mimtype mappings. + * + * Returns either NULL or a pointer to the mimetype matching the file. + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_get_mimetype(const char *file, const struct lws_http_mount *m); + +/** + * lws_serve_http_file() - Send a file back to the client using http + * \param wsi: Websocket instance (available from user callback) + * \param file: The file to issue over http + * \param content_type: The http content type, eg, text/html + * \param other_headers: NULL or pointer to header string + * \param other_headers_len: length of the other headers if non-NULL + * + * This function is intended to be called from the callback in response + * to http requests from the client. It allows the callback to issue + * local files down the http link in a single step. + * + * Returning <0 indicates error and the wsi should be closed. Returning + * >0 indicates the file was completely sent and + * lws_http_transaction_completed() called on the wsi (and close if != 0) + * ==0 indicates the file transfer is started and needs more service later, + * the wsi should be left alone. + */ +LWS_VISIBLE LWS_EXTERN int +lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, + const char *other_headers, int other_headers_len); + +LWS_VISIBLE LWS_EXTERN int +lws_serve_http_file_fragment(struct lws *wsi); +//@} + + +enum http_status { + HTTP_STATUS_CONTINUE = 100, + + HTTP_STATUS_OK = 200, + HTTP_STATUS_NO_CONTENT = 204, + HTTP_STATUS_PARTIAL_CONTENT = 206, + + HTTP_STATUS_MOVED_PERMANENTLY = 301, + HTTP_STATUS_FOUND = 302, + HTTP_STATUS_SEE_OTHER = 303, + HTTP_STATUS_NOT_MODIFIED = 304, + + HTTP_STATUS_BAD_REQUEST = 400, + HTTP_STATUS_UNAUTHORIZED, + HTTP_STATUS_PAYMENT_REQUIRED, + HTTP_STATUS_FORBIDDEN, + HTTP_STATUS_NOT_FOUND, + HTTP_STATUS_METHOD_NOT_ALLOWED, + HTTP_STATUS_NOT_ACCEPTABLE, + HTTP_STATUS_PROXY_AUTH_REQUIRED, + HTTP_STATUS_REQUEST_TIMEOUT, + HTTP_STATUS_CONFLICT, + HTTP_STATUS_GONE, + HTTP_STATUS_LENGTH_REQUIRED, + HTTP_STATUS_PRECONDITION_FAILED, + HTTP_STATUS_REQ_ENTITY_TOO_LARGE, + HTTP_STATUS_REQ_URI_TOO_LONG, + HTTP_STATUS_UNSUPPORTED_MEDIA_TYPE, + HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE, + HTTP_STATUS_EXPECTATION_FAILED, + + HTTP_STATUS_INTERNAL_SERVER_ERROR = 500, + HTTP_STATUS_NOT_IMPLEMENTED, + HTTP_STATUS_BAD_GATEWAY, + HTTP_STATUS_SERVICE_UNAVAILABLE, + HTTP_STATUS_GATEWAY_TIMEOUT, + HTTP_STATUS_HTTP_VERSION_NOT_SUPPORTED, +}; +/*! \defgroup html-chunked-substitution HTML Chunked Substitution + * \ingroup http + * + * ##HTML chunked Substitution + * + * APIs for receiving chunks of text, replacing a set of variable names via + * a callback, and then prepending and appending HTML chunked encoding + * headers. + */ +//@{ + +struct lws_process_html_args { + char *p; /**< pointer to the buffer containing the data */ + int len; /**< length of the original data at p */ + int max_len; /**< maximum length we can grow the data to */ + int final; /**< set if this is the last chunk of the file */ + int chunked; /**< 0 == unchunked, 1 == produce chunk headers (incompatible with HTTP/2) */ +}; + +typedef const char *(*lws_process_html_state_cb)(void *data, int index); + +struct lws_process_html_state { + char *start; /**< pointer to start of match */ + char swallow[16]; /**< matched character buffer */ + int pos; /**< position in match */ + void *data; /**< opaque pointer */ + const char * const *vars; /**< list of variable names */ + int count_vars; /**< count of variable names */ + + lws_process_html_state_cb replace; /**< called on match to perform substitution */ +}; + +/*! lws_chunked_html_process() - generic chunked substitution + * \param args: buffer to process using chunked encoding + * \param s: current processing state + */ +LWS_VISIBLE LWS_EXTERN int +lws_chunked_html_process(struct lws_process_html_args *args, + struct lws_process_html_state *s); +//@} + +/** \defgroup HTTP-headers-read HTTP headers: read + * \ingroup http + * + * ##HTTP header releated functions + * + * In lws the client http headers are temporarily stored in a pool, only for the + * duration of the http part of the handshake. It's because in most cases, + * the header content is ignored for the whole rest of the connection lifetime + * and would then just be taking up space needlessly. + * + * During LWS_CALLBACK_HTTP when the URI path is delivered is the last time + * the http headers are still allocated, you can use these apis then to + * look at and copy out interesting header content (cookies, etc) + * + * Notice that the header total length reported does not include a terminating + * '\0', however you must allocate for it when using the _copy apis. So the + * length reported for a header containing "123" is 3, but you must provide + * a buffer of length 4 so that "123\0" may be copied into it, or the copy + * will fail with a nonzero return code. + * + * In the special case of URL arguments, like ?x=1&y=2, the arguments are + * stored in a token named for the method, eg, WSI_TOKEN_GET_URI if it + * was a GET or WSI_TOKEN_POST_URI if POST. You can check the total + * length to confirm the method. + * + * For URL arguments, each argument is stored urldecoded in a "fragment", so + * you can use the fragment-aware api lws_hdr_copy_fragment() to access each + * argument in turn: the fragments contain urldecoded strings like x=1 or y=2. + * + * As a convenience, lws has an api that will find the fragment with a + * given name= part, lws_get_urlarg_by_name(). + */ +///@{ + +/** struct lws_tokens + * you need these to look at headers that have been parsed if using the + * LWS_CALLBACK_FILTER_CONNECTION callback. If a header from the enum + * list below is absent, .token = NULL and len = 0. Otherwise .token + * points to .len chars containing that header content. + */ +struct lws_tokens { + char *token; /**< pointer to start of the token */ + int len; /**< length of the token's value */ +}; + +/* enum lws_token_indexes + * these have to be kept in sync with lextable.h / minilex.c + * + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +enum lws_token_indexes { + WSI_TOKEN_GET_URI = 0, + WSI_TOKEN_POST_URI = 1, + WSI_TOKEN_OPTIONS_URI = 2, + WSI_TOKEN_HOST = 3, + WSI_TOKEN_CONNECTION = 4, + WSI_TOKEN_UPGRADE = 5, + WSI_TOKEN_ORIGIN = 6, + WSI_TOKEN_DRAFT = 7, + WSI_TOKEN_CHALLENGE = 8, + WSI_TOKEN_EXTENSIONS = 9, + WSI_TOKEN_KEY1 = 10, + WSI_TOKEN_KEY2 = 11, + WSI_TOKEN_PROTOCOL = 12, + WSI_TOKEN_ACCEPT = 13, + WSI_TOKEN_NONCE = 14, + WSI_TOKEN_HTTP = 15, + WSI_TOKEN_HTTP2_SETTINGS = 16, + WSI_TOKEN_HTTP_ACCEPT = 17, + WSI_TOKEN_HTTP_AC_REQUEST_HEADERS = 18, + WSI_TOKEN_HTTP_IF_MODIFIED_SINCE = 19, + WSI_TOKEN_HTTP_IF_NONE_MATCH = 20, + WSI_TOKEN_HTTP_ACCEPT_ENCODING = 21, + WSI_TOKEN_HTTP_ACCEPT_LANGUAGE = 22, + WSI_TOKEN_HTTP_PRAGMA = 23, + WSI_TOKEN_HTTP_CACHE_CONTROL = 24, + WSI_TOKEN_HTTP_AUTHORIZATION = 25, + WSI_TOKEN_HTTP_COOKIE = 26, + WSI_TOKEN_HTTP_CONTENT_LENGTH = 27, + WSI_TOKEN_HTTP_CONTENT_TYPE = 28, + WSI_TOKEN_HTTP_DATE = 29, + WSI_TOKEN_HTTP_RANGE = 30, + WSI_TOKEN_HTTP_REFERER = 31, + WSI_TOKEN_KEY = 32, + WSI_TOKEN_VERSION = 33, + WSI_TOKEN_SWORIGIN = 34, + + WSI_TOKEN_HTTP_COLON_AUTHORITY = 35, + WSI_TOKEN_HTTP_COLON_METHOD = 36, + WSI_TOKEN_HTTP_COLON_PATH = 37, + WSI_TOKEN_HTTP_COLON_SCHEME = 38, + WSI_TOKEN_HTTP_COLON_STATUS = 39, + + WSI_TOKEN_HTTP_ACCEPT_CHARSET = 40, + WSI_TOKEN_HTTP_ACCEPT_RANGES = 41, + WSI_TOKEN_HTTP_ACCESS_CONTROL_ALLOW_ORIGIN = 42, + WSI_TOKEN_HTTP_AGE = 43, + WSI_TOKEN_HTTP_ALLOW = 44, + WSI_TOKEN_HTTP_CONTENT_DISPOSITION = 45, + WSI_TOKEN_HTTP_CONTENT_ENCODING = 46, + WSI_TOKEN_HTTP_CONTENT_LANGUAGE = 47, + WSI_TOKEN_HTTP_CONTENT_LOCATION = 48, + WSI_TOKEN_HTTP_CONTENT_RANGE = 49, + WSI_TOKEN_HTTP_ETAG = 50, + WSI_TOKEN_HTTP_EXPECT = 51, + WSI_TOKEN_HTTP_EXPIRES = 52, + WSI_TOKEN_HTTP_FROM = 53, + WSI_TOKEN_HTTP_IF_MATCH = 54, + WSI_TOKEN_HTTP_IF_RANGE = 55, + WSI_TOKEN_HTTP_IF_UNMODIFIED_SINCE = 56, + WSI_TOKEN_HTTP_LAST_MODIFIED = 57, + WSI_TOKEN_HTTP_LINK = 58, + WSI_TOKEN_HTTP_LOCATION = 59, + WSI_TOKEN_HTTP_MAX_FORWARDS = 60, + WSI_TOKEN_HTTP_PROXY_AUTHENTICATE = 61, + WSI_TOKEN_HTTP_PROXY_AUTHORIZATION = 62, + WSI_TOKEN_HTTP_REFRESH = 63, + WSI_TOKEN_HTTP_RETRY_AFTER = 64, + WSI_TOKEN_HTTP_SERVER = 65, + WSI_TOKEN_HTTP_SET_COOKIE = 66, + WSI_TOKEN_HTTP_STRICT_TRANSPORT_SECURITY = 67, + WSI_TOKEN_HTTP_TRANSFER_ENCODING = 68, + WSI_TOKEN_HTTP_USER_AGENT = 69, + WSI_TOKEN_HTTP_VARY = 70, + WSI_TOKEN_HTTP_VIA = 71, + WSI_TOKEN_HTTP_WWW_AUTHENTICATE = 72, + + WSI_TOKEN_PATCH_URI = 73, + WSI_TOKEN_PUT_URI = 74, + WSI_TOKEN_DELETE_URI = 75, + + WSI_TOKEN_HTTP_URI_ARGS = 76, + WSI_TOKEN_PROXY = 77, + WSI_TOKEN_HTTP_X_REAL_IP = 78, + WSI_TOKEN_HTTP1_0 = 79, + WSI_TOKEN_X_FORWARDED_FOR = 80, + WSI_TOKEN_CONNECT = 81, + WSI_TOKEN_HEAD_URI = 82, + WSI_TOKEN_TE = 83, + WSI_TOKEN_REPLAY_NONCE = 84, + WSI_TOKEN_COLON_PROTOCOL = 85, + WSI_TOKEN_X_AUTH_TOKEN = 86, + + /****** add new things just above ---^ ******/ + + /* use token storage to stash these internally, not for + * user use */ + + _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, + _WSI_TOKEN_CLIENT_PEER_ADDRESS, + _WSI_TOKEN_CLIENT_URI, + _WSI_TOKEN_CLIENT_HOST, + _WSI_TOKEN_CLIENT_ORIGIN, + _WSI_TOKEN_CLIENT_METHOD, + _WSI_TOKEN_CLIENT_IFACE, + _WSI_TOKEN_CLIENT_ALPN, + + /* always last real token index*/ + WSI_TOKEN_COUNT, + + /* parser state additions, no storage associated */ + WSI_TOKEN_NAME_PART, + WSI_TOKEN_SKIPPING, + WSI_TOKEN_SKIPPING_SAW_CR, + WSI_PARSING_COMPLETE, + WSI_INIT_TOKEN_MUXURL, +}; + +struct lws_token_limits { + unsigned short token_limit[WSI_TOKEN_COUNT]; /**< max chars for this token */ +}; + +/** + * lws_token_to_string() - returns a textual representation of a hdr token index + * + * \param token: token index + */ +LWS_VISIBLE LWS_EXTERN const unsigned char * +lws_token_to_string(enum lws_token_indexes token); + +/** + * lws_hdr_total_length: report length of all fragments of a header totalled up + * The returned length does not include the space for a + * terminating '\0' + * + * \param wsi: websocket connection + * \param h: which header index we are interested in + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h); + +/** + * lws_hdr_fragment_length: report length of a single fragment of a header + * The returned length does not include the space for a + * terminating '\0' + * + * \param wsi: websocket connection + * \param h: which header index we are interested in + * \param frag_idx: which fragment of h we want to get the length of + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_hdr_fragment_length(struct lws *wsi, enum lws_token_indexes h, int frag_idx); + +/** + * lws_hdr_copy() - copy a single fragment of the given header to a buffer + * The buffer length len must include space for an additional + * terminating '\0', or it will fail returning -1. + * + * \param wsi: websocket connection + * \param dest: destination buffer + * \param len: length of destination buffer + * \param h: which header index we are interested in + * + * copies the whole, aggregated header, even if it was delivered in + * several actual headers piece by piece + */ +LWS_VISIBLE LWS_EXTERN int +lws_hdr_copy(struct lws *wsi, char *dest, int len, enum lws_token_indexes h); + +/** + * lws_hdr_copy_fragment() - copy a single fragment of the given header to a buffer + * The buffer length len must include space for an additional + * terminating '\0', or it will fail returning -1. + * If the requested fragment index is not present, it fails + * returning -1. + * + * \param wsi: websocket connection + * \param dest: destination buffer + * \param len: length of destination buffer + * \param h: which header index we are interested in + * \param frag_idx: which fragment of h we want to copy + * + * Normally this is only useful + * to parse URI arguments like ?x=1&y=2, token index WSI_TOKEN_HTTP_URI_ARGS + * fragment 0 will contain "x=1" and fragment 1 "y=2" + */ +LWS_VISIBLE LWS_EXTERN int +lws_hdr_copy_fragment(struct lws *wsi, char *dest, int len, + enum lws_token_indexes h, int frag_idx); + +/** + * lws_get_urlarg_by_name() - return pointer to arg value if present + * \param wsi: the connection to check + * \param name: the arg name, like "token=" + * \param buf: the buffer to receive the urlarg (including the name= part) + * \param len: the length of the buffer to receive the urlarg + * + * Returns NULL if not found or a pointer inside buf to just after the + * name= part. + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_get_urlarg_by_name(struct lws *wsi, const char *name, char *buf, int len); +///@} + +/*! \defgroup HTTP-headers-create HTTP headers: create + * + * ## HTTP headers: Create + * + * These apis allow you to create HTTP response headers in a way compatible with + * both HTTP/1.x and HTTP/2. + * + * They each append to a buffer taking care about the buffer end, which is + * passed in as a pointer. When data is written to the buffer, the current + * position p is updated accordingly. + * + * All of these apis are LWS_WARN_UNUSED_RESULT as they can run out of space + * and fail with nonzero return. + */ +///@{ + +#define LWSAHH_CODE_MASK ((1 << 16) - 1) +#define LWSAHH_FLAG_NO_SERVER_NAME (1 << 30) + +/** + * lws_add_http_header_status() - add the HTTP response status code + * + * \param wsi: the connection to check + * \param code: an HTTP code like 200, 404 etc (see enum http_status) + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Adds the initial response code, so should be called first. + * + * Code may additionally take OR'd flags: + * + * LWSAHH_FLAG_NO_SERVER_NAME: don't apply server name header this time + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_add_http_header_status(struct lws *wsi, + unsigned int code, unsigned char **p, + unsigned char *end); +/** + * lws_add_http_header_by_name() - append named header and value + * + * \param wsi: the connection to check + * \param name: the hdr name, like "my-header" + * \param value: the value after the = for this header + * \param length: the length of the value + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Appends name: value to the headers + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_add_http_header_by_name(struct lws *wsi, const unsigned char *name, + const unsigned char *value, int length, + unsigned char **p, unsigned char *end); +/** + * lws_add_http_header_by_token() - append given header and value + * + * \param wsi: the connection to check + * \param token: the token index for the hdr + * \param value: the value after the = for this header + * \param length: the length of the value + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Appends name=value to the headers, but is able to take advantage of better + * HTTP/2 coding mechanisms where possible. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_add_http_header_by_token(struct lws *wsi, enum lws_token_indexes token, + const unsigned char *value, int length, + unsigned char **p, unsigned char *end); +/** + * lws_add_http_header_content_length() - append content-length helper + * + * \param wsi: the connection to check + * \param content_length: the content length to use + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Appends content-length: content_length to the headers + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_add_http_header_content_length(struct lws *wsi, + lws_filepos_t content_length, + unsigned char **p, unsigned char *end); +/** + * lws_finalize_http_header() - terminate header block + * + * \param wsi: the connection to check + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Indicates no more headers will be added + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_finalize_http_header(struct lws *wsi, unsigned char **p, + unsigned char *end); + +/** + * lws_finalize_write_http_header() - Helper finializing and writing http headers + * + * \param wsi: the connection to check + * \param start: pointer to the start of headers in the buffer, eg &buf[LWS_PRE] + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Terminates the headers correctly accoring to the protocol in use (h1 / h2) + * and writes the headers. Returns nonzero for error. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_finalize_write_http_header(struct lws *wsi, unsigned char *start, + unsigned char **p, unsigned char *end); + +#define LWS_ILLEGAL_HTTP_CONTENT_LEN ((lws_filepos_t)-1ll) + +/** + * lws_add_http_common_headers() - Helper preparing common http headers + * + * \param wsi: the connection to check + * \param code: an HTTP code like 200, 404 etc (see enum http_status) + * \param content_type: the content type, like "text/html" + * \param content_len: the content length, in bytes + * \param p: pointer to current position in buffer pointer + * \param end: pointer to end of buffer + * + * Adds the initial response code, so should be called first. + * + * Code may additionally take OR'd flags: + * + * LWSAHH_FLAG_NO_SERVER_NAME: don't apply server name header this time + * + * This helper just calls public apis to simplify adding headers that are + * commonly needed. If it doesn't fit your case, or you want to add additional + * headers just call the public apis directly yourself for what you want. + * + * You can miss out the content length header by providing the constant + * LWS_ILLEGAL_HTTP_CONTENT_LEN for the content_len. + * + * It does not call lws_finalize_http_header(), to allow you to add further + * headers after calling this. You will need to call that yourself at the end. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_add_http_common_headers(struct lws *wsi, unsigned int code, + const char *content_type, lws_filepos_t content_len, + unsigned char **p, unsigned char *end); +///@} + +/** \defgroup form-parsing Form Parsing + * \ingroup http + * ##POSTed form parsing functions + * + * These lws_spa (stateful post arguments) apis let you parse and urldecode + * POSTed form arguments, both using simple urlencoded and multipart transfer + * encoding. + * + * It's capable of handling file uploads as well a named input parsing, + * and the apis are the same for both form upload styles. + * + * You feed it a list of parameter names and it creates pointers to the + * urldecoded arguments: file upload parameters pass the file data in chunks to + * a user-supplied callback as they come. + * + * Since it's stateful, it handles the incoming data needing more than one + * POST_BODY callback and has no limit on uploaded file size. + */ +///@{ + +/** enum lws_spa_fileupload_states */ +enum lws_spa_fileupload_states { + LWS_UFS_CONTENT, + /**< a chunk of file content has arrived */ + LWS_UFS_FINAL_CONTENT, + /**< the last chunk (possibly zero length) of file content has arrived */ + LWS_UFS_OPEN + /**< a new file is starting to arrive */ +}; + +/** + * lws_spa_fileupload_cb() - callback to receive file upload data + * + * \param data: opt_data pointer set in lws_spa_create + * \param name: name of the form field being uploaded + * \param filename: original filename from client + * \param buf: start of data to receive + * \param len: length of data to receive + * \param state: information about how this call relates to file + * + * Notice name and filename shouldn't be trusted, as they are passed from + * HTTP provided by the client. + */ +typedef int (*lws_spa_fileupload_cb)(void *data, const char *name, + const char *filename, char *buf, int len, + enum lws_spa_fileupload_states state); + +/** struct lws_spa - opaque urldecode parser capable of handling multipart + * and file uploads */ +struct lws_spa; + +/** + * lws_spa_create() - create urldecode parser + * + * \param wsi: lws connection (used to find Content Type) + * \param param_names: array of form parameter names, like "username" + * \param count_params: count of param_names + * \param max_storage: total amount of form parameter values we can store + * \param opt_cb: NULL, or callback to receive file upload data. + * \param opt_data: NULL, or user pointer provided to opt_cb. + * + * Creates a urldecode parser and initializes it. + * + * opt_cb can be NULL if you just want normal name=value parsing, however + * if one or more entries in your form are bulk data (file transfer), you + * can provide this callback and filter on the name callback parameter to + * treat that urldecoded data separately. The callback should return -1 + * in case of fatal error, and 0 if OK. + */ +LWS_VISIBLE LWS_EXTERN struct lws_spa * +lws_spa_create(struct lws *wsi, const char * const *param_names, + int count_params, int max_storage, lws_spa_fileupload_cb opt_cb, + void *opt_data); + +/** + * lws_spa_process() - parses a chunk of input data + * + * \param spa: the parser object previously created + * \param in: incoming, urlencoded data + * \param len: count of bytes valid at \param in + */ +LWS_VISIBLE LWS_EXTERN int +lws_spa_process(struct lws_spa *spa, const char *in, int len); + +/** + * lws_spa_finalize() - indicate incoming data completed + * + * \param spa: the parser object previously created + */ +LWS_VISIBLE LWS_EXTERN int +lws_spa_finalize(struct lws_spa *spa); + +/** + * lws_spa_get_length() - return length of parameter value + * + * \param spa: the parser object previously created + * \param n: parameter ordinal to return length of value for + */ +LWS_VISIBLE LWS_EXTERN int +lws_spa_get_length(struct lws_spa *spa, int n); + +/** + * lws_spa_get_string() - return pointer to parameter value + * \param spa: the parser object previously created + * \param n: parameter ordinal to return pointer to value for + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_spa_get_string(struct lws_spa *spa, int n); + +/** + * lws_spa_destroy() - destroy parser object + * + * \param spa: the parser object previously created + */ +LWS_VISIBLE LWS_EXTERN int +lws_spa_destroy(struct lws_spa *spa); +///@} + +/*! \defgroup urlendec Urlencode and Urldecode + * \ingroup http + * + * ##HTML chunked Substitution + * + * APIs for receiving chunks of text, replacing a set of variable names via + * a callback, and then prepending and appending HTML chunked encoding + * headers. + */ +//@{ + +/** + * lws_urlencode() - like strncpy but with urlencoding + * + * \param escaped: output buffer + * \param string: input buffer ('/0' terminated) + * \param len: output buffer max length + * + * Because urlencoding expands the output string, it's not + * possible to do it in-place, ie, with escaped == string + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_urlencode(char *escaped, const char *string, int len); + +/* + * URLDECODE 1 / 2 + * + * This simple urldecode only operates until the first '\0' and requires the + * data to exist all at once + */ +/** + * lws_urldecode() - like strncpy but with urldecoding + * + * \param string: output buffer + * \param escaped: input buffer ('\0' terminated) + * \param len: output buffer max length + * + * This is only useful for '\0' terminated strings + * + * Since urldecoding only shrinks the output string, it is possible to + * do it in-place, ie, string == escaped + * + * Returns 0 if completed OK or nonzero for urldecode violation (non-hex chars + * where hex required, etc) + */ +LWS_VISIBLE LWS_EXTERN int +lws_urldecode(char *string, const char *escaped, int len); +///@} +/** + * lws_return_http_status() - Return simple http status + * \param wsi: Websocket instance (available from user callback) + * \param code: Status index, eg, 404 + * \param html_body: User-readable HTML description < 1KB, or NULL + * + * Helper to report HTTP errors back to the client cleanly and + * consistently + */ +LWS_VISIBLE LWS_EXTERN int +lws_return_http_status(struct lws *wsi, unsigned int code, + const char *html_body); + +/** + * lws_http_redirect() - write http redirect out on wsi + * + * \param wsi: websocket connection + * \param code: HTTP response code (eg, 301) + * \param loc: where to redirect to + * \param len: length of loc + * \param p: pointer current position in buffer (updated as we write) + * \param end: pointer to end of buffer + * + * Returns amount written, or < 0 indicating fatal write failure. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_http_redirect(struct lws *wsi, int code, const unsigned char *loc, int len, + unsigned char **p, unsigned char *end); + +/** + * lws_http_transaction_completed() - wait for new http transaction or close + * \param wsi: websocket connection + * + * Returns 1 if the HTTP connection must close now + * Returns 0 and resets connection to wait for new HTTP header / + * transaction if possible + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_http_transaction_completed(struct lws *wsi); +///@} + +/*! \defgroup pur Sanitize / purify SQL and JSON helpers + * + * ##Sanitize / purify SQL and JSON helpers + * + * APIs for escaping untrusted JSON and SQL safely before use + */ +//@{ + +/** + * lws_sql_purify() - like strncpy but with escaping for sql quotes + * + * \param escaped: output buffer + * \param string: input buffer ('/0' terminated) + * \param len: output buffer max length + * + * Because escaping expands the output string, it's not + * possible to do it in-place, ie, with escaped == string + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_sql_purify(char *escaped, const char *string, int len); + +/** + * lws_json_purify() - like strncpy but with escaping for json chars + * + * \param escaped: output buffer + * \param string: input buffer ('/0' terminated) + * \param len: output buffer max length + * + * Because escaping expands the output string, it's not + * possible to do it in-place, ie, with escaped == string + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_json_purify(char *escaped, const char *string, int len); + +/** + * lws_filename_purify_inplace() - replace scary filename chars with underscore + * + * \param filename: filename to be purified + * + * Replace scary characters in the filename (it should not be a path) + * with underscore, so it's safe to use. + */ +LWS_VISIBLE LWS_EXTERN void +lws_filename_purify_inplace(char *filename); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, + int len); +LWS_VISIBLE LWS_EXTERN int +lws_plat_write_file(const char *filename, void *buf, int len); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_read_file(const char *filename, void *buf, int len); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_recommended_rsa_bits(void); +///@} + +/*! \defgroup uv libuv helpers + * + * ##libuv helpers + * + * APIs specific to libuv event loop itegration + */ +///@{ +#ifdef LWS_WITH_LIBUV +/* + * Any direct libuv allocations in lws protocol handlers must participate in the + * lws reference counting scheme. Two apis are provided: + * + * - lws_libuv_static_refcount_add(handle, context) to mark the handle with + * a pointer to the context and increment the global uv object counter + * + * - lws_libuv_static_refcount_del() which should be used as the close callback + * for your own libuv objects declared in the protocol scope. + * + * Using the apis allows lws to detach itself from a libuv loop completely + * cleanly and at the moment all of its libuv objects have completed close. + */ + +LWS_VISIBLE LWS_EXTERN uv_loop_t * +lws_uv_getloop(struct lws_context *context, int tsi); + +LWS_VISIBLE LWS_EXTERN void +lws_libuv_static_refcount_add(uv_handle_t *, struct lws_context *context); + +LWS_VISIBLE LWS_EXTERN void +lws_libuv_static_refcount_del(uv_handle_t *); + +#endif /* LWS_WITH_LIBUV */ + +#if defined(LWS_WITH_ESP32) +#define lws_libuv_static_refcount_add(_a, _b) +#define lws_libuv_static_refcount_del NULL +#endif +///@} + + +/*! \defgroup timeout Connection timeouts + + APIs related to setting connection timeouts +*/ +//@{ + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +enum pending_timeout { + NO_PENDING_TIMEOUT = 0, + PENDING_TIMEOUT_AWAITING_PROXY_RESPONSE = 1, + PENDING_TIMEOUT_AWAITING_CONNECT_RESPONSE = 2, + PENDING_TIMEOUT_ESTABLISH_WITH_SERVER = 3, + PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE = 4, + PENDING_TIMEOUT_AWAITING_PING = 5, + PENDING_TIMEOUT_CLOSE_ACK = 6, + PENDING_TIMEOUT_UNUSED1 = 7, + PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE = 8, + PENDING_TIMEOUT_SSL_ACCEPT = 9, + PENDING_TIMEOUT_HTTP_CONTENT = 10, + PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND = 11, + PENDING_FLUSH_STORED_SEND_BEFORE_CLOSE = 12, + PENDING_TIMEOUT_SHUTDOWN_FLUSH = 13, + PENDING_TIMEOUT_CGI = 14, + PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE = 15, + PENDING_TIMEOUT_WS_PONG_CHECK_SEND_PING = 16, + PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG = 17, + PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD = 18, + PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY = 19, + PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY = 20, + PENDING_TIMEOUT_AWAITING_SOCKS_AUTH_REPLY = 21, + PENDING_TIMEOUT_KILLED_BY_SSL_INFO = 22, + PENDING_TIMEOUT_KILLED_BY_PARENT = 23, + PENDING_TIMEOUT_CLOSE_SEND = 24, + PENDING_TIMEOUT_HOLDING_AH = 25, + PENDING_TIMEOUT_UDP_IDLE = 26, + PENDING_TIMEOUT_CLIENT_CONN_IDLE = 27, + PENDING_TIMEOUT_LAGGING = 28, + + /****** add new things just above ---^ ******/ + + PENDING_TIMEOUT_USER_REASON_BASE = 1000 +}; + +#define LWS_TO_KILL_ASYNC -1 +/**< If LWS_TO_KILL_ASYNC is given as the timeout sec in a lws_set_timeout() + * call, then the connection is marked to be killed at the next timeout + * check. This is how you should force-close the wsi being serviced if + * you are doing it outside the callback (where you should close by nonzero + * return). + */ +#define LWS_TO_KILL_SYNC -2 +/**< If LWS_TO_KILL_SYNC is given as the timeout sec in a lws_set_timeout() + * call, then the connection is closed before returning (which may delete + * the wsi). This should only be used where the wsi being closed is not the + * wsi currently being serviced. + */ +/** + * lws_set_timeout() - marks the wsi as subject to a timeout + * + * You will not need this unless you are doing something special + * + * \param wsi: Websocket connection instance + * \param reason: timeout reason + * \param secs: how many seconds. You may set to LWS_TO_KILL_ASYNC to + * force the connection to timeout at the next opportunity, or + * LWS_TO_KILL_SYNC to close it synchronously if you know the + * wsi is not the one currently being serviced. + */ +LWS_VISIBLE LWS_EXTERN void +lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs); + +#define LWS_SET_TIMER_USEC_CANCEL ((lws_usec_t)-1ll) +#define LWS_USEC_PER_SEC (1000000ll) + +/** + * lws_set_timer_usecs() - schedules a callback on the wsi in the future + * + * \param wsi: Websocket connection instance + * \param usecs: LWS_SET_TIMER_USEC_CANCEL removes any existing scheduled + * callback, otherwise number of microseconds in the future + * the callback will occur at. + * + * NOTE: event loop support for this: + * + * default poll() loop: yes + * libuv event loop: yes + * libev: not implemented (patch welcome) + * libevent: not implemented (patch welcome) + * + * After the deadline expires, the wsi will get a callback of type + * LWS_CALLBACK_TIMER and the timer is exhausted. The deadline may be + * continuously deferred by further calls to lws_set_timer_usecs() with a later + * deadline, or cancelled by lws_set_timer_usecs(wsi, -1). + * + * If the timer should repeat, lws_set_timer_usecs() must be called again from + * LWS_CALLBACK_TIMER. + * + * Accuracy depends on the platform and the load on the event loop or system... + * all that's guaranteed is the callback will come after the requested wait + * period. + */ +LWS_VISIBLE LWS_EXTERN void +lws_set_timer_usecs(struct lws *wsi, lws_usec_t usecs); + +/* + * lws_timed_callback_vh_protocol() - calls back a protocol on a vhost after + * the specified delay + * + * \param vh: the vhost to call back + * \param protocol: the protocol to call back + * \param reason: callback reason + * \param secs: how many seconds in the future to do the callback. Set to + * -1 to cancel the timer callback. + * + * Callback the specified protocol with a fake wsi pointing to the specified + * vhost and protocol, with the specified reason, at the specified time in the + * future. + * + * Returns 0 if OK. + */ +LWS_VISIBLE LWS_EXTERN int +lws_timed_callback_vh_protocol(struct lws_vhost *vh, + const struct lws_protocols *prot, + int reason, int secs); +///@} + +/*! \defgroup sending-data Sending data + + APIs related to writing data on a connection +*/ +//@{ +#if !defined(LWS_SIZEOFPTR) +#define LWS_SIZEOFPTR ((int)sizeof (void *)) +#endif + +#if defined(__x86_64__) +#define _LWS_PAD_SIZE 16 /* Intel recommended for best performance */ +#else +#define _LWS_PAD_SIZE LWS_SIZEOFPTR /* Size of a pointer on the target arch */ +#endif +#define _LWS_PAD(n) (((n) % _LWS_PAD_SIZE) ? \ + ((n) + (_LWS_PAD_SIZE - ((n) % _LWS_PAD_SIZE))) : (n)) +/* last 2 is for lws-meta */ +#define LWS_PRE _LWS_PAD(4 + 10 + 2) +/* used prior to 1.7 and retained for backward compatibility */ +#define LWS_SEND_BUFFER_PRE_PADDING LWS_PRE +#define LWS_SEND_BUFFER_POST_PADDING 0 + +#define LWS_WRITE_RAW LWS_WRITE_HTTP + +/* + * NOTE: These public enums are part of the abi. If you want to add one, + * add it at where specified so existing users are unaffected. + */ +enum lws_write_protocol { + LWS_WRITE_TEXT = 0, + /**< Send a ws TEXT message,the pointer must have LWS_PRE valid + * memory behind it. The receiver expects only valid utf-8 in the + * payload */ + LWS_WRITE_BINARY = 1, + /**< Send a ws BINARY message, the pointer must have LWS_PRE valid + * memory behind it. Any sequence of bytes is valid */ + LWS_WRITE_CONTINUATION = 2, + /**< Continue a previous ws message, the pointer must have LWS_PRE valid + * memory behind it */ + LWS_WRITE_HTTP = 3, + /**< Send HTTP content */ + + /* LWS_WRITE_CLOSE is handled by lws_close_reason() */ + LWS_WRITE_PING = 5, + LWS_WRITE_PONG = 6, + + /* Same as write_http but we know this write ends the transaction */ + LWS_WRITE_HTTP_FINAL = 7, + + /* HTTP2 */ + + LWS_WRITE_HTTP_HEADERS = 8, + /**< Send http headers (http2 encodes this payload and LWS_WRITE_HTTP + * payload differently, http 1.x links also handle this correctly. so + * to be compatible with both in the future,header response part should + * be sent using this regardless of http version expected) + */ + LWS_WRITE_HTTP_HEADERS_CONTINUATION = 9, + /**< Continuation of http/2 headers + */ + + /****** add new things just above ---^ ******/ + + /* flags */ + + LWS_WRITE_NO_FIN = 0x40, + /**< This part of the message is not the end of the message */ + + LWS_WRITE_H2_STREAM_END = 0x80, + /**< Flag indicates this packet should go out with STREAM_END if h2 + * STREAM_END is allowed on DATA or HEADERS. + */ + + LWS_WRITE_CLIENT_IGNORE_XOR_MASK = 0x80 + /**< client packet payload goes out on wire unmunged + * only useful for security tests since normal servers cannot + * decode the content if used */ +}; + +/* used with LWS_CALLBACK_CHILD_WRITE_VIA_PARENT */ + +struct lws_write_passthru { + struct lws *wsi; + unsigned char *buf; + size_t len; + enum lws_write_protocol wp; +}; + + +/** + * lws_write() - Apply protocol then write data to client + * \param wsi: Websocket instance (available from user callback) + * \param buf: The data to send. For data being sent on a websocket + * connection (ie, not default http), this buffer MUST have + * LWS_PRE bytes valid BEFORE the pointer. + * This is so the protocol header data can be added in-situ. + * \param len: Count of the data bytes in the payload starting from buf + * \param protocol: Use LWS_WRITE_HTTP to reply to an http connection, and one + * of LWS_WRITE_BINARY or LWS_WRITE_TEXT to send appropriate + * data on a websockets connection. Remember to allow the extra + * bytes before and after buf if LWS_WRITE_BINARY or LWS_WRITE_TEXT + * are used. + * + * This function provides the way to issue data back to the client + * for both http and websocket protocols. + * + * IMPORTANT NOTICE! + * + * When sending with websocket protocol + * + * LWS_WRITE_TEXT, + * LWS_WRITE_BINARY, + * LWS_WRITE_CONTINUATION, + * LWS_WRITE_PING, + * LWS_WRITE_PONG + * + * the send buffer has to have LWS_PRE bytes valid BEFORE + * the buffer pointer you pass to lws_write(). + * + * This allows us to add protocol info before and after the data, and send as + * one packet on the network without payload copying, for maximum efficiency. + * + * So for example you need this kind of code to use lws_write with a + * 128-byte payload + * + * char buf[LWS_PRE + 128]; + * + * // fill your part of the buffer... for example here it's all zeros + * memset(&buf[LWS_PRE], 0, 128); + * + * lws_write(wsi, &buf[LWS_PRE], 128, LWS_WRITE_TEXT); + * + * When sending HTTP, with + * + * LWS_WRITE_HTTP, + * LWS_WRITE_HTTP_HEADERS + * LWS_WRITE_HTTP_FINAL + * + * there is no protocol data prepended, and don't need to take care about the + * LWS_PRE bytes valid before the buffer pointer. + * + * LWS_PRE is at least the frame nonce + 2 header + 8 length + * LWS_SEND_BUFFER_POST_PADDING is deprecated, it's now 0 and can be left off. + * The example apps no longer use it. + * + * Pad LWS_PRE to the CPU word size, so that word references + * to the address immediately after the padding won't cause an unaligned access + * error. Sometimes for performance reasons the recommended padding is even + * larger than sizeof(void *). + * + * In the case of sending using websocket protocol, be sure to allocate + * valid storage before and after buf as explained above. This scheme + * allows maximum efficiency of sending data and protocol in a single + * packet while not burdening the user code with any protocol knowledge. + * + * Return may be -1 for a fatal error needing connection close, or the + * number of bytes sent. + * + * Truncated Writes + * ================ + * + * The OS may not accept everything you asked to write on the connection. + * + * Posix defines POLLOUT indication from poll() to show that the connection + * will accept more write data, but it doesn't specifiy how much. It may just + * accept one byte of whatever you wanted to send. + * + * LWS will buffer the remainder automatically, and send it out autonomously. + * + * During that time, WRITABLE callbacks will be suppressed. + * + * This is to handle corner cases where unexpectedly the OS refuses what we + * usually expect it to accept. You should try to send in chunks that are + * almost always accepted in order to avoid the inefficiency of the buffering. + */ +LWS_VISIBLE LWS_EXTERN int +lws_write(struct lws *wsi, unsigned char *buf, size_t len, + enum lws_write_protocol protocol); + +/* helper for case where buffer may be const */ +#define lws_write_http(wsi, buf, len) \ + lws_write(wsi, (unsigned char *)(buf), len, LWS_WRITE_HTTP) + +/* helper for multi-frame ws message flags */ +static LWS_INLINE int +lws_write_ws_flags(int initial, int is_start, int is_end) +{ + int r; + + if (is_start) + r = initial; + else + r = LWS_WRITE_CONTINUATION; + + if (!is_end) + r |= LWS_WRITE_NO_FIN; + + return r; +} +///@} + +/** \defgroup callback-when-writeable Callback when writeable + * + * ##Callback When Writeable + * + * lws can only write data on a connection when it is able to accept more + * data without blocking. + * + * So a basic requirement is we should only use the lws_write() apis when the + * connection we want to write on says that he can accept more data. + * + * When lws cannot complete your send at the time, it will buffer the data + * and send it in the background, suppressing any further WRITEABLE callbacks + * on that connection until it completes. So it is important to write new + * things in a new writeable callback. + * + * These apis reflect the various ways we can indicate we would like to be + * called back when one or more connections is writeable. + */ +///@{ + +/** + * lws_callback_on_writable() - Request a callback when this socket + * becomes able to be written to without + * blocking + * + * \param wsi: Websocket connection instance to get callback for + * + * - Which: only this wsi + * - When: when the individual connection becomes writeable + * - What: LWS_CALLBACK_*_WRITEABLE + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_on_writable(struct lws *wsi); + +/** + * lws_callback_on_writable_all_protocol() - Request a callback for all + * connections using the given protocol when it + * becomes possible to write to each socket without + * blocking in turn. + * + * \param context: lws_context + * \param protocol: Protocol whose connections will get callbacks + * + * - Which: connections using this protocol on ANY VHOST + * - When: when the individual connection becomes writeable + * - What: LWS_CALLBACK_*_WRITEABLE + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_on_writable_all_protocol(const struct lws_context *context, + const struct lws_protocols *protocol); + +/** + * lws_callback_on_writable_all_protocol_vhost() - Request a callback for + * all connections on same vhost using the given protocol + * when it becomes possible to write to each socket without + * blocking in turn. + * + * \param vhost: Only consider connections on this lws_vhost + * \param protocol: Protocol whose connections will get callbacks + * + * - Which: connections using this protocol on GIVEN VHOST ONLY + * - When: when the individual connection becomes writeable + * - What: LWS_CALLBACK_*_WRITEABLE + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_on_writable_all_protocol_vhost(const struct lws_vhost *vhost, + const struct lws_protocols *protocol); + +/** + * lws_callback_all_protocol() - Callback all connections using + * the given protocol with the given reason + * + * \param context: lws_context + * \param protocol: Protocol whose connections will get callbacks + * \param reason: Callback reason index + * + * - Which: connections using this protocol on ALL VHOSTS + * - When: before returning + * - What: reason + * + * This isn't normally what you want... normally any update of connection- + * specific information can wait until a network-related callback like rx, + * writable, or close. + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_all_protocol(struct lws_context *context, + const struct lws_protocols *protocol, int reason); + +/** + * lws_callback_all_protocol_vhost() - Callback all connections using + * the given protocol with the given reason. This is + * deprecated since v2.4: use lws_callback_all_protocol_vhost_args + * + * \param vh: Vhost whose connections will get callbacks + * \param protocol: Which protocol to match. NULL means all. + * \param reason: Callback reason index + * + * - Which: connections using this protocol on GIVEN VHOST ONLY + * - When: now + * - What: reason + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_all_protocol_vhost(struct lws_vhost *vh, + const struct lws_protocols *protocol, int reason) +LWS_WARN_DEPRECATED; + +/** + * lws_callback_all_protocol_vhost_args() - Callback all connections using + * the given protocol with the given reason and args + * + * \param vh: Vhost whose connections will get callbacks + * \param protocol: Which protocol to match. NULL means all. + * \param reason: Callback reason index + * \param argp: Callback "in" parameter + * \param len: Callback "len" parameter + * + * - Which: connections using this protocol on GIVEN VHOST ONLY + * - When: now + * - What: reason + */ +LWS_VISIBLE int +lws_callback_all_protocol_vhost_args(struct lws_vhost *vh, + const struct lws_protocols *protocol, int reason, + void *argp, size_t len); + +/** + * lws_callback_vhost_protocols() - Callback all protocols enabled on a vhost + * with the given reason + * + * \param wsi: wsi whose vhost will get callbacks + * \param reason: Callback reason index + * \param in: in argument to callback + * \param len: len argument to callback + * + * - Which: connections using this protocol on same VHOST as wsi ONLY + * - When: now + * - What: reason + * + * This is deprecated since v2.5, use lws_callback_vhost_protocols_vhost() + * which takes the pointer to the vhost directly without using or needing the + * wsi. + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_vhost_protocols(struct lws *wsi, int reason, void *in, int len) +LWS_WARN_DEPRECATED; + +/** + * lws_callback_vhost_protocols_vhost() - Callback all protocols enabled on a vhost + * with the given reason + * + * \param vh: vhost that will get callbacks + * \param reason: Callback reason index + * \param in: in argument to callback + * \param len: len argument to callback + * + * - Which: connections using this protocol on same VHOST as wsi ONLY + * - When: now + * - What: reason + */ +LWS_VISIBLE LWS_EXTERN int +lws_callback_vhost_protocols_vhost(struct lws_vhost *vh, int reason, void *in, + size_t len); + +LWS_VISIBLE LWS_EXTERN int +lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason, + void *user, void *in, size_t len); + +/** + * lws_get_socket_fd() - returns the socket file descriptor + * + * This is needed to use sendto() on UDP raw sockets + * + * \param wsi: Websocket connection instance + */ +LWS_VISIBLE LWS_EXTERN lws_sockfd_type +lws_get_socket_fd(struct lws *wsi); + +/** + * lws_get_peer_write_allowance() - get the amount of data writeable to peer + * if known + * + * \param wsi: Websocket connection instance + * + * if the protocol does not have any guidance, returns -1. Currently only + * http2 connections get send window information from this API. But your code + * should use it so it can work properly with any protocol. + * + * If nonzero return is the amount of payload data the peer or intermediary has + * reported it has buffer space for. That has NO relationship with the amount + * of buffer space your OS can accept on this connection for a write action. + * + * This number represents the maximum you could send to the peer or intermediary + * on this connection right now without the protocol complaining. + * + * lws manages accounting for send window updates and payload writes + * automatically, so this number reflects the situation at the peer or + * intermediary dynamically. + */ +LWS_VISIBLE LWS_EXTERN lws_fileofs_t +lws_get_peer_write_allowance(struct lws *wsi); +///@} + +enum { + /* + * Flags for enable and disable rxflow with reason bitmap and with + * backwards-compatible single bool + */ + LWS_RXFLOW_REASON_USER_BOOL = (1 << 0), + LWS_RXFLOW_REASON_HTTP_RXBUFFER = (1 << 6), + LWS_RXFLOW_REASON_H2_PPS_PENDING = (1 << 7), + + LWS_RXFLOW_REASON_APPLIES = (1 << 14), + LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT = (1 << 13), + LWS_RXFLOW_REASON_APPLIES_ENABLE = LWS_RXFLOW_REASON_APPLIES | + LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT, + LWS_RXFLOW_REASON_APPLIES_DISABLE = LWS_RXFLOW_REASON_APPLIES, + LWS_RXFLOW_REASON_FLAG_PROCESS_NOW = (1 << 12), + +}; + +/** + * lws_rx_flow_control() - Enable and disable socket servicing for + * received packets. + * + * If the output side of a server process becomes choked, this allows flow + * control for the input side. + * + * \param wsi: Websocket connection instance to get callback for + * \param enable: 0 = disable read servicing for this connection, 1 = enable + * + * If you need more than one additive reason for rxflow control, you can give + * iLWS_RXFLOW_REASON_APPLIES_ENABLE or _DISABLE together with one or more of + * b5..b0 set to idicate which bits to enable or disable. If any bits are + * enabled, rx on the connection is suppressed. + * + * LWS_RXFLOW_REASON_FLAG_PROCESS_NOW flag may also be given to force any change + * in rxflowbstatus to benapplied immediately, this should be used when you are + * changing a wsi flow control state from outside a callback on that wsi. + */ +LWS_VISIBLE LWS_EXTERN int +lws_rx_flow_control(struct lws *wsi, int enable); + +/** + * lws_rx_flow_allow_all_protocol() - Allow all connections with this protocol to receive + * + * When the user server code realizes it can accept more input, it can + * call this to have the RX flow restriction removed from all connections using + * the given protocol. + * \param context: lws_context + * \param protocol: all connections using this protocol will be allowed to receive + */ +LWS_VISIBLE LWS_EXTERN void +lws_rx_flow_allow_all_protocol(const struct lws_context *context, + const struct lws_protocols *protocol); + +/** + * lws_remaining_packet_payload() - Bytes to come before "overall" + * rx fragment is complete + * \param wsi: Websocket instance (available from user callback) + * + * This tracks how many bytes are left in the current ws fragment, according + * to the ws length given in the fragment header. + * + * If the message was in a single fragment, and there is no compression, this + * is the same as "how much data is left to read for this message". + * + * However, if the message is being sent in multiple fragments, this will + * reflect the unread amount of the current **fragment**, not the message. With + * ws, it is legal to not know the length of the message before it completes. + * + * Additionally if the message is sent via the negotiated permessage-deflate + * extension, this number only tells the amount of **compressed** data left to + * be read, since that is the only information available at the ws layer. + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_remaining_packet_payload(struct lws *wsi); + + +/** \defgroup sock-adopt Socket adoption helpers + * ##Socket adoption helpers + * + * When integrating with an external app with its own event loop, these can + * be used to accept connections from someone else's listening socket. + * + * When using lws own event loop, these are not needed. + */ +///@{ + +/** + * lws_adopt_socket() - adopt foreign socket as if listen socket accepted it + * for the default vhost of context. + * + * \param context: lws context + * \param accept_fd: fd of already-accepted socket to adopt + * + * Either returns new wsi bound to accept_fd, or closes accept_fd and + * returns NULL, having cleaned up any new wsi pieces. + * + * LWS adopts the socket in http serving mode, it's ready to accept an upgrade + * to ws or just serve http. + */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd); +/** + * lws_adopt_socket_vhost() - adopt foreign socket as if listen socket accepted it + * for vhost + * + * \param vh: lws vhost + * \param accept_fd: fd of already-accepted socket to adopt + * + * Either returns new wsi bound to accept_fd, or closes accept_fd and + * returns NULL, having cleaned up any new wsi pieces. + * + * LWS adopts the socket in http serving mode, it's ready to accept an upgrade + * to ws or just serve http. + */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd); + +typedef enum { + LWS_ADOPT_RAW_FILE_DESC = 0, /* convenience constant */ + LWS_ADOPT_HTTP = 1, /* flag: absent implies RAW */ + LWS_ADOPT_SOCKET = 2, /* flag: absent implies file descr */ + LWS_ADOPT_ALLOW_SSL = 4, /* flag: if set requires LWS_ADOPT_SOCKET */ + LWS_ADOPT_WS_PARENTIO = 8, /* flag: ws mode parent handles IO + * if given must be only flag + * wsi put directly into ws mode */ + LWS_ADOPT_FLAG_UDP = 16, /* flag: socket is UDP */ + + LWS_ADOPT_RAW_SOCKET_UDP = LWS_ADOPT_SOCKET | LWS_ADOPT_FLAG_UDP, +} lws_adoption_type; + +typedef union { + lws_sockfd_type sockfd; + lws_filefd_type filefd; +} lws_sock_file_fd_type; + +#if !defined(LWS_WITH_ESP32) +struct lws_udp { + struct sockaddr sa; + socklen_t salen; + + struct sockaddr sa_pending; + socklen_t salen_pending; +}; +#endif + +/* +* lws_adopt_descriptor_vhost() - adopt foreign socket or file descriptor +* if socket descriptor, should already have been accepted from listen socket +* +* \param vhost: lws vhost +* \param type: OR-ed combinations of lws_adoption_type flags +* \param fd: union with either .sockfd or .filefd set +* \param vh_prot_name: NULL or vh protocol name to bind raw connection to +* \param parent: NULL or struct lws to attach new_wsi to as a child +* +* Either returns new wsi bound to accept_fd, or closes accept_fd and +* returns NULL, having cleaned up any new wsi pieces. +* +* If LWS_ADOPT_SOCKET is set, LWS adopts the socket in http serving mode, it's +* ready to accept an upgrade to ws or just serve http. +* +* parent may be NULL, if given it should be an existing wsi that will become the +* parent of the new wsi created by this call. +*/ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type, + lws_sock_file_fd_type fd, const char *vh_prot_name, + struct lws *parent); + +/** + * lws_adopt_socket_readbuf() - adopt foreign socket and first rx as if listen socket accepted it + * for the default vhost of context. + * \param context: lws context + * \param accept_fd: fd of already-accepted socket to adopt + * \param readbuf: NULL or pointer to data that must be drained before reading from + * accept_fd + * \param len: The length of the data held at \param readbuf + * + * Either returns new wsi bound to accept_fd, or closes accept_fd and + * returns NULL, having cleaned up any new wsi pieces. + * + * LWS adopts the socket in http serving mode, it's ready to accept an upgrade + * to ws or just serve http. + * + * If your external code did not already read from the socket, you can use + * lws_adopt_socket() instead. + * + * This api is guaranteed to use the data at \param readbuf first, before reading from + * the socket. + * + * readbuf is limited to the size of the ah rx buf, currently 2048 bytes. + */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd, + const char *readbuf, size_t len); +/** + * lws_adopt_socket_vhost_readbuf() - adopt foreign socket and first rx as if listen socket + * accepted it for vhost. + * \param vhost: lws vhost + * \param accept_fd: fd of already-accepted socket to adopt + * \param readbuf: NULL or pointer to data that must be drained before reading from + * accept_fd + * \param len: The length of the data held at \param readbuf + * + * Either returns new wsi bound to accept_fd, or closes accept_fd and + * returns NULL, having cleaned up any new wsi pieces. + * + * LWS adopts the socket in http serving mode, it's ready to accept an upgrade + * to ws or just serve http. + * + * If your external code did not already read from the socket, you can use + * lws_adopt_socket() instead. + * + * This api is guaranteed to use the data at \param readbuf first, before reading from + * the socket. + * + * readbuf is limited to the size of the ah rx buf, currently 2048 bytes. + */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost, lws_sockfd_type accept_fd, + const char *readbuf, size_t len); + +#define LWS_CAUDP_BIND 1 + +/** + * lws_create_adopt_udp() - create, bind and adopt a UDP socket + * + * \param vhost: lws vhost + * \param port: UDP port to bind to, -1 means unbound + * \param flags: 0 or LWS_CAUDP_NO_BIND + * \param protocol_name: Name of protocol on vhost to bind wsi to + * \param parent_wsi: NULL or parent wsi new wsi will be a child of + * + * Either returns new wsi bound to accept_fd, or closes accept_fd and + * returns NULL, having cleaned up any new wsi pieces. + * */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_create_adopt_udp(struct lws_vhost *vhost, int port, int flags, + const char *protocol_name, struct lws *parent_wsi); +///@} + +/** \defgroup net Network related helper APIs + * ##Network related helper APIs + * + * These wrap miscellaneous useful network-related functions + */ +///@{ + +/** + * lws_canonical_hostname() - returns this host's hostname + * + * This is typically used by client code to fill in the host parameter + * when making a client connection. You can only call it after the context + * has been created. + * + * \param context: Websocket context + */ +LWS_VISIBLE LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT +lws_canonical_hostname(struct lws_context *context); + +/** + * lws_get_peer_addresses() - Get client address information + * \param wsi: Local struct lws associated with + * \param fd: Connection socket descriptor + * \param name: Buffer to take client address name + * \param name_len: Length of client address name buffer + * \param rip: Buffer to take client address IP dotted quad + * \param rip_len: Length of client address IP buffer + * + * This function fills in name and rip with the name and IP of + * the client connected with socket descriptor fd. Names may be + * truncated if there is not enough room. If either cannot be + * determined, they will be returned as valid zero-length strings. + */ +LWS_VISIBLE LWS_EXTERN void +lws_get_peer_addresses(struct lws *wsi, lws_sockfd_type fd, char *name, + int name_len, char *rip, int rip_len); + +/** + * lws_get_peer_simple() - Get client address information without RDNS + * + * \param wsi: Local struct lws associated with + * \param name: Buffer to take client address name + * \param namelen: Length of client address name buffer + * + * This provides a 123.123.123.123 type IP address in name from the + * peer that has connected to wsi + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_get_peer_simple(struct lws *wsi, char *name, int namelen); + + +#define LWS_ITOSA_NOT_EXIST -1 +#define LWS_ITOSA_NOT_USABLE -2 +#define LWS_ITOSA_USABLE 0 +#if !defined(LWS_WITH_ESP32) +/** + * lws_interface_to_sa() - Convert interface name or IP to sockaddr struct + * + * \param ipv6: Allow IPV6 addresses + * \param ifname: Interface name or IP + * \param addr: struct sockaddr_in * to be written + * \param addrlen: Length of addr + * + * This converts a textual network interface name to a sockaddr usable by + * other network functions. + * + * If the network interface doesn't exist, it will return LWS_ITOSA_NOT_EXIST. + * + * If the network interface is not usable, eg ethernet cable is removed, it + * may logically exist but not have any IP address. As such it will return + * LWS_ITOSA_NOT_USABLE. + * + * If the network interface exists and is usable, it will return + * LWS_ITOSA_USABLE. + */ +LWS_VISIBLE LWS_EXTERN int +lws_interface_to_sa(int ipv6, const char *ifname, struct sockaddr_in *addr, + size_t addrlen); +///@} +#endif + +/** \defgroup misc Miscellaneous APIs +* ##Miscellaneous APIs +* +* Various APIs outside of other categories +*/ +///@{ + +/** + * lws_start_foreach_ll(): linkedlist iterator helper start + * + * \param type: type of iteration, eg, struct xyz * + * \param it: iterator var name to create + * \param start: start of list + * + * This helper creates an iterator and starts a while (it) { + * loop. The iterator runs through the linked list starting at start and + * ends when it gets a NULL. + * The while loop should be terminated using lws_start_foreach_ll(). + */ +#define lws_start_foreach_ll(type, it, start)\ +{ \ + type it = start; \ + while (it) { + +/** + * lws_end_foreach_ll(): linkedlist iterator helper end + * + * \param it: same iterator var name given when starting + * \param nxt: member name in the iterator pointing to next list element + * + * This helper is the partner for lws_start_foreach_ll() that ends the + * while loop. + */ + +#define lws_end_foreach_ll(it, nxt) \ + it = it->nxt; \ + } \ +} + +/** + * lws_start_foreach_llp(): linkedlist pointer iterator helper start + * + * \param type: type of iteration, eg, struct xyz ** + * \param it: iterator var name to create + * \param start: start of list + * + * This helper creates an iterator and starts a while (it) { + * loop. The iterator runs through the linked list starting at the + * address of start and ends when it gets a NULL. + * The while loop should be terminated using lws_start_foreach_llp(). + * + * This helper variant iterates using a pointer to the previous linked-list + * element. That allows you to easily delete list members by rewriting the + * previous pointer to the element's next pointer. + */ +#define lws_start_foreach_llp(type, it, start)\ +{ \ + type it = &(start); \ + while (*(it)) { + +#define lws_start_foreach_llp_safe(type, it, start, nxt)\ +{ \ + type it = &(start); \ + type next; \ + while (*(it)) { \ + next = &((*(it))->nxt); \ + +/** + * lws_end_foreach_llp(): linkedlist pointer iterator helper end + * + * \param it: same iterator var name given when starting + * \param nxt: member name in the iterator pointing to next list element + * + * This helper is the partner for lws_start_foreach_llp() that ends the + * while loop. + */ + +#define lws_end_foreach_llp(it, nxt) \ + it = &(*(it))->nxt; \ + } \ +} + +#define lws_end_foreach_llp_safe(it) \ + it = next; \ + } \ +} + +#define lws_ll_fwd_insert(\ + ___new_object, /* pointer to new object */ \ + ___m_list, /* member for next list object ptr */ \ + ___list_head /* list head */ \ + ) {\ + ___new_object->___m_list = ___list_head; \ + ___list_head = ___new_object; \ + } + +#define lws_ll_fwd_remove(\ + ___type, /* type of listed object */ \ + ___m_list, /* member for next list object ptr */ \ + ___target, /* object to remove from list */ \ + ___list_head /* list head */ \ + ) { \ + lws_start_foreach_llp(___type **, ___ppss, ___list_head) { \ + if (*___ppss == ___target) { \ + *___ppss = ___target->___m_list; \ + break; \ + } \ + } lws_end_foreach_llp(___ppss, ___m_list); \ + } + +/* + * doubly linked-list + */ + +struct lws_dll { /* abstract */ + struct lws_dll *prev; + struct lws_dll *next; +}; + +/* + * these all point to the composed list objects... you have to use the + * lws_container_of() helper to recover the start of the containing struct + */ + +LWS_VISIBLE LWS_EXTERN void +lws_dll_add_front(struct lws_dll *d, struct lws_dll *phead); + +LWS_VISIBLE LWS_EXTERN void +lws_dll_remove(struct lws_dll *d); + +struct lws_dll_lws { /* typed as struct lws * */ + struct lws_dll_lws *prev; + struct lws_dll_lws *next; +}; + +#define lws_dll_is_null(___dll) (!(___dll)->prev && !(___dll)->next) + +static LWS_INLINE void +lws_dll_lws_add_front(struct lws_dll_lws *_a, struct lws_dll_lws *_head) +{ + lws_dll_add_front((struct lws_dll *)_a, (struct lws_dll *)_head); +} + +static LWS_INLINE void +lws_dll_lws_remove(struct lws_dll_lws *_a) +{ + lws_dll_remove((struct lws_dll *)_a); +} + +/* + * these are safe against the current container object getting deleted, + * since the hold his next in a temp and go to that next. ___tmp is + * the temp. + */ + +#define lws_start_foreach_dll_safe(___type, ___it, ___tmp, ___start) \ +{ \ + ___type ___it = ___start; \ + while (___it) { \ + ___type ___tmp = (___it)->next; + +#define lws_end_foreach_dll_safe(___it, ___tmp) \ + ___it = ___tmp; \ + } \ +} + +#define lws_start_foreach_dll(___type, ___it, ___start) \ +{ \ + ___type ___it = ___start; \ + while (___it) { + +#define lws_end_foreach_dll(___it) \ + ___it = (___it)->next; \ + } \ +} + +struct lws_buflist; + +/** + * lws_buflist_append_segment(): add buffer to buflist at head + * + * \param head: list head + * \param buf: buffer to stash + * \param len: length of buffer to stash + * + * Returns -1 on OOM, 1 if this was the first segment on the list, and 0 if + * it was a subsequent segment. + */ +LWS_VISIBLE LWS_EXTERN int +lws_buflist_append_segment(struct lws_buflist **head, const uint8_t *buf, + size_t len); +/** + * lws_buflist_next_segment_len(): number of bytes left in current segment + * + * \param head: list head + * \param buf: if non-NULL, *buf is written with the address of the start of + * the remaining data in the segment + * + * Returns the number of bytes left in the current segment. 0 indicates + * that the buflist is empty (there are no segments on the buflist). + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_buflist_next_segment_len(struct lws_buflist **head, uint8_t **buf); +/** + * lws_buflist_use_segment(): remove len bytes from the current segment + * + * \param head: list head + * \param len: number of bytes to mark as used + * + * If len is less than the remaining length of the current segment, the position + * in the current segment is simply advanced and it returns. + * + * If len uses up the remaining length of the current segment, then the segment + * is deleted and the list head moves to the next segment if any. + * + * Returns the number of bytes left in the current segment. 0 indicates + * that the buflist is empty (there are no segments on the buflist). + */ +LWS_VISIBLE LWS_EXTERN int +lws_buflist_use_segment(struct lws_buflist **head, size_t len); +/** + * lws_buflist_destroy_all_segments(): free all segments on the list + * + * \param head: list head + * + * This frees everything on the list unconditionally. *head is always + * NULL after this. + */ +LWS_VISIBLE LWS_EXTERN void +lws_buflist_destroy_all_segments(struct lws_buflist **head); + +void +lws_buflist_describe(struct lws_buflist **head, void *id); + +/** + * lws_ptr_diff(): helper to report distance between pointers as an int + * + * \param head: the pointer with the larger address + * \param tail: the pointer with the smaller address + * + * This helper gives you an int representing the number of bytes further + * forward the first pointer is compared to the second pointer. + */ +#define lws_ptr_diff(head, tail) \ + ((int)((char *)(head) - (char *)(tail))) + +/** + * lws_snprintf(): snprintf that truncates the returned length too + * + * \param str: destination buffer + * \param size: bytes left in destination buffer + * \param format: format string + * \param ...: args for format + * + * This lets you correctly truncate buffers by concatenating lengths, if you + * reach the limit the reported length doesn't exceed the limit. + */ +LWS_VISIBLE LWS_EXTERN int +lws_snprintf(char *str, size_t size, const char *format, ...) LWS_FORMAT(3); + +/** + * lws_strncpy(): strncpy that guarantees NUL on truncated copy + * + * \param dest: destination buffer + * \param src: source buffer + * \param size: bytes left in destination buffer + * + * This lets you correctly truncate buffers by concatenating lengths, if you + * reach the limit the reported length doesn't exceed the limit. + */ +LWS_VISIBLE LWS_EXTERN char * +lws_strncpy(char *dest, const char *src, size_t size); + +/** + * lws_get_random(): fill a buffer with platform random data + * + * \param context: the lws context + * \param buf: buffer to fill + * \param len: how much to fill + * + * This is intended to be called from the LWS_CALLBACK_RECEIVE callback if + * it's interested to see if the frame it's dealing with was sent in binary + * mode. + */ +LWS_VISIBLE LWS_EXTERN int +lws_get_random(struct lws_context *context, void *buf, int len); +/** + * lws_daemonize(): make current process run in the background + * + * \param _lock_path: the filepath to write the lock file + * + * Spawn lws as a background process, taking care of various things + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_daemonize(const char *_lock_path); +/** + * lws_get_library_version(): return string describing the version of lws + * + * On unix, also includes the git describe + */ +LWS_VISIBLE LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT +lws_get_library_version(void); + +/** + * lws_wsi_user() - get the user data associated with the connection + * \param wsi: lws connection + * + * Not normally needed since it's passed into the callback + */ +LWS_VISIBLE LWS_EXTERN void * +lws_wsi_user(struct lws *wsi); + +/** + * lws_wsi_set_user() - set the user data associated with the client connection + * \param wsi: lws connection + * \param user: user data + * + * By default lws allocates this and it's not legal to externally set it + * yourself. However client connections may have it set externally when the + * connection is created... if so, this api can be used to modify it at + * runtime additionally. + */ +LWS_VISIBLE LWS_EXTERN void +lws_set_wsi_user(struct lws *wsi, void *user); + +/** + * lws_parse_uri: cut up prot:/ads:port/path into pieces + * Notice it does so by dropping '\0' into input string + * and the leading / on the path is consequently lost + * + * \param p: incoming uri string.. will get written to + * \param prot: result pointer for protocol part (https://) + * \param ads: result pointer for address part + * \param port: result pointer for port part + * \param path: result pointer for path part + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_parse_uri(char *p, const char **prot, const char **ads, int *port, + const char **path); +/** + * lws_cmdline_option(): simple commandline parser + * + * \param argc: count of argument strings + * \param argv: argument strings + * \param val: string to find + * + * Returns NULL if the string \p val is not found in the arguments. + * + * If it is found, then it returns a pointer to the next character after \p val. + * So if \p val is "-d", then for the commandlines "myapp -d15" and + * "myapp -d 15", in both cases the return will point to the "15". + * + * In the case there is no argument, like "myapp -d", the return will + * either point to the '\\0' at the end of -d, or to the start of the + * next argument, ie, will be non-NULL. + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_cmdline_option(int argc, const char **argv, const char *val); + +/** + * lws_now_secs(): return seconds since 1970-1-1 + */ +LWS_VISIBLE LWS_EXTERN unsigned long +lws_now_secs(void); + +/** + * lws_compare_time_t(): return relationship between two time_t + * + * \param context: struct lws_context + * \param t1: time_t 1 + * \param t2: time_t 2 + * + * returns <0 if t2 > t1; >0 if t1 > t2; or == 0 if t1 == t2. + * + * This is aware of clock discontiguities that may have affected either t1 or + * t2 and adapts the comparison for them. + * + * For the discontiguity detection to work, you must avoid any arithmetic on + * the times being compared. For example to have a timeout that triggers + * 15s from when it was set, store the time it was set and compare like + * `if (lws_compare_time_t(context, now, set_time) > 15)` + */ +LWS_VISIBLE LWS_EXTERN int +lws_compare_time_t(struct lws_context *context, time_t t1, time_t t2); + +/** + * lws_get_context - Allow getting lws_context from a Websocket connection + * instance + * + * With this function, users can access context in the callback function. + * Otherwise users may have to declare context as a global variable. + * + * \param wsi: Websocket connection instance + */ +LWS_VISIBLE LWS_EXTERN struct lws_context * LWS_WARN_UNUSED_RESULT +lws_get_context(const struct lws *wsi); + +/** + * lws_get_vhost_listen_port - Find out the port number a vhost is listening on + * + * In the case you passed 0 for the port number at context creation time, you + * can discover the port number that was actually chosen for the vhost using + * this api. + * + * \param vhost: Vhost to get listen port from + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_get_vhost_listen_port(struct lws_vhost *vhost); + +/** + * lws_get_count_threads(): how many service threads the context uses + * + * \param context: the lws context + * + * By default this is always 1, if you asked for more than lws can handle it + * will clip the number of threads. So you can use this to find out how many + * threads are actually in use. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_get_count_threads(struct lws_context *context); + +/** + * lws_get_parent() - get parent wsi or NULL + * \param wsi: lws connection + * + * Specialized wsi like cgi stdin/out/err are associated to a parent wsi, + * this allows you to get their parent. + */ +LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT +lws_get_parent(const struct lws *wsi); + +/** + * lws_get_child() - get child wsi or NULL + * \param wsi: lws connection + * + * Allows you to find a related wsi from the parent wsi. + */ +LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT +lws_get_child(const struct lws *wsi); + +/** + * lws_get_udp() - get wsi's udp struct + * + * \param wsi: lws connection + * + * Returns NULL or pointer to the wsi's UDP-specific information + */ +LWS_VISIBLE LWS_EXTERN const struct lws_udp * LWS_WARN_UNUSED_RESULT +lws_get_udp(const struct lws *wsi); + +/** + * lws_parent_carries_io() - mark wsi as needing to send messages via parent + * + * \param wsi: child lws connection + */ + +LWS_VISIBLE LWS_EXTERN void +lws_set_parent_carries_io(struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN void * +lws_get_opaque_parent_data(const struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN void +lws_set_opaque_parent_data(struct lws *wsi, void *data); + +LWS_VISIBLE LWS_EXTERN int +lws_get_child_pending_on_writable(const struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN void +lws_clear_child_pending_on_writable(struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN int +lws_get_close_length(struct lws *wsi); + +LWS_VISIBLE LWS_EXTERN unsigned char * +lws_get_close_payload(struct lws *wsi); + +/** + * lws_get_network_wsi() - Returns wsi that has the tcp connection for this wsi + * + * \param wsi: wsi you have + * + * Returns wsi that has the tcp connection (which may be the incoming wsi) + * + * HTTP/1 connections will always return the incoming wsi + * HTTP/2 connections may return a different wsi that has the tcp connection + */ +LWS_VISIBLE LWS_EXTERN +struct lws *lws_get_network_wsi(struct lws *wsi); + +/** + * lws_set_allocator() - custom allocator support + * + * \param realloc + * + * Allows you to replace the allocator (and deallocator) used by lws + */ +LWS_VISIBLE LWS_EXTERN void +lws_set_allocator(void *(*realloc)(void *ptr, size_t size, const char *reason)); +///@} + +/** \defgroup wsstatus Websocket status APIs + * ##Websocket connection status APIs + * + * These provide information about ws connection or message status + */ +///@{ +/** + * lws_send_pipe_choked() - tests if socket is writable or not + * \param wsi: lws connection + * + * Allows you to check if you can write more on the socket + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_send_pipe_choked(struct lws *wsi); + +/** + * lws_is_final_fragment() - tests if last part of ws message + * + * \param wsi: lws connection + */ +LWS_VISIBLE LWS_EXTERN int +lws_is_final_fragment(struct lws *wsi); + +/** + * lws_is_first_fragment() - tests if first part of ws message + * + * \param wsi: lws connection + */ +LWS_VISIBLE LWS_EXTERN int +lws_is_first_fragment(struct lws *wsi); + +/** + * lws_get_reserved_bits() - access reserved bits of ws frame + * \param wsi: lws connection + */ +LWS_VISIBLE LWS_EXTERN unsigned char +lws_get_reserved_bits(struct lws *wsi); + +/** + * lws_partial_buffered() - find out if lws buffered the last write + * \param wsi: websocket connection to check + * + * Returns 1 if you cannot use lws_write because the last + * write on this connection is still buffered, and can't be cleared without + * returning to the service loop and waiting for the connection to be + * writeable again. + * + * If you will try to do >1 lws_write call inside a single + * WRITEABLE callback, you must check this after every write and bail if + * set, ask for a new writeable callback and continue writing from there. + * + * This is never set at the start of a writeable callback, but any write + * may set it. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_partial_buffered(struct lws *wsi); + +/** + * lws_frame_is_binary(): true if the current frame was sent in binary mode + * + * \param wsi: the connection we are inquiring about + * + * This is intended to be called from the LWS_CALLBACK_RECEIVE callback if + * it's interested to see if the frame it's dealing with was sent in binary + * mode. + */ +LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_frame_is_binary(struct lws *wsi); + +/** + * lws_is_ssl() - Find out if connection is using SSL + * \param wsi: websocket connection to check + * + * Returns 0 if the connection is not using SSL, 1 if using SSL and + * using verified cert, and 2 if using SSL but the cert was not + * checked (appears for client wsi told to skip check on connection) + */ +LWS_VISIBLE LWS_EXTERN int +lws_is_ssl(struct lws *wsi); +/** + * lws_is_cgi() - find out if this wsi is running a cgi process + * \param wsi: lws connection + */ +LWS_VISIBLE LWS_EXTERN int +lws_is_cgi(struct lws *wsi); + + +struct lws_wifi_scan { /* generic wlan scan item */ + struct lws_wifi_scan *next; + char ssid[32]; + int32_t rssi; /* divide by .count to get db */ + uint8_t bssid[6]; + uint8_t count; + uint8_t channel; + uint8_t authmode; +}; + +#if defined(LWS_WITH_TLS) && !defined(LWS_WITH_MBEDTLS) +/** + * lws_get_ssl() - Return wsi's SSL context structure + * \param wsi: websocket connection + * + * Returns pointer to the SSL library's context structure + */ +LWS_VISIBLE LWS_EXTERN SSL* +lws_get_ssl(struct lws *wsi); +#endif + +enum lws_tls_cert_info { + LWS_TLS_CERT_INFO_VALIDITY_FROM, + /**< fills .time with the time_t the cert validity started from */ + LWS_TLS_CERT_INFO_VALIDITY_TO, + /**< fills .time with the time_t the cert validity ends at */ + LWS_TLS_CERT_INFO_COMMON_NAME, + /**< fills up to len bytes of .ns.name with the cert common name */ + LWS_TLS_CERT_INFO_ISSUER_NAME, + /**< fills up to len bytes of .ns.name with the cert issuer name */ + LWS_TLS_CERT_INFO_USAGE, + /**< fills verified with a bitfield asserting the valid uses */ + LWS_TLS_CERT_INFO_VERIFIED, + /**< fills .verified with a bool representing peer cert validity, + * call returns -1 if no cert */ + LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY, + /**< the certificate's public key, as an opaque bytestream. These + * opaque bytestreams can only be compared with each other using the + * same tls backend, ie, OpenSSL or mbedTLS. The different backends + * produce different, incompatible representations for the same cert. + */ +}; + +union lws_tls_cert_info_results { + unsigned int verified; + time_t time; + unsigned int usage; + struct { + int len; + /* KEEP LAST... notice the [64] is only there because + * name[] is not allowed in a union. The actual length of + * name[] is arbitrary and is passed into the api using the + * len parameter. Eg + * + * char big[1024]; + * union lws_tls_cert_info_results *buf = + * (union lws_tls_cert_info_results *)big; + * + * lws_tls_peer_cert_info(wsi, type, buf, sizeof(big) - + * sizeof(*buf) + sizeof(buf->ns.name)); + */ + char name[64]; + } ns; +}; + +/** + * lws_tls_peer_cert_info() - get information from the peer's TLS cert + * + * \param wsi: the connection to query + * \param type: one of LWS_TLS_CERT_INFO_ + * \param buf: pointer to union to take result + * \param len: when result is a string, the true length of buf->ns.name[] + * + * lws_tls_peer_cert_info() lets you get hold of information from the peer + * certificate. + * + * Return 0 if there is a result in \p buf, or -1 indicating there was no cert + * or another problem. + * + * This function works the same no matter if the TLS backend is OpenSSL or + * mbedTLS. + */ +LWS_VISIBLE LWS_EXTERN int +lws_tls_peer_cert_info(struct lws *wsi, enum lws_tls_cert_info type, + union lws_tls_cert_info_results *buf, size_t len); + +/** + * lws_tls_vhost_cert_info() - get information from the vhost's own TLS cert + * + * \param vhost: the vhost to query + * \param type: one of LWS_TLS_CERT_INFO_ + * \param buf: pointer to union to take result + * \param len: when result is a string, the true length of buf->ns.name[] + * + * lws_tls_vhost_cert_info() lets you get hold of information from the vhost + * certificate. + * + * Return 0 if there is a result in \p buf, or -1 indicating there was no cert + * or another problem. + * + * This function works the same no matter if the TLS backend is OpenSSL or + * mbedTLS. + */ +LWS_VISIBLE LWS_EXTERN int +lws_tls_vhost_cert_info(struct lws_vhost *vhost, enum lws_tls_cert_info type, + union lws_tls_cert_info_results *buf, size_t len); + +/** + * lws_tls_acme_sni_cert_create() - creates a temp selfsigned cert + * and attaches to a vhost + * + * \param vhost: the vhost to acquire the selfsigned cert + * \param san_a: SAN written into the certificate + * \param san_b: second SAN written into the certificate + * + * + * Returns 0 if created and attached to the vhost. Returns -1 if problems and + * frees all allocations before returning. + * + * On success, any allocations are destroyed at vhost destruction automatically. + */ +LWS_VISIBLE LWS_EXTERN int +lws_tls_acme_sni_cert_create(struct lws_vhost *vhost, const char *san_a, + const char *san_b); + +/** + * lws_tls_acme_sni_csr_create() - creates a CSR and related private key PEM + * + * \param context: lws_context used for random + * \param elements: array of LWS_TLS_REQ_ELEMENT_COUNT const char * + * \param csr: buffer that will get the b64URL(ASN-1 CSR) + * \param csr_len: max length of the csr buffer + * \param privkey_pem: pointer to pointer allocated to hold the privkey_pem + * \param privkey_len: pointer to size_t set to the length of the privkey_pem + * + * Creates a CSR according to the information in \p elements, and a private + * RSA key used to sign the CSR. + * + * The outputs are the b64URL(ASN-1 CSR) into csr, and the PEM private key into + * privkey_pem. + * + * Notice that \p elements points to an array of const char *s pointing to the + * information listed in the enum above. If an entry is NULL or an empty + * string, the element is set to "none" in the CSR. + * + * Returns 0 on success or nonzero for failure. + */ +LWS_VISIBLE LWS_EXTERN int +lws_tls_acme_sni_csr_create(struct lws_context *context, const char *elements[], + uint8_t *csr, size_t csr_len, char **privkey_pem, + size_t *privkey_len); + +/** + * lws_tls_cert_updated() - update every vhost using the given cert path + * + * \param context: our lws_context + * \param certpath: the filepath to the certificate + * \param keypath: the filepath to the private key of the certificate + * \param mem_cert: copy of the cert in memory + * \param len_mem_cert: length of the copy of the cert in memory + * \param mem_privkey: copy of the private key in memory + * \param len_mem_privkey: length of the copy of the private key in memory + * + * Checks every vhost to see if it is the using certificate described by the + * the given filepaths. If so, it attempts to update the vhost ssl_ctx to use + * the new certificate. + * + * Returns 0 on success or nonzero for failure. + */ +LWS_VISIBLE LWS_EXTERN int +lws_tls_cert_updated(struct lws_context *context, const char *certpath, + const char *keypath, + const char *mem_cert, size_t len_mem_cert, + const char *mem_privkey, size_t len_mem_privkey); +///@} + +/** \defgroup lws_ring LWS Ringbuffer APIs + * ##lws_ring: generic ringbuffer struct + * + * Provides an abstract ringbuffer api supporting one head and one or an + * unlimited number of tails. + * + * All of the members are opaque and manipulated by lws_ring_...() apis. + * + * The lws_ring and its buffer is allocated at runtime on the heap, using + * + * - lws_ring_create() + * - lws_ring_destroy() + * + * It may contain any type, the size of the "element" stored in the ring + * buffer and the number of elements is given at creation time. + * + * When you create the ringbuffer, you can optionally provide an element + * destroy callback that frees any allocations inside the element. This is then + * automatically called for elements with no tail behind them, ie, elements + * which don't have any pending consumer are auto-freed. + * + * Whole elements may be inserted into the ringbuffer and removed from it, using + * + * - lws_ring_insert() + * - lws_ring_consume() + * + * You can find out how many whole elements are free or waiting using + * + * - lws_ring_get_count_free_elements() + * - lws_ring_get_count_waiting_elements() + * + * In addition there are special purpose optional byte-centric apis + * + * - lws_ring_next_linear_insert_range() + * - lws_ring_bump_head() + * + * which let you, eg, read() directly into the ringbuffer without needing + * an intermediate bounce buffer. + * + * The accessors understand that the ring wraps, and optimizes insertion and + * consumption into one or two memcpy()s depending on if the head or tail + * wraps. + * + * lws_ring only supports a single head, but optionally multiple tails with + * an API to inform it when the "oldest" tail has moved on. You can give + * NULL where-ever an api asks for a tail pointer, and it will use an internal + * single tail pointer for convenience. + * + * The "oldest tail", which is the only tail if you give it NULL instead of + * some other tail, is used to track which elements in the ringbuffer are + * still unread by anyone. + * + * - lws_ring_update_oldest_tail() + */ +///@{ +struct lws_ring; + +/** + * lws_ring_create(): create a new ringbuffer + * + * \param element_len: the size in bytes of one element in the ringbuffer + * \param count: the number of elements the ringbuffer can contain + * \param destroy_element: NULL, or callback to be called for each element + * that is removed from the ringbuffer due to the + * oldest tail moving beyond it + * + * Creates the ringbuffer and allocates the storage. Returns the new + * lws_ring *, or NULL if the allocation failed. + * + * If non-NULL, destroy_element will get called back for every element that is + * retired from the ringbuffer after the oldest tail has gone past it, and for + * any element still left in the ringbuffer when it is destroyed. It replaces + * all other element destruction code in your user code. + */ +LWS_VISIBLE LWS_EXTERN struct lws_ring * +lws_ring_create(size_t element_len, size_t count, + void (*destroy_element)(void *element)); + +/** + * lws_ring_destroy(): destroy a previously created ringbuffer + * + * \param ring: the struct lws_ring to destroy + * + * Destroys the ringbuffer allocation and the struct lws_ring itself. + */ +LWS_VISIBLE LWS_EXTERN void +lws_ring_destroy(struct lws_ring *ring); + +/** + * lws_ring_get_count_free_elements(): return how many elements can fit + * in the free space + * + * \param ring: the struct lws_ring to report on + * + * Returns how much room is left in the ringbuffer for whole element insertion. + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_ring_get_count_free_elements(struct lws_ring *ring); + +/** + * lws_ring_get_count_waiting_elements(): return how many elements can be consumed + * + * \param ring: the struct lws_ring to report on + * \param tail: a pointer to the tail struct to use, or NULL for single tail + * + * Returns how many elements are waiting to be consumed from the perspective + * of the tail pointer given. + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_ring_get_count_waiting_elements(struct lws_ring *ring, uint32_t *tail); + +/** + * lws_ring_insert(): attempt to insert up to max_count elements from src + * + * \param ring: the struct lws_ring to report on + * \param src: the array of elements to be inserted + * \param max_count: the number of available elements at src + * + * Attempts to insert as many of the elements at src as possible, up to the + * maximum max_count. Returns the number of elements actually inserted. + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_ring_insert(struct lws_ring *ring, const void *src, size_t max_count); + +/** + * lws_ring_consume(): attempt to copy out and remove up to max_count elements + * to src + * + * \param ring: the struct lws_ring to report on + * \param tail: a pointer to the tail struct to use, or NULL for single tail + * \param dest: the array of elements to be inserted. or NULL for no copy + * \param max_count: the number of available elements at src + * + * Attempts to copy out as many waiting elements as possible into dest, from + * the perspective of the given tail, up to max_count. If dest is NULL, the + * copying out is not done but the elements are logically consumed as usual. + * NULL dest is useful in combination with lws_ring_get_element(), where you + * can use the element direct from the ringbuffer and then call this with NULL + * dest to logically consume it. + * + * Increments the tail position according to how many elements could be + * consumed. + * + * Returns the number of elements consumed. + */ +LWS_VISIBLE LWS_EXTERN size_t +lws_ring_consume(struct lws_ring *ring, uint32_t *tail, void *dest, + size_t max_count); + +/** + * lws_ring_get_element(): get a pointer to the next waiting element for tail + * + * \param ring: the struct lws_ring to report on + * \param tail: a pointer to the tail struct to use, or NULL for single tail + * + * Points to the next element that tail would consume, directly in the + * ringbuffer. This lets you write() or otherwise use the element without + * having to copy it out somewhere first. + * + * After calling this, you must call lws_ring_consume(ring, &tail, NULL, 1) + * which will logically consume the element you used up and increment your + * tail (tail may also be NULL there if you use a single tail). + * + * Returns NULL if no waiting element, or a const void * pointing to it. + */ +LWS_VISIBLE LWS_EXTERN const void * +lws_ring_get_element(struct lws_ring *ring, uint32_t *tail); + +/** + * lws_ring_update_oldest_tail(): free up elements older than tail for reuse + * + * \param ring: the struct lws_ring to report on + * \param tail: a pointer to the tail struct to use, or NULL for single tail + * + * If you are using multiple tails, you must use this API to inform the + * lws_ring when none of the tails still need elements in the fifo any more, + * by updating it when the "oldest" tail has moved on. + */ +LWS_VISIBLE LWS_EXTERN void +lws_ring_update_oldest_tail(struct lws_ring *ring, uint32_t tail); + +/** + * lws_ring_get_oldest_tail(): get current oldest available data index + * + * \param ring: the struct lws_ring to report on + * + * If you are initializing a new ringbuffer consumer, you can set its tail to + * this to start it from the oldest ringbuffer entry still available. + */ +LWS_VISIBLE LWS_EXTERN uint32_t +lws_ring_get_oldest_tail(struct lws_ring *ring); + +/** + * lws_ring_next_linear_insert_range(): used to write directly into the ring + * + * \param ring: the struct lws_ring to report on + * \param start: pointer to a void * set to the start of the next ringbuffer area + * \param bytes: pointer to a size_t set to the max length you may use from *start + * + * This provides a low-level, bytewise access directly into the ringbuffer + * allowing direct insertion of data without having to use a bounce buffer. + * + * The api reports the position and length of the next linear range that can + * be written in the ringbuffer, ie, up to the point it would wrap, and sets + * *start and *bytes accordingly. You can then, eg, directly read() into + * *start for up to *bytes, and use lws_ring_bump_head() to update the lws_ring + * with what you have done. + * + * Returns nonzero if no insertion is currently possible. + */ +LWS_VISIBLE LWS_EXTERN int +lws_ring_next_linear_insert_range(struct lws_ring *ring, void **start, + size_t *bytes); + +/** + * lws_ring_bump_head(): used to write directly into the ring + * + * \param ring: the struct lws_ring to operate on + * \param bytes: the number of bytes you inserted at the current head + */ +LWS_VISIBLE LWS_EXTERN void +lws_ring_bump_head(struct lws_ring *ring, size_t bytes); + +LWS_VISIBLE LWS_EXTERN void +lws_ring_dump(struct lws_ring *ring, uint32_t *tail); + +/* + * This is a helper that combines the common pattern of needing to consume + * some ringbuffer elements, move the consumer tail on, and check if that + * has moved any ringbuffer elements out of scope, because it was the last + * consumer that had not already consumed them. + * + * Elements that go out of scope because the oldest tail is now after them + * get garbage-collected by calling the destroy_element callback on them + * defined when the ringbuffer was created. + */ + +#define lws_ring_consume_and_update_oldest_tail(\ + ___ring, /* the lws_ring object */ \ + ___type, /* type of objects with tails */ \ + ___ptail, /* ptr to tail of obj with tail doing consuming */ \ + ___count, /* count of payload objects being consumed */ \ + ___list_head, /* head of list of objects with tails */ \ + ___mtail, /* member name of tail in ___type */ \ + ___mlist /* member name of next list member ptr in ___type */ \ + ) { \ + int ___n, ___m; \ + \ + ___n = lws_ring_get_oldest_tail(___ring) == *(___ptail); \ + lws_ring_consume(___ring, ___ptail, NULL, ___count); \ + if (___n) { \ + uint32_t ___oldest; \ + ___n = 0; \ + ___oldest = *(___ptail); \ + lws_start_foreach_llp(___type **, ___ppss, ___list_head) { \ + ___m = lws_ring_get_count_waiting_elements( \ + ___ring, &(*___ppss)->tail); \ + if (___m >= ___n) { \ + ___n = ___m; \ + ___oldest = (*___ppss)->tail; \ + } \ + } lws_end_foreach_llp(___ppss, ___mlist); \ + \ + lws_ring_update_oldest_tail(___ring, ___oldest); \ + } \ +} + +/* + * This does the same as the lws_ring_consume_and_update_oldest_tail() + * helper, but for the simpler case there is only one consumer, so one + * tail, and that tail is always the oldest tail. + */ + +#define lws_ring_consume_single_tail(\ + ___ring, /* the lws_ring object */ \ + ___ptail, /* ptr to tail of obj with tail doing consuming */ \ + ___count /* count of payload objects being consumed */ \ + ) { \ + lws_ring_consume(___ring, ___ptail, NULL, ___count); \ + lws_ring_update_oldest_tail(___ring, *(___ptail)); \ +} +///@} + +/** \defgroup sha SHA and B64 helpers + * ##SHA and B64 helpers + * + * These provide SHA-1 and B64 helper apis + */ +///@{ +#ifdef LWS_SHA1_USE_OPENSSL_NAME +#define lws_SHA1 SHA1 +#else +/** + * lws_SHA1(): make a SHA-1 digest of a buffer + * + * \param d: incoming buffer + * \param n: length of incoming buffer + * \param md: buffer for message digest (must be >= 20 bytes) + * + * Reduces any size buffer into a 20-byte SHA-1 hash. + */ +LWS_VISIBLE LWS_EXTERN unsigned char * +lws_SHA1(const unsigned char *d, size_t n, unsigned char *md); +#endif +/** + * lws_b64_encode_string(): encode a string into base 64 + * + * \param in: incoming buffer + * \param in_len: length of incoming buffer + * \param out: result buffer + * \param out_size: length of result buffer + * + * Encodes a string using b64 + */ +LWS_VISIBLE LWS_EXTERN int +lws_b64_encode_string(const char *in, int in_len, char *out, int out_size); +/** + * lws_b64_encode_string_url(): encode a string into base 64 + * + * \param in: incoming buffer + * \param in_len: length of incoming buffer + * \param out: result buffer + * \param out_size: length of result buffer + * + * Encodes a string using b64 with the "URL" variant (+ -> -, and / -> _) + */ +LWS_VISIBLE LWS_EXTERN int +lws_b64_encode_string_url(const char *in, int in_len, char *out, int out_size); +/** + * lws_b64_decode_string(): decode a string from base 64 + * + * \param in: incoming buffer + * \param out: result buffer + * \param out_size: length of result buffer + * + * Decodes a NUL-terminated string using b64 + */ +LWS_VISIBLE LWS_EXTERN int +lws_b64_decode_string(const char *in, char *out, int out_size); +/** + * lws_b64_decode_string_len(): decode a string from base 64 + * + * \param in: incoming buffer + * \param in_len: length of incoming buffer + * \param out: result buffer + * \param out_size: length of result buffer + * + * Decodes a range of chars using b64 + */ +LWS_VISIBLE LWS_EXTERN int +lws_b64_decode_string_len(const char *in, int in_len, char *out, int out_size); +///@} + + +/*! \defgroup cgi cgi handling + * + * ##CGI handling + * + * These functions allow low-level control over stdin/out/err of the cgi. + * + * However for most cases, binding the cgi to http in and out, the default + * lws implementation already does the right thing. + */ + +enum lws_enum_stdinouterr { + LWS_STDIN = 0, + LWS_STDOUT = 1, + LWS_STDERR = 2, +}; + +enum lws_cgi_hdr_state { + LCHS_HEADER, + LCHS_CR1, + LCHS_LF1, + LCHS_CR2, + LCHS_LF2, + LHCS_RESPONSE, + LHCS_DUMP_HEADERS, + LHCS_PAYLOAD, + LCHS_SINGLE_0A, +}; + +struct lws_cgi_args { + struct lws **stdwsi; /**< get fd with lws_get_socket_fd() */ + enum lws_enum_stdinouterr ch; /**< channel index */ + unsigned char *data; /**< for messages with payload */ + enum lws_cgi_hdr_state hdr_state; /**< track where we are in cgi headers */ + int len; /**< length */ +}; + +#ifdef LWS_WITH_CGI +/** + * lws_cgi: spawn network-connected cgi process + * + * \param wsi: connection to own the process + * \param exec_array: array of "exec-name" "arg1" ... "argn" NULL + * \param script_uri_path_len: how many chars on the left of the uri are the + * path to the cgi, or -1 to spawn without URL-related env vars + * \param timeout_secs: seconds script should be allowed to run + * \param mp_cgienv: pvo list with per-vhost cgi options to put in env + */ +LWS_VISIBLE LWS_EXTERN int +lws_cgi(struct lws *wsi, const char * const *exec_array, + int script_uri_path_len, int timeout_secs, + const struct lws_protocol_vhost_options *mp_cgienv); + +/** + * lws_cgi_write_split_stdout_headers: write cgi output accounting for header part + * + * \param wsi: connection to own the process + */ +LWS_VISIBLE LWS_EXTERN int +lws_cgi_write_split_stdout_headers(struct lws *wsi); + +/** + * lws_cgi_kill: terminate cgi process associated with wsi + * + * \param wsi: connection to own the process + */ +LWS_VISIBLE LWS_EXTERN int +lws_cgi_kill(struct lws *wsi); + +/** + * lws_cgi_get_stdwsi: get wsi for stdin, stdout, or stderr + * + * \param wsi: parent wsi that has cgi + * \param ch: which of LWS_STDIN, LWS_STDOUT or LWS_STDERR + */ +LWS_VISIBLE LWS_EXTERN struct lws * +lws_cgi_get_stdwsi(struct lws *wsi, enum lws_enum_stdinouterr ch); + +#endif +///@} + + +/*! \defgroup fops file operation wrapping + * + * ##File operation wrapping + * + * Use these helper functions if you want to access a file from the perspective + * of a specific wsi, which is usually the case. If you just want contextless + * file access, use the fops callbacks directly with NULL wsi instead of these + * helpers. + * + * If so, then it calls the platform handler or user overrides where present + * (as defined in info->fops) + * + * The advantage from all this is user code can be portable for file operations + * without having to deal with differences between platforms. + */ +//@{ + +/** struct lws_plat_file_ops - Platform-specific file operations + * + * These provide platform-agnostic ways to deal with filesystem access in the + * library and in the user code. + */ + +#if defined(LWS_WITH_ESP32) +/* sdk preprocessor defs? compiler issue? gets confused with member names */ +#define LWS_FOP_OPEN _open +#define LWS_FOP_CLOSE _close +#define LWS_FOP_SEEK_CUR _seek_cur +#define LWS_FOP_READ _read +#define LWS_FOP_WRITE _write +#else +#define LWS_FOP_OPEN open +#define LWS_FOP_CLOSE close +#define LWS_FOP_SEEK_CUR seek_cur +#define LWS_FOP_READ read +#define LWS_FOP_WRITE write +#endif + +#define LWS_FOP_FLAGS_MASK ((1 << 23) - 1) +#define LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP (1 << 24) +#define LWS_FOP_FLAG_COMPR_IS_GZIP (1 << 25) +#define LWS_FOP_FLAG_MOD_TIME_VALID (1 << 26) +#define LWS_FOP_FLAG_VIRTUAL (1 << 27) + +struct lws_plat_file_ops; + +struct lws_fop_fd { + lws_filefd_type fd; + /**< real file descriptor related to the file... */ + const struct lws_plat_file_ops *fops; + /**< fops that apply to this fop_fd */ + void *filesystem_priv; + /**< ignored by lws; owned by the fops handlers */ + lws_filepos_t pos; + /**< generic "position in file" */ + lws_filepos_t len; + /**< generic "length of file" */ + lws_fop_flags_t flags; + /**< copy of the returned flags */ + uint32_t mod_time; + /**< optional "modification time of file", only valid if .open() + * set the LWS_FOP_FLAG_MOD_TIME_VALID flag */ +}; +typedef struct lws_fop_fd *lws_fop_fd_t; + +struct lws_fops_index { + const char *sig; /* NULL or vfs signature, eg, ".zip/" */ + uint8_t len; /* length of above string */ +}; + +struct lws_plat_file_ops { + lws_fop_fd_t (*LWS_FOP_OPEN)(const struct lws_plat_file_ops *fops, + const char *filename, const char *vpath, + lws_fop_flags_t *flags); + /**< Open file (always binary access if plat supports it) + * vpath may be NULL, or if the fops understands it, the point at which + * the filename's virtual part starts. + * *flags & LWS_FOP_FLAGS_MASK should be set to O_RDONLY or O_RDWR. + * If the file may be gzip-compressed, + * LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP is set. If it actually is + * gzip-compressed, then the open handler should OR + * LWS_FOP_FLAG_COMPR_IS_GZIP on to *flags before returning. + */ + int (*LWS_FOP_CLOSE)(lws_fop_fd_t *fop_fd); + /**< close file AND set the pointer to NULL */ + lws_fileofs_t (*LWS_FOP_SEEK_CUR)(lws_fop_fd_t fop_fd, + lws_fileofs_t offset_from_cur_pos); + /**< seek from current position */ + int (*LWS_FOP_READ)(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len); + /**< Read from file, on exit *amount is set to amount actually read */ + int (*LWS_FOP_WRITE)(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len); + /**< Write to file, on exit *amount is set to amount actually written */ + + struct lws_fops_index fi[3]; + /**< vfs path signatures implying use of this fops */ + + const struct lws_plat_file_ops *next; + /**< NULL or next fops in list */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ +}; + +/** + * lws_get_fops() - get current file ops + * + * \param context: context + */ +LWS_VISIBLE LWS_EXTERN struct lws_plat_file_ops * LWS_WARN_UNUSED_RESULT +lws_get_fops(struct lws_context *context); +LWS_VISIBLE LWS_EXTERN void +lws_set_fops(struct lws_context *context, const struct lws_plat_file_ops *fops); +/** + * lws_vfs_tell() - get current file position + * + * \param fop_fd: fop_fd we are asking about + */ +LWS_VISIBLE LWS_EXTERN lws_filepos_t LWS_WARN_UNUSED_RESULT +lws_vfs_tell(lws_fop_fd_t fop_fd); +/** + * lws_vfs_get_length() - get current file total length in bytes + * + * \param fop_fd: fop_fd we are asking about + */ +LWS_VISIBLE LWS_EXTERN lws_filepos_t LWS_WARN_UNUSED_RESULT +lws_vfs_get_length(lws_fop_fd_t fop_fd); +/** + * lws_vfs_get_mod_time() - get time file last modified + * + * \param fop_fd: fop_fd we are asking about + */ +LWS_VISIBLE LWS_EXTERN uint32_t LWS_WARN_UNUSED_RESULT +lws_vfs_get_mod_time(lws_fop_fd_t fop_fd); +/** + * lws_vfs_file_seek_set() - seek relative to start of file + * + * \param fop_fd: fop_fd we are seeking in + * \param offset: offset from start of file + */ +LWS_VISIBLE LWS_EXTERN lws_fileofs_t +lws_vfs_file_seek_set(lws_fop_fd_t fop_fd, lws_fileofs_t offset); +/** + * lws_vfs_file_seek_end() - seek relative to end of file + * + * \param fop_fd: fop_fd we are seeking in + * \param offset: offset from start of file + */ +LWS_VISIBLE LWS_EXTERN lws_fileofs_t +lws_vfs_file_seek_end(lws_fop_fd_t fop_fd, lws_fileofs_t offset); + +extern struct lws_plat_file_ops fops_zip; + +/** + * lws_plat_file_open() - open vfs filepath + * + * \param fops: file ops struct that applies to this descriptor + * \param vfs_path: filename to open + * \param flags: pointer to open flags + * + * The vfs_path is scanned for known fops signatures, and the open directed + * to any matching fops open. + * + * User code should use this api to perform vfs opens. + * + * returns semi-opaque handle + */ +LWS_VISIBLE LWS_EXTERN lws_fop_fd_t LWS_WARN_UNUSED_RESULT +lws_vfs_file_open(const struct lws_plat_file_ops *fops, const char *vfs_path, + lws_fop_flags_t *flags); + +/** + * lws_plat_file_close() - close file + * + * \param fop_fd: file handle to close + */ +static LWS_INLINE int +lws_vfs_file_close(lws_fop_fd_t *fop_fd) +{ + return (*fop_fd)->fops->LWS_FOP_CLOSE(fop_fd); +} + +/** + * lws_plat_file_seek_cur() - close file + * + * + * \param fop_fd: file handle + * \param offset: position to seek to + */ +static LWS_INLINE lws_fileofs_t +lws_vfs_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) +{ + return fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, offset); +} +/** + * lws_plat_file_read() - read from file + * + * \param fop_fd: file handle + * \param amount: how much to read (rewritten by call) + * \param buf: buffer to write to + * \param len: max length + */ +static LWS_INLINE int LWS_WARN_UNUSED_RESULT +lws_vfs_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len) +{ + return fop_fd->fops->LWS_FOP_READ(fop_fd, amount, buf, len); +} +/** + * lws_plat_file_write() - write from file + * + * \param fop_fd: file handle + * \param amount: how much to write (rewritten by call) + * \param buf: buffer to read from + * \param len: max length + */ +static LWS_INLINE int LWS_WARN_UNUSED_RESULT +lws_vfs_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len) +{ + return fop_fd->fops->LWS_FOP_WRITE(fop_fd, amount, buf, len); +} + +/* these are the platform file operations implementations... they can + * be called directly and used in fops arrays + */ + +LWS_VISIBLE LWS_EXTERN lws_fop_fd_t +_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, + const char *vpath, lws_fop_flags_t *flags); +LWS_VISIBLE LWS_EXTERN int +_lws_plat_file_close(lws_fop_fd_t *fop_fd); +LWS_VISIBLE LWS_EXTERN lws_fileofs_t +_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset); +LWS_VISIBLE LWS_EXTERN int +_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len); +LWS_VISIBLE LWS_EXTERN int +_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len); + +LWS_VISIBLE LWS_EXTERN int +lws_alloc_vfs_file(struct lws_context *context, const char *filename, + uint8_t **buf, lws_filepos_t *amount); +//@} + +/** \defgroup smtp SMTP related functions + * ##SMTP related functions + * \ingroup lwsapi + * + * These apis let you communicate with a local SMTP server to send email from + * lws. It handles all the SMTP sequencing and protocol actions. + * + * Your system should have postfix, sendmail or another MTA listening on port + * 25 and able to send email using the "mail" commandline app. Usually distro + * MTAs are configured for this by default. + * + * It runs via its own libuv events if initialized (which requires giving it + * a libuv loop to attach to). + * + * It operates using three callbacks, on_next() queries if there is a new email + * to send, on_get_body() asks for the body of the email, and on_sent() is + * called after the email is successfully sent. + * + * To use it + * + * - create an lws_email struct + * + * - initialize data, loop, the email_* strings, max_content_size and + * the callbacks + * + * - call lws_email_init() + * + * When you have at least one email to send, call lws_email_check() to + * schedule starting to send it. + */ +//@{ +#ifdef LWS_WITH_SMTP + +/** enum lwsgs_smtp_states - where we are in SMTP protocol sequence */ +enum lwsgs_smtp_states { + LGSSMTP_IDLE, /**< awaiting new email */ + LGSSMTP_CONNECTING, /**< opening tcp connection to MTA */ + LGSSMTP_CONNECTED, /**< tcp connection to MTA is connected */ + LGSSMTP_SENT_HELO, /**< sent the HELO */ + LGSSMTP_SENT_FROM, /**< sent FROM */ + LGSSMTP_SENT_TO, /**< sent TO */ + LGSSMTP_SENT_DATA, /**< sent DATA request */ + LGSSMTP_SENT_BODY, /**< sent the email body */ + LGSSMTP_SENT_QUIT, /**< sent the session quit */ +}; + +/** struct lws_email - abstract context for performing SMTP operations */ +struct lws_email { + void *data; + /**< opaque pointer set by user code and available to the callbacks */ + uv_loop_t *loop; + /**< the libuv loop we will work on */ + + char email_smtp_ip[32]; /**< Fill before init, eg, "127.0.0.1" */ + char email_helo[32]; /**< Fill before init, eg, "myserver.com" */ + char email_from[100]; /**< Fill before init or on_next */ + char email_to[100]; /**< Fill before init or on_next */ + + unsigned int max_content_size; + /**< largest possible email body size */ + + /* Fill all the callbacks before init */ + + int (*on_next)(struct lws_email *email); + /**< (Fill in before calling lws_email_init) + * called when idle, 0 = another email to send, nonzero is idle. + * If you return 0, all of the email_* char arrays must be set + * to something useful. */ + int (*on_sent)(struct lws_email *email); + /**< (Fill in before calling lws_email_init) + * called when transfer of the email to the SMTP server was + * successful, your callback would remove the current email + * from its queue */ + int (*on_get_body)(struct lws_email *email, char *buf, int len); + /**< (Fill in before calling lws_email_init) + * called when the body part of the queued email is about to be + * sent to the SMTP server. */ + + + /* private things */ + uv_timer_t timeout_email; /**< private */ + enum lwsgs_smtp_states estate; /**< private */ + uv_connect_t email_connect_req; /**< private */ + uv_tcp_t email_client; /**< private */ + time_t email_connect_started; /**< private */ + char email_buf[256]; /**< private */ + char *content; /**< private */ +}; + +/** + * lws_email_init() - Initialize a struct lws_email + * + * \param email: struct lws_email to init + * \param loop: libuv loop to use + * \param max_content: max email content size + * + * Prepares a struct lws_email for use ending SMTP + */ +LWS_VISIBLE LWS_EXTERN int +lws_email_init(struct lws_email *email, uv_loop_t *loop, int max_content); + +/** + * lws_email_check() - Request check for new email + * + * \param email: struct lws_email context to check + * + * Schedules a check for new emails in 1s... call this when you have queued an + * email for send. + */ +LWS_VISIBLE LWS_EXTERN void +lws_email_check(struct lws_email *email); +/** + * lws_email_destroy() - stop using the struct lws_email + * + * \param email: the struct lws_email context + * + * Stop sending email using email and free allocations + */ +LWS_VISIBLE LWS_EXTERN void +lws_email_destroy(struct lws_email *email); + +#endif +//@} + + +/** \defgroup lejp JSON parser + * ##JSON parsing related functions + * \ingroup lwsapi + * + * LEJP is an extremely lightweight JSON stream parser included in lws. + */ +//@{ +struct lejp_ctx; + +#define LWS_ARRAY_SIZE(_x) (sizeof(_x) / sizeof(_x[0])) +#define LEJP_FLAG_WS_KEEP 64 +#define LEJP_FLAG_WS_COMMENTLINE 32 + +enum lejp_states { + LEJP_IDLE = 0, + LEJP_MEMBERS = 1, + LEJP_M_P = 2, + LEJP_MP_STRING = LEJP_FLAG_WS_KEEP | 3, + LEJP_MP_STRING_ESC = LEJP_FLAG_WS_KEEP | 4, + LEJP_MP_STRING_ESC_U1 = LEJP_FLAG_WS_KEEP | 5, + LEJP_MP_STRING_ESC_U2 = LEJP_FLAG_WS_KEEP | 6, + LEJP_MP_STRING_ESC_U3 = LEJP_FLAG_WS_KEEP | 7, + LEJP_MP_STRING_ESC_U4 = LEJP_FLAG_WS_KEEP | 8, + LEJP_MP_DELIM = 9, + LEJP_MP_VALUE = 10, + LEJP_MP_VALUE_NUM_INT = LEJP_FLAG_WS_KEEP | 11, + LEJP_MP_VALUE_NUM_EXP = LEJP_FLAG_WS_KEEP | 12, + LEJP_MP_VALUE_TOK = LEJP_FLAG_WS_KEEP | 13, + LEJP_MP_COMMA_OR_END = 14, + LEJP_MP_ARRAY_END = 15, +}; + +enum lejp_reasons { + LEJP_CONTINUE = -1, + LEJP_REJECT_IDLE_NO_BRACE = -2, + LEJP_REJECT_MEMBERS_NO_CLOSE = -3, + LEJP_REJECT_MP_NO_OPEN_QUOTE = -4, + LEJP_REJECT_MP_STRING_UNDERRUN = -5, + LEJP_REJECT_MP_ILLEGAL_CTRL = -6, + LEJP_REJECT_MP_STRING_ESC_ILLEGAL_ESC = -7, + LEJP_REJECT_ILLEGAL_HEX = -8, + LEJP_REJECT_MP_DELIM_MISSING_COLON = -9, + LEJP_REJECT_MP_DELIM_BAD_VALUE_START = -10, + LEJP_REJECT_MP_VAL_NUM_INT_NO_FRAC = -11, + LEJP_REJECT_MP_VAL_NUM_FORMAT = -12, + LEJP_REJECT_MP_VAL_NUM_EXP_BAD_EXP = -13, + LEJP_REJECT_MP_VAL_TOK_UNKNOWN = -14, + LEJP_REJECT_MP_C_OR_E_UNDERF = -15, + LEJP_REJECT_MP_C_OR_E_NOTARRAY = -16, + LEJP_REJECT_MP_ARRAY_END_MISSING = -17, + LEJP_REJECT_STACK_OVERFLOW = -18, + LEJP_REJECT_MP_DELIM_ISTACK = -19, + LEJP_REJECT_NUM_TOO_LONG = -20, + LEJP_REJECT_MP_C_OR_E_NEITHER = -21, + LEJP_REJECT_UNKNOWN = -22, + LEJP_REJECT_CALLBACK = -23 +}; + +#define LEJP_FLAG_CB_IS_VALUE 64 + +enum lejp_callbacks { + LEJPCB_CONSTRUCTED = 0, + LEJPCB_DESTRUCTED = 1, + + LEJPCB_START = 2, + LEJPCB_COMPLETE = 3, + LEJPCB_FAILED = 4, + + LEJPCB_PAIR_NAME = 5, + + LEJPCB_VAL_TRUE = LEJP_FLAG_CB_IS_VALUE | 6, + LEJPCB_VAL_FALSE = LEJP_FLAG_CB_IS_VALUE | 7, + LEJPCB_VAL_NULL = LEJP_FLAG_CB_IS_VALUE | 8, + LEJPCB_VAL_NUM_INT = LEJP_FLAG_CB_IS_VALUE | 9, + LEJPCB_VAL_NUM_FLOAT = LEJP_FLAG_CB_IS_VALUE | 10, + LEJPCB_VAL_STR_START = 11, /* notice handle separately */ + LEJPCB_VAL_STR_CHUNK = LEJP_FLAG_CB_IS_VALUE | 12, + LEJPCB_VAL_STR_END = LEJP_FLAG_CB_IS_VALUE | 13, + + LEJPCB_ARRAY_START = 14, + LEJPCB_ARRAY_END = 15, + + LEJPCB_OBJECT_START = 16, + LEJPCB_OBJECT_END = 17 +}; + +/** + * _lejp_callback() - User parser actions + * \param ctx: LEJP context + * \param reason: Callback reason + * + * Your user callback is associated with the context at construction time, + * and receives calls as the parsing progresses. + * + * All of the callbacks may be ignored and just return 0. + * + * The reasons it might get called, found in @reason, are: + * + * LEJPCB_CONSTRUCTED: The context was just constructed... you might want to + * perform one-time allocation for the life of the context. + * + * LEJPCB_DESTRUCTED: The context is being destructed... if you made any + * allocations at construction-time, you can free them now + * + * LEJPCB_START: Parsing is beginning at the first byte of input + * + * LEJPCB_COMPLETE: Parsing has completed successfully. You'll get a 0 or + * positive return code from lejp_parse indicating the + * amount of unused bytes left in the input buffer + * + * LEJPCB_FAILED: Parsing failed. You'll get a negative error code + * returned from lejp_parse + * + * LEJPCB_PAIR_NAME: When a "name":"value" pair has had the name parsed, + * this callback occurs. You can find the new name at + * the end of ctx->path[] + * + * LEJPCB_VAL_TRUE: The "true" value appeared + * + * LEJPCB_VAL_FALSE: The "false" value appeared + * + * LEJPCB_VAL_NULL: The "null" value appeared + * + * LEJPCB_VAL_NUM_INT: A string representing an integer is in ctx->buf + * + * LEJPCB_VAL_NUM_FLOAT: A string representing a float is in ctx->buf + * + * LEJPCB_VAL_STR_START: We are starting to parse a string, no data yet + * + * LEJPCB_VAL_STR_CHUNK: We parsed LEJP_STRING_CHUNK -1 bytes of string data in + * ctx->buf, which is as much as we can buffer, so we are + * spilling it. If all your strings are less than + * LEJP_STRING_CHUNK - 1 bytes, you will never see this + * callback. + * + * LEJPCB_VAL_STR_END: String parsing has completed, the last chunk of the + * string is in ctx->buf. + * + * LEJPCB_ARRAY_START: An array started + * + * LEJPCB_ARRAY_END: An array ended + * + * LEJPCB_OBJECT_START: An object started + * + * LEJPCB_OBJECT_END: An object ended + */ +LWS_EXTERN signed char _lejp_callback(struct lejp_ctx *ctx, char reason); + +typedef signed char (*lejp_callback)(struct lejp_ctx *ctx, char reason); + +#ifndef LEJP_MAX_DEPTH +#define LEJP_MAX_DEPTH 12 +#endif +#ifndef LEJP_MAX_INDEX_DEPTH +#define LEJP_MAX_INDEX_DEPTH 5 +#endif +#ifndef LEJP_MAX_PATH +#define LEJP_MAX_PATH 128 +#endif +#ifndef LEJP_STRING_CHUNK +/* must be >= 30 to assemble floats */ +#define LEJP_STRING_CHUNK 254 +#endif + +enum num_flags { + LEJP_SEEN_MINUS = (1 << 0), + LEJP_SEEN_POINT = (1 << 1), + LEJP_SEEN_POST_POINT = (1 << 2), + LEJP_SEEN_EXP = (1 << 3) +}; + +struct _lejp_stack { + char s; /* lejp_state stack*/ + char p; /* path length */ + char i; /* index array length */ + char b; /* user bitfield */ +}; + +struct lejp_ctx { + + /* sorted by type for most compact alignment + * + * pointers + */ + + signed char (*callback)(struct lejp_ctx *ctx, char reason); + void *user; + const char * const *paths; + + /* arrays */ + + struct _lejp_stack st[LEJP_MAX_DEPTH]; + uint16_t i[LEJP_MAX_INDEX_DEPTH]; /* index array */ + uint16_t wild[LEJP_MAX_INDEX_DEPTH]; /* index array */ + char path[LEJP_MAX_PATH]; + char buf[LEJP_STRING_CHUNK + 1]; + + /* int */ + + uint32_t line; + + /* short */ + + uint16_t uni; + + /* char */ + + uint8_t npos; + uint8_t dcount; + uint8_t f; + uint8_t sp; /* stack head */ + uint8_t ipos; /* index stack depth */ + uint8_t ppos; + uint8_t count_paths; + uint8_t path_match; + uint8_t path_match_len; + uint8_t wildcount; +}; + +LWS_VISIBLE LWS_EXTERN void +lejp_construct(struct lejp_ctx *ctx, + signed char (*callback)(struct lejp_ctx *ctx, char reason), + void *user, const char * const *paths, unsigned char paths_count); + +LWS_VISIBLE LWS_EXTERN void +lejp_destruct(struct lejp_ctx *ctx); + +LWS_VISIBLE LWS_EXTERN int +lejp_parse(struct lejp_ctx *ctx, const unsigned char *json, int len); + +LWS_VISIBLE LWS_EXTERN void +lejp_change_callback(struct lejp_ctx *ctx, + signed char (*callback)(struct lejp_ctx *ctx, char reason)); + +LWS_VISIBLE LWS_EXTERN int +lejp_get_wildcard(struct lejp_ctx *ctx, int wildcard, char *dest, int len); +//@} + +/* + * Stats are all uint64_t numbers that start at 0. + * Index names here have the convention + * + * _C_ counter + * _B_ byte count + * _MS_ millisecond count + */ + +enum { + LWSSTATS_C_CONNECTIONS, /**< count incoming connections */ + LWSSTATS_C_API_CLOSE, /**< count calls to close api */ + LWSSTATS_C_API_READ, /**< count calls to read from socket api */ + LWSSTATS_C_API_LWS_WRITE, /**< count calls to lws_write API */ + LWSSTATS_C_API_WRITE, /**< count calls to write API */ + LWSSTATS_C_WRITE_PARTIALS, /**< count of partial writes */ + LWSSTATS_C_WRITEABLE_CB_REQ, /**< count of writable callback requests */ + LWSSTATS_C_WRITEABLE_CB_EFF_REQ, /**< count of effective writable callback requests */ + LWSSTATS_C_WRITEABLE_CB, /**< count of writable callbacks */ + LWSSTATS_C_SSL_CONNECTIONS_FAILED, /**< count of failed SSL connections */ + LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, /**< count of accepted SSL connections */ + LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, /**< count of SSL_accept() attempts */ + LWSSTATS_C_SSL_CONNS_HAD_RX, /**< count of accepted SSL conns that have had some RX */ + LWSSTATS_C_TIMEOUTS, /**< count of timed-out connections */ + LWSSTATS_C_SERVICE_ENTRY, /**< count of entries to lws service loop */ + LWSSTATS_B_READ, /**< aggregate bytes read */ + LWSSTATS_B_WRITE, /**< aggregate bytes written */ + LWSSTATS_B_PARTIALS_ACCEPTED_PARTS, /**< aggreate of size of accepted write data from new partials */ + LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY, /**< aggregate delay in accepting connection */ + LWSSTATS_MS_WRITABLE_DELAY, /**< aggregate delay between asking for writable and getting cb */ + LWSSTATS_MS_WORST_WRITABLE_DELAY, /**< single worst delay between asking for writable and getting cb */ + LWSSTATS_MS_SSL_RX_DELAY, /**< aggregate delay between ssl accept complete and first RX */ + LWSSTATS_C_PEER_LIMIT_AH_DENIED, /**< number of times we would have given an ah but for the peer limit */ + LWSSTATS_C_PEER_LIMIT_WSI_DENIED, /**< number of times we would have given a wsi but for the peer limit */ + + /* Add new things just above here ---^ + * This is part of the ABI, don't needlessly break compatibility */ + LWSSTATS_SIZE +}; + +#if defined(LWS_WITH_STATS) + +LWS_VISIBLE LWS_EXTERN uint64_t +lws_stats_get(struct lws_context *context, int index); +LWS_VISIBLE LWS_EXTERN void +lws_stats_log_dump(struct lws_context *context); +#else +static LWS_INLINE uint64_t +lws_stats_get(struct lws_context *context, int index) { (void)context; (void)index; return 0; } +static LWS_INLINE void +lws_stats_log_dump(struct lws_context *context) { (void)context; } +#endif + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/lws_config.h b/thirdparty/libwebsockets/lws_config.h new file mode 100644 index 0000000000..fdf02157cc --- /dev/null +++ b/thirdparty/libwebsockets/lws_config.h @@ -0,0 +1,195 @@ +/* lws_config.h Generated from lws_config.h.in */ + +/* GODOT ADDITION */ +#ifndef DEBUG_ENABLED +#define LWS_WITH_NO_LOGS +#endif +/* END GODOT ADDITION */ + +#ifndef NDEBUG + #ifndef _DEBUG + #define _DEBUG + #endif +#endif + +#define LWS_INSTALL_DATADIR "/usr/local/share" + +#define LWS_ROLE_H1 +#define LWS_ROLE_WS +#define LWS_ROLE_RAW +/* #undef LWS_ROLE_H2 */ +/* #undef LWS_ROLE_CGI */ + +/* Define to 1 to use wolfSSL/CyaSSL as a replacement for OpenSSL. + * LWS_OPENSSL_SUPPORT needs to be set also for this to work. */ +/* #undef USE_WOLFSSL */ + +/* Also define to 1 (in addition to USE_WOLFSSL) when using the + (older) CyaSSL library */ +/* #undef USE_OLD_CYASSL */ +/* #undef LWS_WITH_BORINGSSL */ + +#define LWS_WITH_MBEDTLS +/* #undef LWS_WITH_POLARSSL */ +/* #undef LWS_WITH_ESP32 */ + +/* #undef LWS_WITH_PLUGINS */ +/* #undef LWS_WITH_NO_LOGS */ + +/* The Libwebsocket version */ +#define LWS_LIBRARY_VERSION "3.0.0" + +#define LWS_LIBRARY_VERSION_MAJOR 3 +#define LWS_LIBRARY_VERSION_MINOR 0 +#define LWS_LIBRARY_VERSION_PATCH 0 +/* LWS_LIBRARY_VERSION_NUMBER looks like 1005001 for e.g. version 1.5.1 */ +#define LWS_LIBRARY_VERSION_NUMBER (LWS_LIBRARY_VERSION_MAJOR*1000000)+(LWS_LIBRARY_VERSION_MINOR*1000)+LWS_LIBRARY_VERSION_PATCH + +/* The current git commit hash that we're building from */ +#define LWS_BUILD_HASH "v2.0.0-948-geaa935a8" + +/* Build with OpenSSL support ... alias of LWS_WITH_TLS for compatibility*/ +#define LWS_OPENSSL_SUPPORT +#define LWS_WITH_TLS + +/* The client should load and trust CA root certs it finds in the OS */ +/* #undef LWS_SSL_CLIENT_USE_OS_CA_CERTS */ + +/* Sets the path where the client certs should be installed. */ +/* #undef LWS_OPENSSL_CLIENT_CERTS "../share" */ + +/* Turn off websocket extensions */ +#define LWS_WITHOUT_EXTENSIONS + +/* notice if client or server gone */ +/* #undef LWS_WITHOUT_SERVER */ +/* #undef LWS_WITHOUT_CLIENT */ + +#define LWS_WITH_POLL + +/* Enable libev io loop */ +/* #undef LWS_WITH_LIBEV */ + +/* Enable libuv io loop */ +/* #undef LWS_WITH_LIBUV */ + +/* Enable libevent io loop */ +/* #undef LWS_WITH_LIBEVENT */ + +/* Build with support for ipv6 */ +/* Everywhere, except in OpenBSD which does not support dual stacking */ +#if !defined(__OpenBSD__) +#define LWS_WITH_IPV6 +#endif + +/* Build with support for UNIX domain socket */ +/* #undef LWS_WITH_UNIX_SOCK */ + +/* Build with support for HTTP2 */ +/* #undef LWS_WITH_HTTP2 */ + +/* Turn on latency measuring code */ +/* #undef LWS_LATENCY */ + +/* Don't build the daemonizeation api */ +#define LWS_NO_DAEMONIZE + +/* Build without server support */ +/* #undef LWS_NO_SERVER */ + +/* Build without client support */ +/* #undef LWS_NO_CLIENT */ + +/* If we should compile with MinGW support */ +/* #undef LWS_MINGW_SUPPORT */ + +/* Use the BSD getifaddrs that comes with libwebsocket, for uclibc support */ +/* #undef LWS_BUILTIN_GETIFADDRS */ + +/* use SHA1() not internal libwebsockets_SHA1 */ +/* #undef LWS_SHA1_USE_OPENSSL_NAME */ + +/* SSL server using ECDH certificate */ +/* #undef LWS_SSL_SERVER_WITH_ECDH_CERT */ +/* #undef LWS_HAVE_SSL_CTX_set1_param */ +#define LWS_HAVE_X509_VERIFY_PARAM_set1_host +/* #undef LWS_HAVE_RSA_SET0_KEY */ +/* #undef LWS_HAVE_X509_get_key_usage */ +/* #undef LWS_HAVE_SSL_CTX_get0_certificate */ + +/* #undef LWS_HAVE_UV_VERSION_H */ +/* #undef LWS_HAVE_PTHREAD_H */ + +/* CGI apis */ +/* #undef LWS_WITH_CGI */ + +/* whether the Openssl is recent enough, and / or built with, ecdh */ +/* #undef LWS_HAVE_OPENSSL_ECDH_H */ + +/* HTTP Proxy support */ +/* #undef LWS_WITH_HTTP_PROXY */ + +/* HTTP Ranges support */ +/* #undef LWS_WITH_RANGES */ + +/* Http access log support */ +/* #undef LWS_WITH_ACCESS_LOG */ +/* #undef LWS_WITH_SERVER_STATUS */ + +/* #undef LWS_WITH_STATEFUL_URLDECODE */ +/* #undef LWS_WITH_PEER_LIMITS */ + +/* Maximum supported service threads */ +#define LWS_MAX_SMP 1 + +/* Lightweight JSON Parser */ +/* #undef LWS_WITH_LEJP */ + +/* SMTP */ +/* #undef LWS_WITH_SMTP */ + +/* OPTEE */ +/* #undef LWS_PLAT_OPTEE */ + +/* ZIP FOPS */ +/* #undef LWS_WITH_ZIP_FOPS */ +#define LWS_HAVE_STDINT_H + +/* #undef LWS_AVOID_SIGPIPE_IGN */ + +/* #undef LWS_FALLBACK_GETHOSTBYNAME */ + +/* #undef LWS_WITH_STATS */ +/* #undef LWS_WITH_SOCKS5 */ + +/* #undef LWS_HAVE_SYS_CAPABILITY_H */ +/* #undef LWS_HAVE_LIBCAP */ + +#define LWS_HAVE_ATOLL +/* #undef LWS_HAVE__ATOI64 */ +/* #undef LWS_HAVE__STAT32I64 */ + +/* #undef LWS_WITH_JWS */ +/* #undef LWS_WITH_ACME */ +/* #undef LWS_WITH_SELFTESTS */ + +#if !defined(__APPLE__) && !defined(__FreeBSD__) && !defined(__OpenBSD__) +#define LWS_HAVE_MALLOC_H +#endif + +#if !defined(__APPLE__) && !defined(__HAIKU__) +#define LWS_HAVE_PIPE2 +#endif + +/* OpenSSL various APIs */ + +#define LWS_HAVE_TLS_CLIENT_METHOD +/* #undef LWS_HAVE_TLSV1_2_CLIENT_METHOD */ +/* #undef LWS_HAVE_SSL_SET_INFO_CALLBACK */ +/* #undef LWS_HAVE_SSL_EXTRA_CHAIN_CERTS */ +/* #undef LWS_HAVE_SSL_get0_alpn_selected */ +/* #undef LWS_HAVE_SSL_set_alpn_protos */ + +#define LWS_HAS_INTPTR_T + + diff --git a/thirdparty/libwebsockets/lws_config_private.h b/thirdparty/libwebsockets/lws_config_private.h new file mode 100644 index 0000000000..e531777624 --- /dev/null +++ b/thirdparty/libwebsockets/lws_config_private.h @@ -0,0 +1,145 @@ +/* lws_config_private.h.in. Private compilation options. */ +#ifndef DEBUG_ENABLED +#define NDEBUG +#endif + +#ifndef NDEBUG + #ifndef _DEBUG + #define _DEBUG + #endif +#endif + +/* Define to 1 to use CyaSSL as a replacement for OpenSSL. + * LWS_OPENSSL_SUPPORT needs to be set also for this to work. */ +/* #undef USE_CYASSL */ + +/* Define to 1 if you have the `bzero' function. */ +#define LWS_HAVE_BZERO +/* Windows has no bzero function */ +#ifdef WINDOWS_ENABLED +#undef LWS_HAVE_BZERO +#endif + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_DLFCN_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_FCNTL_H +#ifdef NO_FCNTL +#undef LWS_HAVE_FCNTL_H +#endif + +/* Define to 1 if you have the `fork' function. */ +#define LWS_HAVE_FORK + +/* Define to 1 if you have the `getenv’ function. */ +#define LWS_HAVE_GETENV + +/* Define to 1 if you have the header file. */ +/* #undef LWS_HAVE_IN6ADDR_H */ + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_INTTYPES_H + +/* Define to 1 if you have the `ssl' library (-lssl). */ +/* #undef LWS_HAVE_LIBSSL */ + +/* Define to 1 if your system has a GNU libc compatible `malloc' function, and + to 0 otherwise. */ +#define LWS_HAVE_MALLOC + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_MEMORY_H + +/* Define to 1 if you have the `memset' function. */ +#define LWS_HAVE_MEMSET + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_NETINET_IN_H + +/* Define to 1 if your system has a GNU libc compatible `realloc' function, + and to 0 otherwise. */ +#define LWS_HAVE_REALLOC + +/* Define to 1 if you have the `socket' function. */ +#define LWS_HAVE_SOCKET + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_STDINT_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_STDLIB_H + +/* Define to 1 if you have the `strerror' function. */ +#define LWS_HAVE_STRERROR + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_STRINGS_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_STRING_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_SYS_PRCTL_H +#if defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__HAIKU__) +#undef LWS_HAVE_SYS_PRCTL_H +#endif + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_SYS_SOCKET_H + +/* Define to 1 if you have the header file. */ +/* #undef LWS_HAVE_SYS_SOCKIO_H */ + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_SYS_STAT_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_SYS_TYPES_H + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_UNISTD_H + +#define LWS_HAVE_TCP_USER_TIMEOUT + +/* Define to 1 if you have the `vfork' function. */ +#define LWS_HAVE_VFORK + +/* Define to 1 if you have the header file. */ +/* #undef LWS_HAVE_VFORK_H */ + +/* Define to 1 if `fork' works. */ +#define LWS_HAVE_WORKING_FORK + +/* Define to 1 if `vfork' works. */ +#define LWS_HAVE_WORKING_VFORK + +/* Define to 1 if execvpe() exists */ +#define LWS_HAVE_EXECVPE + +/* Define to 1 if you have the header file. */ +#define LWS_HAVE_ZLIB_H + +#define LWS_HAVE_GETLOADAVG + +/* Define to the sub-directory in which libtool stores uninstalled libraries. + */ +#undef LT_OBJDIR // We're not using libtool + +/* Define to rpl_malloc if the replacement function should be used. */ +/* #undef malloc */ + +/* Define to rpl_realloc if the replacement function should be used. */ +/* #undef realloc */ + +/* Define to 1 if we have getifaddrs */ +#define LWS_HAVE_GETIFADDRS +#if defined(ANDROID_ENABLED) +#undef LWS_HAVE_GETIFADDRS +#define LWS_BUILTIN_GETIFADDRS +#endif + +/* Define if the inline keyword doesn't exist. */ +/* #undef inline */ + + diff --git a/thirdparty/libwebsockets/misc/base64-decode.c b/thirdparty/libwebsockets/misc/base64-decode.c new file mode 100644 index 0000000000..64b84d78fa --- /dev/null +++ b/thirdparty/libwebsockets/misc/base64-decode.c @@ -0,0 +1,242 @@ +/* + * This code originally came from here + * + * http://base64.sourceforge.net/b64.c + * + * with the following license: + * + * LICENCE: Copyright (c) 2001 Bob Trower, Trantor Standard Systems Inc. + * + * Permission is hereby granted, free of charge, to any person + * obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the + * Software without restriction, including without limitation + * the rights to use, copy, modify, merge, publish, distribute, + * sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, + * subject to the following conditions: + * + * The above copyright notice and this permission notice shall + * be included in all copies or substantial portions of the + * Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + * KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR + * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS + * OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR + * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR + * OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + * + * VERSION HISTORY: + * Bob Trower 08/04/01 -- Create Version 0.00.00B + * + * I cleaned it up quite a bit to match the (linux kernel) style of the rest + * of libwebsockets; this version is under LGPL2.1 + SLE like the rest of lws + * since he explicitly allows sublicensing, but I give the URL above so you can + * get the original with Bob's super-liberal terms directly if you prefer. + */ + +#include +#include +#include "core/private.h" + +static const char encode_orig[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz0123456789+/"; +static const char encode_url[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz0123456789-_"; +static const char decode[] = "|$$$}rstuvwxyz{$$$$$$$>?@ABCDEFGHIJKLMNOPQRSTUVW" + "$$$$$$XYZ[\\]^_`abcdefghijklmnopq"; + +static int +_lws_b64_encode_string(const char *encode, const char *in, int in_len, + char *out, int out_size) +{ + unsigned char triple[3]; + int i; + int len; + int line = 0; + int done = 0; + + while (in_len) { + len = 0; + for (i = 0; i < 3; i++) { + if (in_len) { + triple[i] = *in++; + len++; + in_len--; + } else + triple[i] = 0; + } + + if (done + 4 >= out_size) + return -1; + + *out++ = encode[triple[0] >> 2]; + *out++ = encode[((triple[0] & 0x03) << 4) | + ((triple[1] & 0xf0) >> 4)]; + *out++ = (len > 1 ? encode[((triple[1] & 0x0f) << 2) | + ((triple[2] & 0xc0) >> 6)] : '='); + *out++ = (len > 2 ? encode[triple[2] & 0x3f] : '='); + + done += 4; + line += 4; + } + + if (done + 1 >= out_size) + return -1; + + *out++ = '\0'; + + return done; +} + +LWS_VISIBLE int +lws_b64_encode_string(const char *in, int in_len, char *out, int out_size) +{ + return _lws_b64_encode_string(encode_orig, in, in_len, out, out_size); +} + +LWS_VISIBLE int +lws_b64_encode_string_url(const char *in, int in_len, char *out, int out_size) +{ + return _lws_b64_encode_string(encode_url, in, in_len, out, out_size); +} + +/* + * returns length of decoded string in out, or -1 if out was too small + * according to out_size + * + * Only reads up to in_len chars, otherwise if in_len is -1 on entry reads until + * the first NUL in the input. + */ + +static int +_lws_b64_decode_string(const char *in, int in_len, char *out, int out_size) +{ + int len, i, c = 0, done = 0; + unsigned char v, quad[4]; + + while (in_len && *in) { + + len = 0; + for (i = 0; i < 4 && in_len && *in; i++) { + + v = 0; + c = 0; + while (in_len && *in && !v) { + c = v = *in++; + in_len--; + /* support the url base64 variant too */ + if (v == '-') + c = v = '+'; + if (v == '_') + c = v = '/'; + v = (v < 43 || v > 122) ? 0 : decode[v - 43]; + if (v) + v = (v == '$') ? 0 : v - 61; + } + if (c) { + len++; + if (v) + quad[i] = v - 1; + } else + quad[i] = 0; + } + + if (out_size < (done + len - 1)) + /* out buffer is too small */ + return -1; + + /* + * "The '==' sequence indicates that the last group contained + * only one byte, and '=' indicates that it contained two + * bytes." (wikipedia) + */ + + if ((!in_len || !*in) && c == '=') + len--; + + if (len >= 2) + *out++ = quad[0] << 2 | quad[1] >> 4; + if (len >= 3) + *out++ = quad[1] << 4 | quad[2] >> 2; + if (len >= 4) + *out++ = ((quad[2] << 6) & 0xc0) | quad[3]; + + done += len - 1; + } + + if (done + 1 >= out_size) + return -1; + + *out = '\0'; + + return done; +} + +LWS_VISIBLE int +lws_b64_decode_string(const char *in, char *out, int out_size) +{ + return _lws_b64_decode_string(in, -1, out, out_size); +} + +LWS_VISIBLE int +lws_b64_decode_string_len(const char *in, int in_len, char *out, int out_size) +{ + return _lws_b64_decode_string(in, in_len, out, out_size); +} + +#if 0 +int +lws_b64_selftest(void) +{ + char buf[64]; + unsigned int n, r = 0; + unsigned int test; + /* examples from https://en.wikipedia.org/wiki/Base64 */ + static const char * const plaintext[] = { + "any carnal pleasure.", + "any carnal pleasure", + "any carnal pleasur", + "any carnal pleasu", + "any carnal pleas", + "Admin:kloikloi" + }; + static const char * const coded[] = { + "YW55IGNhcm5hbCBwbGVhc3VyZS4=", + "YW55IGNhcm5hbCBwbGVhc3VyZQ==", + "YW55IGNhcm5hbCBwbGVhc3Vy", + "YW55IGNhcm5hbCBwbGVhc3U=", + "YW55IGNhcm5hbCBwbGVhcw==", + "QWRtaW46a2xvaWtsb2k=" + }; + + for (test = 0; test < sizeof plaintext / sizeof(plaintext[0]); test++) { + + buf[sizeof(buf) - 1] = '\0'; + n = lws_b64_encode_string(plaintext[test], + strlen(plaintext[test]), buf, sizeof buf); + if (n != strlen(coded[test]) || strcmp(buf, coded[test])) { + lwsl_err("Failed lws_b64 encode selftest " + "%d result '%s' %d\n", test, buf, n); + r = -1; + } + + buf[sizeof(buf) - 1] = '\0'; + n = lws_b64_decode_string(coded[test], buf, sizeof buf); + if (n != strlen(plaintext[test]) || + strcmp(buf, plaintext[test])) { + lwsl_err("Failed lws_b64 decode selftest " + "%d result '%s' / '%s', %d / %d\n", + test, buf, plaintext[test], n, strlen(plaintext[test])); + r = -1; + } + } + + lwsl_notice("Base 64 selftests passed\n"); + + return r; +} +#endif diff --git a/thirdparty/libwebsockets/misc/getifaddrs.c b/thirdparty/libwebsockets/misc/getifaddrs.c new file mode 100644 index 0000000000..735b899f48 --- /dev/null +++ b/thirdparty/libwebsockets/misc/getifaddrs.c @@ -0,0 +1,270 @@ +/* + * Copyright (c) 2000 - 2001 Kungliga Tekniska H�gskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * originally downloaded from + * + * http://ftp.uninett.no/pub/OpenBSD/src/kerberosV/src/lib/roken/getifaddrs.c + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include "core/private.h" + +#ifdef LWS_HAVE_SYS_SOCKIO_H +#include +#endif + +#ifdef LWS_HAVE_NETINET_IN6_VAR_H +#include +#endif + +#ifndef max +#define max(a, b) ((a) > (b) ? (a) : (b)) +#endif + +#include "getifaddrs.h" + +static int +getifaddrs2(struct ifaddrs **ifap, int af, int siocgifconf, int siocgifflags, + size_t ifreq_sz) +{ + int ret; + int fd; + size_t buf_size; + char *buf; + struct ifconf ifconf; + char *p; + size_t sz; + struct sockaddr sa_zero; + struct ifreq *ifr; + struct ifaddrs *start, **end = &start; + + buf = NULL; + + memset(&sa_zero, 0, sizeof(sa_zero)); + fd = socket(af, SOCK_DGRAM, 0); + if (fd < 0) + return -1; + + buf_size = 8192; + for (;;) { + buf = lws_zalloc(buf_size, "getifaddrs2"); + if (buf == NULL) { + ret = ENOMEM; + goto error_out; + } + ifconf.ifc_len = buf_size; + ifconf.ifc_buf = buf; + + /* + * Solaris returns EINVAL when the buffer is too small. + */ + if (ioctl(fd, siocgifconf, &ifconf) < 0 && errno != EINVAL) { + ret = errno; + goto error_out; + } + /* + * Can the difference between a full and a overfull buf + * be determined? + */ + + if (ifconf.ifc_len < (int)buf_size) + break; + lws_free(buf); + buf_size *= 2; + } + + for (p = ifconf.ifc_buf; p < ifconf.ifc_buf + ifconf.ifc_len; p += sz) { + struct ifreq ifreq; + struct sockaddr *sa; + size_t salen; + + ifr = (struct ifreq *)p; + sa = &ifr->ifr_addr; + + sz = ifreq_sz; + salen = sizeof(struct sockaddr); +#ifdef LWS_HAVE_STRUCT_SOCKADDR_SA_LEN + salen = sa->sa_len; + sz = max(sz, sizeof(ifr->ifr_name) + sa->sa_len); +#endif +#ifdef SA_LEN + salen = SA_LEN(sa); + sz = max(sz, sizeof(ifr->ifr_name) + SA_LEN(sa)); +#endif + memset(&ifreq, 0, sizeof(ifreq)); + memcpy(ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name)); + + if (ioctl(fd, siocgifflags, &ifreq) < 0) { + ret = errno; + goto error_out; + } + + *end = lws_malloc(sizeof(**end), "getifaddrs"); + + (*end)->ifa_next = NULL; + (*end)->ifa_name = strdup(ifr->ifr_name); + (*end)->ifa_flags = ifreq.ifr_flags; + (*end)->ifa_addr = lws_malloc(salen, "getifaddrs"); + memcpy((*end)->ifa_addr, sa, salen); + (*end)->ifa_netmask = NULL; + +#if 0 + /* fix these when we actually need them */ + if (ifreq.ifr_flags & IFF_BROADCAST) { + (*end)->ifa_broadaddr = + lws_malloc(sizeof(ifr->ifr_broadaddr), "getifaddrs"); + memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr, + sizeof(ifr->ifr_broadaddr)); + } else if (ifreq.ifr_flags & IFF_POINTOPOINT) { + (*end)->ifa_dstaddr = + lws_malloc(sizeof(ifr->ifr_dstaddr), "getifaddrs"); + memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr, + sizeof(ifr->ifr_dstaddr)); + } else + (*end)->ifa_dstaddr = NULL; +#else + (*end)->ifa_dstaddr = NULL; +#endif + (*end)->ifa_data = NULL; + + end = &(*end)->ifa_next; + + } + *ifap = start; + close(fd); + lws_free(buf); + return 0; + +error_out: + close(fd); + lws_free(buf); + errno = ret; + + return -1; +} + +int +getifaddrs(struct ifaddrs **ifap) +{ + int ret = -1; + errno = ENXIO; +#if defined(AF_INET6) && defined(SIOCGIF6CONF) && defined(SIOCGIF6FLAGS) + if (ret) + ret = getifaddrs2(ifap, AF_INET6, SIOCGIF6CONF, SIOCGIF6FLAGS, + sizeof(struct in6_ifreq)); +#endif +#if defined(LWS_HAVE_IPV6) && defined(SIOCGIFCONF) + if (ret) + ret = getifaddrs2(ifap, AF_INET6, SIOCGIFCONF, SIOCGIFFLAGS, + sizeof(struct ifreq)); +#endif +#if defined(AF_INET) && defined(SIOCGIFCONF) && defined(SIOCGIFFLAGS) + if (ret) + ret = getifaddrs2(ifap, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, + sizeof(struct ifreq)); +#endif + return ret; +} + +void +freeifaddrs(struct ifaddrs *ifp) +{ + struct ifaddrs *p, *q; + + for (p = ifp; p; ) { + lws_free(p->ifa_name); + lws_free(p->ifa_addr); + lws_free(p->ifa_dstaddr); + lws_free(p->ifa_netmask); + lws_free(p->ifa_data); + q = p; + p = p->ifa_next; + lws_free(q); + } +} + +#ifdef TEST + +void +print_addr(const char *s, struct sockaddr *sa) +{ + int i; + printf(" %s=%d/", s, sa->sa_family); +#ifdef LWS_HAVE_STRUCT_SOCKADDR_SA_LEN + for (i = 0; + i < sa->sa_len - ((lws_intptr_t)sa->sa_data - (lws_intptr_t)&sa->sa_family); i++) + printf("%02x", ((unsigned char *)sa->sa_data)[i]); +#else + for (i = 0; i < sizeof(sa->sa_data); i++) + printf("%02x", ((unsigned char *)sa->sa_data)[i]); +#endif + printf("\n"); +} + +void +print_ifaddrs(struct ifaddrs *x) +{ + struct ifaddrs *p; + + for (p = x; p; p = p->ifa_next) { + printf("%s\n", p->ifa_name); + printf(" flags=%x\n", p->ifa_flags); + if (p->ifa_addr) + print_addr("addr", p->ifa_addr); + if (p->ifa_dstaddr) + print_addr("dstaddr", p->ifa_dstaddr); + if (p->ifa_netmask) + print_addr("netmask", p->ifa_netmask); + printf(" %p\n", p->ifa_data); + } +} + +int +main() +{ + struct ifaddrs *a = NULL, *b; + getifaddrs2(&a, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, + sizeof(struct ifreq)); + print_ifaddrs(a); + printf("---\n"); + getifaddrs(&b); + print_ifaddrs(b); + return 0; +} +#endif diff --git a/thirdparty/libwebsockets/misc/getifaddrs.h b/thirdparty/libwebsockets/misc/getifaddrs.h new file mode 100644 index 0000000000..d26670c082 --- /dev/null +++ b/thirdparty/libwebsockets/misc/getifaddrs.h @@ -0,0 +1,80 @@ +#ifndef LWS_HAVE_GETIFADDRS +#define LWS_HAVE_GETIFADDRS 0 +#endif + +#if LWS_HAVE_GETIFADDRS +#include +#include +#else +#ifdef __cplusplus +extern "C" { +#endif +/* + * Copyright (c) 2000 Kungliga Tekniska H�gskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $KTH: ifaddrs.hin,v 1.3 2000/12/11 00:01:13 assar Exp $ */ + +#ifndef ifaddrs_h_7467027A95AD4B5C8DDD40FE7D973791 +#define ifaddrs_h_7467027A95AD4B5C8DDD40FE7D973791 + +/* + * the interface is defined in terms of the fields below, and this is + * sometimes #define'd, so there seems to be no simple way of solving + * this and this seemed the best. */ + +#undef ifa_dstaddr + +struct ifaddrs { + struct ifaddrs *ifa_next; + char *ifa_name; + unsigned int ifa_flags; + struct sockaddr *ifa_addr; + struct sockaddr *ifa_netmask; + struct sockaddr *ifa_dstaddr; + void *ifa_data; +}; + +#ifndef ifa_broadaddr +#define ifa_broadaddr ifa_dstaddr +#endif + +int getifaddrs(struct ifaddrs **); + +void freeifaddrs(struct ifaddrs *); + +#endif /* __ifaddrs_h__ */ + +#ifdef __cplusplus +} +#endif +#endif diff --git a/thirdparty/libwebsockets/misc/lejp.c b/thirdparty/libwebsockets/misc/lejp.c new file mode 100644 index 0000000000..99142b9553 --- /dev/null +++ b/thirdparty/libwebsockets/misc/lejp.c @@ -0,0 +1,753 @@ +/* + * Lightweight Embedded JSON Parser + * + * Copyright (C) 2013-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include +#include "core/private.h" +#include +#include + +/** + * lejp_construct - prepare a struct lejp_ctx for use + * + * \param ctx: pointer to your struct lejp_ctx + * \param callback: your user callback which will received parsed tokens + * \param user: optional user data pointer untouched by lejp + * \param paths: your array of name elements you are interested in + * \param count_paths: LWS_ARRAY_SIZE() of @paths + * + * Prepares your context struct for use with lejp + */ + +void +lejp_construct(struct lejp_ctx *ctx, + signed char (*callback)(struct lejp_ctx *ctx, char reason), void *user, + const char * const *paths, unsigned char count_paths) +{ + ctx->st[0].s = 0; + ctx->st[0].p = 0; + ctx->st[0].i = 0; + ctx->st[0].b = 0; + ctx->sp = 0; + ctx->ipos = 0; + ctx->ppos = 0; + ctx->path_match = 0; + ctx->path[0] = '\0'; + ctx->callback = callback; + ctx->user = user; + ctx->paths = paths; + ctx->count_paths = count_paths; + ctx->line = 1; + ctx->callback(ctx, LEJPCB_CONSTRUCTED); +} + +/** + * lejp_destruct - retire a previously constructed struct lejp_ctx + * + * \param ctx: pointer to your struct lejp_ctx + * + * lejp does not perform any allocations, but since your user code might, this + * provides a one-time LEJPCB_DESTRUCTED callback at destruction time where + * you can clean up in your callback. + */ + +void +lejp_destruct(struct lejp_ctx *ctx) +{ + /* no allocations... just let callback know what it happening */ + ctx->callback(ctx, LEJPCB_DESTRUCTED); +} + +/** + * lejp_change_callback - switch to a different callback from now on + * + * \param ctx: pointer to your struct lejp_ctx + * \param callback: your user callback which will received parsed tokens + * + * This tells the old callback it was destroyed, in case you want to take any + * action because that callback "lost focus", then changes to the new + * callback and tells it first that it was constructed, and then started. + * + * Changing callback is a cheap and powerful trick to split out handlers + * according to information earlier in the parse. For example you may have + * a JSON pair "schema" whose value defines what can be expected for the rest + * of the JSON. Rather than having one huge callback for all cases, you can + * have an initial one looking for "schema" which then calls + * lejp_change_callback() to a handler specific for the schema. + * + * Notice that afterwards, you need to construct the context again anyway to + * parse another JSON object, and the callback is reset then to the main, + * schema-interpreting one. The construction action is very lightweight. + */ + +void +lejp_change_callback(struct lejp_ctx *ctx, + signed char (*callback)(struct lejp_ctx *ctx, char reason)) +{ + ctx->callback(ctx, LEJPCB_DESTRUCTED); + ctx->callback = callback; + ctx->callback(ctx, LEJPCB_CONSTRUCTED); + ctx->callback(ctx, LEJPCB_START); +} + +static void +lejp_check_path_match(struct lejp_ctx *ctx) +{ + const char *p, *q; + int n; + + /* we only need to check if a match is not active */ + for (n = 0; !ctx->path_match && n < ctx->count_paths; n++) { + ctx->wildcount = 0; + p = ctx->path; + q = ctx->paths[n]; + while (*p && *q) { + if (*q != '*') { + if (*p != *q) + break; + p++; + q++; + continue; + } + ctx->wild[ctx->wildcount++] = p - ctx->path; + q++; + /* + * if * has something after it, match to . + * if ends with *, eat everything. + * This implies match sequences must be ordered like + * x.*.* + * x.* + * if both options are possible + */ + while (*p && (*p != '.' || !*q)) + p++; + } + if (*p || *q) + continue; + + ctx->path_match = n + 1; + ctx->path_match_len = ctx->ppos; + return; + } + + if (!ctx->path_match) + ctx->wildcount = 0; +} + +int +lejp_get_wildcard(struct lejp_ctx *ctx, int wildcard, char *dest, int len) +{ + int n; + + if (wildcard >= ctx->wildcount || !len) + return 0; + + n = ctx->wild[wildcard]; + + while (--len && n < ctx->ppos && + (n == ctx->wild[wildcard] || ctx->path[n] != '.')) + *dest++ = ctx->path[n++]; + + *dest = '\0'; + n++; + + return n - ctx->wild[wildcard]; +} + +/** + * lejp_parse - interpret some more incoming data incrementally + * + * \param ctx: previously constructed parsing context + * \param json: char buffer with the new data to interpret + * \param len: amount of data in the buffer + * + * Because lejp is a stream parser, it incrementally parses as new data + * becomes available, maintaining all state in the context struct. So an + * incomplete JSON is a normal situation, getting you a LEJP_CONTINUE + * return, signalling there's no error but to call again with more data when + * it comes to complete the parsing. Successful parsing completes with a + * 0 or positive integer indicating how much of the last input buffer was + * unused. + */ + +int +lejp_parse(struct lejp_ctx *ctx, const unsigned char *json, int len) +{ + unsigned char c, n, s, ret = LEJP_REJECT_UNKNOWN; + static const char esc_char[] = "\"\\/bfnrt"; + static const char esc_tran[] = "\"\\/\b\f\n\r\t"; + static const char tokens[] = "rue alse ull "; + + if (!ctx->sp && !ctx->ppos) + ctx->callback(ctx, LEJPCB_START); + + while (len--) { + c = *json++; + s = ctx->st[ctx->sp].s; + + /* skip whitespace unless we should care */ + if (c == ' ' || c == '\t' || c == '\n' || c == '\r' || c == '#') { + if (c == '\n') { + ctx->line++; + ctx->st[ctx->sp].s &= ~LEJP_FLAG_WS_COMMENTLINE; + } + if (!(s & LEJP_FLAG_WS_KEEP)) { + if (c == '#') + ctx->st[ctx->sp].s |= + LEJP_FLAG_WS_COMMENTLINE; + continue; + } + } + + if (ctx->st[ctx->sp].s & LEJP_FLAG_WS_COMMENTLINE) + continue; + + switch (s) { + case LEJP_IDLE: + if (c != '{') { + ret = LEJP_REJECT_IDLE_NO_BRACE; + goto reject; + } + if (ctx->callback(ctx, LEJPCB_OBJECT_START)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + ctx->st[ctx->sp].s = LEJP_MEMBERS; + break; + case LEJP_MEMBERS: + if (c == '}') { + ctx->st[ctx->sp].s = LEJP_IDLE; + ret = LEJP_REJECT_MEMBERS_NO_CLOSE; + goto reject; + } + ctx->st[ctx->sp].s = LEJP_M_P; + goto redo_character; + case LEJP_M_P: + if (c != '\"') { + ret = LEJP_REJECT_MP_NO_OPEN_QUOTE; + goto reject; + } + /* push */ + ctx->st[ctx->sp].s = LEJP_MP_DELIM; + c = LEJP_MP_STRING; + goto add_stack_level; + + case LEJP_MP_STRING: + if (c == '\"') { + if (!ctx->sp) { /* JSON can't end on quote */ + ret = LEJP_REJECT_MP_STRING_UNDERRUN; + goto reject; + } + if (ctx->st[ctx->sp - 1].s != LEJP_MP_DELIM) { + ctx->buf[ctx->npos] = '\0'; + if (ctx->callback(ctx, + LEJPCB_VAL_STR_END) < 0) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + } + /* pop */ + ctx->sp--; + break; + } + if (c == '\\') { + ctx->st[ctx->sp].s = LEJP_MP_STRING_ESC; + break; + } + if (c < ' ') {/* "control characters" not allowed */ + ret = LEJP_REJECT_MP_ILLEGAL_CTRL; + goto reject; + } + goto emit_string_char; + + case LEJP_MP_STRING_ESC: + if (c == 'u') { + ctx->st[ctx->sp].s = LEJP_MP_STRING_ESC_U1; + ctx->uni = 0; + break; + } + for (n = 0; n < sizeof(esc_char); n++) { + if (c != esc_char[n]) + continue; + /* found it */ + c = esc_tran[n]; + ctx->st[ctx->sp].s = LEJP_MP_STRING; + goto emit_string_char; + } + ret = LEJP_REJECT_MP_STRING_ESC_ILLEGAL_ESC; + /* illegal escape char */ + goto reject; + + case LEJP_MP_STRING_ESC_U1: + case LEJP_MP_STRING_ESC_U2: + case LEJP_MP_STRING_ESC_U3: + case LEJP_MP_STRING_ESC_U4: + ctx->uni <<= 4; + if (c >= '0' && c <= '9') + ctx->uni |= c - '0'; + else + if (c >= 'a' && c <= 'f') + ctx->uni = c - 'a' + 10; + else + if (c >= 'A' && c <= 'F') + ctx->uni = c - 'A' + 10; + else { + ret = LEJP_REJECT_ILLEGAL_HEX; + goto reject; + } + ctx->st[ctx->sp].s++; + switch (s) { + case LEJP_MP_STRING_ESC_U2: + if (ctx->uni < 0x08) + break; + /* + * 0x08-0xff (0x0800 - 0xffff) + * emit 3-byte UTF-8 + */ + c = 0xe0 | ((ctx->uni >> 4) & 0xf); + goto emit_string_char; + + case LEJP_MP_STRING_ESC_U3: + if (ctx->uni >= 0x080) { + /* + * 0x080 - 0xfff (0x0800 - 0xffff) + * middle 3-byte seq + * send ....XXXXXX.. + */ + c = 0x80 | ((ctx->uni >> 2) & 0x3f); + goto emit_string_char; + } + if (ctx->uni < 0x008) + break; + /* + * 0x008 - 0x7f (0x0080 - 0x07ff) + * start 2-byte seq + */ + c = 0xc0 | (ctx->uni >> 2); + goto emit_string_char; + + case LEJP_MP_STRING_ESC_U4: + if (ctx->uni >= 0x0080) + /* end of 2 or 3-byte seq */ + c = 0x80 | (ctx->uni & 0x3f); + else + /* literal */ + c = (unsigned char)ctx->uni; + + ctx->st[ctx->sp].s = LEJP_MP_STRING; + goto emit_string_char; + default: + break; + } + break; + + case LEJP_MP_DELIM: + if (c != ':') { + ret = LEJP_REJECT_MP_DELIM_MISSING_COLON; + goto reject; + } + ctx->st[ctx->sp].s = LEJP_MP_VALUE; + ctx->path[ctx->ppos] = '\0'; + + lejp_check_path_match(ctx); + if (ctx->callback(ctx, LEJPCB_PAIR_NAME)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + break; + + case LEJP_MP_VALUE: + if (c >= '0' && c <= '9') { + ctx->npos = 0; + ctx->dcount = 0; + ctx->f = 0; + ctx->st[ctx->sp].s = LEJP_MP_VALUE_NUM_INT; + goto redo_character; + } + switch (c) { + case'\"': + /* push */ + ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END; + c = LEJP_MP_STRING; + ctx->npos = 0; + ctx->buf[0] = '\0'; + if (ctx->callback(ctx, LEJPCB_VAL_STR_START)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + goto add_stack_level; + + case '{': + /* push */ + ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END; + c = LEJP_MEMBERS; + lejp_check_path_match(ctx); + if (ctx->callback(ctx, LEJPCB_OBJECT_START)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + ctx->path_match = 0; + goto add_stack_level; + + case '[': + /* push */ + ctx->st[ctx->sp].s = LEJP_MP_ARRAY_END; + c = LEJP_MP_VALUE; + ctx->path[ctx->ppos++] = '['; + ctx->path[ctx->ppos++] = ']'; + ctx->path[ctx->ppos] = '\0'; + if (ctx->callback(ctx, LEJPCB_ARRAY_START)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + ctx->i[ctx->ipos++] = 0; + if (ctx->ipos > LWS_ARRAY_SIZE(ctx->i)) { + ret = LEJP_REJECT_MP_DELIM_ISTACK; + goto reject; + } + goto add_stack_level; + + case ']': + /* pop */ + if (!ctx->sp) { /* JSON can't end on ] */ + ret = LEJP_REJECT_MP_C_OR_E_UNDERF; + goto reject; + } + ctx->sp--; + if (ctx->st[ctx->sp].s != LEJP_MP_ARRAY_END) { + ret = LEJP_REJECT_MP_C_OR_E_NOTARRAY; + goto reject; + } + /* drop the path [n] bit */ + if (ctx->sp) { + ctx->ppos = ctx->st[ctx->sp - 1].p; + ctx->ipos = ctx->st[ctx->sp - 1].i; + } + ctx->path[ctx->ppos] = '\0'; + if (ctx->path_match && + ctx->ppos <= ctx->path_match_len) + /* + * we shrank the path to be + * smaller than the matching point + */ + ctx->path_match = 0; + goto array_end; + + case 't': /* true */ + ctx->uni = 0; + ctx->st[ctx->sp].s = LEJP_MP_VALUE_TOK; + break; + + case 'f': + ctx->uni = 4; + ctx->st[ctx->sp].s = LEJP_MP_VALUE_TOK; + break; + + case 'n': + ctx->uni = 4 + 5; + ctx->st[ctx->sp].s = LEJP_MP_VALUE_TOK; + break; + default: + ret = LEJP_REJECT_MP_DELIM_BAD_VALUE_START; + goto reject; + } + break; + + case LEJP_MP_VALUE_NUM_INT: + if (!ctx->npos && c == '-') { + ctx->f |= LEJP_SEEN_MINUS; + goto append_npos; + } + + if (ctx->dcount < 10 && c >= '0' && c <= '9') { + if (ctx->f & LEJP_SEEN_POINT) + ctx->f |= LEJP_SEEN_POST_POINT; + ctx->dcount++; + goto append_npos; + } + if (c == '.') { + if (!ctx->dcount || (ctx->f & LEJP_SEEN_POINT)) { + ret = LEJP_REJECT_MP_VAL_NUM_FORMAT; + goto reject; + } + ctx->f |= LEJP_SEEN_POINT; + goto append_npos; + } + /* + * before exponent, if we had . we must have had at + * least one more digit + */ + if ((ctx->f & + (LEJP_SEEN_POINT | LEJP_SEEN_POST_POINT)) == + LEJP_SEEN_POINT) { + ret = LEJP_REJECT_MP_VAL_NUM_INT_NO_FRAC; + goto reject; + } + if (c == 'e' || c == 'E') { + if (ctx->f & LEJP_SEEN_EXP) { + ret = LEJP_REJECT_MP_VAL_NUM_FORMAT; + goto reject; + } + ctx->f |= LEJP_SEEN_EXP; + ctx->st[ctx->sp].s = LEJP_MP_VALUE_NUM_EXP; + goto append_npos; + } + /* if none of the above, did we even have a number? */ + if (!ctx->dcount) { + ret = LEJP_REJECT_MP_VAL_NUM_FORMAT; + goto reject; + } + + ctx->buf[ctx->npos] = '\0'; + if (ctx->f & LEJP_SEEN_POINT) { + if (ctx->callback(ctx, LEJPCB_VAL_NUM_FLOAT)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + } else { + if (ctx->callback(ctx, LEJPCB_VAL_NUM_INT)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + } + + /* then this is the post-number character, loop */ + ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END; + goto redo_character; + + case LEJP_MP_VALUE_NUM_EXP: + ctx->st[ctx->sp].s = LEJP_MP_VALUE_NUM_INT; + if (c >= '0' && c <= '9') + goto redo_character; + if (c == '+' || c == '-') + goto append_npos; + ret = LEJP_REJECT_MP_VAL_NUM_EXP_BAD_EXP; + goto reject; + + case LEJP_MP_VALUE_TOK: /* true, false, null */ + if (c != tokens[ctx->uni]) { + ret = LEJP_REJECT_MP_VAL_TOK_UNKNOWN; + goto reject; + } + ctx->uni++; + if (tokens[ctx->uni] != ' ') + break; + switch (ctx->uni) { + case 3: + ctx->buf[0] = '1'; + ctx->buf[1] = '\0'; + if (ctx->callback(ctx, LEJPCB_VAL_TRUE)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + break; + case 8: + ctx->buf[0] = '0'; + ctx->buf[1] = '\0'; + if (ctx->callback(ctx, LEJPCB_VAL_FALSE)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + break; + case 12: + ctx->buf[0] = '\0'; + if (ctx->callback(ctx, LEJPCB_VAL_NULL)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + break; + } + ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END; + break; + + case LEJP_MP_COMMA_OR_END: + ctx->path[ctx->ppos] = '\0'; + if (c == ',') { + /* increment this stack level's index */ + ctx->st[ctx->sp].s = LEJP_M_P; + if (!ctx->sp) { + ctx->ppos = 0; + /* + * since we came back to root level, + * no path can still match + */ + ctx->path_match = 0; + break; + } + ctx->ppos = ctx->st[ctx->sp - 1].p; + ctx->path[ctx->ppos] = '\0'; + if (ctx->path_match && + ctx->ppos <= ctx->path_match_len) + /* + * we shrank the path to be + * smaller than the matching point + */ + ctx->path_match = 0; + + if (ctx->st[ctx->sp - 1].s != LEJP_MP_ARRAY_END) + break; + /* top level is definitely an array... */ + if (ctx->ipos) + ctx->i[ctx->ipos - 1]++; + ctx->st[ctx->sp].s = LEJP_MP_VALUE; + break; + } + if (c == ']') { + if (!ctx->sp) { /* JSON can't end on ] */ + ret = LEJP_REJECT_MP_C_OR_E_UNDERF; + goto reject; + } + /* pop */ + ctx->sp--; + if (ctx->st[ctx->sp].s != LEJP_MP_ARRAY_END) { + ret = LEJP_REJECT_MP_C_OR_E_NOTARRAY; + goto reject; + } + /* drop the path [n] bit */ + if (ctx->sp) { + ctx->ppos = ctx->st[ctx->sp - 1].p; + ctx->ipos = ctx->st[ctx->sp - 1].i; + } + ctx->path[ctx->ppos] = '\0'; + if (ctx->path_match && + ctx->ppos <= ctx->path_match_len) + /* + * we shrank the path to be + * smaller than the matching point + */ + ctx->path_match = 0; + + /* do LEJP_MP_ARRAY_END processing */ + goto redo_character; + } + if (c == '}') { + if (!ctx->sp) { + lejp_check_path_match(ctx); + if (ctx->callback(ctx, LEJPCB_OBJECT_END)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + ctx->callback(ctx, LEJPCB_COMPLETE); + /* done, return unused amount */ + return len; + } + /* pop */ + ctx->sp--; + if (ctx->sp) { + ctx->ppos = ctx->st[ctx->sp - 1].p; + ctx->ipos = ctx->st[ctx->sp - 1].i; + } + ctx->path[ctx->ppos] = '\0'; + if (ctx->path_match && + ctx->ppos <= ctx->path_match_len) + /* + * we shrank the path to be + * smaller than the matching point + */ + ctx->path_match = 0; + lejp_check_path_match(ctx); + if (ctx->callback(ctx, LEJPCB_OBJECT_END)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + break; + } + + ret = LEJP_REJECT_MP_C_OR_E_NEITHER; + goto reject; + + case LEJP_MP_ARRAY_END: +array_end: + ctx->path[ctx->ppos] = '\0'; + if (c == ',') { + /* increment this stack level's index */ + if (ctx->ipos) + ctx->i[ctx->ipos - 1]++; + ctx->st[ctx->sp].s = LEJP_MP_VALUE; + if (ctx->sp) + ctx->ppos = ctx->st[ctx->sp - 1].p; + ctx->path[ctx->ppos] = '\0'; + break; + } + if (c != ']') { + ret = LEJP_REJECT_MP_ARRAY_END_MISSING; + goto reject; + } + + ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END; + ctx->callback(ctx, LEJPCB_ARRAY_END); + break; + } + + continue; + +emit_string_char: + if (!ctx->sp || ctx->st[ctx->sp - 1].s != LEJP_MP_DELIM) { + /* assemble the string value into chunks */ + ctx->buf[ctx->npos++] = c; + if (ctx->npos == sizeof(ctx->buf) - 1) { + if (ctx->callback(ctx, LEJPCB_VAL_STR_CHUNK)) { + ret = LEJP_REJECT_CALLBACK; + goto reject; + } + ctx->npos = 0; + } + continue; + } + /* name part of name:value pair */ + ctx->path[ctx->ppos++] = c; + continue; + +add_stack_level: + /* push on to the object stack */ + if (ctx->ppos && ctx->st[ctx->sp].s != LEJP_MP_COMMA_OR_END && + ctx->st[ctx->sp].s != LEJP_MP_ARRAY_END) + ctx->path[ctx->ppos++] = '.'; + + ctx->st[ctx->sp].p = ctx->ppos; + ctx->st[ctx->sp].i = ctx->ipos; + if (++ctx->sp == LWS_ARRAY_SIZE(ctx->st)) { + ret = LEJP_REJECT_STACK_OVERFLOW; + goto reject; + } + ctx->path[ctx->ppos] = '\0'; + ctx->st[ctx->sp].s = c; + ctx->st[ctx->sp].b = 0; + continue; + +append_npos: + if (ctx->npos >= sizeof(ctx->buf)) { + ret = LEJP_REJECT_NUM_TOO_LONG; + goto reject; + } + ctx->buf[ctx->npos++] = c; + continue; + +redo_character: + json--; + len++; + } + + return LEJP_CONTINUE; + +reject: + ctx->callback(ctx, LEJPCB_FAILED); + return ret; +} diff --git a/thirdparty/libwebsockets/misc/sha-1.c b/thirdparty/libwebsockets/misc/sha-1.c new file mode 100644 index 0000000000..2e4db52693 --- /dev/null +++ b/thirdparty/libwebsockets/misc/sha-1.c @@ -0,0 +1,300 @@ +/* + * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +/* + * FIPS pub 180-1: Secure Hash Algorithm (SHA-1) + * based on: http://csrc.nist.gov/fips/fip180-1.txt + * implemented by Jun-ichiro itojun Itoh + */ + +#include "core/private.h" + +#ifdef LWS_HAVE_SYS_TYPES_H +#include +#endif + +struct sha1_ctxt { + union { + unsigned char b8[20]; + unsigned int b32[5]; + } h; + union { + unsigned char b8[8]; + uint64_t b64[1]; + } c; + union { + unsigned char b8[64]; + unsigned int b32[16]; + } m; + unsigned char count; +}; + +/* sanity check */ +#if !defined(BYTE_ORDER) || !defined(LITTLE_ENDIAN) || !defined(BIG_ENDIAN) +# define unsupported 1 +#elif BYTE_ORDER != BIG_ENDIAN +# if BYTE_ORDER != LITTLE_ENDIAN +# define unsupported 1 +# endif +#endif + +#ifndef unsupported + +/* constant table */ +static const unsigned int _K[] = + { 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6 }; +#define K(t) _K[(t) / 20] + +#define F0(b, c, d) (((b) & (c)) | ((~(b)) & (d))) +#define F1(b, c, d) (((b) ^ (c)) ^ (d)) +#define F2(b, c, d) (((b) & (c)) | ((b) & (d)) | ((c) & (d))) +#define F3(b, c, d) (((b) ^ (c)) ^ (d)) + +#define S(n, x) (((x) << (n)) | ((x) >> (32 - n))) + +#define H(n) (ctxt->h.b32[(n)]) +#define COUNT (ctxt->count) +#define BCOUNT (ctxt->c.b64[0] / 8) +#define W(n) (ctxt->m.b32[(n)]) + +#define PUTBYTE(x) { \ + ctxt->m.b8[(COUNT % 64)] = (x); \ + COUNT++; \ + COUNT %= 64; \ + ctxt->c.b64[0] += 8; \ + if (COUNT % 64 == 0) \ + sha1_step(ctxt); \ + } + +#define PUTPAD(x) { \ + ctxt->m.b8[(COUNT % 64)] = (x); \ + COUNT++; \ + COUNT %= 64; \ + if (COUNT % 64 == 0) \ + sha1_step(ctxt); \ + } + + +static void +sha1_step(struct sha1_ctxt *ctxt) +{ + unsigned int a, b, c, d, e, tmp; + size_t t, s; + +#if BYTE_ORDER == LITTLE_ENDIAN + struct sha1_ctxt tctxt; + + memcpy(&tctxt.m.b8[0], &ctxt->m.b8[0], 64); + ctxt->m.b8[0] = tctxt.m.b8[3]; ctxt->m.b8[1] = tctxt.m.b8[2]; + ctxt->m.b8[2] = tctxt.m.b8[1]; ctxt->m.b8[3] = tctxt.m.b8[0]; + ctxt->m.b8[4] = tctxt.m.b8[7]; ctxt->m.b8[5] = tctxt.m.b8[6]; + ctxt->m.b8[6] = tctxt.m.b8[5]; ctxt->m.b8[7] = tctxt.m.b8[4]; + ctxt->m.b8[8] = tctxt.m.b8[11]; ctxt->m.b8[9] = tctxt.m.b8[10]; + ctxt->m.b8[10] = tctxt.m.b8[9]; ctxt->m.b8[11] = tctxt.m.b8[8]; + ctxt->m.b8[12] = tctxt.m.b8[15]; ctxt->m.b8[13] = tctxt.m.b8[14]; + ctxt->m.b8[14] = tctxt.m.b8[13]; ctxt->m.b8[15] = tctxt.m.b8[12]; + ctxt->m.b8[16] = tctxt.m.b8[19]; ctxt->m.b8[17] = tctxt.m.b8[18]; + ctxt->m.b8[18] = tctxt.m.b8[17]; ctxt->m.b8[19] = tctxt.m.b8[16]; + ctxt->m.b8[20] = tctxt.m.b8[23]; ctxt->m.b8[21] = tctxt.m.b8[22]; + ctxt->m.b8[22] = tctxt.m.b8[21]; ctxt->m.b8[23] = tctxt.m.b8[20]; + ctxt->m.b8[24] = tctxt.m.b8[27]; ctxt->m.b8[25] = tctxt.m.b8[26]; + ctxt->m.b8[26] = tctxt.m.b8[25]; ctxt->m.b8[27] = tctxt.m.b8[24]; + ctxt->m.b8[28] = tctxt.m.b8[31]; ctxt->m.b8[29] = tctxt.m.b8[30]; + ctxt->m.b8[30] = tctxt.m.b8[29]; ctxt->m.b8[31] = tctxt.m.b8[28]; + ctxt->m.b8[32] = tctxt.m.b8[35]; ctxt->m.b8[33] = tctxt.m.b8[34]; + ctxt->m.b8[34] = tctxt.m.b8[33]; ctxt->m.b8[35] = tctxt.m.b8[32]; + ctxt->m.b8[36] = tctxt.m.b8[39]; ctxt->m.b8[37] = tctxt.m.b8[38]; + ctxt->m.b8[38] = tctxt.m.b8[37]; ctxt->m.b8[39] = tctxt.m.b8[36]; + ctxt->m.b8[40] = tctxt.m.b8[43]; ctxt->m.b8[41] = tctxt.m.b8[42]; + ctxt->m.b8[42] = tctxt.m.b8[41]; ctxt->m.b8[43] = tctxt.m.b8[40]; + ctxt->m.b8[44] = tctxt.m.b8[47]; ctxt->m.b8[45] = tctxt.m.b8[46]; + ctxt->m.b8[46] = tctxt.m.b8[45]; ctxt->m.b8[47] = tctxt.m.b8[44]; + ctxt->m.b8[48] = tctxt.m.b8[51]; ctxt->m.b8[49] = tctxt.m.b8[50]; + ctxt->m.b8[50] = tctxt.m.b8[49]; ctxt->m.b8[51] = tctxt.m.b8[48]; + ctxt->m.b8[52] = tctxt.m.b8[55]; ctxt->m.b8[53] = tctxt.m.b8[54]; + ctxt->m.b8[54] = tctxt.m.b8[53]; ctxt->m.b8[55] = tctxt.m.b8[52]; + ctxt->m.b8[56] = tctxt.m.b8[59]; ctxt->m.b8[57] = tctxt.m.b8[58]; + ctxt->m.b8[58] = tctxt.m.b8[57]; ctxt->m.b8[59] = tctxt.m.b8[56]; + ctxt->m.b8[60] = tctxt.m.b8[63]; ctxt->m.b8[61] = tctxt.m.b8[62]; + ctxt->m.b8[62] = tctxt.m.b8[61]; ctxt->m.b8[63] = tctxt.m.b8[60]; +#endif + + a = H(0); b = H(1); c = H(2); d = H(3); e = H(4); + + for (t = 0; t < 20; t++) { + s = t & 0x0f; + if (t >= 16) + W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ + W((s+2) & 0x0f) ^ W(s)); + + tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t); + e = d; d = c; c = S(30, b); b = a; a = tmp; + } + for (t = 20; t < 40; t++) { + s = t & 0x0f; + W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ + W((s+2) & 0x0f) ^ W(s)); + tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t); + e = d; d = c; c = S(30, b); b = a; a = tmp; + } + for (t = 40; t < 60; t++) { + s = t & 0x0f; + W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ + W((s+2) & 0x0f) ^ W(s)); + tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t); + e = d; d = c; c = S(30, b); b = a; a = tmp; + } + for (t = 60; t < 80; t++) { + s = t & 0x0f; + W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^ + W((s+2) & 0x0f) ^ W(s)); + tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t); + e = d; d = c; c = S(30, b); b = a; a = tmp; + } + + H(0) = H(0) + a; + H(1) = H(1) + b; + H(2) = H(2) + c; + H(3) = H(3) + d; + H(4) = H(4) + e; + + bzero(&ctxt->m.b8[0], 64); +} + +/*------------------------------------------------------------*/ + +static void +_sha1_init(struct sha1_ctxt *ctxt) +{ + bzero(ctxt, sizeof(struct sha1_ctxt)); + H(0) = 0x67452301; + H(1) = 0xefcdab89; + H(2) = 0x98badcfe; + H(3) = 0x10325476; + H(4) = 0xc3d2e1f0; +} + +void +sha1_pad(struct sha1_ctxt *ctxt) +{ + size_t padlen; /*pad length in bytes*/ + size_t padstart; + + PUTPAD(0x80); + + padstart = COUNT % 64; + padlen = 64 - padstart; + if (padlen < 8) { + bzero(&ctxt->m.b8[padstart], padlen); + COUNT += (unsigned char)padlen; + COUNT %= 64; + sha1_step(ctxt); + padstart = COUNT % 64; /* should be 0 */ + padlen = 64 - padstart; /* should be 64 */ + } + bzero(&ctxt->m.b8[padstart], padlen - 8); + COUNT += ((unsigned char)padlen - 8); + COUNT %= 64; +#if BYTE_ORDER == BIG_ENDIAN + PUTPAD(ctxt->c.b8[0]); PUTPAD(ctxt->c.b8[1]); + PUTPAD(ctxt->c.b8[2]); PUTPAD(ctxt->c.b8[3]); + PUTPAD(ctxt->c.b8[4]); PUTPAD(ctxt->c.b8[5]); + PUTPAD(ctxt->c.b8[6]); PUTPAD(ctxt->c.b8[7]); +#else + PUTPAD(ctxt->c.b8[7]); PUTPAD(ctxt->c.b8[6]); + PUTPAD(ctxt->c.b8[5]); PUTPAD(ctxt->c.b8[4]); + PUTPAD(ctxt->c.b8[3]); PUTPAD(ctxt->c.b8[2]); + PUTPAD(ctxt->c.b8[1]); PUTPAD(ctxt->c.b8[0]); +#endif +} + +void +sha1_loop(struct sha1_ctxt *ctxt, const unsigned char *input, size_t len) +{ + size_t gaplen; + size_t gapstart; + size_t off; + size_t copysiz; + + off = 0; + + while (off < len) { + gapstart = COUNT % 64; + gaplen = 64 - gapstart; + + copysiz = (gaplen < len - off) ? gaplen : len - off; + memcpy(&ctxt->m.b8[gapstart], &input[off], copysiz); + COUNT += (unsigned char)copysiz; + COUNT %= 64; + ctxt->c.b64[0] += copysiz * 8; + if (COUNT % 64 == 0) + sha1_step(ctxt); + off += copysiz; + } +} + +void +sha1_result(struct sha1_ctxt *ctxt, void *digest0) +{ + unsigned char *digest; + + digest = (unsigned char *)digest0; + sha1_pad(ctxt); +#if BYTE_ORDER == BIG_ENDIAN + memcpy(digest, &ctxt->h.b8[0], 20); +#else + digest[0] = ctxt->h.b8[3]; digest[1] = ctxt->h.b8[2]; + digest[2] = ctxt->h.b8[1]; digest[3] = ctxt->h.b8[0]; + digest[4] = ctxt->h.b8[7]; digest[5] = ctxt->h.b8[6]; + digest[6] = ctxt->h.b8[5]; digest[7] = ctxt->h.b8[4]; + digest[8] = ctxt->h.b8[11]; digest[9] = ctxt->h.b8[10]; + digest[10] = ctxt->h.b8[9]; digest[11] = ctxt->h.b8[8]; + digest[12] = ctxt->h.b8[15]; digest[13] = ctxt->h.b8[14]; + digest[14] = ctxt->h.b8[13]; digest[15] = ctxt->h.b8[12]; + digest[16] = ctxt->h.b8[19]; digest[17] = ctxt->h.b8[18]; + digest[18] = ctxt->h.b8[17]; digest[19] = ctxt->h.b8[16]; +#endif +} + +/* + * This should look and work like the libcrypto implementation + */ + +LWS_VISIBLE unsigned char * +lws_SHA1(const unsigned char *d, size_t n, unsigned char *md) +{ + struct sha1_ctxt ctx; + + _sha1_init(&ctx); + sha1_loop(&ctx, d, n); + sha1_result(&ctx, (void *)md); + + return md; +} + +#endif /*unsupported*/ diff --git a/thirdparty/libwebsockets/plat/lws-plat-unix.c b/thirdparty/libwebsockets/plat/lws-plat-unix.c new file mode 100644 index 0000000000..d1bca8b5df --- /dev/null +++ b/thirdparty/libwebsockets/plat/lws-plat-unix.c @@ -0,0 +1,982 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#define _GNU_SOURCE +#include "core/private.h" + +#include +#include + +#ifdef LWS_WITH_PLUGINS +#include +#endif +#include + +void lws_plat_apply_FD_CLOEXEC(int n) +{ + if (n != -1) + fcntl(n, F_SETFD, FD_CLOEXEC ); +} + +int +lws_plat_socket_offset(void) +{ + return 0; +} + +int +lws_plat_pipe_create(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + +#if defined(LWS_HAVE_PIPE2) + return pipe2(pt->dummy_pipe_fds, O_NONBLOCK); +#else + return pipe(pt->dummy_pipe_fds); +#endif +} + +int +lws_plat_pipe_signal(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + char buf = 0; + int n; + + n = write(pt->dummy_pipe_fds[1], &buf, 1); + + return n != 1; +} + +void +lws_plat_pipe_close(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + if (pt->dummy_pipe_fds[0] && pt->dummy_pipe_fds[0] != -1) + close(pt->dummy_pipe_fds[0]); + if (pt->dummy_pipe_fds[1] && pt->dummy_pipe_fds[1] != -1) + close(pt->dummy_pipe_fds[1]); + + pt->dummy_pipe_fds[0] = pt->dummy_pipe_fds[1] = -1; +} + +#ifdef __QNX__ +# include "netinet/tcp_var.h" +# define TCP_KEEPINTVL TCPCTL_KEEPINTVL +# define TCP_KEEPIDLE TCPCTL_KEEPIDLE +# define TCP_KEEPCNT TCPCTL_KEEPCNT +#endif + +unsigned long long time_in_microseconds(void) +{ + struct timeval tv; + + gettimeofday(&tv, NULL); + return ((unsigned long long)tv.tv_sec * 1000000LL) + tv.tv_usec; +} + +LWS_VISIBLE int +lws_get_random(struct lws_context *context, void *buf, int len) +{ + return read(context->fd_random, (char *)buf, len); +} + +LWS_VISIBLE int +lws_send_pipe_choked(struct lws *wsi) +{ + struct lws_pollfd fds; + struct lws *wsi_eff = wsi; + +#if defined(LWS_WITH_HTTP2) + wsi_eff = lws_get_network_wsi(wsi); +#endif + + /* the fact we checked implies we avoided back-to-back writes */ + wsi_eff->could_have_pending = 0; + + /* treat the fact we got a truncated send pending as if we're choked */ + if (wsi_eff->trunc_len) + return 1; + + fds.fd = wsi_eff->desc.sockfd; + fds.events = POLLOUT; + fds.revents = 0; + + if (poll(&fds, 1, 0) != 1) + return 1; + + if ((fds.revents & POLLOUT) == 0) + return 1; + + /* okay to send another packet without blocking */ + + return 0; +} + +LWS_VISIBLE int +lws_poll_listen_fd(struct lws_pollfd *fd) +{ + return poll(fd, 1, 0); +} + +LWS_VISIBLE void lwsl_emit_syslog(int level, const char *line) +{ + int syslog_level = LOG_DEBUG; + + switch (level) { + case LLL_ERR: + syslog_level = LOG_ERR; + break; + case LLL_WARN: + syslog_level = LOG_WARNING; + break; + case LLL_NOTICE: + syslog_level = LOG_NOTICE; + break; + case LLL_INFO: + syslog_level = LOG_INFO; + break; + } + syslog(syslog_level, "%s", line); +} + +LWS_VISIBLE LWS_EXTERN int +_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi) +{ + volatile struct lws_foreign_thread_pollfd *ftp, *next; + volatile struct lws_context_per_thread *vpt; + struct lws_context_per_thread *pt; + int n = -1, m, c; + + /* stay dead once we are dead */ + + if (!context || !context->vhost_list) + return 1; + + pt = &context->pt[tsi]; + vpt = (volatile struct lws_context_per_thread *)pt; + + lws_stats_atomic_bump(context, pt, LWSSTATS_C_SERVICE_ENTRY, 1); + + if (timeout_ms < 0) + goto faked_service; + + if (context->event_loop_ops->run_pt) + context->event_loop_ops->run_pt(context, tsi); + + if (!context->service_tid_detected) { + struct lws _lws; + + memset(&_lws, 0, sizeof(_lws)); + _lws.context = context; + + context->service_tid_detected = + context->vhost_list->protocols[0].callback( + &_lws, LWS_CALLBACK_GET_THREAD_ID, NULL, NULL, 0); + context->service_tid = context->service_tid_detected; + context->service_tid_detected = 1; + } + + /* + * is there anybody with pending stuff that needs service forcing? + */ + if (!lws_service_adjust_timeout(context, 1, tsi)) { + /* -1 timeout means just do forced service */ + _lws_plat_service_tsi(context, -1, pt->tid); + /* still somebody left who wants forced service? */ + if (!lws_service_adjust_timeout(context, 1, pt->tid)) + /* yes... come back again quickly */ + timeout_ms = 0; + } + + if (timeout_ms) { + lws_pt_lock(pt, __func__); + /* don't stay in poll wait longer than next hr timeout */ + lws_usec_t t = __lws_hrtimer_service(pt); + if ((lws_usec_t)timeout_ms * 1000 > t) + timeout_ms = t / 1000; + lws_pt_unlock(pt); + } + + vpt->inside_poll = 1; + lws_memory_barrier(); + n = poll(pt->fds, pt->fds_count, timeout_ms); + vpt->inside_poll = 0; + lws_memory_barrier(); + + /* Collision will be rare and brief. Just spin until it completes */ + while (vpt->foreign_spinlock) + ; + + /* + * At this point we are not inside a foreign thread pollfd change, + * and we have marked ourselves as outside the poll() wait. So we + * are the only guys that can modify the lws_foreign_thread_pollfd + * list on the pt. Drain the list and apply the changes to the + * affected pollfds in the correct order. + */ + + lws_pt_lock(pt, __func__); + + ftp = vpt->foreign_pfd_list; + //lwsl_notice("cleared list %p\n", ftp); + while (ftp) { + struct lws *wsi; + struct lws_pollfd *pfd; + + next = ftp->next; + pfd = &vpt->fds[ftp->fd_index]; + if (lws_socket_is_valid(pfd->fd)) { + wsi = wsi_from_fd(context, pfd->fd); + if (wsi) + __lws_change_pollfd(wsi, ftp->_and, ftp->_or); + } + lws_free((void *)ftp); + ftp = next; + } + vpt->foreign_pfd_list = NULL; + lws_memory_barrier(); + + /* we have come out of a poll wait... check the hrtimer list */ + + __lws_hrtimer_service(pt); + + lws_pt_unlock(pt); + + m = 0; +#if defined(LWS_ROLE_WS) && !defined(LWS_WITHOUT_EXTENSIONS) + m |= !!pt->ws.rx_draining_ext_list; +#endif + + if (pt->context->tls_ops && + pt->context->tls_ops->fake_POLLIN_for_buffered) + m |= pt->context->tls_ops->fake_POLLIN_for_buffered(pt); + + if (!m && !n) { /* nothing to do */ + lws_service_fd_tsi(context, NULL, tsi); + lws_service_do_ripe_rxflow(pt); + + return 0; + } + +faked_service: + m = lws_service_flag_pending(context, tsi); + if (m) + c = -1; /* unknown limit */ + else + if (n < 0) { + if (LWS_ERRNO != LWS_EINTR) + return -1; + return 0; + } else + c = n; + + /* any socket with events to service? */ + for (n = 0; n < (int)pt->fds_count && c; n++) { + if (!pt->fds[n].revents) + continue; + + c--; + + m = lws_service_fd_tsi(context, &pt->fds[n], tsi); + if (m < 0) + return -1; + /* if something closed, retry this slot */ + if (m) + n--; + } + + lws_service_do_ripe_rxflow(pt); + + return 0; +} + +LWS_VISIBLE int +lws_plat_check_connection_error(struct lws *wsi) +{ + return 0; +} + +LWS_VISIBLE int +lws_plat_service(struct lws_context *context, int timeout_ms) +{ + return _lws_plat_service_tsi(context, timeout_ms, 0); +} + +LWS_VISIBLE int +lws_plat_set_socket_options(struct lws_vhost *vhost, int fd) +{ + int optval = 1; + socklen_t optlen = sizeof(optval); + +#ifdef LWS_WITH_IPV6 + optval = 0; + setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, (const void*)&optval, optlen); +#endif + +#if defined(__APPLE__) || \ + defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \ + defined(__NetBSD__) || \ + defined(__OpenBSD__) || \ + defined(__HAIKU__) + struct protoent *tcp_proto; +#endif + + fcntl(fd, F_SETFD, FD_CLOEXEC); + + if (vhost->ka_time) { + /* enable keepalive on this socket */ + optval = 1; + if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, + (const void *)&optval, optlen) < 0) + return 1; + +#if defined(__APPLE__) || \ + defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \ + defined(__NetBSD__) || \ + defined(__CYGWIN__) || defined(__OpenBSD__) || defined (__sun) || \ + defined(__HAIKU__) + + /* + * didn't find a way to set these per-socket, need to + * tune kernel systemwide values + */ +#else + /* set the keepalive conditions we want on it too */ + +#if defined(LWS_HAVE_TCP_USER_TIMEOUT) + optval = 1000 * (vhost->ka_time + + (vhost->ka_interval * vhost->ka_probes)); + if (setsockopt(fd, IPPROTO_TCP, TCP_USER_TIMEOUT, + (const void *)&optval, optlen) < 0) + return 1; +#endif + optval = vhost->ka_time; + if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPIDLE, + (const void *)&optval, optlen) < 0) + return 1; + + optval = vhost->ka_interval; + if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPINTVL, + (const void *)&optval, optlen) < 0) + return 1; + + optval = vhost->ka_probes; + if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPCNT, + (const void *)&optval, optlen) < 0) + return 1; +#endif + } + +#if defined(SO_BINDTODEVICE) + if (vhost->bind_iface && vhost->iface) { + lwsl_info("binding listen skt to %s using SO_BINDTODEVICE\n", vhost->iface); + if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, vhost->iface, + strlen(vhost->iface)) < 0) { + lwsl_warn("Failed to bind to device %s\n", vhost->iface); + return 1; + } + } +#endif + + /* Disable Nagle */ + optval = 1; +#if defined (__sun) || defined(__QNX__) + if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (const void *)&optval, optlen) < 0) + return 1; +#elif !defined(__APPLE__) && \ + !defined(__FreeBSD__) && !defined(__FreeBSD_kernel__) && \ + !defined(__NetBSD__) && \ + !defined(__OpenBSD__) && \ + !defined(__HAIKU__) + if (setsockopt(fd, SOL_TCP, TCP_NODELAY, (const void *)&optval, optlen) < 0) + return 1; +#else + tcp_proto = getprotobyname("TCP"); + if (setsockopt(fd, tcp_proto->p_proto, TCP_NODELAY, &optval, optlen) < 0) + return 1; +#endif + + /* We are nonblocking... */ + if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) + return 1; + + return 0; +} + +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) +static void +_lws_plat_apply_caps(int mode, const cap_value_t *cv, int count) +{ + cap_t caps; + + if (!count) + return; + + caps = cap_get_proc(); + + cap_set_flag(caps, mode, count, cv, CAP_SET); + cap_set_proc(caps); + prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); + cap_free(caps); +} +#endif + +LWS_VISIBLE void +lws_plat_drop_app_privileges(const struct lws_context_creation_info *info) +{ +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) + int n; +#endif + + if (info->gid && info->gid != -1) + if (setgid(info->gid)) + lwsl_warn("setgid: %s\n", strerror(LWS_ERRNO)); + + if (info->uid && info->uid != -1) { + struct passwd *p = getpwuid(info->uid); + + if (p) { + +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) + _lws_plat_apply_caps(CAP_PERMITTED, info->caps, info->count_caps); +#endif + + initgroups(p->pw_name, info->gid); + if (setuid(info->uid)) + lwsl_warn("setuid: %s\n", strerror(LWS_ERRNO)); + else + lwsl_notice("Set privs to user '%s'\n", p->pw_name); + +#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP) + _lws_plat_apply_caps(CAP_EFFECTIVE, info->caps, info->count_caps); + + if (info->count_caps) + for (n = 0; n < info->count_caps; n++) + lwsl_notice(" RETAINING CAPABILITY %d\n", (int)info->caps[n]); +#endif + + } else + lwsl_warn("getpwuid: unable to find uid %d", info->uid); + } +} + +#ifdef LWS_WITH_PLUGINS + +#if defined(LWS_WITH_LIBUV) && UV_VERSION_MAJOR > 0 + +/* libuv.c implements these in a cross-platform way */ + +#else + +static int filter(const struct dirent *ent) +{ + if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, "..")) + return 0; + + return 1; +} + +LWS_VISIBLE int +lws_plat_plugins_init(struct lws_context * context, const char * const *d) +{ + struct lws_plugin_capability lcaps; + struct lws_plugin *plugin; + lws_plugin_init_func initfunc; + struct dirent **namelist; + int n, i, m, ret = 0; + char path[256]; + void *l; + + lwsl_notice(" Plugins:\n"); + + while (d && *d) { + n = scandir(*d, &namelist, filter, alphasort); + if (n < 0) { + lwsl_err("Scandir on %s failed\n", *d); + return 1; + } + + for (i = 0; i < n; i++) { + if (strlen(namelist[i]->d_name) < 7) + goto inval; + + lwsl_notice(" %s\n", namelist[i]->d_name); + + lws_snprintf(path, sizeof(path) - 1, "%s/%s", *d, + namelist[i]->d_name); + l = dlopen(path, RTLD_NOW); + if (!l) { + lwsl_err("Error loading DSO: %s\n", dlerror()); + while (i++ < n) + free(namelist[i]); + goto bail; + } + /* we could open it, can we get his init function? */ + m = lws_snprintf(path, sizeof(path) - 1, "init_%s", + namelist[i]->d_name + 3 /* snip lib... */); + path[m - 3] = '\0'; /* snip the .so */ + initfunc = dlsym(l, path); + if (!initfunc) { + lwsl_err("Failed to get init on %s: %s", + namelist[i]->d_name, dlerror()); + dlclose(l); + } + lcaps.api_magic = LWS_PLUGIN_API_MAGIC; + m = initfunc(context, &lcaps); + if (m) { + lwsl_err("Initializing %s failed %d\n", + namelist[i]->d_name, m); + dlclose(l); + goto skip; + } + + plugin = lws_malloc(sizeof(*plugin), "plugin"); + if (!plugin) { + lwsl_err("OOM\n"); + goto bail; + } + plugin->list = context->plugin_list; + context->plugin_list = plugin; + lws_strncpy(plugin->name, namelist[i]->d_name, + sizeof(plugin->name)); + plugin->l = l; + plugin->caps = lcaps; + context->plugin_protocol_count += lcaps.count_protocols; + context->plugin_extension_count += lcaps.count_extensions; + + free(namelist[i]); + continue; + + skip: + dlclose(l); + inval: + free(namelist[i]); + } + free(namelist); + d++; + } + +bail: + free(namelist); + + return ret; +} + +LWS_VISIBLE int +lws_plat_plugins_destroy(struct lws_context * context) +{ + struct lws_plugin *plugin = context->plugin_list, *p; + lws_plugin_destroy_func func; + char path[256]; + int m; + + if (!plugin) + return 0; + + lwsl_notice("%s\n", __func__); + + while (plugin) { + p = plugin; + m = lws_snprintf(path, sizeof(path) - 1, "destroy_%s", plugin->name + 3); + path[m - 3] = '\0'; + func = dlsym(plugin->l, path); + if (!func) { + lwsl_err("Failed to get destroy on %s: %s", + plugin->name, dlerror()); + goto next; + } + m = func(context); + if (m) + lwsl_err("Initializing %s failed %d\n", + plugin->name, m); +next: + dlclose(p->l); + plugin = p->list; + p->list = NULL; + free(p); + } + + context->plugin_list = NULL; + + return 0; +} + +#endif +#endif + + +#if 0 +static void +sigabrt_handler(int x) +{ + printf("%s\n", __func__); +} +#endif + +LWS_VISIBLE int +lws_plat_context_early_init(void) +{ +#if !defined(LWS_AVOID_SIGPIPE_IGN) + signal(SIGPIPE, SIG_IGN); +#endif + + return 0; +} + +LWS_VISIBLE void +lws_plat_context_early_destroy(struct lws_context *context) +{ +} + +LWS_VISIBLE void +lws_plat_context_late_destroy(struct lws_context *context) +{ +#ifdef LWS_WITH_PLUGINS + if (context->plugin_list) + lws_plat_plugins_destroy(context); +#endif + + if (context->lws_lookup) + lws_free(context->lws_lookup); + + if (!context->fd_random) + lwsl_err("ZERO RANDOM FD\n"); + if (context->fd_random != LWS_INVALID_FILE) + close(context->fd_random); +} + +/* cast a struct sockaddr_in6 * into addr for ipv6 */ + +LWS_VISIBLE int +lws_interface_to_sa(int ipv6, const char *ifname, struct sockaddr_in *addr, + size_t addrlen) +{ + int rc = LWS_ITOSA_NOT_EXIST; + + struct ifaddrs *ifr; + struct ifaddrs *ifc; +#ifdef LWS_WITH_IPV6 + struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr; +#endif + + getifaddrs(&ifr); + for (ifc = ifr; ifc != NULL && rc; ifc = ifc->ifa_next) { + if (!ifc->ifa_addr) + continue; + + lwsl_debug(" interface %s vs %s (fam %d) ipv6 %d\n", ifc->ifa_name, ifname, ifc->ifa_addr->sa_family, ipv6); + + if (strcmp(ifc->ifa_name, ifname)) + continue; + + switch (ifc->ifa_addr->sa_family) { +#if defined(AF_PACKET) + case AF_PACKET: + /* interface exists but is not usable */ + rc = LWS_ITOSA_NOT_USABLE; + continue; +#endif + + case AF_INET: +#ifdef LWS_WITH_IPV6 + if (ipv6) { + /* map IPv4 to IPv6 */ + bzero((char *)&addr6->sin6_addr, + sizeof(struct in6_addr)); + addr6->sin6_addr.s6_addr[10] = 0xff; + addr6->sin6_addr.s6_addr[11] = 0xff; + memcpy(&addr6->sin6_addr.s6_addr[12], + &((struct sockaddr_in *)ifc->ifa_addr)->sin_addr, + sizeof(struct in_addr)); + } else +#endif + memcpy(addr, + (struct sockaddr_in *)ifc->ifa_addr, + sizeof(struct sockaddr_in)); + break; +#ifdef LWS_WITH_IPV6 + case AF_INET6: + memcpy(&addr6->sin6_addr, + &((struct sockaddr_in6 *)ifc->ifa_addr)->sin6_addr, + sizeof(struct in6_addr)); + break; +#endif + default: + continue; + } + rc = LWS_ITOSA_USABLE; + } + + freeifaddrs(ifr); + + if (rc) { + /* check if bind to IP address */ +#ifdef LWS_WITH_IPV6 + if (inet_pton(AF_INET6, ifname, &addr6->sin6_addr) == 1) + rc = LWS_ITOSA_USABLE; + else +#endif + if (inet_pton(AF_INET, ifname, &addr->sin_addr) == 1) + rc = LWS_ITOSA_USABLE; + } + + return rc; +} + +LWS_VISIBLE void +lws_plat_insert_socket_into_fds(struct lws_context *context, struct lws *wsi) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + + if (context->event_loop_ops->io) + context->event_loop_ops->io(wsi, LWS_EV_START | LWS_EV_READ); + + pt->fds[pt->fds_count++].revents = 0; +} + +LWS_VISIBLE void +lws_plat_delete_socket_from_fds(struct lws_context *context, + struct lws *wsi, int m) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + + if (context->event_loop_ops->io) + context->event_loop_ops->io(wsi, + LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE); + + pt->fds_count--; +} + +LWS_VISIBLE void +lws_plat_service_periodic(struct lws_context *context) +{ + /* if our parent went down, don't linger around */ + if (context->started_with_parent && + kill(context->started_with_parent, 0) < 0) + kill(getpid(), SIGTERM); +} + +LWS_VISIBLE int +lws_plat_change_pollfd(struct lws_context *context, + struct lws *wsi, struct lws_pollfd *pfd) +{ + return 0; +} + +LWS_VISIBLE const char * +lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt) +{ + return inet_ntop(af, src, dst, cnt); +} + +LWS_VISIBLE int +lws_plat_inet_pton(int af, const char *src, void *dst) +{ + return inet_pton(af, src, dst); +} + +LWS_VISIBLE lws_fop_fd_t +_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, + const char *vpath, lws_fop_flags_t *flags) +{ + struct stat stat_buf; + int ret = open(filename, (*flags) & LWS_FOP_FLAGS_MASK, 0664); + lws_fop_fd_t fop_fd; + + if (ret < 0) + return NULL; + + if (fstat(ret, &stat_buf) < 0) + goto bail; + + fop_fd = malloc(sizeof(*fop_fd)); + if (!fop_fd) + goto bail; + + fop_fd->fops = fops; + fop_fd->flags = *flags; + fop_fd->fd = ret; + fop_fd->filesystem_priv = NULL; /* we don't use it */ + fop_fd->len = stat_buf.st_size; + fop_fd->pos = 0; + + return fop_fd; + +bail: + close(ret); + return NULL; +} + +LWS_VISIBLE int +_lws_plat_file_close(lws_fop_fd_t *fop_fd) +{ + int fd = (*fop_fd)->fd; + + free(*fop_fd); + *fop_fd = NULL; + + return close(fd); +} + +LWS_VISIBLE lws_fileofs_t +_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) +{ + lws_fileofs_t r; + + if (offset > 0 && + offset > (lws_fileofs_t)fop_fd->len - (lws_fileofs_t)fop_fd->pos) + offset = fop_fd->len - fop_fd->pos; + + if ((lws_fileofs_t)fop_fd->pos + offset < 0) + offset = -fop_fd->pos; + + r = lseek(fop_fd->fd, offset, SEEK_CUR); + + if (r >= 0) + fop_fd->pos = r; + else + lwsl_err("error seeking from cur %ld, offset %ld\n", + (long)fop_fd->pos, (long)offset); + + return r; +} + +LWS_VISIBLE int +_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len) +{ + long n; + + n = read((int)fop_fd->fd, buf, len); + if (n == -1) { + *amount = 0; + return -1; + } + fop_fd->pos += n; + lwsl_debug("%s: read %ld of req %ld, pos %ld, len %ld\n", __func__, n, + (long)len, (long)fop_fd->pos, (long)fop_fd->len); + *amount = n; + + return 0; +} + +LWS_VISIBLE int +_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len) +{ + long n; + + n = write((int)fop_fd->fd, buf, len); + if (n == -1) { + *amount = 0; + return -1; + } + + fop_fd->pos += n; + *amount = n; + + return 0; +} + +LWS_VISIBLE int +lws_plat_init(struct lws_context *context, + const struct lws_context_creation_info *info) +{ + int fd; + + /* master context has the global fd lookup array */ + context->lws_lookup = lws_zalloc(sizeof(struct lws *) * + context->max_fds, "lws_lookup"); + if (context->lws_lookup == NULL) { + lwsl_err("OOM on lws_lookup array for %d connections\n", + context->max_fds); + return 1; + } + + lwsl_info(" mem: platform fd map: %5lu bytes\n", + (unsigned long)(sizeof(struct lws *) * context->max_fds)); + fd = open(SYSTEM_RANDOM_FILEPATH, O_RDONLY); + + context->fd_random = fd; + if (context->fd_random < 0) { + lwsl_err("Unable to open random device %s %d\n", + SYSTEM_RANDOM_FILEPATH, context->fd_random); + return 1; + } + +#ifdef LWS_WITH_PLUGINS + if (info->plugin_dirs) + lws_plat_plugins_init(context, info->plugin_dirs); +#endif + + return 0; +} + +LWS_VISIBLE int +lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, + int len) +{ + int n; + + n = write(fd, buf, len); + + fsync(fd); + lseek(fd, 0, SEEK_SET); + + return n != len; +} + +LWS_VISIBLE int +lws_plat_write_file(const char *filename, void *buf, int len) +{ + int m, fd; + + fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); + + if (fd == -1) + return 1; + + m = write(fd, buf, len); + close(fd); + + return m != len; +} + +LWS_VISIBLE int +lws_plat_read_file(const char *filename, void *buf, int len) +{ + int n, fd = lws_open(filename, O_RDONLY); + if (fd == -1) + return -1; + + n = read(fd, buf, len); + close(fd); + + return n; +} + +LWS_VISIBLE int +lws_plat_recommended_rsa_bits(void) +{ + return 4096; +} diff --git a/thirdparty/libwebsockets/plat/lws-plat-win.c b/thirdparty/libwebsockets/plat/lws-plat-win.c new file mode 100644 index 0000000000..26caab2cde --- /dev/null +++ b/thirdparty/libwebsockets/plat/lws-plat-win.c @@ -0,0 +1,852 @@ +#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS +#define _WINSOCK_DEPRECATED_NO_WARNINGS +#endif +#include "core/private.h" + +void lws_plat_apply_FD_CLOEXEC(int n) +{ +} + +int +lws_plat_socket_offset(void) +{ + return 0; +} + +int +lws_plat_pipe_create(struct lws *wsi) +{ + return 1; +} + +int +lws_plat_pipe_signal(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + WSASetEvent(pt->events[0]); /* trigger the cancel event */ + + return 0; +} + +void +lws_plat_pipe_close(struct lws *wsi) +{ +} + +unsigned long long +time_in_microseconds() +{ +#ifndef DELTA_EPOCH_IN_MICROSECS +#define DELTA_EPOCH_IN_MICROSECS 11644473600000000ULL +#endif + FILETIME filetime; + ULARGE_INTEGER datetime; + +#ifdef _WIN32_WCE + GetCurrentFT(&filetime); +#else + GetSystemTimeAsFileTime(&filetime); +#endif + + /* + * As per Windows documentation for FILETIME, copy the resulting + * FILETIME structure to a ULARGE_INTEGER structure using memcpy + * (using memcpy instead of direct assignment can prevent alignment + * faults on 64-bit Windows). + */ + memcpy(&datetime, &filetime, sizeof(datetime)); + + /* Windows file times are in 100s of nanoseconds. */ + return (datetime.QuadPart / 10) - DELTA_EPOCH_IN_MICROSECS; +} + +#ifdef _WIN32_WCE +time_t time(time_t *t) +{ + time_t ret = time_in_microseconds() / 1000000; + + if(t != NULL) + *t = ret; + + return ret; +} +#endif + +/* file descriptor hash management */ + +struct lws * +wsi_from_fd(const struct lws_context *context, lws_sockfd_type fd) +{ + int h = LWS_FD_HASH(fd); + int n = 0; + + for (n = 0; n < context->fd_hashtable[h].length; n++) + if (context->fd_hashtable[h].wsi[n]->desc.sockfd == fd) + return context->fd_hashtable[h].wsi[n]; + + return NULL; +} + +int +insert_wsi(struct lws_context *context, struct lws *wsi) +{ + int h = LWS_FD_HASH(wsi->desc.sockfd); + + if (context->fd_hashtable[h].length == (getdtablesize() - 1)) { + lwsl_err("hash table overflow\n"); + return 1; + } + + context->fd_hashtable[h].wsi[context->fd_hashtable[h].length++] = wsi; + + return 0; +} + +int +delete_from_fd(struct lws_context *context, lws_sockfd_type fd) +{ + int h = LWS_FD_HASH(fd); + int n = 0; + + for (n = 0; n < context->fd_hashtable[h].length; n++) + if (context->fd_hashtable[h].wsi[n]->desc.sockfd == fd) { + while (n < context->fd_hashtable[h].length) { + context->fd_hashtable[h].wsi[n] = + context->fd_hashtable[h].wsi[n + 1]; + n++; + } + context->fd_hashtable[h].length--; + + return 0; + } + + lwsl_err("Failed to find fd %d requested for " + "delete in hashtable\n", fd); + return 1; +} + +LWS_VISIBLE int +lws_get_random(struct lws_context *context, void *buf, int len) +{ + int n; + char *p = (char *)buf; + + for (n = 0; n < len; n++) + p[n] = (unsigned char)rand(); + + return n; +} + +LWS_VISIBLE int +lws_send_pipe_choked(struct lws *wsi) +{ struct lws *wsi_eff = wsi; + +#if defined(LWS_WITH_HTTP2) + wsi_eff = lws_get_network_wsi(wsi); +#endif + /* the fact we checked implies we avoided back-to-back writes */ + wsi_eff->could_have_pending = 0; + + /* treat the fact we got a truncated send pending as if we're choked */ + if (wsi_eff->trunc_len) + return 1; + + return (int)wsi_eff->sock_send_blocking; +} + +LWS_VISIBLE int +lws_poll_listen_fd(struct lws_pollfd *fd) +{ + fd_set readfds; + struct timeval tv = { 0, 0 }; + + assert((fd->events & LWS_POLLIN) == LWS_POLLIN); + + FD_ZERO(&readfds); + FD_SET(fd->fd, &readfds); + + return select(((int)fd->fd) + 1, &readfds, NULL, NULL, &tv); +} + +LWS_VISIBLE void +lwsl_emit_syslog(int level, const char *line) +{ + lwsl_emit_stderr(level, line); +} + +LWS_VISIBLE LWS_EXTERN int +_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi) +{ + struct lws_context_per_thread *pt; + WSANETWORKEVENTS networkevents; + struct lws_pollfd *pfd; + struct lws *wsi; + unsigned int i; + DWORD ev; + int n, m; + + /* stay dead once we are dead */ + if (context == NULL || !context->vhost_list) + return 1; + + pt = &context->pt[tsi]; + + if (!context->service_tid_detected) { + struct lws _lws; + + memset(&_lws, 0, sizeof(_lws)); + _lws.context = context; + + context->service_tid_detected = context->vhost_list-> + protocols[0].callback(&_lws, LWS_CALLBACK_GET_THREAD_ID, + NULL, NULL, 0); + context->service_tid = context->service_tid_detected; + context->service_tid_detected = 1; + } + + if (timeout_ms < 0) { + if (lws_service_flag_pending(context, tsi)) { + /* any socket with events to service? */ + for (n = 0; n < (int)pt->fds_count; n++) { + if (!pt->fds[n].revents) + continue; + + m = lws_service_fd_tsi(context, &pt->fds[n], tsi); + if (m < 0) + return -1; + /* if something closed, retry this slot */ + if (m) + n--; + } + } + return 0; + } + + if (context->event_loop_ops->run_pt) + context->event_loop_ops->run_pt(context, tsi); + + for (i = 0; i < pt->fds_count; ++i) { + pfd = &pt->fds[i]; + + if (!(pfd->events & LWS_POLLOUT)) + continue; + + wsi = wsi_from_fd(context, pfd->fd); + if (!wsi || wsi->listener) + continue; + if (wsi->sock_send_blocking) + continue; + pfd->revents = LWS_POLLOUT; + n = lws_service_fd(context, pfd); + if (n < 0) + return -1; + + /* Force WSAWaitForMultipleEvents() to check events and then return immediately. */ + timeout_ms = 0; + + /* if something closed, retry this slot */ + if (n) + i--; + } + + /* + * is there anybody with pending stuff that needs service forcing? + */ + if (!lws_service_adjust_timeout(context, 1, tsi)) { + /* -1 timeout means just do forced service */ + _lws_plat_service_tsi(context, -1, pt->tid); + /* still somebody left who wants forced service? */ + if (!lws_service_adjust_timeout(context, 1, pt->tid)) + /* yes... come back again quickly */ + timeout_ms = 0; + } + + if (timeout_ms) { + lws_usec_t t; + + lws_pt_lock(pt, __func__); + /* don't stay in poll wait longer than next hr timeout */ + t = __lws_hrtimer_service(pt); + + if ((lws_usec_t)timeout_ms * 1000 > t) + timeout_ms = (int)(t / 1000); + lws_pt_unlock(pt); + } + + ev = WSAWaitForMultipleEvents(1, pt->events, FALSE, timeout_ms, FALSE); + if (ev == WSA_WAIT_EVENT_0) { + unsigned int eIdx, err; + + WSAResetEvent(pt->events[0]); + + if (pt->context->tls_ops && + pt->context->tls_ops->fake_POLLIN_for_buffered) + pt->context->tls_ops->fake_POLLIN_for_buffered(pt); + + for (eIdx = 0; eIdx < pt->fds_count; ++eIdx) { + if (WSAEnumNetworkEvents(pt->fds[eIdx].fd, 0, + &networkevents) == SOCKET_ERROR) { + lwsl_err("WSAEnumNetworkEvents() failed " + "with error %d\n", LWS_ERRNO); + return -1; + } + + pfd = &pt->fds[eIdx]; + pfd->revents = (short)networkevents.lNetworkEvents; + + err = networkevents.iErrorCode[FD_CONNECT_BIT]; + + if ((networkevents.lNetworkEvents & FD_CONNECT) && + err && err != LWS_EALREADY && + err != LWS_EINPROGRESS && err != LWS_EWOULDBLOCK && + err != WSAEINVAL) { + lwsl_debug("Unable to connect errno=%d\n", err); + pfd->revents |= LWS_POLLHUP; + } + + if (pfd->revents & LWS_POLLOUT) { + wsi = wsi_from_fd(context, pfd->fd); + if (wsi) + wsi->sock_send_blocking = 0; + } + /* if something closed, retry this slot */ + if (pfd->revents & LWS_POLLHUP) + --eIdx; + + if (pfd->revents) { + recv(pfd->fd, NULL, 0, 0); + lws_service_fd_tsi(context, pfd, tsi); + } + } + } + + context->service_tid = 0; + + if (ev == WSA_WAIT_TIMEOUT) + lws_service_fd(context, NULL); + + return 0; +} + +LWS_VISIBLE int +lws_plat_service(struct lws_context *context, int timeout_ms) +{ + return _lws_plat_service_tsi(context, timeout_ms, 0); +} + +LWS_VISIBLE int +lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd) +{ + int optval = 1; + int optlen = sizeof(optval); + u_long optl = 1; + DWORD dwBytesRet; + struct tcp_keepalive alive; + int protonbr; +#ifndef _WIN32_WCE + struct protoent *tcp_proto; +#endif + +#ifdef LWS_WITH_IPV6 + optval = 0; + setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, (const void*)&optval, optlen); +#endif + + if (vhost->ka_time) { + /* enable keepalive on this socket */ + optval = 1; + if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, + (const char *)&optval, optlen) < 0) + return 1; + + alive.onoff = TRUE; + alive.keepalivetime = vhost->ka_time; + alive.keepaliveinterval = vhost->ka_interval; + + if (WSAIoctl(fd, SIO_KEEPALIVE_VALS, &alive, sizeof(alive), + NULL, 0, &dwBytesRet, NULL, NULL)) + return 1; + } + + /* Disable Nagle */ + optval = 1; +#ifndef _WIN32_WCE + tcp_proto = getprotobyname("TCP"); + if (!tcp_proto) { + lwsl_err("getprotobyname() failed with error %d\n", LWS_ERRNO); + return 1; + } + protonbr = tcp_proto->p_proto; +#else + protonbr = 6; +#endif + + setsockopt(fd, protonbr, TCP_NODELAY, (const char *)&optval, optlen); + + /* We are nonblocking... */ + ioctlsocket(fd, FIONBIO, &optl); + + return 0; +} + +LWS_VISIBLE void +lws_plat_drop_app_privileges(const struct lws_context_creation_info *info) +{ +} + +LWS_VISIBLE int +lws_plat_context_early_init(void) +{ + WORD wVersionRequested; + WSADATA wsaData; + int err; + + /* Use the MAKEWORD(lowbyte, highbyte) macro from Windef.h */ + wVersionRequested = MAKEWORD(2, 2); + + err = WSAStartup(wVersionRequested, &wsaData); + if (!err) + return 0; + /* + * Tell the user that we could not find a usable + * Winsock DLL + */ + lwsl_err("WSAStartup failed with error: %d\n", err); + + return 1; +} + +LWS_VISIBLE void +lws_plat_context_early_destroy(struct lws_context *context) +{ + struct lws_context_per_thread *pt = &context->pt[0]; + int n = context->count_threads; + + while (n--) { + if (pt->events) { + WSACloseEvent(pt->events[0]); + lws_free(pt->events); + } + pt++; + } +} + +LWS_VISIBLE void +lws_plat_context_late_destroy(struct lws_context *context) +{ + int n; + + for (n = 0; n < FD_HASHTABLE_MODULUS; n++) { + if (context->fd_hashtable[n].wsi) + lws_free(context->fd_hashtable[n].wsi); + } + + WSACleanup(); +} + +LWS_VISIBLE LWS_EXTERN int +lws_interface_to_sa(int ipv6, + const char *ifname, struct sockaddr_in *addr, size_t addrlen) +{ +#ifdef LWS_WITH_IPV6 + struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr; + + if (ipv6) { + if (lws_plat_inet_pton(AF_INET6, ifname, &addr6->sin6_addr) == 1) { + return LWS_ITOSA_USABLE; + } + } +#endif + + long long address = inet_addr(ifname); + + if (address == INADDR_NONE) { + struct hostent *entry = gethostbyname(ifname); + if (entry) + address = ((struct in_addr *)entry->h_addr_list[0])->s_addr; + } + + if (address == INADDR_NONE) + return LWS_ITOSA_NOT_EXIST; + + addr->sin_addr.s_addr = (unsigned long)(lws_intptr_t)address; + + return LWS_ITOSA_USABLE; +} + +LWS_VISIBLE void +lws_plat_insert_socket_into_fds(struct lws_context *context, struct lws *wsi) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + + pt->fds[pt->fds_count++].revents = 0; + pt->events[pt->fds_count] = pt->events[0]; + WSAEventSelect(wsi->desc.sockfd, pt->events[0], + LWS_POLLIN | LWS_POLLHUP | FD_CONNECT); +} + +LWS_VISIBLE void +lws_plat_delete_socket_from_fds(struct lws_context *context, + struct lws *wsi, int m) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + + pt->events[m + 1] = pt->events[pt->fds_count--]; +} + +LWS_VISIBLE void +lws_plat_service_periodic(struct lws_context *context) +{ +} + +LWS_VISIBLE int +lws_plat_check_connection_error(struct lws *wsi) +{ + int optVal; + int optLen = sizeof(int); + + if (getsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_ERROR, + (char*)&optVal, &optLen) != SOCKET_ERROR && optVal && + optVal != LWS_EALREADY && optVal != LWS_EINPROGRESS && + optVal != LWS_EWOULDBLOCK && optVal != WSAEINVAL) { + lwsl_debug("Connect failed SO_ERROR=%d\n", optVal); + return 1; + } + + return 0; +} + +LWS_VISIBLE int +lws_plat_change_pollfd(struct lws_context *context, + struct lws *wsi, struct lws_pollfd *pfd) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + long networkevents = LWS_POLLHUP | FD_CONNECT; + + if ((pfd->events & LWS_POLLIN)) + networkevents |= LWS_POLLIN; + + if ((pfd->events & LWS_POLLOUT)) + networkevents |= LWS_POLLOUT; + + if (WSAEventSelect(wsi->desc.sockfd, + pt->events[0], + networkevents) != SOCKET_ERROR) + return 0; + + lwsl_err("WSAEventSelect() failed with error %d\n", LWS_ERRNO); + + return 1; +} + +LWS_VISIBLE const char * +lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt) +{ + WCHAR *buffer; + DWORD bufferlen = cnt; + BOOL ok = FALSE; + + buffer = lws_malloc(bufferlen * 2, "inet_ntop"); + if (!buffer) { + lwsl_err("Out of memory\n"); + return NULL; + } + + if (af == AF_INET) { + struct sockaddr_in srcaddr; + bzero(&srcaddr, sizeof(srcaddr)); + srcaddr.sin_family = AF_INET; + memcpy(&(srcaddr.sin_addr), src, sizeof(srcaddr.sin_addr)); + + if (!WSAAddressToStringW((struct sockaddr*)&srcaddr, sizeof(srcaddr), 0, buffer, &bufferlen)) + ok = TRUE; +#ifdef LWS_WITH_IPV6 + } else if (af == AF_INET6) { + struct sockaddr_in6 srcaddr; + bzero(&srcaddr, sizeof(srcaddr)); + srcaddr.sin6_family = AF_INET6; + memcpy(&(srcaddr.sin6_addr), src, sizeof(srcaddr.sin6_addr)); + + if (!WSAAddressToStringW((struct sockaddr*)&srcaddr, sizeof(srcaddr), 0, buffer, &bufferlen)) + ok = TRUE; +#endif + } else + lwsl_err("Unsupported type\n"); + + if (!ok) { + int rv = WSAGetLastError(); + lwsl_err("WSAAddressToString() : %d\n", rv); + } else { + if (WideCharToMultiByte(CP_ACP, 0, buffer, bufferlen, dst, cnt, 0, NULL) <= 0) + ok = FALSE; + } + + lws_free(buffer); + return ok ? dst : NULL; +} + +LWS_VISIBLE int +lws_plat_inet_pton(int af, const char *src, void *dst) +{ + WCHAR *buffer; + DWORD bufferlen = (int)strlen(src) + 1; + BOOL ok = FALSE; + + buffer = lws_malloc(bufferlen * 2, "inet_pton"); + if (!buffer) { + lwsl_err("Out of memory\n"); + return -1; + } + + if (MultiByteToWideChar(CP_ACP, 0, src, bufferlen, buffer, bufferlen) <= 0) { + lwsl_err("Failed to convert multi byte to wide char\n"); + lws_free(buffer); + return -1; + } + + if (af == AF_INET) { + struct sockaddr_in dstaddr; + int dstaddrlen = sizeof(dstaddr); + bzero(&dstaddr, sizeof(dstaddr)); + dstaddr.sin_family = AF_INET; + + if (!WSAStringToAddressW(buffer, af, 0, (struct sockaddr *) &dstaddr, &dstaddrlen)) { + ok = TRUE; + memcpy(dst, &dstaddr.sin_addr, sizeof(dstaddr.sin_addr)); + } +#ifdef LWS_WITH_IPV6 + } else if (af == AF_INET6) { + struct sockaddr_in6 dstaddr; + int dstaddrlen = sizeof(dstaddr); + bzero(&dstaddr, sizeof(dstaddr)); + dstaddr.sin6_family = AF_INET6; + + if (!WSAStringToAddressW(buffer, af, 0, (struct sockaddr *) &dstaddr, &dstaddrlen)) { + ok = TRUE; + memcpy(dst, &dstaddr.sin6_addr, sizeof(dstaddr.sin6_addr)); + } +#endif + } else + lwsl_err("Unsupported type\n"); + + if (!ok) { + int rv = WSAGetLastError(); + lwsl_err("WSAAddressToString() : %d\n", rv); + } + + lws_free(buffer); + return ok ? 1 : -1; +} + +LWS_VISIBLE lws_fop_fd_t +_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, + const char *vpath, lws_fop_flags_t *flags) +{ + HANDLE ret; + WCHAR buf[MAX_PATH]; + lws_fop_fd_t fop_fd; + FILE_STANDARD_INFO fInfo = {0}; + + MultiByteToWideChar(CP_UTF8, 0, filename, -1, buf, LWS_ARRAY_SIZE(buf)); + +#if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0602 // Windows 8 (minimum when UWP_ENABLED, but can be used in Windows builds) + CREATEFILE2_EXTENDED_PARAMETERS extParams = {0}; + extParams.dwFileAttributes = FILE_ATTRIBUTE_NORMAL; + + if (((*flags) & 7) == _O_RDONLY) { + ret = CreateFile2(buf, GENERIC_READ, FILE_SHARE_READ, OPEN_EXISTING, &extParams); + } else { + ret = CreateFile2(buf, GENERIC_WRITE, 0, CREATE_ALWAYS, &extParams); + } +#else + if (((*flags) & 7) == _O_RDONLY) { + ret = CreateFileW(buf, GENERIC_READ, FILE_SHARE_READ, + NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); + } else { + ret = CreateFileW(buf, GENERIC_WRITE, 0, NULL, + CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); + } +#endif + + if (ret == LWS_INVALID_FILE) + goto bail; + + fop_fd = malloc(sizeof(*fop_fd)); + if (!fop_fd) + goto bail; + + fop_fd->fops = fops; + fop_fd->fd = ret; + fop_fd->filesystem_priv = NULL; /* we don't use it */ + fop_fd->flags = *flags; + fop_fd->len = 0; + if(GetFileInformationByHandleEx(ret, FileStandardInfo, &fInfo, sizeof(fInfo))) + fop_fd->len = fInfo.EndOfFile.QuadPart; + + fop_fd->pos = 0; + + return fop_fd; + +bail: + return NULL; +} + +LWS_VISIBLE int +_lws_plat_file_close(lws_fop_fd_t *fop_fd) +{ + HANDLE fd = (*fop_fd)->fd; + + free(*fop_fd); + *fop_fd = NULL; + + CloseHandle((HANDLE)fd); + + return 0; +} + +LWS_VISIBLE lws_fileofs_t +_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset) +{ + LARGE_INTEGER l; + + l.QuadPart = offset; + return SetFilePointerEx((HANDLE)fop_fd->fd, l, NULL, FILE_CURRENT); +} + +LWS_VISIBLE int +_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t *buf, lws_filepos_t len) +{ + DWORD _amount; + + if (!ReadFile((HANDLE)fop_fd->fd, buf, (DWORD)len, &_amount, NULL)) { + *amount = 0; + + return 1; + } + + fop_fd->pos += _amount; + *amount = (unsigned long)_amount; + + return 0; +} + +LWS_VISIBLE int +_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount, + uint8_t* buf, lws_filepos_t len) +{ + DWORD _amount; + + if (!WriteFile((HANDLE)fop_fd->fd, buf, (DWORD)len, &_amount, NULL)) { + *amount = 0; + + return 1; + } + + fop_fd->pos += _amount; + *amount = (unsigned long)_amount; + + return 0; +} + +LWS_VISIBLE int +lws_plat_init(struct lws_context *context, + const struct lws_context_creation_info *info) +{ + struct lws_context_per_thread *pt = &context->pt[0]; + int i, n = context->count_threads; + + for (i = 0; i < FD_HASHTABLE_MODULUS; i++) { + context->fd_hashtable[i].wsi = + lws_zalloc(sizeof(struct lws*) * context->max_fds, "win hashtable"); + + if (!context->fd_hashtable[i].wsi) + return -1; + } + + while (n--) { + pt->events = lws_malloc(sizeof(WSAEVENT) * + (context->fd_limit_per_thread + 1), "event table"); + if (pt->events == NULL) { + lwsl_err("Unable to allocate events array for %d connections\n", + context->fd_limit_per_thread + 1); + return 1; + } + + pt->fds_count = 0; + pt->events[0] = WSACreateEvent(); /* the cancel event */ + + pt++; + } + + context->fd_random = 0; + +#ifdef LWS_WITH_PLUGINS + if (info->plugin_dirs) + lws_plat_plugins_init(context, info->plugin_dirs); +#endif + + return 0; +} + + +int kill(int pid, int sig) +{ + lwsl_err("Sorry Windows doesn't support kill()."); + exit(0); +} + +int fork(void) +{ + lwsl_err("Sorry Windows doesn't support fork()."); + exit(0); +} + +LWS_VISIBLE int +lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, + int len) +{ + int n; + + n = write(fd, buf, len); + + lseek(fd, 0, SEEK_SET); + + return n != len; +} + +LWS_VISIBLE int +lws_plat_write_file(const char *filename, void *buf, int len) +{ + int m, fd; + + fd = lws_open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); + + if (fd == -1) + return -1; + + m = write(fd, buf, len); + close(fd); + + return m != len; +} + +LWS_VISIBLE int +lws_plat_read_file(const char *filename, void *buf, int len) +{ + int n, fd = lws_open(filename, O_RDONLY); + if (fd == -1) + return -1; + + n = read(fd, buf, len); + close(fd); + + return n; +} + +LWS_VISIBLE int +lws_plat_recommended_rsa_bits(void) +{ + return 4096; +} diff --git a/thirdparty/libwebsockets/roles/h1/ops-h1.c b/thirdparty/libwebsockets/roles/h1/ops-h1.c new file mode 100644 index 0000000000..9001c864ea --- /dev/null +++ b/thirdparty/libwebsockets/roles/h1/ops-h1.c @@ -0,0 +1,701 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +#ifndef min +#define min(a, b) ((a) < (b) ? (a) : (b)) +#endif + + +/* + * We have to take care about parsing because the headers may be split + * into multiple fragments. They may contain unknown headers with arbitrary + * argument lengths. So, we parse using a single-character at a time state + * machine that is completely independent of packet size. + * + * Returns <0 for error or length of chars consumed from buf (up to len) + */ + +int +lws_read_h1(struct lws *wsi, unsigned char *buf, lws_filepos_t len) +{ + unsigned char *last_char, *oldbuf = buf; + lws_filepos_t body_chunk_len; + size_t n; + + // lwsl_notice("%s: h1 path: wsi state 0x%x\n", __func__, lwsi_state(wsi)); + + switch (lwsi_state(wsi)) { + + case LRS_ISSUING_FILE: + return 0; + + case LRS_ESTABLISHED: + + if (lwsi_role_ws(wsi)) + goto ws_mode; + + if (lwsi_role_client(wsi)) + break; + + wsi->hdr_parsing_completed = 0; + + /* fallthru */ + + case LRS_HEADERS: + if (!wsi->http.ah) { + lwsl_err("%s: LRS_HEADERS: NULL ah\n", __func__); + assert(0); + } + lwsl_parser("issuing %d bytes to parser\n", (int)len); +#if defined(LWS_ROLE_WS) && !defined(LWS_NO_CLIENT) + if (lws_ws_handshake_client(wsi, &buf, (size_t)len)) + goto bail; +#endif + last_char = buf; + if (lws_handshake_server(wsi, &buf, (size_t)len)) + /* Handshake indicates this session is done. */ + goto bail; + + /* we might have transitioned to RAW */ + if (wsi->role_ops == &role_ops_raw_skt || + wsi->role_ops == &role_ops_raw_file) + /* we gave the read buffer to RAW handler already */ + goto read_ok; + + /* + * It's possible that we've exhausted our data already, or + * rx flow control has stopped us dealing with this early, + * but lws_handshake_server doesn't update len for us. + * Figure out how much was read, so that we can proceed + * appropriately: + */ + len -= (buf - last_char); +// lwsl_debug("%s: thinks we have used %ld\n", __func__, (long)len); + + if (!wsi->hdr_parsing_completed) + /* More header content on the way */ + goto read_ok; + + switch (lwsi_state(wsi)) { + case LRS_ESTABLISHED: + case LRS_HEADERS: + goto read_ok; + case LRS_ISSUING_FILE: + goto read_ok; + case LRS_BODY: + wsi->http.rx_content_remain = + wsi->http.rx_content_length; + if (wsi->http.rx_content_remain) + goto http_postbody; + + /* there is no POST content */ + goto postbody_completion; + default: + break; + } + break; + + case LRS_BODY: +http_postbody: + lwsl_debug("%s: http post body: remain %d\n", __func__, + (int)wsi->http.rx_content_remain); + while (len && wsi->http.rx_content_remain) { + /* Copy as much as possible, up to the limit of: + * what we have in the read buffer (len) + * remaining portion of the POST body (content_remain) + */ + body_chunk_len = min(wsi->http.rx_content_remain, len); + wsi->http.rx_content_remain -= body_chunk_len; + len -= body_chunk_len; +#ifdef LWS_WITH_CGI + if (wsi->http.cgi) { + struct lws_cgi_args args; + + args.ch = LWS_STDIN; + args.stdwsi = &wsi->http.cgi->stdwsi[0]; + args.data = buf; + args.len = body_chunk_len; + + /* returns how much used */ + n = user_callback_handle_rxflow( + wsi->protocol->callback, + wsi, LWS_CALLBACK_CGI_STDIN_DATA, + wsi->user_space, + (void *)&args, 0); + if ((int)n < 0) + goto bail; + } else { +#endif + n = wsi->protocol->callback(wsi, + LWS_CALLBACK_HTTP_BODY, wsi->user_space, + buf, (size_t)body_chunk_len); + if (n) + goto bail; + n = (size_t)body_chunk_len; +#ifdef LWS_WITH_CGI + } +#endif + buf += n; + + if (wsi->http.rx_content_remain) { + lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, + wsi->context->timeout_secs); + break; + } + /* he sent all the content in time */ +postbody_completion: +#ifdef LWS_WITH_CGI + /* + * If we're running a cgi, we can't let him off the + * hook just because he sent his POST data + */ + if (wsi->http.cgi) + lws_set_timeout(wsi, PENDING_TIMEOUT_CGI, + wsi->context->timeout_secs); + else +#endif + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); +#ifdef LWS_WITH_CGI + if (!wsi->http.cgi) +#endif + { + lwsl_info("HTTP_BODY_COMPLETION: %p (%s)\n", + wsi, wsi->protocol->name); + n = wsi->protocol->callback(wsi, + LWS_CALLBACK_HTTP_BODY_COMPLETION, + wsi->user_space, NULL, 0); + if (n) + goto bail; + + if (wsi->http2_substream) + lwsi_set_state(wsi, LRS_ESTABLISHED); + } + + break; + } + break; + + case LRS_RETURNED_CLOSE: + case LRS_AWAITING_CLOSE_ACK: + case LRS_WAITING_TO_SEND_CLOSE: + case LRS_SHUTDOWN: + +ws_mode: +#if !defined(LWS_NO_CLIENT) && defined(LWS_ROLE_WS) + // lwsl_notice("%s: ws_mode\n", __func__); + if (lws_ws_handshake_client(wsi, &buf, (size_t)len)) + goto bail; +#endif +#if defined(LWS_ROLE_WS) + if (lwsi_role_ws(wsi) && lwsi_role_server(wsi) && + /* + * for h2 we are on the swsi + */ + lws_parse_ws(wsi, &buf, (size_t)len) < 0) { + lwsl_info("%s: lws_parse_ws bailed\n", __func__); + goto bail; + } +#endif + // lwsl_notice("%s: ws_mode: buf moved on by %d\n", __func__, + // lws_ptr_diff(buf, oldbuf)); + break; + + case LRS_DEFERRING_ACTION: + lwsl_debug("%s: LRS_DEFERRING_ACTION\n", __func__); + break; + + case LRS_SSL_ACK_PENDING: + break; + + case LRS_DEAD_SOCKET: + lwsl_err("%s: Unhandled state LRS_DEAD_SOCKET\n", __func__); + goto bail; + // assert(0); + /* fallthru */ + + default: + lwsl_err("%s: Unhandled state %d\n", __func__, lwsi_state(wsi)); + assert(0); + goto bail; + } + +read_ok: + /* Nothing more to do for now */ +// lwsl_info("%s: %p: read_ok, used %ld (len %d, state %d)\n", __func__, +// wsi, (long)(buf - oldbuf), (int)len, wsi->state); + + return lws_ptr_diff(buf, oldbuf); + +bail: + /* + * h2 / h2-ws calls us recursively in + * + * lws_read_h1()-> + * lws_h2_parser()-> + * lws_read_h1() + * + * pattern, having stripped the h2 framing in the middle. + * + * When taking down the whole connection, make sure that only the + * outer lws_read() does the wsi close. + */ + if (!wsi->outer_will_close) + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "lws_read_h1 bail"); + + return -1; +} +#if !defined(LWS_NO_SERVER) +static int +lws_h1_server_socket_service(struct lws *wsi, struct lws_pollfd *pollfd) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + struct lws_tokens ebuf; + int n, buffered; + + if (lwsi_state(wsi) == LRS_DEFERRING_ACTION) + goto try_pollout; + + /* any incoming data ready? */ + + if (!(pollfd->revents & pollfd->events & LWS_POLLIN)) + goto try_pollout; + + /* + * If we previously just did POLLIN when IN and OUT were signaled + * (because POLLIN processing may have used up the POLLOUT), don't let + * that happen twice in a row... next time we see the situation favour + * POLLOUT + */ + + if (wsi->favoured_pollin && + (pollfd->revents & pollfd->events & LWS_POLLOUT)) { + // lwsl_notice("favouring pollout\n"); + wsi->favoured_pollin = 0; + goto try_pollout; + } + + /* + * We haven't processed that the tunnel is set up yet, so + * defer reading + */ + + if (lwsi_state(wsi) == LRS_SSL_ACK_PENDING) + return LWS_HPI_RET_HANDLED; + + /* these states imply we MUST have an ah attached */ + + if ((lwsi_state(wsi) == LRS_ESTABLISHED || + lwsi_state(wsi) == LRS_ISSUING_FILE || + lwsi_state(wsi) == LRS_HEADERS || + lwsi_state(wsi) == LRS_BODY)) { + + if (!wsi->http.ah && lws_header_table_attach(wsi, 0)) { + lwsl_info("%s: wsi %p: ah not available\n", __func__, wsi); + goto try_pollout; + } + + /* + * We got here because there was specifically POLLIN... + * regardless of our buflist state, we need to get it, + * and either use it, or append to the buflist and use + * buflist head material. + * + * We will not notice a connection close until the buflist is + * exhausted and we tried to do a read of some kind. + */ + + buffered = lws_buflist_aware_read(pt, wsi, &ebuf); + switch (ebuf.len) { + case 0: + lwsl_info("%s: read 0 len a\n", __func__); + wsi->seen_zero_length_recv = 1; + lws_change_pollfd(wsi, LWS_POLLIN, 0); +#if !defined(LWS_WITHOUT_EXTENSIONS) + /* + * autobahn requires us to win the race between close + * and draining the extensions + */ + if (wsi->ws && + (wsi->ws->rx_draining_ext || wsi->ws->tx_draining_ext)) + goto try_pollout; +#endif + /* + * normally, we respond to close with logically closing + * our side immediately + */ + goto fail; + + case LWS_SSL_CAPABLE_ERROR: + goto fail; + case LWS_SSL_CAPABLE_MORE_SERVICE: + goto try_pollout; + } + + /* just ignore incoming if waiting for close */ + if (lwsi_state(wsi) == LRS_FLUSHING_BEFORE_CLOSE) { + lwsl_notice("%s: just ignoring\n", __func__); + goto try_pollout; + } + + if (lwsi_state(wsi) == LRS_ISSUING_FILE) { + // lwsl_notice("stashing: wsi %p: bd %d\n", wsi, buffered); + if (lws_buflist_aware_consume(wsi, &ebuf, 0, buffered)) + return LWS_HPI_RET_PLEASE_CLOSE_ME; + + goto try_pollout; + } + + /* + * Otherwise give it to whoever wants it according to the + * connection state + */ +#if defined(LWS_ROLE_H2) + if (lwsi_role_h2(wsi) && lwsi_state(wsi) != LRS_BODY) + n = lws_read_h2(wsi, (uint8_t *)ebuf.token, ebuf.len); + else +#endif + n = lws_read_h1(wsi, (uint8_t *)ebuf.token, ebuf.len); + if (n < 0) /* we closed wsi */ + return LWS_HPI_RET_WSI_ALREADY_DIED; + + lwsl_debug("%s: consumed %d\n", __func__, n); + + if (lws_buflist_aware_consume(wsi, &ebuf, n, buffered)) + return LWS_HPI_RET_PLEASE_CLOSE_ME; + + /* + * during the parsing our role changed to something non-http, + * so the ah has no further meaning + */ + + if (wsi->http.ah && + !lwsi_role_h1(wsi) && + !lwsi_role_h2(wsi) && + !lwsi_role_cgi(wsi)) + lws_header_table_detach(wsi, 0); + + /* + * He may have used up the writability above, if we will defer + * POLLOUT processing in favour of POLLIN, note it + */ + + if (pollfd->revents & LWS_POLLOUT) + wsi->favoured_pollin = 1; + + return LWS_HPI_RET_HANDLED; + } + + /* + * He may have used up the writability above, if we will defer POLLOUT + * processing in favour of POLLIN, note it + */ + + if (pollfd->revents & LWS_POLLOUT) + wsi->favoured_pollin = 1; + +try_pollout: + + /* this handles POLLOUT for http serving fragments */ + + if (!(pollfd->revents & LWS_POLLOUT)) + return LWS_HPI_RET_HANDLED; + + /* one shot */ + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_notice("%s a\n", __func__); + goto fail; + } + + /* clear back-to-back write detection */ + wsi->could_have_pending = 0; + + if (lwsi_state(wsi) == LRS_DEFERRING_ACTION) { + lwsl_debug("%s: LRS_DEFERRING_ACTION now writable\n", __func__); + + lwsi_set_state(wsi, LRS_ESTABLISHED); + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_info("failed at set pollfd\n"); + goto fail; + } + } + + if (!wsi->hdr_parsing_completed) + return LWS_HPI_RET_HANDLED; + + if (lwsi_state(wsi) != LRS_ISSUING_FILE) { + + if (wsi->trunc_len) { + //lwsl_notice("%s: completing partial\n", __func__); + if (lws_issue_raw(wsi, wsi->trunc_alloc + wsi->trunc_offset, + wsi->trunc_len) < 0) { + lwsl_info("%s signalling to close\n", __func__); + goto fail; + } + return LWS_HPI_RET_HANDLED; + } + + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_WRITEABLE_CB, 1); +#if defined(LWS_WITH_STATS) + if (wsi->active_writable_req_us) { + uint64_t ul = time_in_microseconds() - + wsi->active_writable_req_us; + + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_MS_WRITABLE_DELAY, ul); + lws_stats_atomic_max(wsi->context, pt, + LWSSTATS_MS_WORST_WRITABLE_DELAY, ul); + wsi->active_writable_req_us = 0; + } +#endif + + n = user_callback_handle_rxflow(wsi->protocol->callback, wsi, + LWS_CALLBACK_HTTP_WRITEABLE, + wsi->user_space, NULL, 0); + if (n < 0) { + lwsl_info("writeable_fail\n"); + goto fail; + } + + return LWS_HPI_RET_HANDLED; + } + + /* >0 == completion, <0 == error + * + * We'll get a LWS_CALLBACK_HTTP_FILE_COMPLETION callback when + * it's done. That's the case even if we just completed the + * send, so wait for that. + */ + n = lws_serve_http_file_fragment(wsi); + if (n < 0) + goto fail; + + return LWS_HPI_RET_HANDLED; + + +fail: + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, + "server socket svc fail"); + + return LWS_HPI_RET_WSI_ALREADY_DIED; +} +#endif + +static int +rops_handle_POLLIN_h1(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + +// lwsl_notice("%s: %p: wsistate 0x%x %s, revents 0x%x\n", __func__, wsi, +// wsi->wsistate, wsi->role_ops->name, pollfd->revents); + +#ifdef LWS_WITH_CGI + if (wsi->http.cgi && (pollfd->revents & LWS_POLLOUT)) { + if (lws_handle_POLLOUT_event(wsi, pollfd)) + return LWS_HPI_RET_PLEASE_CLOSE_ME; + + return LWS_HPI_RET_HANDLED; + } +#endif + + if (lws_is_flowcontrolled(wsi)) + /* We cannot deal with any kind of new RX because we are + * RX-flowcontrolled. + */ + return LWS_HPI_RET_HANDLED; + +#if !defined(LWS_NO_SERVER) + if (!lwsi_role_client(wsi)) { + int n; + + lwsl_debug("%s: %p: wsistate 0x%x\n", __func__, wsi, wsi->wsistate); + n = lws_h1_server_socket_service(wsi, pollfd); + if (n != LWS_HPI_RET_HANDLED) + return n; + if (lwsi_state(wsi) != LRS_SSL_INIT) + if (lws_server_socket_service_ssl(wsi, LWS_SOCK_INVALID)) + return LWS_HPI_RET_PLEASE_CLOSE_ME; + + return LWS_HPI_RET_HANDLED; + } +#endif + +#ifndef LWS_NO_CLIENT + if ((pollfd->revents & LWS_POLLIN) && + wsi->hdr_parsing_completed && !wsi->told_user_closed) { + + /* + * In SSL mode we get POLLIN notification about + * encrypted data in. + * + * But that is not necessarily related to decrypted + * data out becoming available; in may need to perform + * other in or out before that happens. + * + * simply mark ourselves as having readable data + * and turn off our POLLIN + */ + wsi->client_rx_avail = 1; + lws_change_pollfd(wsi, LWS_POLLIN, 0); + + //lwsl_notice("calling back %s\n", wsi->protocol->name); + + /* let user code know, he'll usually ask for writeable + * callback and drain / re-enable it there + */ + if (user_callback_handle_rxflow( + wsi->protocol->callback, + wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP, + wsi->user_space, NULL, 0)) { + lwsl_info("RECEIVE_CLIENT_HTTP closed it\n"); + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + + return LWS_HPI_RET_HANDLED; + } +#endif + +// if (lwsi_state(wsi) == LRS_ESTABLISHED) +// return LWS_HPI_RET_HANDLED; + +#if !defined(LWS_NO_CLIENT) + if ((pollfd->revents & LWS_POLLOUT) && + lws_handle_POLLOUT_event(wsi, pollfd)) { + lwsl_debug("POLLOUT event closed it\n"); + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + + if (lws_client_socket_service(wsi, pollfd, NULL)) + return LWS_HPI_RET_WSI_ALREADY_DIED; +#endif + + return LWS_HPI_RET_HANDLED; +} + +int rops_handle_POLLOUT_h1(struct lws *wsi) +{ + if (lwsi_state(wsi) == LRS_ISSUE_HTTP_BODY) + return LWS_HP_RET_USER_SERVICE; + + if (lwsi_role_client(wsi)) + return LWS_HP_RET_USER_SERVICE; + + return LWS_HP_RET_BAIL_OK; +} + +static int +rops_write_role_protocol_h1(struct lws *wsi, unsigned char *buf, size_t len, + enum lws_write_protocol *wp) +{ +#if 0 + /* if not in a state to send stuff, then just send nothing */ + + if ((lwsi_state(wsi) != LRS_RETURNED_CLOSE && + lwsi_state(wsi) != LRS_WAITING_TO_SEND_CLOSE && + lwsi_state(wsi) != LRS_AWAITING_CLOSE_ACK)) { + //assert(0); + lwsl_debug("binning %d %d\n", lwsi_state(wsi), *wp); + return 0; + } +#endif + + return lws_issue_raw(wsi, (unsigned char *)buf, len); +} + +static int +rops_alpn_negotiated_h1(struct lws *wsi, const char *alpn) +{ + lwsl_debug("%s: client %d\n", __func__, lwsi_role_client(wsi)); +#if !defined(LWS_NO_CLIENT) + if (lwsi_role_client(wsi)) { + /* + * If alpn asserts it is http/1.1, server support for KA is + * mandatory. + * + * Knowing this lets us proceed with sending pipelined headers + * before we received the first response headers. + */ + wsi->keepalive_active = 1; + } +#endif + + return 0; +} + +static int +rops_destroy_role_h1(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + struct allocated_headers *ah; + + /* we may not have an ah, but may be on the waiting list... */ + lwsl_info("%s: ah det due to close\n", __func__); + __lws_header_table_detach(wsi, 0); + + ah = pt->http.ah_list; + + while (ah) { + if (ah->in_use && ah->wsi == wsi) { + lwsl_err("%s: ah leak: wsi %p\n", __func__, wsi); + ah->in_use = 0; + ah->wsi = NULL; + pt->http.ah_count_in_use--; + break; + } + ah = ah->next; + } + +#ifdef LWS_ROLE_WS + lws_free_set_NULL(wsi->ws); +#endif + return 0; +} + +struct lws_role_ops role_ops_h1 = { + /* role name */ "h1", + /* alpn id */ "http/1.1", + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* destroy_vhost */ NULL, + /* periodic_checks */ NULL, + /* service_flag_pending */ NULL, + /* handle_POLLIN */ rops_handle_POLLIN_h1, + /* handle_POLLOUT */ rops_handle_POLLOUT_h1, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ rops_write_role_protocol_h1, + /* encapsulation_parent */ NULL, + /* alpn_negotiated */ rops_alpn_negotiated_h1, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ rops_destroy_role_h1, + /* writeable cb clnt, srv */ { LWS_CALLBACK_CLIENT_HTTP_WRITEABLE, + LWS_CALLBACK_HTTP_WRITEABLE }, + /* close cb clnt, srv */ { LWS_CALLBACK_CLOSED_CLIENT_HTTP, + LWS_CALLBACK_CLOSED_HTTP }, + /* file_handle */ 0, +}; diff --git a/thirdparty/libwebsockets/roles/h1/private.h b/thirdparty/libwebsockets/roles/h1/private.h new file mode 100644 index 0000000000..3f53954d33 --- /dev/null +++ b/thirdparty/libwebsockets/roles/h1/private.h @@ -0,0 +1,27 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * This is included from core/private.h if LWS_ROLE_H1 + * + * Most of the h1 business is defined in the h1 / h2 common roles/http dir + */ + +extern struct lws_role_ops role_ops_h1; +#define lwsi_role_h1(wsi) (wsi->role_ops == &role_ops_h1) diff --git a/thirdparty/libwebsockets/roles/http/client/client-handshake.c b/thirdparty/libwebsockets/roles/http/client/client-handshake.c new file mode 100644 index 0000000000..0095c79a69 --- /dev/null +++ b/thirdparty/libwebsockets/roles/http/client/client-handshake.c @@ -0,0 +1,1284 @@ +#include "core/private.h" + +static int +lws_getaddrinfo46(struct lws *wsi, const char *ads, struct addrinfo **result) +{ + struct addrinfo hints; + + memset(&hints, 0, sizeof(hints)); + *result = NULL; + +#ifdef LWS_WITH_IPV6 + if (wsi->ipv6) { + +#if !defined(__ANDROID__) + hints.ai_family = AF_INET6; + hints.ai_flags = AI_V4MAPPED; +#endif + } else +#endif + { + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + } + + return getaddrinfo(ads, NULL, &hints, result); +} + +struct lws * +lws_client_connect_2(struct lws *wsi) +{ +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + const char *adsin; + struct lws *wsi_piggyback = NULL; + struct lws_pollfd pfd; + ssize_t plen = 0; +#endif + struct addrinfo *result; + const char *ads; + sockaddr46 sa46; + int n, port; + const char *cce = "", *iface; + const char *meth = NULL; +#ifdef LWS_WITH_IPV6 + char ipv6only = lws_check_opt(wsi->vhost->options, + LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY | + LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE); + +#if defined(__ANDROID__) + ipv6only = 0; +#endif +#endif + + lwsl_client("%s: %p\n", __func__, wsi); + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + if (!wsi->http.ah) { + cce = "ah was NULL at cc2"; + lwsl_err("%s\n", cce); + goto oom4; + } + + /* we can only piggyback GET or POST */ + + meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); + if (meth && strcmp(meth, "GET") && strcmp(meth, "POST")) + goto create_new_conn; + + /* we only pipeline connections that said it was okay */ + + if (!wsi->client_pipeline) + goto create_new_conn; + + /* + * let's take a look first and see if there are any already-active + * client connections we can piggy-back on. + */ + + adsin = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); + + lws_vhost_lock(wsi->vhost); /* ----------------------------------- { */ + + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + wsi->vhost->dll_active_client_conns.next) { + struct lws *w = lws_container_of(d, struct lws, + dll_active_client_conns); + + lwsl_debug("%s: check %s %s %d %d\n", __func__, adsin, + w->client_hostname_copy, wsi->c_port, w->c_port); + + if (w != wsi && w->client_hostname_copy && + !strcmp(adsin, w->client_hostname_copy) && +#if defined(LWS_WITH_TLS) + (wsi->tls.use_ssl & LCCSCF_USE_SSL) == + (w->tls.use_ssl & LCCSCF_USE_SSL) && +#endif + wsi->c_port == w->c_port) { + + /* someone else is already connected to the right guy */ + + /* do we know for a fact pipelining won't fly? */ + if (w->keepalive_rejected) { + lwsl_info("defeating pipelining due to no " + "keepalive on server\n"); + lws_vhost_unlock(wsi->vhost); /* } ---------- */ + goto create_new_conn; + } +#if defined (LWS_WITH_HTTP2) + /* + * h2: in usable state already: just use it without + * going through the queue + */ + if (w->client_h2_alpn && + (lwsi_state(w) == LRS_H2_WAITING_TO_SEND_HEADERS || + lwsi_state(w) == LRS_ESTABLISHED)) { + + lwsl_info("%s: just join h2 directly\n", + __func__); + + wsi->client_h2_alpn = 1; + lws_wsi_h2_adopt(w, wsi); + lws_vhost_unlock(wsi->vhost); /* } ---------- */ + + return wsi; + } +#endif + + lwsl_info("applying %p to txn queue on %p (wsistate 0x%x)\n", + wsi, w, w->wsistate); + /* + * ...let's add ourselves to his transaction queue... + * we are adding ourselves at the HEAD + */ + lws_dll_lws_add_front(&wsi->dll_client_transaction_queue, + &w->dll_client_transaction_queue_head); + + /* + * h1: pipeline our headers out on him, + * and wait for our turn at client transaction_complete + * to take over parsing the rx. + */ + + wsi_piggyback = w; + + lws_vhost_unlock(wsi->vhost); /* } ---------- */ + goto send_hs; + } + + } lws_end_foreach_dll_safe(d, d1); + + lws_vhost_unlock(wsi->vhost); /* } ---------------------------------- */ + +create_new_conn: +#endif + + /* + * clients who will create their own fresh connection keep a copy of + * the hostname they originally connected to, in case other connections + * want to use it too + */ + + if (!wsi->client_hostname_copy) + wsi->client_hostname_copy = + lws_strdup(lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_PEER_ADDRESS)); + + /* + * If we made our own connection, and we're doing a method that can take + * a pipeline, we are an "active client connection". + * + * Add ourselves to the vhost list of those so that others can + * piggyback on our transaction queue + */ + + if (meth && (!strcmp(meth, "GET") || !strcmp(meth, "POST")) && + lws_dll_is_null(&wsi->dll_client_transaction_queue) && + lws_dll_is_null(&wsi->dll_active_client_conns)) { + lws_vhost_lock(wsi->vhost); + lws_dll_lws_add_front(&wsi->dll_active_client_conns, + &wsi->vhost->dll_active_client_conns); + lws_vhost_unlock(wsi->vhost); + } + + /* + * start off allowing ipv6 on connection if vhost allows it + */ + wsi->ipv6 = LWS_IPV6_ENABLED(wsi->vhost); + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + + /* Decide what it is we need to connect to: + * + * Priority 1: connect to http proxy */ + + if (wsi->vhost->http.http_proxy_port) { + plen = sprintf((char *)pt->serv_buf, + "CONNECT %s:%u HTTP/1.0\x0d\x0a" + "User-agent: libwebsockets\x0d\x0a", + lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS), + wsi->c_port); + + if (wsi->vhost->proxy_basic_auth_token[0]) + plen += sprintf((char *)pt->serv_buf + plen, + "Proxy-authorization: basic %s\x0d\x0a", + wsi->vhost->proxy_basic_auth_token); + + plen += sprintf((char *)pt->serv_buf + plen, "\x0d\x0a"); + ads = wsi->vhost->http.http_proxy_address; + port = wsi->vhost->http.http_proxy_port; +#else + if (0) { +#endif + +#if defined(LWS_WITH_SOCKS5) + + /* Priority 2: Connect to SOCK5 Proxy */ + + } else if (wsi->vhost->socks_proxy_port) { + socks_generate_msg(wsi, SOCKS_MSG_GREETING, &plen); + lwsl_client("Sending SOCKS Greeting\n"); + ads = wsi->vhost->socks_proxy_address; + port = wsi->vhost->socks_proxy_port; +#endif + } else { + + /* Priority 3: Connect directly */ + + ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); + port = wsi->c_port; + } + + /* + * prepare the actual connection + * to whatever we decided to connect to + */ + + lwsl_info("%s: %p: address %s\n", __func__, wsi, ads); + + n = lws_getaddrinfo46(wsi, ads, &result); + +#ifdef LWS_WITH_IPV6 + if (wsi->ipv6) { + struct sockaddr_in6 *sa6 = + ((struct sockaddr_in6 *)result->ai_addr); + + if (n) { + /* lws_getaddrinfo46 failed, there is no usable result */ + lwsl_notice("%s: lws_getaddrinfo46 failed %d\n", + __func__, n); + cce = "ipv6 lws_getaddrinfo46 failed"; + goto oom4; + } + + memset(&sa46, 0, sizeof(sa46)); + + sa46.sa6.sin6_family = AF_INET6; + switch (result->ai_family) { + case AF_INET: + if (ipv6only) + break; + /* map IPv4 to IPv6 */ + bzero((char *)&sa46.sa6.sin6_addr, + sizeof(sa46.sa6.sin6_addr)); + sa46.sa6.sin6_addr.s6_addr[10] = 0xff; + sa46.sa6.sin6_addr.s6_addr[11] = 0xff; + memcpy(&sa46.sa6.sin6_addr.s6_addr[12], + &((struct sockaddr_in *)result->ai_addr)->sin_addr, + sizeof(struct in_addr)); + lwsl_notice("uplevelling AF_INET to AF_INET6\n"); + break; + + case AF_INET6: + memcpy(&sa46.sa6.sin6_addr, &sa6->sin6_addr, + sizeof(struct in6_addr)); + sa46.sa6.sin6_scope_id = sa6->sin6_scope_id; + sa46.sa6.sin6_flowinfo = sa6->sin6_flowinfo; + break; + default: + lwsl_err("Unknown address family\n"); + freeaddrinfo(result); + cce = "unknown address family"; + goto oom4; + } + } else +#endif /* use ipv6 */ + + /* use ipv4 */ + { + void *p = NULL; + + if (!n) { + struct addrinfo *res = result; + + /* pick the first AF_INET (IPv4) result */ + + while (!p && res) { + switch (res->ai_family) { + case AF_INET: + p = &((struct sockaddr_in *)res->ai_addr)->sin_addr; + break; + } + + res = res->ai_next; + } +#if defined(LWS_FALLBACK_GETHOSTBYNAME) + } else if (n == EAI_SYSTEM) { + struct hostent *host; + + lwsl_info("getaddrinfo (ipv4) failed, trying gethostbyname\n"); + host = gethostbyname(ads); + if (host) { + p = host->h_addr; + } else { + lwsl_err("gethostbyname failed\n"); + cce = "gethostbyname (ipv4) failed"; + goto oom4; + } +#endif + } else { + lwsl_err("getaddrinfo failed\n"); + cce = "getaddrinfo failed"; + goto oom4; + } + + if (!p) { + if (result) + freeaddrinfo(result); + lwsl_err("Couldn't identify address\n"); + cce = "unable to lookup address"; + goto oom4; + } + + sa46.sa4.sin_family = AF_INET; + sa46.sa4.sin_addr = *((struct in_addr *)p); + bzero(&sa46.sa4.sin_zero, 8); + } + + if (result) + freeaddrinfo(result); + + /* now we decided on ipv4 or ipv6, set the port */ + + if (!lws_socket_is_valid(wsi->desc.sockfd)) { + + if (wsi->context->event_loop_ops->check_client_connect_ok && + wsi->context->event_loop_ops->check_client_connect_ok(wsi)) { + cce = "waiting for event loop watcher to close"; + goto oom4; + } + +#ifdef LWS_WITH_IPV6 + if (wsi->ipv6) + wsi->desc.sockfd = socket(AF_INET6, SOCK_STREAM, 0); + else +#endif + wsi->desc.sockfd = socket(AF_INET, SOCK_STREAM, 0); + + if (!lws_socket_is_valid(wsi->desc.sockfd)) { + lwsl_warn("Unable to open socket\n"); + cce = "unable to open socket"; + goto oom4; + } + + if (lws_plat_set_socket_options(wsi->vhost, wsi->desc.sockfd)) { + lwsl_err("Failed to set wsi socket options\n"); + compatible_close(wsi->desc.sockfd); + cce = "set socket opts failed"; + goto oom4; + } + + lwsi_set_state(wsi, LRS_WAITING_CONNECT); + + if (wsi->context->event_loop_ops->accept) + wsi->context->event_loop_ops->accept(wsi); + + if (__insert_wsi_socket_into_fds(wsi->context, wsi)) { + compatible_close(wsi->desc.sockfd); + cce = "insert wsi failed"; + goto oom4; + } + + lws_change_pollfd(wsi, 0, LWS_POLLIN); + + /* + * past here, we can't simply free the structs as error + * handling as oom4 does. We have to run the whole close flow. + */ + + if (!wsi->protocol) + wsi->protocol = &wsi->vhost->protocols[0]; + + wsi->protocol->callback(wsi, LWS_CALLBACK_WSI_CREATE, + wsi->user_space, NULL, 0); + + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CONNECT_RESPONSE, + AWAITING_TIMEOUT); + + iface = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE); + + if (iface) { + n = lws_socket_bind(wsi->vhost, wsi->desc.sockfd, 0, iface); + if (n < 0) { + cce = "unable to bind socket"; + goto failed; + } + } + } + +#ifdef LWS_WITH_IPV6 + if (wsi->ipv6) { + sa46.sa6.sin6_port = htons(port); + n = sizeof(struct sockaddr_in6); + } else +#endif + { + sa46.sa4.sin_port = htons(port); + n = sizeof(struct sockaddr); + } + + if (connect(wsi->desc.sockfd, (const struct sockaddr *)&sa46, n) == -1 || + LWS_ERRNO == LWS_EISCONN) { + if (LWS_ERRNO == LWS_EALREADY || + LWS_ERRNO == LWS_EINPROGRESS || + LWS_ERRNO == LWS_EWOULDBLOCK +#ifdef _WIN32 + || LWS_ERRNO == WSAEINVAL +#endif + ) { + lwsl_client("nonblocking connect retry (errno = %d)\n", + LWS_ERRNO); + + if (lws_plat_check_connection_error(wsi)) { + cce = "socket connect failed"; + goto failed; + } + + /* + * must do specifically a POLLOUT poll to hear + * about the connect completion + */ + if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) { + cce = "POLLOUT set failed"; + goto failed; + } + + return wsi; + } + + if (LWS_ERRNO != LWS_EISCONN) { + lwsl_notice("Connect failed errno=%d\n", LWS_ERRNO); + cce = "connect failed"; + goto failed; + } + } + + lwsl_client("connected\n"); + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + /* we are connected to server, or proxy */ + + /* http proxy */ + if (wsi->vhost->http.http_proxy_port) { + + /* + * OK from now on we talk via the proxy, so connect to that + * + * (will overwrite existing pointer, + * leaving old string/frag there but unreferenced) + */ + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, + wsi->vhost->http.http_proxy_address)) + goto failed; + wsi->c_port = wsi->vhost->http.http_proxy_port; + + n = send(wsi->desc.sockfd, (char *)pt->serv_buf, (int)plen, + MSG_NOSIGNAL); + if (n < 0) { + lwsl_debug("ERROR writing to proxy socket\n"); + cce = "proxy write failed"; + goto failed; + } + + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_PROXY_RESPONSE, + AWAITING_TIMEOUT); + + lwsi_set_state(wsi, LRS_WAITING_PROXY_REPLY); + + return wsi; + } +#endif +#if defined(LWS_WITH_SOCKS5) + /* socks proxy */ + else if (wsi->vhost->socks_proxy_port) { + n = send(wsi->desc.sockfd, (char *)pt->serv_buf, plen, + MSG_NOSIGNAL); + if (n < 0) { + lwsl_debug("ERROR writing socks greeting\n"); + cce = "socks write failed"; + goto failed; + } + + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY, + AWAITING_TIMEOUT); + + lwsi_set_state(wsi, LRS_WAITING_SOCKS_GREETING_REPLY); + + return wsi; + } +#endif +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) +send_hs: + + if (wsi_piggyback && + !lws_dll_is_null(&wsi->dll_client_transaction_queue)) { + /* + * We are pipelining on an already-established connection... + * we can skip tls establishment. + */ + + lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); + + /* + * we can't send our headers directly, because they have to + * be sent when the parent is writeable. The parent will check + * for anybody on his client transaction queue that is in + * LRS_H1C_ISSUE_HANDSHAKE2, and let them write. + * + * If we are trying to do this too early, before the master + * connection has written his own headers, then it will just + * wait in the queue until it's possible to send them. + */ + lws_callback_on_writable(wsi_piggyback); + lwsl_info("%s: wsi %p: waiting to send headers (parent state %x)\n", + __func__, wsi, lwsi_state(wsi_piggyback)); + } else { + lwsl_info("%s: wsi %p: client creating own connection\n", + __func__, wsi); + + /* we are making our own connection */ + lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE); + + /* + * provoke service to issue the handshake directly. + * + * we need to do it this way because in the proxy case, this is + * the next state and executed only if and when we get a good + * proxy response inside the state machine... but notice in + * SSL case this may not have sent anything yet with 0 return, + * and won't until many retries from main loop. To stop that + * becoming endless, cover with a timeout. + */ + + lws_set_timeout(wsi, PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE, + AWAITING_TIMEOUT); + + pfd.fd = wsi->desc.sockfd; + pfd.events = LWS_POLLIN; + pfd.revents = LWS_POLLIN; + + n = lws_service_fd(context, &pfd); + if (n < 0) { + cce = "first service failed"; + goto failed; + } + if (n) /* returns 1 on failure after closing wsi */ + return NULL; + } +#endif + return wsi; + +oom4: + if (lwsi_role_client(wsi) && lwsi_state_est(wsi)) { + wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_CONNECTION_ERROR, + wsi->user_space, (void *)cce, strlen(cce)); + wsi->already_did_cce = 1; + } + /* take care that we might be inserted in fds already */ + if (wsi->position_in_fds_table != LWS_NO_FDS_POS) + goto failed1; + lws_remove_from_timeout_list(wsi); +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + lws_header_table_detach(wsi, 0); +#endif + lws_client_stash_destroy(wsi); + lws_free_set_NULL(wsi->client_hostname_copy); + lws_free(wsi); + + return NULL; + +failed: + wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_CONNECTION_ERROR, + wsi->user_space, (void *)cce, strlen(cce)); + wsi->already_did_cce = 1; +failed1: + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "client_connect2"); + + return NULL; +} + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + +/** + * lws_client_reset() - retarget a connected wsi to start over with a new connection (ie, redirect) + * this only works if still in HTTP, ie, not upgraded yet + * wsi: connection to reset + * address: network address of the new server + * port: port to connect to + * path: uri path to connect to on the new server + * host: host header to send to the new server + */ +LWS_VISIBLE struct lws * +lws_client_reset(struct lws **pwsi, int ssl, const char *address, int port, + const char *path, const char *host) +{ + char origin[300] = "", protocol[300] = "", method[32] = "", + iface[16] = "", alpn[32] = "", *p; + struct lws *wsi = *pwsi; + + if (wsi->redirects == 3) { + lwsl_err("%s: Too many redirects\n", __func__); + return NULL; + } + wsi->redirects++; + + p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN); + if (p) + lws_strncpy(origin, p, sizeof(origin)); + + p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); + if (p) + lws_strncpy(protocol, p, sizeof(protocol)); + + p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); + if (p) + lws_strncpy(method, p, sizeof(method)); + + p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE); + if (p) + lws_strncpy(iface, p, sizeof(iface)); + + p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ALPN); + if (p) + lws_strncpy(alpn, p, sizeof(alpn)); + + lwsl_info("redirect ads='%s', port=%d, path='%s', ssl = %d\n", + address, port, path, ssl); + + /* close the connection by hand */ + +#if defined(LWS_WITH_TLS) + lws_ssl_close(wsi); +#endif + + __remove_wsi_socket_from_fds(wsi); + + if (wsi->context->event_loop_ops->close_handle_manually) + wsi->context->event_loop_ops->close_handle_manually(wsi); + else + compatible_close(wsi->desc.sockfd); + +#if defined(LWS_WITH_TLS) + wsi->tls.use_ssl = ssl; +#else + if (ssl) { + lwsl_err("%s: not configured for ssl\n", __func__); + return NULL; + } +#endif + + wsi->desc.sockfd = LWS_SOCK_INVALID; + lwsi_set_state(wsi, LRS_UNCONNECTED); + wsi->protocol = NULL; + wsi->pending_timeout = NO_PENDING_TIMEOUT; + wsi->c_port = port; + wsi->hdr_parsing_completed = 0; + _lws_header_table_reset(wsi->http.ah); + + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, address)) + return NULL; + + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, host)) + return NULL; + + if (origin[0]) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN, + origin)) + return NULL; + if (protocol[0]) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, + protocol)) + return NULL; + if (method[0]) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_METHOD, + method)) + return NULL; + + if (iface[0]) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_IFACE, + iface)) + return NULL; + if (alpn[0]) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ALPN, + alpn)) + return NULL; + + origin[0] = '/'; + strncpy(&origin[1], path, sizeof(origin) - 2); + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, origin)) + return NULL; + + *pwsi = lws_client_connect_2(wsi); + + return *pwsi; +} + +#ifdef LWS_WITH_HTTP_PROXY +hubbub_error +html_parser_cb(const hubbub_token *token, void *pw) +{ + struct lws_rewrite *r = (struct lws_rewrite *)pw; + char buf[1024], *start = buf + LWS_PRE, *p = start, + *end = &buf[sizeof(buf) - 1]; + size_t i; + + switch (token->type) { + case HUBBUB_TOKEN_DOCTYPE: + + p += lws_snprintf(p, end - p, "data.doctype.name.len, + token->data.doctype.name.ptr, + token->data.doctype.force_quirks ? + "(force-quirks) " : ""); + + if (token->data.doctype.public_missing) + lwsl_debug("\tpublic: missing\n"); + else + p += lws_snprintf(p, end - p, "PUBLIC \"%.*s\"\n", + (int) token->data.doctype.public_id.len, + token->data.doctype.public_id.ptr); + + if (token->data.doctype.system_missing) + lwsl_debug("\tsystem: missing\n"); + else + p += lws_snprintf(p, end - p, " \"%.*s\">\n", + (int) token->data.doctype.system_id.len, + token->data.doctype.system_id.ptr); + + break; + case HUBBUB_TOKEN_START_TAG: + p += lws_snprintf(p, end - p, "<%.*s", (int)token->data.tag.name.len, + token->data.tag.name.ptr); + +/* (token->data.tag.self_closing) ? + "(self-closing) " : "", + (token->data.tag.n_attributes > 0) ? + "attributes:" : ""); +*/ + for (i = 0; i < token->data.tag.n_attributes; i++) { + if (!hstrcmp(&token->data.tag.attributes[i].name, "href", 4) || + !hstrcmp(&token->data.tag.attributes[i].name, "action", 6) || + !hstrcmp(&token->data.tag.attributes[i].name, "src", 3)) { + const char *pp = (const char *)token->data.tag.attributes[i].value.ptr; + int plen = (int) token->data.tag.attributes[i].value.len; + + if (strncmp(pp, "http:", 5) && strncmp(pp, "https:", 6)) { + + if (!hstrcmp(&token->data.tag.attributes[i].value, + r->from, r->from_len)) { + pp += r->from_len; + plen -= r->from_len; + } + p += lws_snprintf(p, end - p, " %.*s=\"%s/%.*s\"", + (int) token->data.tag.attributes[i].name.len, + token->data.tag.attributes[i].name.ptr, + r->to, plen, pp); + continue; + } + } + + p += lws_snprintf(p, end - p, " %.*s=\"%.*s\"", + (int) token->data.tag.attributes[i].name.len, + token->data.tag.attributes[i].name.ptr, + (int) token->data.tag.attributes[i].value.len, + token->data.tag.attributes[i].value.ptr); + } + p += lws_snprintf(p, end - p, ">"); + break; + case HUBBUB_TOKEN_END_TAG: + p += lws_snprintf(p, end - p, "data.tag.name.len, + token->data.tag.name.ptr); +/* + (token->data.tag.self_closing) ? + "(self-closing) " : "", + (token->data.tag.n_attributes > 0) ? + "attributes:" : ""); +*/ + for (i = 0; i < token->data.tag.n_attributes; i++) { + p += lws_snprintf(p, end - p, " %.*s='%.*s'\n", + (int) token->data.tag.attributes[i].name.len, + token->data.tag.attributes[i].name.ptr, + (int) token->data.tag.attributes[i].value.len, + token->data.tag.attributes[i].value.ptr); + } + p += lws_snprintf(p, end - p, ">"); + break; + case HUBBUB_TOKEN_COMMENT: + p += lws_snprintf(p, end - p, "\n", + (int) token->data.comment.len, + token->data.comment.ptr); + break; + case HUBBUB_TOKEN_CHARACTER: + if (token->data.character.len == 1) { + if (*token->data.character.ptr == '<') { + p += lws_snprintf(p, end - p, "<"); + break; + } + if (*token->data.character.ptr == '>') { + p += lws_snprintf(p, end - p, ">"); + break; + } + if (*token->data.character.ptr == '&') { + p += lws_snprintf(p, end - p, "&"); + break; + } + } + + p += lws_snprintf(p, end - p, "%.*s", (int) token->data.character.len, + token->data.character.ptr); + break; + case HUBBUB_TOKEN_EOF: + p += lws_snprintf(p, end - p, "\n"); + break; + } + + if (user_callback_handle_rxflow(r->wsi->protocol->callback, + r->wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, + r->wsi->user_space, start, p - start)) + return -1; + + return HUBBUB_OK; +} +#endif + +#endif + +char * +lws_strdup(const char *s) +{ + char *d = lws_malloc(strlen(s) + 1, "strdup"); + + if (d) + strcpy(d, s); + + return d; +} + +void +lws_client_stash_destroy(struct lws *wsi) +{ + if (!wsi || !wsi->stash) + return; + + lws_free_set_NULL(wsi->stash->address); + lws_free_set_NULL(wsi->stash->path); + lws_free_set_NULL(wsi->stash->host); + lws_free_set_NULL(wsi->stash->origin); + lws_free_set_NULL(wsi->stash->protocol); + lws_free_set_NULL(wsi->stash->method); + lws_free_set_NULL(wsi->stash->iface); + lws_free_set_NULL(wsi->stash->alpn); + + lws_free_set_NULL(wsi->stash); +} + +LWS_VISIBLE struct lws * +lws_client_connect_via_info(struct lws_client_connect_info *i) +{ + struct lws *wsi; + const struct lws_protocols *p; + const char *local = i->protocol; + + if (i->context->requested_kill) + return NULL; + + if (!i->context->protocol_init_done) + lws_protocol_init(i->context); + /* + * If we have .local_protocol_name, use it to select the + * local protocol handler to bind to. Otherwise use .protocol if + * http[s]. + */ + if (i->local_protocol_name) + local = i->local_protocol_name; + + wsi = lws_zalloc(sizeof(struct lws), "client wsi"); + if (wsi == NULL) + goto bail; + + wsi->context = i->context; +#if defined(LWS_ROLE_H1) + /* assert the mode and union status (hdr) clearly */ + lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, &role_ops_h1); +#else + lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, &role_ops_raw_skt); +#endif + wsi->desc.sockfd = LWS_SOCK_INVALID; + + /* 1) fill up the wsi with stuff from the connect_info as far as it + * can go. It's because not only is our connection async, we might + * not even be able to get ahold of an ah at this point. + */ + + if (!i->method) /* ie, ws */ +#if defined(LWS_ROLE_WS) + if (lws_create_client_ws_object(i, wsi)) + return NULL; +#else + return NULL; +#endif + + wsi->user_space = NULL; + wsi->pending_timeout = NO_PENDING_TIMEOUT; + wsi->position_in_fds_table = LWS_NO_FDS_POS; + wsi->c_port = i->port; + wsi->vhost = i->vhost; + if (!wsi->vhost) + wsi->vhost = i->context->vhost_list; + + if (!wsi->vhost) { + lwsl_err("At least one vhost in the context is required\n"); + + goto bail; + } + + wsi->protocol = &wsi->vhost->protocols[0]; + wsi->client_pipeline = !!(i->ssl_connection & LCCSCF_PIPELINE); + + /* reasonable place to start */ + lws_role_transition(wsi, LWSIFR_CLIENT, LRS_UNCONNECTED, +#if defined(LWS_ROLE_H1) + &role_ops_h1); +#else + &role_ops_raw_skt); +#endif + + /* + * 1) for http[s] connection, allow protocol selection by name + * 2) for ws[s], if local_protocol_name given also use it for + * local protocol binding... this defeats the server + * protocol negotiation if so + * + * Otherwise leave at protocols[0]... the server will tell us + * which protocol we are associated with since we can give it a + * list. + */ + if (/*(i->method || i->local_protocol_name) && */local) { + lwsl_info("binding to %s\n", local); + p = lws_vhost_name_to_protocol(wsi->vhost, local); + if (p) + wsi->protocol = p; + } + + if (wsi && !wsi->user_space && i->userdata) { + wsi->user_space_externally_allocated = 1; + wsi->user_space = i->userdata; + } else + /* if we stay in http, we can assign the user space now, + * otherwise do it after the protocol negotiated + */ + if (i->method) + if (lws_ensure_user_space(wsi)) + goto bail; + +#if defined(LWS_WITH_TLS) + wsi->tls.use_ssl = i->ssl_connection; +#else + if (i->ssl_connection & LCCSCF_USE_SSL) { + lwsl_err("libwebsockets not configured for ssl\n"); + goto bail; + } +#endif + + /* 2) stash the things from connect_info that we can't process without + * an ah. Because if no ah, we will go on the ah waiting list and + * process those things later (after the connect_info and maybe the + * things pointed to have gone out of scope. + */ + + wsi->stash = lws_zalloc(sizeof(*wsi->stash), "client stash"); + if (!wsi->stash) { + lwsl_err("%s: OOM\n", __func__); + goto bail1; + } + + wsi->stash->address = lws_strdup(i->address); + wsi->stash->path = lws_strdup(i->path); + wsi->stash->host = lws_strdup(i->host); + + if (!wsi->stash->address || !wsi->stash->path || !wsi->stash->host) + goto bail1; + + if (i->origin) { + wsi->stash->origin = lws_strdup(i->origin); + if (!wsi->stash->origin) + goto bail1; + } + if (i->protocol) { + wsi->stash->protocol = lws_strdup(i->protocol); + if (!wsi->stash->protocol) + goto bail1; + } + if (i->method) { + wsi->stash->method = lws_strdup(i->method); + if (!wsi->stash->method) + goto bail1; + } + if (i->iface) { + wsi->stash->iface = lws_strdup(i->iface); + if (!wsi->stash->iface) + goto bail1; + } + /* + * For ws, default to http/1.1 only. If i->alpn is set, defer to + * whatever he has set in there (eg, "h2"). + * + * The problem is he has to commit to h2 before he can find out if the + * server has the SETTINGS for ws-over-h2 enabled; if not then ws is + * not possible on that connection. So we only try it if he + * assertively said to use h2 alpn. + */ + if (!i->method && !i->alpn) { + wsi->stash->alpn = lws_strdup("http/1.1"); + if (!wsi->stash->alpn) + goto bail1; + } else + if (i->alpn) { + wsi->stash->alpn = lws_strdup(i->alpn); + if (!wsi->stash->alpn) + goto bail1; + } + + if (i->pwsi) + *i->pwsi = wsi; + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + /* if we went on the waiting list, no probs just return the wsi + * when we get the ah, now or later, he will call + * lws_client_connect_via_info2() below. + */ + if (lws_header_table_attach(wsi, 0) < 0) { + /* + * if we failed here, the connection is already closed + * and freed. + */ + goto bail2; + } + +#endif + + if (i->parent_wsi) { + lwsl_info("%s: created child %p of parent %p\n", __func__, + wsi, i->parent_wsi); + wsi->parent = i->parent_wsi; + wsi->sibling_list = i->parent_wsi->child_list; + i->parent_wsi->child_list = wsi; + } +#ifdef LWS_WITH_HTTP_PROXY + if (i->uri_replace_to) + wsi->http.rw = lws_rewrite_create(wsi, html_parser_cb, + i->uri_replace_from, + i->uri_replace_to); +#endif + + return wsi; + +bail1: + lws_client_stash_destroy(wsi); + +bail: + lws_free(wsi); +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) +bail2: +#endif + if (i->pwsi) + *i->pwsi = NULL; + + return NULL; +} + +struct lws * +lws_client_connect_via_info2(struct lws *wsi) +{ + struct client_info_stash *stash = wsi->stash; + + if (!stash) + return wsi; + + /* + * we're not necessarily in a position to action these right away, + * stash them... we only need during connect phase so into a temp + * allocated stash + */ + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, + stash->address)) + goto bail1; + + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, stash->path)) + goto bail1; + + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, stash->host)) + goto bail1; + + if (stash->origin) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN, + stash->origin)) + goto bail1; + /* + * this is a list of protocols we tell the server we're okay with + * stash it for later when we compare server response with it + */ + if (stash->protocol) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, + stash->protocol)) + goto bail1; + if (stash->method) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_METHOD, + stash->method)) + goto bail1; + if (stash->iface) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_IFACE, + stash->iface)) + goto bail1; + if (stash->alpn) + if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ALPN, + stash->alpn)) + goto bail1; + +#if defined(LWS_WITH_SOCKS5) + if (!wsi->vhost->socks_proxy_port) + lws_client_stash_destroy(wsi); +#endif + + wsi->context->count_wsi_allocated++; + + return lws_client_connect_2(wsi); + +bail1: +#if defined(LWS_WITH_SOCKS5) + if (!wsi->vhost->socks_proxy_port) + lws_free_set_NULL(wsi->stash); +#endif + + return NULL; +} + +LWS_VISIBLE struct lws * +lws_client_connect_extended(struct lws_context *context, const char *address, + int port, int ssl_connection, const char *path, + const char *host, const char *origin, + const char *protocol, int ietf_version_or_minus_one, + void *userdata) +{ + struct lws_client_connect_info i; + + memset(&i, 0, sizeof(i)); + + i.context = context; + i.address = address; + i.port = port; + i.ssl_connection = ssl_connection; + i.path = path; + i.host = host; + i.origin = origin; + i.protocol = protocol; + i.ietf_version_or_minus_one = ietf_version_or_minus_one; + i.userdata = userdata; + + return lws_client_connect_via_info(&i); +} + +LWS_VISIBLE struct lws * +lws_client_connect(struct lws_context *context, const char *address, + int port, int ssl_connection, const char *path, + const char *host, const char *origin, + const char *protocol, int ietf_version_or_minus_one) +{ + struct lws_client_connect_info i; + + memset(&i, 0, sizeof(i)); + + i.context = context; + i.address = address; + i.port = port; + i.ssl_connection = ssl_connection; + i.path = path; + i.host = host; + i.origin = origin; + i.protocol = protocol; + i.ietf_version_or_minus_one = ietf_version_or_minus_one; + i.userdata = NULL; + + return lws_client_connect_via_info(&i); +} + +#if defined(LWS_WITH_SOCKS5) +void socks_generate_msg(struct lws *wsi, enum socks_msg_type type, + ssize_t *msg_len) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + ssize_t len = 0, n, passwd_len; + short net_num; + char *p; + + switch (type) { + case SOCKS_MSG_GREETING: + /* socks version, version 5 only */ + pt->serv_buf[len++] = SOCKS_VERSION_5; + /* number of methods */ + pt->serv_buf[len++] = 2; + /* username password method */ + pt->serv_buf[len++] = SOCKS_AUTH_USERNAME_PASSWORD; + /* no authentication method */ + pt->serv_buf[len++] = SOCKS_AUTH_NO_AUTH; + break; + + case SOCKS_MSG_USERNAME_PASSWORD: + n = strlen(wsi->vhost->socks_user); + passwd_len = strlen(wsi->vhost->socks_password); + + /* the subnegotiation version */ + pt->serv_buf[len++] = SOCKS_SUBNEGOTIATION_VERSION_1; + /* length of the user name */ + pt->serv_buf[len++] = n; + /* user name */ + lws_strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_user, + context->pt_serv_buf_size - len + 1); + len += n; + /* length of the password */ + pt->serv_buf[len++] = passwd_len; + /* password */ + lws_strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_password, + context->pt_serv_buf_size - len + 1); + len += passwd_len; + break; + + case SOCKS_MSG_CONNECT: + p = (char*)&net_num; + + /* socks version */ + pt->serv_buf[len++] = SOCKS_VERSION_5; + /* socks command */ + pt->serv_buf[len++] = SOCKS_COMMAND_CONNECT; + /* reserved */ + pt->serv_buf[len++] = 0; + /* address type */ + pt->serv_buf[len++] = SOCKS_ATYP_DOMAINNAME; + /* skip length, we fill it in at the end */ + n = len++; + + /* the address we tell SOCKS proxy to connect to */ + lws_strncpy((char *)&(pt->serv_buf[len]), wsi->stash->address, + context->pt_serv_buf_size - len + 1); + len += strlen(wsi->stash->address); + net_num = htons(wsi->c_port); + + /* the port we tell SOCKS proxy to connect to */ + pt->serv_buf[len++] = p[0]; + pt->serv_buf[len++] = p[1]; + + /* the length of the address, excluding port */ + pt->serv_buf[n] = strlen(wsi->stash->address); + break; + + default: + return; + } + + *msg_len = len; +} +#endif diff --git a/thirdparty/libwebsockets/roles/http/client/client.c b/thirdparty/libwebsockets/roles/http/client/client.c new file mode 100644 index 0000000000..5645fa2b7a --- /dev/null +++ b/thirdparty/libwebsockets/roles/http/client/client.c @@ -0,0 +1,1243 @@ +/* + * libwebsockets - lib/client/client.c + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +LWS_VISIBLE LWS_EXTERN void +lws_client_http_body_pending(struct lws *wsi, int something_left_to_send) +{ + wsi->client_http_body_pending = !!something_left_to_send; +} + +/* + * return self, or queued client wsi we are acting on behalf of + * + * That is the TAIL of the queue (new queue elements are added at the HEAD) + */ + +struct lws * +lws_client_wsi_effective(struct lws *wsi) +{ + struct lws_dll_lws *tail = NULL; + + if (!wsi->transaction_from_pipeline_queue || + !wsi->dll_client_transaction_queue_head.next) + return wsi; + + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + wsi->dll_client_transaction_queue_head.next) { + tail = d; + } lws_end_foreach_dll_safe(d, d1); + + return lws_container_of(tail, struct lws, + dll_client_transaction_queue); +} + +/* + * return self or the guy we are queued under + * + * REQUIRES VHOST LOCK HELD + */ + +static struct lws * +_lws_client_wsi_master(struct lws *wsi) +{ + struct lws *wsi_eff = wsi; + struct lws_dll_lws *d; + + d = wsi->dll_client_transaction_queue.prev; + while (d) { + wsi_eff = lws_container_of(d, struct lws, + dll_client_transaction_queue_head); + + d = d->prev; + } + + return wsi_eff; +} + +int +lws_client_socket_service(struct lws *wsi, struct lws_pollfd *pollfd, + struct lws *wsi_conn) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + char *p = (char *)&pt->serv_buf[0]; + struct lws *w; +#if defined(LWS_WITH_TLS) + char ebuf[128]; +#endif + const char *cce = NULL; +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + ssize_t len = 0; + unsigned char c; +#endif + char *sb = p; + int n = 0; +#if defined(LWS_WITH_SOCKS5) + int conn_mode = 0, pending_timeout = 0; +#endif + + if ((pollfd->revents & LWS_POLLOUT) && + wsi->keepalive_active && + wsi->dll_client_transaction_queue_head.next) { + struct lws *wfound = NULL; + + lwsl_debug("%s: pollout HANDSHAKE2\n", __func__); + + /* + * We have a transaction queued that wants to pipeline. + * + * We have to allow it to send headers strictly in the order + * that it was queued, ie, tail-first. + */ + lws_vhost_lock(wsi->vhost); + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + wsi->dll_client_transaction_queue_head.next) { + struct lws *w = lws_container_of(d, struct lws, + dll_client_transaction_queue); + + lwsl_debug("%s: %p states 0x%x\n", __func__, w, w->wsistate); + if (lwsi_state(w) == LRS_H1C_ISSUE_HANDSHAKE2) + wfound = w; + } lws_end_foreach_dll_safe(d, d1); + + if (wfound) { + /* + * pollfd has the master sockfd in it... we + * need to use that in HANDSHAKE2 to understand + * which wsi to actually write on + */ + lws_client_socket_service(wfound, pollfd, wsi); + lws_callback_on_writable(wsi); + } else + lwsl_debug("%s: didn't find anything in txn q in HS2\n", + __func__); + + lws_vhost_unlock(wsi->vhost); + + return 0; + } + + switch (lwsi_state(wsi)) { + + case LRS_WAITING_CONNECT: + + /* + * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE + * timeout protection set in client-handshake.c + */ + + if (!lws_client_connect_2(wsi)) { + /* closed */ + lwsl_client("closed\n"); + return -1; + } + + /* either still pending connection, or changed mode */ + return 0; + +#if defined(LWS_WITH_SOCKS5) + /* SOCKS Greeting Reply */ + case LRS_WAITING_SOCKS_GREETING_REPLY: + case LRS_WAITING_SOCKS_AUTH_REPLY: + case LRS_WAITING_SOCKS_CONNECT_REPLY: + + /* handle proxy hung up on us */ + + if (pollfd->revents & LWS_POLLHUP) { + lwsl_warn("SOCKS connection %p (fd=%d) dead\n", + (void *)wsi, pollfd->fd); + goto bail3; + } + + n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0); + if (n < 0) { + if (LWS_ERRNO == LWS_EAGAIN) { + lwsl_debug("SOCKS read EAGAIN, retrying\n"); + return 0; + } + lwsl_err("ERROR reading from SOCKS socket\n"); + goto bail3; + } + + switch (lwsi_state(wsi)) { + + case LRS_WAITING_SOCKS_GREETING_REPLY: + if (pt->serv_buf[0] != SOCKS_VERSION_5) + goto socks_reply_fail; + + if (pt->serv_buf[1] == SOCKS_AUTH_NO_AUTH) { + lwsl_client("SOCKS GR: No Auth Method\n"); + socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len); + conn_mode = LRS_WAITING_SOCKS_CONNECT_REPLY; + pending_timeout = + PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY; + goto socks_send; + } + + if (pt->serv_buf[1] == SOCKS_AUTH_USERNAME_PASSWORD) { + lwsl_client("SOCKS GR: User/Pw Method\n"); + socks_generate_msg(wsi, + SOCKS_MSG_USERNAME_PASSWORD, + &len); + conn_mode = LRS_WAITING_SOCKS_AUTH_REPLY; + pending_timeout = + PENDING_TIMEOUT_AWAITING_SOCKS_AUTH_REPLY; + goto socks_send; + } + goto socks_reply_fail; + + case LRS_WAITING_SOCKS_AUTH_REPLY: + if (pt->serv_buf[0] != SOCKS_SUBNEGOTIATION_VERSION_1 || + pt->serv_buf[1] != SOCKS_SUBNEGOTIATION_STATUS_SUCCESS) + goto socks_reply_fail; + + lwsl_client("SOCKS password OK, sending connect\n"); + socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len); + conn_mode = LRS_WAITING_SOCKS_CONNECT_REPLY; + pending_timeout = + PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY; +socks_send: + n = send(wsi->desc.sockfd, (char *)pt->serv_buf, len, + MSG_NOSIGNAL); + if (n < 0) { + lwsl_debug("ERROR writing to socks proxy\n"); + goto bail3; + } + + lws_set_timeout(wsi, pending_timeout, AWAITING_TIMEOUT); + lwsi_set_state(wsi, conn_mode); + break; + +socks_reply_fail: + lwsl_notice("socks reply: v%d, err %d\n", + pt->serv_buf[0], pt->serv_buf[1]); + goto bail3; + + case LRS_WAITING_SOCKS_CONNECT_REPLY: + if (pt->serv_buf[0] != SOCKS_VERSION_5 || + pt->serv_buf[1] != SOCKS_REQUEST_REPLY_SUCCESS) + goto socks_reply_fail; + + lwsl_client("socks connect OK\n"); + + /* free stash since we are done with it */ + lws_client_stash_destroy(wsi); + if (lws_hdr_simple_create(wsi, + _WSI_TOKEN_CLIENT_PEER_ADDRESS, + wsi->vhost->socks_proxy_address)) + goto bail3; + + wsi->c_port = wsi->vhost->socks_proxy_port; + + /* clear his proxy connection timeout */ + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + goto start_ws_handshake; + default: + break; + } + break; +#endif + + case LRS_WAITING_PROXY_REPLY: + + /* handle proxy hung up on us */ + + if (pollfd->revents & LWS_POLLHUP) { + + lwsl_warn("Proxy connection %p (fd=%d) dead\n", + (void *)wsi, pollfd->fd); + + goto bail3; + } + + n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0); + if (n < 0) { + if (LWS_ERRNO == LWS_EAGAIN) { + lwsl_debug("Proxy read EAGAIN... retrying\n"); + return 0; + } + lwsl_err("ERROR reading from proxy socket\n"); + goto bail3; + } + + pt->serv_buf[13] = '\0'; + if (strcmp(sb, "HTTP/1.0 200 ") && + strcmp(sb, "HTTP/1.1 200 ")) { + lwsl_err("ERROR proxy: %s\n", sb); + goto bail3; + } + + /* clear his proxy connection timeout */ + + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + + /* fallthru */ + + case LRS_H1C_ISSUE_HANDSHAKE: + + /* + * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE + * timeout protection set in client-handshake.c + * + * take care of our lws_callback_on_writable + * happening at a time when there's no real connection yet + */ +#if defined(LWS_WITH_SOCKS5) +start_ws_handshake: +#endif + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) + return -1; + +#if defined(LWS_WITH_TLS) + /* we can retry this... just cook the SSL BIO the first time */ + + if ((wsi->tls.use_ssl & LCCSCF_USE_SSL) && !wsi->tls.ssl && + lws_ssl_client_bio_create(wsi) < 0) { + cce = "bio_create failed"; + goto bail3; + } + + if (wsi->tls.use_ssl & LCCSCF_USE_SSL) { + n = lws_ssl_client_connect1(wsi); + if (!n) + return 0; + if (n < 0) { + cce = "lws_ssl_client_connect1 failed"; + goto bail3; + } + } else + wsi->tls.ssl = NULL; + + /* fallthru */ + + case LRS_WAITING_SSL: + + if (wsi->tls.use_ssl & LCCSCF_USE_SSL) { + n = lws_ssl_client_connect2(wsi, ebuf, sizeof(ebuf)); + if (!n) + return 0; + if (n < 0) { + cce = ebuf; + goto bail3; + } + } else + wsi->tls.ssl = NULL; +#endif +#if defined (LWS_WITH_HTTP2) + if (wsi->client_h2_alpn) { + /* + * We connected to the server and set up tls, and + * negotiated "h2". + * + * So this is it, we are an h2 master client connection + * now, not an h1 client connection. + */ + lws_tls_server_conn_alpn(wsi); + + /* send the H2 preface to legitimize the connection */ + if (lws_h2_issue_preface(wsi)) { + cce = "error sending h2 preface"; + goto bail3; + } + + break; + } +#endif + lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND, + context->timeout_secs); + + /* fallthru */ + + case LRS_H1C_ISSUE_HANDSHAKE2: + p = lws_generate_client_handshake(wsi, p); + if (p == NULL) { + if (wsi->role_ops == &role_ops_raw_skt || + wsi->role_ops == &role_ops_raw_file) + return 0; + + lwsl_err("Failed to generate handshake for client\n"); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "chs"); + return 0; + } + + /* send our request to the server */ + lws_latency_pre(context, wsi); + + w = _lws_client_wsi_master(wsi); + lwsl_info("%s: HANDSHAKE2: %p: sending headers on %p (wsistate 0x%x 0x%x)\n", + __func__, wsi, w, wsi->wsistate, w->wsistate); + + n = lws_ssl_capable_write(w, (unsigned char *)sb, (int)(p - sb)); + lws_latency(context, wsi, "send lws_issue_raw", n, + n == p - sb); + switch (n) { + case LWS_SSL_CAPABLE_ERROR: + lwsl_debug("ERROR writing to client socket\n"); + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cws"); + return 0; + case LWS_SSL_CAPABLE_MORE_SERVICE: + lws_callback_on_writable(wsi); + break; + } + + if (wsi->client_http_body_pending) { + lwsi_set_state(wsi, LRS_ISSUE_HTTP_BODY); + lws_set_timeout(wsi, + PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, + context->timeout_secs); + /* user code must ask for writable callback */ + break; + } + + lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); + wsi->hdr_parsing_completed = 0; + + if (lwsi_state(w) == LRS_IDLING) { + lwsi_set_state(w, LRS_WAITING_SERVER_REPLY); + w->hdr_parsing_completed = 0; +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + w->http.ah->parser_state = WSI_TOKEN_NAME_PART; + w->http.ah->lextable_pos = 0; + /* If we're (re)starting on headers, need other implied init */ + wsi->http.ah->ues = URIES_IDLE; +#endif + } + + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, + wsi->context->timeout_secs); + + lws_callback_on_writable(w); + + goto client_http_body_sent; + + case LRS_ISSUE_HTTP_BODY: + if (wsi->client_http_body_pending) { + //lws_set_timeout(wsi, + // PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, + // context->timeout_secs); + /* user code must ask for writable callback */ + break; + } +client_http_body_sent: +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + /* prepare ourselves to do the parsing */ + wsi->http.ah->parser_state = WSI_TOKEN_NAME_PART; + wsi->http.ah->lextable_pos = 0; +#endif + lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, + context->timeout_secs); + break; + + case LRS_WAITING_SERVER_REPLY: + /* + * handle server hanging up on us... + * but if there is POLLIN waiting, handle that first + */ + if ((pollfd->revents & (LWS_POLLIN | LWS_POLLHUP)) == + LWS_POLLHUP) { + + lwsl_debug("Server connection %p (fd=%d) dead\n", + (void *)wsi, pollfd->fd); + cce = "Peer hung up"; + goto bail3; + } + + if (!(pollfd->revents & LWS_POLLIN)) + break; + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + /* interpret the server response + * + * HTTP/1.1 101 Switching Protocols + * Upgrade: websocket + * Connection: Upgrade + * Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo= + * Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC== + * Sec-WebSocket-Protocol: chat + * + * we have to take some care here to only take from the + * socket bytewise. The browser may (and has been seen to + * in the case that onopen() performs websocket traffic) + * coalesce both handshake response and websocket traffic + * in one packet, since at that point the connection is + * definitively ready from browser pov. + */ + len = 1; + while (wsi->http.ah->parser_state != WSI_PARSING_COMPLETE && + len > 0) { + int plen = 1; + + n = lws_ssl_capable_read(wsi, &c, 1); + lws_latency(context, wsi, "send lws_issue_raw", n, + n == 1); + switch (n) { + case 0: + case LWS_SSL_CAPABLE_ERROR: + cce = "read failed"; + goto bail3; + case LWS_SSL_CAPABLE_MORE_SERVICE: + return 0; + } + + if (lws_parse(wsi, &c, &plen)) { + lwsl_warn("problems parsing header\n"); + goto bail3; + } + } + + /* + * hs may also be coming in multiple packets, there is a 5-sec + * libwebsocket timeout still active here too, so if parsing did + * not complete just wait for next packet coming in this state + */ + if (wsi->http.ah->parser_state != WSI_PARSING_COMPLETE) + break; + +#endif + + /* + * otherwise deal with the handshake. If there's any + * packet traffic already arrived we'll trigger poll() again + * right away and deal with it that way + */ + return lws_client_interpret_server_handshake(wsi); + +bail3: + lwsl_info("closing conn at LWS_CONNMODE...SERVER_REPLY\n"); + if (cce) + lwsl_info("reason: %s\n", cce); + wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_CONNECTION_ERROR, + wsi->user_space, (void *)cce, cce ? strlen(cce) : 0); + wsi->already_did_cce = 1; + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cbail3"); + return -1; + + default: + break; + } + + return 0; +} + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + +int LWS_WARN_UNUSED_RESULT +lws_http_transaction_completed_client(struct lws *wsi) +{ + struct lws *wsi_eff = lws_client_wsi_effective(wsi); + + lwsl_info("%s: wsi: %p, wsi_eff: %p\n", __func__, wsi, wsi_eff); + + if (user_callback_handle_rxflow(wsi_eff->protocol->callback, + wsi_eff, LWS_CALLBACK_COMPLETED_CLIENT_HTTP, + wsi_eff->user_space, NULL, 0)) { + lwsl_debug("%s: Completed call returned nonzero (role 0x%x)\n", + __func__, lwsi_role(wsi_eff)); + return -1; + } + + /* + * Are we constitutionally capable of having a queue, ie, we are on + * the "active client connections" list? + * + * If not, that's it for us. + */ + + if (lws_dll_is_null(&wsi->dll_active_client_conns)) + return -1; + + /* if this was a queued guy, close him and remove from queue */ + + if (wsi->transaction_from_pipeline_queue) { + lwsl_debug("closing queued wsi %p\n", wsi_eff); + /* so the close doesn't trigger a CCE */ + wsi_eff->already_did_cce = 1; + __lws_close_free_wsi(wsi_eff, + LWS_CLOSE_STATUS_CLIENT_TRANSACTION_DONE, + "queued client done"); + } + + _lws_header_table_reset(wsi->http.ah); + + /* after the first one, they can only be coming from the queue */ + wsi->transaction_from_pipeline_queue = 1; + + wsi->http.rx_content_length = 0; + wsi->hdr_parsing_completed = 0; + + /* is there a new tail after removing that one? */ + wsi_eff = lws_client_wsi_effective(wsi); + + /* + * Do we have something pipelined waiting? + * it's OK if he hasn't managed to send his headers yet... he's next + * in line to do that... + */ + if (wsi_eff == wsi) { + /* + * Nothing pipelined... we should hang around a bit + * in case something turns up... + */ + lwsl_info("%s: nothing pipelined waiting\n", __func__); + lwsi_set_state(wsi, LRS_IDLING); + + lws_set_timeout(wsi, PENDING_TIMEOUT_CLIENT_CONN_IDLE, 5); + + return 0; + } + + /* + * H1: we can serialize the queued guys into the same ah + * H2: everybody needs their own ah until their own STREAM_END + */ + + /* otherwise set ourselves up ready to go again */ + lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); + + wsi->http.ah->parser_state = WSI_TOKEN_NAME_PART; + wsi->http.ah->lextable_pos = 0; + + lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, + wsi->context->timeout_secs); + + /* If we're (re)starting on headers, need other implied init */ + wsi->http.ah->ues = URIES_IDLE; + + lwsl_info("%s: %p: new queued transaction as %p\n", __func__, wsi, wsi_eff); + lws_callback_on_writable(wsi); + + return 0; +} + +LWS_VISIBLE LWS_EXTERN unsigned int +lws_http_client_http_response(struct lws *_wsi) +{ + struct lws *wsi; + unsigned int resp; + + if (_wsi->http.ah && _wsi->http.ah->http_response) + return _wsi->http.ah->http_response; + + lws_vhost_lock(_wsi->vhost); + wsi = _lws_client_wsi_master(_wsi); + resp = wsi->http.ah->http_response; + lws_vhost_unlock(_wsi->vhost); + + return resp; +} +#endif +#if defined(LWS_PLAT_OPTEE) +char * +strrchr(const char *s, int c) +{ + char *hit = NULL; + + while (*s) + if (*(s++) == (char)c) + hit = (char *)s - 1; + + return hit; +} + +#define atoll atoi +#endif + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) +int +lws_client_interpret_server_handshake(struct lws *wsi) +{ + int n, port = 0, ssl = 0; + int close_reason = LWS_CLOSE_STATUS_PROTOCOL_ERR; + const char *prot, *ads = NULL, *path, *cce = NULL; + struct allocated_headers *ah = NULL; + struct lws *w = lws_client_wsi_effective(wsi); + char *p, *q; + char new_path[300]; + + lws_client_stash_destroy(wsi); + + ah = wsi->http.ah; + if (!wsi->do_ws) { + /* we are being an http client... + */ +#if defined(LWS_ROLE_H2) + if (wsi->client_h2_alpn || wsi->client_h2_substream) { + lwsl_debug("%s: %p: transitioning to h2 client\n", __func__, wsi); + lws_role_transition(wsi, LWSIFR_CLIENT, + LRS_ESTABLISHED, &role_ops_h2); + } else +#endif + { +#if defined(LWS_ROLE_H1) + { + lwsl_debug("%s: %p: transitioning to h1 client\n", __func__, wsi); + lws_role_transition(wsi, LWSIFR_CLIENT, + LRS_ESTABLISHED, &role_ops_h1); + } +#else + return -1; +#endif + } + + wsi->http.ah = ah; + ah->http_response = 0; + } + + /* + * well, what the server sent looked reasonable for syntax. + * Now let's confirm it sent all the necessary headers + * + * http (non-ws) client will expect something like this + * + * HTTP/1.0.200 + * server:.libwebsockets + * content-type:.text/html + * content-length:.17703 + * set-cookie:.test=LWS_1456736240_336776_COOKIE;Max-Age=360000 + */ + + wsi->http.connection_type = HTTP_CONNECTION_KEEP_ALIVE; + if (!wsi->client_h2_substream) { + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP); + if (wsi->do_ws && !p) { + lwsl_info("no URI\n"); + cce = "HS: URI missing"; + goto bail3; + } + if (!p) { + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP1_0); + wsi->http.connection_type = HTTP_CONNECTION_CLOSE; + } + if (!p) { + cce = "HS: URI missing"; + lwsl_info("no URI\n"); + goto bail3; + } + } else { + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_STATUS); + if (!p) { + cce = "HS: :status missing"; + lwsl_info("no status\n"); + goto bail3; + } + } + n = atoi(p); + if (ah) + ah->http_response = n; + + if (n == 301 || n == 302 || n == 303 || n == 307 || n == 308) { + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_LOCATION); + if (!p) { + cce = "HS: Redirect code but no Location"; + goto bail3; + } + + /* Relative reference absolute path */ + if (p[0] == '/') { +#if defined(LWS_WITH_TLS) + ssl = wsi->tls.use_ssl & LCCSCF_USE_SSL; +#endif + ads = lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_PEER_ADDRESS); + port = wsi->c_port; + /* +1 as lws_client_reset expects leading / omitted */ + path = p + 1; + } + /* Absolute (Full) URI */ + else if (strchr(p, ':')) { + if (lws_parse_uri(p, &prot, &ads, &port, &path)) { + cce = "HS: URI did not parse"; + goto bail3; + } + + if (!strcmp(prot, "wss") || !strcmp(prot, "https")) + ssl = 1; + } + /* Relative reference relative path */ + else { + /* This doesn't try to calculate an absolute path, + * that will be left to the server */ +#if defined(LWS_WITH_TLS) + ssl = wsi->tls.use_ssl & LCCSCF_USE_SSL; +#endif + ads = lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_PEER_ADDRESS); + port = wsi->c_port; + /* +1 as lws_client_reset expects leading / omitted */ + path = new_path + 1; + lws_strncpy(new_path, lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_URI), sizeof(new_path)); + q = strrchr(new_path, '/'); + if (q) + lws_strncpy(q + 1, p, sizeof(new_path) - + (q - new_path) - 1); + else + path = p; + } + +#if defined(LWS_WITH_TLS) + if ((wsi->tls.use_ssl & LCCSCF_USE_SSL) && !ssl) { + cce = "HS: Redirect attempted SSL downgrade"; + goto bail3; + } +#endif + + if (!lws_client_reset(&wsi, ssl, ads, port, path, ads)) { + /* there are two ways to fail out with NULL return... + * simple, early problem where the wsi is intact, or + * we went through with the reconnect attempt and the + * wsi is already closed. In the latter case, the wsi + * has beet set to NULL additionally. + */ + lwsl_err("Redirect failed\n"); + cce = "HS: Redirect failed"; + if (wsi) + goto bail3; + + return 1; + } + return 0; + } + + if (!wsi->do_ws) { + + /* if h1 KA is allowed, enable the queued pipeline guys */ + + if (!wsi->client_h2_alpn && !wsi->client_h2_substream && w == wsi) { /* ie, coming to this for the first time */ + if (wsi->http.connection_type == HTTP_CONNECTION_KEEP_ALIVE) + wsi->keepalive_active = 1; + else { + /* + * Ugh... now the main http connection has seen + * both sides, we learn the server doesn't + * support keepalive. + * + * That means any guys queued on us are going + * to have to be restarted from connect2 with + * their own connections. + */ + + /* + * stick around telling any new guys they can't + * pipeline to this server + */ + wsi->keepalive_rejected = 1; + + lws_vhost_lock(wsi->vhost); + lws_start_foreach_dll_safe(struct lws_dll_lws *, d, d1, + wsi->dll_client_transaction_queue_head.next) { + struct lws *ww = lws_container_of(d, struct lws, + dll_client_transaction_queue); + + /* remove him from our queue */ + lws_dll_lws_remove(&ww->dll_client_transaction_queue); + /* give up on pipelining */ + ww->client_pipeline = 0; + + /* go back to "trying to connect" state */ + lws_role_transition(ww, LWSIFR_CLIENT, + LRS_UNCONNECTED, +#if defined(LWS_ROLE_H1) + &role_ops_h1); +#else +#if defined (LWS_ROLE_H2) + &role_ops_h2); +#else + &role_ops_raw); +#endif +#endif + ww->user_space = NULL; + } lws_end_foreach_dll_safe(d, d1); + lws_vhost_unlock(wsi->vhost); + } + } + +#ifdef LWS_WITH_HTTP_PROXY + wsi->http.perform_rewrite = 0; + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE)) { + if (!strncmp(lws_hdr_simple_ptr(wsi, + WSI_TOKEN_HTTP_CONTENT_TYPE), + "text/html", 9)) + wsi->http.perform_rewrite = 1; + } +#endif + + /* allocate the per-connection user memory (if any) */ + if (lws_ensure_user_space(wsi)) { + lwsl_err("Problem allocating wsi user mem\n"); + cce = "HS: OOM"; + goto bail2; + } + + /* he may choose to send us stuff in chunked transfer-coding */ + wsi->chunked = 0; + wsi->chunk_remaining = 0; /* ie, next thing is chunk size */ + if (lws_hdr_total_length(wsi, + WSI_TOKEN_HTTP_TRANSFER_ENCODING)) { + wsi->chunked = !strcmp(lws_hdr_simple_ptr(wsi, + WSI_TOKEN_HTTP_TRANSFER_ENCODING), + "chunked"); + /* first thing is hex, after payload there is crlf */ + wsi->chunk_parser = ELCP_HEX; + } + + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { + wsi->http.rx_content_length = + atoll(lws_hdr_simple_ptr(wsi, + WSI_TOKEN_HTTP_CONTENT_LENGTH)); + lwsl_info("%s: incoming content length %llu\n", + __func__, (unsigned long long) + wsi->http.rx_content_length); + wsi->http.rx_content_remain = + wsi->http.rx_content_length; + } else /* can't do 1.1 without a content length or chunked */ + if (!wsi->chunked) + wsi->http.connection_type = + HTTP_CONNECTION_CLOSE; + + /* + * we seem to be good to go, give client last chance to check + * headers and OK it + */ + if (w->protocol->callback(w, + LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH, + w->user_space, NULL, 0)) { + + cce = "HS: disallowed by client filter"; + goto bail2; + } + + /* clear his proxy connection timeout */ + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + + wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; + + /* call him back to inform him he is up */ + if (w->protocol->callback(w, + LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP, + w->user_space, NULL, 0)) { + cce = "HS: disallowed at ESTABLISHED"; + goto bail3; + } + + /* + * for pipelining, master needs to keep his ah... guys who + * queued on him can drop it now though. + */ + + if (w != wsi) + /* free up parsing allocations for queued guy */ + lws_header_table_detach(w, 0); + + lwsl_info("%s: client connection up\n", __func__); + + return 0; + } + +#if defined(LWS_ROLE_WS) + switch (lws_client_ws_upgrade(wsi, &cce)) { + case 2: + goto bail2; + case 3: + goto bail3; + } + + return 0; +#endif + +bail3: + close_reason = LWS_CLOSE_STATUS_NOSTATUS; + +bail2: + if (wsi->protocol) { + n = 0; + if (cce) + n = (int)strlen(cce); + w->protocol->callback(w, + LWS_CALLBACK_CLIENT_CONNECTION_ERROR, + w->user_space, (void *)cce, + (unsigned int)n); + } + wsi->already_did_cce = 1; + + lwsl_info("closing connection due to bail2 connection error\n"); + + /* closing will free up his parsing allocations */ + lws_close_free_wsi(wsi, close_reason, "c hs interp"); + + return 1; +} +#endif + +char * +lws_generate_client_handshake(struct lws *wsi, char *pkt) +{ + char *p = pkt; + const char *meth; + const char *pp = lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); + + meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); + if (!meth) { + meth = "GET"; + wsi->do_ws = 1; + } else { + wsi->do_ws = 0; + } + + if (!strcmp(meth, "RAW")) { + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + lwsl_notice("client transition to raw\n"); + + if (pp) { + const struct lws_protocols *pr; + + pr = lws_vhost_name_to_protocol(wsi->vhost, pp); + + if (!pr) { + lwsl_err("protocol %s not enabled on vhost\n", + pp); + return NULL; + } + + lws_bind_protocol(wsi, pr); + } + + if ((wsi->protocol->callback)(wsi, LWS_CALLBACK_RAW_ADOPT, + wsi->user_space, NULL, 0)) + return NULL; + + lws_role_transition(wsi, 0, LRS_ESTABLISHED, &role_ops_raw_skt); + lws_header_table_detach(wsi, 1); + + return NULL; + } + + /* + * 04 example client handshake + * + * GET /chat HTTP/1.1 + * Host: server.example.com + * Upgrade: websocket + * Connection: Upgrade + * Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== + * Sec-WebSocket-Origin: http://example.com + * Sec-WebSocket-Protocol: chat, superchat + * Sec-WebSocket-Version: 4 + */ + + p += sprintf(p, "%s %s HTTP/1.1\x0d\x0a", meth, + lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI)); + + p += sprintf(p, "Pragma: no-cache\x0d\x0a" + "Cache-Control: no-cache\x0d\x0a"); + + p += sprintf(p, "Host: %s\x0d\x0a", + lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_HOST)); + + if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN)) { + if (lws_check_opt(wsi->context->options, + LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN)) + p += sprintf(p, "Origin: %s\x0d\x0a", + lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_ORIGIN)); + else + p += sprintf(p, "Origin: http://%s\x0d\x0a", + lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_ORIGIN)); + } +#if defined(LWS_ROLE_WS) + if (wsi->do_ws) + p = lws_generate_client_ws_handshake(wsi, p); +#endif + + /* give userland a chance to append, eg, cookies */ + + if (wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER, + wsi->user_space, &p, + (pkt + wsi->context->pt_serv_buf_size) - p - 12)) + return NULL; + + p += sprintf(p, "\x0d\x0a"); + + return p; +} + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + +LWS_VISIBLE int +lws_http_client_read(struct lws *wsi, char **buf, int *len) +{ + int rlen, n; + + rlen = lws_ssl_capable_read(wsi, (unsigned char *)*buf, *len); + *len = 0; + + // lwsl_notice("%s: rlen %d\n", __func__, rlen); + + /* allow the source to signal he has data again next time */ + lws_change_pollfd(wsi, 0, LWS_POLLIN); + + if (rlen == LWS_SSL_CAPABLE_ERROR) { + lwsl_notice("%s: SSL capable error\n", __func__); + return -1; + } + + if (rlen == 0) + return -1; + + if (rlen < 0) + return 0; + + *len = rlen; + wsi->client_rx_avail = 0; + + /* + * server may insist on transfer-encoding: chunked, + * so http client must deal with it + */ +spin_chunks: + while (wsi->chunked && (wsi->chunk_parser != ELCP_CONTENT) && *len) { + switch (wsi->chunk_parser) { + case ELCP_HEX: + if ((*buf)[0] == '\x0d') { + wsi->chunk_parser = ELCP_CR; + break; + } + n = char_to_hex((*buf)[0]); + if (n < 0) { + lwsl_debug("chunking failure\n"); + return -1; + } + wsi->chunk_remaining <<= 4; + wsi->chunk_remaining |= n; + break; + case ELCP_CR: + if ((*buf)[0] != '\x0a') { + lwsl_debug("chunking failure\n"); + return -1; + } + wsi->chunk_parser = ELCP_CONTENT; + lwsl_info("chunk %d\n", wsi->chunk_remaining); + if (wsi->chunk_remaining) + break; + lwsl_info("final chunk\n"); + goto completed; + + case ELCP_CONTENT: + break; + + case ELCP_POST_CR: + if ((*buf)[0] != '\x0d') { + lwsl_debug("chunking failure\n"); + + return -1; + } + + wsi->chunk_parser = ELCP_POST_LF; + break; + + case ELCP_POST_LF: + if ((*buf)[0] != '\x0a') + return -1; + + wsi->chunk_parser = ELCP_HEX; + wsi->chunk_remaining = 0; + break; + } + (*buf)++; + (*len)--; + } + + if (wsi->chunked && !wsi->chunk_remaining) + return 0; + + if (wsi->http.rx_content_remain && + wsi->http.rx_content_remain < (unsigned int)*len) + n = (int)wsi->http.rx_content_remain; + else + n = *len; + + if (wsi->chunked && wsi->chunk_remaining && + wsi->chunk_remaining < n) + n = wsi->chunk_remaining; + +#ifdef LWS_WITH_HTTP_PROXY + /* hubbub */ + if (wsi->http.perform_rewrite) + lws_rewrite_parse(wsi->http.rw, (unsigned char *)*buf, n); + else +#endif + { + struct lws *wsi_eff = lws_client_wsi_effective(wsi); + + if (user_callback_handle_rxflow(wsi_eff->protocol->callback, + wsi_eff, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, + wsi_eff->user_space, *buf, n)) { + lwsl_debug("%s: RECEIVE_CLIENT_HTTP_READ returned -1\n", + __func__); + + return -1; + } + } + + if (wsi->chunked && wsi->chunk_remaining) { + (*buf) += n; + wsi->chunk_remaining -= n; + *len -= n; + } + + if (wsi->chunked && !wsi->chunk_remaining) + wsi->chunk_parser = ELCP_POST_CR; + + if (wsi->chunked && *len) + goto spin_chunks; + + if (wsi->chunked) + return 0; + + /* if we know the content length, decrement the content remaining */ + if (wsi->http.rx_content_length > 0) + wsi->http.rx_content_remain -= n; + + // lwsl_notice("rx_content_remain %lld, rx_content_length %lld\n", + // wsi->http.rx_content_remain, wsi->http.rx_content_length); + + if (wsi->http.rx_content_remain || !wsi->http.rx_content_length) + return 0; + +completed: + + if (lws_http_transaction_completed_client(wsi)) { + lwsl_notice("%s: transaction completed says -1\n", __func__); + return -1; + } + + return 0; +} + +#endif diff --git a/thirdparty/libwebsockets/roles/http/header.c b/thirdparty/libwebsockets/roles/http/header.c new file mode 100644 index 0000000000..dbcf27cbd1 --- /dev/null +++ b/thirdparty/libwebsockets/roles/http/header.c @@ -0,0 +1,421 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" +#include "lextable-strings.h" + + +const unsigned char * +lws_token_to_string(enum lws_token_indexes token) +{ + if ((unsigned int)token >= LWS_ARRAY_SIZE(set)) + return NULL; + + return (unsigned char *)set[token]; +} + +int +lws_add_http_header_by_name(struct lws *wsi, const unsigned char *name, + const unsigned char *value, int length, + unsigned char **p, unsigned char *end) +{ +#ifdef LWS_WITH_HTTP2 + if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) + return lws_add_http2_header_by_name(wsi, name, + value, length, p, end); +#else + (void)wsi; +#endif + if (name) { + while (*p < end && *name) + *((*p)++) = *name++; + if (*p == end) + return 1; + *((*p)++) = ' '; + } + if (*p + length + 3 >= end) + return 1; + + memcpy(*p, value, length); + *p += length; + *((*p)++) = '\x0d'; + *((*p)++) = '\x0a'; + + return 0; +} + +int lws_finalize_http_header(struct lws *wsi, unsigned char **p, + unsigned char *end) +{ +#ifdef LWS_WITH_HTTP2 + if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) + return 0; +#else + (void)wsi; +#endif + if ((lws_intptr_t)(end - *p) < 3) + return 1; + *((*p)++) = '\x0d'; + *((*p)++) = '\x0a'; + + return 0; +} + +int +lws_finalize_write_http_header(struct lws *wsi, unsigned char *start, + unsigned char **pp, unsigned char *end) +{ + unsigned char *p; + int len; + + if (lws_finalize_http_header(wsi, pp, end)) + return 1; + + p = *pp; + len = lws_ptr_diff(p, start); + + if (lws_write(wsi, start, len, LWS_WRITE_HTTP_HEADERS) != len) + return 1; + + return 0; +} + +int +lws_add_http_header_by_token(struct lws *wsi, enum lws_token_indexes token, + const unsigned char *value, int length, + unsigned char **p, unsigned char *end) +{ + const unsigned char *name; +#ifdef LWS_WITH_HTTP2 + if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) + return lws_add_http2_header_by_token(wsi, token, value, + length, p, end); +#endif + name = lws_token_to_string(token); + if (!name) + return 1; + + return lws_add_http_header_by_name(wsi, name, value, length, p, end); +} + +int lws_add_http_header_content_length(struct lws *wsi, + lws_filepos_t content_length, + unsigned char **p, unsigned char *end) +{ + char b[24]; + int n; + + n = sprintf(b, "%llu", (unsigned long long)content_length); + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, + (unsigned char *)b, n, p, end)) + return 1; + wsi->http.tx_content_length = content_length; + wsi->http.tx_content_remain = content_length; + + lwsl_info("%s: wsi %p: tx_content_length/remain %llu\n", __func__, + wsi, (unsigned long long)content_length); + + return 0; +} + +int +lws_add_http_common_headers(struct lws *wsi, unsigned int code, + const char *content_type, lws_filepos_t content_len, + unsigned char **p, unsigned char *end) +{ + if (lws_add_http_header_status(wsi, code, p, end)) + return 1; + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, + (unsigned char *)content_type, + (int)strlen(content_type), p, end)) + return 1; + + if (content_len != LWS_ILLEGAL_HTTP_CONTENT_LEN) { + if (lws_add_http_header_content_length(wsi, content_len, p, end)) + return 1; + } else { + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_CONNECTION, + (unsigned char *)"close", 5, + p, end)) + return 1; + + wsi->http.connection_type = HTTP_CONNECTION_CLOSE; + } + + return 0; +} + +STORE_IN_ROM static const char * const err400[] = { + "Bad Request", + "Unauthorized", + "Payment Required", + "Forbidden", + "Not Found", + "Method Not Allowed", + "Not Acceptable", + "Proxy Auth Required", + "Request Timeout", + "Conflict", + "Gone", + "Length Required", + "Precondition Failed", + "Request Entity Too Large", + "Request URI too Long", + "Unsupported Media Type", + "Requested Range Not Satisfiable", + "Expectation Failed" +}; + +STORE_IN_ROM static const char * const err500[] = { + "Internal Server Error", + "Not Implemented", + "Bad Gateway", + "Service Unavailable", + "Gateway Timeout", + "HTTP Version Not Supported" +}; + +int +lws_add_http_header_status(struct lws *wsi, unsigned int _code, + unsigned char **p, unsigned char *end) +{ + STORE_IN_ROM static const char * const hver[] = { + "HTTP/1.0", "HTTP/1.1", "HTTP/2" + }; + const struct lws_protocol_vhost_options *headers; + unsigned int code = _code & LWSAHH_CODE_MASK; + const char *description = "", *p1; + unsigned char code_and_desc[60]; + int n; + +#ifdef LWS_WITH_ACCESS_LOG + wsi->http.access_log.response = code; +#endif + +#ifdef LWS_WITH_HTTP2 + if (lwsi_role_h2(wsi) || lwsi_role_h2_ENCAPSULATION(wsi)) { + n = lws_add_http2_header_status(wsi, code, p, end); + if (n) + return n; + } else +#endif + { + if (code >= 400 && code < (400 + LWS_ARRAY_SIZE(err400))) + description = err400[code - 400]; + if (code >= 500 && code < (500 + LWS_ARRAY_SIZE(err500))) + description = err500[code - 500]; + + if (code == 100) + description = "Continue"; + if (code == 200) + description = "OK"; + if (code == 304) + description = "Not Modified"; + else + if (code >= 300 && code < 400) + description = "Redirect"; + + if (wsi->http.request_version < LWS_ARRAY_SIZE(hver)) + p1 = hver[wsi->http.request_version]; + else + p1 = hver[0]; + + n = sprintf((char *)code_and_desc, "%s %u %s", p1, code, + description); + + if (lws_add_http_header_by_name(wsi, NULL, code_and_desc, n, p, + end)) + return 1; + } + headers = wsi->vhost->headers; + while (headers) { + if (lws_add_http_header_by_name(wsi, + (const unsigned char *)headers->name, + (unsigned char *)headers->value, + (int)strlen(headers->value), p, end)) + return 1; + + headers = headers->next; + } + + if (wsi->context->server_string && + !(_code & LWSAHH_FLAG_NO_SERVER_NAME)) + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_SERVER, + (unsigned char *)wsi->context->server_string, + wsi->context->server_string_len, p, end)) + return 1; + + if (wsi->vhost->options & LWS_SERVER_OPTION_STS) + if (lws_add_http_header_by_name(wsi, (unsigned char *) + "Strict-Transport-Security:", + (unsigned char *)"max-age=15768000 ; " + "includeSubDomains", 36, p, end)) + return 1; + + return 0; +} + +LWS_VISIBLE int +lws_return_http_status(struct lws *wsi, unsigned int code, + const char *html_body) +{ + struct lws_context *context = lws_get_context(wsi); + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + unsigned char *p = pt->serv_buf + LWS_PRE; + unsigned char *start = p; + unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE; + int n = 0, m = 0, len; + char slen[20]; + + if (!wsi->vhost) { + lwsl_err("%s: wsi not bound to vhost\n", __func__); + + return 1; + } +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + if (!wsi->handling_404 && + wsi->vhost->http.error_document_404 && + code == HTTP_STATUS_NOT_FOUND) + /* we should do a redirect, and do the 404 there */ + if (lws_http_redirect(wsi, HTTP_STATUS_FOUND, + (uint8_t *)wsi->vhost->http.error_document_404, + (int)strlen(wsi->vhost->http.error_document_404), + &p, end) > 0) + return 0; +#endif + + /* if the redirect failed, just do a simple status */ + p = start; + + if (!html_body) + html_body = ""; + + if (lws_add_http_header_status(wsi, code, &p, end)) + return 1; + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, + (unsigned char *)"text/html", 9, + &p, end)) + return 1; + + len = 35 + (int)strlen(html_body) + sprintf(slen, "%d", code); + n = sprintf(slen, "%d", len); + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, + (unsigned char *)slen, n, &p, end)) + return 1; + + if (lws_finalize_http_header(wsi, &p, end)) + return 1; + +#if defined(LWS_WITH_HTTP2) + if (wsi->http2_substream) { + unsigned char *body = p + 512; + + /* + * for HTTP/2, the headers must be sent separately, since they + * go out in their own frame. That puts us in a bind that + * we won't always be able to get away with two lws_write()s in + * sequence, since the first may use up the writability due to + * the pipe being choked or SSL_WANT_. + * + * However we do need to send the human-readable body, and the + * END_STREAM. + * + * Solve it by writing the headers now... + */ + m = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS); + if (m != lws_ptr_diff(p, start)) + return 1; + + /* + * ... but stash the body and send it as a priority next + * handle_POLLOUT + */ + + len = sprintf((char *)body, + "

%u

%s", + code, html_body); + wsi->http.tx_content_length = len; + wsi->http.tx_content_remain = len; + + wsi->h2.pending_status_body = lws_malloc(len + LWS_PRE + 1, + "pending status body"); + if (!wsi->h2.pending_status_body) + return -1; + + strcpy(wsi->h2.pending_status_body + LWS_PRE, + (const char *)body); + lws_callback_on_writable(wsi); + + return 0; + } else +#endif + { + /* + * for http/1, we can just append the body after the finalized + * headers and send it all in one go. + */ + p += lws_snprintf((char *)p, end - p - 1, + "

%u

%s", + code, html_body); + + n = lws_ptr_diff(p, start); + m = lws_write(wsi, start, n, LWS_WRITE_HTTP); + if (m != n) + return 1; + } + + return m != n; +} + +LWS_VISIBLE int +lws_http_redirect(struct lws *wsi, int code, const unsigned char *loc, int len, + unsigned char **p, unsigned char *end) +{ + unsigned char *start = *p; + + if (lws_add_http_header_status(wsi, code, p, end)) + return -1; + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_LOCATION, loc, len, + p, end)) + return -1; + /* + * if we're going with http/1.1 and keepalive, we have to give fake + * content metadata so the client knows we completed the transaction and + * it can do the redirect... + */ + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, + (unsigned char *)"text/html", 9, p, + end)) + return -1; + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH, + (unsigned char *)"0", 1, p, end)) + return -1; + + if (lws_finalize_http_header(wsi, p, end)) + return -1; + + return lws_write(wsi, start, *p - start, LWS_WRITE_HTTP_HEADERS | + LWS_WRITE_H2_STREAM_END); +} diff --git a/thirdparty/libwebsockets/roles/http/lextable-strings.h b/thirdparty/libwebsockets/roles/http/lextable-strings.h new file mode 100644 index 0000000000..631f5cb600 --- /dev/null +++ b/thirdparty/libwebsockets/roles/http/lextable-strings.h @@ -0,0 +1,108 @@ +/* set of parsable strings -- ALL LOWER CASE */ + +#if !defined(STORE_IN_ROM) +#define STORE_IN_ROM +#endif + +STORE_IN_ROM static const char * const set[] = { + "get ", + "post ", + "options ", + "host:", + "connection:", + "upgrade:", + "origin:", + "sec-websocket-draft:", + "\x0d\x0a", + + "sec-websocket-extensions:", + "sec-websocket-key1:", + "sec-websocket-key2:", + "sec-websocket-protocol:", + + "sec-websocket-accept:", + "sec-websocket-nonce:", + "http/1.1 ", + "http2-settings:", + + "accept:", + "access-control-request-headers:", + "if-modified-since:", + "if-none-match:", + "accept-encoding:", + "accept-language:", + "pragma:", + "cache-control:", + "authorization:", + "cookie:", + "content-length:", + "content-type:", + "date:", + "range:", + "referer:", + "sec-websocket-key:", + "sec-websocket-version:", + "sec-websocket-origin:", + + ":authority", + ":method", + ":path", + ":scheme", + ":status", + + "accept-charset:", + "accept-ranges:", + "access-control-allow-origin:", + "age:", + "allow:", + "content-disposition:", + "content-encoding:", + "content-language:", + "content-location:", + "content-range:", + "etag:", + "expect:", + "expires:", + "from:", + "if-match:", + "if-range:", + "if-unmodified-since:", + "last-modified:", + "link:", + "location:", + "max-forwards:", + "proxy-authenticate:", + "proxy-authorization:", + "refresh:", + "retry-after:", + "server:", + "set-cookie:", + "strict-transport-security:", + "transfer-encoding:", + "user-agent:", + "vary:", + "via:", + "www-authenticate:", + + "patch", + "put", + "delete", + + "uri-args", /* fake header used for uri-only storage */ + + "proxy ", + "x-real-ip:", + "http/1.0 ", + + "x-forwarded-for", + "connect ", + "head ", + "te:", /* http/2 wants it to reject it */ + "replay-nonce:", /* ACME */ + ":protocol", /* defined in mcmanus-httpbis-h2-ws-02 */ + + "x-auth-token:", + + "", /* not matchable */ + +}; diff --git a/thirdparty/libwebsockets/roles/http/lextable.h b/thirdparty/libwebsockets/roles/http/lextable.h new file mode 100644 index 0000000000..9a8063b157 --- /dev/null +++ b/thirdparty/libwebsockets/roles/http/lextable.h @@ -0,0 +1,838 @@ +/* pos 0000: 0 */ 0x67 /* 'g' */, 0x40, 0x00 /* (to 0x0040 state 1) */, + 0x70 /* 'p' */, 0x42, 0x00 /* (to 0x0045 state 5) */, + 0x6F /* 'o' */, 0x51, 0x00 /* (to 0x0057 state 10) */, + 0x68 /* 'h' */, 0x5D, 0x00 /* (to 0x0066 state 18) */, + 0x63 /* 'c' */, 0x69, 0x00 /* (to 0x0075 state 23) */, + 0x75 /* 'u' */, 0x8A, 0x00 /* (to 0x0099 state 34) */, + 0x73 /* 's' */, 0xA0, 0x00 /* (to 0x00B2 state 48) */, + 0x0D /* '.' */, 0xD9, 0x00 /* (to 0x00EE state 68) */, + 0x61 /* 'a' */, 0x31, 0x01 /* (to 0x0149 state 129) */, + 0x69 /* 'i' */, 0x70, 0x01 /* (to 0x018B state 163) */, + 0x64 /* 'd' */, 0x19, 0x02 /* (to 0x0237 state 265) */, + 0x72 /* 'r' */, 0x22, 0x02 /* (to 0x0243 state 270) */, + 0x3A /* ':' */, 0x56, 0x02 /* (to 0x027A state 299) */, + 0x65 /* 'e' */, 0xE8, 0x02 /* (to 0x030F state 409) */, + 0x66 /* 'f' */, 0x04, 0x03 /* (to 0x032E state 425) */, + 0x6C /* 'l' */, 0x26, 0x03 /* (to 0x0353 state 458) */, + 0x6D /* 'm' */, 0x49, 0x03 /* (to 0x0379 state 484) */, + 0x74 /* 't' */, 0xB8, 0x03 /* (to 0x03EB state 578) */, + 0x76 /* 'v' */, 0xD9, 0x03 /* (to 0x040F state 606) */, + 0x77 /* 'w' */, 0xE6, 0x03 /* (to 0x041F state 614) */, + 0x78 /* 'x' */, 0x0D, 0x04 /* (to 0x0449 state 650) */, + 0x08, /* fail */ +/* pos 0040: 1 */ 0xE5 /* 'e' -> */, +/* pos 0041: 2 */ 0xF4 /* 't' -> */, +/* pos 0042: 3 */ 0xA0 /* ' ' -> */, +/* pos 0043: 4 */ 0x00, 0x00 /* - terminal marker 0 - */, +/* pos 0045: 5 */ 0x6F /* 'o' */, 0x0D, 0x00 /* (to 0x0052 state 6) */, + 0x72 /* 'r' */, 0x95, 0x01 /* (to 0x01DD state 211) */, + 0x61 /* 'a' */, 0xE6, 0x03 /* (to 0x0431 state 631) */, + 0x75 /* 'u' */, 0xE8, 0x03 /* (to 0x0436 state 635) */, + 0x08, /* fail */ +/* pos 0052: 6 */ 0xF3 /* 's' -> */, +/* pos 0053: 7 */ 0xF4 /* 't' -> */, +/* pos 0054: 8 */ 0xA0 /* ' ' -> */, +/* pos 0055: 9 */ 0x00, 0x01 /* - terminal marker 1 - */, +/* pos 0057: 10 */ 0x70 /* 'p' */, 0x07, 0x00 /* (to 0x005E state 11) */, + 0x72 /* 'r' */, 0x51, 0x00 /* (to 0x00AB state 42) */, + 0x08, /* fail */ +/* pos 005e: 11 */ 0xF4 /* 't' -> */, +/* pos 005f: 12 */ 0xE9 /* 'i' -> */, +/* pos 0060: 13 */ 0xEF /* 'o' -> */, +/* pos 0061: 14 */ 0xEE /* 'n' -> */, +/* pos 0062: 15 */ 0xF3 /* 's' -> */, +/* pos 0063: 16 */ 0xA0 /* ' ' -> */, +/* pos 0064: 17 */ 0x00, 0x02 /* - terminal marker 2 - */, +/* pos 0066: 18 */ 0x6F /* 'o' */, 0x0A, 0x00 /* (to 0x0070 state 19) */, + 0x74 /* 't' */, 0xBF, 0x00 /* (to 0x0128 state 110) */, + 0x65 /* 'e' */, 0x04, 0x04 /* (to 0x0470 state 676) */, + 0x08, /* fail */ +/* pos 0070: 19 */ 0xF3 /* 's' -> */, +/* pos 0071: 20 */ 0xF4 /* 't' -> */, +/* pos 0072: 21 */ 0xBA /* ':' -> */, +/* pos 0073: 22 */ 0x00, 0x03 /* - terminal marker 3 - */, +/* pos 0075: 23 */ 0x6F /* 'o' */, 0x07, 0x00 /* (to 0x007C state 24) */, + 0x61 /* 'a' */, 0x72, 0x01 /* (to 0x01EA state 217) */, + 0x08, /* fail */ +/* pos 007c: 24 */ 0x6E /* 'n' */, 0x07, 0x00 /* (to 0x0083 state 25) */, + 0x6F /* 'o' */, 0x87, 0x01 /* (to 0x0206 state 243) */, + 0x08, /* fail */ +/* pos 0083: 25 */ 0x6E /* 'n' */, 0x07, 0x00 /* (to 0x008A state 26) */, + 0x74 /* 't' */, 0x86, 0x01 /* (to 0x020C state 248) */, + 0x08, /* fail */ +/* pos 008a: 26 */ 0xE5 /* 'e' -> */, +/* pos 008b: 27 */ 0xE3 /* 'c' -> */, +/* pos 008c: 28 */ 0xF4 /* 't' -> */, +/* pos 008d: 29 */ 0x69 /* 'i' */, 0x07, 0x00 /* (to 0x0094 state 30) */, + 0x20 /* ' ' */, 0xDE, 0x03 /* (to 0x046E state 675) */, + 0x08, /* fail */ +/* pos 0094: 30 */ 0xEF /* 'o' -> */, +/* pos 0095: 31 */ 0xEE /* 'n' -> */, +/* pos 0096: 32 */ 0xBA /* ':' -> */, +/* pos 0097: 33 */ 0x00, 0x04 /* - terminal marker 4 - */, +/* pos 0099: 34 */ 0x70 /* 'p' */, 0x0A, 0x00 /* (to 0x00A3 state 35) */, + 0x73 /* 's' */, 0x68, 0x03 /* (to 0x0404 state 596) */, + 0x72 /* 'r' */, 0xA0, 0x03 /* (to 0x043F state 642) */, + 0x08, /* fail */ +/* pos 00a3: 35 */ 0xE7 /* 'g' -> */, +/* pos 00a4: 36 */ 0xF2 /* 'r' -> */, +/* pos 00a5: 37 */ 0xE1 /* 'a' -> */, +/* pos 00a6: 38 */ 0xE4 /* 'd' -> */, +/* pos 00a7: 39 */ 0xE5 /* 'e' -> */, +/* pos 00a8: 40 */ 0xBA /* ':' -> */, +/* pos 00a9: 41 */ 0x00, 0x05 /* - terminal marker 5 - */, +/* pos 00ab: 42 */ 0xE9 /* 'i' -> */, +/* pos 00ac: 43 */ 0xE7 /* 'g' -> */, +/* pos 00ad: 44 */ 0xE9 /* 'i' -> */, +/* pos 00ae: 45 */ 0xEE /* 'n' -> */, +/* pos 00af: 46 */ 0xBA /* ':' -> */, +/* pos 00b0: 47 */ 0x00, 0x06 /* - terminal marker 6 - */, +/* pos 00b2: 48 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x00B9 state 49) */, + 0x74 /* 't' */, 0x1C, 0x03 /* (to 0x03D1 state 553) */, + 0x08, /* fail */ +/* pos 00b9: 49 */ 0x63 /* 'c' */, 0x0A, 0x00 /* (to 0x00C3 state 50) */, + 0x72 /* 'r' */, 0x05, 0x03 /* (to 0x03C1 state 539) */, + 0x74 /* 't' */, 0x08, 0x03 /* (to 0x03C7 state 544) */, + 0x08, /* fail */ +/* pos 00c3: 50 */ 0xAD /* '-' -> */, +/* pos 00c4: 51 */ 0xF7 /* 'w' -> */, +/* pos 00c5: 52 */ 0xE5 /* 'e' -> */, +/* pos 00c6: 53 */ 0xE2 /* 'b' -> */, +/* pos 00c7: 54 */ 0xF3 /* 's' -> */, +/* pos 00c8: 55 */ 0xEF /* 'o' -> */, +/* pos 00c9: 56 */ 0xE3 /* 'c' -> */, +/* pos 00ca: 57 */ 0xEB /* 'k' -> */, +/* pos 00cb: 58 */ 0xE5 /* 'e' -> */, +/* pos 00cc: 59 */ 0xF4 /* 't' -> */, +/* pos 00cd: 60 */ 0xAD /* '-' -> */, +/* pos 00ce: 61 */ 0x64 /* 'd' */, 0x19, 0x00 /* (to 0x00E7 state 62) */, + 0x65 /* 'e' */, 0x20, 0x00 /* (to 0x00F1 state 70) */, + 0x6B /* 'k' */, 0x29, 0x00 /* (to 0x00FD state 81) */, + 0x70 /* 'p' */, 0x38, 0x00 /* (to 0x010F state 88) */, + 0x61 /* 'a' */, 0x3F, 0x00 /* (to 0x0119 state 97) */, + 0x6E /* 'n' */, 0x44, 0x00 /* (to 0x0121 state 104) */, + 0x76 /* 'v' */, 0x89, 0x01 /* (to 0x0269 state 284) */, + 0x6F /* 'o' */, 0x8F, 0x01 /* (to 0x0272 state 292) */, + 0x08, /* fail */ +/* pos 00e7: 62 */ 0xF2 /* 'r' -> */, +/* pos 00e8: 63 */ 0xE1 /* 'a' -> */, +/* pos 00e9: 64 */ 0xE6 /* 'f' -> */, +/* pos 00ea: 65 */ 0xF4 /* 't' -> */, +/* pos 00eb: 66 */ 0xBA /* ':' -> */, +/* pos 00ec: 67 */ 0x00, 0x07 /* - terminal marker 7 - */, +/* pos 00ee: 68 */ 0x8A /* '.' -> */, +/* pos 00ef: 69 */ 0x00, 0x08 /* - terminal marker 8 - */, +/* pos 00f1: 70 */ 0xF8 /* 'x' -> */, +/* pos 00f2: 71 */ 0xF4 /* 't' -> */, +/* pos 00f3: 72 */ 0xE5 /* 'e' -> */, +/* pos 00f4: 73 */ 0xEE /* 'n' -> */, +/* pos 00f5: 74 */ 0xF3 /* 's' -> */, +/* pos 00f6: 75 */ 0xE9 /* 'i' -> */, +/* pos 00f7: 76 */ 0xEF /* 'o' -> */, +/* pos 00f8: 77 */ 0xEE /* 'n' -> */, +/* pos 00f9: 78 */ 0xF3 /* 's' -> */, +/* pos 00fa: 79 */ 0xBA /* ':' -> */, +/* pos 00fb: 80 */ 0x00, 0x09 /* - terminal marker 9 - */, +/* pos 00fd: 81 */ 0xE5 /* 'e' -> */, +/* pos 00fe: 82 */ 0xF9 /* 'y' -> */, +/* pos 00ff: 83 */ 0x31 /* '1' */, 0x0A, 0x00 /* (to 0x0109 state 84) */, + 0x32 /* '2' */, 0x0A, 0x00 /* (to 0x010C state 86) */, + 0x3A /* ':' */, 0x62, 0x01 /* (to 0x0267 state 283) */, + 0x08, /* fail */ +/* pos 0109: 84 */ 0xBA /* ':' -> */, +/* pos 010a: 85 */ 0x00, 0x0A /* - terminal marker 10 - */, +/* pos 010c: 86 */ 0xBA /* ':' -> */, +/* pos 010d: 87 */ 0x00, 0x0B /* - terminal marker 11 - */, +/* pos 010f: 88 */ 0xF2 /* 'r' -> */, +/* pos 0110: 89 */ 0xEF /* 'o' -> */, +/* pos 0111: 90 */ 0xF4 /* 't' -> */, +/* pos 0112: 91 */ 0xEF /* 'o' -> */, +/* pos 0113: 92 */ 0xE3 /* 'c' -> */, +/* pos 0114: 93 */ 0xEF /* 'o' -> */, +/* pos 0115: 94 */ 0xEC /* 'l' -> */, +/* pos 0116: 95 */ 0xBA /* ':' -> */, +/* pos 0117: 96 */ 0x00, 0x0C /* - terminal marker 12 - */, +/* pos 0119: 97 */ 0xE3 /* 'c' -> */, +/* pos 011a: 98 */ 0xE3 /* 'c' -> */, +/* pos 011b: 99 */ 0xE5 /* 'e' -> */, +/* pos 011c: 100 */ 0xF0 /* 'p' -> */, +/* pos 011d: 101 */ 0xF4 /* 't' -> */, +/* pos 011e: 102 */ 0xBA /* ':' -> */, +/* pos 011f: 103 */ 0x00, 0x0D /* - terminal marker 13 - */, +/* pos 0121: 104 */ 0xEF /* 'o' -> */, +/* pos 0122: 105 */ 0xEE /* 'n' -> */, +/* pos 0123: 106 */ 0xE3 /* 'c' -> */, +/* pos 0124: 107 */ 0xE5 /* 'e' -> */, +/* pos 0125: 108 */ 0xBA /* ':' -> */, +/* pos 0126: 109 */ 0x00, 0x0E /* - terminal marker 14 - */, +/* pos 0128: 110 */ 0xF4 /* 't' -> */, +/* pos 0129: 111 */ 0xF0 /* 'p' -> */, +/* pos 012a: 112 */ 0x2F /* '/' */, 0x07, 0x00 /* (to 0x0131 state 113) */, + 0x32 /* '2' */, 0x10, 0x00 /* (to 0x013D state 118) */, + 0x08, /* fail */ +/* pos 0131: 113 */ 0xB1 /* '1' -> */, +/* pos 0132: 114 */ 0xAE /* '.' -> */, +/* pos 0133: 115 */ 0x31 /* '1' */, 0x07, 0x00 /* (to 0x013A state 116) */, + 0x30 /* '0' */, 0x27, 0x03 /* (to 0x045D state 660) */, + 0x08, /* fail */ +/* pos 013a: 116 */ 0xA0 /* ' ' -> */, +/* pos 013b: 117 */ 0x00, 0x0F /* - terminal marker 15 - */, +/* pos 013d: 118 */ 0xAD /* '-' -> */, +/* pos 013e: 119 */ 0xF3 /* 's' -> */, +/* pos 013f: 120 */ 0xE5 /* 'e' -> */, +/* pos 0140: 121 */ 0xF4 /* 't' -> */, +/* pos 0141: 122 */ 0xF4 /* 't' -> */, +/* pos 0142: 123 */ 0xE9 /* 'i' -> */, +/* pos 0143: 124 */ 0xEE /* 'n' -> */, +/* pos 0144: 125 */ 0xE7 /* 'g' -> */, +/* pos 0145: 126 */ 0xF3 /* 's' -> */, +/* pos 0146: 127 */ 0xBA /* ':' -> */, +/* pos 0147: 128 */ 0x00, 0x10 /* - terminal marker 16 - */, +/* pos 0149: 129 */ 0x63 /* 'c' */, 0x0D, 0x00 /* (to 0x0156 state 130) */, + 0x75 /* 'u' */, 0xAC, 0x00 /* (to 0x01F8 state 230) */, + 0x67 /* 'g' */, 0x86, 0x01 /* (to 0x02D5 state 358) */, + 0x6C /* 'l' */, 0x87, 0x01 /* (to 0x02D9 state 361) */, + 0x08, /* fail */ +/* pos 0156: 130 */ 0xE3 /* 'c' -> */, +/* pos 0157: 131 */ 0xE5 /* 'e' -> */, +/* pos 0158: 132 */ 0x70 /* 'p' */, 0x07, 0x00 /* (to 0x015F state 133) */, + 0x73 /* 's' */, 0x0E, 0x00 /* (to 0x0169 state 136) */, + 0x08, /* fail */ +/* pos 015f: 133 */ 0xF4 /* 't' -> */, +/* pos 0160: 134 */ 0x3A /* ':' */, 0x07, 0x00 /* (to 0x0167 state 135) */, + 0x2D /* '-' */, 0x59, 0x00 /* (to 0x01BC state 192) */, + 0x08, /* fail */ +/* pos 0167: 135 */ 0x00, 0x11 /* - terminal marker 17 - */, +/* pos 0169: 136 */ 0xF3 /* 's' -> */, +/* pos 016a: 137 */ 0xAD /* '-' -> */, +/* pos 016b: 138 */ 0xE3 /* 'c' -> */, +/* pos 016c: 139 */ 0xEF /* 'o' -> */, +/* pos 016d: 140 */ 0xEE /* 'n' -> */, +/* pos 016e: 141 */ 0xF4 /* 't' -> */, +/* pos 016f: 142 */ 0xF2 /* 'r' -> */, +/* pos 0170: 143 */ 0xEF /* 'o' -> */, +/* pos 0171: 144 */ 0xEC /* 'l' -> */, +/* pos 0172: 145 */ 0xAD /* '-' -> */, +/* pos 0173: 146 */ 0x72 /* 'r' */, 0x07, 0x00 /* (to 0x017A state 147) */, + 0x61 /* 'a' */, 0x51, 0x01 /* (to 0x02C7 state 345) */, + 0x08, /* fail */ +/* pos 017a: 147 */ 0xE5 /* 'e' -> */, +/* pos 017b: 148 */ 0xF1 /* 'q' -> */, +/* pos 017c: 149 */ 0xF5 /* 'u' -> */, +/* pos 017d: 150 */ 0xE5 /* 'e' -> */, +/* pos 017e: 151 */ 0xF3 /* 's' -> */, +/* pos 017f: 152 */ 0xF4 /* 't' -> */, +/* pos 0180: 153 */ 0xAD /* '-' -> */, +/* pos 0181: 154 */ 0xE8 /* 'h' -> */, +/* pos 0182: 155 */ 0xE5 /* 'e' -> */, +/* pos 0183: 156 */ 0xE1 /* 'a' -> */, +/* pos 0184: 157 */ 0xE4 /* 'd' -> */, +/* pos 0185: 158 */ 0xE5 /* 'e' -> */, +/* pos 0186: 159 */ 0xF2 /* 'r' -> */, +/* pos 0187: 160 */ 0xF3 /* 's' -> */, +/* pos 0188: 161 */ 0xBA /* ':' -> */, +/* pos 0189: 162 */ 0x00, 0x12 /* - terminal marker 18 - */, +/* pos 018b: 163 */ 0xE6 /* 'f' -> */, +/* pos 018c: 164 */ 0xAD /* '-' -> */, +/* pos 018d: 165 */ 0x6D /* 'm' */, 0x0D, 0x00 /* (to 0x019A state 166) */, + 0x6E /* 'n' */, 0x20, 0x00 /* (to 0x01B0 state 181) */, + 0x72 /* 'r' */, 0xA7, 0x01 /* (to 0x033A state 435) */, + 0x75 /* 'u' */, 0xAB, 0x01 /* (to 0x0341 state 441) */, + 0x08, /* fail */ +/* pos 019a: 166 */ 0x6F /* 'o' */, 0x07, 0x00 /* (to 0x01A1 state 167) */, + 0x61 /* 'a' */, 0x97, 0x01 /* (to 0x0334 state 430) */, + 0x08, /* fail */ +/* pos 01a1: 167 */ 0xE4 /* 'd' -> */, +/* pos 01a2: 168 */ 0xE9 /* 'i' -> */, +/* pos 01a3: 169 */ 0xE6 /* 'f' -> */, +/* pos 01a4: 170 */ 0xE9 /* 'i' -> */, +/* pos 01a5: 171 */ 0xE5 /* 'e' -> */, +/* pos 01a6: 172 */ 0xE4 /* 'd' -> */, +/* pos 01a7: 173 */ 0xAD /* '-' -> */, +/* pos 01a8: 174 */ 0xF3 /* 's' -> */, +/* pos 01a9: 175 */ 0xE9 /* 'i' -> */, +/* pos 01aa: 176 */ 0xEE /* 'n' -> */, +/* pos 01ab: 177 */ 0xE3 /* 'c' -> */, +/* pos 01ac: 178 */ 0xE5 /* 'e' -> */, +/* pos 01ad: 179 */ 0xBA /* ':' -> */, +/* pos 01ae: 180 */ 0x00, 0x13 /* - terminal marker 19 - */, +/* pos 01b0: 181 */ 0xEF /* 'o' -> */, +/* pos 01b1: 182 */ 0xEE /* 'n' -> */, +/* pos 01b2: 183 */ 0xE5 /* 'e' -> */, +/* pos 01b3: 184 */ 0xAD /* '-' -> */, +/* pos 01b4: 185 */ 0xED /* 'm' -> */, +/* pos 01b5: 186 */ 0xE1 /* 'a' -> */, +/* pos 01b6: 187 */ 0xF4 /* 't' -> */, +/* pos 01b7: 188 */ 0xE3 /* 'c' -> */, +/* pos 01b8: 189 */ 0xE8 /* 'h' -> */, +/* pos 01b9: 190 */ 0xBA /* ':' -> */, +/* pos 01ba: 191 */ 0x00, 0x14 /* - terminal marker 20 - */, +/* pos 01bc: 192 */ 0x65 /* 'e' */, 0x0D, 0x00 /* (to 0x01C9 state 193) */, + 0x6C /* 'l' */, 0x14, 0x00 /* (to 0x01D3 state 202) */, + 0x63 /* 'c' */, 0xF4, 0x00 /* (to 0x02B6 state 330) */, + 0x72 /* 'r' */, 0xFA, 0x00 /* (to 0x02BF state 338) */, + 0x08, /* fail */ +/* pos 01c9: 193 */ 0xEE /* 'n' -> */, +/* pos 01ca: 194 */ 0xE3 /* 'c' -> */, +/* pos 01cb: 195 */ 0xEF /* 'o' -> */, +/* pos 01cc: 196 */ 0xE4 /* 'd' -> */, +/* pos 01cd: 197 */ 0xE9 /* 'i' -> */, +/* pos 01ce: 198 */ 0xEE /* 'n' -> */, +/* pos 01cf: 199 */ 0xE7 /* 'g' -> */, +/* pos 01d0: 200 */ 0xBA /* ':' -> */, +/* pos 01d1: 201 */ 0x00, 0x15 /* - terminal marker 21 - */, +/* pos 01d3: 202 */ 0xE1 /* 'a' -> */, +/* pos 01d4: 203 */ 0xEE /* 'n' -> */, +/* pos 01d5: 204 */ 0xE7 /* 'g' -> */, +/* pos 01d6: 205 */ 0xF5 /* 'u' -> */, +/* pos 01d7: 206 */ 0xE1 /* 'a' -> */, +/* pos 01d8: 207 */ 0xE7 /* 'g' -> */, +/* pos 01d9: 208 */ 0xE5 /* 'e' -> */, +/* pos 01da: 209 */ 0xBA /* ':' -> */, +/* pos 01db: 210 */ 0x00, 0x16 /* - terminal marker 22 - */, +/* pos 01dd: 211 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x01E4 state 212) */, + 0x6F /* 'o' */, 0xA7, 0x01 /* (to 0x0387 state 497) */, + 0x08, /* fail */ +/* pos 01e4: 212 */ 0xE7 /* 'g' -> */, +/* pos 01e5: 213 */ 0xED /* 'm' -> */, +/* pos 01e6: 214 */ 0xE1 /* 'a' -> */, +/* pos 01e7: 215 */ 0xBA /* ':' -> */, +/* pos 01e8: 216 */ 0x00, 0x17 /* - terminal marker 23 - */, +/* pos 01ea: 217 */ 0xE3 /* 'c' -> */, +/* pos 01eb: 218 */ 0xE8 /* 'h' -> */, +/* pos 01ec: 219 */ 0xE5 /* 'e' -> */, +/* pos 01ed: 220 */ 0xAD /* '-' -> */, +/* pos 01ee: 221 */ 0xE3 /* 'c' -> */, +/* pos 01ef: 222 */ 0xEF /* 'o' -> */, +/* pos 01f0: 223 */ 0xEE /* 'n' -> */, +/* pos 01f1: 224 */ 0xF4 /* 't' -> */, +/* pos 01f2: 225 */ 0xF2 /* 'r' -> */, +/* pos 01f3: 226 */ 0xEF /* 'o' -> */, +/* pos 01f4: 227 */ 0xEC /* 'l' -> */, +/* pos 01f5: 228 */ 0xBA /* ':' -> */, +/* pos 01f6: 229 */ 0x00, 0x18 /* - terminal marker 24 - */, +/* pos 01f8: 230 */ 0xF4 /* 't' -> */, +/* pos 01f9: 231 */ 0xE8 /* 'h' -> */, +/* pos 01fa: 232 */ 0xEF /* 'o' -> */, +/* pos 01fb: 233 */ 0xF2 /* 'r' -> */, +/* pos 01fc: 234 */ 0xE9 /* 'i' -> */, +/* pos 01fd: 235 */ 0xFA /* 'z' -> */, +/* pos 01fe: 236 */ 0xE1 /* 'a' -> */, +/* pos 01ff: 237 */ 0xF4 /* 't' -> */, +/* pos 0200: 238 */ 0xE9 /* 'i' -> */, +/* pos 0201: 239 */ 0xEF /* 'o' -> */, +/* pos 0202: 240 */ 0xEE /* 'n' -> */, +/* pos 0203: 241 */ 0xBA /* ':' -> */, +/* pos 0204: 242 */ 0x00, 0x19 /* - terminal marker 25 - */, +/* pos 0206: 243 */ 0xEB /* 'k' -> */, +/* pos 0207: 244 */ 0xE9 /* 'i' -> */, +/* pos 0208: 245 */ 0xE5 /* 'e' -> */, +/* pos 0209: 246 */ 0xBA /* ':' -> */, +/* pos 020a: 247 */ 0x00, 0x1A /* - terminal marker 26 - */, +/* pos 020c: 248 */ 0xE5 /* 'e' -> */, +/* pos 020d: 249 */ 0xEE /* 'n' -> */, +/* pos 020e: 250 */ 0xF4 /* 't' -> */, +/* pos 020f: 251 */ 0xAD /* '-' -> */, +/* pos 0210: 252 */ 0x6C /* 'l' */, 0x10, 0x00 /* (to 0x0220 state 253) */, + 0x74 /* 't' */, 0x1E, 0x00 /* (to 0x0231 state 260) */, + 0x64 /* 'd' */, 0xC9, 0x00 /* (to 0x02DF state 366) */, + 0x65 /* 'e' */, 0xD3, 0x00 /* (to 0x02EC state 378) */, + 0x72 /* 'r' */, 0xEC, 0x00 /* (to 0x0308 state 403) */, + 0x08, /* fail */ +/* pos 0220: 253 */ 0x65 /* 'e' */, 0x0A, 0x00 /* (to 0x022A state 254) */, + 0x61 /* 'a' */, 0xD3, 0x00 /* (to 0x02F6 state 387) */, + 0x6F /* 'o' */, 0xD9, 0x00 /* (to 0x02FF state 395) */, + 0x08, /* fail */ +/* pos 022a: 254 */ 0xEE /* 'n' -> */, +/* pos 022b: 255 */ 0xE7 /* 'g' -> */, +/* pos 022c: 256 */ 0xF4 /* 't' -> */, +/* pos 022d: 257 */ 0xE8 /* 'h' -> */, +/* pos 022e: 258 */ 0xBA /* ':' -> */, +/* pos 022f: 259 */ 0x00, 0x1B /* - terminal marker 27 - */, +/* pos 0231: 260 */ 0xF9 /* 'y' -> */, +/* pos 0232: 261 */ 0xF0 /* 'p' -> */, +/* pos 0233: 262 */ 0xE5 /* 'e' -> */, +/* pos 0234: 263 */ 0xBA /* ':' -> */, +/* pos 0235: 264 */ 0x00, 0x1C /* - terminal marker 28 - */, +/* pos 0237: 265 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x023E state 266) */, + 0x65 /* 'e' */, 0xFF, 0x01 /* (to 0x0439 state 637) */, + 0x08, /* fail */ +/* pos 023e: 266 */ 0xF4 /* 't' -> */, +/* pos 023f: 267 */ 0xE5 /* 'e' -> */, +/* pos 0240: 268 */ 0xBA /* ':' -> */, +/* pos 0241: 269 */ 0x00, 0x1D /* - terminal marker 29 - */, +/* pos 0243: 270 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x024A state 271) */, + 0x65 /* 'e' */, 0x0A, 0x00 /* (to 0x0250 state 276) */, + 0x08, /* fail */ +/* pos 024a: 271 */ 0xEE /* 'n' -> */, +/* pos 024b: 272 */ 0xE7 /* 'g' -> */, +/* pos 024c: 273 */ 0xE5 /* 'e' -> */, +/* pos 024d: 274 */ 0xBA /* ':' -> */, +/* pos 024e: 275 */ 0x00, 0x1E /* - terminal marker 30 - */, +/* pos 0250: 276 */ 0x66 /* 'f' */, 0x0A, 0x00 /* (to 0x025A state 277) */, + 0x74 /* 't' */, 0x63, 0x01 /* (to 0x03B6 state 529) */, + 0x70 /* 'p' */, 0x22, 0x02 /* (to 0x0478 state 682) */, + 0x08, /* fail */ +/* pos 025a: 277 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x0261 state 278) */, + 0x72 /* 'r' */, 0x53, 0x01 /* (to 0x03B0 state 524) */, + 0x08, /* fail */ +/* pos 0261: 278 */ 0xF2 /* 'r' -> */, +/* pos 0262: 279 */ 0xE5 /* 'e' -> */, +/* pos 0263: 280 */ 0xF2 /* 'r' -> */, +/* pos 0264: 281 */ 0xBA /* ':' -> */, +/* pos 0265: 282 */ 0x00, 0x1F /* - terminal marker 31 - */, +/* pos 0267: 283 */ 0x00, 0x20 /* - terminal marker 32 - */, +/* pos 0269: 284 */ 0xE5 /* 'e' -> */, +/* pos 026a: 285 */ 0xF2 /* 'r' -> */, +/* pos 026b: 286 */ 0xF3 /* 's' -> */, +/* pos 026c: 287 */ 0xE9 /* 'i' -> */, +/* pos 026d: 288 */ 0xEF /* 'o' -> */, +/* pos 026e: 289 */ 0xEE /* 'n' -> */, +/* pos 026f: 290 */ 0xBA /* ':' -> */, +/* pos 0270: 291 */ 0x00, 0x21 /* - terminal marker 33 - */, +/* pos 0272: 292 */ 0xF2 /* 'r' -> */, +/* pos 0273: 293 */ 0xE9 /* 'i' -> */, +/* pos 0274: 294 */ 0xE7 /* 'g' -> */, +/* pos 0275: 295 */ 0xE9 /* 'i' -> */, +/* pos 0276: 296 */ 0xEE /* 'n' -> */, +/* pos 0277: 297 */ 0xBA /* ':' -> */, +/* pos 0278: 298 */ 0x00, 0x22 /* - terminal marker 34 - */, +/* pos 027a: 299 */ 0x61 /* 'a' */, 0x0D, 0x00 /* (to 0x0287 state 300) */, + 0x6D /* 'm' */, 0x14, 0x00 /* (to 0x0291 state 309) */, + 0x70 /* 'p' */, 0x18, 0x00 /* (to 0x0298 state 315) */, + 0x73 /* 's' */, 0x20, 0x00 /* (to 0x02A3 state 319) */, + 0x08, /* fail */ +/* pos 0287: 300 */ 0xF5 /* 'u' -> */, +/* pos 0288: 301 */ 0xF4 /* 't' -> */, +/* pos 0289: 302 */ 0xE8 /* 'h' -> */, +/* pos 028a: 303 */ 0xEF /* 'o' -> */, +/* pos 028b: 304 */ 0xF2 /* 'r' -> */, +/* pos 028c: 305 */ 0xE9 /* 'i' -> */, +/* pos 028d: 306 */ 0xF4 /* 't' -> */, +/* pos 028e: 307 */ 0xF9 /* 'y' -> */, +/* pos 028f: 308 */ 0x00, 0x23 /* - terminal marker 35 - */, +/* pos 0291: 309 */ 0xE5 /* 'e' -> */, +/* pos 0292: 310 */ 0xF4 /* 't' -> */, +/* pos 0293: 311 */ 0xE8 /* 'h' -> */, +/* pos 0294: 312 */ 0xEF /* 'o' -> */, +/* pos 0295: 313 */ 0xE4 /* 'd' -> */, +/* pos 0296: 314 */ 0x00, 0x24 /* - terminal marker 36 - */, +/* pos 0298: 315 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x029F state 316) */, + 0x72 /* 'r' */, 0xE9, 0x01 /* (to 0x0484 state 693) */, + 0x08, /* fail */ +/* pos 029f: 316 */ 0xF4 /* 't' -> */, +/* pos 02a0: 317 */ 0xE8 /* 'h' -> */, +/* pos 02a1: 318 */ 0x00, 0x25 /* - terminal marker 37 - */, +/* pos 02a3: 319 */ 0x63 /* 'c' */, 0x07, 0x00 /* (to 0x02AA state 320) */, + 0x74 /* 't' */, 0x0A, 0x00 /* (to 0x02B0 state 325) */, + 0x08, /* fail */ +/* pos 02aa: 320 */ 0xE8 /* 'h' -> */, +/* pos 02ab: 321 */ 0xE5 /* 'e' -> */, +/* pos 02ac: 322 */ 0xED /* 'm' -> */, +/* pos 02ad: 323 */ 0xE5 /* 'e' -> */, +/* pos 02ae: 324 */ 0x00, 0x26 /* - terminal marker 38 - */, +/* pos 02b0: 325 */ 0xE1 /* 'a' -> */, +/* pos 02b1: 326 */ 0xF4 /* 't' -> */, +/* pos 02b2: 327 */ 0xF5 /* 'u' -> */, +/* pos 02b3: 328 */ 0xF3 /* 's' -> */, +/* pos 02b4: 329 */ 0x00, 0x27 /* - terminal marker 39 - */, +/* pos 02b6: 330 */ 0xE8 /* 'h' -> */, +/* pos 02b7: 331 */ 0xE1 /* 'a' -> */, +/* pos 02b8: 332 */ 0xF2 /* 'r' -> */, +/* pos 02b9: 333 */ 0xF3 /* 's' -> */, +/* pos 02ba: 334 */ 0xE5 /* 'e' -> */, +/* pos 02bb: 335 */ 0xF4 /* 't' -> */, +/* pos 02bc: 336 */ 0xBA /* ':' -> */, +/* pos 02bd: 337 */ 0x00, 0x28 /* - terminal marker 40 - */, +/* pos 02bf: 338 */ 0xE1 /* 'a' -> */, +/* pos 02c0: 339 */ 0xEE /* 'n' -> */, +/* pos 02c1: 340 */ 0xE7 /* 'g' -> */, +/* pos 02c2: 341 */ 0xE5 /* 'e' -> */, +/* pos 02c3: 342 */ 0xF3 /* 's' -> */, +/* pos 02c4: 343 */ 0xBA /* ':' -> */, +/* pos 02c5: 344 */ 0x00, 0x29 /* - terminal marker 41 - */, +/* pos 02c7: 345 */ 0xEC /* 'l' -> */, +/* pos 02c8: 346 */ 0xEC /* 'l' -> */, +/* pos 02c9: 347 */ 0xEF /* 'o' -> */, +/* pos 02ca: 348 */ 0xF7 /* 'w' -> */, +/* pos 02cb: 349 */ 0xAD /* '-' -> */, +/* pos 02cc: 350 */ 0xEF /* 'o' -> */, +/* pos 02cd: 351 */ 0xF2 /* 'r' -> */, +/* pos 02ce: 352 */ 0xE9 /* 'i' -> */, +/* pos 02cf: 353 */ 0xE7 /* 'g' -> */, +/* pos 02d0: 354 */ 0xE9 /* 'i' -> */, +/* pos 02d1: 355 */ 0xEE /* 'n' -> */, +/* pos 02d2: 356 */ 0xBA /* ':' -> */, +/* pos 02d3: 357 */ 0x00, 0x2A /* - terminal marker 42 - */, +/* pos 02d5: 358 */ 0xE5 /* 'e' -> */, +/* pos 02d6: 359 */ 0xBA /* ':' -> */, +/* pos 02d7: 360 */ 0x00, 0x2B /* - terminal marker 43 - */, +/* pos 02d9: 361 */ 0xEC /* 'l' -> */, +/* pos 02da: 362 */ 0xEF /* 'o' -> */, +/* pos 02db: 363 */ 0xF7 /* 'w' -> */, +/* pos 02dc: 364 */ 0xBA /* ':' -> */, +/* pos 02dd: 365 */ 0x00, 0x2C /* - terminal marker 44 - */, +/* pos 02df: 366 */ 0xE9 /* 'i' -> */, +/* pos 02e0: 367 */ 0xF3 /* 's' -> */, +/* pos 02e1: 368 */ 0xF0 /* 'p' -> */, +/* pos 02e2: 369 */ 0xEF /* 'o' -> */, +/* pos 02e3: 370 */ 0xF3 /* 's' -> */, +/* pos 02e4: 371 */ 0xE9 /* 'i' -> */, +/* pos 02e5: 372 */ 0xF4 /* 't' -> */, +/* pos 02e6: 373 */ 0xE9 /* 'i' -> */, +/* pos 02e7: 374 */ 0xEF /* 'o' -> */, +/* pos 02e8: 375 */ 0xEE /* 'n' -> */, +/* pos 02e9: 376 */ 0xBA /* ':' -> */, +/* pos 02ea: 377 */ 0x00, 0x2D /* - terminal marker 45 - */, +/* pos 02ec: 378 */ 0xEE /* 'n' -> */, +/* pos 02ed: 379 */ 0xE3 /* 'c' -> */, +/* pos 02ee: 380 */ 0xEF /* 'o' -> */, +/* pos 02ef: 381 */ 0xE4 /* 'd' -> */, +/* pos 02f0: 382 */ 0xE9 /* 'i' -> */, +/* pos 02f1: 383 */ 0xEE /* 'n' -> */, +/* pos 02f2: 384 */ 0xE7 /* 'g' -> */, +/* pos 02f3: 385 */ 0xBA /* ':' -> */, +/* pos 02f4: 386 */ 0x00, 0x2E /* - terminal marker 46 - */, +/* pos 02f6: 387 */ 0xEE /* 'n' -> */, +/* pos 02f7: 388 */ 0xE7 /* 'g' -> */, +/* pos 02f8: 389 */ 0xF5 /* 'u' -> */, +/* pos 02f9: 390 */ 0xE1 /* 'a' -> */, +/* pos 02fa: 391 */ 0xE7 /* 'g' -> */, +/* pos 02fb: 392 */ 0xE5 /* 'e' -> */, +/* pos 02fc: 393 */ 0xBA /* ':' -> */, +/* pos 02fd: 394 */ 0x00, 0x2F /* - terminal marker 47 - */, +/* pos 02ff: 395 */ 0xE3 /* 'c' -> */, +/* pos 0300: 396 */ 0xE1 /* 'a' -> */, +/* pos 0301: 397 */ 0xF4 /* 't' -> */, +/* pos 0302: 398 */ 0xE9 /* 'i' -> */, +/* pos 0303: 399 */ 0xEF /* 'o' -> */, +/* pos 0304: 400 */ 0xEE /* 'n' -> */, +/* pos 0305: 401 */ 0xBA /* ':' -> */, +/* pos 0306: 402 */ 0x00, 0x30 /* - terminal marker 48 - */, +/* pos 0308: 403 */ 0xE1 /* 'a' -> */, +/* pos 0309: 404 */ 0xEE /* 'n' -> */, +/* pos 030a: 405 */ 0xE7 /* 'g' -> */, +/* pos 030b: 406 */ 0xE5 /* 'e' -> */, +/* pos 030c: 407 */ 0xBA /* ':' -> */, +/* pos 030d: 408 */ 0x00, 0x31 /* - terminal marker 49 - */, +/* pos 030f: 409 */ 0x74 /* 't' */, 0x07, 0x00 /* (to 0x0316 state 410) */, + 0x78 /* 'x' */, 0x09, 0x00 /* (to 0x031B state 414) */, + 0x08, /* fail */ +/* pos 0316: 410 */ 0xE1 /* 'a' -> */, +/* pos 0317: 411 */ 0xE7 /* 'g' -> */, +/* pos 0318: 412 */ 0xBA /* ':' -> */, +/* pos 0319: 413 */ 0x00, 0x32 /* - terminal marker 50 - */, +/* pos 031b: 414 */ 0xF0 /* 'p' -> */, +/* pos 031c: 415 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x0323 state 416) */, + 0x69 /* 'i' */, 0x09, 0x00 /* (to 0x0328 state 420) */, + 0x08, /* fail */ +/* pos 0323: 416 */ 0xE3 /* 'c' -> */, +/* pos 0324: 417 */ 0xF4 /* 't' -> */, +/* pos 0325: 418 */ 0xBA /* ':' -> */, +/* pos 0326: 419 */ 0x00, 0x33 /* - terminal marker 51 - */, +/* pos 0328: 420 */ 0xF2 /* 'r' -> */, +/* pos 0329: 421 */ 0xE5 /* 'e' -> */, +/* pos 032a: 422 */ 0xF3 /* 's' -> */, +/* pos 032b: 423 */ 0xBA /* ':' -> */, +/* pos 032c: 424 */ 0x00, 0x34 /* - terminal marker 52 - */, +/* pos 032e: 425 */ 0xF2 /* 'r' -> */, +/* pos 032f: 426 */ 0xEF /* 'o' -> */, +/* pos 0330: 427 */ 0xED /* 'm' -> */, +/* pos 0331: 428 */ 0xBA /* ':' -> */, +/* pos 0332: 429 */ 0x00, 0x35 /* - terminal marker 53 - */, +/* pos 0334: 430 */ 0xF4 /* 't' -> */, +/* pos 0335: 431 */ 0xE3 /* 'c' -> */, +/* pos 0336: 432 */ 0xE8 /* 'h' -> */, +/* pos 0337: 433 */ 0xBA /* ':' -> */, +/* pos 0338: 434 */ 0x00, 0x36 /* - terminal marker 54 - */, +/* pos 033a: 435 */ 0xE1 /* 'a' -> */, +/* pos 033b: 436 */ 0xEE /* 'n' -> */, +/* pos 033c: 437 */ 0xE7 /* 'g' -> */, +/* pos 033d: 438 */ 0xE5 /* 'e' -> */, +/* pos 033e: 439 */ 0xBA /* ':' -> */, +/* pos 033f: 440 */ 0x00, 0x37 /* - terminal marker 55 - */, +/* pos 0341: 441 */ 0xEE /* 'n' -> */, +/* pos 0342: 442 */ 0xED /* 'm' -> */, +/* pos 0343: 443 */ 0xEF /* 'o' -> */, +/* pos 0344: 444 */ 0xE4 /* 'd' -> */, +/* pos 0345: 445 */ 0xE9 /* 'i' -> */, +/* pos 0346: 446 */ 0xE6 /* 'f' -> */, +/* pos 0347: 447 */ 0xE9 /* 'i' -> */, +/* pos 0348: 448 */ 0xE5 /* 'e' -> */, +/* pos 0349: 449 */ 0xE4 /* 'd' -> */, +/* pos 034a: 450 */ 0xAD /* '-' -> */, +/* pos 034b: 451 */ 0xF3 /* 's' -> */, +/* pos 034c: 452 */ 0xE9 /* 'i' -> */, +/* pos 034d: 453 */ 0xEE /* 'n' -> */, +/* pos 034e: 454 */ 0xE3 /* 'c' -> */, +/* pos 034f: 455 */ 0xE5 /* 'e' -> */, +/* pos 0350: 456 */ 0xBA /* ':' -> */, +/* pos 0351: 457 */ 0x00, 0x38 /* - terminal marker 56 - */, +/* pos 0353: 458 */ 0x61 /* 'a' */, 0x0A, 0x00 /* (to 0x035D state 459) */, + 0x69 /* 'i' */, 0x15, 0x00 /* (to 0x036B state 472) */, + 0x6F /* 'o' */, 0x17, 0x00 /* (to 0x0370 state 476) */, + 0x08, /* fail */ +/* pos 035d: 459 */ 0xF3 /* 's' -> */, +/* pos 035e: 460 */ 0xF4 /* 't' -> */, +/* pos 035f: 461 */ 0xAD /* '-' -> */, +/* pos 0360: 462 */ 0xED /* 'm' -> */, +/* pos 0361: 463 */ 0xEF /* 'o' -> */, +/* pos 0362: 464 */ 0xE4 /* 'd' -> */, +/* pos 0363: 465 */ 0xE9 /* 'i' -> */, +/* pos 0364: 466 */ 0xE6 /* 'f' -> */, +/* pos 0365: 467 */ 0xE9 /* 'i' -> */, +/* pos 0366: 468 */ 0xE5 /* 'e' -> */, +/* pos 0367: 469 */ 0xE4 /* 'd' -> */, +/* pos 0368: 470 */ 0xBA /* ':' -> */, +/* pos 0369: 471 */ 0x00, 0x39 /* - terminal marker 57 - */, +/* pos 036b: 472 */ 0xEE /* 'n' -> */, +/* pos 036c: 473 */ 0xEB /* 'k' -> */, +/* pos 036d: 474 */ 0xBA /* ':' -> */, +/* pos 036e: 475 */ 0x00, 0x3A /* - terminal marker 58 - */, +/* pos 0370: 476 */ 0xE3 /* 'c' -> */, +/* pos 0371: 477 */ 0xE1 /* 'a' -> */, +/* pos 0372: 478 */ 0xF4 /* 't' -> */, +/* pos 0373: 479 */ 0xE9 /* 'i' -> */, +/* pos 0374: 480 */ 0xEF /* 'o' -> */, +/* pos 0375: 481 */ 0xEE /* 'n' -> */, +/* pos 0376: 482 */ 0xBA /* ':' -> */, +/* pos 0377: 483 */ 0x00, 0x3B /* - terminal marker 59 - */, +/* pos 0379: 484 */ 0xE1 /* 'a' -> */, +/* pos 037a: 485 */ 0xF8 /* 'x' -> */, +/* pos 037b: 486 */ 0xAD /* '-' -> */, +/* pos 037c: 487 */ 0xE6 /* 'f' -> */, +/* pos 037d: 488 */ 0xEF /* 'o' -> */, +/* pos 037e: 489 */ 0xF2 /* 'r' -> */, +/* pos 037f: 490 */ 0xF7 /* 'w' -> */, +/* pos 0380: 491 */ 0xE1 /* 'a' -> */, +/* pos 0381: 492 */ 0xF2 /* 'r' -> */, +/* pos 0382: 493 */ 0xE4 /* 'd' -> */, +/* pos 0383: 494 */ 0xF3 /* 's' -> */, +/* pos 0384: 495 */ 0xBA /* ':' -> */, +/* pos 0385: 496 */ 0x00, 0x3C /* - terminal marker 60 - */, +/* pos 0387: 497 */ 0xF8 /* 'x' -> */, +/* pos 0388: 498 */ 0xF9 /* 'y' -> */, +/* pos 0389: 499 */ 0x2D /* '-' */, 0x07, 0x00 /* (to 0x0390 state 500) */, + 0x20 /* ' ' */, 0xBB, 0x00 /* (to 0x0447 state 649) */, + 0x08, /* fail */ +/* pos 0390: 500 */ 0xE1 /* 'a' -> */, +/* pos 0391: 501 */ 0xF5 /* 'u' -> */, +/* pos 0392: 502 */ 0xF4 /* 't' -> */, +/* pos 0393: 503 */ 0xE8 /* 'h' -> */, +/* pos 0394: 504 */ 0x65 /* 'e' */, 0x07, 0x00 /* (to 0x039B state 505) */, + 0x6F /* 'o' */, 0x0E, 0x00 /* (to 0x03A5 state 514) */, + 0x08, /* fail */ +/* pos 039b: 505 */ 0xEE /* 'n' -> */, +/* pos 039c: 506 */ 0xF4 /* 't' -> */, +/* pos 039d: 507 */ 0xE9 /* 'i' -> */, +/* pos 039e: 508 */ 0xE3 /* 'c' -> */, +/* pos 039f: 509 */ 0xE1 /* 'a' -> */, +/* pos 03a0: 510 */ 0xF4 /* 't' -> */, +/* pos 03a1: 511 */ 0xE5 /* 'e' -> */, +/* pos 03a2: 512 */ 0xBA /* ':' -> */, +/* pos 03a3: 513 */ 0x00, 0x3D /* - terminal marker 61 - */, +/* pos 03a5: 514 */ 0xF2 /* 'r' -> */, +/* pos 03a6: 515 */ 0xE9 /* 'i' -> */, +/* pos 03a7: 516 */ 0xFA /* 'z' -> */, +/* pos 03a8: 517 */ 0xE1 /* 'a' -> */, +/* pos 03a9: 518 */ 0xF4 /* 't' -> */, +/* pos 03aa: 519 */ 0xE9 /* 'i' -> */, +/* pos 03ab: 520 */ 0xEF /* 'o' -> */, +/* pos 03ac: 521 */ 0xEE /* 'n' -> */, +/* pos 03ad: 522 */ 0xBA /* ':' -> */, +/* pos 03ae: 523 */ 0x00, 0x3E /* - terminal marker 62 - */, +/* pos 03b0: 524 */ 0xE5 /* 'e' -> */, +/* pos 03b1: 525 */ 0xF3 /* 's' -> */, +/* pos 03b2: 526 */ 0xE8 /* 'h' -> */, +/* pos 03b3: 527 */ 0xBA /* ':' -> */, +/* pos 03b4: 528 */ 0x00, 0x3F /* - terminal marker 63 - */, +/* pos 03b6: 529 */ 0xF2 /* 'r' -> */, +/* pos 03b7: 530 */ 0xF9 /* 'y' -> */, +/* pos 03b8: 531 */ 0xAD /* '-' -> */, +/* pos 03b9: 532 */ 0xE1 /* 'a' -> */, +/* pos 03ba: 533 */ 0xE6 /* 'f' -> */, +/* pos 03bb: 534 */ 0xF4 /* 't' -> */, +/* pos 03bc: 535 */ 0xE5 /* 'e' -> */, +/* pos 03bd: 536 */ 0xF2 /* 'r' -> */, +/* pos 03be: 537 */ 0xBA /* ':' -> */, +/* pos 03bf: 538 */ 0x00, 0x40 /* - terminal marker 64 - */, +/* pos 03c1: 539 */ 0xF6 /* 'v' -> */, +/* pos 03c2: 540 */ 0xE5 /* 'e' -> */, +/* pos 03c3: 541 */ 0xF2 /* 'r' -> */, +/* pos 03c4: 542 */ 0xBA /* ':' -> */, +/* pos 03c5: 543 */ 0x00, 0x41 /* - terminal marker 65 - */, +/* pos 03c7: 544 */ 0xAD /* '-' -> */, +/* pos 03c8: 545 */ 0xE3 /* 'c' -> */, +/* pos 03c9: 546 */ 0xEF /* 'o' -> */, +/* pos 03ca: 547 */ 0xEF /* 'o' -> */, +/* pos 03cb: 548 */ 0xEB /* 'k' -> */, +/* pos 03cc: 549 */ 0xE9 /* 'i' -> */, +/* pos 03cd: 550 */ 0xE5 /* 'e' -> */, +/* pos 03ce: 551 */ 0xBA /* ':' -> */, +/* pos 03cf: 552 */ 0x00, 0x42 /* - terminal marker 66 - */, +/* pos 03d1: 553 */ 0xF2 /* 'r' -> */, +/* pos 03d2: 554 */ 0xE9 /* 'i' -> */, +/* pos 03d3: 555 */ 0xE3 /* 'c' -> */, +/* pos 03d4: 556 */ 0xF4 /* 't' -> */, +/* pos 03d5: 557 */ 0xAD /* '-' -> */, +/* pos 03d6: 558 */ 0xF4 /* 't' -> */, +/* pos 03d7: 559 */ 0xF2 /* 'r' -> */, +/* pos 03d8: 560 */ 0xE1 /* 'a' -> */, +/* pos 03d9: 561 */ 0xEE /* 'n' -> */, +/* pos 03da: 562 */ 0xF3 /* 's' -> */, +/* pos 03db: 563 */ 0xF0 /* 'p' -> */, +/* pos 03dc: 564 */ 0xEF /* 'o' -> */, +/* pos 03dd: 565 */ 0xF2 /* 'r' -> */, +/* pos 03de: 566 */ 0xF4 /* 't' -> */, +/* pos 03df: 567 */ 0xAD /* '-' -> */, +/* pos 03e0: 568 */ 0xF3 /* 's' -> */, +/* pos 03e1: 569 */ 0xE5 /* 'e' -> */, +/* pos 03e2: 570 */ 0xE3 /* 'c' -> */, +/* pos 03e3: 571 */ 0xF5 /* 'u' -> */, +/* pos 03e4: 572 */ 0xF2 /* 'r' -> */, +/* pos 03e5: 573 */ 0xE9 /* 'i' -> */, +/* pos 03e6: 574 */ 0xF4 /* 't' -> */, +/* pos 03e7: 575 */ 0xF9 /* 'y' -> */, +/* pos 03e8: 576 */ 0xBA /* ':' -> */, +/* pos 03e9: 577 */ 0x00, 0x43 /* - terminal marker 67 - */, +/* pos 03eb: 578 */ 0x72 /* 'r' */, 0x07, 0x00 /* (to 0x03F2 state 579) */, + 0x65 /* 'e' */, 0x87, 0x00 /* (to 0x0475 state 680) */, + 0x08, /* fail */ +/* pos 03f2: 579 */ 0xE1 /* 'a' -> */, +/* pos 03f3: 580 */ 0xEE /* 'n' -> */, +/* pos 03f4: 581 */ 0xF3 /* 's' -> */, +/* pos 03f5: 582 */ 0xE6 /* 'f' -> */, +/* pos 03f6: 583 */ 0xE5 /* 'e' -> */, +/* pos 03f7: 584 */ 0xF2 /* 'r' -> */, +/* pos 03f8: 585 */ 0xAD /* '-' -> */, +/* pos 03f9: 586 */ 0xE5 /* 'e' -> */, +/* pos 03fa: 587 */ 0xEE /* 'n' -> */, +/* pos 03fb: 588 */ 0xE3 /* 'c' -> */, +/* pos 03fc: 589 */ 0xEF /* 'o' -> */, +/* pos 03fd: 590 */ 0xE4 /* 'd' -> */, +/* pos 03fe: 591 */ 0xE9 /* 'i' -> */, +/* pos 03ff: 592 */ 0xEE /* 'n' -> */, +/* pos 0400: 593 */ 0xE7 /* 'g' -> */, +/* pos 0401: 594 */ 0xBA /* ':' -> */, +/* pos 0402: 595 */ 0x00, 0x44 /* - terminal marker 68 - */, +/* pos 0404: 596 */ 0xE5 /* 'e' -> */, +/* pos 0405: 597 */ 0xF2 /* 'r' -> */, +/* pos 0406: 598 */ 0xAD /* '-' -> */, +/* pos 0407: 599 */ 0xE1 /* 'a' -> */, +/* pos 0408: 600 */ 0xE7 /* 'g' -> */, +/* pos 0409: 601 */ 0xE5 /* 'e' -> */, +/* pos 040a: 602 */ 0xEE /* 'n' -> */, +/* pos 040b: 603 */ 0xF4 /* 't' -> */, +/* pos 040c: 604 */ 0xBA /* ':' -> */, +/* pos 040d: 605 */ 0x00, 0x45 /* - terminal marker 69 - */, +/* pos 040f: 606 */ 0x61 /* 'a' */, 0x07, 0x00 /* (to 0x0416 state 607) */, + 0x69 /* 'i' */, 0x09, 0x00 /* (to 0x041B state 611) */, + 0x08, /* fail */ +/* pos 0416: 607 */ 0xF2 /* 'r' -> */, +/* pos 0417: 608 */ 0xF9 /* 'y' -> */, +/* pos 0418: 609 */ 0xBA /* ':' -> */, +/* pos 0419: 610 */ 0x00, 0x46 /* - terminal marker 70 - */, +/* pos 041b: 611 */ 0xE1 /* 'a' -> */, +/* pos 041c: 612 */ 0xBA /* ':' -> */, +/* pos 041d: 613 */ 0x00, 0x47 /* - terminal marker 71 - */, +/* pos 041f: 614 */ 0xF7 /* 'w' -> */, +/* pos 0420: 615 */ 0xF7 /* 'w' -> */, +/* pos 0421: 616 */ 0xAD /* '-' -> */, +/* pos 0422: 617 */ 0xE1 /* 'a' -> */, +/* pos 0423: 618 */ 0xF5 /* 'u' -> */, +/* pos 0424: 619 */ 0xF4 /* 't' -> */, +/* pos 0425: 620 */ 0xE8 /* 'h' -> */, +/* pos 0426: 621 */ 0xE5 /* 'e' -> */, +/* pos 0427: 622 */ 0xEE /* 'n' -> */, +/* pos 0428: 623 */ 0xF4 /* 't' -> */, +/* pos 0429: 624 */ 0xE9 /* 'i' -> */, +/* pos 042a: 625 */ 0xE3 /* 'c' -> */, +/* pos 042b: 626 */ 0xE1 /* 'a' -> */, +/* pos 042c: 627 */ 0xF4 /* 't' -> */, +/* pos 042d: 628 */ 0xE5 /* 'e' -> */, +/* pos 042e: 629 */ 0xBA /* ':' -> */, +/* pos 042f: 630 */ 0x00, 0x48 /* - terminal marker 72 - */, +/* pos 0431: 631 */ 0xF4 /* 't' -> */, +/* pos 0432: 632 */ 0xE3 /* 'c' -> */, +/* pos 0433: 633 */ 0xE8 /* 'h' -> */, +/* pos 0434: 634 */ 0x00, 0x49 /* - terminal marker 73 - */, +/* pos 0436: 635 */ 0xF4 /* 't' -> */, +/* pos 0437: 636 */ 0x00, 0x4A /* - terminal marker 74 - */, +/* pos 0439: 637 */ 0xEC /* 'l' -> */, +/* pos 043a: 638 */ 0xE5 /* 'e' -> */, +/* pos 043b: 639 */ 0xF4 /* 't' -> */, +/* pos 043c: 640 */ 0xE5 /* 'e' -> */, +/* pos 043d: 641 */ 0x00, 0x4B /* - terminal marker 75 - */, +/* pos 043f: 642 */ 0xE9 /* 'i' -> */, +/* pos 0440: 643 */ 0xAD /* '-' -> */, +/* pos 0441: 644 */ 0xE1 /* 'a' -> */, +/* pos 0442: 645 */ 0xF2 /* 'r' -> */, +/* pos 0443: 646 */ 0xE7 /* 'g' -> */, +/* pos 0444: 647 */ 0xF3 /* 's' -> */, +/* pos 0445: 648 */ 0x00, 0x4C /* - terminal marker 76 - */, +/* pos 0447: 649 */ 0x00, 0x4D /* - terminal marker 77 - */, +/* pos 0449: 650 */ 0xAD /* '-' -> */, +/* pos 044a: 651 */ 0x72 /* 'r' */, 0x0A, 0x00 /* (to 0x0454 state 652) */, + 0x66 /* 'f' */, 0x13, 0x00 /* (to 0x0460 state 662) */, + 0x61 /* 'a' */, 0x3C, 0x00 /* (to 0x048C state 700) */, + 0x08, /* fail */ +/* pos 0454: 652 */ 0xE5 /* 'e' -> */, +/* pos 0455: 653 */ 0xE1 /* 'a' -> */, +/* pos 0456: 654 */ 0xEC /* 'l' -> */, +/* pos 0457: 655 */ 0xAD /* '-' -> */, +/* pos 0458: 656 */ 0xE9 /* 'i' -> */, +/* pos 0459: 657 */ 0xF0 /* 'p' -> */, +/* pos 045a: 658 */ 0xBA /* ':' -> */, +/* pos 045b: 659 */ 0x00, 0x4E /* - terminal marker 78 - */, +/* pos 045d: 660 */ 0xA0 /* ' ' -> */, +/* pos 045e: 661 */ 0x00, 0x4F /* - terminal marker 79 - */, +/* pos 0460: 662 */ 0xEF /* 'o' -> */, +/* pos 0461: 663 */ 0xF2 /* 'r' -> */, +/* pos 0462: 664 */ 0xF7 /* 'w' -> */, +/* pos 0463: 665 */ 0xE1 /* 'a' -> */, +/* pos 0464: 666 */ 0xF2 /* 'r' -> */, +/* pos 0465: 667 */ 0xE4 /* 'd' -> */, +/* pos 0466: 668 */ 0xE5 /* 'e' -> */, +/* pos 0467: 669 */ 0xE4 /* 'd' -> */, +/* pos 0468: 670 */ 0xAD /* '-' -> */, +/* pos 0469: 671 */ 0xE6 /* 'f' -> */, +/* pos 046a: 672 */ 0xEF /* 'o' -> */, +/* pos 046b: 673 */ 0xF2 /* 'r' -> */, +/* pos 046c: 674 */ 0x00, 0x50 /* - terminal marker 80 - */, +/* pos 046e: 675 */ 0x00, 0x51 /* - terminal marker 81 - */, +/* pos 0470: 676 */ 0xE1 /* 'a' -> */, +/* pos 0471: 677 */ 0xE4 /* 'd' -> */, +/* pos 0472: 678 */ 0xA0 /* ' ' -> */, +/* pos 0473: 679 */ 0x00, 0x52 /* - terminal marker 82 - */, +/* pos 0475: 680 */ 0xBA /* ':' -> */, +/* pos 0476: 681 */ 0x00, 0x53 /* - terminal marker 83 - */, +/* pos 0478: 682 */ 0xEC /* 'l' -> */, +/* pos 0479: 683 */ 0xE1 /* 'a' -> */, +/* pos 047a: 684 */ 0xF9 /* 'y' -> */, +/* pos 047b: 685 */ 0xAD /* '-' -> */, +/* pos 047c: 686 */ 0xEE /* 'n' -> */, +/* pos 047d: 687 */ 0xEF /* 'o' -> */, +/* pos 047e: 688 */ 0xEE /* 'n' -> */, +/* pos 047f: 689 */ 0xE3 /* 'c' -> */, +/* pos 0480: 690 */ 0xE5 /* 'e' -> */, +/* pos 0481: 691 */ 0xBA /* ':' -> */, +/* pos 0482: 692 */ 0x00, 0x54 /* - terminal marker 84 - */, +/* pos 0484: 693 */ 0xEF /* 'o' -> */, +/* pos 0485: 694 */ 0xF4 /* 't' -> */, +/* pos 0486: 695 */ 0xEF /* 'o' -> */, +/* pos 0487: 696 */ 0xE3 /* 'c' -> */, +/* pos 0488: 697 */ 0xEF /* 'o' -> */, +/* pos 0489: 698 */ 0xEC /* 'l' -> */, +/* pos 048a: 699 */ 0x00, 0x55 /* - terminal marker 85 - */, +/* pos 048c: 700 */ 0xF5 /* 'u' -> */, +/* pos 048d: 701 */ 0xF4 /* 't' -> */, +/* pos 048e: 702 */ 0xE8 /* 'h' -> */, +/* pos 048f: 703 */ 0xAD /* '-' -> */, +/* pos 0490: 704 */ 0xF4 /* 't' -> */, +/* pos 0491: 705 */ 0xEF /* 'o' -> */, +/* pos 0492: 706 */ 0xEB /* 'k' -> */, +/* pos 0493: 707 */ 0xE5 /* 'e' -> */, +/* pos 0494: 708 */ 0xEE /* 'n' -> */, +/* pos 0495: 709 */ 0xBA /* ':' -> */, +/* pos 0496: 710 */ 0x00, 0x56 /* - terminal marker 86 - */, +/* total size 1176 bytes */ diff --git a/thirdparty/libwebsockets/roles/http/private.h b/thirdparty/libwebsockets/roles/http/private.h new file mode 100644 index 0000000000..5699914742 --- /dev/null +++ b/thirdparty/libwebsockets/roles/http/private.h @@ -0,0 +1,258 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * This is included from core/private.h if either H1 or H2 roles are + * enabled + */ + +#if defined(LWS_WITH_HTTP_PROXY) + #include + #include + #endif + +#define lwsi_role_http(wsi) (lwsi_role_h1(wsi) || lwsi_role_h2(wsi)) + +enum http_version { + HTTP_VERSION_1_0, + HTTP_VERSION_1_1, + HTTP_VERSION_2 +}; + +enum http_connection_type { + HTTP_CONNECTION_CLOSE, + HTTP_CONNECTION_KEEP_ALIVE +}; + +/* + * This is totally opaque to code using the library. It's exported as a + * forward-reference pointer-only declaration; the user can use the pointer with + * other APIs to get information out of it. + */ + +#if defined(LWS_WITH_ESP32) +typedef uint16_t ah_data_idx_t; +#else +typedef uint32_t ah_data_idx_t; +#endif + +struct lws_fragments { + ah_data_idx_t offset; + uint16_t len; + uint8_t nfrag; /* which ah->frag[] continues this content, or 0 */ + uint8_t flags; /* only http2 cares */ +}; + +#if defined(LWS_WITH_RANGES) +enum range_states { + LWSRS_NO_ACTIVE_RANGE, + LWSRS_BYTES_EQ, + LWSRS_FIRST, + LWSRS_STARTING, + LWSRS_ENDING, + LWSRS_COMPLETED, + LWSRS_SYNTAX, +}; + +struct lws_range_parsing { + unsigned long long start, end, extent, agg, budget; + const char buf[128]; + int pos; + enum range_states state; + char start_valid, end_valid, ctr, count_ranges, did_try, inside, send_ctr; +}; + +int +lws_ranges_init(struct lws *wsi, struct lws_range_parsing *rp, + unsigned long long extent); +int +lws_ranges_next(struct lws_range_parsing *rp); +void +lws_ranges_reset(struct lws_range_parsing *rp); +#endif + +/* + * these are assigned from a pool held in the context. + * Both client and server mode uses them for http header analysis + */ + +struct allocated_headers { + struct allocated_headers *next; /* linked list */ + struct lws *wsi; /* owner */ + char *data; /* prepared by context init to point to dedicated storage */ + ah_data_idx_t data_length; + /* + * the randomly ordered fragments, indexed by frag_index and + * lws_fragments->nfrag for continuation. + */ + struct lws_fragments frags[WSI_TOKEN_COUNT]; + time_t assigned; + /* + * for each recognized token, frag_index says which frag[] his data + * starts in (0 means the token did not appear) + * the actual header data gets dumped as it comes in, into data[] + */ + uint8_t frag_index[WSI_TOKEN_COUNT]; + +#ifndef LWS_NO_CLIENT + char initial_handshake_hash_base64[30]; +#endif + + uint32_t pos; + uint32_t http_response; + uint32_t current_token_limit; + int hdr_token_idx; + + int16_t lextable_pos; + + uint8_t in_use; + uint8_t nfrag; + char /*enum uri_path_states */ ups; + char /*enum uri_esc_states */ ues; + + char esc_stash; + char post_literal_equal; + uint8_t /* enum lws_token_indexes */ parser_state; +}; + + + +#if defined(LWS_WITH_HTTP_PROXY) +struct lws_rewrite { + hubbub_parser *parser; + hubbub_parser_optparams params; + const char *from, *to; + int from_len, to_len; + unsigned char *p, *end; + struct lws *wsi; +}; +static LWS_INLINE int hstrcmp(hubbub_string *s, const char *p, int len) +{ + if ((int)s->len != len) + return 1; + + return strncmp((const char *)s->ptr, p, len); +} +typedef hubbub_error (*hubbub_callback_t)(const hubbub_token *token, void *pw); +LWS_EXTERN struct lws_rewrite * +lws_rewrite_create(struct lws *wsi, hubbub_callback_t cb, const char *from, const char *to); +LWS_EXTERN void +lws_rewrite_destroy(struct lws_rewrite *r); +LWS_EXTERN int +lws_rewrite_parse(struct lws_rewrite *r, const unsigned char *in, int in_len); +#endif + +struct lws_pt_role_http { + struct allocated_headers *ah_list; + struct lws *ah_wait_list; +#ifdef LWS_WITH_CGI + struct lws_cgi *cgi_list; +#endif + int ah_wait_list_length; + uint32_t ah_pool_length; + + int ah_count_in_use; +}; + +struct lws_peer_role_http { + uint32_t count_ah; + uint32_t total_ah; +}; + +struct lws_vhost_role_http { + char http_proxy_address[128]; + const struct lws_http_mount *mount_list; + const char *error_document_404; + unsigned int http_proxy_port; +}; + +#ifdef LWS_WITH_ACCESS_LOG +struct lws_access_log { + char *header_log; + char *user_agent; + char *referrer; + unsigned long sent; + int response; +}; +#endif + +struct _lws_http_mode_related { + struct lws *new_wsi_list; + +#if defined(LWS_WITH_HTTP_PROXY) + struct lws_rewrite *rw; +#endif + struct allocated_headers *ah; + struct lws *ah_wait_list; + + lws_filepos_t filepos; + lws_filepos_t filelen; + lws_fop_fd_t fop_fd; + +#if defined(LWS_WITH_RANGES) + struct lws_range_parsing range; + char multipart_content_type[64]; +#endif + +#ifdef LWS_WITH_ACCESS_LOG + struct lws_access_log access_log; +#endif +#ifdef LWS_WITH_CGI + struct lws_cgi *cgi; /* wsi being cgi master have one of these */ +#endif + + enum http_version request_version; + enum http_connection_type connection_type; + lws_filepos_t tx_content_length; + lws_filepos_t tx_content_remain; + lws_filepos_t rx_content_length; + lws_filepos_t rx_content_remain; + +#if defined(LWS_WITH_HTTP_PROXY) + unsigned int perform_rewrite:1; +#endif + unsigned int deferred_transaction_completed:1; +}; + + +#ifndef LWS_NO_CLIENT +enum lws_chunk_parser { + ELCP_HEX, + ELCP_CR, + ELCP_CONTENT, + ELCP_POST_CR, + ELCP_POST_LF, +}; +#endif + +enum lws_parse_urldecode_results { + LPUR_CONTINUE, + LPUR_SWALLOW, + LPUR_FORBID, + LPUR_EXCESSIVE, +}; + +int +lws_read_h1(struct lws *wsi, unsigned char *buf, lws_filepos_t len); + +void +_lws_header_table_reset(struct allocated_headers *ah); + +LWS_EXTERN int +_lws_destroy_ah(struct lws_context_per_thread *pt, struct allocated_headers *ah); diff --git a/thirdparty/libwebsockets/roles/http/server/access-log.c b/thirdparty/libwebsockets/roles/http/server/access-log.c new file mode 100644 index 0000000000..0e75309d7a --- /dev/null +++ b/thirdparty/libwebsockets/roles/http/server/access-log.c @@ -0,0 +1,182 @@ +/* + * libwebsockets - server access log handling + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +/* + * Produce Apache-compatible log string for wsi, like this: + * + * 2.31.234.19 - - [27/Mar/2016:03:22:44 +0800] + * "GET /aep-screen.png HTTP/1.1" + * 200 152987 "https://libwebsockets.org/index.html" + * "Mozilla/5.0 (Macint... Chrome/49.0.2623.87 Safari/537.36" + * + */ + +extern const char * const method_names[]; + +static const char * const hver[] = { + "HTTP/1.0", "HTTP/1.1", "HTTP/2" +}; + +void +lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int meth) +{ +#ifdef LWS_WITH_IPV6 + char ads[INET6_ADDRSTRLEN]; +#else + char ads[INET_ADDRSTRLEN]; +#endif + char da[64]; + const char *pa, *me; + struct tm *tmp; + time_t t = time(NULL); + int l = 256, m; + + if (!wsi->vhost) + return; + + /* only worry about preparing it if we store it */ + if (wsi->vhost->log_fd == (int)LWS_INVALID_FILE) + return; + + if (wsi->access_log_pending) + lws_access_log(wsi); + + wsi->http.access_log.header_log = lws_malloc(l, "access log"); + if (wsi->http.access_log.header_log) { + + tmp = localtime(&t); + if (tmp) + strftime(da, sizeof(da), "%d/%b/%Y:%H:%M:%S %z", tmp); + else + strcpy(da, "01/Jan/1970:00:00:00 +0000"); + + pa = lws_get_peer_simple(wsi, ads, sizeof(ads)); + if (!pa) + pa = "(unknown)"; + + if (wsi->http2_substream) + me = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_METHOD); + else + me = method_names[meth]; + if (!me) + me = "(null)"; + + lws_snprintf(wsi->http.access_log.header_log, l, + "%s - - [%s] \"%s %s %s\"", + pa, da, me, uri_ptr, + hver[wsi->http.request_version]); + + l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_USER_AGENT); + if (l) { + wsi->http.access_log.user_agent = lws_malloc(l + 2, "access log"); + if (!wsi->http.access_log.user_agent) { + lwsl_err("OOM getting user agent\n"); + lws_free_set_NULL(wsi->http.access_log.header_log); + return; + } + + lws_hdr_copy(wsi, wsi->http.access_log.user_agent, + l + 1, WSI_TOKEN_HTTP_USER_AGENT); + + for (m = 0; m < l; m++) + if (wsi->http.access_log.user_agent[m] == '\"') + wsi->http.access_log.user_agent[m] = '\''; + } + l = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_REFERER); + if (l) { + wsi->http.access_log.referrer = lws_malloc(l + 2, "referrer"); + if (!wsi->http.access_log.referrer) { + lwsl_err("OOM getting user agent\n"); + lws_free_set_NULL(wsi->http.access_log.user_agent); + lws_free_set_NULL(wsi->http.access_log.header_log); + return; + } + lws_hdr_copy(wsi, wsi->http.access_log.referrer, + l + 1, WSI_TOKEN_HTTP_REFERER); + + for (m = 0; m < l; m++) + if (wsi->http.access_log.referrer[m] == '\"') + wsi->http.access_log.referrer[m] = '\''; + } + wsi->access_log_pending = 1; + } +} + + +int +lws_access_log(struct lws *wsi) +{ + char *p = wsi->http.access_log.user_agent, ass[512], + *p1 = wsi->http.access_log.referrer; + int l; + + if (!wsi->vhost) + return 0; + + if (wsi->vhost->log_fd == (int)LWS_INVALID_FILE) + return 0; + + if (!wsi->access_log_pending) + return 0; + + if (!wsi->http.access_log.header_log) + return 0; + + if (!p) + p = ""; + + if (!p1) + p1 = ""; + + /* + * We do this in two parts to restrict an oversize referrer such that + * we will always have space left to append an empty useragent, while + * maintaining the structure of the log text + */ + l = lws_snprintf(ass, sizeof(ass) - 7, "%s %d %lu \"%s", + wsi->http.access_log.header_log, + wsi->http.access_log.response, wsi->http.access_log.sent, p1); + if (strlen(p) > sizeof(ass) - 6 - l) + p[sizeof(ass) - 6 - l] = '\0'; + l += lws_snprintf(ass + l, sizeof(ass) - 1 - l, "\" \"%s\"\n", p); + + if (write(wsi->vhost->log_fd, ass, l) != l) + lwsl_err("Failed to write log\n"); + + if (wsi->http.access_log.header_log) { + lws_free(wsi->http.access_log.header_log); + wsi->http.access_log.header_log = NULL; + } + if (wsi->http.access_log.user_agent) { + lws_free(wsi->http.access_log.user_agent); + wsi->http.access_log.user_agent = NULL; + } + if (wsi->http.access_log.referrer) { + lws_free(wsi->http.access_log.referrer); + wsi->http.access_log.referrer = NULL; + } + wsi->access_log_pending = 0; + + return 0; +} + diff --git a/thirdparty/libwebsockets/roles/http/server/fops-zip.c b/thirdparty/libwebsockets/roles/http/server/fops-zip.c new file mode 100644 index 0000000000..4db83ce621 --- /dev/null +++ b/thirdparty/libwebsockets/roles/http/server/fops-zip.c @@ -0,0 +1,668 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Original code used in this source file: + * + * https://github.com/PerBothner/DomTerm.git @912add15f3d0aec + * + * ./lws-term/io.c + * ./lws-term/junzip.c + * + * Copyright (C) 2017 Per Bothner + * + * MIT License + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * ( copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + * + * + * lws rewrite: + * + * Copyright (C) 2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +#include + +/* + * This code works with zip format containers which may have files compressed + * with gzip deflate (type 8) or store uncompressed (type 0). + * + * Linux zip produces such zipfiles by default, eg + * + * $ zip ../myzip.zip file1 file2 file3 + */ + +#define ZIP_COMPRESSION_METHOD_STORE 0 +#define ZIP_COMPRESSION_METHOD_DEFLATE 8 + +typedef struct { + lws_filepos_t filename_start; + uint32_t crc32; + uint32_t comp_size; + uint32_t uncomp_size; + uint32_t offset; + uint32_t mod_time; + uint16_t filename_len; + uint16_t extra; + uint16_t method; + uint16_t file_com_len; +} lws_fops_zip_hdr_t; + +typedef struct { + struct lws_fop_fd fop_fd; /* MUST BE FIRST logical fop_fd into + * file inside zip: fops_zip fops */ + lws_fop_fd_t zip_fop_fd; /* logical fop fd on to zip file + * itself: using platform fops */ + lws_fops_zip_hdr_t hdr; + z_stream inflate; + lws_filepos_t content_start; + lws_filepos_t exp_uncomp_pos; + union { + uint8_t trailer8[8]; + uint32_t trailer32[2]; + } u; + uint8_t rbuf[128]; /* decompression chunk size */ + int entry_count; + + unsigned int decompress:1; /* 0 = direct from file */ + unsigned int add_gzip_container:1; +} *lws_fops_zip_t; + +struct lws_plat_file_ops fops_zip; +#define fop_fd_to_priv(FD) ((lws_fops_zip_t)(FD)) + +static const uint8_t hd[] = { 31, 139, 8, 0, 0, 0, 0, 0, 0, 3 }; + +enum { + ZC_SIGNATURE = 0, + ZC_VERSION_MADE_BY = 4, + ZC_VERSION_NEEDED_TO_EXTRACT = 6, + ZC_GENERAL_PURPOSE_BIT_FLAG = 8, + ZC_COMPRESSION_METHOD = 10, + ZC_LAST_MOD_FILE_TIME = 12, + ZC_LAST_MOD_FILE_DATE = 14, + ZC_CRC32 = 16, + ZC_COMPRESSED_SIZE = 20, + ZC_UNCOMPRESSED_SIZE = 24, + ZC_FILE_NAME_LENGTH = 28, + ZC_EXTRA_FIELD_LENGTH = 30, + + ZC_FILE_COMMENT_LENGTH = 32, + ZC_DISK_NUMBER_START = 34, + ZC_INTERNAL_FILE_ATTRIBUTES = 36, + ZC_EXTERNAL_FILE_ATTRIBUTES = 38, + ZC_REL_OFFSET_LOCAL_HEADER = 42, + ZC_DIRECTORY_LENGTH = 46, + + ZE_SIGNATURE_OFFSET = 0, + ZE_DESK_NUMBER = 4, + ZE_CENTRAL_DIRECTORY_DISK_NUMBER = 6, + ZE_NUM_ENTRIES_THIS_DISK = 8, + ZE_NUM_ENTRIES = 10, + ZE_CENTRAL_DIRECTORY_SIZE = 12, + ZE_CENTRAL_DIR_OFFSET = 16, + ZE_ZIP_COMMENT_LENGTH = 20, + ZE_DIRECTORY_LENGTH = 22, + + ZL_REL_OFFSET_CONTENT = 28, + ZL_HEADER_LENGTH = 30, + + LWS_FZ_ERR_SEEK_END_RECORD = 1, + LWS_FZ_ERR_READ_END_RECORD, + LWS_FZ_ERR_END_RECORD_MAGIC, + LWS_FZ_ERR_END_RECORD_SANITY, + LWS_FZ_ERR_CENTRAL_SEEK, + LWS_FZ_ERR_CENTRAL_READ, + LWS_FZ_ERR_CENTRAL_SANITY, + LWS_FZ_ERR_NAME_TOO_LONG, + LWS_FZ_ERR_NAME_SEEK, + LWS_FZ_ERR_NAME_READ, + LWS_FZ_ERR_CONTENT_SANITY, + LWS_FZ_ERR_CONTENT_SEEK, + LWS_FZ_ERR_SCAN_SEEK, + LWS_FZ_ERR_NOT_FOUND, + LWS_FZ_ERR_ZLIB_INIT, + LWS_FZ_ERR_READ_CONTENT, + LWS_FZ_ERR_SEEK_COMPRESSED, +}; + +static uint16_t +get_u16(void *p) +{ + const uint8_t *c = (const uint8_t *)p; + + return (uint16_t)((c[0] | (c[1] << 8))); +} + +static uint32_t +get_u32(void *p) +{ + const uint8_t *c = (const uint8_t *)p; + + return (uint32_t)((c[0] | (c[1] << 8) | (c[2] << 16) | (c[3] << 24))); +} + +int +lws_fops_zip_scan(lws_fops_zip_t priv, const char *name, int len) +{ + lws_filepos_t amount; + uint8_t buf[96]; + int i; + + if (lws_vfs_file_seek_end(priv->zip_fop_fd, -ZE_DIRECTORY_LENGTH) < 0) + return LWS_FZ_ERR_SEEK_END_RECORD; + + if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf, + ZE_DIRECTORY_LENGTH)) + return LWS_FZ_ERR_READ_END_RECORD; + + if (amount != ZE_DIRECTORY_LENGTH) + return LWS_FZ_ERR_READ_END_RECORD; + + /* + * We require the zip to have the last record right at the end + * Linux zip always does this if no zip comment. + */ + if (buf[0] != 'P' || buf[1] != 'K' || buf[2] != 5 || buf[3] != 6) + return LWS_FZ_ERR_END_RECORD_MAGIC; + + i = get_u16(buf + ZE_NUM_ENTRIES); + + if (get_u16(buf + ZE_DESK_NUMBER) || + get_u16(buf + ZE_CENTRAL_DIRECTORY_DISK_NUMBER) || + i != get_u16(buf + ZE_NUM_ENTRIES_THIS_DISK)) + return LWS_FZ_ERR_END_RECORD_SANITY; + + /* end record is OK... look for our file in the central dir */ + + if (lws_vfs_file_seek_set(priv->zip_fop_fd, + get_u32(buf + ZE_CENTRAL_DIR_OFFSET)) < 0) + return LWS_FZ_ERR_CENTRAL_SEEK; + + while (i--) { + priv->content_start = lws_vfs_tell(priv->zip_fop_fd); + + if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf, + ZC_DIRECTORY_LENGTH)) + return LWS_FZ_ERR_CENTRAL_READ; + + if (amount != ZC_DIRECTORY_LENGTH) + return LWS_FZ_ERR_CENTRAL_READ; + + if (get_u32(buf + ZC_SIGNATURE) != 0x02014B50) + return LWS_FZ_ERR_CENTRAL_SANITY; + + lwsl_debug("cstart 0x%lx\n", (unsigned long)priv->content_start); + + priv->hdr.filename_len = get_u16(buf + ZC_FILE_NAME_LENGTH); + priv->hdr.extra = get_u16(buf + ZC_EXTRA_FIELD_LENGTH); + priv->hdr.filename_start = lws_vfs_tell(priv->zip_fop_fd); + + priv->hdr.method = get_u16(buf + ZC_COMPRESSION_METHOD); + priv->hdr.crc32 = get_u32(buf + ZC_CRC32); + priv->hdr.comp_size = get_u32(buf + ZC_COMPRESSED_SIZE); + priv->hdr.uncomp_size = get_u32(buf + ZC_UNCOMPRESSED_SIZE); + priv->hdr.offset = get_u32(buf + ZC_REL_OFFSET_LOCAL_HEADER); + priv->hdr.mod_time = get_u32(buf + ZC_LAST_MOD_FILE_TIME); + priv->hdr.file_com_len = get_u16(buf + ZC_FILE_COMMENT_LENGTH); + + if (priv->hdr.filename_len != len) + goto next; + + if (len >= (int)sizeof(buf) - 1) + return LWS_FZ_ERR_NAME_TOO_LONG; + + if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, + &amount, buf, len)) + return LWS_FZ_ERR_NAME_READ; + if ((int)amount != len) + return LWS_FZ_ERR_NAME_READ; + + buf[len] = '\0'; + lwsl_debug("check %s vs %s\n", buf, name); + + if (strcmp((const char *)buf, name)) + goto next; + + /* we found a match */ + if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->hdr.offset) < 0) + return LWS_FZ_ERR_NAME_SEEK; + if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, + &amount, buf, + ZL_HEADER_LENGTH)) + return LWS_FZ_ERR_NAME_READ; + if (amount != ZL_HEADER_LENGTH) + return LWS_FZ_ERR_NAME_READ; + + priv->content_start = priv->hdr.offset + + ZL_HEADER_LENGTH + + priv->hdr.filename_len + + get_u16(buf + ZL_REL_OFFSET_CONTENT); + + lwsl_debug("content supposed to start at 0x%lx\n", + (unsigned long)priv->content_start); + + if (priv->content_start > priv->zip_fop_fd->len) + return LWS_FZ_ERR_CONTENT_SANITY; + + if (lws_vfs_file_seek_set(priv->zip_fop_fd, + priv->content_start) < 0) + return LWS_FZ_ERR_CONTENT_SEEK; + + /* we are aligned at the start of the content */ + + priv->exp_uncomp_pos = 0; + + return 0; + +next: + if (i && lws_vfs_file_seek_set(priv->zip_fop_fd, + priv->content_start + + ZC_DIRECTORY_LENGTH + + priv->hdr.filename_len + + priv->hdr.extra + + priv->hdr.file_com_len) < 0) + return LWS_FZ_ERR_SCAN_SEEK; + } + + return LWS_FZ_ERR_NOT_FOUND; +} + +static int +lws_fops_zip_reset_inflate(lws_fops_zip_t priv) +{ + if (priv->decompress) + inflateEnd(&priv->inflate); + + priv->inflate.zalloc = Z_NULL; + priv->inflate.zfree = Z_NULL; + priv->inflate.opaque = Z_NULL; + priv->inflate.avail_in = 0; + priv->inflate.next_in = Z_NULL; + + if (inflateInit2(&priv->inflate, -MAX_WBITS) != Z_OK) { + lwsl_err("inflate init failed\n"); + return LWS_FZ_ERR_ZLIB_INIT; + } + + if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->content_start) < 0) + return LWS_FZ_ERR_CONTENT_SEEK; + + priv->exp_uncomp_pos = 0; + + return 0; +} + +static lws_fop_fd_t +lws_fops_zip_open(const struct lws_plat_file_ops *fops, const char *vfs_path, + const char *vpath, lws_fop_flags_t *flags) +{ + lws_fop_flags_t local_flags = 0; + lws_fops_zip_t priv; + char rp[192]; + int m; + + /* + * vpath points at the / after the fops signature in vfs_path, eg + * with a vfs_path "/var/www/docs/manual.zip/index.html", vpath + * will come pointing at "/index.html" + */ + + priv = lws_zalloc(sizeof(*priv), "fops_zip priv"); + if (!priv) + return NULL; + + priv->fop_fd.fops = &fops_zip; + + m = sizeof(rp) - 1; + if ((vpath - vfs_path - 1) < m) + m = lws_ptr_diff(vpath, vfs_path) - 1; + lws_strncpy(rp, vfs_path, m + 1); + + /* open the zip file itself using the incoming fops, not fops_zip */ + + priv->zip_fop_fd = fops->LWS_FOP_OPEN(fops, rp, NULL, &local_flags); + if (!priv->zip_fop_fd) { + lwsl_err("unable to open zip %s\n", rp); + goto bail1; + } + + if (*vpath == '/') + vpath++; + + m = lws_fops_zip_scan(priv, vpath, (int)strlen(vpath)); + if (m) { + lwsl_err("unable to find record matching '%s' %d\n", vpath, m); + goto bail2; + } + + /* the directory metadata tells us modification time, so pass it on */ + priv->fop_fd.mod_time = priv->hdr.mod_time; + *flags |= LWS_FOP_FLAG_MOD_TIME_VALID | LWS_FOP_FLAG_VIRTUAL; + priv->fop_fd.flags = *flags; + + /* The zip fop_fd is left pointing at the start of the content. + * + * 1) Content could be uncompressed (STORE), and we can always serve + * that directly + * + * 2) Content could be compressed (GZIP), and the client can handle + * receiving GZIP... we can wrap it in a GZIP header and trailer + * and serve the content part directly. The flag indicating we + * are providing GZIP directly is set so lws will send the right + * headers. + * + * 3) Content could be compressed (GZIP) but the client can't handle + * receiving GZIP... we can decompress it and serve as it is + * inflated piecemeal. + * + * 4) Content may be compressed some unknown way... fail + * + */ + if (priv->hdr.method == ZIP_COMPRESSION_METHOD_STORE) { + /* + * it is stored uncompressed, leave it indicated as + * uncompressed, and just serve it from inside the + * zip with no gzip container; + */ + + lwsl_info("direct zip serving (stored)\n"); + + priv->fop_fd.len = priv->hdr.uncomp_size; + + return &priv->fop_fd; + } + + if ((*flags & LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP) && + priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) { + + /* + * We can serve the gzipped file contents directly as gzip + * from inside the zip container; client says it is OK. + * + * To convert to standalone gzip, we have to add a 10-byte + * constant header and a variable 8-byte trailer around the + * content. + * + * The 8-byte trailer is prepared now and held in the priv. + */ + + lwsl_info("direct zip serving (gzipped)\n"); + + priv->fop_fd.len = sizeof(hd) + priv->hdr.comp_size + + sizeof(priv->u); + + if (lws_is_be()) { + uint8_t *p = priv->u.trailer8; + + *p++ = (uint8_t)priv->hdr.crc32; + *p++ = (uint8_t)(priv->hdr.crc32 >> 8); + *p++ = (uint8_t)(priv->hdr.crc32 >> 16); + *p++ = (uint8_t)(priv->hdr.crc32 >> 24); + *p++ = (uint8_t)priv->hdr.uncomp_size; + *p++ = (uint8_t)(priv->hdr.uncomp_size >> 8); + *p++ = (uint8_t)(priv->hdr.uncomp_size >> 16); + *p = (uint8_t)(priv->hdr.uncomp_size >> 24); + } else { + priv->u.trailer32[0] = priv->hdr.crc32; + priv->u.trailer32[1] = priv->hdr.uncomp_size; + } + + *flags |= LWS_FOP_FLAG_COMPR_IS_GZIP; + priv->fop_fd.flags = *flags; + priv->add_gzip_container = 1; + + return &priv->fop_fd; + } + + if (priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) { + + /* we must decompress it to serve it */ + + lwsl_info("decompressed zip serving\n"); + + priv->fop_fd.len = priv->hdr.uncomp_size; + + if (lws_fops_zip_reset_inflate(priv)) { + lwsl_err("inflate init failed\n"); + goto bail2; + } + + priv->decompress = 1; + + return &priv->fop_fd; + } + + /* we can't handle it ... */ + + lwsl_err("zipped file %s compressed in unknown way (%d)\n", vfs_path, + priv->hdr.method); + +bail2: + lws_vfs_file_close(&priv->zip_fop_fd); +bail1: + free(priv); + + return NULL; +} + +/* ie, we are closing the fop_fd for the file inside the gzip */ + +static int +lws_fops_zip_close(lws_fop_fd_t *fd) +{ + lws_fops_zip_t priv = fop_fd_to_priv(*fd); + + if (priv->decompress) + inflateEnd(&priv->inflate); + + lws_vfs_file_close(&priv->zip_fop_fd); /* close the gzip fop_fd */ + + free(priv); + *fd = NULL; + + return 0; +} + +static lws_fileofs_t +lws_fops_zip_seek_cur(lws_fop_fd_t fd, lws_fileofs_t offset_from_cur_pos) +{ + fd->pos += offset_from_cur_pos; + + return fd->pos; +} + +static int +lws_fops_zip_read(lws_fop_fd_t fd, lws_filepos_t *amount, uint8_t *buf, + lws_filepos_t len) +{ + lws_fops_zip_t priv = fop_fd_to_priv(fd); + lws_filepos_t ramount, rlen, cur = lws_vfs_tell(fd); + int ret; + + if (priv->decompress) { + + if (priv->exp_uncomp_pos != fd->pos) { + /* + * there has been a seek in the uncompressed fop_fd + * we have to restart the decompression and loop eating + * the decompressed data up to the seek point + */ + lwsl_info("seek in decompressed\n"); + + lws_fops_zip_reset_inflate(priv); + + while (priv->exp_uncomp_pos != fd->pos) { + rlen = len; + if (rlen > fd->pos - priv->exp_uncomp_pos) + rlen = fd->pos - priv->exp_uncomp_pos; + if (lws_fops_zip_read(fd, amount, buf, rlen)) + return LWS_FZ_ERR_SEEK_COMPRESSED; + } + *amount = 0; + } + + priv->inflate.avail_out = (unsigned int)len; + priv->inflate.next_out = buf; + +spin: + if (!priv->inflate.avail_in) { + rlen = sizeof(priv->rbuf); + if (rlen > priv->hdr.comp_size - + (cur - priv->content_start)) + rlen = priv->hdr.comp_size - + (priv->hdr.comp_size - + priv->content_start); + + if (priv->zip_fop_fd->fops->LWS_FOP_READ( + priv->zip_fop_fd, &ramount, priv->rbuf, + rlen)) + return LWS_FZ_ERR_READ_CONTENT; + + cur += ramount; + + priv->inflate.avail_in = (unsigned int)ramount; + priv->inflate.next_in = priv->rbuf; + } + + ret = inflate(&priv->inflate, Z_NO_FLUSH); + if (ret == Z_STREAM_ERROR) + return ret; + + switch (ret) { + case Z_NEED_DICT: + ret = Z_DATA_ERROR; + /* fallthru */ + case Z_DATA_ERROR: + case Z_MEM_ERROR: + + return ret; + } + + if (!priv->inflate.avail_in && priv->inflate.avail_out && + cur != priv->content_start + priv->hdr.comp_size) + goto spin; + + *amount = len - priv->inflate.avail_out; + + priv->exp_uncomp_pos += *amount; + fd->pos += *amount; + + return 0; + } + + if (priv->add_gzip_container) { + + lwsl_info("%s: gzip + container\n", __func__); + *amount = 0; + + /* place the canned header at the start */ + + if (len && fd->pos < sizeof(hd)) { + rlen = sizeof(hd) - fd->pos; + if (rlen > len) + rlen = len; + /* provide stuff from canned header */ + memcpy(buf, hd + fd->pos, (size_t)rlen); + fd->pos += rlen; + buf += rlen; + len -= rlen; + *amount += rlen; + } + + /* serve gzipped data direct from zipfile */ + + if (len && fd->pos >= sizeof(hd) && + fd->pos < priv->hdr.comp_size + sizeof(hd)) { + + rlen = priv->hdr.comp_size - (priv->zip_fop_fd->pos - + priv->content_start); + if (rlen > len) + rlen = len; + + if (rlen && + priv->zip_fop_fd->pos < (priv->hdr.comp_size + + priv->content_start)) { + if (lws_vfs_file_read(priv->zip_fop_fd, + &ramount, buf, rlen)) + return LWS_FZ_ERR_READ_CONTENT; + *amount += ramount; + fd->pos += ramount; // virtual pos + buf += ramount; + len -= ramount; + } + } + + /* place the prepared trailer at the end */ + + if (len && fd->pos >= priv->hdr.comp_size + sizeof(hd) && + fd->pos < priv->hdr.comp_size + sizeof(hd) + + sizeof(priv->u)) { + cur = fd->pos - priv->hdr.comp_size - sizeof(hd); + rlen = sizeof(priv->u) - cur; + if (rlen > len) + rlen = len; + + memcpy(buf, priv->u.trailer8 + cur, (size_t)rlen); + + *amount += rlen; + fd->pos += rlen; + } + + return 0; + } + + lwsl_info("%s: store\n", __func__); + + if (len > priv->hdr.uncomp_size - (cur - priv->content_start)) + len = priv->hdr.comp_size - (priv->hdr.comp_size - + priv->content_start); + + if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd, + amount, buf, len)) + return LWS_FZ_ERR_READ_CONTENT; + + return 0; +} + +struct lws_plat_file_ops fops_zip = { + lws_fops_zip_open, + lws_fops_zip_close, + lws_fops_zip_seek_cur, + lws_fops_zip_read, + NULL, + { { ".zip/", 5 }, { ".jar/", 5 }, { ".war/", 5 } }, + NULL, +}; diff --git a/thirdparty/libwebsockets/roles/http/server/lejp-conf.c b/thirdparty/libwebsockets/roles/http/server/lejp-conf.c new file mode 100644 index 0000000000..fbf10c288e --- /dev/null +++ b/thirdparty/libwebsockets/roles/http/server/lejp-conf.c @@ -0,0 +1,993 @@ +/* + * libwebsockets web server application + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +#ifndef _WIN32 +/* this is needed for Travis CI */ +#include +#endif + +#define ESC_INSTALL_DATADIR "_lws_ddir_" + +static const char * const paths_global[] = { + "global.uid", + "global.gid", + "global.count-threads", + "global.init-ssl", + "global.server-string", + "global.plugin-dir", + "global.ws-pingpong-secs", + "global.timeout-secs", + "global.reject-service-keywords[].*", + "global.reject-service-keywords[]", + "global.default-alpn", +}; + +enum lejp_global_paths { + LEJPGP_UID, + LEJPGP_GID, + LEJPGP_COUNT_THREADS, + LWJPGP_INIT_SSL, + LEJPGP_SERVER_STRING, + LEJPGP_PLUGIN_DIR, + LWJPGP_PINGPONG_SECS, + LWJPGP_TIMEOUT_SECS, + LWJPGP_REJECT_SERVICE_KEYWORDS_NAME, + LWJPGP_REJECT_SERVICE_KEYWORDS, + LWJPGP_DEFAULT_ALPN, +}; + +static const char * const paths_vhosts[] = { + "vhosts[]", + "vhosts[].mounts[]", + "vhosts[].name", + "vhosts[].port", + "vhosts[].interface", + "vhosts[].unix-socket", + "vhosts[].sts", + "vhosts[].host-ssl-key", + "vhosts[].host-ssl-cert", + "vhosts[].host-ssl-ca", + "vhosts[].access-log", + "vhosts[].mounts[].mountpoint", + "vhosts[].mounts[].origin", + "vhosts[].mounts[].protocol", + "vhosts[].mounts[].default", + "vhosts[].mounts[].auth-mask", + "vhosts[].mounts[].cgi-timeout", + "vhosts[].mounts[].cgi-env[].*", + "vhosts[].mounts[].cache-max-age", + "vhosts[].mounts[].cache-reuse", + "vhosts[].mounts[].cache-revalidate", + "vhosts[].mounts[].basic-auth", + "vhosts[].mounts[].cache-intermediaries", + "vhosts[].mounts[].extra-mimetypes.*", + "vhosts[].mounts[].interpret.*", + "vhosts[].ws-protocols[].*.*", + "vhosts[].ws-protocols[].*", + "vhosts[].ws-protocols[]", + "vhosts[].keepalive_timeout", + "vhosts[].enable-client-ssl", + "vhosts[].ciphers", + "vhosts[].ecdh-curve", + "vhosts[].noipv6", + "vhosts[].ipv6only", + "vhosts[].ssl-option-set", + "vhosts[].ssl-option-clear", + "vhosts[].mounts[].pmo[].*", + "vhosts[].headers[].*", + "vhosts[].headers[]", + "vhosts[].client-ssl-key", + "vhosts[].client-ssl-cert", + "vhosts[].client-ssl-ca", + "vhosts[].client-ssl-ciphers", + "vhosts[].onlyraw", + "vhosts[].client-cert-required", + "vhosts[].ignore-missing-cert", + "vhosts[].error-document-404", + "vhosts[].alpn", +}; + +enum lejp_vhost_paths { + LEJPVP, + LEJPVP_MOUNTS, + LEJPVP_NAME, + LEJPVP_PORT, + LEJPVP_INTERFACE, + LEJPVP_UNIXSKT, + LEJPVP_STS, + LEJPVP_HOST_SSL_KEY, + LEJPVP_HOST_SSL_CERT, + LEJPVP_HOST_SSL_CA, + LEJPVP_ACCESS_LOG, + LEJPVP_MOUNTPOINT, + LEJPVP_ORIGIN, + LEJPVP_MOUNT_PROTOCOL, + LEJPVP_DEFAULT, + LEJPVP_DEFAULT_AUTH_MASK, + LEJPVP_CGI_TIMEOUT, + LEJPVP_CGI_ENV, + LEJPVP_MOUNT_CACHE_MAX_AGE, + LEJPVP_MOUNT_CACHE_REUSE, + LEJPVP_MOUNT_CACHE_REVALIDATE, + LEJPVP_MOUNT_BASIC_AUTH, + LEJPVP_MOUNT_CACHE_INTERMEDIARIES, + LEJPVP_MOUNT_EXTRA_MIMETYPES, + LEJPVP_MOUNT_INTERPRET, + LEJPVP_PROTOCOL_NAME_OPT, + LEJPVP_PROTOCOL_NAME, + LEJPVP_PROTOCOL, + LEJPVP_KEEPALIVE_TIMEOUT, + LEJPVP_ENABLE_CLIENT_SSL, + LEJPVP_CIPHERS, + LEJPVP_ECDH_CURVE, + LEJPVP_NOIPV6, + LEJPVP_IPV6ONLY, + LEJPVP_SSL_OPTION_SET, + LEJPVP_SSL_OPTION_CLEAR, + LEJPVP_PMO, + LEJPVP_HEADERS_NAME, + LEJPVP_HEADERS, + LEJPVP_CLIENT_SSL_KEY, + LEJPVP_CLIENT_SSL_CERT, + LEJPVP_CLIENT_SSL_CA, + LEJPVP_CLIENT_CIPHERS, + LEJPVP_FLAG_ONLYRAW, + LEJPVP_FLAG_CLIENT_CERT_REQUIRED, + LEJPVP_IGNORE_MISSING_CERT, + LEJPVP_ERROR_DOCUMENT_404, + LEJPVP_ALPN, +}; + +static const char * const parser_errs[] = { + "", + "", + "No opening '{'", + "Expected closing '}'", + "Expected '\"'", + "String underrun", + "Illegal unescaped control char", + "Illegal escape format", + "Illegal hex number", + "Expected ':'", + "Illegal value start", + "Digit required after decimal point", + "Bad number format", + "Bad exponent format", + "Unknown token", + "Too many ']'", + "Mismatched ']'", + "Expected ']'", + "JSON nesting limit exceeded", + "Nesting tracking used up", + "Number too long", + "Comma or block end expected", + "Unknown", + "Parser callback errored (see earlier error)", +}; + +#define MAX_PLUGIN_DIRS 10 + +struct jpargs { + struct lws_context_creation_info *info; + struct lws_context *context; + const struct lws_protocols *protocols; + const struct lws_extension *extensions; + char *p, *end, valid; + struct lws_http_mount *head, *last; + + struct lws_protocol_vhost_options *pvo; + struct lws_protocol_vhost_options *pvo_em; + struct lws_protocol_vhost_options *pvo_int; + struct lws_http_mount m; + const char **plugin_dirs; + int count_plugin_dirs; + + unsigned int enable_client_ssl:1; + unsigned int fresh_mount:1; + unsigned int any_vhosts:1; + unsigned int chunk:1; +}; + +static void * +lwsws_align(struct jpargs *a) +{ + if ((lws_intptr_t)(a->p) & 15) + a->p += 16 - ((lws_intptr_t)(a->p) & 15); + + a->chunk = 0; + + return a->p; +} + +static int +arg_to_bool(const char *s) +{ + static const char * const on[] = { "on", "yes", "true" }; + int n = atoi(s); + + if (n) + return 1; + + for (n = 0; n < (int)LWS_ARRAY_SIZE(on); n++) + if (!strcasecmp(s, on[n])) + return 1; + + return 0; +} + +static signed char +lejp_globals_cb(struct lejp_ctx *ctx, char reason) +{ + struct jpargs *a = (struct jpargs *)ctx->user; + struct lws_protocol_vhost_options *rej; + int n; + + /* we only match on the prepared path strings */ + if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match) + return 0; + + /* this catches, eg, vhosts[].headers[].xxx */ + if (reason == LEJPCB_VAL_STR_END && + ctx->path_match == LWJPGP_REJECT_SERVICE_KEYWORDS_NAME + 1) { + rej = lwsws_align(a); + a->p += sizeof(*rej); + + n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + rej->next = a->info->reject_service_keywords; + a->info->reject_service_keywords = rej; + rej->name = a->p; + lwsl_notice(" adding rej %s=%s\n", a->p, ctx->buf); + a->p += n - 1; + *(a->p++) = '\0'; + rej->value = a->p; + rej->options = NULL; + goto dostring; + } + + switch (ctx->path_match - 1) { + case LEJPGP_UID: + a->info->uid = atoi(ctx->buf); + return 0; + case LEJPGP_GID: + a->info->gid = atoi(ctx->buf); + return 0; + case LEJPGP_COUNT_THREADS: + a->info->count_threads = atoi(ctx->buf); + return 0; + case LWJPGP_INIT_SSL: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; + return 0; + case LEJPGP_SERVER_STRING: + a->info->server_string = a->p; + break; + case LEJPGP_PLUGIN_DIR: + if (a->count_plugin_dirs == MAX_PLUGIN_DIRS - 1) { + lwsl_err("Too many plugin dirs\n"); + return -1; + } + a->plugin_dirs[a->count_plugin_dirs++] = a->p; + break; + + case LWJPGP_PINGPONG_SECS: + a->info->ws_ping_pong_interval = atoi(ctx->buf); + return 0; + + case LWJPGP_TIMEOUT_SECS: + a->info->timeout_secs = atoi(ctx->buf); + return 0; + + case LWJPGP_DEFAULT_ALPN: + a->info->alpn = a->p; + break; + + default: + return 0; + } + +dostring: + a->p += lws_snprintf(a->p, a->end - a->p, "%s", ctx->buf); + *(a->p)++ = '\0'; + + return 0; +} + +static signed char +lejp_vhosts_cb(struct lejp_ctx *ctx, char reason) +{ + struct jpargs *a = (struct jpargs *)ctx->user; + struct lws_protocol_vhost_options *pvo, *mp_cgienv, *headers; + struct lws_http_mount *m; + char *p, *p1; + int n; + +#if 0 + lwsl_notice(" %d: %s (%d)\n", reason, ctx->path, ctx->path_match); + for (n = 0; n < ctx->wildcount; n++) + lwsl_notice(" %d\n", ctx->wild[n]); +#endif + + if (reason == LEJPCB_OBJECT_START && ctx->path_match == LEJPVP + 1) { + uint32_t i[4]; + const char *ss; + + /* set the defaults for this vhost */ + a->valid = 1; + a->head = NULL; + a->last = NULL; + + i[0] = a->info->count_threads; + i[1] = a->info->options & ( + LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME | + LWS_SERVER_OPTION_LIBUV | + LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT | + LWS_SERVER_OPTION_EXPLICIT_VHOSTS | + LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN | + LWS_SERVER_OPTION_LIBEVENT | + LWS_SERVER_OPTION_LIBEV + ); + ss = a->info->server_string; + i[2] = a->info->ws_ping_pong_interval; + i[3] = a->info->timeout_secs; + + memset(a->info, 0, sizeof(*a->info)); + + a->info->count_threads = i[0]; + a->info->options = i[1]; + a->info->server_string = ss; + a->info->ws_ping_pong_interval = i[2]; + a->info->timeout_secs = i[3]; + + a->info->protocols = a->protocols; + a->info->extensions = a->extensions; +#if defined(LWS_WITH_TLS) + a->info->client_ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:" + "ECDHE-RSA-AES256-GCM-SHA384:" + "DHE-RSA-AES256-GCM-SHA384:" + "ECDHE-RSA-AES256-SHA384:" + "HIGH:!aNULL:!eNULL:!EXPORT:" + "!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:" + "!SHA1:!DHE-RSA-AES128-GCM-SHA256:" + "!DHE-RSA-AES128-SHA256:" + "!AES128-GCM-SHA256:" + "!AES128-SHA256:" + "!DHE-RSA-AES256-SHA256:" + "!AES256-GCM-SHA384:" + "!AES256-SHA256"; +#endif + a->info->ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:" + "ECDHE-RSA-AES256-GCM-SHA384:" + "DHE-RSA-AES256-GCM-SHA384:" + "ECDHE-RSA-AES256-SHA384:" + "HIGH:!aNULL:!eNULL:!EXPORT:" + "!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:" + "!SHA1:!DHE-RSA-AES128-GCM-SHA256:" + "!DHE-RSA-AES128-SHA256:" + "!AES128-GCM-SHA256:" + "!AES128-SHA256:" + "!DHE-RSA-AES256-SHA256:" + "!AES256-GCM-SHA384:" + "!AES256-SHA256"; + a->info->keepalive_timeout = 5; + } + + if (reason == LEJPCB_OBJECT_START && + ctx->path_match == LEJPVP_MOUNTS + 1) { + a->fresh_mount = 1; + memset(&a->m, 0, sizeof(a->m)); + } + + /* this catches, eg, vhosts[].ws-protocols[].xxx-protocol */ + if (reason == LEJPCB_OBJECT_START && + ctx->path_match == LEJPVP_PROTOCOL_NAME + 1) { + a->pvo = lwsws_align(a); + a->p += sizeof(*a->pvo); + + n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + /* ie, enable this protocol, no options yet */ + a->pvo->next = a->info->pvo; + a->info->pvo = a->pvo; + a->pvo->name = a->p; + lwsl_info(" adding protocol %s\n", a->p); + a->p += n; + a->pvo->value = a->p; + a->pvo->options = NULL; + goto dostring; + } + + /* this catches, eg, vhosts[].headers[].xxx */ + if ((reason == LEJPCB_VAL_STR_END || reason == LEJPCB_VAL_STR_CHUNK) && + ctx->path_match == LEJPVP_HEADERS_NAME + 1) { + if (!a->chunk) { + headers = lwsws_align(a); + a->p += sizeof(*headers); + + n = lejp_get_wildcard(ctx, 0, a->p, + lws_ptr_diff(a->end, a->p)); + /* ie, add this header */ + headers->next = a->info->headers; + a->info->headers = headers; + headers->name = a->p; + + lwsl_notice(" adding header %s=%s\n", a->p, ctx->buf); + a->p += n - 1; + *(a->p++) = ':'; + if (a->p < a->end) + *(a->p++) = '\0'; + else + *(a->p - 1) = '\0'; + headers->value = a->p; + headers->options = NULL; + } + a->chunk = reason == LEJPCB_VAL_STR_CHUNK; + goto dostring; + } + + if (reason == LEJPCB_OBJECT_END && + (ctx->path_match == LEJPVP + 1 || !ctx->path[0]) && + a->valid) { + + struct lws_vhost *vhost; + + //lwsl_notice("%s\n", ctx->path); + if (!a->info->port) { + lwsl_err("Port required (eg, 443)"); + return 1; + } + a->valid = 0; + a->info->mounts = a->head; + + vhost = lws_create_vhost(a->context, a->info); + if (!vhost) { + lwsl_err("Failed to create vhost %s\n", + a->info->vhost_name); + return 1; + } + a->any_vhosts = 1; + +#if defined(LWS_WITH_TLS) + if (a->enable_client_ssl) { + const char *cert_filepath = a->info->client_ssl_cert_filepath; + const char *private_key_filepath = a->info->client_ssl_private_key_filepath; + const char *ca_filepath = a->info->client_ssl_ca_filepath; + const char *cipher_list = a->info->client_ssl_cipher_list; + memset(a->info, 0, sizeof(*a->info)); + a->info->client_ssl_cert_filepath = cert_filepath; + a->info->client_ssl_private_key_filepath = private_key_filepath; + a->info->client_ssl_ca_filepath = ca_filepath; + a->info->client_ssl_cipher_list = cipher_list; + a->info->options = LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT; + lws_init_vhost_client_ssl(a->info, vhost); + } +#endif + + return 0; + } + + if (reason == LEJPCB_OBJECT_END && + ctx->path_match == LEJPVP_MOUNTS + 1) { + static const char * const mount_protocols[] = { + "http://", + "https://", + "file://", + "cgi://", + ">http://", + ">https://", + "callback://", + "gzip://", + }; + + if (!a->fresh_mount) + return 0; + + if (!a->m.mountpoint || !a->m.origin) { + lwsl_err("mountpoint and origin required\n"); + return 1; + } + lwsl_debug("adding mount %s\n", a->m.mountpoint); + m = lwsws_align(a); + memcpy(m, &a->m, sizeof(*m)); + if (a->last) + a->last->mount_next = m; + + for (n = 0; n < (int)LWS_ARRAY_SIZE(mount_protocols); n++) + if (!strncmp(a->m.origin, mount_protocols[n], + strlen(mount_protocols[n]))) { + lwsl_info("----%s\n", a->m.origin); + m->origin_protocol = n; + m->origin = a->m.origin + + strlen(mount_protocols[n]); + break; + } + + if (n == (int)LWS_ARRAY_SIZE(mount_protocols)) { + lwsl_err("unsupported protocol:// %s\n", a->m.origin); + return 1; + } + + a->p += sizeof(*m); + if (!a->head) + a->head = m; + + a->last = m; + a->fresh_mount = 0; + } + + /* we only match on the prepared path strings */ + if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match) + return 0; + + switch (ctx->path_match - 1) { + case LEJPVP_NAME: + a->info->vhost_name = a->p; + break; + case LEJPVP_PORT: + a->info->port = atoi(ctx->buf); + return 0; + case LEJPVP_INTERFACE: + a->info->iface = a->p; + break; + case LEJPVP_UNIXSKT: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_UNIX_SOCK; + else + a->info->options &= ~(LWS_SERVER_OPTION_UNIX_SOCK); + return 0; + case LEJPVP_STS: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_STS; + else + a->info->options &= ~(LWS_SERVER_OPTION_STS); + return 0; + case LEJPVP_HOST_SSL_KEY: + a->info->ssl_private_key_filepath = a->p; + break; + case LEJPVP_HOST_SSL_CERT: + a->info->ssl_cert_filepath = a->p; + break; + case LEJPVP_HOST_SSL_CA: + a->info->ssl_ca_filepath = a->p; + break; + case LEJPVP_ACCESS_LOG: + a->info->log_filepath = a->p; + break; + case LEJPVP_MOUNTPOINT: + a->m.mountpoint = a->p; + a->m.mountpoint_len = (unsigned char)strlen(ctx->buf); + break; + case LEJPVP_ORIGIN: + if (!strncmp(ctx->buf, "callback://", 11)) + a->m.protocol = a->p + 11; + + if (!a->m.origin) + a->m.origin = a->p; + break; + case LEJPVP_DEFAULT: + a->m.def = a->p; + break; + case LEJPVP_DEFAULT_AUTH_MASK: + a->m.auth_mask = atoi(ctx->buf); + return 0; + case LEJPVP_MOUNT_CACHE_MAX_AGE: + a->m.cache_max_age = atoi(ctx->buf); + return 0; + case LEJPVP_MOUNT_CACHE_REUSE: + a->m.cache_reusable = arg_to_bool(ctx->buf); + return 0; + case LEJPVP_MOUNT_CACHE_REVALIDATE: + a->m.cache_revalidate = arg_to_bool(ctx->buf); + return 0; + case LEJPVP_MOUNT_CACHE_INTERMEDIARIES: + a->m.cache_intermediaries = arg_to_bool(ctx->buf);; + return 0; + case LEJPVP_MOUNT_BASIC_AUTH: + a->m.basic_auth_login_file = a->p; + break; + case LEJPVP_CGI_TIMEOUT: + a->m.cgi_timeout = atoi(ctx->buf); + return 0; + case LEJPVP_KEEPALIVE_TIMEOUT: + a->info->keepalive_timeout = atoi(ctx->buf); + return 0; +#if defined(LWS_WITH_TLS) + case LEJPVP_CLIENT_CIPHERS: + a->info->client_ssl_cipher_list = a->p; + break; +#endif + case LEJPVP_CIPHERS: + a->info->ssl_cipher_list = a->p; + break; + case LEJPVP_ECDH_CURVE: + a->info->ecdh_curve = a->p; + break; + case LEJPVP_PMO: + case LEJPVP_CGI_ENV: + mp_cgienv = lwsws_align(a); + a->p += sizeof(*a->m.cgienv); + + mp_cgienv->next = a->m.cgienv; + a->m.cgienv = mp_cgienv; + + n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + mp_cgienv->name = a->p; + a->p += n; + mp_cgienv->value = a->p; + mp_cgienv->options = NULL; + //lwsl_notice(" adding pmo / cgi-env '%s' = '%s'\n", mp_cgienv->name, + // mp_cgienv->value); + goto dostring; + + case LEJPVP_PROTOCOL_NAME_OPT: + /* this catches, eg, + * vhosts[].ws-protocols[].xxx-protocol.yyy-option + * ie, these are options attached to a protocol with { } + */ + pvo = lwsws_align(a); + a->p += sizeof(*a->pvo); + + n = lejp_get_wildcard(ctx, 1, a->p, a->end - a->p); + /* ie, enable this protocol, no options yet */ + pvo->next = a->pvo->options; + a->pvo->options = pvo; + pvo->name = a->p; + a->p += n; + pvo->value = a->p; + pvo->options = NULL; + break; + + case LEJPVP_MOUNT_EXTRA_MIMETYPES: + a->pvo_em = lwsws_align(a); + a->p += sizeof(*a->pvo_em); + + n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + /* ie, enable this protocol, no options yet */ + a->pvo_em->next = a->m.extra_mimetypes; + a->m.extra_mimetypes = a->pvo_em; + a->pvo_em->name = a->p; + lwsl_notice(" adding extra-mimetypes %s -> %s\n", a->p, ctx->buf); + a->p += n; + a->pvo_em->value = a->p; + a->pvo_em->options = NULL; + break; + + case LEJPVP_MOUNT_INTERPRET: + a->pvo_int = lwsws_align(a); + a->p += sizeof(*a->pvo_int); + + n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p); + /* ie, enable this protocol, no options yet */ + a->pvo_int->next = a->m.interpret; + a->m.interpret = a->pvo_int; + a->pvo_int->name = a->p; + lwsl_notice(" adding interpret %s -> %s\n", a->p, + ctx->buf); + a->p += n; + a->pvo_int->value = a->p; + a->pvo_int->options = NULL; + break; + + case LEJPVP_ENABLE_CLIENT_SSL: + a->enable_client_ssl = arg_to_bool(ctx->buf); + return 0; +#if defined(LWS_WITH_TLS) + case LEJPVP_CLIENT_SSL_KEY: + a->info->client_ssl_private_key_filepath = a->p; + break; + case LEJPVP_CLIENT_SSL_CERT: + a->info->client_ssl_cert_filepath = a->p; + break; + case LEJPVP_CLIENT_SSL_CA: + a->info->client_ssl_ca_filepath = a->p; + break; +#endif + + case LEJPVP_NOIPV6: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_DISABLE_IPV6; + else + a->info->options &= ~(LWS_SERVER_OPTION_DISABLE_IPV6); + return 0; + + case LEJPVP_FLAG_ONLYRAW: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_ONLY_RAW; + else + a->info->options &= ~(LWS_SERVER_OPTION_ONLY_RAW); + return 0; + + case LEJPVP_IPV6ONLY: + a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY; + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE; + else + a->info->options &= ~(LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE); + return 0; + + case LEJPVP_FLAG_CLIENT_CERT_REQUIRED: + if (arg_to_bool(ctx->buf)) + a->info->options |= + LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT; + return 0; + + case LEJPVP_IGNORE_MISSING_CERT: + if (arg_to_bool(ctx->buf)) + a->info->options |= LWS_SERVER_OPTION_IGNORE_MISSING_CERT; + else + a->info->options &= ~(LWS_SERVER_OPTION_IGNORE_MISSING_CERT); + + return 0; + + case LEJPVP_ERROR_DOCUMENT_404: + a->info->error_document_404 = a->p; + break; + + case LEJPVP_SSL_OPTION_SET: + a->info->ssl_options_set |= atol(ctx->buf); + return 0; + case LEJPVP_SSL_OPTION_CLEAR: + a->info->ssl_options_clear |= atol(ctx->buf); + return 0; + + case LEJPVP_ALPN: + a->info->alpn = a->p; + break; + + default: + return 0; + } + +dostring: + p = ctx->buf; + p[LEJP_STRING_CHUNK] = '\0'; + p1 = strstr(p, ESC_INSTALL_DATADIR); + if (p1) { + n = p1 - p; + if (n > a->end - a->p) + n = a->end - a->p; + lws_strncpy(a->p, p, n + 1); + a->p += n; + a->p += lws_snprintf(a->p, a->end - a->p, "%s", LWS_INSTALL_DATADIR); + p += n + strlen(ESC_INSTALL_DATADIR); + } + + a->p += lws_snprintf(a->p, a->end - a->p, "%s", p); + if (reason == LEJPCB_VAL_STR_END) + *(a->p)++ = '\0'; + + return 0; +} + +/* + * returns 0 = OK, 1 = can't open, 2 = parsing error + */ + +static int +lwsws_get_config(void *user, const char *f, const char * const *paths, + int count_paths, lejp_callback cb) +{ + unsigned char buf[128]; + struct lejp_ctx ctx; + int n, m, fd; + + fd = lws_open(f, O_RDONLY); + if (fd < 0) { + lwsl_err("Cannot open %s\n", f); + return 2; + } + lwsl_info("%s: %s\n", __func__, f); + lejp_construct(&ctx, cb, user, paths, count_paths); + + do { + n = read(fd, buf, sizeof(buf)); + if (!n) + break; + + m = (int)(signed char)lejp_parse(&ctx, buf, n); + } while (m == LEJP_CONTINUE); + + close(fd); + n = ctx.line; + lejp_destruct(&ctx); + + if (m < 0) { + lwsl_err("%s(%u): parsing error %d: %s\n", f, n, m, + parser_errs[-m]); + return 2; + } + + return 0; +} + +#if defined(LWS_WITH_LIBUV) && UV_VERSION_MAJOR > 0 + +static int +lwsws_get_config_d(void *user, const char *d, const char * const *paths, + int count_paths, lejp_callback cb) +{ + uv_dirent_t dent; + uv_fs_t req; + char path[256]; + int ret = 0, ir; + uv_loop_t loop; + + ir = uv_loop_init(&loop); + if (ir) { + lwsl_err("%s: loop init failed %d\n", __func__, ir); + } + + if (!uv_fs_scandir(&loop, &req, d, 0, NULL)) { + lwsl_err("Scandir on %s failed\n", d); + return 2; + } + + while (uv_fs_scandir_next(&req, &dent) != UV_EOF) { + lws_snprintf(path, sizeof(path) - 1, "%s/%s", d, dent.name); + ret = lwsws_get_config(user, path, paths, count_paths, cb); + if (ret) + goto bail; + } + +bail: + uv_fs_req_cleanup(&req); + while (uv_loop_close(&loop)) + ; + + return ret; +} + +#else + +#ifndef _WIN32 +static int filter(const struct dirent *ent) +{ + if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, "..")) + return 0; + + return 1; +} +#endif + +static int +lwsws_get_config_d(void *user, const char *d, const char * const *paths, + int count_paths, lejp_callback cb) +{ +#ifndef _WIN32 + struct dirent **namelist; + char path[256]; + int n, i, ret = 0; + + n = scandir(d, &namelist, filter, alphasort); + if (n < 0) { + lwsl_err("Scandir on %s failed\n", d); + return 1; + } + + for (i = 0; i < n; i++) { + if (strchr(namelist[i]->d_name, '~')) + goto skip; + lws_snprintf(path, sizeof(path) - 1, "%s/%s", d, + namelist[i]->d_name); + ret = lwsws_get_config(user, path, paths, count_paths, cb); + if (ret) { + while (i++ < n) + free(namelist[i]); + goto bail; + } +skip: + free(namelist[i]); + } + +bail: + free(namelist); + + return ret; +#else + return 0; +#endif +} + +#endif + +int +lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d, + char **cs, int *len) +{ + struct jpargs a; + const char * const *old = info->plugin_dirs; + char dd[128]; + + memset(&a, 0, sizeof(a)); + + a.info = info; + a.p = *cs; + a.end = (a.p + *len) - 1; + a.valid = 0; + + lwsws_align(&a); + info->plugin_dirs = (void *)a.p; + a.plugin_dirs = (void *)a.p; /* writeable version */ + a.p += MAX_PLUGIN_DIRS * sizeof(void *); + + /* copy any default paths */ + + while (old && *old) { + a.plugin_dirs[a.count_plugin_dirs++] = *old; + old++; + } + + lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d); + if (lwsws_get_config(&a, dd, paths_global, + LWS_ARRAY_SIZE(paths_global), lejp_globals_cb) > 1) + return 1; + lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d); + if (lwsws_get_config_d(&a, dd, paths_global, + LWS_ARRAY_SIZE(paths_global), lejp_globals_cb) > 1) + return 1; + + a.plugin_dirs[a.count_plugin_dirs] = NULL; + + *cs = a.p; + *len = a.end - a.p; + + return 0; +} + +int +lwsws_get_config_vhosts(struct lws_context *context, + struct lws_context_creation_info *info, const char *d, + char **cs, int *len) +{ + struct jpargs a; + char dd[128]; + + memset(&a, 0, sizeof(a)); + + a.info = info; + a.p = *cs; + a.end = a.p + *len; + a.valid = 0; + a.context = context; + a.protocols = info->protocols; + a.extensions = info->extensions; + + lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d); + if (lwsws_get_config(&a, dd, paths_vhosts, + LWS_ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1) + return 1; + lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d); + if (lwsws_get_config_d(&a, dd, paths_vhosts, + LWS_ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1) + return 1; + + *cs = a.p; + *len = a.end - a.p; + + if (!a.any_vhosts) { + lwsl_err("Need at least one vhost\n"); + return 1; + } + +// lws_finalize_startup(context); + + return 0; +} diff --git a/thirdparty/libwebsockets/roles/http/server/parsers.c b/thirdparty/libwebsockets/roles/http/server/parsers.c new file mode 100644 index 0000000000..482bdc676a --- /dev/null +++ b/thirdparty/libwebsockets/roles/http/server/parsers.c @@ -0,0 +1,1137 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +static const unsigned char lextable[] = { + #include "../lextable.h" +}; + +#define FAIL_CHAR 0x08 + +static struct allocated_headers * +_lws_create_ah(struct lws_context_per_thread *pt, ah_data_idx_t data_size) +{ + struct allocated_headers *ah = lws_zalloc(sizeof(*ah), "ah struct"); + + if (!ah) + return NULL; + + ah->data = lws_malloc(data_size, "ah data"); + if (!ah->data) { + lws_free(ah); + + return NULL; + } + ah->next = pt->http.ah_list; + pt->http.ah_list = ah; + ah->data_length = data_size; + pt->http.ah_pool_length++; + + lwsl_info("%s: created ah %p (size %d): pool length %d\n", __func__, + ah, (int)data_size, pt->http.ah_pool_length); + + return ah; +} + +int +_lws_destroy_ah(struct lws_context_per_thread *pt, struct allocated_headers *ah) +{ + lws_start_foreach_llp(struct allocated_headers **, a, pt->http.ah_list) { + if ((*a) == ah) { + *a = ah->next; + pt->http.ah_pool_length--; + lwsl_info("%s: freed ah %p : pool length %d\n", + __func__, ah, pt->http.ah_pool_length); + if (ah->data) + lws_free(ah->data); + lws_free(ah); + + return 0; + } + } lws_end_foreach_llp(a, next); + + return 1; +} + +void +_lws_header_table_reset(struct allocated_headers *ah) +{ + /* init the ah to reflect no headers or data have appeared yet */ + memset(ah->frag_index, 0, sizeof(ah->frag_index)); + memset(ah->frags, 0, sizeof(ah->frags)); + ah->nfrag = 0; + ah->pos = 0; + ah->http_response = 0; + ah->parser_state = WSI_TOKEN_NAME_PART; + ah->lextable_pos = 0; +} + +// doesn't scrub the ah rxbuffer by default, parent must do if needed + +void +__lws_header_table_reset(struct lws *wsi, int autoservice) +{ + struct allocated_headers *ah = wsi->http.ah; + struct lws_context_per_thread *pt; + struct lws_pollfd *pfd; + + /* if we have the idea we're resetting 'our' ah, must be bound to one */ + assert(ah); + /* ah also concurs with ownership */ + assert(ah->wsi == wsi); + + _lws_header_table_reset(ah); + + /* since we will restart the ah, our new headers are not completed */ + wsi->hdr_parsing_completed = 0; + + /* while we hold the ah, keep a timeout on the wsi */ + __lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH, + wsi->vhost->timeout_secs_ah_idle); + + time(&ah->assigned); + + if (wsi->position_in_fds_table != LWS_NO_FDS_POS && + lws_buflist_next_segment_len(&wsi->buflist, NULL) && + autoservice) { + lwsl_debug("%s: service on readbuf ah\n", __func__); + + pt = &wsi->context->pt[(int)wsi->tsi]; + /* + * Unlike a normal connect, we have the headers already + * (or the first part of them anyway) + */ + pfd = &pt->fds[wsi->position_in_fds_table]; + pfd->revents |= LWS_POLLIN; + lwsl_err("%s: calling service\n", __func__); + lws_service_fd_tsi(wsi->context, pfd, wsi->tsi); + } +} + +void +lws_header_table_reset(struct lws *wsi, int autoservice) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + lws_pt_lock(pt, __func__); + + __lws_header_table_reset(wsi, autoservice); + + lws_pt_unlock(pt); +} + +static void +_lws_header_ensure_we_are_on_waiting_list(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + struct lws_pollargs pa; + struct lws **pwsi = &pt->http.ah_wait_list; + + while (*pwsi) { + if (*pwsi == wsi) + return; + pwsi = &(*pwsi)->http.ah_wait_list; + } + + lwsl_info("%s: wsi: %p\n", __func__, wsi); + wsi->http.ah_wait_list = pt->http.ah_wait_list; + pt->http.ah_wait_list = wsi; + pt->http.ah_wait_list_length++; + + /* we cannot accept input then */ + + _lws_change_pollfd(wsi, LWS_POLLIN, 0, &pa); +} + +static int +__lws_remove_from_ah_waiting_list(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + struct lws **pwsi =&pt->http.ah_wait_list; + + while (*pwsi) { + if (*pwsi == wsi) { + lwsl_info("%s: wsi %p\n", __func__, wsi); + /* point prev guy to our next */ + *pwsi = wsi->http.ah_wait_list; + /* we shouldn't point anywhere now */ + wsi->http.ah_wait_list = NULL; + pt->http.ah_wait_list_length--; + + return 1; + } + pwsi = &(*pwsi)->http.ah_wait_list; + } + + return 0; +} + +int LWS_WARN_UNUSED_RESULT +lws_header_table_attach(struct lws *wsi, int autoservice) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + struct lws_pollargs pa; + int n; + + lwsl_info("%s: wsi %p: ah %p (tsi %d, count = %d) in\n", __func__, + (void *)wsi, (void *)wsi->http.ah, wsi->tsi, + pt->http.ah_count_in_use); + + lws_pt_lock(pt, __func__); + + /* if we are already bound to one, just clear it down */ + if (wsi->http.ah) { + lwsl_info("%s: cleardown\n", __func__); + goto reset; + } + + n = pt->http.ah_count_in_use == context->max_http_header_pool; +#if defined(LWS_WITH_PEER_LIMITS) + if (!n) { + n = lws_peer_confirm_ah_attach_ok(context, wsi->peer); + if (n) + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1); + } +#endif + if (n) { + /* + * Pool is either all busy, or we don't want to give this + * particular guy an ah right now... + * + * Make sure we are on the waiting list, and return that we + * weren't able to provide the ah + */ + _lws_header_ensure_we_are_on_waiting_list(wsi); + + goto bail; + } + + __lws_remove_from_ah_waiting_list(wsi); + + wsi->http.ah = _lws_create_ah(pt, context->max_http_header_data); + if (!wsi->http.ah) { /* we could not create an ah */ + _lws_header_ensure_we_are_on_waiting_list(wsi); + + goto bail; + } + + wsi->http.ah->in_use = 1; + wsi->http.ah->wsi = wsi; /* mark our owner */ + pt->http.ah_count_in_use++; + +#if defined(LWS_WITH_PEER_LIMITS) && (defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)) + lws_context_lock(context); /* <====================================== */ + if (wsi->peer) + wsi->peer->http.count_ah++; + lws_context_unlock(context); /* ====================================> */ +#endif + + _lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa); + + lwsl_info("%s: did attach wsi %p: ah %p: count %d (on exit)\n", __func__, + (void *)wsi, (void *)wsi->http.ah, pt->http.ah_count_in_use); + +reset: + __lws_header_table_reset(wsi, autoservice); + + lws_pt_unlock(pt); + +#ifndef LWS_NO_CLIENT + if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED) + if (!lws_client_connect_via_info2(wsi)) + /* our client connect has failed, the wsi + * has been closed + */ + return -1; +#endif + + return 0; + +bail: + lws_pt_unlock(pt); + + return 1; +} + +int __lws_header_table_detach(struct lws *wsi, int autoservice) +{ + struct lws_context *context = wsi->context; + struct allocated_headers *ah = wsi->http.ah; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + struct lws_pollargs pa; + struct lws **pwsi, **pwsi_eligible; + time_t now; + + __lws_remove_from_ah_waiting_list(wsi); + + if (!ah) + return 0; + + lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__, + (void *)wsi, (void *)ah, wsi->tsi, + pt->http.ah_count_in_use); + + /* we did have an ah attached */ + time(&now); + if (ah->assigned && now - ah->assigned > 3) { + /* + * we're detaching the ah, but it was held an + * unreasonably long time + */ + lwsl_debug("%s: wsi %p: ah held %ds, role/state 0x%x 0x%x," + "\n", __func__, wsi, (int)(now - ah->assigned), + lwsi_role(wsi), lwsi_state(wsi)); + } + + ah->assigned = 0; + + /* if we think we're detaching one, there should be one in use */ + assert(pt->http.ah_count_in_use > 0); + /* and this specific one should have been in use */ + assert(ah->in_use); + memset(&wsi->http.ah, 0, sizeof(wsi->http.ah)); + +#if defined(LWS_WITH_PEER_LIMITS) + if (ah->wsi) + lws_peer_track_ah_detach(context, wsi->peer); +#endif + ah->wsi = NULL; /* no owner */ + + pwsi = &pt->http.ah_wait_list; + + /* oh there is nobody on the waiting list... leave the ah unattached */ + if (!*pwsi) + goto nobody_usable_waiting; + + /* + * at least one wsi on the same tsi is waiting, give it to oldest guy + * who is allowed to take it (if any) + */ + lwsl_info("pt wait list %p\n", *pwsi); + wsi = NULL; + pwsi_eligible = NULL; + + while (*pwsi) { +#if defined(LWS_WITH_PEER_LIMITS) + /* are we willing to give this guy an ah? */ + if (!lws_peer_confirm_ah_attach_ok(context, (*pwsi)->peer)) +#endif + { + wsi = *pwsi; + pwsi_eligible = pwsi; + } +#if defined(LWS_WITH_PEER_LIMITS) + else + if (!(*pwsi)->http.ah_wait_list) + lws_stats_atomic_bump(context, pt, + LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1); +#endif + pwsi = &(*pwsi)->http.ah_wait_list; + } + + if (!wsi) /* everybody waiting already has too many ah... */ + goto nobody_usable_waiting; + + lwsl_info("%s: transferring ah to last eligible wsi in wait list %p (wsistate 0x%x)\n", __func__, wsi, wsi->wsistate); + + wsi->http.ah = ah; + ah->wsi = wsi; /* new owner */ + + __lws_header_table_reset(wsi, autoservice); +#if defined(LWS_WITH_PEER_LIMITS) && (defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)) + lws_context_lock(context); /* <====================================== */ + if (wsi->peer) + wsi->peer->http.count_ah++; + lws_context_unlock(context); /* ====================================> */ +#endif + + /* clients acquire the ah and then insert themselves in fds table... */ + if (wsi->position_in_fds_table != LWS_NO_FDS_POS) { + lwsl_info("%s: Enabling %p POLLIN\n", __func__, wsi); + + /* he has been stuck waiting for an ah, but now his wait is + * over, let him progress */ + + _lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa); + } + + /* point prev guy to next guy in list instead */ + *pwsi_eligible = wsi->http.ah_wait_list; + /* the guy who got one is out of the list */ + wsi->http.ah_wait_list = NULL; + pt->http.ah_wait_list_length--; + +#ifndef LWS_NO_CLIENT + if (lwsi_role_client(wsi) && lwsi_state(wsi) == LRS_UNCONNECTED) { + lws_pt_unlock(pt); + + if (!lws_client_connect_via_info2(wsi)) { + /* our client connect has failed, the wsi + * has been closed + */ + + return -1; + } + return 0; + } +#endif + + assert(!!pt->http.ah_wait_list_length == !!(lws_intptr_t)pt->http.ah_wait_list); +bail: + lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__, + (void *)wsi, (void *)ah, pt->tid, pt->http.ah_count_in_use); + + return 0; + +nobody_usable_waiting: + lwsl_info("%s: nobody usable waiting\n", __func__); + _lws_destroy_ah(pt, ah); + pt->http.ah_count_in_use--; + + goto bail; +} + +int lws_header_table_detach(struct lws *wsi, int autoservice) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + int n; + + lws_pt_lock(pt, __func__); + n = __lws_header_table_detach(wsi, autoservice); + lws_pt_unlock(pt); + + return n; +} + +LWS_VISIBLE int +lws_hdr_fragment_length(struct lws *wsi, enum lws_token_indexes h, int frag_idx) +{ + int n; + + if (!wsi->http.ah) + return 0; + + n = wsi->http.ah->frag_index[h]; + if (!n) + return 0; + do { + if (!frag_idx) + return wsi->http.ah->frags[n].len; + n = wsi->http.ah->frags[n].nfrag; + } while (frag_idx-- && n); + + return 0; +} + +LWS_VISIBLE int lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h) +{ + int n; + int len = 0; + + if (!wsi->http.ah) + return 0; + + n = wsi->http.ah->frag_index[h]; + if (!n) + return 0; + do { + len += wsi->http.ah->frags[n].len; + n = wsi->http.ah->frags[n].nfrag; + } while (n); + + return len; +} + +LWS_VISIBLE int lws_hdr_copy_fragment(struct lws *wsi, char *dst, int len, + enum lws_token_indexes h, int frag_idx) +{ + int n = 0; + int f; + + if (!wsi->http.ah) + return -1; + + f = wsi->http.ah->frag_index[h]; + + if (!f) + return -1; + + while (n < frag_idx) { + f = wsi->http.ah->frags[f].nfrag; + if (!f) + return -1; + n++; + } + + if (wsi->http.ah->frags[f].len >= len) + return -1; + + memcpy(dst, wsi->http.ah->data + wsi->http.ah->frags[f].offset, + wsi->http.ah->frags[f].len); + dst[wsi->http.ah->frags[f].len] = '\0'; + + return wsi->http.ah->frags[f].len; +} + +LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len, + enum lws_token_indexes h) +{ + int toklen = lws_hdr_total_length(wsi, h); + int n; + + if (toklen >= len) + return -1; + + if (!wsi->http.ah) + return -1; + + n = wsi->http.ah->frag_index[h]; + if (!n) + return 0; + + do { + if (wsi->http.ah->frags[n].len >= len) + return -1; + strncpy(dst, &wsi->http.ah->data[wsi->http.ah->frags[n].offset], + wsi->http.ah->frags[n].len); + dst += wsi->http.ah->frags[n].len; + len -= wsi->http.ah->frags[n].len; + n = wsi->http.ah->frags[n].nfrag; + } while (n); + *dst = '\0'; + + return toklen; +} + +char *lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h) +{ + int n; + + n = wsi->http.ah->frag_index[h]; + if (!n) + return NULL; + + return wsi->http.ah->data + wsi->http.ah->frags[n].offset; +} + +static int LWS_WARN_UNUSED_RESULT +lws_pos_in_bounds(struct lws *wsi) +{ + if (wsi->http.ah->pos < + (unsigned int)wsi->context->max_http_header_data) + return 0; + + if ((int)wsi->http.ah->pos == wsi->context->max_http_header_data) { + lwsl_err("Ran out of header data space\n"); + return 1; + } + + /* + * with these tests everywhere, it should never be able to exceed + * the limit, only meet it + */ + lwsl_err("%s: pos %d, limit %d\n", __func__, wsi->http.ah->pos, + wsi->context->max_http_header_data); + assert(0); + + return 1; +} + +int LWS_WARN_UNUSED_RESULT +lws_hdr_simple_create(struct lws *wsi, enum lws_token_indexes h, const char *s) +{ + wsi->http.ah->nfrag++; + if (wsi->http.ah->nfrag == LWS_ARRAY_SIZE(wsi->http.ah->frags)) { + lwsl_warn("More hdr frags than we can deal with, dropping\n"); + return -1; + } + + wsi->http.ah->frag_index[h] = wsi->http.ah->nfrag; + + wsi->http.ah->frags[wsi->http.ah->nfrag].offset = wsi->http.ah->pos; + wsi->http.ah->frags[wsi->http.ah->nfrag].len = 0; + wsi->http.ah->frags[wsi->http.ah->nfrag].nfrag = 0; + + do { + if (lws_pos_in_bounds(wsi)) + return -1; + + wsi->http.ah->data[wsi->http.ah->pos++] = *s; + if (*s) + wsi->http.ah->frags[wsi->http.ah->nfrag].len++; + } while (*s++); + + return 0; +} + +static int LWS_WARN_UNUSED_RESULT +issue_char(struct lws *wsi, unsigned char c) +{ + unsigned short frag_len; + + if (lws_pos_in_bounds(wsi)) + return -1; + + frag_len = wsi->http.ah->frags[wsi->http.ah->nfrag].len; + /* + * If we haven't hit the token limit, just copy the character into + * the header + */ + if (frag_len < wsi->http.ah->current_token_limit) { + wsi->http.ah->data[wsi->http.ah->pos++] = c; + if (c) + wsi->http.ah->frags[wsi->http.ah->nfrag].len++; + return 0; + } + + /* Insert a null character when we *hit* the limit: */ + if (frag_len == wsi->http.ah->current_token_limit) { + if (lws_pos_in_bounds(wsi)) + return -1; + + wsi->http.ah->data[wsi->http.ah->pos++] = '\0'; + lwsl_warn("header %i exceeds limit %d\n", + wsi->http.ah->parser_state, + wsi->http.ah->current_token_limit); + } + + return 1; +} + +int +lws_parse_urldecode(struct lws *wsi, uint8_t *_c) +{ + struct allocated_headers *ah = wsi->http.ah; + unsigned int enc = 0; + uint8_t c = *_c; + + // lwsl_notice("ah->ups %d\n", ah->ups); + + /* + * PRIORITY 1 + * special URI processing... convert %xx + */ + switch (ah->ues) { + case URIES_IDLE: + if (c == '%') { + ah->ues = URIES_SEEN_PERCENT; + goto swallow; + } + break; + case URIES_SEEN_PERCENT: + if (char_to_hex(c) < 0) + /* illegal post-% char */ + goto forbid; + + ah->esc_stash = c; + ah->ues = URIES_SEEN_PERCENT_H1; + goto swallow; + + case URIES_SEEN_PERCENT_H1: + if (char_to_hex(c) < 0) + /* illegal post-% char */ + goto forbid; + + *_c = (char_to_hex(ah->esc_stash) << 4) | + char_to_hex(c); + c = *_c; + enc = 1; + ah->ues = URIES_IDLE; + break; + } + + /* + * PRIORITY 2 + * special URI processing... + * convert /.. or /... or /../ etc to / + * convert /./ to / + * convert // or /// etc to / + * leave /.dir or whatever alone + */ + + switch (ah->ups) { + case URIPS_IDLE: + if (!c) + return -1; + /* genuine delimiter */ + if ((c == '&' || c == ';') && !enc) { + if (issue_char(wsi, '\0') < 0) + return -1; + /* link to next fragment */ + ah->frags[ah->nfrag].nfrag = ah->nfrag + 1; + ah->nfrag++; + if (ah->nfrag >= LWS_ARRAY_SIZE(ah->frags)) + goto excessive; + /* start next fragment after the & */ + ah->post_literal_equal = 0; + ah->frags[ah->nfrag].offset = ++ah->pos; + ah->frags[ah->nfrag].len = 0; + ah->frags[ah->nfrag].nfrag = 0; + goto swallow; + } + /* uriencoded = in the name part, disallow */ + if (c == '=' && enc && + ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] && + !ah->post_literal_equal) { + c = '_'; + *_c =c; + } + + /* after the real =, we don't care how many = */ + if (c == '=' && !enc) + ah->post_literal_equal = 1; + + /* + to space */ + if (c == '+' && !enc) { + c = ' '; + *_c = c; + } + /* issue the first / always */ + if (c == '/' && !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS]) + ah->ups = URIPS_SEEN_SLASH; + break; + case URIPS_SEEN_SLASH: + /* swallow subsequent slashes */ + if (c == '/') + goto swallow; + /* track and swallow the first . after / */ + if (c == '.') { + ah->ups = URIPS_SEEN_SLASH_DOT; + goto swallow; + } + ah->ups = URIPS_IDLE; + break; + case URIPS_SEEN_SLASH_DOT: + /* swallow second . */ + if (c == '.') { + ah->ups = URIPS_SEEN_SLASH_DOT_DOT; + goto swallow; + } + /* change /./ to / */ + if (c == '/') { + ah->ups = URIPS_SEEN_SLASH; + goto swallow; + } + /* it was like /.dir ... regurgitate the . */ + ah->ups = URIPS_IDLE; + if (issue_char(wsi, '.') < 0) + return -1; + break; + + case URIPS_SEEN_SLASH_DOT_DOT: + + /* /../ or /..[End of URI] --> backup to last / */ + if (c == '/' || c == '?') { + /* + * back up one dir level if possible + * safe against header fragmentation because + * the method URI can only be in 1 fragment + */ + if (ah->frags[ah->nfrag].len > 2) { + ah->pos--; + ah->frags[ah->nfrag].len--; + do { + ah->pos--; + ah->frags[ah->nfrag].len--; + } while (ah->frags[ah->nfrag].len > 1 && + ah->data[ah->pos] != '/'); + } + ah->ups = URIPS_SEEN_SLASH; + if (ah->frags[ah->nfrag].len > 1) + break; + goto swallow; + } + + /* /..[^/] ... regurgitate and allow */ + + if (issue_char(wsi, '.') < 0) + return -1; + if (issue_char(wsi, '.') < 0) + return -1; + ah->ups = URIPS_IDLE; + break; + } + + if (c == '?' && !enc && + !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS]) { /* start of URI args */ + if (ah->ues != URIES_IDLE) + goto forbid; + + /* seal off uri header */ + if (issue_char(wsi, '\0') < 0) + return -1; + + /* move to using WSI_TOKEN_HTTP_URI_ARGS */ + ah->nfrag++; + if (ah->nfrag >= LWS_ARRAY_SIZE(ah->frags)) + goto excessive; + ah->frags[ah->nfrag].offset = ++ah->pos; + ah->frags[ah->nfrag].len = 0; + ah->frags[ah->nfrag].nfrag = 0; + + ah->post_literal_equal = 0; + ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] = ah->nfrag; + ah->ups = URIPS_IDLE; + goto swallow; + } + + return LPUR_CONTINUE; + +swallow: + return LPUR_SWALLOW; + +forbid: + return LPUR_FORBID; + +excessive: + return LPUR_EXCESSIVE; +} + +static const unsigned char methods[] = { + WSI_TOKEN_GET_URI, + WSI_TOKEN_POST_URI, + WSI_TOKEN_OPTIONS_URI, + WSI_TOKEN_PUT_URI, + WSI_TOKEN_PATCH_URI, + WSI_TOKEN_DELETE_URI, + WSI_TOKEN_CONNECT, + WSI_TOKEN_HEAD_URI, +}; + +/* + * possible returns:, -1 fail, 0 ok or 2, transition to raw + */ + +int LWS_WARN_UNUSED_RESULT +lws_parse(struct lws *wsi, unsigned char *buf, int *len) +{ + struct allocated_headers *ah = wsi->http.ah; + struct lws_context *context = wsi->context; + unsigned int n, m; + unsigned char c; + int r, pos; + + assert(wsi->http.ah); + + do { + (*len)--; + c = *buf++; + + switch (ah->parser_state) { + default: + + lwsl_parser("WSI_TOK_(%d) '%c'\n", ah->parser_state, c); + + /* collect into malloc'd buffers */ + /* optional initial space swallow */ + if (!ah->frags[ah->frag_index[ah->parser_state]].len && + c == ' ') + break; + + for (m = 0; m < LWS_ARRAY_SIZE(methods); m++) + if (ah->parser_state == methods[m]) + break; + if (m == LWS_ARRAY_SIZE(methods)) + /* it was not any of the methods */ + goto check_eol; + + /* special URI processing... end at space */ + + if (c == ' ') { + /* enforce starting with / */ + if (!ah->frags[ah->nfrag].len) + if (issue_char(wsi, '/') < 0) + return -1; + + if (ah->ups == URIPS_SEEN_SLASH_DOT_DOT) { + /* + * back up one dir level if possible + * safe against header fragmentation because + * the method URI can only be in 1 fragment + */ + if (ah->frags[ah->nfrag].len > 2) { + ah->pos--; + ah->frags[ah->nfrag].len--; + do { + ah->pos--; + ah->frags[ah->nfrag].len--; + } while (ah->frags[ah->nfrag].len > 1 && + ah->data[ah->pos] != '/'); + } + } + + /* begin parsing HTTP version: */ + if (issue_char(wsi, '\0') < 0) + return -1; + ah->parser_state = WSI_TOKEN_HTTP; + goto start_fragment; + } + + r = lws_parse_urldecode(wsi, &c); + switch (r) { + case LPUR_CONTINUE: + break; + case LPUR_SWALLOW: + goto swallow; + case LPUR_FORBID: + goto forbid; + case LPUR_EXCESSIVE: + goto excessive; + default: + return -1; + } +check_eol: + /* bail at EOL */ + if (ah->parser_state != WSI_TOKEN_CHALLENGE && + c == '\x0d') { + if (ah->ues != URIES_IDLE) + goto forbid; + + c = '\0'; + ah->parser_state = WSI_TOKEN_SKIPPING_SAW_CR; + lwsl_parser("*\n"); + } + + n = issue_char(wsi, c); + if ((int)n < 0) + return -1; + if (n > 0) + ah->parser_state = WSI_TOKEN_SKIPPING; + +swallow: + /* per-protocol end of headers management */ + + if (ah->parser_state == WSI_TOKEN_CHALLENGE) + goto set_parsing_complete; + break; + + /* collecting and checking a name part */ + case WSI_TOKEN_NAME_PART: + lwsl_parser("WSI_TOKEN_NAME_PART '%c' 0x%02X (role=0x%x) " + "wsi->lextable_pos=%d\n", c, c, lwsi_role(wsi), + ah->lextable_pos); + + if (c >= 'A' && c <= 'Z') + c += 'a' - 'A'; + + pos = ah->lextable_pos; + + while (1) { + if (lextable[pos] & (1 << 7)) { /* 1-byte, fail on mismatch */ + if ((lextable[pos] & 0x7f) != c) { +nope: + ah->lextable_pos = -1; + break; + } + /* fall thru */ + pos++; + if (lextable[pos] == FAIL_CHAR) + goto nope; + + ah->lextable_pos = pos; + break; + } + + if (lextable[pos] == FAIL_CHAR) + goto nope; + + /* b7 = 0, end or 3-byte */ + if (lextable[pos] < FAIL_CHAR) { /* terminal marker */ + ah->lextable_pos = pos; + break; + } + + if (lextable[pos] == c) { /* goto */ + ah->lextable_pos = pos + (lextable[pos + 1]) + + (lextable[pos + 2] << 8); + break; + } + + /* fall thru goto */ + pos += 3; + /* continue */ + } + + /* + * If it's h1, server needs to look out for unknown + * methods... + */ + if (ah->lextable_pos < 0 && lwsi_role_h1(wsi) && + lwsi_role_server(wsi)) { + /* this is not a header we know about */ + for (m = 0; m < LWS_ARRAY_SIZE(methods); m++) + if (ah->frag_index[methods[m]]) { + /* + * already had the method, no idea what + * this crap from the client is, ignore + */ + ah->parser_state = WSI_TOKEN_SKIPPING; + break; + } + /* + * hm it's an unknown http method from a client in fact, + * it cannot be valid http + */ + if (m == LWS_ARRAY_SIZE(methods)) { + /* + * are we set up to accept raw in these cases? + */ + if (lws_check_opt(wsi->vhost->options, + LWS_SERVER_OPTION_FALLBACK_TO_RAW)) + return 2; /* transition to raw */ + + lwsl_info("Unknown method - dropping\n"); + goto forbid; + } + break; + } + /* + * ...otherwise for a client, let him ignore unknown headers + * coming from the server + */ + if (ah->lextable_pos < 0) { + ah->parser_state = WSI_TOKEN_SKIPPING; + break; + } + + if (lextable[ah->lextable_pos] < FAIL_CHAR) { + /* terminal state */ + + n = ((unsigned int)lextable[ah->lextable_pos] << 8) | + lextable[ah->lextable_pos + 1]; + + lwsl_parser("known hdr %d\n", n); + for (m = 0; m < LWS_ARRAY_SIZE(methods); m++) + if (n == methods[m] && + ah->frag_index[methods[m]]) { + lwsl_warn("Duplicated method\n"); + return -1; + } + + /* + * WSORIGIN is protocol equiv to ORIGIN, + * JWebSocket likes to send it, map to ORIGIN + */ + if (n == WSI_TOKEN_SWORIGIN) + n = WSI_TOKEN_ORIGIN; + + ah->parser_state = (enum lws_token_indexes) + (WSI_TOKEN_GET_URI + n); + ah->ups = URIPS_IDLE; + + if (context->token_limits) + ah->current_token_limit = context-> + token_limits->token_limit[ + ah->parser_state]; + else + ah->current_token_limit = + wsi->context->max_http_header_data; + + if (ah->parser_state == WSI_TOKEN_CHALLENGE) + goto set_parsing_complete; + + goto start_fragment; + } + break; + +start_fragment: + ah->nfrag++; +excessive: + if (ah->nfrag == LWS_ARRAY_SIZE(ah->frags)) { + lwsl_warn("More hdr frags than we can deal with\n"); + return -1; + } + + ah->frags[ah->nfrag].offset = ah->pos; + ah->frags[ah->nfrag].len = 0; + ah->frags[ah->nfrag].nfrag = 0; + ah->frags[ah->nfrag].flags = 2; + + n = ah->frag_index[ah->parser_state]; + if (!n) { /* first fragment */ + ah->frag_index[ah->parser_state] = ah->nfrag; + ah->hdr_token_idx = ah->parser_state; + break; + } + /* continuation */ + while (ah->frags[n].nfrag) + n = ah->frags[n].nfrag; + ah->frags[n].nfrag = ah->nfrag; + + if (issue_char(wsi, ' ') < 0) + return -1; + break; + + /* skipping arg part of a name we didn't recognize */ + case WSI_TOKEN_SKIPPING: + lwsl_parser("WSI_TOKEN_SKIPPING '%c'\n", c); + + if (c == '\x0d') + ah->parser_state = WSI_TOKEN_SKIPPING_SAW_CR; + break; + + case WSI_TOKEN_SKIPPING_SAW_CR: + lwsl_parser("WSI_TOKEN_SKIPPING_SAW_CR '%c'\n", c); + if (ah->ues != URIES_IDLE) + goto forbid; + if (c == '\x0a') { + ah->parser_state = WSI_TOKEN_NAME_PART; + ah->lextable_pos = 0; + } else + ah->parser_state = WSI_TOKEN_SKIPPING; + break; + /* we're done, ignore anything else */ + + case WSI_PARSING_COMPLETE: + lwsl_parser("WSI_PARSING_COMPLETE '%c'\n", c); + break; + } + + } while (*len); + + return 0; + +set_parsing_complete: + if (ah->ues != URIES_IDLE) + goto forbid; + if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) { + if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION)) + wsi->rx_frame_type = /* temp for ws version index */ + atoi(lws_hdr_simple_ptr(wsi, WSI_TOKEN_VERSION)); + + lwsl_parser("v%02d hdrs done\n", wsi->rx_frame_type); + } + ah->parser_state = WSI_PARSING_COMPLETE; + wsi->hdr_parsing_completed = 1; + + return 0; + +forbid: + lwsl_notice(" forbidding on uri sanitation\n"); + lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL); + + return -1; +} + diff --git a/thirdparty/libwebsockets/roles/http/server/server.c b/thirdparty/libwebsockets/roles/http/server/server.c new file mode 100644 index 0000000000..abd86dc9b5 --- /dev/null +++ b/thirdparty/libwebsockets/roles/http/server/server.c @@ -0,0 +1,2765 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +const char * const method_names[] = { + "GET", "POST", "OPTIONS", "PUT", "PATCH", "DELETE", "CONNECT", "HEAD", +#ifdef LWS_WITH_HTTP2 + ":path", +#endif + }; + +/* + * return 0: all done + * 1: nonfatal error + * <0: fatal error + * + * REQUIRES CONTEXT LOCK HELD + */ + +int +_lws_vhost_init_server(const struct lws_context_creation_info *info, + struct lws_vhost *vhost) +{ + int n, opt = 1, limit = 1; + lws_sockfd_type sockfd; + struct lws_vhost *vh; + struct lws *wsi; + int m = 0, is; + + (void)method_names; + (void)opt; + + if (info) { + vhost->iface = info->iface; + vhost->listen_port = info->port; + } + + /* set up our external listening socket we serve on */ + + if (vhost->listen_port == CONTEXT_PORT_NO_LISTEN || + vhost->listen_port == CONTEXT_PORT_NO_LISTEN_SERVER) + return 0; + + vh = vhost->context->vhost_list; + while (vh) { + if (vh->listen_port == vhost->listen_port) { + if (((!vhost->iface && !vh->iface) || + (vhost->iface && vh->iface && + !strcmp(vhost->iface, vh->iface))) && + vh->lserv_wsi + ) { + lwsl_notice(" using listen skt from vhost %s\n", + vh->name); + return 0; + } + } + vh = vh->vhost_next; + } + + if (vhost->iface) { + /* + * let's check before we do anything else about the disposition + * of the interface he wants to bind to... + */ + is = lws_socket_bind(vhost, LWS_SOCK_INVALID, vhost->listen_port, vhost->iface); + lwsl_debug("initial if check says %d\n", is); +deal: + + lws_start_foreach_llp(struct lws_vhost **, pv, + vhost->context->no_listener_vhost_list) { + if (is >= LWS_ITOSA_USABLE && *pv == vhost) { + /* on the list and shouldn't be: remove it */ + lwsl_debug("deferred iface: removing vh %s\n", (*pv)->name); + *pv = vhost->no_listener_vhost_list; + vhost->no_listener_vhost_list = NULL; + goto done_list; + } + if (is < LWS_ITOSA_USABLE && *pv == vhost) + goto done_list; + } lws_end_foreach_llp(pv, no_listener_vhost_list); + + /* not on the list... */ + + if (is < LWS_ITOSA_USABLE) { + + /* ... but needs to be: so add it */ + + lwsl_debug("deferred iface: adding vh %s\n", vhost->name); + vhost->no_listener_vhost_list = vhost->context->no_listener_vhost_list; + vhost->context->no_listener_vhost_list = vhost; + } + +done_list: + + switch (is) { + default: + break; + case LWS_ITOSA_NOT_EXIST: + /* can't add it */ + if (info) /* first time */ + lwsl_err("VH %s: iface %s port %d DOESN'T EXIST\n", + vhost->name, vhost->iface, vhost->listen_port); + return 1; + case LWS_ITOSA_NOT_USABLE: + /* can't add it */ + if (info) /* first time */ + lwsl_err("VH %s: iface %s port %d NOT USABLE\n", + vhost->name, vhost->iface, vhost->listen_port); + return 1; + } + } + + (void)n; +#if defined(__linux__) +#ifdef LWS_WITH_UNIX_SOCK + /* + * A Unix domain sockets cannot be bound for several times, even if we set + * the SO_REUSE* options on. + * However, fortunately, each thread is able to independently listen when + * running on a reasonably new Linux kernel. So we can safely assume + * creating just one listening socket for a multi-threaded environment won't + * fail in most cases. + */ + if (!LWS_UNIX_SOCK_ENABLED(vhost)) +#endif + limit = vhost->context->count_threads; +#endif + + for (m = 0; m < limit; m++) { +#ifdef LWS_WITH_UNIX_SOCK + if (LWS_UNIX_SOCK_ENABLED(vhost)) + sockfd = socket(AF_UNIX, SOCK_STREAM, 0); + else +#endif +#ifdef LWS_WITH_IPV6 + if (LWS_IPV6_ENABLED(vhost)) + sockfd = socket(AF_INET6, SOCK_STREAM, 0); + else +#endif + sockfd = socket(AF_INET, SOCK_STREAM, 0); + + if (sockfd == LWS_SOCK_INVALID) { + lwsl_err("ERROR opening socket\n"); + return 1; + } +#if !defined(LWS_WITH_ESP32) +#if (defined(WIN32) || defined(_WIN32)) && defined(SO_EXCLUSIVEADDRUSE) + /* + * only accept that we are the only listener on the port + * https://msdn.microsoft.com/zh-tw/library/ + * windows/desktop/ms740621(v=vs.85).aspx + * + * for lws, to match Linux, we default to exclusive listen + */ + if (!lws_check_opt(vhost->options, + LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE)) { + if (setsockopt(sockfd, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, + (const void *)&opt, sizeof(opt)) < 0) { + lwsl_err("reuseaddr failed\n"); + compatible_close(sockfd); + return -1; + } + } else +#endif + + /* + * allow us to restart even if old sockets in TIME_WAIT + */ + if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, + (const void *)&opt, sizeof(opt)) < 0) { + lwsl_err("reuseaddr failed\n"); + compatible_close(sockfd); + return -1; + } + +#if defined(LWS_WITH_IPV6) && defined(IPV6_V6ONLY) + if (LWS_IPV6_ENABLED(vhost) && + vhost->options & LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY) { + int value = (vhost->options & + LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE) ? 1 : 0; + if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY, + (const void*)&value, sizeof(value)) < 0) { + compatible_close(sockfd); + return -1; + } + } +#endif + +#if defined(__linux__) && defined(SO_REUSEPORT) + /* keep coverity happy */ +#if LWS_MAX_SMP > 1 + n = 1; +#else + n = lws_check_opt(vhost->options, + LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE); +#endif + if (n && vhost->context->count_threads > 1) + if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEPORT, + (const void *)&opt, sizeof(opt)) < 0) { + compatible_close(sockfd); + return -1; + } +#endif +#endif + lws_plat_set_socket_options(vhost, sockfd); + + is = lws_socket_bind(vhost, sockfd, vhost->listen_port, vhost->iface); + /* + * There is a race where the network device may come up and then + * go away and fail here. So correctly handle unexpected failure + * here despite we earlier confirmed it. + */ + if (is < 0) { + lwsl_info("%s: lws_socket_bind says %d\n", __func__, is); + compatible_close(sockfd); + goto deal; + } + vhost->listen_port = is; + + lwsl_debug("%s: lws_socket_bind says %d\n", __func__, is); + + wsi = lws_zalloc(sizeof(struct lws), "listen wsi"); + if (wsi == NULL) { + lwsl_err("Out of mem\n"); + goto bail; + } + wsi->context = vhost->context; + wsi->desc.sockfd = sockfd; + lws_role_transition(wsi, 0, LRS_UNCONNECTED, &role_ops_listen); + wsi->protocol = vhost->protocols; + wsi->tsi = m; + wsi->vhost = vhost; + wsi->listener = 1; + + if (wsi->context->event_loop_ops->init_vhost_listen_wsi) + wsi->context->event_loop_ops->init_vhost_listen_wsi(wsi); + + if (__insert_wsi_socket_into_fds(vhost->context, wsi)) { + lwsl_notice("inserting wsi socket into fds failed\n"); + goto bail; + } + + vhost->context->count_wsi_allocated++; + vhost->lserv_wsi = wsi; + + n = listen(wsi->desc.sockfd, LWS_SOMAXCONN); + if (n < 0) { + lwsl_err("listen failed with error %d\n", LWS_ERRNO); + vhost->lserv_wsi = NULL; + vhost->context->count_wsi_allocated--; + __remove_wsi_socket_from_fds(wsi); + goto bail; + } + } /* for each thread able to independently listen */ + + if (!lws_check_opt(vhost->context->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) { +#ifdef LWS_WITH_UNIX_SOCK + if (LWS_UNIX_SOCK_ENABLED(vhost)) + lwsl_info(" Listening on \"%s\"\n", vhost->iface); + else +#endif + lwsl_info(" Listening on port %d\n", vhost->listen_port); + } + + // info->port = vhost->listen_port; + + return 0; + +bail: + compatible_close(sockfd); + + return -1; +} + +struct lws_vhost * +lws_select_vhost(struct lws_context *context, int port, const char *servername) +{ + struct lws_vhost *vhost = context->vhost_list; + const char *p; + int n, m, colon; + + n = (int)strlen(servername); + colon = n; + p = strchr(servername, ':'); + if (p) + colon = lws_ptr_diff(p, servername); + + /* Priotity 1: first try exact matches */ + + while (vhost) { + if (port == vhost->listen_port && + !strncmp(vhost->name, servername, colon)) { + lwsl_info("SNI: Found: %s\n", servername); + return vhost; + } + vhost = vhost->vhost_next; + } + + /* + * Priority 2: if no exact matches, try matching *.vhost-name + * unintentional matches are possible but resolve to x.com for *.x.com + * which is reasonable. If exact match exists we already chose it and + * never reach here. SSL will still fail it if the cert doesn't allow + * *.x.com. + */ + vhost = context->vhost_list; + while (vhost) { + m = (int)strlen(vhost->name); + if (port == vhost->listen_port && + m <= (colon - 2) && + servername[colon - m - 1] == '.' && + !strncmp(vhost->name, servername + colon - m, m)) { + lwsl_info("SNI: Found %s on wildcard: %s\n", + servername, vhost->name); + return vhost; + } + vhost = vhost->vhost_next; + } + + /* Priority 3: match the first vhost on our port */ + + vhost = context->vhost_list; + while (vhost) { + if (port == vhost->listen_port) { + lwsl_info("%s: vhost match to %s based on port %d\n", + __func__, vhost->name, port); + return vhost; + } + vhost = vhost->vhost_next; + } + + /* no match */ + + return NULL; +} + +LWS_VISIBLE LWS_EXTERN const char * +lws_get_mimetype(const char *file, const struct lws_http_mount *m) +{ + int n = (int)strlen(file); + const struct lws_protocol_vhost_options *pvo = NULL; + + if (m) + pvo = m->extra_mimetypes; + + if (n < 5) + return NULL; + + if (!strcmp(&file[n - 4], ".ico")) + return "image/x-icon"; + + if (!strcmp(&file[n - 4], ".gif")) + return "image/gif"; + + if (!strcmp(&file[n - 3], ".js")) + return "text/javascript"; + + if (!strcmp(&file[n - 4], ".png")) + return "image/png"; + + if (!strcmp(&file[n - 4], ".jpg")) + return "image/jpeg"; + + if (!strcmp(&file[n - 3], ".gz")) + return "application/gzip"; + + if (!strcmp(&file[n - 4], ".JPG")) + return "image/jpeg"; + + if (!strcmp(&file[n - 5], ".html")) + return "text/html"; + + if (!strcmp(&file[n - 4], ".css")) + return "text/css"; + + if (!strcmp(&file[n - 4], ".txt")) + return "text/plain"; + + if (!strcmp(&file[n - 4], ".svg")) + return "image/svg+xml"; + + if (!strcmp(&file[n - 4], ".ttf")) + return "application/x-font-ttf"; + + if (!strcmp(&file[n - 4], ".otf")) + return "application/font-woff"; + + if (!strcmp(&file[n - 5], ".woff")) + return "application/font-woff"; + + if (!strcmp(&file[n - 4], ".xml")) + return "application/xml"; + + while (pvo) { + if (pvo->name[0] == '*') /* ie, match anything */ + return pvo->value; + + if (!strcmp(&file[n - strlen(pvo->name)], pvo->name)) + return pvo->value; + + pvo = pvo->next; + } + + return NULL; +} +static lws_fop_flags_t +lws_vfs_prepare_flags(struct lws *wsi) +{ + lws_fop_flags_t f = 0; + + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING)) + return f; + + if (strstr(lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING), + "gzip")) { + lwsl_info("client indicates GZIP is acceptable\n"); + f |= LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP; + } + + return f; +} + +static int +lws_http_serve(struct lws *wsi, char *uri, const char *origin, + const struct lws_http_mount *m) +{ + const struct lws_protocol_vhost_options *pvo = m->interpret; + struct lws_process_html_args args; + const char *mimetype; +#if !defined(_WIN32_WCE) + const struct lws_plat_file_ops *fops; + const char *vpath; + lws_fop_flags_t fflags = LWS_O_RDONLY; +#if defined(WIN32) && defined(LWS_HAVE__STAT32I64) + struct _stat32i64 st; +#else + struct stat st; +#endif + int spin = 0; +#endif + char path[256], sym[512]; + unsigned char *p = (unsigned char *)sym + 32 + LWS_PRE, *start = p; + unsigned char *end = p + sizeof(sym) - 32 - LWS_PRE; +#if !defined(WIN32) && !defined(LWS_WITH_ESP32) + size_t len; +#endif + int n; + + wsi->handling_404 = 0; + if (!wsi->vhost) + return -1; + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + if (wsi->vhost->http.error_document_404 && + !strcmp(uri, wsi->vhost->http.error_document_404)) + wsi->handling_404 = 1; +#endif + + lws_snprintf(path, sizeof(path) - 1, "%s/%s", origin, uri); + +#if !defined(_WIN32_WCE) + + fflags |= lws_vfs_prepare_flags(wsi); + + do { + spin++; + fops = lws_vfs_select_fops(wsi->context->fops, path, &vpath); + + if (wsi->http.fop_fd) + lws_vfs_file_close(&wsi->http.fop_fd); + + wsi->http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops, + path, vpath, &fflags); + if (!wsi->http.fop_fd) { + lwsl_info("%s: Unable to open '%s': errno %d\n", + __func__, path, errno); + + return -1; + } + + /* if it can't be statted, don't try */ + if (fflags & LWS_FOP_FLAG_VIRTUAL) + break; +#if defined(LWS_WITH_ESP32) + break; +#endif +#if !defined(WIN32) + if (fstat(wsi->http.fop_fd->fd, &st)) { + lwsl_info("unable to stat %s\n", path); + goto bail; + } +#else +#if defined(LWS_HAVE__STAT32I64) + if (_stat32i64(path, &st)) { + lwsl_info("unable to stat %s\n", path); + goto bail; + } +#else + if (stat(path, &st)) { + lwsl_info("unable to stat %s\n", path); + goto bail; + } +#endif +#endif + + wsi->http.fop_fd->mod_time = (uint32_t)st.st_mtime; + fflags |= LWS_FOP_FLAG_MOD_TIME_VALID; + +#if !defined(WIN32) && !defined(LWS_WITH_ESP32) + if ((S_IFMT & st.st_mode) == S_IFLNK) { + len = readlink(path, sym, sizeof(sym) - 1); + if (len) { + lwsl_err("Failed to read link %s\n", path); + goto bail; + } + sym[len] = '\0'; + lwsl_debug("symlink %s -> %s\n", path, sym); + lws_snprintf(path, sizeof(path) - 1, "%s", sym); + } +#endif + if ((S_IFMT & st.st_mode) == S_IFDIR) { + lwsl_debug("default filename append to dir\n"); + lws_snprintf(path, sizeof(path) - 1, "%s/%s/index.html", + origin, uri); + } + + } while ((S_IFMT & st.st_mode) != S_IFREG && spin < 5); + + if (spin == 5) + lwsl_err("symlink loop %s \n", path); + + n = sprintf(sym, "%08llX%08lX", + (unsigned long long)lws_vfs_get_length(wsi->http.fop_fd), + (unsigned long)lws_vfs_get_mod_time(wsi->http.fop_fd)); + + /* disable ranges if IF_RANGE token invalid */ + + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_RANGE)) + if (strcmp(sym, lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_IF_RANGE))) + /* differs - defeat Range: */ + wsi->http.ah->frag_index[WSI_TOKEN_HTTP_RANGE] = 0; + + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_NONE_MATCH)) { + /* + * he thinks he has some version of it already, + * check if the tag matches + */ + if (!strcmp(sym, lws_hdr_simple_ptr(wsi, + WSI_TOKEN_HTTP_IF_NONE_MATCH))) { + + lwsl_debug("%s: ETAG match %s %s\n", __func__, + uri, origin); + + /* we don't need to send the payload */ + if (lws_add_http_header_status(wsi, + HTTP_STATUS_NOT_MODIFIED, &p, end)) + return -1; + + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_ETAG, + (unsigned char *)sym, n, &p, end)) + return -1; + + if (lws_finalize_http_header(wsi, &p, end)) + return -1; + + n = lws_write(wsi, start, p - start, + LWS_WRITE_HTTP_HEADERS | + LWS_WRITE_H2_STREAM_END); + if (n != (p - start)) { + lwsl_err("_write returned %d from %ld\n", n, + (long)(p - start)); + return -1; + } + + lws_vfs_file_close(&wsi->http.fop_fd); + + return lws_http_transaction_completed(wsi); + } + } + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ETAG, + (unsigned char *)sym, n, &p, end)) + return -1; +#endif + + mimetype = lws_get_mimetype(path, m); + if (!mimetype) { + lwsl_err("unknown mimetype for %s\n", path); + goto bail; + } + if (!mimetype[0]) + lwsl_debug("sending no mimetype for %s\n", path); + + wsi->sending_chunked = 0; + + /* + * check if this is in the list of file suffixes to be interpreted by + * a protocol + */ + while (pvo) { + n = (int)strlen(path); + if (n > (int)strlen(pvo->name) && + !strcmp(&path[n - strlen(pvo->name)], pvo->name)) { + wsi->interpreting = 1; + if (!wsi->http2_substream) + wsi->sending_chunked = 1; + wsi->protocol_interpret_idx = + (char)(lws_intptr_t)pvo->value; + lwsl_info("want %s interpreted by %s\n", path, + wsi->vhost->protocols[ + (int)(lws_intptr_t)(pvo->value)].name); + wsi->protocol = &wsi->vhost->protocols[ + (int)(lws_intptr_t)(pvo->value)]; + if (lws_ensure_user_space(wsi)) + return -1; + break; + } + pvo = pvo->next; + } + + if (m->protocol) { + const struct lws_protocols *pp = lws_vhost_name_to_protocol( + wsi->vhost, m->protocol); + + if (lws_bind_protocol(wsi, pp)) + return 1; + args.p = (char *)p; + args.max_len = lws_ptr_diff(end, p); + if (pp->callback(wsi, LWS_CALLBACK_ADD_HEADERS, + wsi->user_space, &args, 0)) + return -1; + p = (unsigned char *)args.p; + } + + n = lws_serve_http_file(wsi, path, mimetype, (char *)start, + lws_ptr_diff(p, start)); + + if (n < 0 || ((n > 0) && lws_http_transaction_completed(wsi))) + return -1; /* error or can't reuse connection: close the socket */ + + return 0; +bail: + + return -1; +} + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) +const struct lws_http_mount * +lws_find_mount(struct lws *wsi, const char *uri_ptr, int uri_len) +{ + const struct lws_http_mount *hm, *hit = NULL; + int best = 0; + + hm = wsi->vhost->http.mount_list; + while (hm) { + if (uri_len >= hm->mountpoint_len && + !strncmp(uri_ptr, hm->mountpoint, hm->mountpoint_len) && + (uri_ptr[hm->mountpoint_len] == '\0' || + uri_ptr[hm->mountpoint_len] == '/' || + hm->mountpoint_len == 1) + ) { + if (hm->origin_protocol == LWSMPRO_CALLBACK || + ((hm->origin_protocol == LWSMPRO_CGI || + lws_hdr_total_length(wsi, WSI_TOKEN_GET_URI) || + (wsi->http2_substream && + lws_hdr_total_length(wsi, + WSI_TOKEN_HTTP_COLON_PATH)) || + hm->protocol) && + hm->mountpoint_len > best)) { + best = hm->mountpoint_len; + hit = hm; + } + } + hm = hm->mount_next; + } + + return hit; +} +#endif + +#if !defined(LWS_WITH_ESP32) +static int +lws_find_string_in_file(const char *filename, const char *string, int stringlen) +{ + char buf[128]; + int fd, match = 0, pos = 0, n = 0, hit = 0; + + fd = lws_open(filename, O_RDONLY); + if (fd < 0) { + lwsl_err("can't open auth file: %s\n", filename); + return 0; + } + + while (1) { + if (pos == n) { + n = read(fd, buf, sizeof(buf)); + if (n <= 0) { + if (match == stringlen) + hit = 1; + break; + } + pos = 0; + } + + if (match == stringlen) { + if (buf[pos] == '\r' || buf[pos] == '\n') { + hit = 1; + break; + } + match = 0; + } + + if (buf[pos] == string[match]) + match++; + else + match = 0; + + pos++; + } + + close(fd); + + return hit; +} +#endif + +static int +lws_unauthorised_basic_auth(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + unsigned char *start = pt->serv_buf + LWS_PRE, + *p = start, *end = p + 512; + char buf[64]; + int n; + + /* no auth... tell him it is required */ + + if (lws_add_http_header_status(wsi, HTTP_STATUS_UNAUTHORIZED, &p, end)) + return -1; + + n = lws_snprintf(buf, sizeof(buf), "Basic realm=\"lwsws\""); + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_WWW_AUTHENTICATE, + (unsigned char *)buf, n, &p, end)) + return -1; + + if (lws_finalize_http_header(wsi, &p, end)) + return -1; + + n = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS | + LWS_WRITE_H2_STREAM_END); + if (n < 0) + return -1; + + return lws_http_transaction_completed(wsi); + +} + +int lws_clean_url(char *p) +{ + if (p[0] == 'h' && p[1] == 't' && p[2] == 't' && p[3] == 'p') { + p += 4; + if (*p == 's') + p++; + if (*p == ':') { + p++; + if (*p == '/') + p++; + } + } + + while (*p) { + if (p[0] == '/' && p[1] == '/') { + char *p1 = p; + while (*p1) { + *p1 = p1[1]; + p1++; + } + continue; + } + p++; + } + + return 0; +} + +static const unsigned char methods[] = { + WSI_TOKEN_GET_URI, + WSI_TOKEN_POST_URI, + WSI_TOKEN_OPTIONS_URI, + WSI_TOKEN_PUT_URI, + WSI_TOKEN_PATCH_URI, + WSI_TOKEN_DELETE_URI, + WSI_TOKEN_CONNECT, + WSI_TOKEN_HEAD_URI, +#ifdef LWS_WITH_HTTP2 + WSI_TOKEN_HTTP_COLON_PATH, +#endif +}; + +static int +lws_http_get_uri_and_method(struct lws *wsi, char **puri_ptr, int *puri_len) +{ + int n, count = 0; + + for (n = 0; n < (int)LWS_ARRAY_SIZE(methods); n++) + if (lws_hdr_total_length(wsi, methods[n])) + count++; + if (!count) { + lwsl_warn("Missing URI in HTTP request\n"); + return -1; + } + + if (count != 1 && + !(wsi->http2_substream && + lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COLON_PATH))) { + lwsl_warn("multiple methods?\n"); + return -1; + } + + for (n = 0; n < (int)LWS_ARRAY_SIZE(methods); n++) + if (lws_hdr_total_length(wsi, methods[n])) { + *puri_ptr = lws_hdr_simple_ptr(wsi, methods[n]); + *puri_len = lws_hdr_total_length(wsi, methods[n]); + return n; + } + + return -1; +} + +int +lws_http_action(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + enum http_connection_type connection_type; + enum http_version request_version; + char content_length_str[32]; + struct lws_process_html_args args; + const struct lws_http_mount *hit = NULL; + unsigned int n; + char http_version_str[10]; + char http_conn_str[20]; + int http_version_len; + char *uri_ptr = NULL, *s; + int uri_len = 0, meth; + static const char * const oprot[] = { + "http://", "https://" + }; + + meth = lws_http_get_uri_and_method(wsi, &uri_ptr, &uri_len); + if (meth < 0 || meth >= (int)LWS_ARRAY_SIZE(method_names)) + goto bail_nuke_ah; + + /* we insist on absolute paths */ + + if (!uri_ptr || uri_ptr[0] != '/') { + lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL); + + goto bail_nuke_ah; + } + + lwsl_info("Method: '%s' (%d), request for '%s'\n", method_names[meth], + meth, uri_ptr); + + if (wsi->role_ops && wsi->role_ops->check_upgrades) + switch (wsi->role_ops->check_upgrades(wsi)) { + case LWS_UPG_RET_DONE: + return 0; + case LWS_UPG_RET_CONTINUE: + break; + case LWS_UPG_RET_BAIL: + goto bail_nuke_ah; + } + + if (lws_ensure_user_space(wsi)) + goto bail_nuke_ah; + + /* HTTP header had a content length? */ + + wsi->http.rx_content_length = 0; + if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI) || + lws_hdr_total_length(wsi, WSI_TOKEN_PATCH_URI) || + lws_hdr_total_length(wsi, WSI_TOKEN_PUT_URI)) + wsi->http.rx_content_length = 100 * 1024 * 1024; + + if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { + lws_hdr_copy(wsi, content_length_str, + sizeof(content_length_str) - 1, + WSI_TOKEN_HTTP_CONTENT_LENGTH); + wsi->http.rx_content_length = atoll(content_length_str); + } + + if (wsi->http2_substream) { + wsi->http.request_version = HTTP_VERSION_2; + } else { + /* http_version? Default to 1.0, override with token: */ + request_version = HTTP_VERSION_1_0; + + /* Works for single digit HTTP versions. : */ + http_version_len = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP); + if (http_version_len > 7) { + lws_hdr_copy(wsi, http_version_str, + sizeof(http_version_str) - 1, + WSI_TOKEN_HTTP); + if (http_version_str[5] == '1' && + http_version_str[7] == '1') + request_version = HTTP_VERSION_1_1; + } + wsi->http.request_version = request_version; + + /* HTTP/1.1 defaults to "keep-alive", 1.0 to "close" */ + if (request_version == HTTP_VERSION_1_1) + connection_type = HTTP_CONNECTION_KEEP_ALIVE; + else + connection_type = HTTP_CONNECTION_CLOSE; + + /* Override default if http "Connection:" header: */ + if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECTION)) { + lws_hdr_copy(wsi, http_conn_str, + sizeof(http_conn_str) - 1, + WSI_TOKEN_CONNECTION); + http_conn_str[sizeof(http_conn_str) - 1] = '\0'; + if (!strcasecmp(http_conn_str, "keep-alive")) + connection_type = HTTP_CONNECTION_KEEP_ALIVE; + else + if (!strcasecmp(http_conn_str, "close")) + connection_type = HTTP_CONNECTION_CLOSE; + } + wsi->http.connection_type = connection_type; + } + + n = wsi->protocol->callback(wsi, LWS_CALLBACK_FILTER_HTTP_CONNECTION, + wsi->user_space, uri_ptr, uri_len); + if (n) { + lwsl_info("LWS_CALLBACK_HTTP closing\n"); + + return 1; + } + /* + * if there is content supposed to be coming, + * put a timeout on it having arrived + */ + lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, + wsi->context->timeout_secs); +#ifdef LWS_WITH_TLS + if (wsi->tls.redirect_to_https) { + /* + * we accepted http:// only so we could redirect to + * https://, so issue the redirect. Create the redirection + * URI from the host: header and ignore the path part + */ + unsigned char *start = pt->serv_buf + LWS_PRE, *p = start, + *end = p + 512; + + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) + goto bail_nuke_ah; + + n = sprintf((char *)end, "https://%s/", + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)); + + n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY, + end, n, &p, end); + if ((int)n < 0) + goto bail_nuke_ah; + + return lws_http_transaction_completed(wsi); + } +#endif + +#ifdef LWS_WITH_ACCESS_LOG + lws_prepare_access_log_info(wsi, uri_ptr, meth); +#endif + + /* can we serve it from the mount list? */ + + hit = lws_find_mount(wsi, uri_ptr, uri_len); + if (!hit) { + /* deferred cleanup and reset to protocols[0] */ + + lwsl_info("no hit\n"); + + if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0])) + return 1; + + lwsi_set_state(wsi, LRS_DOING_TRANSACTION); + + n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, + wsi->user_space, uri_ptr, uri_len); + + goto after; + } + + s = uri_ptr + hit->mountpoint_len; + + /* + * if we have a mountpoint like https://xxx.com/yyy + * there is an implied / at the end for our purposes since + * we can only mount on a "directory". + * + * But if we just go with that, the browser cannot understand + * that he is actually looking down one "directory level", so + * even though we give him /yyy/abc.html he acts like the + * current directory level is /. So relative urls like "x.png" + * wrongly look outside the mountpoint. + * + * Therefore if we didn't come in on a url with an explicit + * / at the end, we must redirect to add it so the browser + * understands he is one "directory level" down. + */ + if ((hit->mountpoint_len > 1 || + (hit->origin_protocol == LWSMPRO_REDIR_HTTP || + hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) && + (*s != '/' || + (hit->origin_protocol == LWSMPRO_REDIR_HTTP || + hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) && + (hit->origin_protocol != LWSMPRO_CGI && + hit->origin_protocol != LWSMPRO_CALLBACK)) { + unsigned char *start = pt->serv_buf + LWS_PRE, + *p = start, *end = p + 512; + + lwsl_debug("Doing 301 '%s' org %s\n", s, hit->origin); + + /* > at start indicates deal with by redirect */ + if (hit->origin_protocol == LWSMPRO_REDIR_HTTP || + hit->origin_protocol == LWSMPRO_REDIR_HTTPS) + n = lws_snprintf((char *)end, 256, "%s%s", + oprot[hit->origin_protocol & 1], + hit->origin); + else { + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { + if (!lws_hdr_total_length(wsi, + WSI_TOKEN_HTTP_COLON_AUTHORITY)) + goto bail_nuke_ah; + n = lws_snprintf((char *)end, 256, + "%s%s%s/", oprot[!!lws_is_ssl(wsi)], + lws_hdr_simple_ptr(wsi, + WSI_TOKEN_HTTP_COLON_AUTHORITY), + uri_ptr); + } else + n = lws_snprintf((char *)end, 256, + "%s%s%s/", oprot[!!lws_is_ssl(wsi)], + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST), + uri_ptr); + } + + lws_clean_url((char *)end); + n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY, + end, n, &p, end); + if ((int)n < 0) + goto bail_nuke_ah; + + return lws_http_transaction_completed(wsi); + } + + /* basic auth? */ + + if (hit->basic_auth_login_file) { + char b64[160], plain[(sizeof(b64) * 3) / 4]; + int m; + + /* Did he send auth? */ + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION)) + return lws_unauthorised_basic_auth(wsi); + + n = HTTP_STATUS_FORBIDDEN; + + m = lws_hdr_copy(wsi, b64, sizeof(b64), + WSI_TOKEN_HTTP_AUTHORIZATION); + if (m < 7) { + lwsl_err("b64 auth too long\n"); + goto transaction_result_n; + } + + b64[5] = '\0'; + if (strcasecmp(b64, "Basic")) { + lwsl_err("auth missing basic: %s\n", b64); + goto transaction_result_n; + } + + /* It'll be like Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l */ + + m = lws_b64_decode_string(b64 + 6, plain, sizeof(plain)); + if (m < 0) { + lwsl_err("plain auth too long\n"); + goto transaction_result_n; + } + + if (!lws_find_string_in_file(hit->basic_auth_login_file, + plain, m)) { + lwsl_err("basic auth lookup failed\n"); + return lws_unauthorised_basic_auth(wsi); + } + + lwsl_info("basic auth accepted\n"); + + /* accept the auth */ + } + +#if defined(LWS_WITH_HTTP_PROXY) + /* + * The mount is a reverse proxy? + */ + + if (hit->origin_protocol == LWSMPRO_HTTPS || + hit->origin_protocol == LWSMPRO_HTTP) { + struct lws_client_connect_info i; + char ads[96], rpath[256], *pcolon, *pslash, *p; + int n, na; + + memset(&i, 0, sizeof(i)); + i.context = lws_get_context(wsi); + + pcolon = strchr(hit->origin, ':'); + pslash = strchr(hit->origin, '/'); + if (!pslash) { + lwsl_err("Proxy mount origin '%s' must have /\n", + hit->origin); + return -1; + } + if (pcolon > pslash) + pcolon = NULL; + + if (pcolon) + n = pcolon - hit->origin; + else + n = pslash - hit->origin; + + if (n >= (int)sizeof(ads) - 2) + n = sizeof(ads) - 2; + + memcpy(ads, hit->origin, n); + ads[n] = '\0'; + + i.address = ads; + i.port = 80; + if (hit->origin_protocol == LWSMPRO_HTTPS) { + i.port = 443; + i.ssl_connection = 1; + } + if (pcolon) + i.port = atoi(pcolon + 1); + + lws_snprintf(rpath, sizeof(rpath) - 1, "/%s/%s", pslash + 1, + uri_ptr + hit->mountpoint_len); + lws_clean_url(rpath); + na = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_URI_ARGS); + if (na) { + p = rpath + strlen(rpath); + *p++ = '?'; + lws_hdr_copy(wsi, p, &rpath[sizeof(rpath) - 1] - p, + WSI_TOKEN_HTTP_URI_ARGS); + while (--na) { + if (*p == '\0') + *p = '&'; + p++; + } + } + + + i.path = rpath; + i.host = i.address; + i.origin = NULL; + i.method = "GET"; + i.parent_wsi = wsi; + i.uri_replace_from = hit->origin; + i.uri_replace_to = hit->mountpoint; + + lwsl_notice("proxying to %s port %d url %s, ssl %d, " + "from %s, to %s\n", + i.address, i.port, i.path, i.ssl_connection, + i.uri_replace_from, i.uri_replace_to); + + if (!lws_client_connect_via_info(&i)) { + lwsl_err("proxy connect fail\n"); + return 1; + } + + return 0; + } +#endif + + /* + * A particular protocol callback is mounted here? + * + * For the duration of this http transaction, bind us to the + * associated protocol + */ + if (hit->origin_protocol == LWSMPRO_CALLBACK || hit->protocol) { + const struct lws_protocols *pp; + const char *name = hit->origin; + if (hit->protocol) + name = hit->protocol; + + pp = lws_vhost_name_to_protocol(wsi->vhost, name); + if (!pp) { + n = -1; + lwsl_err("Unable to find plugin '%s'\n", + hit->origin); + return 1; + } + + if (lws_bind_protocol(wsi, pp)) + return 1; + + args.p = uri_ptr; + args.len = uri_len; + args.max_len = hit->auth_mask; + args.final = 0; /* used to signal callback dealt with it */ + args.chunked = 0; + + n = wsi->protocol->callback(wsi, + LWS_CALLBACK_CHECK_ACCESS_RIGHTS, + wsi->user_space, &args, 0); + if (n) { + lws_return_http_status(wsi, HTTP_STATUS_UNAUTHORIZED, + NULL); + goto bail_nuke_ah; + } + if (args.final) /* callback completely handled it well */ + return 0; + + if (hit->cgienv && wsi->protocol->callback(wsi, + LWS_CALLBACK_HTTP_PMO, + wsi->user_space, (void *)hit->cgienv, 0)) + return 1; + + if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI)) { + n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, + wsi->user_space, + uri_ptr + hit->mountpoint_len, + uri_len - hit->mountpoint_len); + goto after; + } + } + +#ifdef LWS_WITH_CGI + /* did we hit something with a cgi:// origin? */ + if (hit->origin_protocol == LWSMPRO_CGI) { + const char *cmd[] = { + NULL, /* replace with cgi path */ + NULL + }; + + lwsl_debug("%s: cgi\n", __func__); + cmd[0] = hit->origin; + + n = 5; + if (hit->cgi_timeout) + n = hit->cgi_timeout; + + n = lws_cgi(wsi, cmd, hit->mountpoint_len, n, + hit->cgienv); + if (n) { + lwsl_err("%s: cgi failed\n", __func__); + return -1; + } + + goto deal_body; + } +#endif + + n = (int)strlen(s); + if (s[0] == '\0' || (n == 1 && s[n - 1] == '/')) + s = (char *)hit->def; + if (!s) + s = "index.html"; + + wsi->cache_secs = hit->cache_max_age; + wsi->cache_reuse = hit->cache_reusable; + wsi->cache_revalidate = hit->cache_revalidate; + wsi->cache_intermediaries = hit->cache_intermediaries; + + n = 1; + if (hit->origin_protocol == LWSMPRO_FILE) + n = lws_http_serve(wsi, s, hit->origin, hit); + if (n) { + /* + * lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL); + */ + if (hit->protocol) { + const struct lws_protocols *pp = + lws_vhost_name_to_protocol( + wsi->vhost, hit->protocol); + + if (lws_bind_protocol(wsi, pp)) + return 1; + + n = pp->callback(wsi, LWS_CALLBACK_HTTP, + wsi->user_space, + uri_ptr + hit->mountpoint_len, + uri_len - hit->mountpoint_len); + } else + n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, + wsi->user_space, uri_ptr, uri_len); + } + +after: + if (n) { + lwsl_info("LWS_CALLBACK_HTTP closing\n"); + + return 1; + } + +#ifdef LWS_WITH_CGI +deal_body: +#endif + /* + * If we're not issuing a file, check for content_length or + * HTTP keep-alive. No keep-alive header allocation for + * ISSUING_FILE, as this uses HTTP/1.0. + * + * In any case, return 0 and let lws_read decide how to + * proceed based on state + */ + if (lwsi_state(wsi) != LRS_ISSUING_FILE) { + /* Prepare to read body if we have a content length: */ + lwsl_debug("wsi->http.rx_content_length %lld %d %d\n", + (long long)wsi->http.rx_content_length, + wsi->upgraded_to_http2, wsi->http2_substream); + if (wsi->http.rx_content_length > 0) { + struct lws_tokens ebuf; + int m; + + lwsi_set_state(wsi, LRS_BODY); + lwsl_info("%s: %p: LRS_BODY state set (0x%x)\n", + __func__, wsi, wsi->wsistate); + wsi->http.rx_content_remain = + wsi->http.rx_content_length; + + /* + * At this point we have transitioned from deferred + * action to expecting BODY on the stream wsi, if it's + * in a bundle like h2. So if the stream wsi has its + * own buflist, we need to deal with that first. + */ + + while (1) { + ebuf.len = (int)lws_buflist_next_segment_len( + &wsi->buflist, (uint8_t **)&ebuf.token); + if (!ebuf.len) + break; + lwsl_notice("%s: consuming %d\n", __func__, (int)ebuf.len); + m = lws_read_h1(wsi, (uint8_t *)ebuf.token, ebuf.len); + if (m < 0) + return -1; + + if (lws_buflist_aware_consume(wsi, &ebuf, m, 1)) + return -1; + } + } + } + + return 0; + +bail_nuke_ah: + lws_header_table_detach(wsi, 1); + + return 1; + +transaction_result_n: + lws_return_http_status(wsi, n, NULL); + + return lws_http_transaction_completed(wsi); +} + +int +lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len) +{ + struct lws_context *context = lws_get_context(wsi); + unsigned char *obuf = *buf; +#if defined(LWS_WITH_HTTP2) + char tbuf[128], *p; +#endif + size_t olen = len; + int n = 0, m, i; + + if (len >= 10000000) { + lwsl_err("%s: assert: len %ld\n", __func__, (long)len); + assert(0); + } + + if (!wsi->http.ah) { + lwsl_err("%s: assert: NULL ah\n", __func__); + assert(0); + } + + while (len) { + if (!lwsi_role_server(wsi) || !lwsi_role_http(wsi)) { + lwsl_err("%s: bad wsi role 0x%x\n", __func__, + lwsi_role(wsi)); + goto bail_nuke_ah; + } + + i = (int)len; + m = lws_parse(wsi, *buf, &i); + lwsl_info("%s: parsed count %d\n", __func__, (int)len - i); + (*buf) += (int)len - i; + len = i; + if (m) { + if (m == 2) { + /* + * we are transitioning from http with + * an AH, to raw. Drop the ah and set + * the mode. + */ +raw_transition: + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + lws_bind_protocol(wsi, &wsi->vhost->protocols[ + wsi->vhost-> + raw_protocol_index]); + lwsl_info("transition to raw vh %s prot %d\n", + wsi->vhost->name, + wsi->vhost->raw_protocol_index); + if ((wsi->protocol->callback)(wsi, + LWS_CALLBACK_RAW_ADOPT, + wsi->user_space, NULL, 0)) + goto bail_nuke_ah; + + lws_role_transition(wsi, 0, LRS_ESTABLISHED, + &role_ops_raw_skt); + lws_header_table_detach(wsi, 1); + + if (m == 2 && (wsi->protocol->callback)(wsi, + LWS_CALLBACK_RAW_RX, + wsi->user_space, obuf, olen)) + return 1; + + return 0; + } + lwsl_info("lws_parse failed\n"); + goto bail_nuke_ah; + } + + if (wsi->http.ah->parser_state != WSI_PARSING_COMPLETE) + continue; + + lwsl_parser("%s: lws_parse sees parsing complete\n", __func__); + + /* select vhost */ + + if (lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) { + struct lws_vhost *vhost = lws_select_vhost( + context, wsi->vhost->listen_port, + lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST)); + + if (vhost) + wsi->vhost = vhost; + } else + lwsl_info("no host\n"); + + if (!lwsi_role_h2(wsi) || !lwsi_role_server(wsi)) { + wsi->vhost->conn_stats.h1_trans++; + if (!wsi->conn_stat_done) { + wsi->vhost->conn_stats.h1_conn++; + wsi->conn_stat_done = 1; + } + } + + /* check for unwelcome guests */ + + if (wsi->context->reject_service_keywords) { + const struct lws_protocol_vhost_options *rej = + wsi->context->reject_service_keywords; + char ua[384], *msg = NULL; + + if (lws_hdr_copy(wsi, ua, sizeof(ua) - 1, + WSI_TOKEN_HTTP_USER_AGENT) > 0) { +#ifdef LWS_WITH_ACCESS_LOG + char *uri_ptr = NULL; + int meth, uri_len; +#endif + ua[sizeof(ua) - 1] = '\0'; + while (rej) { + if (!strstr(ua, rej->name)) { + rej = rej->next; + continue; + } + + msg = strchr(rej->value, ' '); + if (msg) + msg++; + lws_return_http_status(wsi, + atoi(rej->value), msg); +#ifdef LWS_WITH_ACCESS_LOG + meth = lws_http_get_uri_and_method(wsi, + &uri_ptr, &uri_len); + if (meth >= 0) + lws_prepare_access_log_info(wsi, + uri_ptr, meth); + + /* wsi close will do the log */ +#endif + wsi->vhost->conn_stats.rejected++; + /* + * We don't want anything from + * this rejected guy. Follow + * the close flow, not the + * transaction complete flow. + */ + goto bail_nuke_ah; + } + } + } + + + if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECT)) { + lwsl_info("Changing to RAW mode\n"); + m = 0; + goto raw_transition; + } + + lwsi_set_state(wsi, LRS_PRE_WS_SERVING_ACCEPT); + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + + /* is this websocket protocol or normal http 1.0? */ + + if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) { + if (!strcasecmp(lws_hdr_simple_ptr(wsi, + WSI_TOKEN_UPGRADE), + "websocket")) { +#if defined(LWS_ROLE_WS) + wsi->vhost->conn_stats.ws_upg++; + lwsl_info("Upgrade to ws\n"); + goto upgrade_ws; +#endif + } +#if defined(LWS_WITH_HTTP2) + if (!strcasecmp(lws_hdr_simple_ptr(wsi, + WSI_TOKEN_UPGRADE), + "h2c")) { + wsi->vhost->conn_stats.h2_upg++; + lwsl_info("Upgrade to h2c\n"); + goto upgrade_h2c; + } +#endif + lwsl_info("Unknown upgrade\n"); + /* dunno what he wanted to upgrade to */ + goto bail_nuke_ah; + } + + /* no upgrade ack... he remained as HTTP */ + + lwsl_info("%s: %p: No upgrade\n", __func__, wsi); + + lwsi_set_state(wsi, LRS_ESTABLISHED); + wsi->http.fop_fd = NULL; + + lwsl_debug("%s: wsi %p: ah %p\n", __func__, (void *)wsi, + (void *)wsi->http.ah); + + n = lws_http_action(wsi); + + return n; + +#if defined(LWS_WITH_HTTP2) +upgrade_h2c: + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP2_SETTINGS)) { + lwsl_info("missing http2_settings\n"); + goto bail_nuke_ah; + } + + lwsl_info("h2c upgrade...\n"); + + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP2_SETTINGS); + /* convert the peer's HTTP-Settings */ + n = lws_b64_decode_string(p, tbuf, sizeof(tbuf)); + if (n < 0) { + lwsl_parser("HTTP2_SETTINGS too long\n"); + return 1; + } + + /* adopt the header info */ + + if (!wsi->h2.h2n) { + wsi->h2.h2n = lws_zalloc(sizeof(*wsi->h2.h2n), + "h2n"); + if (!wsi->h2.h2n) + return 1; + } + + lws_h2_init(wsi); + + /* HTTP2 union */ + + lws_h2_settings(wsi, &wsi->h2.h2n->set, (unsigned char *)tbuf, n); + + lws_hpack_dynamic_size(wsi, wsi->h2.h2n->set.s[ + H2SET_HEADER_TABLE_SIZE]); + + strcpy(tbuf, "HTTP/1.1 101 Switching Protocols\x0d\x0a" + "Connection: Upgrade\x0d\x0a" + "Upgrade: h2c\x0d\x0a\x0d\x0a"); + m = (int)strlen(tbuf); + n = lws_issue_raw(wsi, (unsigned char *)tbuf, m); + if (n != m) { + lwsl_debug("http2 switch: ERROR writing to socket\n"); + return 1; + } + + lwsi_set_state(wsi, LRS_H2_AWAIT_PREFACE); + wsi->upgraded_to_http2 = 1; + + return 0; +#endif +#if defined(LWS_ROLE_WS) +upgrade_ws: + if (lws_process_ws_upgrade(wsi)) + goto bail_nuke_ah; + + return 0; +#endif + } /* while all chars are handled */ + + return 0; + +bail_nuke_ah: + /* drop the header info */ + lws_header_table_detach(wsi, 1); + + return 1; +} + + +static int +lws_get_idlest_tsi(struct lws_context *context) +{ + unsigned int lowest = ~0; + int n = 0, hit = -1; + + for (; n < context->count_threads; n++) { + if ((unsigned int)context->pt[n].fds_count != + context->fd_limit_per_thread - 1 && + (unsigned int)context->pt[n].fds_count < lowest) { + lowest = context->pt[n].fds_count; + hit = n; + } + } + + return hit; +} + +struct lws * +lws_create_new_server_wsi(struct lws_vhost *vhost, int fixed_tsi) +{ + struct lws *new_wsi; + int n = fixed_tsi; + + if (n < 0) + n = lws_get_idlest_tsi(vhost->context); + + if (n < 0) { + lwsl_err("no space for new conn\n"); + return NULL; + } + + new_wsi = lws_zalloc(sizeof(struct lws), "new server wsi"); + if (new_wsi == NULL) { + lwsl_err("Out of memory for new connection\n"); + return NULL; + } + + new_wsi->tsi = n; + lwsl_debug("new wsi %p joining vhost %s, tsi %d\n", new_wsi, + vhost->name, new_wsi->tsi); + + new_wsi->vhost = vhost; + new_wsi->context = vhost->context; + new_wsi->pending_timeout = NO_PENDING_TIMEOUT; + new_wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; + + /* initialize the instance struct */ + + lwsi_set_state(new_wsi, LRS_UNCONNECTED); + new_wsi->hdr_parsing_completed = 0; + +#ifdef LWS_WITH_TLS + new_wsi->tls.use_ssl = LWS_SSL_ENABLED(vhost); +#endif + + /* + * these can only be set once the protocol is known + * we set an un-established connection's protocol pointer + * to the start of the supported list, so it can look + * for matching ones during the handshake + */ + new_wsi->protocol = vhost->protocols; + new_wsi->user_space = NULL; + new_wsi->desc.sockfd = LWS_SOCK_INVALID; + new_wsi->position_in_fds_table = LWS_NO_FDS_POS; + + vhost->context->count_wsi_allocated++; + + /* + * outermost create notification for wsi + * no user_space because no protocol selection + */ + vhost->protocols[0].callback(new_wsi, LWS_CALLBACK_WSI_CREATE, + NULL, NULL, 0); + + return new_wsi; +} + +LWS_VISIBLE int LWS_WARN_UNUSED_RESULT +lws_http_transaction_completed(struct lws *wsi) +{ + int n = NO_PENDING_TIMEOUT; + + if (wsi->trunc_len) { + /* + * ...so he tried to send something large as the http reply, + * it went as a partial, but he immediately said the + * transaction was completed. + * + * Defer the transaction completed until the last part of the + * partial is sent. + */ + lwsl_notice("%s: deferring due to partial\n", __func__); + wsi->http.deferred_transaction_completed = 1; + + return 0; + } + + lwsl_info("%s: wsi %p\n", __func__, wsi); + + lws_access_log(wsi); + + if (!wsi->hdr_parsing_completed) { + char peer[64]; + lws_get_peer_simple(wsi, peer, sizeof(peer) - 1); + peer[sizeof(peer) - 1] = '\0'; + lwsl_notice("%s: (from %s) ignoring, ah parsing incomplete\n", + __func__, peer); + return 0; + } + + /* if we can't go back to accept new headers, drop the connection */ + if (wsi->http2_substream) + return 0; + + if (wsi->seen_zero_length_recv) + return 1; + + if (wsi->http.connection_type != HTTP_CONNECTION_KEEP_ALIVE) { + lwsl_notice("%s: %p: close connection\n", __func__, wsi); + return 1; + } + + if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0])) + return 1; + + /* + * otherwise set ourselves up ready to go again, but because we have no + * idea about the wsi writability, we make put it in a holding state + * until we can verify POLLOUT. The part of this that confirms POLLOUT + * with no partials is in lws_server_socket_service() below. + */ + lwsl_debug("%s: %p: setting DEF_ACT from 0x%x\n", __func__, + wsi, wsi->wsistate); + lwsi_set_state(wsi, LRS_DEFERRING_ACTION); + wsi->http.tx_content_length = 0; + wsi->http.tx_content_remain = 0; + wsi->hdr_parsing_completed = 0; +#ifdef LWS_WITH_ACCESS_LOG + wsi->http.access_log.sent = 0; +#endif + + if (wsi->vhost->keepalive_timeout) + n = PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE; + lws_set_timeout(wsi, n, wsi->vhost->keepalive_timeout); + + /* + * We already know we are on http1.1 / keepalive and the next thing + * coming will be another header set. + * + * If there is no pending rx and we still have the ah, drop it and + * reacquire a new ah when the new headers start to arrive. (Otherwise + * we needlessly hog an ah indefinitely.) + * + * However if there is pending rx and we know from the keepalive state + * that is already at least the start of another header set, simply + * reset the existing header table and keep it. + */ + if (wsi->http.ah) { + // lws_buflist_describe(&wsi->buflist, wsi); + if (!lws_buflist_next_segment_len(&wsi->buflist, NULL)) { + lwsl_info("%s: %p: nothing in buflist so detaching ah\n", + __func__, wsi); + lws_header_table_detach(wsi, 1); +#ifdef LWS_WITH_TLS + /* + * additionally... if we are hogging an SSL instance + * with no pending pipelined headers (or ah now), and + * SSL is scarce, drop this connection without waiting + */ + + if (wsi->vhost->tls.use_ssl && + wsi->context->simultaneous_ssl_restriction && + wsi->context->simultaneous_ssl == + wsi->context->simultaneous_ssl_restriction) { + lwsl_info("%s: simultaneous_ssl_restriction\n", + __func__); + return 1; + } +#endif + } else { + lwsl_info("%s: %p: resetting and keeping ah as pipeline\n", + __func__, wsi); + lws_header_table_reset(wsi, 0); + /* + * If we kept the ah, we should restrict the amount + * of time we are willing to keep it. Otherwise it + * will be bound the whole time the connection remains + * open. + */ + lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH, + wsi->vhost->keepalive_timeout); + } + /* If we're (re)starting on headers, need other implied init */ + if (wsi->http.ah) + wsi->http.ah->ues = URIES_IDLE; + + //lwsi_set_state(wsi, LRS_ESTABLISHED); + } else + if (lws_buflist_next_segment_len(&wsi->buflist, NULL)) + if (lws_header_table_attach(wsi, 0)) + lwsl_debug("acquired ah\n"); + + lwsl_info("%s: %p: keep-alive await new transaction\n", __func__, wsi); + lws_callback_on_writable(wsi); + + return 0; +} + +/* if not a socket, it's a raw, non-ssl file descriptor */ + +LWS_VISIBLE struct lws * +lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type, + lws_sock_file_fd_type fd, const char *vh_prot_name, + struct lws *parent) +{ + struct lws_context *context = vh->context; + struct lws *new_wsi; + struct lws_context_per_thread *pt; + int n, ssl = 0; + +#if defined(LWS_WITH_PEER_LIMITS) + struct lws_peer *peer = NULL; + + if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO)) { + peer = lws_get_or_create_peer(vh, fd.sockfd); + + if (peer && context->ip_limit_wsi && + peer->count_wsi >= context->ip_limit_wsi) { + lwsl_notice("Peer reached wsi limit %d\n", + context->ip_limit_wsi); + lws_stats_atomic_bump(context, &context->pt[0], + LWSSTATS_C_PEER_LIMIT_WSI_DENIED, 1); + return NULL; + } + } +#endif + + n = -1; + if (parent) + n = parent->tsi; + new_wsi = lws_create_new_server_wsi(vh, n); + if (!new_wsi) { + if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO)) + compatible_close(fd.sockfd); + return NULL; + } +#if defined(LWS_WITH_PEER_LIMITS) + if (peer) + lws_peer_add_wsi(context, peer, new_wsi); +#endif + pt = &context->pt[(int)new_wsi->tsi]; + lws_stats_atomic_bump(context, pt, LWSSTATS_C_CONNECTIONS, 1); + + if (parent) { + new_wsi->parent = parent; + new_wsi->sibling_list = parent->child_list; + parent->child_list = new_wsi; + + if (type & LWS_ADOPT_WS_PARENTIO) + new_wsi->parent_carries_io = 1; + } + + new_wsi->desc = fd; + + if (vh_prot_name) { + new_wsi->protocol = lws_vhost_name_to_protocol(new_wsi->vhost, + vh_prot_name); + if (!new_wsi->protocol) { + lwsl_err("Protocol %s not enabled on vhost %s\n", + vh_prot_name, new_wsi->vhost->name); + goto bail; + } + if (lws_ensure_user_space(new_wsi)) { + lwsl_notice("OOM trying to get user_space\n"); + goto bail; + } +#if defined(LWS_ROLE_WS) + if (type & LWS_ADOPT_WS_PARENTIO) { + new_wsi->desc.sockfd = LWS_SOCK_INVALID; + lwsl_debug("binding to %s\n", new_wsi->protocol->name); + lws_bind_protocol(new_wsi, new_wsi->protocol); + lws_role_transition(new_wsi, LWSIFR_SERVER, + LRS_ESTABLISHED, &role_ops_ws); + /* allocate the ws struct for the wsi */ + new_wsi->ws = lws_zalloc(sizeof(*new_wsi->ws), "ws struct"); + if (!new_wsi->ws) { + lwsl_notice("OOM\n"); + goto bail; + } + lws_server_init_wsi_for_ws(new_wsi); + + return new_wsi; + } +#endif + } else +#if defined(LWS_ROLE_H1) + if (type & LWS_ADOPT_HTTP) {/* he will transition later */ + new_wsi->protocol = + &vh->protocols[vh->default_protocol_index]; + new_wsi->role_ops = &role_ops_h1; + } + else +#endif + { /* this is the only time he will transition */ + lws_bind_protocol(new_wsi, + &vh->protocols[vh->raw_protocol_index]); + lws_role_transition(new_wsi, 0, LRS_ESTABLISHED, + &role_ops_raw_skt); + } + + if (type & LWS_ADOPT_SOCKET) { /* socket desc */ + lwsl_debug("%s: new wsi %p, sockfd %d\n", __func__, new_wsi, + (int)(lws_intptr_t)fd.sockfd); +#if !defined(LWS_WITH_ESP32) + if (type & LWS_ADOPT_FLAG_UDP) + /* + * these can be >128 bytes, so just alloc for UDP + */ + new_wsi->udp = lws_malloc(sizeof(*new_wsi->udp), + "udp struct"); +#endif + + if (type & LWS_ADOPT_HTTP) + /* the transport is accepted... + * give him time to negotiate */ + lws_set_timeout(new_wsi, + PENDING_TIMEOUT_ESTABLISH_WITH_SERVER, + context->timeout_secs); + + } else /* file desc */ + lwsl_debug("%s: new wsi %p, filefd %d\n", __func__, new_wsi, + (int)(lws_intptr_t)fd.filefd); + + /* + * A new connection was accepted. Give the user a chance to + * set properties of the newly created wsi. There's no protocol + * selected yet so we issue this to the vhosts's default protocol, + * itself by default protocols[0] + */ + n = LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED; + if (!(type & LWS_ADOPT_HTTP)) { + if (!(type & LWS_ADOPT_SOCKET)) + n = LWS_CALLBACK_RAW_ADOPT_FILE; + else + n = LWS_CALLBACK_RAW_ADOPT; + } + + if (!LWS_SSL_ENABLED(new_wsi->vhost) || !(type & LWS_ADOPT_ALLOW_SSL) || + !(type & LWS_ADOPT_SOCKET)) { + /* non-SSL */ + if (!(type & LWS_ADOPT_HTTP)) { + if (!(type & LWS_ADOPT_SOCKET)) + lws_role_transition(new_wsi, 0, LRS_ESTABLISHED, + &role_ops_raw_file); + else + lws_role_transition(new_wsi, 0, LRS_ESTABLISHED, + &role_ops_raw_skt); + } +#if defined(LWS_ROLE_H1) + else + lws_role_transition(new_wsi, LWSIFR_SERVER, + LRS_HEADERS, &role_ops_h1); +#endif + } else { + /* SSL */ + if (!(type & LWS_ADOPT_HTTP)) + lws_role_transition(new_wsi, 0, LRS_SSL_INIT, + &role_ops_raw_skt); +#if defined(LWS_ROLE_H1) + else + lws_role_transition(new_wsi, LWSIFR_SERVER, + LRS_SSL_INIT, &role_ops_h1); +#endif + ssl = 1; + } + + lwsl_debug("new wsi wsistate 0x%x\n", new_wsi->wsistate); + + if (context->event_loop_ops->accept) + context->event_loop_ops->accept(new_wsi); + + if (!ssl) { + lws_pt_lock(pt, __func__); + if (__insert_wsi_socket_into_fds(context, new_wsi)) { + lws_pt_unlock(pt); + lwsl_err("%s: fail inserting socket\n", __func__); + goto fail; + } + lws_pt_unlock(pt); + } else + if (lws_server_socket_service_ssl(new_wsi, fd.sockfd)) { + lwsl_info("%s: fail ssl negotiation\n", __func__); + goto fail; + } + + /* + * by deferring callback to this point, after insertion to fds, + * lws_callback_on_writable() can work from the callback + */ + if ((new_wsi->protocol->callback)( + new_wsi, n, new_wsi->user_space, NULL, 0)) + goto fail; + + if (type & LWS_ADOPT_HTTP) { + if (!lws_header_table_attach(new_wsi, 0)) + lwsl_debug("Attached ah immediately\n"); + else + lwsl_info("%s: waiting for ah\n", __func__); + } + + lws_cancel_service_pt(new_wsi); + + return new_wsi; + +fail: + if (type & LWS_ADOPT_SOCKET) + lws_close_free_wsi(new_wsi, LWS_CLOSE_STATUS_NOSTATUS, "adopt skt fail"); + + return NULL; + +bail: + lwsl_notice("%s: exiting on bail\n", __func__); + if (parent) + parent->child_list = new_wsi->sibling_list; + if (new_wsi->user_space) + lws_free(new_wsi->user_space); + lws_free(new_wsi); + compatible_close(fd.sockfd); + + return NULL; +} + +LWS_VISIBLE struct lws * +lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd) +{ + lws_sock_file_fd_type fd; + + fd.sockfd = accept_fd; + return lws_adopt_descriptor_vhost(vh, LWS_ADOPT_SOCKET | + LWS_ADOPT_HTTP | LWS_ADOPT_ALLOW_SSL, fd, NULL, NULL); +} + +LWS_VISIBLE struct lws * +lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd) +{ + return lws_adopt_socket_vhost(context->vhost_list, accept_fd); +} + +/* Common read-buffer adoption for lws_adopt_*_readbuf */ +static struct lws* +adopt_socket_readbuf(struct lws *wsi, const char *readbuf, size_t len) +{ + struct lws_context_per_thread *pt; + struct lws_pollfd *pfd; + int n; + + if (!wsi) + return NULL; + + if (!readbuf || len == 0) + return wsi; + + if (wsi->position_in_fds_table == LWS_NO_FDS_POS) + return wsi; + + pt = &wsi->context->pt[(int)wsi->tsi]; + + n = lws_buflist_append_segment(&wsi->buflist, (const uint8_t *)readbuf, len); + if (n < 0) + goto bail; + if (n) + lws_dll_lws_add_front(&wsi->dll_buflist, &pt->dll_head_buflist); + + /* + * we can't process the initial read data until we can attach an ah. + * + * if one is available, get it and place the data in his ah rxbuf... + * wsi with ah that have pending rxbuf get auto-POLLIN service. + * + * no autoservice because we didn't get a chance to attach the + * readbuf data to wsi or ah yet, and we will do it next if we get + * the ah. + */ + if (wsi->http.ah || !lws_header_table_attach(wsi, 0)) { + + lwsl_notice("%s: calling service on readbuf ah\n", __func__); + + /* unlike a normal connect, we have the headers already + * (or the first part of them anyway). + * libuv won't come back and service us without a network + * event, so we need to do the header service right here. + */ + pfd = &pt->fds[wsi->position_in_fds_table]; + pfd->revents |= LWS_POLLIN; + lwsl_err("%s: calling service\n", __func__); + if (lws_service_fd_tsi(wsi->context, pfd, wsi->tsi)) + /* service closed us */ + return NULL; + + return wsi; + } + lwsl_err("%s: deferring handling ah\n", __func__); + + return wsi; + +bail: + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "adopt skt readbuf fail"); + + return NULL; +} + +LWS_VISIBLE struct lws * +lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd, + const char *readbuf, size_t len) +{ + return adopt_socket_readbuf(lws_adopt_socket(context, accept_fd), + readbuf, len); +} + +LWS_VISIBLE struct lws * +lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost, + lws_sockfd_type accept_fd, + const char *readbuf, size_t len) +{ + return adopt_socket_readbuf(lws_adopt_socket_vhost(vhost, accept_fd), + readbuf, len); +} + +LWS_VISIBLE int +lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type, + const char *other_headers, int other_headers_len) +{ + static const char * const intermediates[] = { "private", "public" }; + struct lws_context *context = lws_get_context(wsi); + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; +#if defined(LWS_WITH_RANGES) + struct lws_range_parsing *rp = &wsi->http.range; +#endif + char cache_control[50], *cc = "no-store"; + unsigned char *response = pt->serv_buf + LWS_PRE; + unsigned char *p = response; + unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE; + lws_filepos_t total_content_length; + int ret = 0, cclen = 8, n = HTTP_STATUS_OK; + lws_fop_flags_t fflags = LWS_O_RDONLY; +#if defined(LWS_WITH_RANGES) + int ranges; +#endif + const struct lws_plat_file_ops *fops; + const char *vpath; + + if (wsi->handling_404) + n = HTTP_STATUS_NOT_FOUND; + + /* + * We either call the platform fops .open with first arg platform fops, + * or we call fops_zip .open with first arg platform fops, and fops_zip + * open will decide whether to switch to fops_zip or stay with fops_def. + * + * If wsi->http.fop_fd is already set, the caller already opened it + */ + if (!wsi->http.fop_fd) { + fops = lws_vfs_select_fops(wsi->context->fops, file, &vpath); + fflags |= lws_vfs_prepare_flags(wsi); + wsi->http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops, + file, vpath, &fflags); + if (!wsi->http.fop_fd) { + lwsl_info("%s: Unable to open: '%s': errno %d\n", + __func__, file, errno); + if (lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL)) + return -1; + return !wsi->http2_substream; + } + } + wsi->http.filelen = lws_vfs_get_length(wsi->http.fop_fd); + total_content_length = wsi->http.filelen; + +#if defined(LWS_WITH_RANGES) + ranges = lws_ranges_init(wsi, rp, wsi->http.filelen); + + lwsl_debug("Range count %d\n", ranges); + /* + * no ranges -> 200; + * 1 range -> 206 + Content-Type: normal; Content-Range; + * more -> 206 + Content-Type: multipart/byteranges + * Repeat the true Content-Type in each multipart header + * along with Content-Range + */ + if (ranges < 0) { + /* it means he expressed a range in Range:, but it was illegal */ + lws_return_http_status(wsi, HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE, + NULL); + if (lws_http_transaction_completed(wsi)) + return -1; /* <0 means just hang up */ + + lws_vfs_file_close(&wsi->http.fop_fd); + + return 0; /* == 0 means we dealt with the transaction complete */ + } + if (ranges) + n = HTTP_STATUS_PARTIAL_CONTENT; +#endif + + if (lws_add_http_header_status(wsi, n, &p, end)) + return -1; + + if ((wsi->http.fop_fd->flags & (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP | + LWS_FOP_FLAG_COMPR_IS_GZIP)) == + (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP | LWS_FOP_FLAG_COMPR_IS_GZIP)) { + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_CONTENT_ENCODING, + (unsigned char *)"gzip", 4, &p, end)) + return -1; + lwsl_info("file is being provided in gzip\n"); + } + + if ( +#if defined(LWS_WITH_RANGES) + ranges < 2 && +#endif + content_type && content_type[0]) + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_CONTENT_TYPE, + (unsigned char *)content_type, + (int)strlen(content_type), + &p, end)) + return -1; + +#if defined(LWS_WITH_RANGES) + if (ranges >= 2) { /* multipart byteranges */ + lws_strncpy(wsi->http.multipart_content_type, content_type, + sizeof(wsi->http.multipart_content_type)); + + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_CONTENT_TYPE, + (unsigned char *) + "multipart/byteranges; " + "boundary=_lws", + 20, &p, end)) + return -1; + + /* + * our overall content length has to include + * + * - (n + 1) x "_lws\r\n" + * - n x Content-Type: xxx/xxx\r\n + * - n x Content-Range: bytes xxx-yyy/zzz\r\n + * - n x /r/n + * - the actual payloads (aggregated in rp->agg) + * + * Precompute it for the main response header + */ + + total_content_length = (lws_filepos_t)rp->agg + + 6 /* final _lws\r\n */; + + lws_ranges_reset(rp); + while (lws_ranges_next(rp)) { + n = lws_snprintf(cache_control, sizeof(cache_control), + "bytes %llu-%llu/%llu", + rp->start, rp->end, rp->extent); + + total_content_length += + 6 /* header _lws\r\n */ + + /* Content-Type: xxx/xxx\r\n */ + 14 + strlen(content_type) + 2 + + /* Content-Range: xxxx\r\n */ + 15 + n + 2 + + 2; /* /r/n */ + } + + lws_ranges_reset(rp); + lws_ranges_next(rp); + } + + if (ranges == 1) { + total_content_length = (lws_filepos_t)rp->agg; + n = lws_snprintf(cache_control, sizeof(cache_control), + "bytes %llu-%llu/%llu", + rp->start, rp->end, rp->extent); + + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_CONTENT_RANGE, + (unsigned char *)cache_control, + n, &p, end)) + return -1; + } + + wsi->http.range.inside = 0; + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ACCEPT_RANGES, + (unsigned char *)"bytes", 5, &p, end)) + return -1; +#endif + + if (!wsi->http2_substream) { + if (!wsi->sending_chunked) { + if (lws_add_http_header_content_length(wsi, + total_content_length, + &p, end)) + return -1; + } else { + if (lws_add_http_header_by_token(wsi, + WSI_TOKEN_HTTP_TRANSFER_ENCODING, + (unsigned char *)"chunked", + 7, &p, end)) + return -1; + } + } + + if (wsi->cache_secs && wsi->cache_reuse) { + if (wsi->cache_revalidate) { + cc = cache_control; + cclen = sprintf(cache_control, "%s max-age: %u", + intermediates[wsi->cache_intermediaries], + wsi->cache_secs); + } else { + cc = "no-cache"; + cclen = 8; + } + } + + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CACHE_CONTROL, + (unsigned char *)cc, cclen, &p, end)) + return -1; + + if (wsi->http.connection_type == HTTP_CONNECTION_KEEP_ALIVE) + if (lws_add_http_header_by_token(wsi, WSI_TOKEN_CONNECTION, + (unsigned char *)"keep-alive", 10, &p, end)) + return -1; + + if (other_headers) { + if ((end - p) < other_headers_len) + return -1; + memcpy(p, other_headers, other_headers_len); + p += other_headers_len; + } + + if (lws_finalize_http_header(wsi, &p, end)) + return -1; + + ret = lws_write(wsi, response, p - response, LWS_WRITE_HTTP_HEADERS); + if (ret != (p - response)) { + lwsl_err("_write returned %d from %ld\n", ret, + (long)(p - response)); + return -1; + } + + wsi->http.filepos = 0; + lwsi_set_state(wsi, LRS_ISSUING_FILE); + + lws_callback_on_writable(wsi); + + return 0; +} + +LWS_VISIBLE int lws_serve_http_file_fragment(struct lws *wsi) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + struct lws_process_html_args args; + lws_filepos_t amount, poss; + unsigned char *p, *pstart; +#if defined(LWS_WITH_RANGES) + unsigned char finished = 0; +#endif + int n, m; + + lwsl_debug("wsi->http2_substream %d\n", wsi->http2_substream); + + do { + + if (wsi->trunc_len) { + if (lws_issue_raw(wsi, wsi->trunc_alloc + + wsi->trunc_offset, + wsi->trunc_len) < 0) { + lwsl_info("%s: closing\n", __func__); + goto file_had_it; + } + break; + } + + if (wsi->http.filepos == wsi->http.filelen) + goto all_sent; + + n = 0; + + pstart = pt->serv_buf + LWS_H2_FRAME_HEADER_LENGTH; + + p = pstart; + +#if defined(LWS_WITH_RANGES) + if (wsi->http.range.count_ranges && !wsi->http.range.inside) { + + lwsl_notice("%s: doing range start %llu\n", __func__, + wsi->http.range.start); + + if ((long long)lws_vfs_file_seek_cur(wsi->http.fop_fd, + wsi->http.range.start - + wsi->http.filepos) < 0) + goto file_had_it; + + wsi->http.filepos = wsi->http.range.start; + + if (wsi->http.range.count_ranges > 1) { + n = lws_snprintf((char *)p, + context->pt_serv_buf_size - + LWS_H2_FRAME_HEADER_LENGTH, + "_lws\x0d\x0a" + "Content-Type: %s\x0d\x0a" + "Content-Range: bytes %llu-%llu/%llu\x0d\x0a" + "\x0d\x0a", + wsi->http.multipart_content_type, + wsi->http.range.start, + wsi->http.range.end, + wsi->http.range.extent); + p += n; + } + + wsi->http.range.budget = wsi->http.range.end - + wsi->http.range.start + 1; + wsi->http.range.inside = 1; + } +#endif + + poss = context->pt_serv_buf_size - n - LWS_H2_FRAME_HEADER_LENGTH; + + if (wsi->http.tx_content_length) + if (poss > wsi->http.tx_content_remain) + poss = wsi->http.tx_content_remain; + + /* + * if there is a hint about how much we will do well to send at + * one time, restrict ourselves to only trying to send that. + */ + if (wsi->protocol->tx_packet_size && + poss > wsi->protocol->tx_packet_size) + poss = wsi->protocol->tx_packet_size; + + if (wsi->role_ops->tx_credit) { + lws_filepos_t txc = wsi->role_ops->tx_credit(wsi); + + if (!txc) { + lwsl_info("%s: came here with no tx credit\n", + __func__); + return 0; + } + if (txc < poss) + poss = txc; + + /* + * consumption of the actual payload amount sent will be + * handled when the role data frame is sent + */ + } + +#if defined(LWS_WITH_RANGES) + if (wsi->http.range.count_ranges) { + if (wsi->http.range.count_ranges > 1) + poss -= 7; /* allow for final boundary */ + if (poss > wsi->http.range.budget) + poss = wsi->http.range.budget; + } +#endif + if (wsi->sending_chunked) { + /* we need to drop the chunk size in here */ + p += 10; + /* allow for the chunk to grow by 128 in translation */ + poss -= 10 + 128; + } + + if (lws_vfs_file_read(wsi->http.fop_fd, &amount, p, poss) < 0) + goto file_had_it; /* caller will close */ + + if (wsi->sending_chunked) + n = (int)amount; + else + n = lws_ptr_diff(p, pstart) + (int)amount; + + lwsl_debug("%s: sending %d\n", __func__, n); + + if (n) { + lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, + context->timeout_secs); + + if (wsi->interpreting) { + args.p = (char *)p; + args.len = n; + args.max_len = (unsigned int)poss + 128; + args.final = wsi->http.filepos + n == + wsi->http.filelen; + args.chunked = wsi->sending_chunked; + if (user_callback_handle_rxflow( + wsi->vhost->protocols[ + (int)wsi->protocol_interpret_idx].callback, + wsi, LWS_CALLBACK_PROCESS_HTML, + wsi->user_space, &args, 0) < 0) + goto file_had_it; + n = args.len; + p = (unsigned char *)args.p; + } else + p = pstart; + +#if defined(LWS_WITH_RANGES) + if (wsi->http.range.send_ctr + 1 == + wsi->http.range.count_ranges && // last range + wsi->http.range.count_ranges > 1 && // was 2+ ranges (ie, multipart) + wsi->http.range.budget - amount == 0) {// final part + n += lws_snprintf((char *)pstart + n, 6, + "_lws\x0d\x0a"); // append trailing boundary + lwsl_debug("added trailing boundary\n"); + } +#endif + m = lws_write(wsi, p, n, + wsi->http.filepos + amount == wsi->http.filelen ? + LWS_WRITE_HTTP_FINAL : + LWS_WRITE_HTTP + ); + if (m < 0) + goto file_had_it; + + wsi->http.filepos += amount; + +#if defined(LWS_WITH_RANGES) + if (wsi->http.range.count_ranges >= 1) { + wsi->http.range.budget -= amount; + if (wsi->http.range.budget == 0) { + lwsl_notice("range budget exhausted\n"); + wsi->http.range.inside = 0; + wsi->http.range.send_ctr++; + + if (lws_ranges_next(&wsi->http.range) < 1) { + finished = 1; + goto all_sent; + } + } + } +#endif + + if (m != n) { + /* adjust for what was not sent */ + if (lws_vfs_file_seek_cur(wsi->http.fop_fd, + m - n) == + (lws_fileofs_t)-1) + goto file_had_it; + } + } + +all_sent: + if ((!wsi->trunc_len && wsi->http.filepos >= wsi->http.filelen) +#if defined(LWS_WITH_RANGES) + || finished) +#else + ) +#endif + { + lwsi_set_state(wsi, LRS_ESTABLISHED); + /* we might be in keepalive, so close it off here */ + lws_vfs_file_close(&wsi->http.fop_fd); + + lwsl_debug("file completed\n"); + + if (wsi->protocol->callback && + user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_HTTP_FILE_COMPLETION, + wsi->user_space, NULL, + 0) < 0) { + /* + * For http/1.x, the choices from + * transaction_completed are either + * 0 to use the connection for pipelined + * or nonzero to hang it up. + * + * However for http/2. while we are + * still interested in hanging up the + * nwsi if there was a network-level + * fatal error, simply completing the + * transaction is a matter of the stream + * state, not the root connection at the + * network level + */ + if (wsi->http2_substream) + return 1; + else + return -1; + } + + return 1; /* >0 indicates completed */ + } + } while (0); // while (!lws_send_pipe_choked(wsi)) + + lws_callback_on_writable(wsi); + + return 0; /* indicates further processing must be done */ + +file_had_it: + lws_vfs_file_close(&wsi->http.fop_fd); + + return -1; +} + + +LWS_VISIBLE void +lws_server_get_canonical_hostname(struct lws_context *context, + const struct lws_context_creation_info *info) +{ + if (lws_check_opt(info->options, + LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME)) + return; +#if !defined(LWS_WITH_ESP32) + /* find canonical hostname */ + gethostname((char *)context->canonical_hostname, + sizeof(context->canonical_hostname) - 1); + + lwsl_info(" canonical_hostname = %s\n", context->canonical_hostname); +#else + (void)context; +#endif +} + + +LWS_VISIBLE LWS_EXTERN int +lws_chunked_html_process(struct lws_process_html_args *args, + struct lws_process_html_state *s) +{ + char *sp, buffer[32]; + const char *pc; + int old_len, n; + + /* do replacements */ + sp = args->p; + old_len = args->len; + args->len = 0; + s->start = sp; + while (sp < args->p + old_len) { + + if (args->len + 7 >= args->max_len) { + lwsl_err("Used up interpret padding\n"); + return -1; + } + + if ((!s->pos && *sp == '$') || s->pos) { + int hits = 0, hit = 0; + + if (!s->pos) + s->start = sp; + s->swallow[s->pos++] = *sp; + if (s->pos == sizeof(s->swallow) - 1) + goto skip; + for (n = 0; n < s->count_vars; n++) + if (!strncmp(s->swallow, s->vars[n], s->pos)) { + hits++; + hit = n; + } + if (!hits) { +skip: + s->swallow[s->pos] = '\0'; + memcpy(s->start, s->swallow, s->pos); + args->len++; + s->pos = 0; + sp = s->start + 1; + continue; + } + if (hits == 1 && s->pos == (int)strlen(s->vars[hit])) { + pc = s->replace(s->data, hit); + if (!pc) + pc = "NULL"; + n = (int)strlen(pc); + s->swallow[s->pos] = '\0'; + if (n != s->pos) { + memmove(s->start + n, + s->start + s->pos, + old_len - (sp - args->p)); + old_len += (n - s->pos) + 1; + } + memcpy(s->start, pc, n); + args->len++; + sp = s->start + 1; + + s->pos = 0; + } + sp++; + continue; + } + + args->len++; + sp++; + } + + if (args->chunked) { + /* no space left for final chunk trailer */ + if (args->final && args->len + 7 >= args->max_len) + return -1; + + n = sprintf(buffer, "%X\x0d\x0a", args->len); + + args->p -= n; + memcpy(args->p, buffer, n); + args->len += n; + + if (args->final) { + sp = args->p + args->len; + *sp++ = '\x0d'; + *sp++ = '\x0a'; + *sp++ = '0'; + *sp++ = '\x0d'; + *sp++ = '\x0a'; + *sp++ = '\x0d'; + *sp++ = '\x0a'; + args->len += 7; + } else { + sp = args->p + args->len; + *sp++ = '\x0d'; + *sp++ = '\x0a'; + args->len += 2; + } + } + + return 0; +} diff --git a/thirdparty/libwebsockets/roles/listen/ops-listen.c b/thirdparty/libwebsockets/roles/listen/ops-listen.c new file mode 100644 index 0000000000..dbeb9753a2 --- /dev/null +++ b/thirdparty/libwebsockets/roles/listen/ops-listen.c @@ -0,0 +1,177 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +static int +rops_handle_POLLIN_listen(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + struct lws_context *context = wsi->context; + lws_sockfd_type accept_fd = LWS_SOCK_INVALID; + lws_sock_file_fd_type fd; + int opts = LWS_ADOPT_SOCKET | LWS_ADOPT_ALLOW_SSL; + struct sockaddr_storage cli_addr; + socklen_t clilen; + + /* pollin means a client has connected to us then + * + * pollout is a hack on esp32 for background accepts signalling + * they completed + */ + + do { + struct lws *cwsi; + + if (!(pollfd->revents & (LWS_POLLIN | LWS_POLLOUT)) || + !(pollfd->events & LWS_POLLIN)) + break; + +#if defined(LWS_WITH_TLS) + /* + * can we really accept it, with regards to SSL limit? + * another vhost may also have had POLLIN on his + * listener this round and used it up already + */ + if (wsi->vhost->tls.use_ssl && + context->simultaneous_ssl_restriction && + context->simultaneous_ssl == + context->simultaneous_ssl_restriction) + /* + * no... ignore it, he won't come again until + * we are below the simultaneous_ssl_restriction + * limit and POLLIN is enabled on him again + */ + break; +#endif + /* listen socket got an unencrypted connection... */ + + clilen = sizeof(cli_addr); + lws_latency_pre(context, wsi); + + /* + * We cannot identify the peer who is in the listen + * socket connect queue before we accept it; even if + * we could, not accepting it due to PEER_LIMITS would + * block the connect queue for other legit peers. + */ + + accept_fd = accept((int)pollfd->fd, + (struct sockaddr *)&cli_addr, &clilen); + lws_latency(context, wsi, "listener accept", + (int)accept_fd, accept_fd != LWS_SOCK_INVALID); + if (accept_fd == LWS_SOCK_INVALID) { + if (LWS_ERRNO == LWS_EAGAIN || + LWS_ERRNO == LWS_EWOULDBLOCK) { + break; + } + lwsl_err("ERROR on accept: %s\n", + strerror(LWS_ERRNO)); + break; + } + + lws_plat_set_socket_options(wsi->vhost, accept_fd); + +#if defined(LWS_WITH_IPV6) + lwsl_debug("accepted new conn port %u on fd=%d\n", + ((cli_addr.ss_family == AF_INET6) ? + ntohs(((struct sockaddr_in6 *) &cli_addr)->sin6_port) : + ntohs(((struct sockaddr_in *) &cli_addr)->sin_port)), + accept_fd); +#else + lwsl_debug("accepted new conn port %u on fd=%d\n", + ntohs(((struct sockaddr_in *) &cli_addr)->sin_port), + accept_fd); +#endif + + /* + * look at who we connected to and give user code a + * chance to reject based on client IP. There's no + * protocol selected yet so we issue this to + * protocols[0] + */ + if ((wsi->vhost->protocols[0].callback)(wsi, + LWS_CALLBACK_FILTER_NETWORK_CONNECTION, + NULL, + (void *)(lws_intptr_t)accept_fd, 0)) { + lwsl_debug("Callback denied net connection\n"); + compatible_close(accept_fd); + break; + } + + if (!(wsi->vhost->options & LWS_SERVER_OPTION_ONLY_RAW)) + opts |= LWS_ADOPT_HTTP; + else + opts = LWS_ADOPT_SOCKET; + + fd.sockfd = accept_fd; + cwsi = lws_adopt_descriptor_vhost(wsi->vhost, opts, fd, + NULL, NULL); + if (!cwsi) + /* already closed cleanly as necessary */ + return LWS_HPI_RET_WSI_ALREADY_DIED; + + if (lws_server_socket_service_ssl(cwsi, accept_fd)) { + lws_close_free_wsi(cwsi, LWS_CLOSE_STATUS_NOSTATUS, + "listen svc fail"); + return LWS_HPI_RET_WSI_ALREADY_DIED; + } + + lwsl_info("%s: new wsi %p: wsistate 0x%x, role_ops %s\n", + __func__, cwsi, cwsi->wsistate, cwsi->role_ops->name); + + } while (pt->fds_count < context->fd_limit_per_thread - 1 && + wsi->position_in_fds_table != LWS_NO_FDS_POS && + lws_poll_listen_fd(&pt->fds[wsi->position_in_fds_table]) > 0); + + return LWS_HPI_RET_HANDLED; +} + +int rops_handle_POLLOUT_listen(struct lws *wsi) +{ + return LWS_HP_RET_USER_SERVICE; +} + +struct lws_role_ops role_ops_listen = { + /* role name */ "listen", + /* alpn id */ NULL, + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* destroy_vhost */ NULL, + /* periodic_checks */ NULL, + /* service_flag_pending */ NULL, + /* handle_POLLIN */ rops_handle_POLLIN_listen, + /* handle_POLLOUT */ rops_handle_POLLOUT_listen, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ NULL, + /* encapsulation_parent */ NULL, + /* alpn_negotiated */ NULL, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ NULL, + /* writeable cb clnt, srv */ { 0, 0 }, + /* close cb clnt, srv */ { 0, 0 }, + /* file_handle */ 0, +}; diff --git a/thirdparty/libwebsockets/roles/pipe/ops-pipe.c b/thirdparty/libwebsockets/roles/pipe/ops-pipe.c new file mode 100644 index 0000000000..b9348d58d7 --- /dev/null +++ b/thirdparty/libwebsockets/roles/pipe/ops-pipe.c @@ -0,0 +1,81 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +static int +rops_handle_POLLIN_pipe(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ +#if !defined(WIN32) && !defined(_WIN32) + char s[100]; + int n; + + /* + * discard the byte(s) that signaled us + * We really don't care about the number of bytes, but coverity + * thinks we should. + */ + n = read(wsi->desc.sockfd, s, sizeof(s)); + (void)n; + if (n < 0) + return LWS_HPI_RET_PLEASE_CLOSE_ME; +#endif + /* + * the poll() wait, or the event loop for libuv etc is a + * process-wide resource that we interrupted. So let every + * protocol that may be interested in the pipe event know that + * it happened. + */ + if (lws_broadcast(wsi->context, LWS_CALLBACK_EVENT_WAIT_CANCELLED, + NULL, 0)) { + lwsl_info("closed in event cancel\n"); + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + + return LWS_HPI_RET_HANDLED; +} + +struct lws_role_ops role_ops_pipe = { + /* role name */ "pipe", + /* alpn id */ NULL, + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* destroy_vhost */ NULL, + /* periodic_checks */ NULL, + /* service_flag_pending */ NULL, + /* handle_POLLIN */ rops_handle_POLLIN_pipe, + /* handle_POLLOUT */ NULL, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ NULL, + /* encapsulation_parent */ NULL, + /* alpn_negotiated */ NULL, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ NULL, + /* writeable cb clnt, srv */ { 0, 0 }, + /* close cb clnt, srv */ { 0, 0 }, + /* file_handle */ 1, +}; diff --git a/thirdparty/libwebsockets/roles/private.h b/thirdparty/libwebsockets/roles/private.h new file mode 100644 index 0000000000..ae4278b5d3 --- /dev/null +++ b/thirdparty/libwebsockets/roles/private.h @@ -0,0 +1,282 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * This is included from core/private.h + */ + +typedef uint32_t lws_wsi_state_t; + +/* + * The wsi->role_ops pointer decides almost everything about what role the wsi + * will play, h2, raw, ws, etc. + * + * However there are a few additional flags needed that vary, such as if the + * role is a client or server side, if it has that concept. And the connection + * fulfilling the role, has a separate dynamic state. + * + * 31 16 15 0 + * [ role flags ] [ state ] + * + * The role flags part is generally invariant for the lifetime of the wsi, + * although it can change if the connection role itself does, eg, if the + * connection upgrades from H1 -> WS1 the role flags may be changed at that + * point. + * + * The state part reflects the dynamic connection state, and the states are + * reused between roles. + * + * None of the internal role or state representations are made available outside + * of lws internals. Even for lws internals, if you add stuff here, please keep + * the constants inside this header only by adding necessary helpers here and + * use the helpers in the actual code. This is to ease any future refactors. + * + * Notice LWSIFR_ENCAP means we have a parent wsi that actually carries our + * data as a stream inside a different protocol. + */ + +#define _RS 16 + +#define LWSIFR_CLIENT (0x1000 << _RS) /* client side */ +#define LWSIFR_SERVER (0x2000 << _RS) /* server side */ + +#define LWSIFR_P_ENCAP_H2 (0x0100 << _RS) /* we are encapsulated by h2 */ + +enum lwsi_role { + LWSI_ROLE_MASK = (0xffff << _RS), + LWSI_ROLE_ENCAP_MASK = (0x0f00 << _RS), +}; + +#define lwsi_role(wsi) (wsi->wsistate & LWSI_ROLE_MASK) +#if !defined (_DEBUG) +#define lwsi_set_role(wsi, role) wsi->wsistate = \ + (wsi->wsistate & (~LWSI_ROLE_MASK)) | role +#else +void lwsi_set_role(struct lws *wsi, lws_wsi_state_t role); +#endif + +#define lwsi_role_client(wsi) (!!(wsi->wsistate & LWSIFR_CLIENT)) +#define lwsi_role_server(wsi) (!!(wsi->wsistate & LWSIFR_SERVER)) +#define lwsi_role_h2_ENCAPSULATION(wsi) \ + ((wsi->wsistate & LWSI_ROLE_ENCAP_MASK) == LWSIFR_P_ENCAP_H2) + +/* Pollout wants a callback in this state */ +#define LWSIFS_POCB (0x100) +/* Before any protocol connection was established */ +#define LWSIFS_NOT_EST (0x200) + +enum lwsi_state { + + /* Phase 1: pre-transport */ + + LRS_UNCONNECTED = LWSIFS_NOT_EST | 0, + LRS_WAITING_CONNECT = LWSIFS_NOT_EST | 1, + + /* Phase 2: establishing intermediaries on top of transport */ + + LRS_WAITING_PROXY_REPLY = LWSIFS_NOT_EST | 2, + LRS_WAITING_SSL = LWSIFS_NOT_EST | 3, + LRS_WAITING_SOCKS_GREETING_REPLY = LWSIFS_NOT_EST | 4, + LRS_WAITING_SOCKS_CONNECT_REPLY = LWSIFS_NOT_EST | 5, + LRS_WAITING_SOCKS_AUTH_REPLY = LWSIFS_NOT_EST | 6, + + /* Phase 3: establishing tls tunnel */ + + LRS_SSL_INIT = LWSIFS_NOT_EST | 7, + LRS_SSL_ACK_PENDING = LWSIFS_NOT_EST | 8, + LRS_PRE_WS_SERVING_ACCEPT = LWSIFS_NOT_EST | 9, + + /* Phase 4: connected */ + + LRS_WAITING_SERVER_REPLY = LWSIFS_NOT_EST | 10, + LRS_H2_AWAIT_PREFACE = LWSIFS_NOT_EST | 11, + LRS_H2_AWAIT_SETTINGS = LWSIFS_NOT_EST | + LWSIFS_POCB | 12, + + /* Phase 5: protocol logically established */ + + LRS_H2_CLIENT_SEND_SETTINGS = LWSIFS_POCB | 13, + LRS_H2_WAITING_TO_SEND_HEADERS = LWSIFS_POCB | 14, + LRS_DEFERRING_ACTION = LWSIFS_POCB | 15, + LRS_IDLING = 16, + LRS_H1C_ISSUE_HANDSHAKE = 17, + LRS_H1C_ISSUE_HANDSHAKE2 = 18, + LRS_ISSUE_HTTP_BODY = 19, + LRS_ISSUING_FILE = 20, + LRS_HEADERS = 21, + LRS_BODY = 22, + LRS_ESTABLISHED = LWSIFS_POCB | 23, + /* we are established, but we have embarked on serving a single + * transaction. Other transaction input may be pending, but we will + * not service it while we are busy dealing with the current + * transaction. + * + * When we complete the current transaction, we would reset our state + * back to ESTABLISHED and start to process the next transaction. + */ + LRS_DOING_TRANSACTION = LWSIFS_POCB | 24, + + /* Phase 6: finishing */ + + LRS_WAITING_TO_SEND_CLOSE = LWSIFS_POCB | 25, + LRS_RETURNED_CLOSE = LWSIFS_POCB | 26, + LRS_AWAITING_CLOSE_ACK = LWSIFS_POCB | 27, + LRS_FLUSHING_BEFORE_CLOSE = LWSIFS_POCB | 28, + LRS_SHUTDOWN = 29, + + /* Phase 7: dead */ + + LRS_DEAD_SOCKET = 30, + + LRS_MASK = 0xffff +}; + +#define lwsi_state(wsi) ((enum lwsi_state)(wsi->wsistate & LRS_MASK)) +#define lwsi_state_PRE_CLOSE(wsi) ((enum lwsi_state)(wsi->wsistate_pre_close & LRS_MASK)) +#define lwsi_state_est(wsi) (!(wsi->wsistate & LWSIFS_NOT_EST)) +#define lwsi_state_est_PRE_CLOSE(wsi) (!(wsi->wsistate_pre_close & LWSIFS_NOT_EST)) +#define lwsi_state_can_handle_POLLOUT(wsi) (wsi->wsistate & LWSIFS_POCB) +#if !defined (_DEBUG) +#define lwsi_set_state(wsi, lrs) wsi->wsistate = \ + (wsi->wsistate & (~LRS_MASK)) | lrs +#else +void lwsi_set_state(struct lws *wsi, lws_wsi_state_t lrs); +#endif + +/* + * internal role-specific ops + */ +struct lws_context_per_thread; +struct lws_role_ops { + const char *name; + const char *alpn; + /* + * After http headers have parsed, this is the last chance for a role + * to upgrade the connection to something else using the headers. + * ws-over-h2 is upgraded from h2 like this. + */ + int (*check_upgrades)(struct lws *wsi); + /* role-specific context init during context creation */ + int (*init_context)(struct lws_context *context, + const struct lws_context_creation_info *info); + /* role-specific per-vhost init during vhost creation */ + int (*init_vhost)(struct lws_vhost *vh, + const struct lws_context_creation_info *info); + /* role-specific per-vhost destructor during vhost destroy */ + int (*destroy_vhost)(struct lws_vhost *vh); + /* generic 1Hz callback for the role itself */ + int (*periodic_checks)(struct lws_context *context, int tsi, + time_t now); + /* chance for the role to force POLLIN without network activity */ + int (*service_flag_pending)(struct lws_context *context, int tsi); + /* an fd using this role has POLLIN signalled */ + int (*handle_POLLIN)(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd); + /* an fd using the role wanted a POLLOUT callback and now has it */ + int (*handle_POLLOUT)(struct lws *wsi); + /* perform user pollout */ + int (*perform_user_POLLOUT)(struct lws *wsi); + /* do effective callback on writeable */ + int (*callback_on_writable)(struct lws *wsi); + /* connection-specific tx credit in bytes */ + lws_fileofs_t (*tx_credit)(struct lws *wsi); + /* role-specific write formatting */ + int (*write_role_protocol)(struct lws *wsi, unsigned char *buf, + size_t len, enum lws_write_protocol *wp); + + /* get encapsulation parent */ + struct lws * (*encapsulation_parent)(struct lws *wsi); + + /* role-specific destructor */ + int (*alpn_negotiated)(struct lws *wsi, const char *alpn); + + /* chance for the role to handle close in the protocol */ + int (*close_via_role_protocol)(struct lws *wsi, + enum lws_close_status reason); + /* role-specific close processing */ + int (*close_role)(struct lws_context_per_thread *pt, struct lws *wsi); + /* role-specific connection close processing */ + int (*close_kill_connection)(struct lws *wsi, + enum lws_close_status reason); + /* role-specific destructor */ + int (*destroy_role)(struct lws *wsi); + + /* + * the callback reasons for WRITEABLE for client, server + * (just client applies if no concept of client or server) + */ + uint16_t writeable_cb[2]; + /* + * the callback reasons for CLOSE for client, server + * (just client applies if no concept of client or server) + */ + uint16_t close_cb[2]; + + unsigned int file_handle:1; /* role operates on files not sockets */ +}; + +/* core roles */ +extern struct lws_role_ops role_ops_raw_skt, role_ops_raw_file, role_ops_listen, + role_ops_pipe; + +/* bring in role private declarations */ + +#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) + #include "roles/http/private.h" +#else + #define lwsi_role_http(wsi) (0) +#endif + +#if defined(LWS_ROLE_H1) + #include "roles/h1/private.h" +#else + #define lwsi_role_h1(wsi) (0) +#endif + +#if defined(LWS_ROLE_H2) + #include "roles/h2/private.h" +#else + #define lwsi_role_h2(wsi) (0) +#endif + +#if defined(LWS_ROLE_WS) + #include "roles/ws/private.h" +#else + #define lwsi_role_ws(wsi) (0) +#endif + +#if defined(LWS_ROLE_CGI) + #include "roles/cgi/private.h" +#else + #define lwsi_role_cgi(wsi) (0) +#endif + +enum { + LWS_HP_RET_BAIL_OK, + LWS_HP_RET_BAIL_DIE, + LWS_HP_RET_USER_SERVICE, + + LWS_HPI_RET_WSI_ALREADY_DIED, /* we closed it */ + LWS_HPI_RET_HANDLED, /* no probs */ + LWS_HPI_RET_PLEASE_CLOSE_ME, /* close it for us */ + + LWS_UPG_RET_DONE, + LWS_UPG_RET_CONTINUE, + LWS_UPG_RET_BAIL +}; diff --git a/thirdparty/libwebsockets/roles/raw/ops-raw.c b/thirdparty/libwebsockets/roles/raw/ops-raw.c new file mode 100644 index 0000000000..68b52bded6 --- /dev/null +++ b/thirdparty/libwebsockets/roles/raw/ops-raw.c @@ -0,0 +1,223 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +static int +rops_handle_POLLIN_raw_skt(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + struct lws_tokens ebuf; + int n, buffered; + + /* pending truncated sends have uber priority */ + + if (wsi->trunc_len) { + if (!(pollfd->revents & LWS_POLLOUT)) + return LWS_HPI_RET_HANDLED; + + if (lws_issue_raw(wsi, wsi->trunc_alloc + wsi->trunc_offset, + wsi->trunc_len) < 0) + goto fail; + /* + * we can't afford to allow input processing to send + * something new, so spin around he event loop until + * he doesn't have any partials + */ + return LWS_HPI_RET_HANDLED; + } + + if ((pollfd->revents & pollfd->events & LWS_POLLIN) && + /* any tunnel has to have been established... */ + lwsi_state(wsi) != LRS_SSL_ACK_PENDING && + !(wsi->favoured_pollin && + (pollfd->revents & pollfd->events & LWS_POLLOUT))) { + + buffered = lws_buflist_aware_read(pt, wsi, &ebuf); + switch (ebuf.len) { + case 0: + lwsl_info("%s: read 0 len\n", __func__); + wsi->seen_zero_length_recv = 1; + lws_change_pollfd(wsi, LWS_POLLIN, 0); + + /* + * we need to go to fail here, since it's the only + * chance we get to understand that the socket has + * closed + */ + // goto try_pollout; + goto fail; + + case LWS_SSL_CAPABLE_ERROR: + goto fail; + case LWS_SSL_CAPABLE_MORE_SERVICE: + goto try_pollout; + } + + n = user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_RAW_RX, + wsi->user_space, ebuf.token, + ebuf.len); + if (n < 0) { + lwsl_info("LWS_CALLBACK_RAW_RX_fail\n"); + goto fail; + } + + if (lws_buflist_aware_consume(wsi, &ebuf, ebuf.len, buffered)) + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } else + if (wsi->favoured_pollin && + (pollfd->revents & pollfd->events & LWS_POLLOUT)) + /* we balanced the last favouring of pollin */ + wsi->favoured_pollin = 0; + +try_pollout: + + /* this handles POLLOUT for http serving fragments */ + + if (!(pollfd->revents & LWS_POLLOUT)) + return LWS_HPI_RET_HANDLED; + + /* one shot */ + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_notice("%s a\n", __func__); + goto fail; + } + + /* clear back-to-back write detection */ + wsi->could_have_pending = 0; + + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_WRITEABLE_CB, 1); +#if defined(LWS_WITH_STATS) + if (wsi->active_writable_req_us) { + uint64_t ul = time_in_microseconds() - + wsi->active_writable_req_us; + + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_MS_WRITABLE_DELAY, ul); + lws_stats_atomic_max(wsi->context, pt, + LWSSTATS_MS_WORST_WRITABLE_DELAY, ul); + wsi->active_writable_req_us = 0; + } +#endif + n = user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_RAW_WRITEABLE, + wsi->user_space, NULL, 0); + if (n < 0) { + lwsl_info("writeable_fail\n"); + goto fail; + } + + return LWS_HPI_RET_HANDLED; + +fail: + lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "raw svc fail"); + + return LWS_HPI_RET_WSI_ALREADY_DIED; +} + + +static int +rops_handle_POLLIN_raw_file(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + int n; + + if (pollfd->revents & LWS_POLLOUT) { + n = lws_callback_as_writeable(wsi); + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_info("failed at set pollfd\n"); + return LWS_HPI_RET_WSI_ALREADY_DIED; + } + if (n) + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + + if (pollfd->revents & LWS_POLLIN) { + if (user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_RAW_RX_FILE, + wsi->user_space, NULL, 0)) { + lwsl_debug("raw rx callback closed it\n"); + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + } + + if (pollfd->revents & LWS_POLLHUP) + return LWS_HPI_RET_PLEASE_CLOSE_ME; + + return LWS_HPI_RET_HANDLED; +} + + +struct lws_role_ops role_ops_raw_skt = { + /* role name */ "raw-skt", + /* alpn id */ NULL, + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* destroy_vhost */ NULL, + /* periodic_checks */ NULL, + /* service_flag_pending */ NULL, + /* handle_POLLIN */ rops_handle_POLLIN_raw_skt, + /* handle_POLLOUT */ NULL, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ NULL, + /* encapsulation_parent */ NULL, + /* alpn_negotiated */ NULL, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ NULL, + /* writeable cb clnt, srv */ { LWS_CALLBACK_RAW_WRITEABLE, 0 }, + /* close cb clnt, srv */ { LWS_CALLBACK_RAW_CLOSE, 0 }, + /* file_handle */ 0, +}; + + + +struct lws_role_ops role_ops_raw_file = { + /* role name */ "raw-file", + /* alpn id */ NULL, + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ NULL, + /* destroy_vhost */ NULL, + /* periodic_checks */ NULL, + /* service_flag_pending */ NULL, + /* handle_POLLIN */ rops_handle_POLLIN_raw_file, + /* handle_POLLOUT */ NULL, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ NULL, + /* tx_credit */ NULL, + /* write_role_protocol */ NULL, + /* encapsulation_parent */ NULL, + /* alpn_negotiated */ NULL, + /* close_via_role_protocol */ NULL, + /* close_role */ NULL, + /* close_kill_connection */ NULL, + /* destroy_role */ NULL, + /* writeable cb clnt, srv */ { LWS_CALLBACK_RAW_WRITEABLE_FILE, 0 }, + /* close cb clnt, srv */ { LWS_CALLBACK_RAW_CLOSE_FILE, 0 }, + /* file_handle */ 1, +}; diff --git a/thirdparty/libwebsockets/roles/ws/client-parser-ws.c b/thirdparty/libwebsockets/roles/ws/client-parser-ws.c new file mode 100644 index 0000000000..7287fb1590 --- /dev/null +++ b/thirdparty/libwebsockets/roles/ws/client-parser-ws.c @@ -0,0 +1,605 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +/* + * parsers.c: lws_ws_rx_sm() needs to be roughly kept in + * sync with changes here, esp related to ext draining + */ + +int lws_ws_client_rx_sm(struct lws *wsi, unsigned char c) +{ + int callback_action = LWS_CALLBACK_CLIENT_RECEIVE; + int handled, m; + unsigned short close_code; + struct lws_tokens ebuf; + unsigned char *pp; +#if !defined(LWS_WITHOUT_EXTENSIONS) + int rx_draining_ext = 0, n; +#endif + + ebuf.token = NULL; + ebuf.len = 0; + +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (wsi->ws->rx_draining_ext) { + assert(!c); + + lws_remove_wsi_from_draining_ext_list(wsi); + rx_draining_ext = 1; + lwsl_debug("%s: doing draining flow\n", __func__); + + goto drain_extension; + } +#endif + + if (wsi->socket_is_permanently_unusable) + return -1; + + switch (wsi->lws_rx_parse_state) { + case LWS_RXPS_NEW: + /* control frames (PING) may interrupt checkable sequences */ + wsi->ws->defeat_check_utf8 = 0; + + switch (wsi->ws->ietf_spec_revision) { + case 13: + wsi->ws->opcode = c & 0xf; + /* revisit if an extension wants them... */ + switch (wsi->ws->opcode) { + case LWSWSOPC_TEXT_FRAME: + wsi->ws->rsv_first_msg = (c & 0x70); + wsi->ws->continuation_possible = 1; + wsi->ws->check_utf8 = lws_check_opt( + wsi->context->options, + LWS_SERVER_OPTION_VALIDATE_UTF8); + wsi->ws->utf8 = 0; + wsi->ws->first_fragment = 1; + break; + case LWSWSOPC_BINARY_FRAME: + wsi->ws->rsv_first_msg = (c & 0x70); + wsi->ws->check_utf8 = 0; + wsi->ws->continuation_possible = 1; + wsi->ws->first_fragment = 1; + break; + case LWSWSOPC_CONTINUATION: + if (!wsi->ws->continuation_possible) { + lwsl_info("disordered continuation\n"); + return -1; + } + wsi->ws->first_fragment = 0; + break; + case LWSWSOPC_CLOSE: + wsi->ws->check_utf8 = 0; + wsi->ws->utf8 = 0; + break; + case 3: + case 4: + case 5: + case 6: + case 7: + case 0xb: + case 0xc: + case 0xd: + case 0xe: + case 0xf: + lwsl_info("illegal opcode\n"); + return -1; + default: + wsi->ws->defeat_check_utf8 = 1; + break; + } + wsi->ws->rsv = (c & 0x70); + /* revisit if an extension wants them... */ + if ( +#if !defined(LWS_WITHOUT_EXTENSIONS) + !wsi->ws->count_act_ext && +#endif + wsi->ws->rsv) { + lwsl_info("illegal rsv bits set\n"); + return -1; + } + wsi->ws->final = !!((c >> 7) & 1); + lwsl_ext("%s: This RX frame Final %d\n", __func__, + wsi->ws->final); + + if (wsi->ws->owed_a_fin && + (wsi->ws->opcode == LWSWSOPC_TEXT_FRAME || + wsi->ws->opcode == LWSWSOPC_BINARY_FRAME)) { + lwsl_info("hey you owed us a FIN\n"); + return -1; + } + if ((!(wsi->ws->opcode & 8)) && wsi->ws->final) { + wsi->ws->continuation_possible = 0; + wsi->ws->owed_a_fin = 0; + } + + if ((wsi->ws->opcode & 8) && !wsi->ws->final) { + lwsl_info("control msg can't be fragmented\n"); + return -1; + } + if (!wsi->ws->final) + wsi->ws->owed_a_fin = 1; + + switch (wsi->ws->opcode) { + case LWSWSOPC_TEXT_FRAME: + case LWSWSOPC_BINARY_FRAME: + wsi->ws->frame_is_binary = wsi->ws->opcode == + LWSWSOPC_BINARY_FRAME; + break; + } + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN; + break; + + default: + lwsl_err("unknown spec version %02d\n", + wsi->ws->ietf_spec_revision); + break; + } + break; + + case LWS_RXPS_04_FRAME_HDR_LEN: + + wsi->ws->this_frame_masked = !!(c & 0x80); + + switch (c & 0x7f) { + case 126: + /* control frames are not allowed to have big lengths */ + if (wsi->ws->opcode & 8) + goto illegal_ctl_length; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2; + break; + case 127: + /* control frames are not allowed to have big lengths */ + if (wsi->ws->opcode & 8) + goto illegal_ctl_length; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8; + break; + default: + wsi->ws->rx_packet_length = c & 0x7f; + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = + LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else { + if (wsi->ws->rx_packet_length) { + wsi->lws_rx_parse_state = + LWS_RXPS_WS_FRAME_PAYLOAD; + } else { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + } + break; + } + break; + + case LWS_RXPS_04_FRAME_HDR_LEN16_2: + wsi->ws->rx_packet_length = c << 8; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN16_1: + wsi->ws->rx_packet_length |= c; + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else { + if (wsi->ws->rx_packet_length) + wsi->lws_rx_parse_state = + LWS_RXPS_WS_FRAME_PAYLOAD; + else { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + } + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_8: + if (c & 0x80) { + lwsl_warn("b63 of length must be zero\n"); + /* kill the connection */ + return -1; + } +#if defined __LP64__ + wsi->ws->rx_packet_length = ((size_t)c) << 56; +#else + wsi->ws->rx_packet_length = 0; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_7: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 48; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_6: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 40; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_5: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 32; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_4: + wsi->ws->rx_packet_length |= ((size_t)c) << 24; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_3: + wsi->ws->rx_packet_length |= ((size_t)c) << 16; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_2: + wsi->ws->rx_packet_length |= ((size_t)c) << 8; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_1: + wsi->ws->rx_packet_length |= (size_t)c; + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = + LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else { + if (wsi->ws->rx_packet_length) + wsi->lws_rx_parse_state = + LWS_RXPS_WS_FRAME_PAYLOAD; + else { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + } + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_1: + wsi->ws->mask[0] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_2: + wsi->ws->mask[1] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_3: + wsi->ws->mask[2] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_4: + wsi->ws->mask[3] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + + if (wsi->ws->rx_packet_length) + wsi->lws_rx_parse_state = + LWS_RXPS_WS_FRAME_PAYLOAD; + else { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + break; + + case LWS_RXPS_WS_FRAME_PAYLOAD: + + assert(wsi->ws->rx_ubuf); +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (wsi->ws->rx_draining_ext) + goto drain_extension; +#endif + if (wsi->ws->this_frame_masked && !wsi->ws->all_zero_nonce) + c ^= wsi->ws->mask[(wsi->ws->mask_idx++) & 3]; + + wsi->ws->rx_ubuf[LWS_PRE + (wsi->ws->rx_ubuf_head++)] = c; + + if (--wsi->ws->rx_packet_length == 0) { + /* spill because we have the whole frame */ + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + + /* + * if there's no protocol max frame size given, we are + * supposed to default to context->pt_serv_buf_size + */ + if (!wsi->protocol->rx_buffer_size && + wsi->ws->rx_ubuf_head != wsi->context->pt_serv_buf_size) + break; + + if (wsi->protocol->rx_buffer_size && + wsi->ws->rx_ubuf_head != wsi->protocol->rx_buffer_size) + break; + + /* spill because we filled our rx buffer */ +spill: + + handled = 0; + + /* + * is this frame a control packet we should take care of at this + * layer? If so service it and hide it from the user callback + */ + + switch (wsi->ws->opcode) { + case LWSWSOPC_CLOSE: + pp = (unsigned char *)&wsi->ws->rx_ubuf[LWS_PRE]; + if (lws_check_opt(wsi->context->options, + LWS_SERVER_OPTION_VALIDATE_UTF8) && + wsi->ws->rx_ubuf_head > 2 && + lws_check_utf8(&wsi->ws->utf8, pp + 2, + wsi->ws->rx_ubuf_head - 2)) + goto utf8_fail; + + /* is this an acknowledgment of our close? */ + if (lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { + /* + * fine he has told us he is closing too, let's + * finish our close + */ + lwsl_parser("seen server's close ack\n"); + return -1; + } + + lwsl_parser("client sees server close len = %d\n", + wsi->ws->rx_ubuf_head); + if (wsi->ws->rx_ubuf_head >= 2) { + close_code = (pp[0] << 8) | pp[1]; + if (close_code < 1000 || + close_code == 1004 || + close_code == 1005 || + close_code == 1006 || + close_code == 1012 || + close_code == 1013 || + close_code == 1014 || + close_code == 1015 || + (close_code >= 1016 && close_code < 3000) + ) { + pp[0] = (LWS_CLOSE_STATUS_PROTOCOL_ERR >> 8) & 0xff; + pp[1] = LWS_CLOSE_STATUS_PROTOCOL_ERR & 0xff; + } + } + if (user_callback_handle_rxflow( + wsi->protocol->callback, wsi, + LWS_CALLBACK_WS_PEER_INITIATED_CLOSE, + wsi->user_space, pp, + wsi->ws->rx_ubuf_head)) + return -1; + + memcpy(wsi->ws->ping_payload_buf + LWS_PRE, pp, + wsi->ws->rx_ubuf_head); + wsi->ws->close_in_ping_buffer_len = wsi->ws->rx_ubuf_head; + + lwsl_info("%s: scheduling return close as ack\n", __func__); + __lws_change_pollfd(wsi, LWS_POLLIN, 0); + lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_SEND, 3); + wsi->waiting_to_send_close_frame = 1; + wsi->close_needs_ack = 0; + lwsi_set_state(wsi, LRS_WAITING_TO_SEND_CLOSE); + lws_callback_on_writable(wsi); + handled = 1; + break; + + case LWSWSOPC_PING: + lwsl_info("received %d byte ping, sending pong\n", + wsi->ws->rx_ubuf_head); + + /* he set a close reason on this guy, ignore PING */ + if (wsi->ws->close_in_ping_buffer_len) + goto ping_drop; + + if (wsi->ws->ping_pending_flag) { + /* + * there is already a pending ping payload + * we should just log and drop + */ + lwsl_parser("DROP PING since one pending\n"); + goto ping_drop; + } + + /* control packets can only be < 128 bytes long */ + if (wsi->ws->rx_ubuf_head > 128 - 3) { + lwsl_parser("DROP PING payload too large\n"); + goto ping_drop; + } + + /* stash the pong payload */ + memcpy(wsi->ws->ping_payload_buf + LWS_PRE, + &wsi->ws->rx_ubuf[LWS_PRE], + wsi->ws->rx_ubuf_head); + + wsi->ws->ping_payload_len = wsi->ws->rx_ubuf_head; + wsi->ws->ping_pending_flag = 1; + + /* get it sent as soon as possible */ + lws_callback_on_writable(wsi); +ping_drop: + wsi->ws->rx_ubuf_head = 0; + handled = 1; + break; + + case LWSWSOPC_PONG: + lwsl_info("client received pong\n"); + lwsl_hexdump(&wsi->ws->rx_ubuf[LWS_PRE], + wsi->ws->rx_ubuf_head); + + if (wsi->pending_timeout == + PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG) { + lwsl_info("%p: received expected PONG\n", wsi); + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + } + + /* issue it */ + callback_action = LWS_CALLBACK_CLIENT_RECEIVE_PONG; + break; + + case LWSWSOPC_CONTINUATION: + case LWSWSOPC_TEXT_FRAME: + case LWSWSOPC_BINARY_FRAME: + break; + + default: + /* not handled or failed */ + lwsl_ext("Unhandled ext opc 0x%x\n", wsi->ws->opcode); + wsi->ws->rx_ubuf_head = 0; + + return -1; + } + + /* + * No it's real payload, pass it up to the user callback. + * It's nicely buffered with the pre-padding taken care of + * so it can be sent straight out again using lws_write + */ + if (handled) + goto already_done; + + ebuf.token = &wsi->ws->rx_ubuf[LWS_PRE]; + ebuf.len = wsi->ws->rx_ubuf_head; + +#if !defined(LWS_WITHOUT_EXTENSIONS) +drain_extension: + lwsl_ext("%s: passing %d to ext\n", __func__, ebuf.len); + + n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &ebuf, 0); + lwsl_ext("Ext RX returned %d\n", n); + if (n < 0) { + wsi->socket_is_permanently_unusable = 1; + return -1; + } +#endif + lwsl_debug("post inflate ebuf len %d\n", ebuf.len); + +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (rx_draining_ext && !ebuf.len) { + lwsl_debug(" --- ending drain on 0 read result\n"); + goto already_done; + } +#endif + + if (wsi->ws->check_utf8 && !wsi->ws->defeat_check_utf8) { + if (lws_check_utf8(&wsi->ws->utf8, + (unsigned char *)ebuf.token, + ebuf.len)) { + lws_close_reason(wsi, + LWS_CLOSE_STATUS_INVALID_PAYLOAD, + (uint8_t *)"bad utf8", 8); + goto utf8_fail; + } + + /* we are ending partway through utf-8 character? */ + if (!wsi->ws->rx_packet_length && wsi->ws->final && + wsi->ws->utf8 +#if !defined(LWS_WITHOUT_EXTENSIONS) + && !n +#endif + ) { + lwsl_info("FINAL utf8 error\n"); + lws_close_reason(wsi, + LWS_CLOSE_STATUS_INVALID_PAYLOAD, + (uint8_t *)"partial utf8", 12); +utf8_fail: + lwsl_info("utf8 error\n"); + lwsl_hexdump_info(ebuf.token, ebuf.len); + + return -1; + } + } + + if (ebuf.len < 0 && + callback_action != LWS_CALLBACK_CLIENT_RECEIVE_PONG) + goto already_done; + + if (!ebuf.token) + goto already_done; + + ebuf.token[ebuf.len] = '\0'; + + if (!wsi->protocol->callback) + goto already_done; + + if (callback_action == LWS_CALLBACK_CLIENT_RECEIVE_PONG) + lwsl_info("Client doing pong callback\n"); + + if ( + /* coverity says dead code otherwise */ +#if !defined(LWS_WITHOUT_EXTENSIONS) + n && +#endif + ebuf.len) + /* extension had more... main loop will come back + * we want callback to be done with this set, if so, + * because lws_is_final() hides it was final until the + * last chunk + */ + lws_add_wsi_to_draining_ext_list(wsi); + else + lws_remove_wsi_from_draining_ext_list(wsi); + + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || + lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE || + lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) + goto already_done; + + m = wsi->protocol->callback(wsi, + (enum lws_callback_reasons)callback_action, + wsi->user_space, ebuf.token, ebuf.len); + + wsi->ws->first_fragment = 0; + + // lwsl_notice("%s: bulk ws rx: input used %d, output %d\n", + // __func__, wsi->ws->rx_ubuf_head, ebuf.len); + + /* if user code wants to close, let caller know */ + if (m) + return 1; + +already_done: + wsi->ws->rx_ubuf_head = 0; + break; + default: + lwsl_err("client rx illegal state\n"); + return 1; + } + + return 0; + +illegal_ctl_length: + lwsl_warn("Control frame asking for extended length is illegal\n"); + + /* kill the connection */ + return -1; +} + + diff --git a/thirdparty/libwebsockets/roles/ws/client-ws.c b/thirdparty/libwebsockets/roles/ws/client-ws.c new file mode 100644 index 0000000000..fd6cf42551 --- /dev/null +++ b/thirdparty/libwebsockets/roles/ws/client-ws.c @@ -0,0 +1,629 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +/* + * In-place str to lower case + */ + +static void +strtolower(char *s) +{ + while (*s) { +#ifdef LWS_PLAT_OPTEE + int tolower_optee(int c); + *s = tolower_optee((int)*s); +#else + *s = tolower((int)*s); +#endif + s++; + } +} + +int +lws_create_client_ws_object(struct lws_client_connect_info *i, struct lws *wsi) +{ + int v = SPEC_LATEST_SUPPORTED; + + /* allocate the ws struct for the wsi */ + wsi->ws = lws_zalloc(sizeof(*wsi->ws), "client ws struct"); + if (!wsi->ws) { + lwsl_notice("OOM\n"); + return 1; + } + + /* -1 means just use latest supported */ + if (i->ietf_version_or_minus_one != -1 && + i->ietf_version_or_minus_one) + v = i->ietf_version_or_minus_one; + + wsi->ws->ietf_spec_revision = v; + + return 0; +} + +#if !defined(LWS_NO_CLIENT) +int +lws_ws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len) +{ + if ((lwsi_state(wsi) != LRS_WAITING_PROXY_REPLY) && + (lwsi_state(wsi) != LRS_H1C_ISSUE_HANDSHAKE) && + (lwsi_state(wsi) != LRS_WAITING_SERVER_REPLY) && + !lwsi_role_client(wsi)) + return 0; + + // lwsl_notice("%s: hs client gets %d in\n", __func__, (int)len); + + while (len) { + /* + * we were accepting input but now we stopped doing so + */ + if (lws_is_flowcontrolled(wsi)) { + //lwsl_notice("%s: caching %ld\n", __func__, (long)len); + lws_rxflow_cache(wsi, *buf, 0, (int)len); + *buf += len; + return 0; + } +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (wsi->ws->rx_draining_ext) { + int m; + + //lwsl_notice("%s: draining ext\n", __func__); + if (lwsi_role_client(wsi)) + m = lws_ws_client_rx_sm(wsi, 0); + else + m = lws_ws_rx_sm(wsi, 0, 0); + if (m < 0) + return -1; + continue; + } +#endif + /* caller will account for buflist usage */ + + if (lws_ws_client_rx_sm(wsi, *(*buf)++)) { + lwsl_notice("%s: client_rx_sm exited, DROPPING %d\n", + __func__, (int)len); + return -1; + } + len--; + } + // lwsl_notice("%s: finished with %ld\n", __func__, (long)len); + + return 0; +} +#endif + +char * +lws_generate_client_ws_handshake(struct lws *wsi, char *p) +{ + char buf[128], hash[20], key_b64[40]; + int n; +#if !defined(LWS_WITHOUT_EXTENSIONS) + const struct lws_extension *ext; + int ext_count = 0; +#endif + + /* + * create the random key + */ + n = lws_get_random(wsi->context, hash, 16); + if (n != 16) { + lwsl_err("Unable to read from random dev %s\n", + SYSTEM_RANDOM_FILEPATH); + return NULL; + } + + lws_b64_encode_string(hash, 16, key_b64, sizeof(key_b64)); + + p += sprintf(p, "Upgrade: websocket\x0d\x0a" + "Connection: Upgrade\x0d\x0a" + "Sec-WebSocket-Key: "); + strcpy(p, key_b64); + p += strlen(key_b64); + p += sprintf(p, "\x0d\x0a"); + if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS)) + p += sprintf(p, "Sec-WebSocket-Protocol: %s\x0d\x0a", + lws_hdr_simple_ptr(wsi, + _WSI_TOKEN_CLIENT_SENT_PROTOCOLS)); + + /* tell the server what extensions we could support */ + +#if !defined(LWS_WITHOUT_EXTENSIONS) + ext = wsi->vhost->ws.extensions; + while (ext && ext->callback) { + + n = wsi->vhost->protocols[0].callback(wsi, + LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED, + wsi->user_space, (char *)ext->name, 0); + + /* + * zero return from callback means go ahead and allow + * the extension, it's what we get if the callback is + * unhandled + */ + + if (n) { + ext++; + continue; + } + + /* apply it */ + + if (ext_count) + *p++ = ','; + else + p += sprintf(p, "Sec-WebSocket-Extensions: "); + p += sprintf(p, "%s", ext->client_offer); + ext_count++; + + ext++; + } + if (ext_count) + p += sprintf(p, "\x0d\x0a"); +#endif + + if (wsi->ws->ietf_spec_revision) + p += sprintf(p, "Sec-WebSocket-Version: %d\x0d\x0a", + wsi->ws->ietf_spec_revision); + + /* prepare the expected server accept response */ + + key_b64[39] = '\0'; /* enforce composed length below buf sizeof */ + n = sprintf(buf, "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", + key_b64); + + lws_SHA1((unsigned char *)buf, n, (unsigned char *)hash); + + lws_b64_encode_string(hash, 20, + wsi->http.ah->initial_handshake_hash_base64, + sizeof(wsi->http.ah->initial_handshake_hash_base64)); + + return p; +} + +int +lws_client_ws_upgrade(struct lws *wsi, const char **cce) +{ + int n, len, okay = 0; + struct lws_context *context = wsi->context; + const char *pc; + char *p; +#if !defined(LWS_WITHOUT_EXTENSIONS) + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + char *sb = (char *)&pt->serv_buf[0]; + const struct lws_ext_options *opts; + const struct lws_extension *ext; + char ext_name[128]; + const char *c, *a; + char ignore; + int more = 1; +#endif + + if (wsi->client_h2_substream) {/* !!! client ws-over-h2 not there yet */ + lwsl_warn("%s: client ws-over-h2 upgrade not supported yet\n", + __func__); + *cce = "HS: h2 / ws upgrade unsupported"; + goto bail3; + } + + if (wsi->http.ah->http_response == 401) { + lwsl_warn( + "lws_client_handshake: got bad HTTP response '%d'\n", + wsi->http.ah->http_response); + *cce = "HS: ws upgrade unauthorized"; + goto bail3; + } + + if (wsi->http.ah->http_response != 101) { + lwsl_warn( + "lws_client_handshake: got bad HTTP response '%d'\n", + wsi->http.ah->http_response); + *cce = "HS: ws upgrade response not 101"; + goto bail3; + } + + if (lws_hdr_total_length(wsi, WSI_TOKEN_ACCEPT) == 0) { + lwsl_info("no ACCEPT\n"); + *cce = "HS: ACCEPT missing"; + goto bail3; + } + + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_UPGRADE); + if (!p) { + lwsl_info("no UPGRADE\n"); + *cce = "HS: UPGRADE missing"; + goto bail3; + } + strtolower(p); + if (strcmp(p, "websocket")) { + lwsl_warn( + "lws_client_handshake: got bad Upgrade header '%s'\n", p); + *cce = "HS: Upgrade to something other than websocket"; + goto bail3; + } + + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_CONNECTION); + if (!p) { + lwsl_info("no Connection hdr\n"); + *cce = "HS: CONNECTION missing"; + goto bail3; + } + strtolower(p); + if (strcmp(p, "upgrade")) { + lwsl_warn("lws_client_int_s_hs: bad header %s\n", p); + *cce = "HS: UPGRADE malformed"; + goto bail3; + } + + pc = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS); + if (!pc) { + lwsl_parser("lws_client_int_s_hs: no protocol list\n"); + } else + lwsl_parser("lws_client_int_s_hs: protocol list '%s'\n", pc); + + /* + * confirm the protocol the server wants to talk was in the list + * of protocols we offered + */ + + len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL); + if (!len) { + lwsl_info("%s: WSI_TOKEN_PROTOCOL is null\n", __func__); + /* + * no protocol name to work from, + * default to first protocol + */ + n = 0; + wsi->protocol = &wsi->vhost->protocols[0]; + goto check_extensions; + } + + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL); + len = (int)strlen(p); + + while (pc && *pc && !okay) { + if (!strncmp(pc, p, len) && + (pc[len] == ',' || pc[len] == '\0')) { + okay = 1; + continue; + } + while (*pc && *pc++ != ',') + ; + while (*pc && *pc == ' ') + pc++; + } + + if (!okay) { + lwsl_info("%s: got bad protocol %s\n", __func__, p); + *cce = "HS: PROTOCOL malformed"; + goto bail2; + } + + /* + * identify the selected protocol struct and set it + */ + n = 0; + /* keep client connection pre-bound protocol */ + if (!lwsi_role_client(wsi)) + wsi->protocol = NULL; + + while (wsi->vhost->protocols[n].callback) { + if (!wsi->protocol && + strcmp(p, wsi->vhost->protocols[n].name) == 0) { + wsi->protocol = &wsi->vhost->protocols[n]; + break; + } + n++; + } + + if (!wsi->vhost->protocols[n].callback) { /* no match */ + /* if server, that's already fatal */ + if (!lwsi_role_client(wsi)) { + lwsl_info("%s: fail protocol %s\n", __func__, p); + *cce = "HS: Cannot match protocol"; + goto bail2; + } + + /* for client, find the index of our pre-bound protocol */ + + n = 0; + while (wsi->vhost->protocols[n].callback) { + if (wsi->protocol && strcmp(wsi->protocol->name, + wsi->vhost->protocols[n].name) == 0) { + wsi->protocol = &wsi->vhost->protocols[n]; + break; + } + n++; + } + + if (!wsi->vhost->protocols[n].callback) { + if (wsi->protocol) + lwsl_err("Failed to match protocol %s\n", + wsi->protocol->name); + else + lwsl_err("No protocol on client\n"); + goto bail2; + } + } + + lwsl_debug("Selected protocol %s\n", wsi->protocol->name); + +check_extensions: + /* + * stitch protocol choice into the vh protocol linked list + * We always insert ourselves at the start of the list + * + * X <-> B + * X <-> pAn <-> pB + */ + + lws_vhost_lock(wsi->vhost); + + wsi->same_vh_protocol_prev = /* guy who points to us */ + &wsi->vhost->same_vh_protocol_list[n]; + wsi->same_vh_protocol_next = /* old first guy is our next */ + wsi->vhost->same_vh_protocol_list[n]; + /* we become the new first guy */ + wsi->vhost->same_vh_protocol_list[n] = wsi; + + if (wsi->same_vh_protocol_next) + /* old first guy points back to us now */ + wsi->same_vh_protocol_next->same_vh_protocol_prev = + &wsi->same_vh_protocol_next; + wsi->on_same_vh_list = 1; + + lws_vhost_unlock(wsi->vhost); + +#if !defined(LWS_WITHOUT_EXTENSIONS) + /* instantiate the accepted extensions */ + + if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS)) { + lwsl_ext("no client extensions allowed by server\n"); + goto check_accept; + } + + /* + * break down the list of server accepted extensions + * and go through matching them or identifying bogons + */ + + if (lws_hdr_copy(wsi, sb, context->pt_serv_buf_size, + WSI_TOKEN_EXTENSIONS) < 0) { + lwsl_warn("ext list from server failed to copy\n"); + *cce = "HS: EXT: list too big"; + goto bail2; + } + + c = sb; + n = 0; + ignore = 0; + a = NULL; + while (more) { + + if (*c && (*c != ',' && *c != '\t')) { + if (*c == ';') { + ignore = 1; + if (!a) + a = c + 1; + } + if (ignore || *c == ' ') { + c++; + continue; + } + + ext_name[n] = *c++; + if (n < (int)sizeof(ext_name) - 1) + n++; + continue; + } + ext_name[n] = '\0'; + ignore = 0; + if (!*c) + more = 0; + else { + c++; + if (!n) + continue; + } + + /* check we actually support it */ + + lwsl_notice("checking client ext %s\n", ext_name); + + n = 0; + ext = wsi->vhost->ws.extensions; + while (ext && ext->callback) { + if (strcmp(ext_name, ext->name)) { + ext++; + continue; + } + + n = 1; + lwsl_notice("instantiating client ext %s\n", ext_name); + + /* instantiate the extension on this conn */ + + wsi->ws->active_extensions[wsi->ws->count_act_ext] = ext; + + /* allow him to construct his ext instance */ + + if (ext->callback(lws_get_context(wsi), ext, wsi, + LWS_EXT_CB_CLIENT_CONSTRUCT, + (void *)&wsi->ws->act_ext_user[wsi->ws->count_act_ext], + (void *)&opts, 0)) { + lwsl_info(" ext %s failed construction\n", + ext_name); + ext++; + continue; + } + + /* + * allow the user code to override ext defaults if it + * wants to + */ + ext_name[0] = '\0'; + if (user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_WS_EXT_DEFAULTS, + (char *)ext->name, ext_name, + sizeof(ext_name))) { + *cce = "HS: EXT: failed setting defaults"; + goto bail2; + } + + if (ext_name[0] && + lws_ext_parse_options(ext, wsi, wsi->ws->act_ext_user[ + wsi->ws->count_act_ext], opts, ext_name, + (int)strlen(ext_name))) { + lwsl_err("%s: unable to parse user defaults '%s'", + __func__, ext_name); + *cce = "HS: EXT: failed parsing defaults"; + goto bail2; + } + + /* + * give the extension the server options + */ + if (a && lws_ext_parse_options(ext, wsi, + wsi->ws->act_ext_user[wsi->ws->count_act_ext], + opts, a, lws_ptr_diff(c, a))) { + lwsl_err("%s: unable to parse remote def '%s'", + __func__, a); + *cce = "HS: EXT: failed parsing options"; + goto bail2; + } + + if (ext->callback(lws_get_context(wsi), ext, wsi, + LWS_EXT_CB_OPTION_CONFIRM, + wsi->ws->act_ext_user[wsi->ws->count_act_ext], + NULL, 0)) { + lwsl_err("%s: ext %s rejects server options %s", + __func__, ext->name, a); + *cce = "HS: EXT: Rejects server options"; + goto bail2; + } + + wsi->ws->count_act_ext++; + + ext++; + } + + if (n == 0) { + lwsl_warn("Unknown ext '%s'!\n", ext_name); + *cce = "HS: EXT: unknown ext"; + goto bail2; + } + + a = NULL; + n = 0; + } + +check_accept: +#endif + + /* + * Confirm his accept token is the one we precomputed + */ + + p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_ACCEPT); + if (strcmp(p, wsi->http.ah->initial_handshake_hash_base64)) { + lwsl_warn("lws_client_int_s_hs: accept '%s' wrong vs '%s'\n", p, + wsi->http.ah->initial_handshake_hash_base64); + *cce = "HS: Accept hash wrong"; + goto bail2; + } + + /* allocate the per-connection user memory (if any) */ + if (lws_ensure_user_space(wsi)) { + lwsl_err("Problem allocating wsi user mem\n"); + *cce = "HS: OOM"; + goto bail2; + } + + /* + * we seem to be good to go, give client last chance to check + * headers and OK it + */ + if (wsi->protocol->callback(wsi, + LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH, + wsi->user_space, NULL, 0)) { + *cce = "HS: Rejected by filter cb"; + goto bail2; + } + + /* clear his proxy connection timeout */ + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + + /* free up his parsing allocations */ + lws_header_table_detach(wsi, 0); + + lws_role_transition(wsi, LWSIFR_CLIENT, LRS_ESTABLISHED, + &role_ops_ws); + lws_restart_ws_ping_pong_timer(wsi); + + wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; + + /* + * create the frame buffer for this connection according to the + * size mentioned in the protocol definition. If 0 there, then + * use a big default for compatibility + */ + n = (int)wsi->protocol->rx_buffer_size; + if (!n) + n = context->pt_serv_buf_size; + n += LWS_PRE; + wsi->ws->rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */, + "client frame buffer"); + if (!wsi->ws->rx_ubuf) { + lwsl_err("Out of Mem allocating rx buffer %d\n", n); + *cce = "HS: OOM"; + goto bail2; + } + wsi->ws->rx_ubuf_alloc = n; + lwsl_info("Allocating client RX buffer %d\n", n); + +#if !defined(LWS_WITH_ESP32) + if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF, + (const char *)&n, sizeof n)) { + lwsl_warn("Failed to set SNDBUF to %d", n); + *cce = "HS: SO_SNDBUF failed"; + goto bail3; + } +#endif + + lwsl_debug("handshake OK for protocol %s\n", wsi->protocol->name); + + /* call him back to inform him he is up */ + + if (wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_ESTABLISHED, + wsi->user_space, NULL, 0)) { + *cce = "HS: Rejected at CLIENT_ESTABLISHED"; + goto bail3; + } + + return 0; + +bail3: + return 3; + +bail2: + return 2; +} diff --git a/thirdparty/libwebsockets/roles/ws/ops-ws.c b/thirdparty/libwebsockets/roles/ws/ops-ws.c new file mode 100644 index 0000000000..665b2c9b74 --- /dev/null +++ b/thirdparty/libwebsockets/roles/ws/ops-ws.c @@ -0,0 +1,1994 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +#define LWS_CPYAPP(ptr, str) { strcpy(ptr, str); ptr += strlen(str); } + +/* + * client-parser.c: lws_ws_client_rx_sm() needs to be roughly kept in + * sync with changes here, esp related to ext draining + */ + +int +lws_ws_rx_sm(struct lws *wsi, char already_processed, unsigned char c) +{ + int callback_action = LWS_CALLBACK_RECEIVE; + int ret = 0; + unsigned short close_code; + struct lws_tokens ebuf; + unsigned char *pp; + int n = 0; +#if !defined(LWS_WITHOUT_EXTENSIONS) + int rx_draining_ext = 0; + int lin; +#endif + + ebuf.token = NULL; + ebuf.len = 0; + if (wsi->socket_is_permanently_unusable) + return -1; + + switch (wsi->lws_rx_parse_state) { + case LWS_RXPS_NEW: +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (wsi->ws->rx_draining_ext) { + ebuf.token = NULL; + ebuf.len = 0; + lws_remove_wsi_from_draining_ext_list(wsi); + rx_draining_ext = 1; + lwsl_debug("%s: doing draining flow\n", __func__); + + goto drain_extension; + } +#endif + switch (wsi->ws->ietf_spec_revision) { + case 13: + /* + * no prepended frame key any more + */ + wsi->ws->all_zero_nonce = 1; + goto handle_first; + + default: + lwsl_warn("lws_ws_rx_sm: unknown spec version %d\n", + wsi->ws->ietf_spec_revision); + break; + } + break; + case LWS_RXPS_04_mask_1: + wsi->ws->mask[1] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_04_mask_2; + break; + case LWS_RXPS_04_mask_2: + wsi->ws->mask[2] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_04_mask_3; + break; + case LWS_RXPS_04_mask_3: + wsi->ws->mask[3] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + + /* + * start from the zero'th byte in the XOR key buffer since + * this is the start of a frame with a new key + */ + + wsi->ws->mask_idx = 0; + + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_1; + break; + + /* + * 04 logical framing from the spec (all this is masked when incoming + * and has to be unmasked) + * + * We ignore the possibility of extension data because we don't + * negotiate any extensions at the moment. + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-------+-+-------------+-------------------------------+ + * |F|R|R|R| opcode|R| Payload len | Extended payload length | + * |I|S|S|S| (4) |S| (7) | (16/63) | + * |N|V|V|V| |V| | (if payload len==126/127) | + * | |1|2|3| |4| | | + * +-+-+-+-+-------+-+-------------+ - - - - - - - - - - - - - - - + + * | Extended payload length continued, if payload len == 127 | + * + - - - - - - - - - - - - - - - +-------------------------------+ + * | | Extension data | + * +-------------------------------+ - - - - - - - - - - - - - - - + + * : : + * +---------------------------------------------------------------+ + * : Application data : + * +---------------------------------------------------------------+ + * + * We pass payload through to userland as soon as we get it, ignoring + * FIN. It's up to userland to buffer it up if it wants to see a + * whole unfragmented block of the original size (which may be up to + * 2^63 long!) + */ + + case LWS_RXPS_04_FRAME_HDR_1: +handle_first: + + wsi->ws->opcode = c & 0xf; + wsi->ws->rsv = c & 0x70; + wsi->ws->final = !!((c >> 7) & 1); + wsi->ws->defeat_check_utf8 = 0; + + if (((wsi->ws->opcode) & 8) && !wsi->ws->final) { + lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, + (uint8_t *)"frag ctl", 8); + return -1; + } + + switch (wsi->ws->opcode) { + case LWSWSOPC_TEXT_FRAME: + wsi->ws->check_utf8 = lws_check_opt( + wsi->context->options, + LWS_SERVER_OPTION_VALIDATE_UTF8); + /* fallthru */ + case LWSWSOPC_BINARY_FRAME: + if (wsi->ws->opcode == LWSWSOPC_BINARY_FRAME) + wsi->ws->check_utf8 = 0; + if (wsi->ws->continuation_possible) { + lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, (uint8_t *)"bad cont", 8); + return -1; + } + wsi->ws->rsv_first_msg = (c & 0x70); + wsi->ws->frame_is_binary = + wsi->ws->opcode == LWSWSOPC_BINARY_FRAME; + wsi->ws->first_fragment = 1; + wsi->ws->continuation_possible = !wsi->ws->final; + break; + case LWSWSOPC_CONTINUATION: + if (!wsi->ws->continuation_possible) { + lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, (uint8_t *)"bad cont", 8); + return -1; + } + break; + case LWSWSOPC_CLOSE: + wsi->ws->check_utf8 = 0; + wsi->ws->utf8 = 0; + break; + case 3: + case 4: + case 5: + case 6: + case 7: + case 0xb: + case 0xc: + case 0xd: + case 0xe: + case 0xf: + lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, (uint8_t *)"bad opc", 7); + lwsl_info("illegal opcode\n"); + return -1; + } + + if (wsi->ws->owed_a_fin && + (wsi->ws->opcode == LWSWSOPC_TEXT_FRAME || + wsi->ws->opcode == LWSWSOPC_BINARY_FRAME)) { + lwsl_info("hey you owed us a FIN\n"); + lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, (uint8_t *)"bad fin", 7); + return -1; + } + if ((!(wsi->ws->opcode & 8)) && wsi->ws->final) { + wsi->ws->continuation_possible = 0; + wsi->ws->owed_a_fin = 0; + } + + if (!wsi->ws->final) + wsi->ws->owed_a_fin = 1; + + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN; + if (wsi->ws->rsv && + ( +#if !defined(LWS_WITHOUT_EXTENSIONS) + !wsi->ws->count_act_ext || +#endif + (wsi->ws->rsv & ~0x40))) { + lws_close_reason(wsi, LWS_CLOSE_STATUS_PROTOCOL_ERR, + (uint8_t *)"rsv bits", 8); + return -1; + } + break; + + case LWS_RXPS_04_FRAME_HDR_LEN: + + wsi->ws->this_frame_masked = !!(c & 0x80); + + switch (c & 0x7f) { + case 126: + /* control frames are not allowed to have big lengths */ + if (wsi->ws->opcode & 8) + goto illegal_ctl_length; + + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2; + break; + case 127: + /* control frames are not allowed to have big lengths */ + if (wsi->ws->opcode & 8) + goto illegal_ctl_length; + + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8; + break; + default: + wsi->ws->rx_packet_length = c & 0x7f; + + + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = + LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else + if (wsi->ws->rx_packet_length) { + wsi->lws_rx_parse_state = + LWS_RXPS_WS_FRAME_PAYLOAD; + } else { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + break; + } + break; + + case LWS_RXPS_04_FRAME_HDR_LEN16_2: + wsi->ws->rx_packet_length = c << 8; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN16_1: + wsi->ws->rx_packet_length |= c; + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = + LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else { + wsi->lws_rx_parse_state = + LWS_RXPS_WS_FRAME_PAYLOAD; + } + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_8: + if (c & 0x80) { + lwsl_warn("b63 of length must be zero\n"); + /* kill the connection */ + return -1; + } +#if defined __LP64__ + wsi->ws->rx_packet_length = ((size_t)c) << 56; +#else + wsi->ws->rx_packet_length = 0; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_7: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 48; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_6: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 40; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_5: +#if defined __LP64__ + wsi->ws->rx_packet_length |= ((size_t)c) << 32; +#endif + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_4: + wsi->ws->rx_packet_length |= ((size_t)c) << 24; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_3: + wsi->ws->rx_packet_length |= ((size_t)c) << 16; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_2: + wsi->ws->rx_packet_length |= ((size_t)c) << 8; + wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1; + break; + + case LWS_RXPS_04_FRAME_HDR_LEN64_1: + wsi->ws->rx_packet_length |= ((size_t)c); + if (wsi->ws->this_frame_masked) + wsi->lws_rx_parse_state = + LWS_RXPS_07_COLLECT_FRAME_KEY_1; + else + wsi->lws_rx_parse_state = LWS_RXPS_WS_FRAME_PAYLOAD; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_1: + wsi->ws->mask[0] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_2: + wsi->ws->mask[1] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_3: + wsi->ws->mask[2] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4; + break; + + case LWS_RXPS_07_COLLECT_FRAME_KEY_4: + wsi->ws->mask[3] = c; + if (c) + wsi->ws->all_zero_nonce = 0; + wsi->lws_rx_parse_state = LWS_RXPS_WS_FRAME_PAYLOAD; + wsi->ws->mask_idx = 0; + if (wsi->ws->rx_packet_length == 0) { + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } + break; + + + case LWS_RXPS_WS_FRAME_PAYLOAD: + assert(wsi->ws->rx_ubuf); + + if (wsi->ws->rx_ubuf_head + LWS_PRE >= wsi->ws->rx_ubuf_alloc) { + lwsl_err("Attempted overflow \n"); + return -1; + } + if (!(already_processed & ALREADY_PROCESSED_IGNORE_CHAR)) { + if (wsi->ws->all_zero_nonce) + wsi->ws->rx_ubuf[LWS_PRE + (wsi->ws->rx_ubuf_head++)] = + c; + else + wsi->ws->rx_ubuf[LWS_PRE + (wsi->ws->rx_ubuf_head++)] = + c ^ wsi->ws->mask[(wsi->ws->mask_idx++) & 3]; + + --wsi->ws->rx_packet_length; + } + + if (!wsi->ws->rx_packet_length) { + lwsl_debug("%s: ws fragment length exhausted\n", __func__); + /* spill because we have the whole frame */ + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + goto spill; + } +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (wsi->ws->rx_draining_ext) { + lwsl_debug("%s: UNTIL_EXHAUSTED draining\n", __func__); + goto drain_extension; + } +#endif + /* + * if there's no protocol max frame size given, we are + * supposed to default to context->pt_serv_buf_size + */ + if (!wsi->protocol->rx_buffer_size && + wsi->ws->rx_ubuf_head != wsi->context->pt_serv_buf_size) + break; + + if (wsi->protocol->rx_buffer_size && + wsi->ws->rx_ubuf_head != wsi->protocol->rx_buffer_size) + break; + + /* spill because we filled our rx buffer */ +spill: + /* + * is this frame a control packet we should take care of at this + * layer? If so service it and hide it from the user callback + */ + + lwsl_parser("spill on %s\n", wsi->protocol->name); + + switch (wsi->ws->opcode) { + case LWSWSOPC_CLOSE: + + if (wsi->ws->peer_has_sent_close) + break; + + wsi->ws->peer_has_sent_close = 1; + + pp = (unsigned char *)&wsi->ws->rx_ubuf[LWS_PRE]; + if (lws_check_opt(wsi->context->options, + LWS_SERVER_OPTION_VALIDATE_UTF8) && + wsi->ws->rx_ubuf_head > 2 && + lws_check_utf8(&wsi->ws->utf8, pp + 2, + wsi->ws->rx_ubuf_head - 2)) + goto utf8_fail; + + /* is this an acknowledgment of our close? */ + if (lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { + /* + * fine he has told us he is closing too, let's + * finish our close + */ + lwsl_parser("seen client close ack\n"); + return -1; + } + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) + /* if he sends us 2 CLOSE, kill him */ + return -1; + + if (lws_partial_buffered(wsi)) { + /* + * if we're in the middle of something, + * we can't do a normal close response and + * have to just close our end. + */ + wsi->socket_is_permanently_unusable = 1; + lwsl_parser("Closing on peer close due to Pending tx\n"); + return -1; + } + + if (wsi->ws->rx_ubuf_head >= 2) { + close_code = (pp[0] << 8) | pp[1]; + if (close_code < 1000 || + close_code == 1004 || + close_code == 1005 || + close_code == 1006 || + close_code == 1012 || + close_code == 1013 || + close_code == 1014 || + close_code == 1015 || + (close_code >= 1016 && close_code < 3000) + ) { + pp[0] = (LWS_CLOSE_STATUS_PROTOCOL_ERR >> 8) & 0xff; + pp[1] = LWS_CLOSE_STATUS_PROTOCOL_ERR & 0xff; + } + } + + if (user_callback_handle_rxflow( + wsi->protocol->callback, wsi, + LWS_CALLBACK_WS_PEER_INITIATED_CLOSE, + wsi->user_space, + &wsi->ws->rx_ubuf[LWS_PRE], + wsi->ws->rx_ubuf_head)) + return -1; + + lwsl_parser("server sees client close packet\n"); + lwsi_set_state(wsi, LRS_RETURNED_CLOSE); + /* deal with the close packet contents as a PONG */ + wsi->ws->payload_is_close = 1; + goto process_as_ping; + + case LWSWSOPC_PING: + lwsl_info("received %d byte ping, sending pong\n", + wsi->ws->rx_ubuf_head); + + if (wsi->ws->ping_pending_flag) { + /* + * there is already a pending ping payload + * we should just log and drop + */ + lwsl_parser("DROP PING since one pending\n"); + goto ping_drop; + } +process_as_ping: + /* control packets can only be < 128 bytes long */ + if (wsi->ws->rx_ubuf_head > 128 - 3) { + lwsl_parser("DROP PING payload too large\n"); + goto ping_drop; + } + + /* stash the pong payload */ + memcpy(wsi->ws->ping_payload_buf + LWS_PRE, + &wsi->ws->rx_ubuf[LWS_PRE], + wsi->ws->rx_ubuf_head); + + wsi->ws->ping_payload_len = wsi->ws->rx_ubuf_head; + wsi->ws->ping_pending_flag = 1; + + /* get it sent as soon as possible */ + lws_callback_on_writable(wsi); +ping_drop: + wsi->ws->rx_ubuf_head = 0; + return 0; + + case LWSWSOPC_PONG: + lwsl_info("received pong\n"); + lwsl_hexdump(&wsi->ws->rx_ubuf[LWS_PRE], + wsi->ws->rx_ubuf_head); + + if (wsi->pending_timeout == + PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG) { + lwsl_info("received expected PONG on wsi %p\n", + wsi); + lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); + } + + /* issue it */ + callback_action = LWS_CALLBACK_RECEIVE_PONG; + break; + + case LWSWSOPC_TEXT_FRAME: + case LWSWSOPC_BINARY_FRAME: + case LWSWSOPC_CONTINUATION: + break; + + default: + lwsl_parser("unknown opc %x\n", wsi->ws->opcode); + + return -1; + } + + /* + * No it's real payload, pass it up to the user callback. + * It's nicely buffered with the pre-padding taken care of + * so it can be sent straight out again using lws_write + */ + + ebuf.token = &wsi->ws->rx_ubuf[LWS_PRE]; + ebuf.len = wsi->ws->rx_ubuf_head; + + if (wsi->ws->opcode == LWSWSOPC_PONG && !ebuf.len) + goto already_done; +#if !defined(LWS_WITHOUT_EXTENSIONS) +drain_extension: +#endif + // lwsl_notice("%s: passing %d to ext\n", __func__, ebuf.len); + + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || + lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) + goto already_done; +#if !defined(LWS_WITHOUT_EXTENSIONS) + lin = ebuf.len; + //if (lin) + // lwsl_hexdump_notice(ebuf.token, ebuf.len); + n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &ebuf, 0); + lwsl_debug("%s: ext says %d / ebuf.len %d\n", __func__, n, ebuf.len); + if (wsi->ws->rx_draining_ext) + already_processed &= ~ALREADY_PROCESSED_NO_CB; +#endif + /* + * ebuf may be pointing somewhere completely different now, + * it's the output + */ +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (n < 0) { + /* + * we may rely on this to get RX, just drop connection + */ + wsi->socket_is_permanently_unusable = 1; + return -1; + } +#endif + if ( +#if !defined(LWS_WITHOUT_EXTENSIONS) + rx_draining_ext && +#endif + ebuf.len == 0) + goto already_done; + + if ( +#if !defined(LWS_WITHOUT_EXTENSIONS) + n && +#endif + ebuf.len) + /* extension had more... main loop will come back */ + lws_add_wsi_to_draining_ext_list(wsi); + else + lws_remove_wsi_from_draining_ext_list(wsi); + + if (wsi->ws->check_utf8 && !wsi->ws->defeat_check_utf8) { + if (lws_check_utf8(&wsi->ws->utf8, + (unsigned char *)ebuf.token, + ebuf.len)) { + lws_close_reason(wsi, + LWS_CLOSE_STATUS_INVALID_PAYLOAD, + (uint8_t *)"bad utf8", 8); + goto utf8_fail; + } + + /* we are ending partway through utf-8 character? */ + if (!wsi->ws->rx_packet_length && wsi->ws->final && + wsi->ws->utf8 && !n) { + lwsl_info("FINAL utf8 error\n"); + lws_close_reason(wsi, + LWS_CLOSE_STATUS_INVALID_PAYLOAD, + (uint8_t *)"partial utf8", 12); +utf8_fail: + lwsl_notice("utf8 error\n"); + lwsl_hexdump_notice(ebuf.token, ebuf.len); + + return -1; + } + } + + if (!wsi->wsistate_pre_close && (ebuf.len >= 0 || + callback_action == LWS_CALLBACK_RECEIVE_PONG)) { + if (ebuf.len) + ebuf.token[ebuf.len] = '\0'; + + if (wsi->protocol->callback && + !(already_processed & ALREADY_PROCESSED_NO_CB)) { + if (callback_action == LWS_CALLBACK_RECEIVE_PONG) + lwsl_info("Doing pong callback\n"); + + ret = user_callback_handle_rxflow( + wsi->protocol->callback, + wsi, (enum lws_callback_reasons) + callback_action, + wsi->user_space, + ebuf.token, + ebuf.len); + } + wsi->ws->first_fragment = 0; + } + +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (!lin) + break; +#endif + +already_done: + wsi->ws->rx_ubuf_head = 0; + break; + } + + return ret; + +illegal_ctl_length: + + lwsl_warn("Control frame with xtended length is illegal\n"); + /* kill the connection */ + return -1; +} + + +LWS_VISIBLE size_t +lws_remaining_packet_payload(struct lws *wsi) +{ + return wsi->ws->rx_packet_length; +} + +LWS_VISIBLE int lws_frame_is_binary(struct lws *wsi) +{ + return wsi->ws->frame_is_binary; +} + +void +lws_add_wsi_to_draining_ext_list(struct lws *wsi) +{ +#if !defined(LWS_WITHOUT_EXTENSIONS) + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + if (wsi->ws->rx_draining_ext) + return; + + lwsl_debug("%s: RX EXT DRAINING: Adding to list\n", __func__); + + wsi->ws->rx_draining_ext = 1; + wsi->ws->rx_draining_ext_list = pt->ws.rx_draining_ext_list; + pt->ws.rx_draining_ext_list = wsi; +#endif +} + +void +lws_remove_wsi_from_draining_ext_list(struct lws *wsi) +{ +#if !defined(LWS_WITHOUT_EXTENSIONS) + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + struct lws **w = &pt->ws.rx_draining_ext_list; + + if (!wsi->ws->rx_draining_ext) + return; + + lwsl_debug("%s: RX EXT DRAINING: Removing from list\n", __func__); + + wsi->ws->rx_draining_ext = 0; + + /* remove us from context draining ext list */ + while (*w) { + if (*w == wsi) { + /* if us, point it instead to who we were pointing to */ + *w = wsi->ws->rx_draining_ext_list; + break; + } + w = &((*w)->ws->rx_draining_ext_list); + } + wsi->ws->rx_draining_ext_list = NULL; +#endif +} + +LWS_EXTERN void +lws_restart_ws_ping_pong_timer(struct lws *wsi) +{ + if (!wsi->context->ws_ping_pong_interval || + !lwsi_role_ws(wsi)) + return; + + wsi->ws->time_next_ping_check = (time_t)lws_now_secs(); +} + +static int +lws_0405_frame_mask_generate(struct lws *wsi) +{ + int n; + /* fetch the per-frame nonce */ + + n = lws_get_random(lws_get_context(wsi), wsi->ws->mask, 4); + if (n != 4) { + lwsl_parser("Unable to read from random device %s %d\n", + SYSTEM_RANDOM_FILEPATH, n); + return 1; + } + + /* start masking from first byte of masking key buffer */ + wsi->ws->mask_idx = 0; + + return 0; +} + +int +lws_server_init_wsi_for_ws(struct lws *wsi) +{ + int n; + + lwsi_set_state(wsi, LRS_ESTABLISHED); + lws_restart_ws_ping_pong_timer(wsi); + + /* + * create the frame buffer for this connection according to the + * size mentioned in the protocol definition. If 0 there, use + * a big default for compatibility + */ + + n = (int)wsi->protocol->rx_buffer_size; + if (!n) + n = wsi->context->pt_serv_buf_size; + n += LWS_PRE; + wsi->ws->rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */, "rx_ubuf"); + if (!wsi->ws->rx_ubuf) { + lwsl_err("Out of Mem allocating rx buffer %d\n", n); + return 1; + } + wsi->ws->rx_ubuf_alloc = n; + lwsl_debug("Allocating RX buffer %d\n", n); + +#if !defined(LWS_WITH_ESP32) + if (!wsi->parent_carries_io && + !wsi->h2_stream_carries_ws) + if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF, + (const char *)&n, sizeof n)) { + lwsl_warn("Failed to set SNDBUF to %d", n); + return 1; + } +#endif + + /* notify user code that we're ready to roll */ + + if (wsi->protocol->callback) + if (wsi->protocol->callback(wsi, LWS_CALLBACK_ESTABLISHED, + wsi->user_space, +#ifdef LWS_WITH_TLS + wsi->tls.ssl, +#else + NULL, +#endif + wsi->h2_stream_carries_ws)) + return 1; + + lwsl_debug("ws established\n"); + + return 0; +} + + + +LWS_VISIBLE int +lws_is_final_fragment(struct lws *wsi) +{ +#if !defined(LWS_WITHOUT_EXTENSIONS) + lwsl_debug("%s: final %d, rx pk length %ld, draining %ld\n", __func__, + wsi->ws->final, (long)wsi->ws->rx_packet_length, + (long)wsi->ws->rx_draining_ext); + return wsi->ws->final && !wsi->ws->rx_packet_length && + !wsi->ws->rx_draining_ext; +#else + return wsi->ws->final && !wsi->ws->rx_packet_length; +#endif +} + +LWS_VISIBLE int +lws_is_first_fragment(struct lws *wsi) +{ + return wsi->ws->first_fragment; +} + +LWS_VISIBLE unsigned char +lws_get_reserved_bits(struct lws *wsi) +{ + return wsi->ws->rsv; +} + +LWS_VISIBLE LWS_EXTERN int +lws_get_close_length(struct lws *wsi) +{ + return wsi->ws->close_in_ping_buffer_len; +} + +LWS_VISIBLE LWS_EXTERN unsigned char * +lws_get_close_payload(struct lws *wsi) +{ + return &wsi->ws->ping_payload_buf[LWS_PRE]; +} + +LWS_VISIBLE LWS_EXTERN void +lws_close_reason(struct lws *wsi, enum lws_close_status status, + unsigned char *buf, size_t len) +{ + unsigned char *p, *start; + int budget = sizeof(wsi->ws->ping_payload_buf) - LWS_PRE; + + assert(lwsi_role_ws(wsi)); + + start = p = &wsi->ws->ping_payload_buf[LWS_PRE]; + + *p++ = (((int)status) >> 8) & 0xff; + *p++ = ((int)status) & 0xff; + + if (buf) + while (len-- && p < start + budget) + *p++ = *buf++; + + wsi->ws->close_in_ping_buffer_len = lws_ptr_diff(p, start); +} + +static int +lws_is_ws_with_ext(struct lws *wsi) +{ +#if defined(LWS_WITHOUT_EXTENSIONS) + return 0; +#else + return lwsi_role_ws(wsi) && !!wsi->ws->count_act_ext; +#endif +} + +static int +rops_handle_POLLIN_ws(struct lws_context_per_thread *pt, struct lws *wsi, + struct lws_pollfd *pollfd) +{ + struct lws_tokens ebuf; + unsigned int pending = 0; + char buffered = 0; + int n = 0, m; +#if defined(LWS_WITH_HTTP2) + struct lws *wsi1; +#endif + + if (!wsi->ws) { + lwsl_err("ws role wsi with no ws\n"); + return 1; + } + + // lwsl_notice("%s: %s\n", __func__, wsi->protocol->name); + + //lwsl_info("%s: wsistate 0x%x, pollout %d\n", __func__, + // wsi->wsistate, pollfd->revents & LWS_POLLOUT); + + /* + * something went wrong with parsing the handshake, and + * we ended up back in the event loop without completing it + */ + if (lwsi_state(wsi) == LRS_PRE_WS_SERVING_ACCEPT) { + wsi->socket_is_permanently_unusable = 1; + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + + ebuf.token = NULL; + ebuf.len = 0; + + if (lwsi_state(wsi) == LRS_WAITING_CONNECT) { +#if !defined(LWS_NO_CLIENT) + if ((pollfd->revents & LWS_POLLOUT) && + lws_handle_POLLOUT_event(wsi, pollfd)) { + lwsl_debug("POLLOUT event closed it\n"); + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + + n = lws_client_socket_service(wsi, pollfd, NULL); + if (n) + return LWS_HPI_RET_WSI_ALREADY_DIED; +#endif + return LWS_HPI_RET_HANDLED; + } + + //lwsl_notice("%s: wsi->ws->tx_draining_ext %d revents 0x%x 0x%x %d\n", __func__, wsi->ws->tx_draining_ext, pollfd->revents, wsi->wsistate, lwsi_state_can_handle_POLLOUT(wsi)); + + /* 1: something requested a callback when it was OK to write */ + + if ((pollfd->revents & LWS_POLLOUT) && + lwsi_state_can_handle_POLLOUT(wsi) && + lws_handle_POLLOUT_event(wsi, pollfd)) { + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) + lwsi_set_state(wsi, LRS_FLUSHING_BEFORE_CLOSE); + + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || + lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE) { + /* + * we stopped caring about anything except control + * packets. Force flow control off, defeat tx + * draining. + */ + lws_rx_flow_control(wsi, 1); +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (wsi->ws) + wsi->ws->tx_draining_ext = 0; +#endif + } +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (wsi->ws->tx_draining_ext) + /* + * We cannot deal with new RX until the TX ext path has + * been drained. It's because new rx will, eg, crap on + * the wsi rx buf that may be needed to retain state. + * + * TX ext drain path MUST go through event loop to avoid + * blocking. + */ + return LWS_HPI_RET_HANDLED; +#endif + if (lws_is_flowcontrolled(wsi)) { + /* We cannot deal with any kind of new RX because we are + * RX-flowcontrolled. + */ + lwsl_info("flowcontrolled\n"); + return LWS_HPI_RET_HANDLED; + } + +#if defined(LWS_WITH_HTTP2) + if (wsi->http2_substream || wsi->upgraded_to_http2) { + wsi1 = lws_get_network_wsi(wsi); + if (wsi1 && wsi1->trunc_len) + /* We cannot deal with any kind of new RX + * because we are dealing with a partial send + * (new RX may trigger new http_action() that + * expect to be able to send) + */ + return LWS_HPI_RET_HANDLED; + } +#endif + +#if !defined(LWS_WITHOUT_EXTENSIONS) + /* 2: RX Extension needs to be drained + */ + + if (wsi->ws->rx_draining_ext) { + + lwsl_debug("%s: RX EXT DRAINING: Service\n", __func__); +#ifndef LWS_NO_CLIENT + if (lwsi_role_client(wsi)) { + n = lws_ws_client_rx_sm(wsi, 0); + if (n < 0) + /* we closed wsi */ + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } else +#endif + n = lws_ws_rx_sm(wsi, ALREADY_PROCESSED_IGNORE_CHAR, 0); + + return LWS_HPI_RET_HANDLED; + } + + if (wsi->ws->rx_draining_ext) + /* + * We have RX EXT content to drain, but can't do it + * right now. That means we cannot do anything lower + * priority either. + */ + return LWS_HPI_RET_HANDLED; +#endif + + /* 3: buflist needs to be drained + */ +read: + //lws_buflist_describe(&wsi->buflist, wsi); + ebuf.len = (int)lws_buflist_next_segment_len(&wsi->buflist, + (uint8_t **)&ebuf.token); + if (ebuf.len) { + lwsl_info("draining buflist (len %d)\n", ebuf.len); + buffered = 1; + goto drain; + } + + if (!(pollfd->revents & pollfd->events & LWS_POLLIN) && !wsi->http.ah) + return LWS_HPI_RET_HANDLED; + + if (lws_is_flowcontrolled(wsi)) { + lwsl_info("%s: %p should be rxflow (bm 0x%x)..\n", + __func__, wsi, wsi->rxflow_bitmap); + return LWS_HPI_RET_HANDLED; + } + + if (!(lwsi_role_client(wsi) && + (lwsi_state(wsi) != LRS_ESTABLISHED && + lwsi_state(wsi) != LRS_AWAITING_CLOSE_ACK && + lwsi_state(wsi) != LRS_H2_WAITING_TO_SEND_HEADERS))) { + /* + * In case we are going to react to this rx by scheduling + * writes, we need to restrict the amount of rx to the size + * the protocol reported for rx buffer. + * + * Otherwise we get a situation we have to absorb possibly a + * lot of reads before we get a chance to drain them by writing + * them, eg, with echo type tests in autobahn. + */ + + buffered = 0; + ebuf.token = (char *)pt->serv_buf; + if (lwsi_role_ws(wsi)) + ebuf.len = wsi->ws->rx_ubuf_alloc; + else + ebuf.len = wsi->context->pt_serv_buf_size; + + if ((unsigned int)ebuf.len > wsi->context->pt_serv_buf_size) + ebuf.len = wsi->context->pt_serv_buf_size; + + if ((int)pending > ebuf.len) + pending = ebuf.len; + + ebuf.len = lws_ssl_capable_read(wsi, (uint8_t *)ebuf.token, + pending ? (int)pending : + ebuf.len); + switch (ebuf.len) { + case 0: + lwsl_info("%s: zero length read\n", + __func__); + return LWS_HPI_RET_PLEASE_CLOSE_ME; + case LWS_SSL_CAPABLE_MORE_SERVICE: + lwsl_info("SSL Capable more service\n"); + return LWS_HPI_RET_HANDLED; + case LWS_SSL_CAPABLE_ERROR: + lwsl_info("%s: LWS_SSL_CAPABLE_ERROR\n", + __func__); + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + // lwsl_notice("Actual RX %d\n", ebuf.len); + + lws_restart_ws_ping_pong_timer(wsi); + + /* + * coverity thinks ssl_capable_read() may read over + * 2GB. Dissuade it... + */ + ebuf.len &= 0x7fffffff; + } + +drain: + + /* + * give any active extensions a chance to munge the buffer + * before parse. We pass in a pointer to an lws_tokens struct + * prepared with the default buffer and content length that's in + * there. Rather than rewrite the default buffer, extensions + * that expect to grow the buffer can adapt .token to + * point to their own per-connection buffer in the extension + * user allocation. By default with no extensions or no + * extension callback handling, just the normal input buffer is + * used then so it is efficient. + */ + m = 0; + do { + + /* service incoming data */ + //lws_buflist_describe(&wsi->buflist, wsi); + if (ebuf.len) { +#if defined(LWS_ROLE_H2) + if (lwsi_role_h2(wsi) && lwsi_state(wsi) != LRS_BODY) + n = lws_read_h2(wsi, (unsigned char *)ebuf.token, + ebuf.len); + else +#endif + n = lws_read_h1(wsi, (unsigned char *)ebuf.token, + ebuf.len); + + if (n < 0) { + /* we closed wsi */ + n = 0; + return LWS_HPI_RET_WSI_ALREADY_DIED; + } + //lws_buflist_describe(&wsi->buflist, wsi); + //lwsl_notice("%s: consuming %d / %d\n", __func__, n, ebuf.len); + if (lws_buflist_aware_consume(wsi, &ebuf, n, buffered)) + return LWS_HPI_RET_PLEASE_CLOSE_ME; + } + + ebuf.token = NULL; + ebuf.len = 0; + } while (m); + + if (wsi->http.ah +#if !defined(LWS_NO_CLIENT) + && !wsi->client_h2_alpn +#endif + ) { + lwsl_info("%s: %p: detaching ah\n", __func__, wsi); + lws_header_table_detach(wsi, 0); + } + + pending = lws_ssl_pending(wsi); + if (pending) { + if (lws_is_ws_with_ext(wsi)) + pending = pending > wsi->ws->rx_ubuf_alloc ? + wsi->ws->rx_ubuf_alloc : pending; + else + pending = pending > wsi->context->pt_serv_buf_size ? + wsi->context->pt_serv_buf_size : pending; + goto read; + } + + if (buffered && /* were draining, now nothing left */ + !lws_buflist_next_segment_len(&wsi->buflist, NULL)) { + lwsl_info("%s: %p flow buf: drained\n", __func__, wsi); + /* having drained the rxflow buffer, can rearm POLLIN */ +#ifdef LWS_NO_SERVER + n = +#endif + __lws_rx_flow_control(wsi); + /* n ignored, needed for NO_SERVER case */ + } + + /* n = 0 */ + return LWS_HPI_RET_HANDLED; +} + + +int rops_handle_POLLOUT_ws(struct lws *wsi) +{ + int write_type = LWS_WRITE_PONG; +#if !defined(LWS_WITHOUT_EXTENSIONS) + struct lws_tokens ebuf; + int ret, m; +#endif + int n; + +#if !defined(LWS_WITHOUT_EXTENSIONS) + lwsl_debug("%s: %s: wsi->ws->tx_draining_ext %d\n", __func__, + wsi->protocol->name, wsi->ws->tx_draining_ext); +#endif + + /* Priority 3: pending control packets (pong or close) + * + * 3a: close notification packet requested from close api + */ + + if (lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE) { + lwsl_debug("sending close packet\n"); + lwsl_hexdump_debug(&wsi->ws->ping_payload_buf[LWS_PRE], + wsi->ws->close_in_ping_buffer_len); + wsi->waiting_to_send_close_frame = 0; + n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], + wsi->ws->close_in_ping_buffer_len, + LWS_WRITE_CLOSE); + if (n >= 0) { + if (wsi->close_needs_ack) { + lwsi_set_state(wsi, LRS_AWAITING_CLOSE_ACK); + lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_ACK, 5); + lwsl_debug("sent close indication, awaiting ack\n"); + + return LWS_HP_RET_BAIL_OK; + } + wsi->close_needs_ack = 0; + lwsi_set_state(wsi, LRS_RETURNED_CLOSE); + } + + return LWS_HP_RET_BAIL_DIE; + } + + /* else, the send failed and we should just hang up */ + + if ((lwsi_role_ws(wsi) && wsi->ws->ping_pending_flag) || + (lwsi_state(wsi) == LRS_RETURNED_CLOSE && + wsi->ws->payload_is_close)) { + + if (wsi->ws->payload_is_close) + write_type = LWS_WRITE_CLOSE; + else { + if (wsi->wsistate_pre_close) { + /* we started close flow, forget pong */ + wsi->ws->ping_pending_flag = 0; + return LWS_HP_RET_BAIL_OK; + } + lwsl_info("issuing pong %d on wsi %p\n", wsi->ws->ping_payload_len, wsi); + } + + n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], + wsi->ws->ping_payload_len, write_type); + if (n < 0) + return LWS_HP_RET_BAIL_DIE; + + /* well he is sent, mark him done */ + wsi->ws->ping_pending_flag = 0; + if (wsi->ws->payload_is_close) { + // assert(0); + /* oh... a close frame was it... then we are done */ + return LWS_HP_RET_BAIL_DIE; + } + + /* otherwise for PING, leave POLLOUT active either way */ + return LWS_HP_RET_BAIL_OK; + } + + if (!wsi->socket_is_permanently_unusable && wsi->ws->send_check_ping) { + + lwsl_info("issuing ping on wsi %p\n", wsi); + wsi->ws->send_check_ping = 0; + n = lws_write(wsi, &wsi->ws->ping_payload_buf[LWS_PRE], + 0, LWS_WRITE_PING); + if (n < 0) + return LWS_HP_RET_BAIL_DIE; + + /* + * we apparently were able to send the PING in a reasonable time + * now reset the clock on our peer to be able to send the + * PONG in a reasonable time. + */ + + lws_set_timeout(wsi, PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG, + wsi->context->timeout_secs); + + return LWS_HP_RET_BAIL_OK; + } + + /* Priority 4: if we are closing, not allowed to send more data frags + * which means user callback or tx ext flush banned now + */ + if (lwsi_state(wsi) == LRS_RETURNED_CLOSE) + return LWS_HP_RET_USER_SERVICE; + +#if !defined(LWS_WITHOUT_EXTENSIONS) + /* Priority 5: Tx path extension with more to send + * + * These are handled as new fragments each time around + * So while we must block new writeable callback to enforce + * payload ordering, but since they are always complete + * fragments control packets can interleave OK. + */ + if (wsi->ws->tx_draining_ext) { + lwsl_ext("SERVICING TX EXT DRAINING\n"); + if (lws_write(wsi, NULL, 0, LWS_WRITE_CONTINUATION) < 0) + return LWS_HP_RET_BAIL_DIE; + /* leave POLLOUT active */ + return LWS_HP_RET_BAIL_OK; + } + + /* Priority 6: extensions + */ + if (!wsi->ws->extension_data_pending && !wsi->ws->tx_draining_ext) { + lwsl_ext("%s: !wsi->ws->extension_data_pending\n", __func__); + return LWS_HP_RET_USER_SERVICE; + } + + /* + * check in on the active extensions, see if they + * had pending stuff to spill... they need to get the + * first look-in otherwise sequence will be disordered + * + * NULL, zero-length ebuf means just spill pending + */ + + ret = 1; + if (wsi->role_ops == &role_ops_raw_skt || + wsi->role_ops == &role_ops_raw_file) + ret = 0; + + while (ret == 1) { + + /* default to nobody has more to spill */ + + ret = 0; + ebuf.token = NULL; + ebuf.len = 0; + + /* give every extension a chance to spill */ + + m = lws_ext_cb_active(wsi, LWS_EXT_CB_PACKET_TX_PRESEND, + &ebuf, 0); + if (m < 0) { + lwsl_err("ext reports fatal error\n"); + return LWS_HP_RET_BAIL_DIE; + } + if (m) + /* + * at least one extension told us he has more + * to spill, so we will go around again after + */ + ret = 1; + + /* assuming they gave us something to send, send it */ + + if (ebuf.len) { + n = lws_issue_raw(wsi, (unsigned char *)ebuf.token, + ebuf.len); + if (n < 0) { + lwsl_info("closing from POLLOUT spill\n"); + return LWS_HP_RET_BAIL_DIE; + } + /* + * Keep amount spilled small to minimize chance of this + */ + if (n != ebuf.len) { + lwsl_err("Unable to spill ext %d vs %d\n", + ebuf.len, n); + return LWS_HP_RET_BAIL_DIE; + } + } else + continue; + + /* no extension has more to spill */ + + if (!ret) + continue; + + /* + * There's more to spill from an extension, but we just sent + * something... did that leave the pipe choked? + */ + + if (!lws_send_pipe_choked(wsi)) + /* no we could add more */ + continue; + + lwsl_info("choked in POLLOUT service\n"); + + /* + * Yes, he's choked. Leave the POLLOUT masked on so we will + * come back here when he is unchoked. Don't call the user + * callback to enforce ordering of spilling, he'll get called + * when we come back here and there's nothing more to spill. + */ + + return LWS_HP_RET_BAIL_OK; + } + + wsi->ws->extension_data_pending = 0; +#endif + + return LWS_HP_RET_USER_SERVICE; +} + +static int +rops_periodic_checks_ws(struct lws_context *context, int tsi, time_t now) +{ + struct lws_vhost *vh; + + if (!context->ws_ping_pong_interval || + context->last_ws_ping_pong_check_s >= now + 10) + return 0; + + vh = context->vhost_list; + context->last_ws_ping_pong_check_s = now; + + while (vh) { + int n; + + lws_vhost_lock(vh); + + for (n = 0; n < vh->count_protocols; n++) { + struct lws *wsi = vh->same_vh_protocol_list[n]; + + while (wsi) { + if (lwsi_role_ws(wsi) && + !wsi->socket_is_permanently_unusable && + !wsi->ws->send_check_ping && + wsi->ws->time_next_ping_check && + lws_compare_time_t(context, now, + wsi->ws->time_next_ping_check) > + context->ws_ping_pong_interval) { + + lwsl_info("req pp on wsi %p\n", wsi); + wsi->ws->send_check_ping = 1; + lws_set_timeout(wsi, + PENDING_TIMEOUT_WS_PONG_CHECK_SEND_PING, + context->timeout_secs); + lws_callback_on_writable(wsi); + wsi->ws->time_next_ping_check = now; + } + wsi = wsi->same_vh_protocol_next; + } + } + + lws_vhost_unlock(vh); + vh = vh->vhost_next; + } + + return 0; +} + +static int +rops_service_flag_pending_ws(struct lws_context *context, int tsi) +{ +#if !defined(LWS_WITHOUT_EXTENSIONS) + struct lws_context_per_thread *pt = &context->pt[tsi]; + struct lws *wsi; + int forced = 0; + + /* POLLIN faking (the pt lock is taken by the parent) */ + + /* + * 1) For all guys with already-available ext data to drain, if they are + * not flowcontrolled, fake their POLLIN status + */ + wsi = pt->ws.rx_draining_ext_list; + while (wsi && wsi->position_in_fds_table != LWS_NO_FDS_POS) { + pt->fds[wsi->position_in_fds_table].revents |= + pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN; + if (pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN) + forced = 1; + + wsi = wsi->ws->rx_draining_ext_list; + } + + return forced; +#else + return 0; +#endif +} + +static int +rops_close_via_role_protocol_ws(struct lws *wsi, enum lws_close_status reason) +{ + if (!wsi->ws) + return 0; + + if (!wsi->ws->close_in_ping_buffer_len && /* already a reason */ + (reason == LWS_CLOSE_STATUS_NOSTATUS || + reason == LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY)) + return 0; + + lwsl_debug("%s: sending close indication...\n", __func__); + + /* if no prepared close reason, use 1000 and no aux data */ + + if (!wsi->ws->close_in_ping_buffer_len) { + wsi->ws->close_in_ping_buffer_len = 2; + wsi->ws->ping_payload_buf[LWS_PRE] = (reason >> 8) & 0xff; + wsi->ws->ping_payload_buf[LWS_PRE + 1] = reason & 0xff; + } + + wsi->waiting_to_send_close_frame = 1; + wsi->close_needs_ack = 1; + lwsi_set_state(wsi, LRS_WAITING_TO_SEND_CLOSE); + __lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_SEND, 5); + + lws_callback_on_writable(wsi); + + return 1; +} + +static int +rops_close_role_ws(struct lws_context_per_thread *pt, struct lws *wsi) +{ +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (wsi->ws->rx_draining_ext) { + struct lws **w = &pt->ws.rx_draining_ext_list; + + wsi->ws->rx_draining_ext = 0; + /* remove us from context draining ext list */ + while (*w) { + if (*w == wsi) { + *w = wsi->ws->rx_draining_ext_list; + break; + } + w = &((*w)->ws->rx_draining_ext_list); + } + wsi->ws->rx_draining_ext_list = NULL; + } + + if (wsi->ws->tx_draining_ext) { + struct lws **w = &pt->ws.tx_draining_ext_list; + lwsl_ext("%s: CLEARING tx_draining_ext\n", __func__); + wsi->ws->tx_draining_ext = 0; + /* remove us from context draining ext list */ + while (*w) { + if (*w == wsi) { + *w = wsi->ws->tx_draining_ext_list; + break; + } + w = &((*w)->ws->tx_draining_ext_list); + } + wsi->ws->tx_draining_ext_list = NULL; + } +#endif + lws_free_set_NULL(wsi->ws->rx_ubuf); + + if (wsi->trunc_alloc) + /* not going to be completed... nuke it */ + lws_free_set_NULL(wsi->trunc_alloc); + + wsi->ws->ping_payload_len = 0; + wsi->ws->ping_pending_flag = 0; + + /* deallocate any active extension contexts */ + + if (lws_ext_cb_active(wsi, LWS_EXT_CB_DESTROY, NULL, 0) < 0) + lwsl_warn("extension destruction failed\n"); + + return 0; +} + +static int +rops_write_role_protocol_ws(struct lws *wsi, unsigned char *buf, size_t len, + enum lws_write_protocol *wp) +{ +#if !defined(LWS_WITHOUT_EXTENSIONS) + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + enum lws_write_protocol wpt; +#endif + int masked7 = lwsi_role_client(wsi); + unsigned char is_masked_bit = 0; + unsigned char *dropmask = NULL; + struct lws_tokens ebuf; + size_t orig_len = len; + int pre = 0, n = 0; + + // lwsl_err("%s: wp 0x%x len %d\n", __func__, *wp, (int)len); +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (wsi->ws->tx_draining_ext) { + /* remove us from the list */ + struct lws **w = &pt->ws.tx_draining_ext_list; + + lwsl_ext("%s: CLEARING tx_draining_ext\n", __func__); + wsi->ws->tx_draining_ext = 0; + /* remove us from context draining ext list */ + while (*w) { + if (*w == wsi) { + *w = wsi->ws->tx_draining_ext_list; + break; + } + w = &((*w)->ws->tx_draining_ext_list); + } + wsi->ws->tx_draining_ext_list = NULL; + + wpt = *wp; + *wp = (wsi->ws->tx_draining_stashed_wp & 0xc0)| + LWS_WRITE_CONTINUATION; + + /* + * When we are just flushing (len == 0), we can trust the + * stashed wp info completely. Otherwise adjust it to the + * FIN status of the incoming packet. + */ + + if (!(wpt & LWS_WRITE_NO_FIN) && len) + *wp &= ~LWS_WRITE_NO_FIN; + + lwsl_ext("FORCED draining wp to 0x%02X (stashed 0x%02X, incoming 0x%02X)\n", *wp, + wsi->ws->tx_draining_stashed_wp, wpt); + // assert(0); + } +#endif + lws_restart_ws_ping_pong_timer(wsi); + + if (((*wp) & 0x1f) == LWS_WRITE_HTTP || + ((*wp) & 0x1f) == LWS_WRITE_HTTP_FINAL || + ((*wp) & 0x1f) == LWS_WRITE_HTTP_HEADERS_CONTINUATION || + ((*wp) & 0x1f) == LWS_WRITE_HTTP_HEADERS) + goto send_raw; + + + + /* if we are continuing a frame that already had its header done */ + + if (wsi->ws->inside_frame) { + lwsl_debug("INSIDE FRAME\n"); + goto do_more_inside_frame; + } + + wsi->ws->clean_buffer = 1; + + /* + * give a chance to the extensions to modify payload + * the extension may decide to produce unlimited payload erratically + * (eg, compression extension), so we require only that if he produces + * something, it will be a complete fragment of the length known at + * the time (just the fragment length known), and if he has + * more we will come back next time he is writeable and allow him to + * produce more fragments until he's drained. + * + * This allows what is sent each time it is writeable to be limited to + * a size that can be sent without partial sends or blocking, allows + * interleaving of control frames and other connection service. + */ + ebuf.token = (char *)buf; + ebuf.len = (int)len; + + switch ((int)*wp) { + case LWS_WRITE_PING: + case LWS_WRITE_PONG: + case LWS_WRITE_CLOSE: + break; + default: +#if !defined(LWS_WITHOUT_EXTENSIONS) + // lwsl_notice("LWS_EXT_CB_PAYLOAD_TX\n"); + // m = (int)ebuf.len; + /* returns 0 if no more tx pending, 1 if more pending */ + n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_TX, &ebuf, *wp); + if (n < 0) + return -1; + // lwsl_notice("ext processed %d plaintext into %d compressed (wp 0x%x)\n", m, (int)ebuf.len, *wp); + + if (n && ebuf.len) { + lwsl_ext("write drain len %d (wp 0x%x) SETTING tx_draining_ext\n", (int)ebuf.len, *wp); + /* extension requires further draining */ + wsi->ws->tx_draining_ext = 1; + wsi->ws->tx_draining_ext_list = pt->ws.tx_draining_ext_list; + pt->ws.tx_draining_ext_list = wsi; + /* we must come back to do more */ + lws_callback_on_writable(wsi); + /* + * keep a copy of the write type for the overall + * action that has provoked generation of these + * fragments, so the last guy can use its FIN state. + */ + wsi->ws->tx_draining_stashed_wp = *wp; + /* this is definitely not actually the last fragment + * because the extension asserted he has more coming + * So make sure this intermediate one doesn't go out + * with a FIN. + */ + *wp |= LWS_WRITE_NO_FIN; + } +#endif + if (ebuf.len && wsi->ws->stashed_write_pending) { + wsi->ws->stashed_write_pending = 0; + *wp = ((*wp) & 0xc0) | (int)wsi->ws->stashed_write_type; + } + } + + /* + * an extension did something we need to keep... for example, if + * compression extension, it has already updated its state according + * to this being issued + */ + if ((char *)buf != ebuf.token) { + /* + * ext might eat it, but not have anything to issue yet. + * In that case we have to follow his lead, but stash and + * replace the write type that was lost here the first time. + */ + if (len && !ebuf.len) { + if (!wsi->ws->stashed_write_pending) + wsi->ws->stashed_write_type = (char)(*wp) & 0x3f; + wsi->ws->stashed_write_pending = 1; + return (int)len; + } + /* + * extension recreated it: + * need to buffer this if not all sent + */ + wsi->ws->clean_buffer = 0; + } + + buf = (unsigned char *)ebuf.token; + len = ebuf.len; + + if (!buf) { + lwsl_err("null buf (%d)\n", (int)len); + return -1; + } + + switch (wsi->ws->ietf_spec_revision) { + case 13: + if (masked7) { + pre += 4; + dropmask = &buf[0 - pre]; + is_masked_bit = 0x80; + } + + switch ((*wp) & 0xf) { + case LWS_WRITE_TEXT: + n = LWSWSOPC_TEXT_FRAME; + break; + case LWS_WRITE_BINARY: + n = LWSWSOPC_BINARY_FRAME; + break; + case LWS_WRITE_CONTINUATION: + n = LWSWSOPC_CONTINUATION; + break; + + case LWS_WRITE_CLOSE: + n = LWSWSOPC_CLOSE; + break; + case LWS_WRITE_PING: + n = LWSWSOPC_PING; + break; + case LWS_WRITE_PONG: + n = LWSWSOPC_PONG; + break; + default: + lwsl_warn("lws_write: unknown write opc / wp\n"); + return -1; + } + + if (!((*wp) & LWS_WRITE_NO_FIN)) + n |= 1 << 7; + + if (len < 126) { + pre += 2; + buf[-pre] = n; + buf[-pre + 1] = (unsigned char)(len | is_masked_bit); + } else { + if (len < 65536) { + pre += 4; + buf[-pre] = n; + buf[-pre + 1] = 126 | is_masked_bit; + buf[-pre + 2] = (unsigned char)(len >> 8); + buf[-pre + 3] = (unsigned char)len; + } else { + pre += 10; + buf[-pre] = n; + buf[-pre + 1] = 127 | is_masked_bit; +#if defined __LP64__ + buf[-pre + 2] = (len >> 56) & 0x7f; + buf[-pre + 3] = len >> 48; + buf[-pre + 4] = len >> 40; + buf[-pre + 5] = len >> 32; +#else + buf[-pre + 2] = 0; + buf[-pre + 3] = 0; + buf[-pre + 4] = 0; + buf[-pre + 5] = 0; +#endif + buf[-pre + 6] = (unsigned char)(len >> 24); + buf[-pre + 7] = (unsigned char)(len >> 16); + buf[-pre + 8] = (unsigned char)(len >> 8); + buf[-pre + 9] = (unsigned char)len; + } + } + break; + } + +do_more_inside_frame: + + /* + * Deal with masking if we are in client -> server direction and + * the wp demands it + */ + + if (masked7) { + if (!wsi->ws->inside_frame) + if (lws_0405_frame_mask_generate(wsi)) { + lwsl_err("frame mask generation failed\n"); + return -1; + } + + /* + * in v7, just mask the payload + */ + if (dropmask) { /* never set if already inside frame */ + for (n = 4; n < (int)len + 4; n++) + dropmask[n] = dropmask[n] ^ wsi->ws->mask[ + (wsi->ws->mask_idx++) & 3]; + + /* copy the frame nonce into place */ + memcpy(dropmask, wsi->ws->mask, 4); + } + } + + if (lwsi_role_h2_ENCAPSULATION(wsi)) { + struct lws *encap = lws_get_network_wsi(wsi); + + assert(encap != wsi); + return encap->role_ops->write_role_protocol(wsi, buf - pre, + len + pre, wp); + } + + switch ((*wp) & 0x1f) { + case LWS_WRITE_TEXT: + case LWS_WRITE_BINARY: + case LWS_WRITE_CONTINUATION: + if (!wsi->h2_stream_carries_ws) { + + /* + * give any active extensions a chance to munge the + * buffer before send. We pass in a pointer to an + * lws_tokens struct prepared with the default buffer + * and content length that's in there. Rather than + * rewrite the default buffer, extensions that expect + * to grow the buffer can adapt .token to point to their + * own per-connection buffer in the extension user + * allocation. By default with no extensions or no + * extension callback handling, just the normal input + * buffer is used then so it is efficient. + * + * callback returns 1 in case it wants to spill more + * buffers + * + * This takes care of holding the buffer if send is + * incomplete, ie, if wsi->ws->clean_buffer is 0 + * (meaning an extension meddled with the buffer). If + * wsi->ws->clean_buffer is 1, it will instead return + * to the user code how much OF THE USER BUFFER was + * consumed. + */ + + n = lws_issue_raw_ext_access(wsi, buf - pre, len + pre); + wsi->ws->inside_frame = 1; + if (n <= 0) + return n; + + if (n == (int)len + pre) { + /* everything in the buffer was handled + * (or rebuffered...) */ + wsi->ws->inside_frame = 0; + return (int)orig_len; + } + + /* + * it is how many bytes of user buffer got sent... may + * be < orig_len in which case callback when writable + * has already been arranged and user code can call + * lws_write() again with the rest later. + */ + + return n - pre; + } + break; + default: + break; + } + +send_raw: + return lws_issue_raw(wsi, (unsigned char *)buf - pre, len + pre); +} + +static int +rops_close_kill_connection_ws(struct lws *wsi, enum lws_close_status reason) +{ + /* deal with ws encapsulation in h2 */ +#if defined(LWS_WITH_HTTP2) + if (wsi->http2_substream && wsi->h2_stream_carries_ws) + return role_ops_h2.close_kill_connection(wsi, reason); + + return 0; +#else + return 0; +#endif +} + +static int +rops_callback_on_writable_ws(struct lws *wsi) +{ +#if defined(LWS_WITH_HTTP2) + if (lwsi_role_h2_ENCAPSULATION(wsi)) { + /* we know then that it has an h2 parent */ + struct lws *enc = role_ops_h2.encapsulation_parent(wsi); + + assert(enc); + if (enc->role_ops->callback_on_writable(wsi)) + return 1; + } +#endif + return 0; +} + +static int +rops_init_vhost_ws(struct lws_vhost *vh, + const struct lws_context_creation_info *info) +{ +#if !defined(LWS_WITHOUT_EXTENSIONS) +#ifdef LWS_WITH_PLUGINS + struct lws_plugin *plugin = vh->context->plugin_list; + int m; + + if (vh->context->plugin_extension_count) { + + m = 0; + while (info->extensions && info->extensions[m].callback) + m++; + + /* + * give the vhost a unified list of extensions including the + * ones that came from plugins + */ + vh->ws.extensions = lws_zalloc(sizeof(struct lws_extension) * + (m + vh->context->plugin_extension_count + 1), + "extensions"); + if (!vh->ws.extensions) + return 1; + + memcpy((struct lws_extension *)vh->ws.extensions, info->extensions, + sizeof(struct lws_extension) * m); + plugin = vh->context->plugin_list; + while (plugin) { + memcpy((struct lws_extension *)&vh->ws.extensions[m], + plugin->caps.extensions, + sizeof(struct lws_extension) * + plugin->caps.count_extensions); + m += plugin->caps.count_extensions; + plugin = plugin->list; + } + } else +#endif + vh->ws.extensions = info->extensions; +#endif + + return 0; +} + +static int +rops_destroy_vhost_ws(struct lws_vhost *vh) +{ +#ifdef LWS_WITH_PLUGINS +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (vh->context->plugin_extension_count) + lws_free((void *)vh->ws.extensions); +#endif +#endif + + return 0; +} + +static int +rops_destroy_role_ws(struct lws *wsi) +{ + lws_free_set_NULL(wsi->ws); + + return 0; +} + +struct lws_role_ops role_ops_ws = { + /* role name */ "ws", + /* alpn id */ NULL, + /* check_upgrades */ NULL, + /* init_context */ NULL, + /* init_vhost */ rops_init_vhost_ws, + /* destroy_vhost */ rops_destroy_vhost_ws, + /* periodic_checks */ rops_periodic_checks_ws, + /* service_flag_pending */ rops_service_flag_pending_ws, + /* handle_POLLIN */ rops_handle_POLLIN_ws, + /* handle_POLLOUT */ rops_handle_POLLOUT_ws, + /* perform_user_POLLOUT */ NULL, + /* callback_on_writable */ rops_callback_on_writable_ws, + /* tx_credit */ NULL, + /* write_role_protocol */ rops_write_role_protocol_ws, + /* encapsulation_parent */ NULL, + /* alpn_negotiated */ NULL, + /* close_via_role_protocol */ rops_close_via_role_protocol_ws, + /* close_role */ rops_close_role_ws, + /* close_kill_connection */ rops_close_kill_connection_ws, + /* destroy_role */ rops_destroy_role_ws, + /* writeable cb clnt, srv */ { LWS_CALLBACK_CLIENT_WRITEABLE, + LWS_CALLBACK_SERVER_WRITEABLE }, + /* close cb clnt, srv */ { LWS_CALLBACK_CLIENT_CLOSED, + LWS_CALLBACK_CLOSED }, + /* file handles */ 0 +}; diff --git a/thirdparty/libwebsockets/roles/ws/private.h b/thirdparty/libwebsockets/roles/ws/private.h new file mode 100644 index 0000000000..71ffcaea96 --- /dev/null +++ b/thirdparty/libwebsockets/roles/ws/private.h @@ -0,0 +1,164 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * This is included from core/private.h if LWS_ROLE_WS + */ + +extern struct lws_role_ops role_ops_ws; + +#define lwsi_role_ws(wsi) (wsi->role_ops == &role_ops_ws) + +enum lws_rx_parse_state { + LWS_RXPS_NEW, + + LWS_RXPS_04_mask_1, + LWS_RXPS_04_mask_2, + LWS_RXPS_04_mask_3, + + LWS_RXPS_04_FRAME_HDR_1, + LWS_RXPS_04_FRAME_HDR_LEN, + LWS_RXPS_04_FRAME_HDR_LEN16_2, + LWS_RXPS_04_FRAME_HDR_LEN16_1, + LWS_RXPS_04_FRAME_HDR_LEN64_8, + LWS_RXPS_04_FRAME_HDR_LEN64_7, + LWS_RXPS_04_FRAME_HDR_LEN64_6, + LWS_RXPS_04_FRAME_HDR_LEN64_5, + LWS_RXPS_04_FRAME_HDR_LEN64_4, + LWS_RXPS_04_FRAME_HDR_LEN64_3, + LWS_RXPS_04_FRAME_HDR_LEN64_2, + LWS_RXPS_04_FRAME_HDR_LEN64_1, + + LWS_RXPS_07_COLLECT_FRAME_KEY_1, + LWS_RXPS_07_COLLECT_FRAME_KEY_2, + LWS_RXPS_07_COLLECT_FRAME_KEY_3, + LWS_RXPS_07_COLLECT_FRAME_KEY_4, + + LWS_RXPS_WS_FRAME_PAYLOAD +}; + +enum lws_websocket_opcodes_07 { + LWSWSOPC_CONTINUATION = 0, + LWSWSOPC_TEXT_FRAME = 1, + LWSWSOPC_BINARY_FRAME = 2, + + LWSWSOPC_NOSPEC__MUX = 7, + + /* control extensions 8+ */ + + LWSWSOPC_CLOSE = 8, + LWSWSOPC_PING = 9, + LWSWSOPC_PONG = 0xa, +}; + +/* this is not usable directly by user code any more, lws_close_reason() */ +#define LWS_WRITE_CLOSE 4 + +#define ALREADY_PROCESSED_IGNORE_CHAR 1 +#define ALREADY_PROCESSED_NO_CB 2 + +#if !defined(LWS_WITHOUT_EXTENSIONS) +struct lws_vhost_role_ws { + const struct lws_extension *extensions; +}; + +struct lws_pt_role_ws { + struct lws *rx_draining_ext_list; + struct lws *tx_draining_ext_list; +}; +#endif + +struct _lws_websocket_related { + char *rx_ubuf; +#if !defined(LWS_WITHOUT_EXTENSIONS) + const struct lws_extension *active_extensions[LWS_MAX_EXTENSIONS_ACTIVE]; + void *act_ext_user[LWS_MAX_EXTENSIONS_ACTIVE]; + struct lws *rx_draining_ext_list; + struct lws *tx_draining_ext_list; +#endif + /* Also used for close content... control opcode == < 128 */ + uint8_t ping_payload_buf[128 - 3 + LWS_PRE]; + uint8_t mask[4]; + + time_t time_next_ping_check; + size_t rx_packet_length; + uint32_t rx_ubuf_head; + uint32_t rx_ubuf_alloc; + + uint8_t ping_payload_len; + uint8_t mask_idx; + uint8_t opcode; + uint8_t rsv; + uint8_t rsv_first_msg; + /* zero if no info, or length including 2-byte close code */ + uint8_t close_in_ping_buffer_len; + uint8_t utf8; + uint8_t stashed_write_type; + uint8_t tx_draining_stashed_wp; + uint8_t ietf_spec_revision; + + unsigned int final:1; + unsigned int frame_is_binary:1; + unsigned int all_zero_nonce:1; + unsigned int this_frame_masked:1; + unsigned int inside_frame:1; /* next write will be more of frame */ + unsigned int clean_buffer:1; /* buffer not rewritten by extension */ + unsigned int payload_is_close:1; /* process as PONG, but it is close */ + unsigned int ping_pending_flag:1; + unsigned int continuation_possible:1; + unsigned int owed_a_fin:1; + unsigned int check_utf8:1; + unsigned int defeat_check_utf8:1; + unsigned int stashed_write_pending:1; + unsigned int send_check_ping:1; + unsigned int first_fragment:1; + unsigned int peer_has_sent_close:1; +#if !defined(LWS_WITHOUT_EXTENSIONS) + unsigned int extension_data_pending:1; + unsigned int rx_draining_ext:1; + unsigned int tx_draining_ext:1; + + uint8_t count_act_ext; +#endif +}; + +int +lws_ws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len); + +#if !defined(LWS_WITHOUT_EXTENSIONS) +LWS_VISIBLE void +lws_context_init_extensions(const struct lws_context_creation_info *info, + struct lws_context *context); +LWS_EXTERN int +lws_any_extension_handled(struct lws *wsi, enum lws_extension_callback_reasons r, + void *v, size_t len); + +LWS_EXTERN int +lws_ext_cb_active(struct lws *wsi, int reason, void *buf, int len); +LWS_EXTERN int +lws_ext_cb_all_exts(struct lws_context *context, struct lws *wsi, int reason, + void *arg, int len); +#endif + +int +handshake_0405(struct lws_context *context, struct lws *wsi); +int +lws_process_ws_upgrade(struct lws *wsi); +int +lws_server_init_wsi_for_ws(struct lws *wsi); diff --git a/thirdparty/libwebsockets/roles/ws/server-ws.c b/thirdparty/libwebsockets/roles/ws/server-ws.c new file mode 100644 index 0000000000..62bcd8524f --- /dev/null +++ b/thirdparty/libwebsockets/roles/ws/server-ws.c @@ -0,0 +1,836 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include + +#define LWS_CPYAPP(ptr, str) { strcpy(ptr, str); ptr += strlen(str); } + +#if !defined(LWS_WITHOUT_EXTENSIONS) +static int +lws_extension_server_handshake(struct lws *wsi, char **p, int budget) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + char ext_name[64], *args, *end = (*p) + budget - 1; + const struct lws_ext_options *opts, *po; + const struct lws_extension *ext; + struct lws_ext_option_arg oa; + int n, m, more = 1; + int ext_count = 0; + char ignore; + char *c; + + /* + * Figure out which extensions the client has that we want to + * enable on this connection, and give him back the list + */ + if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS)) + return 0; + + /* + * break down the list of client extensions + * and go through them + */ + + if (lws_hdr_copy(wsi, (char *)pt->serv_buf, context->pt_serv_buf_size, + WSI_TOKEN_EXTENSIONS) < 0) + return 1; + + c = (char *)pt->serv_buf; + lwsl_parser("WSI_TOKEN_EXTENSIONS = '%s'\n", c); + wsi->ws->count_act_ext = 0; + ignore = 0; + n = 0; + args = NULL; + + /* + * We may get a simple request + * + * Sec-WebSocket-Extensions: permessage-deflate + * + * or an elaborated one with requested options + * + * Sec-WebSocket-Extensions: permessage-deflate; \ + * server_no_context_takeover; \ + * client_no_context_takeover + */ + + while (more) { + + if (c >= (char *)pt->serv_buf + 255) + return -1; + + if (*c && (*c != ',' && *c != '\t')) { + if (*c == ';') { + ignore = 1; + if (!args) + args = c + 1; + } + if (ignore || *c == ' ') { + c++; + continue; + } + ext_name[n] = *c++; + if (n < (int)sizeof(ext_name) - 1) + n++; + continue; + } + ext_name[n] = '\0'; + + ignore = 0; + if (!*c) + more = 0; + else { + c++; + if (!n) + continue; + } + + while (args && *args && *args == ' ') + args++; + + /* check a client's extension against our support */ + + ext = wsi->vhost->ws.extensions; + + while (ext && ext->callback) { + + if (strcmp(ext_name, ext->name)) { + ext++; + continue; + } + + /* + * oh, we do support this one he asked for... but let's + * confirm he only gave it once + */ + for (m = 0; m < wsi->ws->count_act_ext; m++) + if (wsi->ws->active_extensions[m] == ext) { + lwsl_info("extension mentioned twice\n"); + return 1; /* shenanigans */ + } + + /* + * ask user code if it's OK to apply it on this + * particular connection + protocol + */ + m = (wsi->protocol->callback)(wsi, + LWS_CALLBACK_CONFIRM_EXTENSION_OKAY, + wsi->user_space, ext_name, 0); + + /* + * zero return from callback means go ahead and allow + * the extension, it's what we get if the callback is + * unhandled + */ + if (m) { + ext++; + continue; + } + + /* apply it */ + + ext_count++; + + /* instantiate the extension on this conn */ + + wsi->ws->active_extensions[wsi->ws->count_act_ext] = ext; + + /* allow him to construct his context */ + + if (ext->callback(lws_get_context(wsi), ext, wsi, + LWS_EXT_CB_CONSTRUCT, + (void *)&wsi->ws->act_ext_user[ + wsi->ws->count_act_ext], + (void *)&opts, 0)) { + lwsl_info("ext %s failed construction\n", + ext_name); + ext_count--; + ext++; + + continue; + } + + if (ext_count > 1) + *(*p)++ = ','; + else + LWS_CPYAPP(*p, + "\x0d\x0aSec-WebSocket-Extensions: "); + *p += lws_snprintf(*p, (end - *p), "%s", ext_name); + + /* + * The client may send a bunch of different option + * sets for the same extension, we are supposed to + * pick one we like the look of. The option sets are + * separated by comma. + * + * Actually we just either accept the first one or + * nothing. + * + * Go through the options trying to apply the + * recognized ones + */ + + lwsl_info("ext args %s\n", args); + + while (args && *args && *args != ',') { + while (*args == ' ') + args++; + po = opts; + while (po->name) { + /* only support arg-less options... */ + if (po->type != EXTARG_NONE || + strncmp(args, po->name, + strlen(po->name))) { + po++; + continue; + } + oa.option_name = NULL; + oa.option_index = (int)(po - opts); + oa.start = NULL; + oa.len = 0; + lwsl_info("setting '%s'\n", po->name); + if (!ext->callback(lws_get_context(wsi), + ext, wsi, + LWS_EXT_CB_OPTION_SET, + wsi->ws->act_ext_user[ + wsi->ws->count_act_ext], + &oa, (end - *p))) { + + *p += lws_snprintf(*p, (end - *p), + "; %s", po->name); + lwsl_debug("adding option %s\n", + po->name); + } + po++; + } + while (*args && *args != ',' && *args != ';') + args++; + + if (*args == ';') + args++; + } + + wsi->ws->count_act_ext++; + lwsl_parser("cnt_act_ext <- %d\n", wsi->ws->count_act_ext); + + if (args && *args == ',') + more = 0; + + ext++; + } + + n = 0; + args = NULL; + } + + return 0; +} +#endif + + + +int +lws_process_ws_upgrade(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + char protocol_list[128], protocol_name[64], *p; + int protocol_len, hit, n = 0, non_space_char_found = 0; + + if (!wsi->protocol) + lwsl_err("NULL protocol at lws_read\n"); + + /* + * It's either websocket or h2->websocket + * + * Select the first protocol we support from the list + * the client sent us. + * + * Copy it to remove header fragmentation + */ + + if (lws_hdr_copy(wsi, protocol_list, sizeof(protocol_list) - 1, + WSI_TOKEN_PROTOCOL) < 0) { + lwsl_err("protocol list too long"); + return 1; + } + + protocol_len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL); + protocol_list[protocol_len] = '\0'; + p = protocol_list; + hit = 0; + + while (*p && !hit) { + n = 0; + non_space_char_found = 0; + while (n < (int)sizeof(protocol_name) - 1 && + *p && *p != ',') { + /* ignore leading spaces */ + if (!non_space_char_found && *p == ' ') { + n++; + continue; + } + non_space_char_found = 1; + protocol_name[n++] = *p++; + } + protocol_name[n] = '\0'; + if (*p) + p++; + + lwsl_debug("checking %s\n", protocol_name); + + n = 0; + while (wsi->vhost->protocols[n].callback) { + lwsl_debug("try %s\n", + wsi->vhost->protocols[n].name); + + if (wsi->vhost->protocols[n].name && + !strcmp(wsi->vhost->protocols[n].name, + protocol_name)) { + wsi->protocol = &wsi->vhost->protocols[n]; + hit = 1; + break; + } + + n++; + } + } + + /* we didn't find a protocol he wanted? */ + + if (!hit) { + if (lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL)) { + lwsl_notice("No protocol from \"%s\" supported\n", + protocol_list); + return 1; + } + /* + * some clients only have one protocol and + * do not send the protocol list header... + * allow it and match to the vhost's default + * protocol (which itself defaults to zero) + */ + lwsl_info("defaulting to prot handler %d\n", + wsi->vhost->default_protocol_index); + n = wsi->vhost->default_protocol_index; + wsi->protocol = &wsi->vhost->protocols[ + (int)wsi->vhost->default_protocol_index]; + } + + /* allocate the ws struct for the wsi */ + wsi->ws = lws_zalloc(sizeof(*wsi->ws), "ws struct"); + if (!wsi->ws) { + lwsl_notice("OOM\n"); + return 1; + } + + if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION)) + wsi->ws->ietf_spec_revision = + atoi(lws_hdr_simple_ptr(wsi, WSI_TOKEN_VERSION)); + + /* allocate wsi->user storage */ + if (lws_ensure_user_space(wsi)) { + lwsl_notice("problem with user space\n"); + return 1; + } + + /* + * Give the user code a chance to study the request and + * have the opportunity to deny it + */ + if ((wsi->protocol->callback)(wsi, + LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION, + wsi->user_space, + lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL), 0)) { + lwsl_warn("User code denied connection\n"); + return 1; + } + + /* + * Perform the handshake according to the protocol version the + * client announced + */ + + switch (wsi->ws->ietf_spec_revision) { + default: + lwsl_notice("Unknown client spec version %d\n", + wsi->ws->ietf_spec_revision); + wsi->ws->ietf_spec_revision = 13; + //return 1; + /* fallthru */ + case 13: +#if defined(LWS_WITH_HTTP2) + if (wsi->h2_stream_carries_ws) { + if (lws_h2_ws_handshake(wsi)) { + lwsl_notice("h2 ws handshake failed\n"); + return 1; + } + } else +#endif + { + lwsl_parser("lws_parse calling handshake_04\n"); + if (handshake_0405(wsi->context, wsi)) { + lwsl_notice("hs0405 has failed the connection\n"); + return 1; + } + } + break; + } + + lws_same_vh_protocol_insert(wsi, n); + + /* + * We are upgrading to ws, so http/1.1 + h2 and keepalive + pipelined + * header considerations about keeping the ah around no longer apply. + * + * However it's common for the first ws protocol data to have been + * coalesced with the browser upgrade request and to already be in the + * ah rx buffer. + */ + + lws_pt_lock(pt, __func__); + + if (wsi->h2_stream_carries_ws) + lws_role_transition(wsi, LWSIFR_SERVER | LWSIFR_P_ENCAP_H2, + LRS_ESTABLISHED, &role_ops_ws); + else + lws_role_transition(wsi, LWSIFR_SERVER, LRS_ESTABLISHED, + &role_ops_ws); + + lws_pt_unlock(pt); + + lws_server_init_wsi_for_ws(wsi); + lwsl_parser("accepted v%02d connection\n", wsi->ws->ietf_spec_revision); + + lwsl_info("%s: %p: dropping ah on ws upgrade\n", __func__, wsi); + lws_header_table_detach(wsi, 1); + + return 0; +} + +int +handshake_0405(struct lws_context *context, struct lws *wsi) +{ + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + struct lws_process_html_args args; + unsigned char hash[20]; + int n, accept_len; + char *response; + char *p; + + if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST) || + !lws_hdr_total_length(wsi, WSI_TOKEN_KEY)) { + lwsl_info("handshake_04 missing pieces\n"); + /* completed header processing, but missing some bits */ + goto bail; + } + + if (lws_hdr_total_length(wsi, WSI_TOKEN_KEY) >= MAX_WEBSOCKET_04_KEY_LEN) { + lwsl_warn("Client key too long %d\n", MAX_WEBSOCKET_04_KEY_LEN); + goto bail; + } + + /* + * since key length is restricted above (currently 128), cannot + * overflow + */ + n = sprintf((char *)pt->serv_buf, + "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", + lws_hdr_simple_ptr(wsi, WSI_TOKEN_KEY)); + + lws_SHA1(pt->serv_buf, n, hash); + + accept_len = lws_b64_encode_string((char *)hash, 20, + (char *)pt->serv_buf, context->pt_serv_buf_size); + if (accept_len < 0) { + lwsl_warn("Base64 encoded hash too long\n"); + goto bail; + } + + /* allocate the per-connection user memory (if any) */ + if (lws_ensure_user_space(wsi)) + goto bail; + + /* create the response packet */ + + /* make a buffer big enough for everything */ + + response = (char *)pt->serv_buf + MAX_WEBSOCKET_04_KEY_LEN + 256 + LWS_PRE; + p = response; + LWS_CPYAPP(p, "HTTP/1.1 101 Switching Protocols\x0d\x0a" + "Upgrade: WebSocket\x0d\x0a" + "Connection: Upgrade\x0d\x0a" + "Sec-WebSocket-Accept: "); + strcpy(p, (char *)pt->serv_buf); + p += accept_len; + + /* we can only return the protocol header if: + * - one came in, and ... */ + if (lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL) && + /* - it is not an empty string */ + wsi->protocol->name && + wsi->protocol->name[0]) { + LWS_CPYAPP(p, "\x0d\x0aSec-WebSocket-Protocol: "); + p += lws_snprintf(p, 128, "%s", wsi->protocol->name); + } + +#if !defined(LWS_WITHOUT_EXTENSIONS) + /* + * Figure out which extensions the client has that we want to + * enable on this connection, and give him back the list. + * + * Give him a limited write bugdet + */ + if (lws_extension_server_handshake(wsi, &p, 192)) + goto bail; +#endif + LWS_CPYAPP(p, "\x0d\x0a"); + + args.p = p; + args.max_len = lws_ptr_diff((char *)pt->serv_buf + + context->pt_serv_buf_size, p); + if (user_callback_handle_rxflow(wsi->protocol->callback, wsi, + LWS_CALLBACK_ADD_HEADERS, + wsi->user_space, &args, 0)) + goto bail; + + p = args.p; + + /* end of response packet */ + + LWS_CPYAPP(p, "\x0d\x0a"); + + /* okay send the handshake response accepting the connection */ + + lwsl_parser("issuing resp pkt %d len\n", + lws_ptr_diff(p, response)); +#if defined(DEBUG) + fwrite(response, 1, p - response, stderr); +#endif + n = lws_write(wsi, (unsigned char *)response, p - response, + LWS_WRITE_HTTP_HEADERS); + if (n != (p - response)) { + lwsl_info("%s: ERROR writing to socket %d\n", __func__, n); + goto bail; + } + + /* alright clean up and set ourselves into established state */ + + lwsi_set_state(wsi, LRS_ESTABLISHED); + wsi->lws_rx_parse_state = LWS_RXPS_NEW; + + { + const char * uri_ptr = + lws_hdr_simple_ptr(wsi, WSI_TOKEN_GET_URI); + int uri_len = lws_hdr_total_length(wsi, WSI_TOKEN_GET_URI); + const struct lws_http_mount *hit = + lws_find_mount(wsi, uri_ptr, uri_len); + if (hit && hit->cgienv && + wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_PMO, + wsi->user_space, (void *)hit->cgienv, 0)) + return 1; + } + + return 0; + +bail: + /* caller will free up his parsing allocations */ + return -1; +} + + + +/* + * Once we reach LWS_RXPS_WS_FRAME_PAYLOAD, we know how much + * to expect in that state and can deal with it in bulk more efficiently. + */ + +static int +lws_ws_frame_rest_is_payload(struct lws *wsi, uint8_t **buf, size_t len) +{ + uint8_t *buffer = *buf, mask[4]; + struct lws_tokens ebuf; + unsigned int avail = (unsigned int)len; +#if !defined(LWS_WITHOUT_EXTENSIONS) + unsigned int old_packet_length = (int)wsi->ws->rx_packet_length; +#endif + int n = 0; + + /* + * With zlib, we can give it as much input as we like. The pmd + * extension will draw it down in chunks (default 1024). + * + * If we try to restrict how much we give it, because we must go + * back to the event loop each time, we will drop the remainder... + */ + +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (!wsi->ws->count_act_ext) +#endif + { + if (wsi->protocol->rx_buffer_size) + avail = (int)wsi->protocol->rx_buffer_size; + else + avail = wsi->context->pt_serv_buf_size; + } + + /* do not consume more than we should */ + if (avail > wsi->ws->rx_packet_length) + avail = (unsigned int)wsi->ws->rx_packet_length; + + /* do not consume more than what is in the buffer */ + if (avail > len) + avail = (unsigned int)len; + + if (avail <= 0) + return 0; + + ebuf.token = (char *)buffer; + ebuf.len = avail; + + //lwsl_hexdump_notice(ebuf.token, ebuf.len); + + if (!wsi->ws->all_zero_nonce) { + + for (n = 0; n < 4; n++) + mask[n] = wsi->ws->mask[(wsi->ws->mask_idx + n) & 3]; + + /* deal with 4-byte chunks using unwrapped loop */ + n = avail >> 2; + while (n--) { + *(buffer) = *(buffer) ^ mask[0]; + buffer++; + *(buffer) = *(buffer) ^ mask[1]; + buffer++; + *(buffer) = *(buffer) ^ mask[2]; + buffer++; + *(buffer) = *(buffer) ^ mask[3]; + buffer++; + } + /* and the remaining bytes bytewise */ + for (n = 0; n < (int)(avail & 3); n++) { + *(buffer) = *(buffer) ^ mask[n]; + buffer++; + } + + wsi->ws->mask_idx = (wsi->ws->mask_idx + avail) & 3; + } + + lwsl_info("%s: using %d of raw input (total %d on offer)\n", __func__, + avail, (int)len); + + (*buf) += avail; + len -= avail; + +#if !defined(LWS_WITHOUT_EXTENSIONS) + n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &ebuf, 0); + lwsl_info("%s: ext says %d / ebuf.len %d\n", __func__, n, ebuf.len); +#endif + /* + * ebuf may be pointing somewhere completely different now, + * it's the output + */ + +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (n < 0) { + /* + * we may rely on this to get RX, just drop connection + */ + lwsl_notice("%s: LWS_EXT_CB_PAYLOAD_RX blew out\n", __func__); + wsi->socket_is_permanently_unusable = 1; + return -1; + } +#endif + + wsi->ws->rx_packet_length -= avail; + +#if !defined(LWS_WITHOUT_EXTENSIONS) + /* + * if we had an rx fragment right at the last compressed byte of the + * message, we can get a zero length inflated output, where no prior + * rx inflated output marked themselves with FIN, since there was + * raw ws payload still to drain at that time. + * + * Then we need to generate a zero length ws rx that can be understood + * as the message completion. + */ + + if (!ebuf.len && /* zero-length inflation output */ + !n && /* nothing left to drain from the inflator */ + wsi->ws->count_act_ext && /* we are using pmd */ + old_packet_length && /* we gave the inflator new input */ + !wsi->ws->rx_packet_length && /* raw ws packet payload all gone */ + wsi->ws->final && /* the raw ws packet is a FIN guy */ + wsi->protocol->callback && + !wsi->wsistate_pre_close) { + + if (user_callback_handle_rxflow(wsi->protocol->callback, wsi, + LWS_CALLBACK_RECEIVE, + wsi->user_space, NULL, 0)) + return -1; + + return avail; + } +#endif + + if (!ebuf.len) + return avail; + + if ( +#if !defined(LWS_WITHOUT_EXTENSIONS) + n && +#endif + ebuf.len) + /* extension had more... main loop will come back */ + lws_add_wsi_to_draining_ext_list(wsi); + else + lws_remove_wsi_from_draining_ext_list(wsi); + + if (wsi->ws->check_utf8 && !wsi->ws->defeat_check_utf8) { + if (lws_check_utf8(&wsi->ws->utf8, + (unsigned char *)ebuf.token, ebuf.len)) { + lws_close_reason(wsi, LWS_CLOSE_STATUS_INVALID_PAYLOAD, + (uint8_t *)"bad utf8", 8); + goto utf8_fail; + } + + /* we are ending partway through utf-8 character? */ + if (!wsi->ws->rx_packet_length && wsi->ws->final && + wsi->ws->utf8 && !n) { + lwsl_info("FINAL utf8 error\n"); + lws_close_reason(wsi, LWS_CLOSE_STATUS_INVALID_PAYLOAD, + (uint8_t *)"partial utf8", 12); + +utf8_fail: + lwsl_info("utf8 error\n"); + lwsl_hexdump_info(ebuf.token, ebuf.len); + + return -1; + } + } + + if (wsi->protocol->callback && !wsi->wsistate_pre_close) + if (user_callback_handle_rxflow(wsi->protocol->callback, wsi, + LWS_CALLBACK_RECEIVE, + wsi->user_space, + ebuf.token, ebuf.len)) + return -1; + + wsi->ws->first_fragment = 0; + +#if !defined(LWS_WITHOUT_EXTENSIONS) + lwsl_info("%s: input used %d, output %d, rem len %d, rx_draining_ext %d\n", + __func__, avail, ebuf.len, (int)len, wsi->ws->rx_draining_ext); +#endif + + return avail; /* how much we used from the input */ +} + + +int +lws_parse_ws(struct lws *wsi, unsigned char **buf, size_t len) +{ + int m, bulk = 0; + + lwsl_debug("%s: received %d byte packet\n", __func__, (int)len); + + //lwsl_hexdump_notice(*buf, len); + + /* let the rx protocol state machine have as much as it needs */ + + while (len) { + /* + * we were accepting input but now we stopped doing so + */ + if (wsi->rxflow_bitmap) { + lwsl_info("%s: doing rxflow\n", __func__); + lws_rxflow_cache(wsi, *buf, 0, (int)len); + lwsl_parser("%s: cached %ld\n", __func__, (long)len); + *buf += len; /* stashing it is taking care of it */ + return 1; + } +#if !defined(LWS_WITHOUT_EXTENSIONS) + if (wsi->ws->rx_draining_ext) { + lwsl_debug("%s: draining rx ext\n", __func__); + m = lws_ws_rx_sm(wsi, ALREADY_PROCESSED_IGNORE_CHAR, 0); + if (m < 0) + return -1; + continue; + } +#endif + + /* consume payload bytes efficiently */ + while (wsi->lws_rx_parse_state == LWS_RXPS_WS_FRAME_PAYLOAD && + (wsi->ws->opcode == LWSWSOPC_TEXT_FRAME || + wsi->ws->opcode == LWSWSOPC_BINARY_FRAME || + wsi->ws->opcode == LWSWSOPC_CONTINUATION) && + len) { + uint8_t *bin = *buf; + + bulk = 1; + m = lws_ws_frame_rest_is_payload(wsi, buf, len); + assert((int)lws_ptr_diff(*buf, bin) <= (int)len); + len -= lws_ptr_diff(*buf, bin); + + if (!m) { + + break; + } + if (m < 0) { + lwsl_info("%s: rest_is_payload bailed\n", + __func__); + return -1; + } + } + + if (!bulk) { + /* process the byte */ + m = lws_ws_rx_sm(wsi, 0, *(*buf)++); + len--; + } else { + /* + * We already handled this byte in bulk, just deal + * with the ramifications + */ +#if !defined(LWS_WITHOUT_EXTENSIONS) + lwsl_debug("%s: coming out of bulk with len %d, " + "wsi->ws->rx_draining_ext %d\n", + __func__, (int)len, + wsi->ws->rx_draining_ext); +#endif + m = lws_ws_rx_sm(wsi, ALREADY_PROCESSED_IGNORE_CHAR | + ALREADY_PROCESSED_NO_CB, 0); + } + + if (m < 0) { + lwsl_info("%s: lws_ws_rx_sm bailed %d\n", __func__, + bulk); + + return -1; + } + + bulk = 0; + } + + lwsl_debug("%s: exit with %d unused\n", __func__, (int)len); + + return 0; +} diff --git a/thirdparty/libwebsockets/tls/mbedtls/lws-genhash.c b/thirdparty/libwebsockets/tls/mbedtls/lws-genhash.c new file mode 100644 index 0000000000..ce4ee6e382 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/lws-genhash.c @@ -0,0 +1,202 @@ +/* + * libwebsockets - generic hash and HMAC api hiding the backend + * + * Copyright (C) 2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * lws_genhash provides a hash / hmac abstraction api in lws that works the + * same whether you are using openssl or mbedtls hash functions underneath. + */ +#include "libwebsockets.h" +#include + +#if (MBEDTLS_VERSION_NUMBER >= 0x02070000) +#define MBA(fn) fn##_ret +#else +#define MBA(fn) fn +#endif + +size_t +lws_genhash_size(enum lws_genhash_types type) +{ + switch(type) { + case LWS_GENHASH_TYPE_SHA1: + return 20; + case LWS_GENHASH_TYPE_SHA256: + return 32; + case LWS_GENHASH_TYPE_SHA384: + return 48; + case LWS_GENHASH_TYPE_SHA512: + return 64; + } + + return 0; +} + +int +lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type) +{ + ctx->type = type; + + switch (ctx->type) { + case LWS_GENHASH_TYPE_SHA1: + mbedtls_sha1_init(&ctx->u.sha1); + MBA(mbedtls_sha1_starts)(&ctx->u.sha1); + break; + case LWS_GENHASH_TYPE_SHA256: + mbedtls_sha256_init(&ctx->u.sha256); + MBA(mbedtls_sha256_starts)(&ctx->u.sha256, 0); + break; + case LWS_GENHASH_TYPE_SHA384: + mbedtls_sha512_init(&ctx->u.sha512); + MBA(mbedtls_sha512_starts)(&ctx->u.sha512, 1 /* is384 */); + break; + case LWS_GENHASH_TYPE_SHA512: + mbedtls_sha512_init(&ctx->u.sha512); + MBA(mbedtls_sha512_starts)(&ctx->u.sha512, 0); + break; + default: + return 1; + } + + return 0; +} + +int +lws_genhash_update(struct lws_genhash_ctx *ctx, const void *in, size_t len) +{ + switch (ctx->type) { + case LWS_GENHASH_TYPE_SHA1: + MBA(mbedtls_sha1_update)(&ctx->u.sha1, in, len); + break; + case LWS_GENHASH_TYPE_SHA256: + MBA(mbedtls_sha256_update)(&ctx->u.sha256, in, len); + break; + case LWS_GENHASH_TYPE_SHA384: + MBA(mbedtls_sha512_update)(&ctx->u.sha512, in, len); + break; + case LWS_GENHASH_TYPE_SHA512: + MBA(mbedtls_sha512_update)(&ctx->u.sha512, in, len); + break; + } + + return 0; +} + +int +lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result) +{ + switch (ctx->type) { + case LWS_GENHASH_TYPE_SHA1: + MBA(mbedtls_sha1_finish)(&ctx->u.sha1, result); + mbedtls_sha1_free(&ctx->u.sha1); + break; + case LWS_GENHASH_TYPE_SHA256: + MBA(mbedtls_sha256_finish)(&ctx->u.sha256, result); + mbedtls_sha256_free(&ctx->u.sha256); + break; + case LWS_GENHASH_TYPE_SHA384: + MBA(mbedtls_sha512_finish)(&ctx->u.sha512, result); + mbedtls_sha512_free(&ctx->u.sha512); + break; + case LWS_GENHASH_TYPE_SHA512: + MBA(mbedtls_sha512_finish)(&ctx->u.sha512, result); + mbedtls_sha512_free(&ctx->u.sha512); + break; + } + + return 0; +} + +size_t +lws_genhmac_size(enum lws_genhmac_types type) +{ + switch(type) { + case LWS_GENHMAC_TYPE_SHA256: + return 32; + case LWS_GENHMAC_TYPE_SHA384: + return 48; + case LWS_GENHMAC_TYPE_SHA512: + return 64; + } + + return 0; +} + +int +lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type, + const uint8_t *key, size_t key_len) +{ + int t; + + ctx->type = type; + + switch (type) { + case LWS_GENHMAC_TYPE_SHA256: + t = MBEDTLS_MD_SHA256; + break; + case LWS_GENHMAC_TYPE_SHA384: + t = MBEDTLS_MD_SHA384; + break; + case LWS_GENHMAC_TYPE_SHA512: + t = MBEDTLS_MD_SHA512; + break; + default: + return -1; + } + + ctx->hmac = mbedtls_md_info_from_type(t); + if (!ctx->hmac) + return -1; + + if (mbedtls_md_init_ctx(&ctx->ctx, ctx->hmac)) + return -1; + + if (mbedtls_md_hmac_starts(&ctx->ctx, key, key_len)) { + mbedtls_md_free(&ctx->ctx); + ctx->hmac = NULL; + + return -1; + } + + return 0; +} + +int +lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len) +{ + if (mbedtls_md_hmac_update(&ctx->ctx, in, len)) + return -1; + + return 0; +} + +int +lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result) +{ + int n = 0; + + if (result) + n = mbedtls_md_hmac_finish(&ctx->ctx, result); + + mbedtls_md_free(&ctx->ctx); + ctx->hmac = NULL; + if (n) + return -1; + + return 0; +} diff --git a/thirdparty/libwebsockets/tls/mbedtls/lws-genrsa.c b/thirdparty/libwebsockets/tls/mbedtls/lws-genrsa.c new file mode 100644 index 0000000000..70a9fcf42c --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/lws-genrsa.c @@ -0,0 +1,329 @@ +/* + * libwebsockets - generic RSA api hiding the backend + * + * Copyright (C) 2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * lws_genhash provides a hash / hmac abstraction api in lws that works the + * same whether you are using openssl or mbedtls hash functions underneath. + */ +#include "core/private.h" + +LWS_VISIBLE void +lws_jwk_destroy_genrsa_elements(struct lws_genrsa_elements *el) +{ + int n; + + for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++) + if (el->e[n].buf) + lws_free_set_NULL(el->e[n].buf); +} + +LWS_VISIBLE int +lws_genrsa_create(struct lws_genrsa_ctx *ctx, struct lws_genrsa_elements *el) +{ + int n; + + memset(ctx, 0, sizeof(*ctx)); + ctx->ctx = lws_zalloc(sizeof(*ctx->ctx), "genrsa"); + if (!ctx->ctx) + return 1; + + mbedtls_rsa_init(ctx->ctx, MBEDTLS_RSA_PKCS_V15, 0); + + { + mbedtls_mpi *mpi[LWS_COUNT_RSA_ELEMENTS] = { + &ctx->ctx->E, &ctx->ctx->N, &ctx->ctx->D, &ctx->ctx->P, + &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ, + &ctx->ctx->QP, + }; + + for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++) + if (el->e[n].buf && + mbedtls_mpi_read_binary(mpi[n], el->e[n].buf, + el->e[n].len)) { + lwsl_notice("mpi load failed\n"); + lws_free_set_NULL(ctx->ctx); + + return -1; + } + } + + ctx->ctx->len = el->e[JWK_KEY_N].len; + + return 0; +} + +static int +_rngf(void *context, unsigned char *buf, size_t len) +{ + if ((size_t)lws_get_random(context, buf, len) == len) + return 0; + + return -1; +} + +LWS_VISIBLE int +lws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx, + struct lws_genrsa_elements *el, int bits) +{ + int n; + + memset(ctx, 0, sizeof(*ctx)); + ctx->ctx = lws_zalloc(sizeof(*ctx->ctx), "genrsa"); + if (!ctx->ctx) + return -1; + + mbedtls_rsa_init(ctx->ctx, MBEDTLS_RSA_PKCS_V15, 0); + + n = mbedtls_rsa_gen_key(ctx->ctx, _rngf, context, bits, 65537); + if (n) { + lwsl_err("mbedtls_rsa_gen_key failed 0x%x\n", -n); + goto cleanup_1; + } + + { + mbedtls_mpi *mpi[LWS_COUNT_RSA_ELEMENTS] = { + &ctx->ctx->E, &ctx->ctx->N, &ctx->ctx->D, &ctx->ctx->P, + &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ, + &ctx->ctx->QP, + }; + + for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++) + if (mbedtls_mpi_size(mpi[n])) { + el->e[n].buf = lws_malloc( + mbedtls_mpi_size(mpi[n]), "genrsakey"); + if (!el->e[n].buf) + goto cleanup; + el->e[n].len = mbedtls_mpi_size(mpi[n]); + mbedtls_mpi_write_binary(mpi[n], el->e[n].buf, + el->e[n].len); + } + } + + return 0; + +cleanup: + for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++) + if (el->e[n].buf) + lws_free_set_NULL(el->e[n].buf); +cleanup_1: + lws_free(ctx->ctx); + + return -1; +} + +LWS_VISIBLE int +lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, + size_t in_len, uint8_t *out, size_t out_max) +{ + size_t olen = 0; + int n; + + ctx->ctx->len = in_len; + n = mbedtls_rsa_rsaes_pkcs1_v15_decrypt(ctx->ctx, NULL, NULL, + MBEDTLS_RSA_PUBLIC, + &olen, in, out, out_max); + if (n) { + lwsl_notice("%s: -0x%x\n", __func__, -n); + + return -1; + } + + return olen; +} + +LWS_VISIBLE int +lws_genrsa_public_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, + size_t in_len, uint8_t *out) +{ + int n; + + ctx->ctx->len = in_len; + n = mbedtls_rsa_rsaes_pkcs1_v15_encrypt(ctx->ctx, NULL, NULL, + MBEDTLS_RSA_PRIVATE, + in_len, in, out); + if (n) { + lwsl_notice("%s: -0x%x\n", __func__, -n); + + return -1; + } + + return 0; +} + +static int +lws_genrsa_genrsa_hash_to_mbed_hash(enum lws_genhash_types hash_type) +{ + int h = -1; + + switch (hash_type) { + case LWS_GENHASH_TYPE_SHA1: + h = MBEDTLS_MD_SHA1; + break; + case LWS_GENHASH_TYPE_SHA256: + h = MBEDTLS_MD_SHA256; + break; + case LWS_GENHASH_TYPE_SHA384: + h = MBEDTLS_MD_SHA384; + break; + case LWS_GENHASH_TYPE_SHA512: + h = MBEDTLS_MD_SHA512; + break; + } + + return h; +} + +LWS_VISIBLE int +lws_genrsa_public_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in, + enum lws_genhash_types hash_type, const uint8_t *sig, + size_t sig_len) +{ + int n, h = lws_genrsa_genrsa_hash_to_mbed_hash(hash_type); + + if (h < 0) + return -1; + + n = mbedtls_rsa_rsassa_pkcs1_v15_verify(ctx->ctx, NULL, NULL, + MBEDTLS_RSA_PUBLIC, + h, 0, in, sig); + if (n < 0) { + lwsl_notice("%s: -0x%x\n", __func__, -n); + + return -1; + } + + return n; +} + +LWS_VISIBLE int +lws_genrsa_public_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in, + enum lws_genhash_types hash_type, uint8_t *sig, + size_t sig_len) +{ + int n, h = lws_genrsa_genrsa_hash_to_mbed_hash(hash_type); + + if (h < 0) + return -1; + + /* + * The "sig" buffer must be as large as the size of ctx->N + * (eg. 128 bytes if RSA-1024 is used). + */ + if (sig_len < ctx->ctx->len) + return -1; + + n = mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx->ctx, NULL, NULL, + MBEDTLS_RSA_PRIVATE, h, 0, in, + sig); + if (n < 0) { + lwsl_notice("%s: -0x%x\n", __func__, -n); + + return -1; + } + + return ctx->ctx->len; +} + +LWS_VISIBLE int +lws_genrsa_render_pkey_asn1(struct lws_genrsa_ctx *ctx, int _private, + uint8_t *pkey_asn1, size_t pkey_asn1_len) +{ + uint8_t *p = pkey_asn1, *totlen, *end = pkey_asn1 + pkey_asn1_len - 1; + mbedtls_mpi *mpi[LWS_COUNT_RSA_ELEMENTS] = { + &ctx->ctx->N, &ctx->ctx->E, &ctx->ctx->D, &ctx->ctx->P, + &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ, + &ctx->ctx->QP, + }; + int n; + + /* 30 82 - sequence + * 09 29 <-- length(0x0929) less 4 bytes + * 02 01 <- length (1) + * 00 + * 02 82 + * 02 01 <- length (513) N + * ... + * + * 02 03 <- length (3) E + * 01 00 01 + * + * 02 82 + * 02 00 <- length (512) D P Q EXP1 EXP2 COEFF + * + * */ + + *p++ = 0x30; + *p++ = 0x82; + totlen = p; + p += 2; + + *p++ = 0x02; + *p++ = 0x01; + *p++ = 0x00; + + for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++) { + int m = mbedtls_mpi_size(mpi[n]); + uint8_t *elen; + + *p++ = 0x02; + elen = p; + if (m < 0x7f) + *p++ = m; + else { + *p++ = 0x82; + *p++ = m >> 8; + *p++ = m & 0xff; + } + + if (p + m > end) + return -1; + + mbedtls_mpi_write_binary(mpi[n], p, m); + if (p[0] & 0x80) { + p[0] = 0x00; + mbedtls_mpi_write_binary(mpi[n], &p[1], m); + m++; + } + if (m < 0x7f) + *elen = m; + else { + *elen++ = 0x82; + *elen++ = m >> 8; + *elen = m & 0xff; + } + p += m; + } + + n = lws_ptr_diff(p, pkey_asn1); + + *totlen++ = (n - 4) >> 8; + *totlen = (n - 4) & 0xff; + + return n; +} + +LWS_VISIBLE void +lws_genrsa_destroy(struct lws_genrsa_ctx *ctx) +{ + if (!ctx->ctx) + return; + mbedtls_rsa_free(ctx->ctx); + lws_free(ctx->ctx); + ctx->ctx = NULL; +} diff --git a/thirdparty/libwebsockets/tls/mbedtls/mbedtls-client.c b/thirdparty/libwebsockets/tls/mbedtls/mbedtls-client.c new file mode 100644 index 0000000000..a7864ab790 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/mbedtls-client.c @@ -0,0 +1,240 @@ +/* + * libwebsockets - mbedtls-specific client TLS code + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +static int +OpenSSL_client_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) +{ + return 0; +} + +int +lws_ssl_client_bio_create(struct lws *wsi) +{ + X509_VERIFY_PARAM *param; + char hostname[128], *p; + const char *alpn_comma = wsi->context->tls.alpn_default; + struct alpn_ctx protos; + + if (lws_hdr_copy(wsi, hostname, sizeof(hostname), + _WSI_TOKEN_CLIENT_HOST) <= 0) { + lwsl_err("%s: Unable to get hostname\n", __func__); + + return -1; + } + + /* + * remove any :port part on the hostname... necessary for network + * connection but typical certificates do not contain it + */ + p = hostname; + while (*p) { + if (*p == ':') { + *p = '\0'; + break; + } + p++; + } + + wsi->tls.ssl = SSL_new(wsi->vhost->tls.ssl_client_ctx); + if (!wsi->tls.ssl) + return -1; + + if (wsi->vhost->tls.ssl_info_event_mask) + SSL_set_info_callback(wsi->tls.ssl, lws_ssl_info_callback); + + if (!(wsi->tls.use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) { + param = SSL_get0_param(wsi->tls.ssl); + /* Enable automatic hostname checks */ + // X509_VERIFY_PARAM_set_hostflags(param, + // X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + X509_VERIFY_PARAM_set1_host(param, hostname, 0); + } + + if (wsi->vhost->tls.alpn) + alpn_comma = wsi->vhost->tls.alpn; + + if (lws_hdr_copy(wsi, hostname, sizeof(hostname), + _WSI_TOKEN_CLIENT_ALPN) > 0) + alpn_comma = hostname; + + lwsl_info("%s: %p: client conn sending ALPN list '%s'\n", + __func__, wsi, alpn_comma); + + protos.len = lws_alpn_comma_to_openssl(alpn_comma, protos.data, + sizeof(protos.data) - 1); + + /* with mbedtls, protos is not pointed to after exit from this call */ + SSL_set_alpn_select_cb(wsi->tls.ssl, &protos); + + /* + * use server name indication (SNI), if supported, + * when establishing connection + */ + SSL_set_verify(wsi->tls.ssl, SSL_VERIFY_PEER, + OpenSSL_client_verify_callback); + + SSL_set_fd(wsi->tls.ssl, wsi->desc.sockfd); + + return 0; +} + +int ERR_get_error(void) +{ + return 0; +} + +enum lws_ssl_capable_status +lws_tls_client_connect(struct lws *wsi) +{ + int m, n = SSL_connect(wsi->tls.ssl); + const unsigned char *prot; + unsigned int len; + + if (n == 1) { + SSL_get0_alpn_selected(wsi->tls.ssl, &prot, &len); + lws_role_call_alpn_negotiated(wsi, (const char *)prot); + lwsl_info("client connect OK\n"); + return LWS_SSL_CAPABLE_DONE; + } + + m = SSL_get_error(wsi->tls.ssl, n); + + if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) + return LWS_SSL_CAPABLE_MORE_SERVICE_READ; + + if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) + return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE; + + if (!n) /* we don't know what he wants, but he says to retry */ + return LWS_SSL_CAPABLE_MORE_SERVICE; + + return LWS_SSL_CAPABLE_ERROR; +} + +int +lws_tls_client_confirm_peer_cert(struct lws *wsi, char *ebuf, int ebuf_len) +{ + int n; + X509 *peer = SSL_get_peer_certificate(wsi->tls.ssl); + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + char *sb = (char *)&pt->serv_buf[0]; + + if (!peer) { + lwsl_info("peer did not provide cert\n"); + + return -1; + } + lwsl_info("peer provided cert\n"); + + n = SSL_get_verify_result(wsi->tls.ssl); + lws_latency(wsi->context, wsi, + "SSL_get_verify_result LWS_CONNMODE..HANDSHAKE", n, n > 0); + + lwsl_debug("get_verify says %d\n", n); + + if (n == X509_V_OK) + return 0; + + if (n == X509_V_ERR_HOSTNAME_MISMATCH && + (wsi->tls.use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) { + lwsl_info("accepting certificate for invalid hostname\n"); + return 0; + } + + if (n == X509_V_ERR_INVALID_CA && + (wsi->tls.use_ssl & LCCSCF_ALLOW_SELFSIGNED)) { + lwsl_info("accepting certificate from untrusted CA\n"); + return 0; + } + + if ((n == X509_V_ERR_CERT_NOT_YET_VALID || + n == X509_V_ERR_CERT_HAS_EXPIRED) && + (wsi->tls.use_ssl & LCCSCF_ALLOW_EXPIRED)) { + lwsl_info("accepting expired or not yet valid certificate\n"); + + return 0; + } + lws_snprintf(ebuf, ebuf_len, + "server's cert didn't look good, X509_V_ERR = %d: %s\n", + n, ERR_error_string(n, sb)); + lwsl_info("%s\n", ebuf); + lws_ssl_elaborate_error(); + + return -1; +} + +int +lws_tls_client_create_vhost_context(struct lws_vhost *vh, + const struct lws_context_creation_info *info, + const char *cipher_list, + const char *ca_filepath, + const char *cert_filepath, + const char *private_key_filepath) +{ + X509 *d2i_X509(X509 **cert, const unsigned char *buffer, long len); + SSL_METHOD *method = (SSL_METHOD *)TLS_client_method(); + unsigned long error; + lws_filepos_t len; + uint8_t *buf; + + if (!method) { + error = ERR_get_error(); + lwsl_err("problem creating ssl method %lu: %s\n", + error, ERR_error_string(error, + (char *)vh->context->pt[0].serv_buf)); + return 1; + } + /* create context */ + vh->tls.ssl_client_ctx = SSL_CTX_new(method); + if (!vh->tls.ssl_client_ctx) { + error = ERR_get_error(); + lwsl_err("problem creating ssl context %lu: %s\n", + error, ERR_error_string(error, + (char *)vh->context->pt[0].serv_buf)); + return 1; + } + + if (!ca_filepath) + return 0; + + if (alloc_file(vh->context, ca_filepath, &buf, &len)) { + lwsl_err("Load CA cert file %s failed\n", ca_filepath); + return 1; + } + + vh->tls.x509_client_CA = d2i_X509(NULL, buf, len); + free(buf); + if (!vh->tls.x509_client_CA) { + lwsl_err("client CA: x509 parse failed\n"); + return 1; + } + + if (!vh->tls.ssl_ctx) + SSL_CTX_add_client_CA(vh->tls.ssl_client_ctx, vh->tls.x509_client_CA); + else + SSL_CTX_add_client_CA(vh->tls.ssl_ctx, vh->tls.x509_client_CA); + + lwsl_notice("client loaded CA for verification %s\n", ca_filepath); + + return 0; +} diff --git a/thirdparty/libwebsockets/tls/mbedtls/mbedtls-server.c b/thirdparty/libwebsockets/tls/mbedtls/mbedtls-server.c new file mode 100644 index 0000000000..f17c7e5494 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/mbedtls-server.c @@ -0,0 +1,694 @@ +/* + * libwebsockets - mbedTLS-specific server functions + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" +#include + +int +lws_tls_server_client_cert_verify_config(struct lws_vhost *vh) +{ + int verify_options = SSL_VERIFY_PEER; + + /* as a server, are we requiring clients to identify themselves? */ + if (!lws_check_opt(vh->options, + LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT)) { + lwsl_notice("no client cert required\n"); + return 0; + } + + /* + * The wrapper has this messed-up mapping: + * + * else if (ctx->verify_mode == SSL_VERIFY_FAIL_IF_NO_PEER_CERT) + * mode = MBEDTLS_SSL_VERIFY_OPTIONAL; + * + * ie the meaning is inverted. So where we should test for ! we don't + */ + if (lws_check_opt(vh->options, LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED)) + verify_options = SSL_VERIFY_FAIL_IF_NO_PEER_CERT; + + lwsl_notice("%s: vh %s requires client cert %d\n", __func__, vh->name, + verify_options); + + SSL_CTX_set_verify(vh->tls.ssl_ctx, verify_options, NULL); + + return 0; +} + +static int +lws_mbedtls_sni_cb(void *arg, mbedtls_ssl_context *mbedtls_ctx, + const unsigned char *servername, size_t len) +{ + SSL *ssl = SSL_SSL_from_mbedtls_ssl_context(mbedtls_ctx); + struct lws_context *context = (struct lws_context *)arg; + struct lws_vhost *vhost, *vh; + + lwsl_notice("%s: %s\n", __func__, servername); + + /* + * We can only get ssl accepted connections by using a vhost's ssl_ctx + * find out which listening one took us and only match vhosts on the + * same port. + */ + vh = context->vhost_list; + while (vh) { + if (!vh->being_destroyed && + vh->tls.ssl_ctx == SSL_get_SSL_CTX(ssl)) + break; + vh = vh->vhost_next; + } + + if (!vh) { + assert(vh); /* can't match the incoming vh? */ + return 0; + } + + vhost = lws_select_vhost(context, vh->listen_port, + (const char *)servername); + if (!vhost) { + lwsl_info("SNI: none: %s:%d\n", servername, vh->listen_port); + + return 0; + } + + lwsl_info("SNI: Found: %s:%d at vhost '%s'\n", servername, + vh->listen_port, vhost->name); + + /* select the ssl ctx from the selected vhost for this conn */ + SSL_set_SSL_CTX(ssl, vhost->tls.ssl_ctx); + + return 0; +} + +int +lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi, + const char *cert, const char *private_key, + const char *mem_cert, size_t len_mem_cert, + const char *mem_privkey, size_t mem_privkey_len) +{ + int n, f = 0; + const char *filepath = private_key; + uint8_t *mem = NULL, *p = NULL; + size_t mem_len = 0; + lws_filepos_t flen; + long err; + + if ((!cert || !private_key) && (!mem_cert || !mem_privkey)) { + lwsl_notice("%s: no usable input\n", __func__); + return 0; + } + + n = lws_tls_generic_cert_checks(vhost, cert, private_key); + + if (n == LWS_TLS_EXTANT_NO && (!mem_cert || !mem_privkey)) + return 0; + + /* + * we can't read the root-privs files. But if mem_cert is provided, + * we should use that. + */ + if (n == LWS_TLS_EXTANT_NO) + n = LWS_TLS_EXTANT_ALTERNATIVE; + + if (n == LWS_TLS_EXTANT_ALTERNATIVE && (!mem_cert || !mem_privkey)) + return 1; /* no alternative */ + + if (n == LWS_TLS_EXTANT_ALTERNATIVE) { + /* + * Although we have prepared update certs, we no longer have + * the rights to read our own cert + key we saved. + * + * If we were passed copies in memory buffers, use those + * instead. + * + * The passed memory-buffer cert image is in DER, and the + * memory-buffer private key image is PEM. + */ + /* mem cert is already DER */ + p = (uint8_t *)mem_cert; + flen = len_mem_cert; + /* mem private key is PEM, so go through the motions */ + mem = (uint8_t *)mem_privkey; + mem_len = mem_privkey_len; + filepath = NULL; + } else { + if (lws_tls_alloc_pem_to_der_file(vhost->context, cert, NULL, + 0, &p, &flen)) { + lwsl_err("couldn't find cert file %s\n", cert); + + return 1; + } + f = 1; + } + err = SSL_CTX_use_certificate_ASN1(vhost->tls.ssl_ctx, flen, p); + if (!err) { + free(p); + lwsl_err("Problem loading cert\n"); + return 1; + } + + if (f) + free(p); + p = NULL; + + if (private_key || n == LWS_TLS_EXTANT_ALTERNATIVE) { + if (lws_tls_alloc_pem_to_der_file(vhost->context, filepath, + (char *)mem, mem_len, &p, + &flen)) { + lwsl_err("couldn't find private key file %s\n", + private_key); + + return 1; + } + err = SSL_CTX_use_PrivateKey_ASN1(0, vhost->tls.ssl_ctx, p, flen); + if (!err) { + free(p); + lwsl_err("Problem loading key\n"); + + return 1; + } + } + + if (p && !mem_privkey) { + free(p); + p = NULL; + } + + if (!private_key && !mem_privkey && + vhost->protocols[0].callback(wsi, + LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY, + vhost->tls.ssl_ctx, NULL, 0)) { + lwsl_err("ssl private key not set\n"); + + return 1; + } + + vhost->tls.skipped_certs = 0; + + return 0; +} + +int +lws_tls_server_vhost_backend_init(const struct lws_context_creation_info *info, + struct lws_vhost *vhost, struct lws *wsi) +{ + const SSL_METHOD *method = TLS_server_method(); + uint8_t *p; + lws_filepos_t flen; + int n; + + vhost->tls.ssl_ctx = SSL_CTX_new(method); /* create context */ + if (!vhost->tls.ssl_ctx) { + lwsl_err("problem creating ssl context\n"); + return 1; + } + + if (!vhost->tls.use_ssl || !info->ssl_cert_filepath) + return 0; + + if (info->ssl_ca_filepath) { + lwsl_notice("%s: vh %s: loading CA filepath %s\n", __func__, + vhost->name, info->ssl_ca_filepath); + if (lws_tls_alloc_pem_to_der_file(vhost->context, + info->ssl_ca_filepath, NULL, 0, &p, &flen)) { + lwsl_err("couldn't find client CA file %s\n", + info->ssl_ca_filepath); + + return 1; + } + + if (SSL_CTX_add_client_CA_ASN1(vhost->tls.ssl_ctx, (int)flen, p) != 1) { + lwsl_err("%s: SSL_CTX_add_client_CA_ASN1 unhappy\n", + __func__); + free(p); + return 1; + } + free(p); + } + + n = lws_tls_server_certs_load(vhost, wsi, info->ssl_cert_filepath, + info->ssl_private_key_filepath, NULL, + 0, NULL, 0); + if (n) + return n; + + return 0; +} + +int +lws_tls_server_new_nonblocking(struct lws *wsi, lws_sockfd_type accept_fd) +{ + errno = 0; + wsi->tls.ssl = SSL_new(wsi->vhost->tls.ssl_ctx); + if (wsi->tls.ssl == NULL) { + lwsl_err("SSL_new failed: errno %d\n", errno); + + lws_ssl_elaborate_error(); + return 1; + } + + SSL_set_fd(wsi->tls.ssl, accept_fd); + + if (wsi->vhost->tls.ssl_info_event_mask) + SSL_set_info_callback(wsi->tls.ssl, lws_ssl_info_callback); + + SSL_set_sni_callback(wsi->tls.ssl, lws_mbedtls_sni_cb, wsi->context); + + return 0; +} + +int +lws_tls_server_abort_connection(struct lws *wsi) +{ + __lws_tls_shutdown(wsi); + SSL_free(wsi->tls.ssl); + + return 0; +} + +enum lws_ssl_capable_status +lws_tls_server_accept(struct lws *wsi) +{ + union lws_tls_cert_info_results ir; + int m, n; + + n = SSL_accept(wsi->tls.ssl); + if (n == 1) { + + if (strstr(wsi->vhost->name, ".invalid")) { + lwsl_notice("%s: vhost has .invalid, rejecting accept\n", __func__); + + return LWS_SSL_CAPABLE_ERROR; + } + + n = lws_tls_peer_cert_info(wsi, LWS_TLS_CERT_INFO_COMMON_NAME, &ir, + sizeof(ir.ns.name)); + if (!n) + lwsl_notice("%s: client cert CN '%s'\n", + __func__, ir.ns.name); + else + lwsl_info("%s: couldn't get client cert CN\n", __func__); + return LWS_SSL_CAPABLE_DONE; + } + + m = SSL_get_error(wsi->tls.ssl, n); + lwsl_debug("%s: %p: accept SSL_get_error %d errno %d\n", __func__, + wsi, m, errno); + + // mbedtls wrapper only + if (m == SSL_ERROR_SYSCALL && errno == 11) + return LWS_SSL_CAPABLE_MORE_SERVICE_READ; + + if (m == SSL_ERROR_SYSCALL || m == SSL_ERROR_SSL) + return LWS_SSL_CAPABLE_ERROR; + + if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) { + if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) { + lwsl_info("%s: WANT_READ change_pollfd failed\n", __func__); + return LWS_SSL_CAPABLE_ERROR; + } + + lwsl_info("SSL_ERROR_WANT_READ\n"); + return LWS_SSL_CAPABLE_MORE_SERVICE_READ; + } + if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) { + lwsl_debug("%s: WANT_WRITE\n", __func__); + + if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) { + lwsl_info("%s: WANT_WRITE change_pollfd failed\n", __func__); + return LWS_SSL_CAPABLE_ERROR; + } + return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE; + } + + return LWS_SSL_CAPABLE_ERROR; +} + +#if defined(LWS_WITH_ACME) +/* + * mbedtls doesn't support SAN for cert creation. So we use a known-good + * tls-sni-01 cert from OpenSSL that worked on Let's Encrypt, and just replace + * the pubkey n part and the signature part. + * + * This will need redoing for tls-sni-02... + */ + +static uint8_t ss_cert_leadin[] = { + 0x30, 0x82, + 0x05, 0x56, /* total length: LEN1 (+2 / +3) (correct for 513 + 512)*/ + + 0x30, 0x82, /* length: LEN2 (+6 / +7) (correct for 513) */ + 0x03, 0x3e, + + /* addition: v3 cert (+5 bytes)*/ + 0xa0, 0x03, + 0x02, 0x01, 0x02, + + 0x02, 0x01, 0x01, + 0x30, 0x0d, 0x06, 0x09, 0x2a, + 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3f, + 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, + 0x42, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0b, + 0x73, 0x6f, 0x6d, 0x65, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x31, + 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x11, 0x74, 0x65, + 0x6d, 0x70, 0x2e, 0x61, 0x63, 0x6d, 0x65, 0x2e, 0x69, 0x6e, 0x76, 0x61, + 0x6c, 0x69, 0x64, 0x30, 0x1e, 0x17, 0x0d, + + /* from 2017-10-29 ... */ + 0x31, 0x37, 0x31, 0x30, 0x32, 0x39, 0x31, 0x31, 0x34, 0x39, 0x34, 0x35, + 0x5a, 0x17, 0x0d, + + /* thru 2049-10-29 we immediately discard the private key, no worries */ + 0x34, 0x39, 0x31, 0x30, 0x32, 0x39, 0x31, 0x32, 0x34, 0x39, 0x34, 0x35, + 0x5a, + + 0x30, 0x3f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x47, 0x42, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, + 0x0c, 0x0b, 0x73, 0x6f, 0x6d, 0x65, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x6e, + 0x79, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x11, + 0x74, 0x65, 0x6d, 0x70, 0x2e, 0x61, 0x63, 0x6d, 0x65, 0x2e, 0x69, 0x6e, + 0x76, 0x61, 0x6c, 0x69, 0x64, 0x30, + + 0x82, + 0x02, 0x22, /* LEN3 (+C3 / C4) */ + 0x30, 0x0d, 0x06, + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, + 0x03, + + 0x82, + 0x02, 0x0f, /* LEN4 (+D6 / D7) */ + + 0x00, 0x30, 0x82, + + 0x02, 0x0a, /* LEN5 (+ DB / DC) */ + + 0x02, 0x82, + + //0x02, 0x01, /* length of n in bytes (including leading 00 if any) */ + }, + + /* 1 + (keybits / 8) bytes N */ + + ss_cert_san_leadin[] = { + /* e - fixed */ + 0x02, 0x03, 0x01, 0x00, 0x01, + + 0xa3, 0x5d, 0x30, 0x5b, 0x30, 0x59, 0x06, 0x03, 0x55, 0x1d, + 0x11, 0x04, 0x52, 0x30, 0x50, /* <-- SAN length + 2 */ + + 0x82, 0x4e, /* <-- SAN length */ + }, + + /* 78 bytes of SAN (tls-sni-01) + 0x61, 0x64, 0x34, 0x31, 0x61, 0x66, 0x62, 0x65, 0x30, 0x63, 0x61, 0x34, + 0x36, 0x34, 0x32, 0x66, 0x30, 0x61, 0x34, 0x34, 0x39, 0x64, 0x39, 0x63, + 0x61, 0x37, 0x36, 0x65, 0x62, 0x61, 0x61, 0x62, 0x2e, 0x32, 0x38, 0x39, + 0x34, 0x64, 0x34, 0x31, 0x36, 0x63, 0x39, 0x38, 0x33, 0x66, 0x31, 0x32, + 0x65, 0x64, 0x37, 0x33, 0x31, 0x61, 0x33, 0x30, 0x66, 0x35, 0x63, 0x34, + 0x34, 0x37, 0x37, 0x66, 0x65, 0x2e, 0x61, 0x63, 0x6d, 0x65, 0x2e, 0x69, + 0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, */ + + /* end of LEN2 area */ + + ss_cert_sig_leadin[] = { + /* it's saying that the signature is SHA256 + RSA */ + 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, + 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, + + 0x82, + 0x02, 0x01, + 0x00, + }; + + /* (keybits / 8) bytes signature to end of LEN1 area */ + +#define SAN_A_LENGTH 78 + +LWS_VISIBLE int +lws_tls_acme_sni_cert_create(struct lws_vhost *vhost, const char *san_a, + const char *san_b) +{ + int buflen = 0x560; + uint8_t *buf = lws_malloc(buflen, "tmp cert buf"), *p = buf, *pkey_asn1; + struct lws_genrsa_ctx ctx; + struct lws_genrsa_elements el; + uint8_t digest[32]; + struct lws_genhash_ctx hash_ctx; + int pkey_asn1_len = 3 * 1024; + int n, m, keybits = lws_plat_recommended_rsa_bits(), adj; + + if (!buf) + return 1; + + n = lws_genrsa_new_keypair(vhost->context, &ctx, &el, keybits); + if (n < 0) { + lws_jwk_destroy_genrsa_elements(&el); + goto bail1; + } + + n = sizeof(ss_cert_leadin); + memcpy(p, ss_cert_leadin, n); + p += n; + + adj = (0x0556 - 0x401) + (keybits / 4) + 1; + buf[2] = adj >> 8; + buf[3] = adj & 0xff; + + adj = (0x033e - 0x201) + (keybits / 8) + 1; + buf[6] = adj >> 8; + buf[7] = adj & 0xff; + + adj = (0x0222 - 0x201) + (keybits / 8) + 1; + buf[0xc3] = adj >> 8; + buf[0xc4] = adj & 0xff; + + adj = (0x020f - 0x201) + (keybits / 8) + 1; + buf[0xd6] = adj >> 8; + buf[0xd7] = adj & 0xff; + + adj = (0x020a - 0x201) + (keybits / 8) + 1; + buf[0xdb] = adj >> 8; + buf[0xdc] = adj & 0xff; + + *p++ = ((keybits / 8) + 1) >> 8; + *p++ = ((keybits / 8) + 1) & 0xff; + + /* we need to drop 1 + (keybits / 8) bytes of n in here, 00 + key */ + + *p++ = 0x00; + memcpy(p, el.e[JWK_KEY_N].buf, el.e[JWK_KEY_N].len); + p += el.e[JWK_KEY_N].len; + + memcpy(p, ss_cert_san_leadin, sizeof(ss_cert_san_leadin)); + p += sizeof(ss_cert_san_leadin); + + /* drop in 78 bytes of san_a */ + + memcpy(p, san_a, SAN_A_LENGTH); + p += SAN_A_LENGTH; + memcpy(p, ss_cert_sig_leadin, sizeof(ss_cert_sig_leadin)); + + p[17] = ((keybits / 8) + 1) >> 8; + p[18] = ((keybits / 8) + 1) & 0xff; + + p += sizeof(ss_cert_sig_leadin); + + /* hash the cert plaintext */ + + if (lws_genhash_init(&hash_ctx, LWS_GENHASH_TYPE_SHA256)) + goto bail2; + + if (lws_genhash_update(&hash_ctx, buf, lws_ptr_diff(p, buf))) { + lws_genhash_destroy(&hash_ctx, NULL); + + goto bail2; + } + if (lws_genhash_destroy(&hash_ctx, digest)) + goto bail2; + + /* sign the hash */ + + n = lws_genrsa_public_sign(&ctx, digest, LWS_GENHASH_TYPE_SHA256, p, + buflen - lws_ptr_diff(p, buf)); + if (n < 0) + goto bail2; + p += n; + + pkey_asn1 = lws_malloc(pkey_asn1_len, "mbed crt tmp"); + if (!pkey_asn1) + goto bail2; + + m = lws_genrsa_render_pkey_asn1(&ctx, 1, pkey_asn1, pkey_asn1_len); + if (m < 0) { + lws_free(pkey_asn1); + goto bail2; + } + +// lwsl_hexdump_level(LLL_DEBUG, buf, lws_ptr_diff(p, buf)); + n = SSL_CTX_use_certificate_ASN1(vhost->tls.ssl_ctx, + lws_ptr_diff(p, buf), buf); + if (n != 1) { + lws_free(pkey_asn1); + lwsl_err("%s: generated cert failed to load 0x%x\n", + __func__, -n); + } else { + //lwsl_debug("private key\n"); + //lwsl_hexdump_level(LLL_DEBUG, pkey_asn1, n); + + /* and to use our generated private key */ + n = SSL_CTX_use_PrivateKey_ASN1(0, vhost->tls.ssl_ctx, pkey_asn1, m); + lws_free(pkey_asn1); + if (n != 1) { + lwsl_err("%s: SSL_CTX_use_PrivateKey_ASN1 failed\n", + __func__); + } + } + + lws_genrsa_destroy(&ctx); + lws_jwk_destroy_genrsa_elements(&el); + + lws_free(buf); + + return n != 1; + +bail2: + lws_genrsa_destroy(&ctx); + lws_jwk_destroy_genrsa_elements(&el); +bail1: + lws_free(buf); + + return -1; +} + +void +lws_tls_acme_sni_cert_destroy(struct lws_vhost *vhost) +{ +} + +#if defined(LWS_WITH_JWS) +static int +_rngf(void *context, unsigned char *buf, size_t len) +{ + if ((size_t)lws_get_random(context, buf, len) == len) + return 0; + + return -1; +} + +static const char *x5[] = { "C", "ST", "L", "O", "CN" }; + +/* + * CSR is output formatted as b64url(DER) + * Private key is output as a PEM in memory + */ +LWS_VISIBLE LWS_EXTERN int +lws_tls_acme_sni_csr_create(struct lws_context *context, const char *elements[], + uint8_t *dcsr, size_t csr_len, char **privkey_pem, + size_t *privkey_len) +{ + mbedtls_x509write_csr csr; + mbedtls_pk_context mpk; + int buf_size = 4096, n; + char subject[200], *p = subject, *end = p + sizeof(subject) - 1; + uint8_t *buf = malloc(buf_size); /* malloc because given to user code */ + + if (!buf) + return -1; + + mbedtls_x509write_csr_init(&csr); + + mbedtls_pk_init(&mpk); + if (mbedtls_pk_setup(&mpk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA))) { + lwsl_notice("%s: pk_setup failed\n", __func__); + goto fail; + } + + n = mbedtls_rsa_gen_key(mbedtls_pk_rsa(mpk), _rngf, context, + lws_plat_recommended_rsa_bits(), 65537); + if (n) { + lwsl_notice("%s: failed to generate keys\n", __func__); + + goto fail1; + } + + /* subject must be formatted like "C=TW,O=warmcat,CN=myserver" */ + + for (n = 0; n < (int)LWS_ARRAY_SIZE(x5); n++) { + if (p != subject) + *p++ = ','; + if (elements[n]) + p += lws_snprintf(p, end - p, "%s=%s", x5[n], + elements[n]); + } + + if (mbedtls_x509write_csr_set_subject_name(&csr, subject)) + goto fail1; + + mbedtls_x509write_csr_set_key(&csr, &mpk); + mbedtls_x509write_csr_set_md_alg(&csr, MBEDTLS_MD_SHA256); + + /* + * data is written at the end of the buffer! Use the + * return value to determine where you should start + * using the buffer + */ + n = mbedtls_x509write_csr_der(&csr, buf, buf_size, _rngf, context); + if (n < 0) { + lwsl_notice("%s: write csr der failed\n", __func__); + goto fail1; + } + + /* we have it in DER, we need it in b64URL */ + + n = lws_jws_base64_enc((char *)(buf + buf_size) - n, n, + (char *)dcsr, csr_len); + if (n < 0) + goto fail1; + + /* + * okay, the CSR is done, last we need the private key in PEM + * re-use the DER CSR buf as the result buffer since we cn do it in + * one step + */ + + if (mbedtls_pk_write_key_pem(&mpk, buf, buf_size)) { + lwsl_notice("write key pem failed\n"); + goto fail1; + } + + *privkey_pem = (char *)buf; + *privkey_len = strlen((const char *)buf); + + mbedtls_pk_free(&mpk); + mbedtls_x509write_csr_free(&csr); + + return n; + +fail1: + mbedtls_pk_free(&mpk); +fail: + mbedtls_x509write_csr_free(&csr); + free(buf); + + return -1; +} +#endif +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/ssl.c b/thirdparty/libwebsockets/tls/mbedtls/ssl.c new file mode 100644 index 0000000000..f311ef50e3 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/ssl.c @@ -0,0 +1,518 @@ +/* + * libwebsockets - mbedTLS-specific lws apis + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" +#include + +void +lws_ssl_elaborate_error(void) +{ +} + +int +lws_context_init_ssl_library(const struct lws_context_creation_info *info) +{ + lwsl_info(" Compiled with MbedTLS support\n"); + + if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) + lwsl_info(" SSL disabled: no LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT\n"); + + return 0; +} + +LWS_VISIBLE void +lws_ssl_destroy(struct lws_vhost *vhost) +{ + if (!lws_check_opt(vhost->context->options, + LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) + return; + + if (vhost->tls.ssl_ctx) + SSL_CTX_free(vhost->tls.ssl_ctx); + if (!vhost->tls.user_supplied_ssl_ctx && vhost->tls.ssl_client_ctx) + SSL_CTX_free(vhost->tls.ssl_client_ctx); + + if (vhost->tls.x509_client_CA) + X509_free(vhost->tls.x509_client_CA); +} + +LWS_VISIBLE int +lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, int len) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + int n = 0, m; + + if (!wsi->tls.ssl) + return lws_ssl_capable_read_no_ssl(wsi, buf, len); + + lws_stats_atomic_bump(context, pt, LWSSTATS_C_API_READ, 1); + + errno = 0; + n = SSL_read(wsi->tls.ssl, buf, len); +#if defined(LWS_WITH_ESP32) + if (!n && errno == ENOTCONN) { + lwsl_debug("%p: SSL_read ENOTCONN\n", wsi); + return LWS_SSL_CAPABLE_ERROR; + } +#endif +#if defined(LWS_WITH_STATS) + if (!wsi->seen_rx) { + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_MS_SSL_RX_DELAY, + time_in_microseconds() - wsi->accept_start_us); + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_SSL_CONNS_HAD_RX, 1); + wsi->seen_rx = 1; + } +#endif + + + lwsl_debug("%p: SSL_read says %d\n", wsi, n); + /* manpage: returning 0 means connection shut down */ + if (!n) { + wsi->socket_is_permanently_unusable = 1; + + return LWS_SSL_CAPABLE_ERROR; + } + + if (n < 0) { + m = SSL_get_error(wsi->tls.ssl, n); + lwsl_debug("%p: ssl err %d errno %d\n", wsi, m, errno); + if (m == SSL_ERROR_ZERO_RETURN || + m == SSL_ERROR_SYSCALL) + return LWS_SSL_CAPABLE_ERROR; + + if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) { + lwsl_debug("%s: WANT_READ\n", __func__); + lwsl_debug("%p: LWS_SSL_CAPABLE_MORE_SERVICE\n", wsi); + return LWS_SSL_CAPABLE_MORE_SERVICE; + } + if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) { + lwsl_debug("%s: WANT_WRITE\n", __func__); + lwsl_debug("%p: LWS_SSL_CAPABLE_MORE_SERVICE\n", wsi); + return LWS_SSL_CAPABLE_MORE_SERVICE; + } + wsi->socket_is_permanently_unusable = 1; + + return LWS_SSL_CAPABLE_ERROR; + } + + lws_stats_atomic_bump(context, pt, LWSSTATS_B_READ, n); + + if (wsi->vhost) + wsi->vhost->conn_stats.rx += n; + + /* + * if it was our buffer that limited what we read, + * check if SSL has additional data pending inside SSL buffers. + * + * Because these won't signal at the network layer with POLLIN + * and if we don't realize, this data will sit there forever + */ + if (n != len) + goto bail; + if (!wsi->tls.ssl) + goto bail; + + if (!SSL_pending(wsi->tls.ssl)) + goto bail; + + if (wsi->tls.pending_read_list_next) + return n; + if (wsi->tls.pending_read_list_prev) + return n; + if (pt->tls.pending_read_list == wsi) + return n; + + /* add us to the linked list of guys with pending ssl */ + if (pt->tls.pending_read_list) + pt->tls.pending_read_list->tls.pending_read_list_prev = wsi; + + wsi->tls.pending_read_list_next = pt->tls.pending_read_list; + wsi->tls.pending_read_list_prev = NULL; + pt->tls.pending_read_list = wsi; + + return n; +bail: + lws_ssl_remove_wsi_from_buffered_list(wsi); + + return n; +} + +LWS_VISIBLE int +lws_ssl_pending(struct lws *wsi) +{ + if (!wsi->tls.ssl) + return 0; + + return SSL_pending(wsi->tls.ssl); +} + +LWS_VISIBLE int +lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, int len) +{ + int n, m; + + if (!wsi->tls.ssl) + return lws_ssl_capable_write_no_ssl(wsi, buf, len); + + n = SSL_write(wsi->tls.ssl, buf, len); + if (n > 0) + return n; + + m = SSL_get_error(wsi->tls.ssl, n); + if (m != SSL_ERROR_SYSCALL) { + if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) { + lwsl_notice("%s: want read\n", __func__); + + return LWS_SSL_CAPABLE_MORE_SERVICE; + } + + if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) { + lws_set_blocking_send(wsi); + lwsl_notice("%s: want write\n", __func__); + + return LWS_SSL_CAPABLE_MORE_SERVICE; + } + } + + lwsl_debug("%s failed: %d\n",__func__, m); + wsi->socket_is_permanently_unusable = 1; + + return LWS_SSL_CAPABLE_ERROR; +} + +int openssl_SSL_CTX_private_data_index; + +void +lws_ssl_info_callback(const SSL *ssl, int where, int ret) +{ + struct lws *wsi; + struct lws_context *context; + struct lws_ssl_info si; + + context = (struct lws_context *)SSL_CTX_get_ex_data( + SSL_get_SSL_CTX(ssl), + openssl_SSL_CTX_private_data_index); + if (!context) + return; + wsi = wsi_from_fd(context, SSL_get_fd(ssl)); + if (!wsi) + return; + + if (!(where & wsi->vhost->tls.ssl_info_event_mask)) + return; + + si.where = where; + si.ret = ret; + + if (user_callback_handle_rxflow(wsi->protocol->callback, + wsi, LWS_CALLBACK_SSL_INFO, + wsi->user_space, &si, 0)) + lws_set_timeout(wsi, PENDING_TIMEOUT_KILLED_BY_SSL_INFO, -1); +} + + +LWS_VISIBLE int +lws_ssl_close(struct lws *wsi) +{ + lws_sockfd_type n; + + if (!wsi->tls.ssl) + return 0; /* not handled */ + +#if defined (LWS_HAVE_SSL_SET_INFO_CALLBACK) + /* kill ssl callbacks, becausse we will remove the fd from the + * table linking it to the wsi + */ + if (wsi->vhost->tls.ssl_info_event_mask) + SSL_set_info_callback(wsi->tls.ssl, NULL); +#endif + + n = SSL_get_fd(wsi->tls.ssl); + if (!wsi->socket_is_permanently_unusable) + SSL_shutdown(wsi->tls.ssl); + compatible_close(n); + SSL_free(wsi->tls.ssl); + wsi->tls.ssl = NULL; + + if (!lwsi_role_client(wsi) && + wsi->context->simultaneous_ssl_restriction && + wsi->context->simultaneous_ssl-- == + wsi->context->simultaneous_ssl_restriction) + /* we made space and can do an accept */ + lws_gate_accepts(wsi->context, 1); + +#if defined(LWS_WITH_STATS) + wsi->context->updated = 1; +#endif + + return 1; /* handled */ +} + +void +lws_ssl_SSL_CTX_destroy(struct lws_vhost *vhost) +{ + if (vhost->tls.ssl_ctx) + SSL_CTX_free(vhost->tls.ssl_ctx); + + if (!vhost->tls.user_supplied_ssl_ctx && vhost->tls.ssl_client_ctx) + SSL_CTX_free(vhost->tls.ssl_client_ctx); +#if defined(LWS_WITH_ACME) + lws_tls_acme_sni_cert_destroy(vhost); +#endif +} + +void +lws_ssl_context_destroy(struct lws_context *context) +{ +} + +lws_tls_ctx * +lws_tls_ctx_from_wsi(struct lws *wsi) +{ + if (!wsi->tls.ssl) + return NULL; + + return SSL_get_SSL_CTX(wsi->tls.ssl); +} + +enum lws_ssl_capable_status +__lws_tls_shutdown(struct lws *wsi) +{ + int n = SSL_shutdown(wsi->tls.ssl); + + lwsl_debug("SSL_shutdown=%d for fd %d\n", n, wsi->desc.sockfd); + + switch (n) { + case 1: /* successful completion */ + n = shutdown(wsi->desc.sockfd, SHUT_WR); + return LWS_SSL_CAPABLE_DONE; + + case 0: /* needs a retry */ + __lws_change_pollfd(wsi, 0, LWS_POLLIN); + return LWS_SSL_CAPABLE_MORE_SERVICE; + + default: /* fatal error, or WANT */ + n = SSL_get_error(wsi->tls.ssl, n); + if (n != SSL_ERROR_SYSCALL && n != SSL_ERROR_SSL) { + if (SSL_want_read(wsi->tls.ssl)) { + lwsl_debug("(wants read)\n"); + __lws_change_pollfd(wsi, 0, LWS_POLLIN); + return LWS_SSL_CAPABLE_MORE_SERVICE_READ; + } + if (SSL_want_write(wsi->tls.ssl)) { + lwsl_debug("(wants write)\n"); + __lws_change_pollfd(wsi, 0, LWS_POLLOUT); + return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE; + } + } + return LWS_SSL_CAPABLE_ERROR; + } +} + +static time_t +lws_tls_mbedtls_time_to_unix(mbedtls_x509_time *xtime) +{ + struct tm t; + + if (!xtime || !xtime->year || xtime->year < 0) + return (time_t)(long long)-1; + + memset(&t, 0, sizeof(t)); + + t.tm_year = xtime->year - 1900; + t.tm_mon = xtime->mon - 1; /* mbedtls months are 1+, tm are 0+ */ + t.tm_mday = xtime->day - 1; /* mbedtls days are 1+, tm are 0+ */ + t.tm_hour = xtime->hour; + t.tm_min = xtime->min; + t.tm_sec = xtime->sec; + t.tm_isdst = -1; + + return mktime(&t); +} + +static int +lws_tls_mbedtls_get_x509_name(mbedtls_x509_name *name, + union lws_tls_cert_info_results *buf, size_t len) +{ + while (name) { + if (MBEDTLS_OID_CMP(MBEDTLS_OID_AT_CN, &name->oid)) { + name = name->next; + continue; + } + + if (len - 1 < name->val.len) + return -1; + + memcpy(&buf->ns.name[0], name->val.p, name->val.len); + buf->ns.name[name->val.len] = '\0'; + buf->ns.len = name->val.len; + + return 0; + } + + return -1; +} + +static int +lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, + union lws_tls_cert_info_results *buf, size_t len) +{ + if (!x509) + return -1; + + switch (type) { + case LWS_TLS_CERT_INFO_VALIDITY_FROM: + buf->time = lws_tls_mbedtls_time_to_unix(&x509->valid_from); + if (buf->time == (time_t)(long long)-1) + return -1; + break; + + case LWS_TLS_CERT_INFO_VALIDITY_TO: + buf->time = lws_tls_mbedtls_time_to_unix(&x509->valid_to); + if (buf->time == (time_t)(long long)-1) + return -1; + break; + + case LWS_TLS_CERT_INFO_COMMON_NAME: + return lws_tls_mbedtls_get_x509_name(&x509->subject, buf, len); + + case LWS_TLS_CERT_INFO_ISSUER_NAME: + return lws_tls_mbedtls_get_x509_name(&x509->issuer, buf, len); + + case LWS_TLS_CERT_INFO_USAGE: + buf->usage = x509->key_usage; + break; + + case LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY: + { + char *p = buf->ns.name; + size_t r = len, u; + + switch (mbedtls_pk_get_type(&x509->pk)) { + case MBEDTLS_PK_RSA: + { + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(x509->pk); + + if (mbedtls_mpi_write_string(&rsa->N, 16, p, r, &u)) + return -1; + r -= u; + p += u; + if (mbedtls_mpi_write_string(&rsa->E, 16, p, r, &u)) + return -1; + + p += u; + buf->ns.len = lws_ptr_diff(p, buf->ns.name); + break; + } + case MBEDTLS_PK_ECKEY: + { + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(x509->pk); + + if (mbedtls_mpi_write_string(&ecp->Q.X, 16, p, r, &u)) + return -1; + r -= u; + p += u; + if (mbedtls_mpi_write_string(&ecp->Q.Y, 16, p, r, &u)) + return -1; + r -= u; + p += u; + if (mbedtls_mpi_write_string(&ecp->Q.Z, 16, p, r, &u)) + return -1; + p += u; + buf->ns.len = lws_ptr_diff(p, buf->ns.name); + break; + } + default: + lwsl_notice("%s: x509 has unsupported pubkey type %d\n", + __func__, + mbedtls_pk_get_type(&x509->pk)); + + return -1; + } + break; + } + + default: + return -1; + } + + return 0; +} + +LWS_VISIBLE LWS_EXTERN int +lws_tls_vhost_cert_info(struct lws_vhost *vhost, enum lws_tls_cert_info type, + union lws_tls_cert_info_results *buf, size_t len) +{ + mbedtls_x509_crt *x509 = ssl_ctx_get_mbedtls_x509_crt(vhost->tls.ssl_ctx); + + return lws_tls_mbedtls_cert_info(x509, type, buf, len); +} + +LWS_VISIBLE int +lws_tls_peer_cert_info(struct lws *wsi, enum lws_tls_cert_info type, + union lws_tls_cert_info_results *buf, size_t len) +{ + mbedtls_x509_crt *x509; + + wsi = lws_get_network_wsi(wsi); + + x509 = ssl_get_peer_mbedtls_x509_crt(wsi->tls.ssl); + + if (!x509) + return -1; + + switch (type) { + case LWS_TLS_CERT_INFO_VERIFIED: + buf->verified = SSL_get_verify_result(wsi->tls.ssl) == X509_V_OK; + return 0; + default: + return lws_tls_mbedtls_cert_info(x509, type, buf, len); + } + + return -1; +} + +static int +tops_fake_POLLIN_for_buffered_mbedtls(struct lws_context_per_thread *pt) +{ + return lws_tls_fake_POLLIN_for_buffered(pt); +} + +static int +tops_periodic_housekeeping_mbedtls(struct lws_context *context, time_t now) +{ + int n; + + n = lws_compare_time_t(context, now, context->tls.last_cert_check_s); + if ((!context->tls.last_cert_check_s || n > (24 * 60 * 60)) && + !lws_tls_check_all_cert_lifetimes(context)) + context->tls.last_cert_check_s = now; + + return 0; +} + +const struct lws_tls_ops tls_ops_mbedtls = { + /* fake_POLLIN_for_buffered */ tops_fake_POLLIN_for_buffered_mbedtls, + /* periodic_housekeeping */ tops_periodic_housekeeping_mbedtls, +}; diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl3.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl3.h new file mode 100644 index 0000000000..007b392f3e --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl3.h @@ -0,0 +1,44 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL3_H_ +#define _SSL3_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +# define SSL3_AD_CLOSE_NOTIFY 0 +# define SSL3_AD_UNEXPECTED_MESSAGE 10/* fatal */ +# define SSL3_AD_BAD_RECORD_MAC 20/* fatal */ +# define SSL3_AD_DECOMPRESSION_FAILURE 30/* fatal */ +# define SSL3_AD_HANDSHAKE_FAILURE 40/* fatal */ +# define SSL3_AD_NO_CERTIFICATE 41 +# define SSL3_AD_BAD_CERTIFICATE 42 +# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43 +# define SSL3_AD_CERTIFICATE_REVOKED 44 +# define SSL3_AD_CERTIFICATE_EXPIRED 45 +# define SSL3_AD_CERTIFICATE_UNKNOWN 46 +# define SSL3_AD_ILLEGAL_PARAMETER 47/* fatal */ + +# define SSL3_AL_WARNING 1 +# define SSL3_AL_FATAL 2 + +#define SSL3_VERSION 0x0300 + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_cert.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_cert.h new file mode 100644 index 0000000000..86cf31ad51 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_cert.h @@ -0,0 +1,55 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL_CERT_H_ +#define _SSL_CERT_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#include "ssl_types.h" + +/** + * @brief create a certification object include private key object according to input certification + * + * @param ic - input certification point + * + * @return certification object point + */ +CERT *__ssl_cert_new(CERT *ic); + +/** + * @brief create a certification object include private key object + * + * @param none + * + * @return certification object point + */ +CERT* ssl_cert_new(void); + +/** + * @brief free a certification object + * + * @param cert - certification object point + * + * @return none + */ +void ssl_cert_free(CERT *cert); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_code.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_code.h new file mode 100644 index 0000000000..80fdbb20f3 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_code.h @@ -0,0 +1,124 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL_CODE_H_ +#define _SSL_CODE_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#include "ssl3.h" +#include "tls1.h" +#include "x509_vfy.h" + +/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ +# define SSL_SENT_SHUTDOWN 1 +# define SSL_RECEIVED_SHUTDOWN 2 + +# define SSL_VERIFY_NONE 0x00 +# define SSL_VERIFY_PEER 0x01 +# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 +# define SSL_VERIFY_CLIENT_ONCE 0x04 + +/* + * The following 3 states are kept in ssl->rlayer.rstate when reads fail, you + * should not need these + */ +# define SSL_ST_READ_HEADER 0xF0 +# define SSL_ST_READ_BODY 0xF1 +# define SSL_ST_READ_DONE 0xF2 + +# define SSL_NOTHING 1 +# define SSL_WRITING 2 +# define SSL_READING 3 +# define SSL_X509_LOOKUP 4 +# define SSL_ASYNC_PAUSED 5 +# define SSL_ASYNC_NO_JOBS 6 + + +# define SSL_ERROR_NONE 0 +# define SSL_ERROR_SSL 1 +# define SSL_ERROR_WANT_READ 2 +# define SSL_ERROR_WANT_WRITE 3 +# define SSL_ERROR_WANT_X509_LOOKUP 4 +# define SSL_ERROR_SYSCALL 5/* look at error stack/return value/errno */ +# define SSL_ERROR_ZERO_RETURN 6 +# define SSL_ERROR_WANT_CONNECT 7 +# define SSL_ERROR_WANT_ACCEPT 8 +# define SSL_ERROR_WANT_ASYNC 9 +# define SSL_ERROR_WANT_ASYNC_JOB 10 + +/* Message flow states */ +typedef enum { + /* No handshake in progress */ + MSG_FLOW_UNINITED, + /* A permanent error with this connection */ + MSG_FLOW_ERROR, + /* We are about to renegotiate */ + MSG_FLOW_RENEGOTIATE, + /* We are reading messages */ + MSG_FLOW_READING, + /* We are writing messages */ + MSG_FLOW_WRITING, + /* Handshake has finished */ + MSG_FLOW_FINISHED +} MSG_FLOW_STATE; + +/* SSL subsystem states */ +typedef enum { + TLS_ST_BEFORE, + TLS_ST_OK, + DTLS_ST_CR_HELLO_VERIFY_REQUEST, + TLS_ST_CR_SRVR_HELLO, + TLS_ST_CR_CERT, + TLS_ST_CR_CERT_STATUS, + TLS_ST_CR_KEY_EXCH, + TLS_ST_CR_CERT_REQ, + TLS_ST_CR_SRVR_DONE, + TLS_ST_CR_SESSION_TICKET, + TLS_ST_CR_CHANGE, + TLS_ST_CR_FINISHED, + TLS_ST_CW_CLNT_HELLO, + TLS_ST_CW_CERT, + TLS_ST_CW_KEY_EXCH, + TLS_ST_CW_CERT_VRFY, + TLS_ST_CW_CHANGE, + TLS_ST_CW_NEXT_PROTO, + TLS_ST_CW_FINISHED, + TLS_ST_SW_HELLO_REQ, + TLS_ST_SR_CLNT_HELLO, + DTLS_ST_SW_HELLO_VERIFY_REQUEST, + TLS_ST_SW_SRVR_HELLO, + TLS_ST_SW_CERT, + TLS_ST_SW_KEY_EXCH, + TLS_ST_SW_CERT_REQ, + TLS_ST_SW_SRVR_DONE, + TLS_ST_SR_CERT, + TLS_ST_SR_KEY_EXCH, + TLS_ST_SR_CERT_VRFY, + TLS_ST_SR_NEXT_PROTO, + TLS_ST_SR_CHANGE, + TLS_ST_SR_FINISHED, + TLS_ST_SW_SESSION_TICKET, + TLS_ST_SW_CERT_STATUS, + TLS_ST_SW_CHANGE, + TLS_ST_SW_FINISHED +} OSSL_HANDSHAKE_STATE; + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_dbg.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_dbg.h new file mode 100644 index 0000000000..ad32cb92ff --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_dbg.h @@ -0,0 +1,190 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL_DEBUG_H_ +#define _SSL_DEBUG_H_ + +#include "platform/ssl_port.h" + +#ifdef __cplusplus + extern "C" { +#endif + +#ifdef CONFIG_OPENSSL_DEBUG_LEVEL + #define SSL_DEBUG_LEVEL CONFIG_OPENSSL_DEBUG_LEVEL +#else + #define SSL_DEBUG_LEVEL 0 +#endif + +#define SSL_DEBUG_ON (SSL_DEBUG_LEVEL + 1) +#define SSL_DEBUG_OFF (SSL_DEBUG_LEVEL - 1) + +#ifdef CONFIG_OPENSSL_DEBUG + #ifndef SSL_DEBUG_LOG + #error "SSL_DEBUG_LOG is not defined" + #endif + + #ifndef SSL_DEBUG_FL + #define SSL_DEBUG_FL "\n" + #endif + + #define SSL_SHOW_LOCATION() \ + SSL_DEBUG_LOG("SSL assert : %s %d\n", \ + __FILE__, __LINE__) + + #define SSL_DEBUG(level, fmt, ...) \ + { \ + if (level > SSL_DEBUG_LEVEL) { \ + SSL_DEBUG_LOG(fmt SSL_DEBUG_FL, ##__VA_ARGS__); \ + } \ + } +#else /* CONFIG_OPENSSL_DEBUG */ + #define SSL_SHOW_LOCATION() + + #define SSL_DEBUG(level, fmt, ...) +#endif /* CONFIG_OPENSSL_DEBUG */ + +/** + * OpenSSL assert function + * + * if select "CONFIG_OPENSSL_ASSERT_DEBUG", SSL_ASSERT* will show error file name and line + * if select "CONFIG_OPENSSL_ASSERT_EXIT", SSL_ASSERT* will just return error code. + * if select "CONFIG_OPENSSL_ASSERT_DEBUG_EXIT" SSL_ASSERT* will show error file name and line, + * then return error code. + * if select "CONFIG_OPENSSL_ASSERT_DEBUG_BLOCK", SSL_ASSERT* will show error file name and line, + * then block here with "while (1)" + * + * SSL_ASSERT1 may will return "-1", so function's return argument is integer. + * SSL_ASSERT2 may will return "NULL", so function's return argument is a point. + * SSL_ASSERT2 may will return nothing, so function's return argument is "void". + */ +#if defined(CONFIG_OPENSSL_ASSERT_DEBUG) + #define SSL_ASSERT1(s) \ + { \ + if (!(s)) { \ + SSL_SHOW_LOCATION(); \ + } \ + } + + #define SSL_ASSERT2(s) \ + { \ + if (!(s)) { \ + SSL_SHOW_LOCATION(); \ + } \ + } + + #define SSL_ASSERT3(s) \ + { \ + if (!(s)) { \ + SSL_SHOW_LOCATION(); \ + } \ + } +#elif defined(CONFIG_OPENSSL_ASSERT_EXIT) + #define SSL_ASSERT1(s) \ + { \ + if (!(s)) { \ + return -1; \ + } \ + } + + #define SSL_ASSERT2(s) \ + { \ + if (!(s)) { \ + return NULL; \ + } \ + } + + #define SSL_ASSERT3(s) \ + { \ + if (!(s)) { \ + return ; \ + } \ + } +#elif defined(CONFIG_OPENSSL_ASSERT_DEBUG_EXIT) + #define SSL_ASSERT1(s) \ + { \ + if (!(s)) { \ + SSL_SHOW_LOCATION(); \ + return -1; \ + } \ + } + + #define SSL_ASSERT2(s) \ + { \ + if (!(s)) { \ + SSL_SHOW_LOCATION(); \ + return NULL; \ + } \ + } + + #define SSL_ASSERT3(s) \ + { \ + if (!(s)) { \ + SSL_SHOW_LOCATION(); \ + return ; \ + } \ + } +#elif defined(CONFIG_OPENSSL_ASSERT_DEBUG_BLOCK) + #define SSL_ASSERT1(s) \ + { \ + if (!(s)) { \ + SSL_SHOW_LOCATION(); \ + while (1); \ + } \ + } + + #define SSL_ASSERT2(s) \ + { \ + if (!(s)) { \ + SSL_SHOW_LOCATION(); \ + while (1); \ + } \ + } + + #define SSL_ASSERT3(s) \ + { \ + if (!(s)) { \ + SSL_SHOW_LOCATION(); \ + while (1); \ + } \ + } +#else + #define SSL_ASSERT1(s) + #define SSL_ASSERT2(s) + #define SSL_ASSERT3(s) +#endif + +#define SSL_PLATFORM_DEBUG_LEVEL SSL_DEBUG_OFF +#define SSL_PLATFORM_ERROR_LEVEL SSL_DEBUG_ON + +#define SSL_CERT_DEBUG_LEVEL SSL_DEBUG_OFF +#define SSL_CERT_ERROR_LEVEL SSL_DEBUG_ON + +#define SSL_PKEY_DEBUG_LEVEL SSL_DEBUG_OFF +#define SSL_PKEY_ERROR_LEVEL SSL_DEBUG_ON + +#define SSL_X509_DEBUG_LEVEL SSL_DEBUG_OFF +#define SSL_X509_ERROR_LEVEL SSL_DEBUG_ON + +#define SSL_LIB_DEBUG_LEVEL SSL_DEBUG_OFF +#define SSL_LIB_ERROR_LEVEL SSL_DEBUG_ON + +#define SSL_STACK_DEBUG_LEVEL SSL_DEBUG_OFF +#define SSL_STACK_ERROR_LEVEL SSL_DEBUG_ON + +#ifdef __cplusplus + } +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_lib.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_lib.h new file mode 100644 index 0000000000..42b2de7501 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_lib.h @@ -0,0 +1,30 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL_LIB_H_ +#define _SSL_LIB_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#include "ssl_types.h" + + void _ssl_set_alpn_list(const SSL *ssl); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_methods.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_methods.h new file mode 100644 index 0000000000..cd2f8c0533 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_methods.h @@ -0,0 +1,121 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL_METHODS_H_ +#define _SSL_METHODS_H_ + +#include "ssl_types.h" + +#ifdef __cplusplus + extern "C" { +#endif + +/** + * TLS method function implement + */ +#define IMPLEMENT_TLS_METHOD_FUNC(func_name, \ + new, free, \ + handshake, shutdown, clear, \ + read, send, pending, \ + set_fd, get_fd, \ + set_bufflen, \ + get_verify_result, \ + get_state) \ + static const SSL_METHOD_FUNC func_name LOCAL_ATRR = { \ + new, \ + free, \ + handshake, \ + shutdown, \ + clear, \ + read, \ + send, \ + pending, \ + set_fd, \ + get_fd, \ + set_bufflen, \ + get_verify_result, \ + get_state \ + }; + +#define IMPLEMENT_TLS_METHOD(ver, mode, fun, func_name) \ + const SSL_METHOD* func_name(void) { \ + static const SSL_METHOD func_name##_data LOCAL_ATRR = { \ + ver, \ + mode, \ + &(fun), \ + }; \ + return &func_name##_data; \ + } + +#define IMPLEMENT_SSL_METHOD(ver, mode, fun, func_name) \ + const SSL_METHOD* func_name(void) { \ + static const SSL_METHOD func_name##_data LOCAL_ATRR = { \ + ver, \ + mode, \ + &(fun), \ + }; \ + return &func_name##_data; \ + } + +#define IMPLEMENT_X509_METHOD(func_name, \ + new, \ + free, \ + load, \ + show_info) \ + const X509_METHOD* func_name(void) { \ + static const X509_METHOD func_name##_data LOCAL_ATRR = { \ + new, \ + free, \ + load, \ + show_info \ + }; \ + return &func_name##_data; \ + } + +#define IMPLEMENT_PKEY_METHOD(func_name, \ + new, \ + free, \ + load) \ + const PKEY_METHOD* func_name(void) { \ + static const PKEY_METHOD func_name##_data LOCAL_ATRR = { \ + new, \ + free, \ + load \ + }; \ + return &func_name##_data; \ + } + +/** + * @brief get X509 object method + * + * @param none + * + * @return X509 object method point + */ +const X509_METHOD* X509_method(void); + +/** + * @brief get private key object method + * + * @param none + * + * @return private key object method point + */ +const PKEY_METHOD* EVP_PKEY_method(void); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_pkey.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_pkey.h new file mode 100644 index 0000000000..e790fcc995 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_pkey.h @@ -0,0 +1,86 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL_PKEY_H_ +#define _SSL_PKEY_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#include "ssl_types.h" + +/** + * @brief create a private key object according to input private key + * + * @param ipk - input private key point + * + * @return new private key object point + */ +EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk); + +/** + * @brief create a private key object + * + * @param none + * + * @return private key object point + */ +EVP_PKEY* EVP_PKEY_new(void); + +/** + * @brief load a character key context into system context. If '*a' is pointed to the + * private key, then load key into it. Or create a new private key object + * + * @param type - private key type + * @param a - a point pointed to a private key point + * @param pp - a point pointed to the key context memory point + * @param length - key bytes + * + * @return private key object point + */ +EVP_PKEY* d2i_PrivateKey(int type, + EVP_PKEY **a, + const unsigned char **pp, + long length); + +/** + * @brief free a private key object + * + * @param pkey - private key object point + * + * @return none + */ +void EVP_PKEY_free(EVP_PKEY *x); + +/** + * @brief load private key into the SSL + * + * @param type - private key type + * @param ssl - SSL point + * @param len - data bytes + * @param d - data point + * + * @return result + * 0 : failed + * 1 : OK + */ + int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len); + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_stack.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_stack.h new file mode 100644 index 0000000000..7a7051a026 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_stack.h @@ -0,0 +1,52 @@ +#ifndef _SSL_STACK_H_ +#define _SSL_STACK_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#include "ssl_types.h" + +#define STACK_OF(type) struct stack_st_##type + +#define SKM_DEFINE_STACK_OF(t1, t2, t3) \ + STACK_OF(t1); \ + static ossl_inline STACK_OF(t1) *sk_##t1##_new_null(void) \ + { \ + return (STACK_OF(t1) *)OPENSSL_sk_new_null(); \ + } \ + +#define DEFINE_STACK_OF(t) SKM_DEFINE_STACK_OF(t, t, t) + +/** + * @brief create a openssl stack object + * + * @param c - stack function + * + * @return openssl stack object point + */ +OPENSSL_STACK* OPENSSL_sk_new(OPENSSL_sk_compfunc c); + +/** + * @brief create a NULL function openssl stack object + * + * @param none + * + * @return openssl stack object point + */ +OPENSSL_STACK *OPENSSL_sk_new_null(void); + +/** + * @brief free openssl stack object + * + * @param openssl stack object point + * + * @return none + */ +void OPENSSL_sk_free(OPENSSL_STACK *stack); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_types.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_types.h new file mode 100644 index 0000000000..68ac748a28 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_types.h @@ -0,0 +1,303 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL_TYPES_H_ +#define _SSL_TYPES_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#include +#if defined(LWS_WITH_ESP32) +#undef MBEDTLS_CONFIG_FILE +#define MBEDTLS_CONFIG_FILE +#endif + +#include "ssl_code.h" + +typedef void SSL_CIPHER; + +typedef void X509_STORE_CTX; +typedef void X509_STORE; + +typedef void RSA; + +typedef void STACK; +typedef void BIO; + +#if defined(WIN32) || defined(_WIN32) +#define ossl_inline __inline +#else +#define ossl_inline inline +#endif + +#define SSL_METHOD_CALL(f, s, ...) s->method->func->ssl_##f(s, ##__VA_ARGS__) +#define X509_METHOD_CALL(f, x, ...) x->method->x509_##f(x, ##__VA_ARGS__) +#define EVP_PKEY_METHOD_CALL(f, k, ...) k->method->pkey_##f(k, ##__VA_ARGS__) + +typedef int (*OPENSSL_sk_compfunc)(const void *, const void *); + +struct stack_st; +typedef struct stack_st OPENSSL_STACK; + +struct ssl_method_st; +typedef struct ssl_method_st SSL_METHOD; + +struct ssl_method_func_st; +typedef struct ssl_method_func_st SSL_METHOD_FUNC; + +struct record_layer_st; +typedef struct record_layer_st RECORD_LAYER; + +struct ossl_statem_st; +typedef struct ossl_statem_st OSSL_STATEM; + +struct ssl_session_st; +typedef struct ssl_session_st SSL_SESSION; + +struct ssl_ctx_st; +typedef struct ssl_ctx_st SSL_CTX; + +struct ssl_st; +typedef struct ssl_st SSL; + +struct cert_st; +typedef struct cert_st CERT; + +struct x509_st; +typedef struct x509_st X509; + +struct X509_VERIFY_PARAM_st; +typedef struct X509_VERIFY_PARAM_st X509_VERIFY_PARAM; + +struct evp_pkey_st; +typedef struct evp_pkey_st EVP_PKEY; + +struct x509_method_st; +typedef struct x509_method_st X509_METHOD; + +struct pkey_method_st; +typedef struct pkey_method_st PKEY_METHOD; + +struct stack_st { + + char **data; + + int num_alloc; + + OPENSSL_sk_compfunc c; +}; + +struct evp_pkey_st { + + void *pkey_pm; + + const PKEY_METHOD *method; +}; + +struct x509_st { + + /* X509 certification platform private point */ + void *x509_pm; + + const X509_METHOD *method; +}; + +struct cert_st { + + int sec_level; + + X509 *x509; + + EVP_PKEY *pkey; + +}; + +struct ossl_statem_st { + + MSG_FLOW_STATE state; + + int hand_state; +}; + +struct record_layer_st { + + int rstate; + + int read_ahead; +}; + +struct ssl_session_st { + + long timeout; + + long time; + + X509 *peer; +}; + +struct X509_VERIFY_PARAM_st { + + int depth; + +}; + +typedef int (*next_proto_cb)(SSL *ssl, unsigned char **out, + unsigned char *outlen, const unsigned char *in, + unsigned int inlen, void *arg); + +struct ssl_ctx_st +{ + int version; + + int references; + + unsigned long options; + + const SSL_METHOD *method; + + CERT *cert; + + X509 *client_CA; + + const char **alpn_protos; + + next_proto_cb alpn_cb; + + int verify_mode; + + int (*default_verify_callback) (int ok, X509_STORE_CTX *ctx); + + long session_timeout; + + int read_ahead; + + int read_buffer_len; + + X509_VERIFY_PARAM param; +}; + +struct ssl_st +{ + /* protocol version(one of SSL3.0, TLS1.0, etc.) */ + int version; + + unsigned long options; + + /* shut things down(0x01 : sent, 0x02 : received) */ + int shutdown; + + CERT *cert; + + X509 *client_CA; + + SSL_CTX *ctx; + + const SSL_METHOD *method; + + const char **alpn_protos; + + RECORD_LAYER rlayer; + + /* where we are */ + OSSL_STATEM statem; + + SSL_SESSION *session; + + int verify_mode; + + int (*verify_callback) (int ok, X509_STORE_CTX *ctx); + + int rwstate; + int interrupted_remaining_write; + + long verify_result; + + X509_VERIFY_PARAM param; + + int err; + + void (*info_callback) (const SSL *ssl, int type, int val); + + /* SSL low-level system arch point */ + void *ssl_pm; +}; + +struct ssl_method_st { + /* protocol version(one of SSL3.0, TLS1.0, etc.) */ + int version; + + /* SSL mode(client(0) , server(1), not known(-1)) */ + int endpoint; + + const SSL_METHOD_FUNC *func; +}; + +struct ssl_method_func_st { + + int (*ssl_new)(SSL *ssl); + + void (*ssl_free)(SSL *ssl); + + int (*ssl_handshake)(SSL *ssl); + + int (*ssl_shutdown)(SSL *ssl); + + int (*ssl_clear)(SSL *ssl); + + int (*ssl_read)(SSL *ssl, void *buffer, int len); + + int (*ssl_send)(SSL *ssl, const void *buffer, int len); + + int (*ssl_pending)(const SSL *ssl); + + void (*ssl_set_fd)(SSL *ssl, int fd, int mode); + + int (*ssl_get_fd)(const SSL *ssl, int mode); + + void (*ssl_set_bufflen)(SSL *ssl, int len); + + long (*ssl_get_verify_result)(const SSL *ssl); + + OSSL_HANDSHAKE_STATE (*ssl_get_state)(const SSL *ssl); +}; + +struct x509_method_st { + + int (*x509_new)(X509 *x, X509 *m_x); + + void (*x509_free)(X509 *x); + + int (*x509_load)(X509 *x, const unsigned char *buf, int len); + + int (*x509_show_info)(X509 *x); +}; + +struct pkey_method_st { + + int (*pkey_new)(EVP_PKEY *pkey, EVP_PKEY *m_pkey); + + void (*pkey_free)(EVP_PKEY *pkey); + + int (*pkey_load)(EVP_PKEY *pkey, const unsigned char *buf, int len); +}; + +#define OPENSSL_NPN_NEGOTIATED 1 + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_x509.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_x509.h new file mode 100644 index 0000000000..7594d064b4 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/ssl_x509.h @@ -0,0 +1,110 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL_X509_H_ +#define _SSL_X509_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#include "ssl_types.h" +#include "ssl_stack.h" + +DEFINE_STACK_OF(X509_NAME) + +/** + * @brief create a X509 certification object according to input X509 certification + * + * @param ix - input X509 certification point + * + * @return new X509 certification object point + */ +X509* __X509_new(X509 *ix); + +/** + * @brief create a X509 certification object + * + * @param none + * + * @return X509 certification object point + */ +X509* X509_new(void); + +/** + * @brief load a character certification context into system context. If '*cert' is pointed to the + * certification, then load certification into it. Or create a new X509 certification object + * + * @param cert - a point pointed to X509 certification + * @param buffer - a point pointed to the certification context memory point + * @param length - certification bytes + * + * @return X509 certification object point + */ +X509* d2i_X509(X509 **cert, const unsigned char *buffer, long len); + +/** + * @brief free a X509 certification object + * + * @param x - X509 certification object point + * + * @return none + */ +void X509_free(X509 *x); + +/** + * @brief set SSL context client CA certification + * + * @param ctx - SSL context point + * @param x - X509 certification point + * + * @return result + * 0 : failed + * 1 : OK + */ +int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x); + +/** + * @brief add CA client certification into the SSL + * + * @param ssl - SSL point + * @param x - X509 certification point + * + * @return result + * 0 : failed + * 1 : OK + */ +int SSL_add_client_CA(SSL *ssl, X509 *x); + +/** + * @brief load certification into the SSL + * + * @param ssl - SSL point + * @param len - data bytes + * @param d - data point + * + * @return result + * 0 : failed + * 1 : OK + * + */ +int SSL_use_certificate_ASN1(SSL *ssl, int len, const unsigned char *d); + +const char *X509_verify_cert_error_string(long n); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/tls1.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/tls1.h new file mode 100644 index 0000000000..7af1b0157d --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/tls1.h @@ -0,0 +1,58 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _TLS1_H_ +#define _TLS1_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +# define TLS1_AD_DECRYPTION_FAILED 21 +# define TLS1_AD_RECORD_OVERFLOW 22 +# define TLS1_AD_UNKNOWN_CA 48/* fatal */ +# define TLS1_AD_ACCESS_DENIED 49/* fatal */ +# define TLS1_AD_DECODE_ERROR 50/* fatal */ +# define TLS1_AD_DECRYPT_ERROR 51 +# define TLS1_AD_EXPORT_RESTRICTION 60/* fatal */ +# define TLS1_AD_PROTOCOL_VERSION 70/* fatal */ +# define TLS1_AD_INSUFFICIENT_SECURITY 71/* fatal */ +# define TLS1_AD_INTERNAL_ERROR 80/* fatal */ +# define TLS1_AD_INAPPROPRIATE_FALLBACK 86/* fatal */ +# define TLS1_AD_USER_CANCELLED 90 +# define TLS1_AD_NO_RENEGOTIATION 100 +/* codes 110-114 are from RFC3546 */ +# define TLS1_AD_UNSUPPORTED_EXTENSION 110 +# define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111 +# define TLS1_AD_UNRECOGNIZED_NAME 112 +# define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113 +# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114 +# define TLS1_AD_UNKNOWN_PSK_IDENTITY 115/* fatal */ +# define TLS1_AD_NO_APPLICATION_PROTOCOL 120 /* fatal */ + +/* Special value for method supporting multiple versions */ +#define TLS_ANY_VERSION 0x10000 + +#define TLS1_VERSION 0x0301 +#define TLS1_1_VERSION 0x0302 +#define TLS1_2_VERSION 0x0303 + +#define SSL_TLSEXT_ERR_OK 0 +#define SSL_TLSEXT_ERR_NOACK 3 + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/x509_vfy.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/x509_vfy.h new file mode 100644 index 0000000000..26bf6c88a8 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/internal/x509_vfy.h @@ -0,0 +1,116 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _X509_VFY_H_ +#define _X509_VFY_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#define X509_V_OK 0 +#define X509_V_ERR_UNSPECIFIED 1 +#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 +#define X509_V_ERR_UNABLE_TO_GET_CRL 3 +#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4 +#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5 +#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6 +#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7 +#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8 +#define X509_V_ERR_CERT_NOT_YET_VALID 9 +#define X509_V_ERR_CERT_HAS_EXPIRED 10 +#define X509_V_ERR_CRL_NOT_YET_VALID 11 +#define X509_V_ERR_CRL_HAS_EXPIRED 12 +#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13 +#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14 +#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15 +#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16 +#define X509_V_ERR_OUT_OF_MEM 17 +#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18 +#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19 +#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20 +#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21 +#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22 +#define X509_V_ERR_CERT_REVOKED 23 +#define X509_V_ERR_INVALID_CA 24 +#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25 +#define X509_V_ERR_INVALID_PURPOSE 26 +#define X509_V_ERR_CERT_UNTRUSTED 27 +#define X509_V_ERR_CERT_REJECTED 28 +/* These are 'informational' when looking for issuer cert */ +#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29 +#define X509_V_ERR_AKID_SKID_MISMATCH 30 +#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31 +#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32 +#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33 +#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34 +#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35 +#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36 +#define X509_V_ERR_INVALID_NON_CA 37 +#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38 +#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39 +#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40 +#define X509_V_ERR_INVALID_EXTENSION 41 +#define X509_V_ERR_INVALID_POLICY_EXTENSION 42 +#define X509_V_ERR_NO_EXPLICIT_POLICY 43 +#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44 +#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45 +#define X509_V_ERR_UNNESTED_RESOURCE 46 +#define X509_V_ERR_PERMITTED_VIOLATION 47 +#define X509_V_ERR_EXCLUDED_VIOLATION 48 +#define X509_V_ERR_SUBTREE_MINMAX 49 +/* The application is not happy */ +#define X509_V_ERR_APPLICATION_VERIFICATION 50 +#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51 +#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52 +#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53 +#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54 +/* Another issuer check debug option */ +#define X509_V_ERR_PATH_LOOP 55 +/* Suite B mode algorithm violation */ +#define X509_V_ERR_SUITE_B_INVALID_VERSION 56 +#define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57 +#define X509_V_ERR_SUITE_B_INVALID_CURVE 58 +#define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59 +#define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60 +#define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61 +/* Host, email and IP check errors */ +#define X509_V_ERR_HOSTNAME_MISMATCH 62 +#define X509_V_ERR_EMAIL_MISMATCH 63 +#define X509_V_ERR_IP_ADDRESS_MISMATCH 64 +/* DANE TLSA errors */ +#define X509_V_ERR_DANE_NO_MATCH 65 +/* security level errors */ +#define X509_V_ERR_EE_KEY_TOO_SMALL 66 +#define X509_V_ERR_CA_KEY_TOO_SMALL 67 +#define X509_V_ERR_CA_MD_TOO_WEAK 68 +/* Caller error */ +#define X509_V_ERR_INVALID_CALL 69 +/* Issuer lookup error */ +#define X509_V_ERR_STORE_LOOKUP 70 +/* Certificate transparency */ +#define X509_V_ERR_NO_VALID_SCTS 71 + +#define X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION 72 + +typedef void X509_STORE_CTX; +int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); +int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); + + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/openssl/ssl.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/openssl/ssl.h new file mode 100755 index 0000000000..e2b74fc6af --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/openssl/ssl.h @@ -0,0 +1,1833 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL_H_ +#define _SSL_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#include +#include "internal/ssl_x509.h" +#include "internal/ssl_pkey.h" + +/* +{ +*/ + +#define SSL_CB_ALERT 0x4000 + +#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT (1 << 0) +#define X509_CHECK_FLAG_NO_WILDCARDS (1 << 1) +#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS (1 << 2) +#define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS (1 << 3) +#define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS (1 << 4) + + mbedtls_x509_crt * + ssl_ctx_get_mbedtls_x509_crt(SSL_CTX *ssl_ctx); + + mbedtls_x509_crt * + ssl_get_peer_mbedtls_x509_crt(SSL *ssl); + + int SSL_set_sni_callback(SSL *ssl, int(*cb)(void *, mbedtls_ssl_context *, + const unsigned char *, size_t), void *param); + + void SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx); + + int SSL_CTX_add_client_CA_ASN1(SSL_CTX *ssl, int len, + const unsigned char *d); + + SSL *SSL_SSL_from_mbedtls_ssl_context(mbedtls_ssl_context *msc); + +/** + * @brief create a SSL context + * + * @param method - the SSL context method point + * + * @return the context point + */ +SSL_CTX* SSL_CTX_new(const SSL_METHOD *method); + +/** + * @brief free a SSL context + * + * @param method - the SSL context point + * + * @return none + */ +void SSL_CTX_free(SSL_CTX *ctx); + +/** + * @brief create a SSL + * + * @param ctx - the SSL context point + * + * @return the SSL point + */ +SSL* SSL_new(SSL_CTX *ctx); + +/** + * @brief free the SSL + * + * @param ssl - the SSL point + * + * @return none + */ +void SSL_free(SSL *ssl); + +/** + * @brief connect to the remote SSL server + * + * @param ssl - the SSL point + * + * @return result + * 1 : OK + * -1 : failed + */ +int SSL_connect(SSL *ssl); + +/** + * @brief accept the remote connection + * + * @param ssl - the SSL point + * + * @return result + * 1 : OK + * -1 : failed + */ +int SSL_accept(SSL *ssl); + +/** + * @brief read data from to remote + * + * @param ssl - the SSL point which has been connected + * @param buffer - the received data buffer point + * @param len - the received data length + * + * @return result + * > 0 : OK, and return received data bytes + * = 0 : connection is closed + * < 0 : an error catch + */ +int SSL_read(SSL *ssl, void *buffer, int len); + +/** + * @brief send the data to remote + * + * @param ssl - the SSL point which has been connected + * @param buffer - the send data buffer point + * @param len - the send data length + * + * @return result + * > 0 : OK, and return sent data bytes + * = 0 : connection is closed + * < 0 : an error catch + */ +int SSL_write(SSL *ssl, const void *buffer, int len); + +/** + * @brief get the verifying result of the SSL certification + * + * @param ssl - the SSL point + * + * @return the result of verifying + */ +long SSL_get_verify_result(const SSL *ssl); + +/** + * @brief shutdown the connection + * + * @param ssl - the SSL point + * + * @return result + * 1 : OK + * 0 : shutdown is not finished + * -1 : an error catch + */ +int SSL_shutdown(SSL *ssl); + +/** + * @brief bind the socket file description into the SSL + * + * @param ssl - the SSL point + * @param fd - socket handle + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_set_fd(SSL *ssl, int fd); + +/** + * @brief These functions load the private key into the SSL_CTX or SSL object + * + * @param ctx - the SSL context point + * @param pkey - private key object point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); + +/** + * @brief These functions load the certification into the SSL_CTX or SSL object + * + * @param ctx - the SSL context point + * @param pkey - certification object point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); + +/** + * @brief create the target SSL context client method + * + * @param none + * + * @return the SSLV2.3 version SSL context client method + */ +const SSL_METHOD* SSLv23_client_method(void); + +/** + * @brief create the target SSL context client method + * + * @param none + * + * @return the TLSV1.0 version SSL context client method + */ +const SSL_METHOD* TLSv1_client_method(void); + +/** + * @brief create the target SSL context client method + * + * @param none + * + * @return the SSLV1.0 version SSL context client method + */ +const SSL_METHOD* SSLv3_client_method(void); + +/** + * @brief create the target SSL context client method + * + * @param none + * + * @return the TLSV1.1 version SSL context client method + */ +const SSL_METHOD* TLSv1_1_client_method(void); + +/** + * @brief create the target SSL context client method + * + * @param none + * + * @return the TLSV1.2 version SSL context client method + */ +const SSL_METHOD* TLSv1_2_client_method(void); + +/** + * @brief create the target SSL context server method + * + * @param none + * + * @return the TLS any version SSL context client method + */ +const SSL_METHOD* TLS_client_method(void); + +/** + * @brief create the target SSL context server method + * + * @param none + * + * @return the SSLV2.3 version SSL context server method + */ +const SSL_METHOD* SSLv23_server_method(void); + +/** + * @brief create the target SSL context server method + * + * @param none + * + * @return the TLSV1.1 version SSL context server method + */ +const SSL_METHOD* TLSv1_1_server_method(void); + +/** + * @brief create the target SSL context server method + * + * @param none + * + * @return the TLSV1.2 version SSL context server method + */ +const SSL_METHOD* TLSv1_2_server_method(void); + +/** + * @brief create the target SSL context server method + * + * @param none + * + * @return the TLSV1.0 version SSL context server method + */ +const SSL_METHOD* TLSv1_server_method(void); + +/** + * @brief create the target SSL context server method + * + * @param none + * + * @return the SSLV3.0 version SSL context server method + */ +const SSL_METHOD* SSLv3_server_method(void); + +/** + * @brief create the target SSL context server method + * + * @param none + * + * @return the TLS any version SSL context server method + */ +const SSL_METHOD* TLS_server_method(void); + + +/** + * @brief set the SSL context ALPN select callback function + * + * @param ctx - SSL context point + * @param cb - ALPN select callback function + * @param arg - ALPN select callback function entry private data point + * + * @return none + */ +void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, + int (*cb) (SSL *ssl, + const unsigned char **out, + unsigned char *outlen, + const unsigned char *in, + unsigned int inlen, + void *arg), + void *arg); + +void SSL_set_alpn_select_cb(SSL *ssl, void *arg); + +/** + * @brief set the SSL context ALPN select protocol + * + * @param ctx - SSL context point + * @param protos - ALPN protocol name + * @param protos_len - ALPN protocol name bytes + * + * @return result + * 0 : OK + * 1 : failed + */ +int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, unsigned int protos_len); + +/** + * @brief set the SSL context next ALPN select callback function + * + * @param ctx - SSL context point + * @param cb - ALPN select callback function + * @param arg - ALPN select callback function entry private data point + * + * @return none + */ +void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, + int (*cb) (SSL *ssl, + unsigned char **out, + unsigned char *outlen, + const unsigned char *in, + unsigned int inlen, + void *arg), + void *arg); + +void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, + unsigned int *len); + +void _ssl_set_alpn_list(const SSL *ssl); + +/** + * @brief get SSL error code + * + * @param ssl - SSL point + * @param ret_code - SSL return code + * + * @return SSL error number + */ +int SSL_get_error(const SSL *ssl, int ret_code); + +/** + * @brief clear the SSL error code + * + * @param none + * + * @return none + */ +void ERR_clear_error(void); + +/** + * @brief get the current SSL error code + * + * @param none + * + * @return current SSL error number + */ +int ERR_get_error(void); + +/** + * @brief register the SSL error strings + * + * @param none + * + * @return none + */ +void ERR_load_SSL_strings(void); + +/** + * @brief initialize the SSL library + * + * @param none + * + * @return none + */ +void SSL_library_init(void); + +/** + * @brief generates a human-readable string representing the error code e + * and store it into the "ret" point memory + * + * @param e - error code + * @param ret - memory point to store the string + * + * @return the result string point + */ +char *ERR_error_string(unsigned long e, char *ret); + +/** + * @brief add the SSL context option + * + * @param ctx - SSL context point + * @param opt - new SSL context option + * + * @return the SSL context option + */ +unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long opt); + +/** + * @brief add the SSL context mode + * + * @param ctx - SSL context point + * @param mod - new SSL context mod + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_set_mode(SSL_CTX *ctx, int mod); + +/* +} +*/ + +/** + * @brief perform the SSL handshake + * + * @param ssl - SSL point + * + * @return result + * 1 : OK + * 0 : failed + * -1 : a error catch + */ +int SSL_do_handshake(SSL *ssl); + +/** + * @brief get the SSL current version + * + * @param ssl - SSL point + * + * @return the version string + */ +const char *SSL_get_version(const SSL *ssl); + +/** + * @brief set the SSL context version + * + * @param ctx - SSL context point + * @param meth - SSL method point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); + +/** + * @brief get the bytes numbers which are to be read + * + * @param ssl - SSL point + * + * @return bytes number + */ +int SSL_pending(const SSL *ssl); + +/** + * @brief check if SSL want nothing + * + * @param ssl - SSL point + * + * @return result + * 0 : false + * 1 : true + */ +int SSL_want_nothing(const SSL *ssl); + +/** + * @brief check if SSL want to read + * + * @param ssl - SSL point + * + * @return result + * 0 : false + * 1 : true + */ +int SSL_want_read(const SSL *ssl); + +/** + * @brief check if SSL want to write + * + * @param ssl - SSL point + * + * @return result + * 0 : false + * 1 : true + */ +int SSL_want_write(const SSL *ssl); + +/** + * @brief get the SSL context current method + * + * @param ctx - SSL context point + * + * @return the SSL context current method + */ +const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx); + +/** + * @brief get the SSL current method + * + * @param ssl - SSL point + * + * @return the SSL current method + */ +const SSL_METHOD *SSL_get_ssl_method(SSL *ssl); + +/** + * @brief set the SSL method + * + * @param ssl - SSL point + * @param meth - SSL method point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *method); + +/** + * @brief add CA client certification into the SSL + * + * @param ssl - SSL point + * @param x - CA certification point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_add_client_CA(SSL *ssl, X509 *x); + +/** + * @brief add CA client certification into the SSL context + * + * @param ctx - SSL context point + * @param x - CA certification point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x); + +/** + * @brief set the SSL CA certification list + * + * @param ssl - SSL point + * @param name_list - CA certification list + * + * @return none + */ +void SSL_set_client_CA_list(SSL *ssl, STACK_OF(X509_NAME) *name_list); + +/** + * @brief set the SSL context CA certification list + * + * @param ctx - SSL context point + * @param name_list - CA certification list + * + * @return none + */ +void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list); + +/** + * @briefget the SSL CA certification list + * + * @param ssl - SSL point + * + * @return CA certification list + */ +STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *ssl); + +/** + * @brief get the SSL context CA certification list + * + * @param ctx - SSL context point + * + * @return CA certification list + */ +STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx); + +/** + * @brief get the SSL certification point + * + * @param ssl - SSL point + * + * @return SSL certification point + */ +X509 *SSL_get_certificate(const SSL *ssl); + +/** + * @brief get the SSL private key point + * + * @param ssl - SSL point + * + * @return SSL private key point + */ +EVP_PKEY *SSL_get_privatekey(const SSL *ssl); + +/** + * @brief set the SSL information callback function + * + * @param ssl - SSL point + * @param cb - information callback function + * + * @return none + */ +void SSL_set_info_callback(SSL *ssl, void (*cb) (const SSL *ssl, int type, int val)); + +/** + * @brief get the SSL state + * + * @param ssl - SSL point + * + * @return SSL state + */ +OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl); + +/** + * @brief set the SSL context read buffer length + * + * @param ctx - SSL context point + * @param len - read buffer length + * + * @return none + */ +void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len); + +/** + * @brief set the SSL read buffer length + * + * @param ssl - SSL point + * @param len - read buffer length + * + * @return none + */ +void SSL_set_default_read_buffer_len(SSL *ssl, size_t len); + +/** + * @brief set the SSL security level + * + * @param ssl - SSL point + * @param level - security level + * + * @return none + */ +void SSL_set_security_level(SSL *ssl, int level); + +/** + * @brief get the SSL security level + * + * @param ssl - SSL point + * + * @return security level + */ +int SSL_get_security_level(const SSL *ssl); + +/** + * @brief get the SSL verifying mode of the SSL context + * + * @param ctx - SSL context point + * + * @return verifying mode + */ +int SSL_CTX_get_verify_mode(const SSL_CTX *ctx); + +/** + * @brief get the SSL verifying depth of the SSL context + * + * @param ctx - SSL context point + * + * @return verifying depth + */ +int SSL_CTX_get_verify_depth(const SSL_CTX *ctx); + +/** + * @brief set the SSL context verifying of the SSL context + * + * @param ctx - SSL context point + * @param mode - verifying mode + * @param verify_callback - verifying callback function + * + * @return none + */ +void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*verify_callback)(int, X509_STORE_CTX *)); + +/** + * @brief set the SSL verifying of the SSL context + * + * @param ctx - SSL point + * @param mode - verifying mode + * @param verify_callback - verifying callback function + * + * @return none + */ +void SSL_set_verify(SSL *s, int mode, int (*verify_callback)(int, X509_STORE_CTX *)); + +/** + * @brief set the SSL verify depth of the SSL context + * + * @param ctx - SSL context point + * @param depth - verifying depth + * + * @return none + */ +void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth); + +/** + * @brief certification verifying callback function + * + * @param preverify_ok - verifying result + * @param x509_ctx - X509 certification point + * + * @return verifying result + */ +int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx); + +/** + * @brief set the session timeout time + * + * @param ctx - SSL context point + * @param t - new session timeout time + * + * @return old session timeout time + */ +long SSL_CTX_set_timeout(SSL_CTX *ctx, long t); + +/** + * @brief get the session timeout time + * + * @param ctx - SSL context point + * + * @return current session timeout time + */ +long SSL_CTX_get_timeout(const SSL_CTX *ctx); + +/** + * @brief set the SSL context cipher through the list string + * + * @param ctx - SSL context point + * @param str - cipher controller list string + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str); + +/** + * @brief set the SSL cipher through the list string + * + * @param ssl - SSL point + * @param str - cipher controller list string + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_set_cipher_list(SSL *ssl, const char *str); + +/** + * @brief get the SSL cipher list string + * + * @param ssl - SSL point + * + * @return cipher controller list string + */ +const char *SSL_get_cipher_list(const SSL *ssl, int n); + +/** + * @brief get the SSL cipher + * + * @param ssl - SSL point + * + * @return current cipher + */ +const SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl); + +/** + * @brief get the SSL cipher string + * + * @param ssl - SSL point + * + * @return cipher string + */ +const char *SSL_get_cipher(const SSL *ssl); + +/** + * @brief get the SSL context object X509 certification storage + * + * @param ctx - SSL context point + * + * @return x509 certification storage + */ +X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx); + +/** + * @brief set the SSL context object X509 certification store + * + * @param ctx - SSL context point + * @param store - X509 certification store + * + * @return none + */ +void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store); + +/** + * @brief get the SSL specifical statement + * + * @param ssl - SSL point + * + * @return specifical statement + */ +int SSL_want(const SSL *ssl); + +/** + * @brief check if the SSL is SSL_X509_LOOKUP state + * + * @param ssl - SSL point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_want_x509_lookup(const SSL *ssl); + +/** + * @brief reset the SSL + * + * @param ssl - SSL point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_clear(SSL *ssl); + +/** + * @brief get the socket handle of the SSL + * + * @param ssl - SSL point + * + * @return result + * >= 0 : yes, and return socket handle + * < 0 : a error catch + */ +int SSL_get_fd(const SSL *ssl); + +/** + * @brief get the read only socket handle of the SSL + * + * @param ssl - SSL point + * + * @return result + * >= 0 : yes, and return socket handle + * < 0 : a error catch + */ +int SSL_get_rfd(const SSL *ssl); + +/** + * @brief get the write only socket handle of the SSL + * + * @param ssl - SSL point + * + * @return result + * >= 0 : yes, and return socket handle + * < 0 : a error catch + */ +int SSL_get_wfd(const SSL *ssl); + +/** + * @brief set the SSL if we can read as many as data + * + * @param ssl - SSL point + * @param yes - enable the function + * + * @return none + */ +void SSL_set_read_ahead(SSL *s, int yes); + +/** + * @brief set the SSL context if we can read as many as data + * + * @param ctx - SSL context point + * @param yes - enbale the function + * + * @return none + */ +void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes); + +/** + * @brief get the SSL ahead signal if we can read as many as data + * + * @param ssl - SSL point + * + * @return SSL context ahead signal + */ +int SSL_get_read_ahead(const SSL *ssl); + +/** + * @brief get the SSL context ahead signal if we can read as many as data + * + * @param ctx - SSL context point + * + * @return SSL context ahead signal + */ +long SSL_CTX_get_read_ahead(SSL_CTX *ctx); + +/** + * @brief check if some data can be read + * + * @param ssl - SSL point + * + * @return + * 1 : there are bytes to be read + * 0 : no data + */ +int SSL_has_pending(const SSL *ssl); + +/** + * @brief load the X509 certification into SSL context + * + * @param ctx - SSL context point + * @param x - X509 certification point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);//loads the certificate x into ctx + +/** + * @brief load the ASN1 certification into SSL context + * + * @param ctx - SSL context point + * @param len - certification length + * @param d - data point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d); + +/** + * @brief load the certification file into SSL context + * + * @param ctx - SSL context point + * @param file - certification file name + * @param type - certification encoding type + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type); + +/** + * @brief load the certification chain file into SSL context + * + * @param ctx - SSL context point + * @param file - certification chain file name + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); + + +/** + * @brief load the ASN1 private key into SSL context + * + * @param ctx - SSL context point + * @param d - data point + * @param len - private key length + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, const unsigned char *d, long len);//adds the private key of type pk stored at memory location d (length len) to ctx + +/** + * @brief load the private key file into SSL context + * + * @param ctx - SSL context point + * @param file - private key file name + * @param type - private key encoding type + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type); + +/** + * @brief load the RSA private key into SSL context + * + * @param ctx - SSL context point + * @param x - RSA private key point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); + +/** + * @brief load the RSA ASN1 private key into SSL context + * + * @param ctx - SSL context point + * @param d - data point + * @param len - RSA private key length + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len); + +/** + * @brief load the RSA private key file into SSL context + * + * @param ctx - SSL context point + * @param file - RSA private key file name + * @param type - private key encoding type + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type); + + +/** + * @brief check if the private key and certification is matched + * + * @param ctx - SSL context point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_check_private_key(const SSL_CTX *ctx); + +/** + * @brief set the SSL context server information + * + * @param ctx - SSL context point + * @param serverinfo - server information string + * @param serverinfo_length - server information length + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo, size_t serverinfo_length); + +/** + * @brief load the SSL context server infomation file into SSL context + * + * @param ctx - SSL context point + * @param file - server information file + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file); + +/** + * @brief SSL select next function + * + * @param out - point of output data point + * @param outlen - output data length + * @param in - input data + * @param inlen - input data length + * @param client - client data point + * @param client_len -client data length + * + * @return NPN state + * OPENSSL_NPN_UNSUPPORTED : not support + * OPENSSL_NPN_NEGOTIATED : negotiated + * OPENSSL_NPN_NO_OVERLAP : no overlap + */ +int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, + const unsigned char *in, unsigned int inlen, + const unsigned char *client, unsigned int client_len); + +/** + * @brief load the extra certification chain into the SSL context + * + * @param ctx - SSL context point + * @param x509 - X509 certification + * + * @return result + * 1 : OK + * 0 : failed + */ +long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *); + +/** + * @brief control the SSL context + * + * @param ctx - SSL context point + * @param cmd - command + * @param larg - parameter length + * @param parg - parameter point + * + * @return result + * 1 : OK + * 0 : failed + */ +long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg); + +/** + * @brief get the SSL context cipher + * + * @param ctx - SSL context point + * + * @return SSL context cipher + */ +STACK *SSL_CTX_get_ciphers(const SSL_CTX *ctx); + +/** + * @brief check if the SSL context can read as many as data + * + * @param ctx - SSL context point + * + * @return result + * 1 : OK + * 0 : failed + */ +long SSL_CTX_get_default_read_ahead(SSL_CTX *ctx); + +/** + * @brief get the SSL context extra data + * + * @param ctx - SSL context point + * @param idx - index + * + * @return data point + */ +char *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx); + +/** + * @brief get the SSL context quiet shutdown option + * + * @param ctx - SSL context point + * + * @return quiet shutdown option + */ +int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx); + +/** + * @brief load the SSL context CA file + * + * @param ctx - SSL context point + * @param CAfile - CA certification file + * @param CApath - CA certification file path + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath); + +/** + * @brief add SSL context reference count by '1' + * + * @param ctx - SSL context point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_up_ref(SSL_CTX *ctx); + +/** + * @brief set SSL context application private data + * + * @param ctx - SSL context point + * @param arg - private data + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_set_app_data(SSL_CTX *ctx, void *arg); + +/** + * @brief set SSL context client certification callback function + * + * @param ctx - SSL context point + * @param cb - callback function + * + * @return none + */ +void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); + +/** + * @brief set the SSL context if we can read as many as data + * + * @param ctx - SSL context point + * @param m - enable the fuction + * + * @return none + */ +void SSL_CTX_set_default_read_ahead(SSL_CTX *ctx, int m); + +/** + * @brief set SSL context default verifying path + * + * @param ctx - SSL context point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx); + +/** + * @brief set SSL context default verifying directory + * + * @param ctx - SSL context point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx); + +/** + * @brief set SSL context default verifying file + * + * @param ctx - SSL context point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_set_default_verify_file(SSL_CTX *ctx); + +/** + * @brief set SSL context extra data + * + * @param ctx - SSL context point + * @param idx - data index + * @param arg - data point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, char *arg); + +/** + * @brief clear the SSL context option bit of "op" + * + * @param ctx - SSL context point + * @param op - option + * + * @return SSL context option + */ +unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op); + +/** + * @brief get the SSL context option + * + * @param ctx - SSL context point + * @param op - option + * + * @return SSL context option + */ +unsigned long SSL_CTX_get_options(SSL_CTX *ctx); + +/** + * @brief set the SSL context quiet shutdown mode + * + * @param ctx - SSL context point + * @param mode - mode + * + * @return none + */ +void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode); + +/** + * @brief get the SSL context X509 certification + * + * @param ctx - SSL context point + * + * @return X509 certification + */ +X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx); + +/** + * @brief get the SSL context private key + * + * @param ctx - SSL context point + * + * @return private key + */ +EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx); + +/** + * @brief set SSL context PSK identity hint + * + * @param ctx - SSL context point + * @param hint - PSK identity hint + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint); + +/** + * @brief set SSL context PSK server callback function + * + * @param ctx - SSL context point + * @param callback - callback function + * + * @return none + */ +void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, + unsigned int (*callback)(SSL *ssl, + const char *identity, + unsigned char *psk, + int max_psk_len)); +/** + * @brief get alert description string + * + * @param value - alert value + * + * @return alert description string + */ +const char *SSL_alert_desc_string(int value); + +/** + * @brief get alert description long string + * + * @param value - alert value + * + * @return alert description long string + */ +const char *SSL_alert_desc_string_long(int value); + +/** + * @brief get alert type string + * + * @param value - alert value + * + * @return alert type string + */ +const char *SSL_alert_type_string(int value); + +/** + * @brief get alert type long string + * + * @param value - alert value + * + * @return alert type long string + */ +const char *SSL_alert_type_string_long(int value); + +/** + * @brief get SSL context of the SSL + * + * @param ssl - SSL point + * + * @return SSL context + */ +SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl); + +/** + * @brief get SSL application data + * + * @param ssl - SSL point + * + * @return application data + */ +char *SSL_get_app_data(SSL *ssl); + +/** + * @brief get SSL cipher bits + * + * @param ssl - SSL point + * @param alg_bits - algorithm bits + * + * @return strength bits + */ +int SSL_get_cipher_bits(const SSL *ssl, int *alg_bits); + +/** + * @brief get SSL cipher name + * + * @param ssl - SSL point + * + * @return SSL cipher name + */ +char *SSL_get_cipher_name(const SSL *ssl); + +/** + * @brief get SSL cipher version + * + * @param ssl - SSL point + * + * @return SSL cipher version + */ +char *SSL_get_cipher_version(const SSL *ssl); + +/** + * @brief get SSL extra data + * + * @param ssl - SSL point + * @param idx - data index + * + * @return extra data + */ +char *SSL_get_ex_data(const SSL *ssl, int idx); + +/** + * @brief get index of the SSL extra data X509 storage context + * + * @param none + * + * @return data index + */ +int SSL_get_ex_data_X509_STORE_CTX_idx(void); + +/** + * @brief get peer certification chain + * + * @param ssl - SSL point + * + * @return certification chain + */ +STACK *SSL_get_peer_cert_chain(const SSL *ssl); + +/** + * @brief get peer certification + * + * @param ssl - SSL point + * + * @return certification + */ +X509 *SSL_get_peer_certificate(const SSL *ssl); + +/** + * @brief get SSL quiet shutdown mode + * + * @param ssl - SSL point + * + * @return quiet shutdown mode + */ +int SSL_get_quiet_shutdown(const SSL *ssl); + +/** + * @brief get SSL read only IO handle + * + * @param ssl - SSL point + * + * @return IO handle + */ +BIO *SSL_get_rbio(const SSL *ssl); + +/** + * @brief get SSL shared ciphers + * + * @param ssl - SSL point + * @param buf - buffer to store the ciphers + * @param len - buffer len + * + * @return shared ciphers + */ +char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len); + +/** + * @brief get SSL shutdown mode + * + * @param ssl - SSL point + * + * @return shutdown mode + */ +int SSL_get_shutdown(const SSL *ssl); + +/** + * @brief get SSL session time + * + * @param ssl - SSL point + * + * @return session time + */ +long SSL_get_time(const SSL *ssl); + +/** + * @brief get SSL session timeout time + * + * @param ssl - SSL point + * + * @return session timeout time + */ +long SSL_get_timeout(const SSL *ssl); + +/** + * @brief get SSL verifying mode + * + * @param ssl - SSL point + * + * @return verifying mode + */ +int SSL_get_verify_mode(const SSL *ssl); + +/** + * @brief get SSL verify parameters + * + * @param ssl - SSL point + * + * @return verify parameters + */ +X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl); + +/** + * @brief set expected hostname the peer cert CN should have + * + * @param param - verify parameters from SSL_get0_param() + * + * @param name - the expected hostname + * + * @param namelen - the length of the hostname, or 0 if NUL terminated + * + * @return verify parameters + */ +int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, + const char *name, size_t namelen); + +/** + * @brief set parameters for X509 host verify action + * + * @param param -verify parameters from SSL_get0_param() + * + * @param flags - bitfield of X509_CHECK_FLAG_... parameters to set + * + * @return 1 for success, 0 for failure + */ +int X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, + unsigned long flags); + +/** + * @brief clear parameters for X509 host verify action + * + * @param param -verify parameters from SSL_get0_param() + * + * @param flags - bitfield of X509_CHECK_FLAG_... parameters to clear + * + * @return 1 for success, 0 for failure + */ +int X509_VERIFY_PARAM_clear_hostflags(X509_VERIFY_PARAM *param, + unsigned long flags); + +/** + * @brief get SSL write only IO handle + * + * @param ssl - SSL point + * + * @return IO handle + */ +BIO *SSL_get_wbio(const SSL *ssl); + +/** + * @brief load SSL client CA certification file + * + * @param file - file name + * + * @return certification loading object + */ +STACK *SSL_load_client_CA_file(const char *file); + +/** + * @brief add SSL reference by '1' + * + * @param ssl - SSL point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_up_ref(SSL *ssl); + +/** + * @brief read and put data into buf, but not clear the SSL low-level storage + * + * @param ssl - SSL point + * @param buf - storage buffer point + * @param num - data bytes + * + * @return result + * > 0 : OK, and return read bytes + * = 0 : connect is closed + * < 0 : a error catch + */ +int SSL_peek(SSL *ssl, void *buf, int num); + +/** + * @brief make SSL renegotiate + * + * @param ssl - SSL point + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_renegotiate(SSL *ssl); + +/** + * @brief get the state string where SSL is reading + * + * @param ssl - SSL point + * + * @return state string + */ +const char *SSL_rstate_string(SSL *ssl); + +/** + * @brief get the statement long string where SSL is reading + * + * @param ssl - SSL point + * + * @return statement long string + */ +const char *SSL_rstate_string_long(SSL *ssl); + +/** + * @brief set SSL accept statement + * + * @param ssl - SSL point + * + * @return none + */ +void SSL_set_accept_state(SSL *ssl); + +/** + * @brief set SSL application data + * + * @param ssl - SSL point + * @param arg - SSL application data point + * + * @return none + */ +void SSL_set_app_data(SSL *ssl, char *arg); + +/** + * @brief set SSL BIO + * + * @param ssl - SSL point + * @param rbio - read only IO + * @param wbio - write only IO + * + * @return none + */ +void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio); + +/** + * @brief clear SSL option + * + * @param ssl - SSL point + * @param op - clear option + * + * @return SSL option + */ +unsigned long SSL_clear_options(SSL *ssl, unsigned long op); + +/** + * @brief get SSL option + * + * @param ssl - SSL point + * + * @return SSL option + */ +unsigned long SSL_get_options(SSL *ssl); + +/** + * @brief clear SSL option + * + * @param ssl - SSL point + * @param op - setting option + * + * @return SSL option + */ +unsigned long SSL_set_options(SSL *ssl, unsigned long op); + +/** + * @brief set SSL quiet shutdown mode + * + * @param ssl - SSL point + * @param mode - quiet shutdown mode + * + * @return none + */ +void SSL_set_quiet_shutdown(SSL *ssl, int mode); + +/** + * @brief set SSL shutdown mode + * + * @param ssl - SSL point + * @param mode - shutdown mode + * + * @return none + */ +void SSL_set_shutdown(SSL *ssl, int mode); + +/** + * @brief set SSL session time + * + * @param ssl - SSL point + * @param t - session time + * + * @return session time + */ +void SSL_set_time(SSL *ssl, long t); + +/** + * @brief set SSL session timeout time + * + * @param ssl - SSL point + * @param t - session timeout time + * + * @return session timeout time + */ +void SSL_set_timeout(SSL *ssl, long t); + +/** + * @brief get SSL statement string + * + * @param ssl - SSL point + * + * @return SSL statement string + */ +char *SSL_state_string(const SSL *ssl); + +/** + * @brief get SSL statement long string + * + * @param ssl - SSL point + * + * @return SSL statement long string + */ +char *SSL_state_string_long(const SSL *ssl); + +/** + * @brief get SSL renegotiation count + * + * @param ssl - SSL point + * + * @return renegotiation count + */ +long SSL_total_renegotiations(SSL *ssl); + +/** + * @brief get SSL version + * + * @param ssl - SSL point + * + * @return SSL version + */ +int SSL_version(const SSL *ssl); + +/** + * @brief set SSL PSK identity hint + * + * @param ssl - SSL point + * @param hint - identity hint + * + * @return result + * 1 : OK + * 0 : failed + */ +int SSL_use_psk_identity_hint(SSL *ssl, const char *hint); + +/** + * @brief get SSL PSK identity hint + * + * @param ssl - SSL point + * + * @return identity hint + */ +const char *SSL_get_psk_identity_hint(SSL *ssl); + +/** + * @brief get SSL PSK identity + * + * @param ssl - SSL point + * + * @return identity + */ +const char *SSL_get_psk_identity(SSL *ssl); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_pm.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_pm.h new file mode 100644 index 0000000000..cbbe3aa3a2 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_pm.h @@ -0,0 +1,61 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL_PM_H_ +#define _SSL_PM_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#include +#include "ssl_types.h" +#include "ssl_port.h" + +#define LOCAL_ATRR + +int ssl_pm_new(SSL *ssl); +void ssl_pm_free(SSL *ssl); + +int ssl_pm_handshake(SSL *ssl); +int ssl_pm_shutdown(SSL *ssl); +int ssl_pm_clear(SSL *ssl); + +int ssl_pm_read(SSL *ssl, void *buffer, int len); +int ssl_pm_send(SSL *ssl, const void *buffer, int len); +int ssl_pm_pending(const SSL *ssl); + +void ssl_pm_set_fd(SSL *ssl, int fd, int mode); +int ssl_pm_get_fd(const SSL *ssl, int mode); + +OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl); + +void ssl_pm_set_bufflen(SSL *ssl, int len); + +int x509_pm_show_info(X509 *x); +int x509_pm_new(X509 *x, X509 *m_x); +void x509_pm_free(X509 *x); +int x509_pm_load(X509 *x, const unsigned char *buffer, int len); + +int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pk); +void pkey_pm_free(EVP_PKEY *pk); +int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len); + +long ssl_pm_get_verify_result(const SSL *ssl); + +#ifdef __cplusplus + } +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_port.h b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_port.h new file mode 100644 index 0000000000..74c7634355 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/include/platform/ssl_port.h @@ -0,0 +1,46 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef _SSL_PORT_H_ +#define _SSL_PORT_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +#include "string.h" +#include "stdlib.h" +#if defined(LWS_HAVE_MALLOC_H) +#include "malloc.h" +#endif + +void *ssl_mem_zalloc(size_t size); + +#define ssl_mem_malloc malloc +#define ssl_mem_free free + +#define ssl_memcpy memcpy +#define ssl_strlen strlen + +#define ssl_speed_up_enter() +#define ssl_speed_up_exit() + +#define SSL_DEBUG_FL +#define SSL_DEBUG_LOG(fmt, ...) ESP_LOGI("openssl", fmt, ##__VA_ARGS__) + +#ifdef __cplusplus + } +#endif + +#endif diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_cert.c b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_cert.c new file mode 100644 index 0000000000..5c608125ac --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_cert.c @@ -0,0 +1,87 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "ssl_cert.h" +#include "ssl_pkey.h" +#include "ssl_x509.h" +#include "ssl_dbg.h" +#include "ssl_port.h" + +/** + * @brief create a certification object according to input certification + */ +CERT *__ssl_cert_new(CERT *ic) +{ + CERT *cert; + + X509 *ix; + EVP_PKEY *ipk; + + cert = ssl_mem_zalloc(sizeof(CERT)); + if (!cert) { + SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "no enough memory > (cert)"); + goto no_mem; + } + + if (ic) { + ipk = ic->pkey; + ix = ic->x509; + } else { + ipk = NULL; + ix = NULL; + } + + cert->pkey = __EVP_PKEY_new(ipk); + if (!cert->pkey) { + SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "__EVP_PKEY_new() return NULL"); + goto pkey_err; + } + + cert->x509 = __X509_new(ix); + if (!cert->x509) { + SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "__X509_new() return NULL"); + goto x509_err; + } + + return cert; + +x509_err: + EVP_PKEY_free(cert->pkey); +pkey_err: + ssl_mem_free(cert); +no_mem: + return NULL; +} + +/** + * @brief create a certification object include private key object + */ +CERT *ssl_cert_new(void) +{ + return __ssl_cert_new(NULL); +} + +/** + * @brief free a certification object + */ +void ssl_cert_free(CERT *cert) +{ + SSL_ASSERT3(cert); + + X509_free(cert->x509); + + EVP_PKEY_free(cert->pkey); + + ssl_mem_free(cert); +} diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_lib.c b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_lib.c new file mode 100644 index 0000000000..2f688ca9ef --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_lib.c @@ -0,0 +1,1736 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "ssl_lib.h" +#include "ssl_pkey.h" +#include "ssl_x509.h" +#include "ssl_cert.h" +#include "ssl_dbg.h" +#include "ssl_port.h" + +char * +lws_strncpy(char *dest, const char *src, size_t size); + +#define SSL_SEND_DATA_MAX_LENGTH 1460 + +/** + * @brief create a new SSL session object + */ +static SSL_SESSION* SSL_SESSION_new(void) +{ + SSL_SESSION *session; + + session = ssl_mem_zalloc(sizeof(SSL_SESSION)); + if (!session) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no enough memory > (session)"); + goto failed1; + } + + session->peer = X509_new(); + if (!session->peer) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "X509_new() return NULL"); + goto failed2; + } + + return session; + +failed2: + ssl_mem_free(session); +failed1: + return NULL; +} + +/** + * @brief free a new SSL session object + */ +static void SSL_SESSION_free(SSL_SESSION *session) +{ + X509_free(session->peer); + ssl_mem_free(session); +} + +/** + * @brief Discover whether the current connection is in the error state + */ +int ossl_statem_in_error(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + if (ssl->statem.state == MSG_FLOW_ERROR) + return 1; + + return 0; +} + +/** + * @brief get the SSL specifical statement + */ +int SSL_want(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + return ssl->rwstate; +} + +/** + * @brief check if SSL want nothing + */ +int SSL_want_nothing(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + if (ssl->err) + return 1; + + return (SSL_want(ssl) == SSL_NOTHING); +} + +/** + * @brief check if SSL want to read + */ +int SSL_want_read(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + if (ssl->err) + return 0; + + return (SSL_want(ssl) == SSL_READING); +} + +/** + * @brief check if SSL want to write + */ +int SSL_want_write(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + if (ssl->err) + return 0; + + return (SSL_want(ssl) == SSL_WRITING); +} + +/** + * @brief check if SSL want to lookup X509 certification + */ +int SSL_want_x509_lookup(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + return (SSL_want(ssl) == SSL_WRITING); +} + +/** + * @brief get SSL error code + */ +int SSL_get_error(const SSL *ssl, int ret_code) +{ + int ret = SSL_ERROR_SYSCALL; + + SSL_ASSERT1(ssl); + + if (ret_code > 0) + ret = SSL_ERROR_NONE; + else if (ret_code < 0) + { + if (ssl->err == SSL_ERROR_WANT_READ || SSL_want_read(ssl)) + ret = SSL_ERROR_WANT_READ; + else if (ssl->err == SSL_ERROR_WANT_WRITE || SSL_want_write(ssl)) + ret = SSL_ERROR_WANT_WRITE; + else + ret = SSL_ERROR_SYSCALL; //unknown + } + else // ret_code == 0 + { + if (ssl->shutdown & SSL_RECEIVED_SHUTDOWN) + ret = SSL_ERROR_ZERO_RETURN; + else + ret = SSL_ERROR_SYSCALL; + } + + return ret; +} + +/** + * @brief get the SSL state + */ +OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl) +{ + OSSL_HANDSHAKE_STATE state; + + SSL_ASSERT1(ssl); + + state = SSL_METHOD_CALL(get_state, ssl); + + return state; +} + +/** + * @brief create a SSL context + */ +SSL_CTX* SSL_CTX_new(const SSL_METHOD *method) +{ + SSL_CTX *ctx; + CERT *cert; + X509 *client_ca; + + if (!method) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no no_method"); + return NULL; + } + + client_ca = X509_new(); + if (!client_ca) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "X509_new() return NULL"); + goto failed1; + } + + cert = ssl_cert_new(); + if (!cert) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "ssl_cert_new() return NULL"); + goto failed2; + } + + ctx = (SSL_CTX *)ssl_mem_zalloc(sizeof(SSL_CTX)); + if (!ctx) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no enough memory > (ctx)"); + goto failed3; + } + + ctx->method = method; + ctx->client_CA = client_ca; + ctx->cert = cert; + + ctx->version = method->version; + + return ctx; + +failed3: + ssl_cert_free(cert); +failed2: + X509_free(client_ca); +failed1: + return NULL; +} + +/** + * @brief free a SSL context + */ +void SSL_CTX_free(SSL_CTX* ctx) +{ + SSL_ASSERT3(ctx); + + ssl_cert_free(ctx->cert); + + X509_free(ctx->client_CA); + + if (ctx->alpn_protos) + ssl_mem_free(ctx->alpn_protos); + + ssl_mem_free(ctx); +} + +/** + * @brief set the SSL context version + */ +int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth) +{ + SSL_ASSERT1(ctx); + SSL_ASSERT1(meth); + + ctx->method = meth; + + ctx->version = meth->version; + + return 1; +} + +/** + * @brief get the SSL context current method + */ +const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx) +{ + SSL_ASSERT2(ctx); + + return ctx->method; +} + +/** + * @brief create a SSL + */ +SSL *SSL_new(SSL_CTX *ctx) +{ + int ret = 0; + SSL *ssl; + + if (!ctx) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no ctx"); + return NULL; + } + + ssl = (SSL *)ssl_mem_zalloc(sizeof(SSL)); + if (!ssl) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no enough memory > (ssl)"); + goto failed1; + } + + ssl->session = SSL_SESSION_new(); + if (!ssl->session) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_SESSION_new() return NULL"); + goto failed2; + } + + ssl->cert = __ssl_cert_new(ctx->cert); + if (!ssl->cert) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "__ssl_cert_new() return NULL"); + goto failed3; + } + + ssl->client_CA = __X509_new(ctx->client_CA); + if (!ssl->client_CA) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "__X509_new() return NULL"); + goto failed4; + } + + ssl->ctx = ctx; + ssl->method = ctx->method; + + ssl->version = ctx->version; + ssl->options = ctx->options; + + ssl->verify_mode = ctx->verify_mode; + + ret = SSL_METHOD_CALL(new, ssl); + if (ret) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_METHOD_CALL(new) return %d", ret); + goto failed5; + } + + _ssl_set_alpn_list(ssl); + + ssl->rwstate = SSL_NOTHING; + + return ssl; + +failed5: + X509_free(ssl->client_CA); +failed4: + ssl_cert_free(ssl->cert); +failed3: + SSL_SESSION_free(ssl->session); +failed2: + ssl_mem_free(ssl); +failed1: + return NULL; +} + +/** + * @brief free the SSL + */ +void SSL_free(SSL *ssl) +{ + SSL_ASSERT3(ssl); + + SSL_METHOD_CALL(free, ssl); + + X509_free(ssl->client_CA); + + ssl_cert_free(ssl->cert); + + SSL_SESSION_free(ssl->session); + + if (ssl->alpn_protos) + ssl_mem_free(ssl->alpn_protos); + + ssl_mem_free(ssl); +} + +/** + * @brief perform the SSL handshake + */ +int SSL_do_handshake(SSL *ssl) +{ + int ret; + + SSL_ASSERT1(ssl); + + ret = SSL_METHOD_CALL(handshake, ssl); + + return ret; +} + +/** + * @brief connect to the remote SSL server + */ +int SSL_connect(SSL *ssl) +{ + SSL_ASSERT1(ssl); + + return SSL_do_handshake(ssl); +} + +/** + * @brief accept the remote connection + */ +int SSL_accept(SSL *ssl) +{ + SSL_ASSERT1(ssl); + + return SSL_do_handshake(ssl); +} + +/** + * @brief shutdown the connection + */ +int SSL_shutdown(SSL *ssl) +{ + int ret; + + SSL_ASSERT1(ssl); + + if (SSL_get_state(ssl) != TLS_ST_OK) return 1; + + ret = SSL_METHOD_CALL(shutdown, ssl); + + return ret; +} + +/** + * @brief reset the SSL + */ +int SSL_clear(SSL *ssl) +{ + int ret; + + SSL_ASSERT1(ssl); + + ret = SSL_shutdown(ssl); + if (1 != ret) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_shutdown return %d", ret); + goto failed1; + } + + SSL_METHOD_CALL(free, ssl); + + ret = SSL_METHOD_CALL(new, ssl); + if (!ret) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_METHOD_CALL(new) return %d", ret); + goto failed1; + } + + return 1; + +failed1: + return ret; +} + +/** + * @brief read data from to remote + */ +int SSL_read(SSL *ssl, void *buffer, int len) +{ + int ret; + + SSL_ASSERT1(ssl); + SSL_ASSERT1(buffer); + SSL_ASSERT1(len); + + ssl->rwstate = SSL_READING; + + ret = SSL_METHOD_CALL(read, ssl, buffer, len); + + if (ret == len) + ssl->rwstate = SSL_NOTHING; + + return ret; +} + +/** + * @brief send the data to remote + */ +int SSL_write(SSL *ssl, const void *buffer, int len) +{ + int ret; + int send_bytes, bytes; + const unsigned char *pbuf; + + SSL_ASSERT1(ssl); + SSL_ASSERT1(buffer); + SSL_ASSERT1(len); + + ssl->rwstate = SSL_WRITING; + + send_bytes = len; + pbuf = (const unsigned char *)buffer; + + do { + if (send_bytes > SSL_SEND_DATA_MAX_LENGTH) + bytes = SSL_SEND_DATA_MAX_LENGTH; + else + bytes = send_bytes; + + if (ssl->interrupted_remaining_write) { + bytes = ssl->interrupted_remaining_write; + ssl->interrupted_remaining_write = 0; + } + + ret = SSL_METHOD_CALL(send, ssl, pbuf, bytes); + //printf("%s: ssl_pm said %d for %d requested (cum %d)\n", __func__, ret, bytes, len -send_bytes); + /* the return is a NEGATIVE OpenSSL error code, or the length sent */ + if (ret > 0) { + pbuf += ret; + send_bytes -= ret; + } else + ssl->interrupted_remaining_write = bytes; + } while (ret > 0 && send_bytes && ret == bytes); + + if (ret >= 0) { + ret = len - send_bytes; + if (!ret) + ssl->rwstate = SSL_NOTHING; + } else { + if (send_bytes == len) + ret = -1; + else + ret = len - send_bytes; + } + + return ret; +} + +/** + * @brief get SSL context of the SSL + */ +SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl) +{ + SSL_ASSERT2(ssl); + + return ssl->ctx; +} + +/** + * @brief get the SSL current method + */ +const SSL_METHOD *SSL_get_ssl_method(SSL *ssl) +{ + SSL_ASSERT2(ssl); + + return ssl->method; +} + +/** + * @brief set the SSL method + */ +int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *method) +{ + int ret; + + SSL_ASSERT1(ssl); + SSL_ASSERT1(method); + + if (ssl->version != method->version) { + + ret = SSL_shutdown(ssl); + if (1 != ret) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_shutdown return %d", ret); + goto failed1; + } + + SSL_METHOD_CALL(free, ssl); + + ssl->method = method; + + ret = SSL_METHOD_CALL(new, ssl); + if (!ret) { + SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_METHOD_CALL(new) return %d", ret); + goto failed1; + } + } else { + ssl->method = method; + } + + + return 1; + +failed1: + return ret; +} + +/** + * @brief get SSL shutdown mode + */ +int SSL_get_shutdown(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + return ssl->shutdown; +} + +/** + * @brief set SSL shutdown mode + */ +void SSL_set_shutdown(SSL *ssl, int mode) +{ + SSL_ASSERT3(ssl); + + ssl->shutdown = mode; +} + + +/** + * @brief get the number of the bytes to be read + */ +int SSL_pending(const SSL *ssl) +{ + int ret; + + SSL_ASSERT1(ssl); + + ret = SSL_METHOD_CALL(pending, ssl); + + return ret; +} + +/** + * @brief check if some data can be read + */ +int SSL_has_pending(const SSL *ssl) +{ + int ret; + + SSL_ASSERT1(ssl); + + if (SSL_pending(ssl)) + ret = 1; + else + ret = 0; + + return ret; +} + +/** + * @brief clear the SSL context option bit of "op" + */ +unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op) +{ + SSL_ASSERT1(ctx); + + return ctx->options &= ~op; +} + +/** + * @brief get the SSL context option + */ +unsigned long SSL_CTX_get_options(SSL_CTX *ctx) +{ + SSL_ASSERT1(ctx); + + return ctx->options; +} + +/** + * @brief set the option of the SSL context + */ +unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long opt) +{ + SSL_ASSERT1(ctx); + + return ctx->options |= opt; +} + +/** + * @brief clear SSL option + */ +unsigned long SSL_clear_options(SSL *ssl, unsigned long op) +{ + SSL_ASSERT1(ssl); + + return ssl->options & ~op; +} + +/** + * @brief get SSL option + */ +unsigned long SSL_get_options(SSL *ssl) +{ + SSL_ASSERT1(ssl); + + return ssl->options; +} + +/** + * @brief clear SSL option + */ +unsigned long SSL_set_options(SSL *ssl, unsigned long op) +{ + SSL_ASSERT1(ssl); + + return ssl->options |= op; +} + +/** + * @brief get the socket handle of the SSL + */ +int SSL_get_fd(const SSL *ssl) +{ + int ret; + + SSL_ASSERT1(ssl); + + ret = SSL_METHOD_CALL(get_fd, ssl, 0); + + return ret; +} + +/** + * @brief get the read only socket handle of the SSL + */ +int SSL_get_rfd(const SSL *ssl) +{ + int ret; + + SSL_ASSERT1(ssl); + + ret = SSL_METHOD_CALL(get_fd, ssl, 0); + + return ret; +} + +/** + * @brief get the write only socket handle of the SSL + */ +int SSL_get_wfd(const SSL *ssl) +{ + int ret; + + SSL_ASSERT1(ssl); + + ret = SSL_METHOD_CALL(get_fd, ssl, 0); + + return ret; +} + +/** + * @brief bind the socket file description into the SSL + */ +int SSL_set_fd(SSL *ssl, int fd) +{ + SSL_ASSERT1(ssl); + SSL_ASSERT1(fd >= 0); + + SSL_METHOD_CALL(set_fd, ssl, fd, 0); + + return 1; +} + +/** + * @brief bind the read only socket file description into the SSL + */ +int SSL_set_rfd(SSL *ssl, int fd) +{ + SSL_ASSERT1(ssl); + SSL_ASSERT1(fd >= 0); + + SSL_METHOD_CALL(set_fd, ssl, fd, 0); + + return 1; +} + +/** + * @brief bind the write only socket file description into the SSL + */ +int SSL_set_wfd(SSL *ssl, int fd) +{ + SSL_ASSERT1(ssl); + SSL_ASSERT1(fd >= 0); + + SSL_METHOD_CALL(set_fd, ssl, fd, 0); + + return 1; +} + +/** + * @brief get SSL version + */ +int SSL_version(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + return ssl->version; +} + +/** + * @brief get the SSL version string + */ +static const char* ssl_protocol_to_string(int version) +{ + const char *str; + + if (version == TLS1_2_VERSION) + str = "TLSv1.2"; + else if (version == TLS1_1_VERSION) + str = "TLSv1.1"; + else if (version == TLS1_VERSION) + str = "TLSv1"; + else if (version == SSL3_VERSION) + str = "SSLv3"; + else + str = "unknown"; + + return str; +} + +/** + * @brief get the SSL current version + */ +const char *SSL_get_version(const SSL *ssl) +{ + SSL_ASSERT2(ssl); + + return ssl_protocol_to_string(SSL_version(ssl)); +} + +/** + * @brief get alert description string + */ +const char* SSL_alert_desc_string(int value) +{ + const char *str; + + switch (value & 0xff) + { + case SSL3_AD_CLOSE_NOTIFY: + str = "CN"; + break; + case SSL3_AD_UNEXPECTED_MESSAGE: + str = "UM"; + break; + case SSL3_AD_BAD_RECORD_MAC: + str = "BM"; + break; + case SSL3_AD_DECOMPRESSION_FAILURE: + str = "DF"; + break; + case SSL3_AD_HANDSHAKE_FAILURE: + str = "HF"; + break; + case SSL3_AD_NO_CERTIFICATE: + str = "NC"; + break; + case SSL3_AD_BAD_CERTIFICATE: + str = "BC"; + break; + case SSL3_AD_UNSUPPORTED_CERTIFICATE: + str = "UC"; + break; + case SSL3_AD_CERTIFICATE_REVOKED: + str = "CR"; + break; + case SSL3_AD_CERTIFICATE_EXPIRED: + str = "CE"; + break; + case SSL3_AD_CERTIFICATE_UNKNOWN: + str = "CU"; + break; + case SSL3_AD_ILLEGAL_PARAMETER: + str = "IP"; + break; + case TLS1_AD_DECRYPTION_FAILED: + str = "DC"; + break; + case TLS1_AD_RECORD_OVERFLOW: + str = "RO"; + break; + case TLS1_AD_UNKNOWN_CA: + str = "CA"; + break; + case TLS1_AD_ACCESS_DENIED: + str = "AD"; + break; + case TLS1_AD_DECODE_ERROR: + str = "DE"; + break; + case TLS1_AD_DECRYPT_ERROR: + str = "CY"; + break; + case TLS1_AD_EXPORT_RESTRICTION: + str = "ER"; + break; + case TLS1_AD_PROTOCOL_VERSION: + str = "PV"; + break; + case TLS1_AD_INSUFFICIENT_SECURITY: + str = "IS"; + break; + case TLS1_AD_INTERNAL_ERROR: + str = "IE"; + break; + case TLS1_AD_USER_CANCELLED: + str = "US"; + break; + case TLS1_AD_NO_RENEGOTIATION: + str = "NR"; + break; + case TLS1_AD_UNSUPPORTED_EXTENSION: + str = "UE"; + break; + case TLS1_AD_CERTIFICATE_UNOBTAINABLE: + str = "CO"; + break; + case TLS1_AD_UNRECOGNIZED_NAME: + str = "UN"; + break; + case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: + str = "BR"; + break; + case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: + str = "BH"; + break; + case TLS1_AD_UNKNOWN_PSK_IDENTITY: + str = "UP"; + break; + default: + str = "UK"; + break; + } + + return str; +} + +/** + * @brief get alert description long string + */ +const char* SSL_alert_desc_string_long(int value) +{ + const char *str; + + switch (value & 0xff) + { + case SSL3_AD_CLOSE_NOTIFY: + str = "close notify"; + break; + case SSL3_AD_UNEXPECTED_MESSAGE: + str = "unexpected_message"; + break; + case SSL3_AD_BAD_RECORD_MAC: + str = "bad record mac"; + break; + case SSL3_AD_DECOMPRESSION_FAILURE: + str = "decompression failure"; + break; + case SSL3_AD_HANDSHAKE_FAILURE: + str = "handshake failure"; + break; + case SSL3_AD_NO_CERTIFICATE: + str = "no certificate"; + break; + case SSL3_AD_BAD_CERTIFICATE: + str = "bad certificate"; + break; + case SSL3_AD_UNSUPPORTED_CERTIFICATE: + str = "unsupported certificate"; + break; + case SSL3_AD_CERTIFICATE_REVOKED: + str = "certificate revoked"; + break; + case SSL3_AD_CERTIFICATE_EXPIRED: + str = "certificate expired"; + break; + case SSL3_AD_CERTIFICATE_UNKNOWN: + str = "certificate unknown"; + break; + case SSL3_AD_ILLEGAL_PARAMETER: + str = "illegal parameter"; + break; + case TLS1_AD_DECRYPTION_FAILED: + str = "decryption failed"; + break; + case TLS1_AD_RECORD_OVERFLOW: + str = "record overflow"; + break; + case TLS1_AD_UNKNOWN_CA: + str = "unknown CA"; + break; + case TLS1_AD_ACCESS_DENIED: + str = "access denied"; + break; + case TLS1_AD_DECODE_ERROR: + str = "decode error"; + break; + case TLS1_AD_DECRYPT_ERROR: + str = "decrypt error"; + break; + case TLS1_AD_EXPORT_RESTRICTION: + str = "export restriction"; + break; + case TLS1_AD_PROTOCOL_VERSION: + str = "protocol version"; + break; + case TLS1_AD_INSUFFICIENT_SECURITY: + str = "insufficient security"; + break; + case TLS1_AD_INTERNAL_ERROR: + str = "internal error"; + break; + case TLS1_AD_USER_CANCELLED: + str = "user canceled"; + break; + case TLS1_AD_NO_RENEGOTIATION: + str = "no renegotiation"; + break; + case TLS1_AD_UNSUPPORTED_EXTENSION: + str = "unsupported extension"; + break; + case TLS1_AD_CERTIFICATE_UNOBTAINABLE: + str = "certificate unobtainable"; + break; + case TLS1_AD_UNRECOGNIZED_NAME: + str = "unrecognized name"; + break; + case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: + str = "bad certificate status response"; + break; + case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: + str = "bad certificate hash value"; + break; + case TLS1_AD_UNKNOWN_PSK_IDENTITY: + str = "unknown PSK identity"; + break; + default: + str = "unknown"; + break; + } + + return str; +} + +/** + * @brief get alert type string + */ +const char *SSL_alert_type_string(int value) +{ + const char *str; + + switch (value >> 8) + { + case SSL3_AL_WARNING: + str = "W"; + break; + case SSL3_AL_FATAL: + str = "F"; + break; + default: + str = "U"; + break; + } + + return str; +} + +/** + * @brief get alert type long string + */ +const char *SSL_alert_type_string_long(int value) +{ + const char *str; + + switch (value >> 8) + { + case SSL3_AL_WARNING: + str = "warning"; + break; + case SSL3_AL_FATAL: + str = "fatal"; + break; + default: + str = "unknown"; + break; + } + + return str; +} + +/** + * @brief get the state string where SSL is reading + */ +const char *SSL_rstate_string(SSL *ssl) +{ + const char *str; + + SSL_ASSERT2(ssl); + + switch (ssl->rlayer.rstate) + { + case SSL_ST_READ_HEADER: + str = "RH"; + break; + case SSL_ST_READ_BODY: + str = "RB"; + break; + case SSL_ST_READ_DONE: + str = "RD"; + break; + default: + str = "unknown"; + break; + } + + return str; +} + +/** + * @brief get the statement long string where SSL is reading + */ +const char *SSL_rstate_string_long(SSL *ssl) +{ + const char *str = "unknown"; + + SSL_ASSERT2(ssl); + + switch (ssl->rlayer.rstate) + { + case SSL_ST_READ_HEADER: + str = "read header"; + break; + case SSL_ST_READ_BODY: + str = "read body"; + break; + case SSL_ST_READ_DONE: + str = "read done"; + break; + default: + break; + } + + return str; +} + +/** + * @brief get SSL statement string + */ +char *SSL_state_string(const SSL *ssl) +{ + char *str = "UNKWN "; + + SSL_ASSERT2(ssl); + + if (ossl_statem_in_error(ssl)) + str = "SSLERR"; + else + { + switch (SSL_get_state(ssl)) + { + case TLS_ST_BEFORE: + str = "PINIT "; + break; + case TLS_ST_OK: + str = "SSLOK "; + break; + case TLS_ST_CW_CLNT_HELLO: + str = "TWCH"; + break; + case TLS_ST_CR_SRVR_HELLO: + str = "TRSH"; + break; + case TLS_ST_CR_CERT: + str = "TRSC"; + break; + case TLS_ST_CR_KEY_EXCH: + str = "TRSKE"; + break; + case TLS_ST_CR_CERT_REQ: + str = "TRCR"; + break; + case TLS_ST_CR_SRVR_DONE: + str = "TRSD"; + break; + case TLS_ST_CW_CERT: + str = "TWCC"; + break; + case TLS_ST_CW_KEY_EXCH: + str = "TWCKE"; + break; + case TLS_ST_CW_CERT_VRFY: + str = "TWCV"; + break; + case TLS_ST_SW_CHANGE: + case TLS_ST_CW_CHANGE: + str = "TWCCS"; + break; + case TLS_ST_SW_FINISHED: + case TLS_ST_CW_FINISHED: + str = "TWFIN"; + break; + case TLS_ST_SR_CHANGE: + case TLS_ST_CR_CHANGE: + str = "TRCCS"; + break; + case TLS_ST_SR_FINISHED: + case TLS_ST_CR_FINISHED: + str = "TRFIN"; + break; + case TLS_ST_SW_HELLO_REQ: + str = "TWHR"; + break; + case TLS_ST_SR_CLNT_HELLO: + str = "TRCH"; + break; + case TLS_ST_SW_SRVR_HELLO: + str = "TWSH"; + break; + case TLS_ST_SW_CERT: + str = "TWSC"; + break; + case TLS_ST_SW_KEY_EXCH: + str = "TWSKE"; + break; + case TLS_ST_SW_CERT_REQ: + str = "TWCR"; + break; + case TLS_ST_SW_SRVR_DONE: + str = "TWSD"; + break; + case TLS_ST_SR_CERT: + str = "TRCC"; + break; + case TLS_ST_SR_KEY_EXCH: + str = "TRCKE"; + break; + case TLS_ST_SR_CERT_VRFY: + str = "TRCV"; + break; + case DTLS_ST_CR_HELLO_VERIFY_REQUEST: + str = "DRCHV"; + break; + case DTLS_ST_SW_HELLO_VERIFY_REQUEST: + str = "DWCHV"; + break; + default: + break; + } + } + + return str; +} + +/** + * @brief get SSL statement long string + */ +char *SSL_state_string_long(const SSL *ssl) +{ + char *str = "UNKWN "; + + SSL_ASSERT2(ssl); + + if (ossl_statem_in_error(ssl)) + str = "SSLERR"; + else + { + switch (SSL_get_state(ssl)) + { + case TLS_ST_BEFORE: + str = "before SSL initialization"; + break; + case TLS_ST_OK: + str = "SSL negotiation finished successfully"; + break; + case TLS_ST_CW_CLNT_HELLO: + str = "SSLv3/TLS write client hello"; + break; + case TLS_ST_CR_SRVR_HELLO: + str = "SSLv3/TLS read server hello"; + break; + case TLS_ST_CR_CERT: + str = "SSLv3/TLS read server certificate"; + break; + case TLS_ST_CR_KEY_EXCH: + str = "SSLv3/TLS read server key exchange"; + break; + case TLS_ST_CR_CERT_REQ: + str = "SSLv3/TLS read server certificate request"; + break; + case TLS_ST_CR_SESSION_TICKET: + str = "SSLv3/TLS read server session ticket"; + break; + case TLS_ST_CR_SRVR_DONE: + str = "SSLv3/TLS read server done"; + break; + case TLS_ST_CW_CERT: + str = "SSLv3/TLS write client certificate"; + break; + case TLS_ST_CW_KEY_EXCH: + str = "SSLv3/TLS write client key exchange"; + break; + case TLS_ST_CW_CERT_VRFY: + str = "SSLv3/TLS write certificate verify"; + break; + case TLS_ST_CW_CHANGE: + case TLS_ST_SW_CHANGE: + str = "SSLv3/TLS write change cipher spec"; + break; + case TLS_ST_CW_FINISHED: + case TLS_ST_SW_FINISHED: + str = "SSLv3/TLS write finished"; + break; + case TLS_ST_CR_CHANGE: + case TLS_ST_SR_CHANGE: + str = "SSLv3/TLS read change cipher spec"; + break; + case TLS_ST_CR_FINISHED: + case TLS_ST_SR_FINISHED: + str = "SSLv3/TLS read finished"; + break; + case TLS_ST_SR_CLNT_HELLO: + str = "SSLv3/TLS read client hello"; + break; + case TLS_ST_SW_HELLO_REQ: + str = "SSLv3/TLS write hello request"; + break; + case TLS_ST_SW_SRVR_HELLO: + str = "SSLv3/TLS write server hello"; + break; + case TLS_ST_SW_CERT: + str = "SSLv3/TLS write certificate"; + break; + case TLS_ST_SW_KEY_EXCH: + str = "SSLv3/TLS write key exchange"; + break; + case TLS_ST_SW_CERT_REQ: + str = "SSLv3/TLS write certificate request"; + break; + case TLS_ST_SW_SESSION_TICKET: + str = "SSLv3/TLS write session ticket"; + break; + case TLS_ST_SW_SRVR_DONE: + str = "SSLv3/TLS write server done"; + break; + case TLS_ST_SR_CERT: + str = "SSLv3/TLS read client certificate"; + break; + case TLS_ST_SR_KEY_EXCH: + str = "SSLv3/TLS read client key exchange"; + break; + case TLS_ST_SR_CERT_VRFY: + str = "SSLv3/TLS read certificate verify"; + break; + case DTLS_ST_CR_HELLO_VERIFY_REQUEST: + str = "DTLS1 read hello verify request"; + break; + case DTLS_ST_SW_HELLO_VERIFY_REQUEST: + str = "DTLS1 write hello verify request"; + break; + default: + break; + } + } + + return str; +} + +/** + * @brief set the SSL context read buffer length + */ +void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len) +{ + SSL_ASSERT3(ctx); + + ctx->read_buffer_len = len; +} + +/** + * @brief set the SSL read buffer length + */ +void SSL_set_default_read_buffer_len(SSL *ssl, size_t len) +{ + SSL_ASSERT3(ssl); + SSL_ASSERT3(len); + + SSL_METHOD_CALL(set_bufflen, ssl, len); +} + +/** + * @brief set the SSL information callback function + */ +void SSL_set_info_callback(SSL *ssl, void (*cb) (const SSL *ssl, int type, int val)) +{ + SSL_ASSERT3(ssl); + + ssl->info_callback = cb; +} + +/** + * @brief add SSL context reference count by '1' + */ +int SSL_CTX_up_ref(SSL_CTX *ctx) +{ + SSL_ASSERT1(ctx); + + /** + * no support multi-thread SSL here + */ + ctx->references++; + + return 1; +} + +/** + * @brief set the SSL security level + */ +void SSL_set_security_level(SSL *ssl, int level) +{ + SSL_ASSERT3(ssl); + + ssl->cert->sec_level = level; +} + +/** + * @brief get the SSL security level + */ +int SSL_get_security_level(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + return ssl->cert->sec_level; +} + +/** + * @brief get the SSL verifying mode of the SSL context + */ +int SSL_CTX_get_verify_mode(const SSL_CTX *ctx) +{ + SSL_ASSERT1(ctx); + + return ctx->verify_mode; +} + +/** + * @brief set the session timeout time + */ +long SSL_CTX_set_timeout(SSL_CTX *ctx, long t) +{ + long l; + + SSL_ASSERT1(ctx); + + l = ctx->session_timeout; + ctx->session_timeout = t; + + return l; +} + +/** + * @brief get the session timeout time + */ +long SSL_CTX_get_timeout(const SSL_CTX *ctx) +{ + SSL_ASSERT1(ctx); + + return ctx->session_timeout; +} + +/** + * @brief set the SSL if we can read as many as data + */ +void SSL_set_read_ahead(SSL *ssl, int yes) +{ + SSL_ASSERT3(ssl); + + ssl->rlayer.read_ahead = yes; +} + +/** + * @brief set the SSL context if we can read as many as data + */ +void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes) +{ + SSL_ASSERT3(ctx); + + ctx->read_ahead = yes; +} + +/** + * @brief get the SSL ahead signal if we can read as many as data + */ +int SSL_get_read_ahead(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + return ssl->rlayer.read_ahead; +} + +/** + * @brief get the SSL context ahead signal if we can read as many as data + */ +long SSL_CTX_get_read_ahead(SSL_CTX *ctx) +{ + SSL_ASSERT1(ctx); + + return ctx->read_ahead; +} + +/** + * @brief check if the SSL context can read as many as data + */ +long SSL_CTX_get_default_read_ahead(SSL_CTX *ctx) +{ + SSL_ASSERT1(ctx); + + return ctx->read_ahead; +} + +/** + * @brief set SSL session time + */ +long SSL_set_time(SSL *ssl, long t) +{ + SSL_ASSERT1(ssl); + + ssl->session->time = t; + + return t; +} + +/** + * @brief set SSL session timeout time + */ +long SSL_set_timeout(SSL *ssl, long t) +{ + SSL_ASSERT1(ssl); + + ssl->session->timeout = t; + + return t; +} + +/** + * @brief get the verifying result of the SSL certification + */ +long SSL_get_verify_result(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + return SSL_METHOD_CALL(get_verify_result, ssl); +} + +/** + * @brief get the SSL verifying depth of the SSL context + */ +int SSL_CTX_get_verify_depth(const SSL_CTX *ctx) +{ + SSL_ASSERT1(ctx); + + return ctx->param.depth; +} + +/** + * @brief set the SSL verify depth of the SSL context + */ +void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth) +{ + SSL_ASSERT3(ctx); + + ctx->param.depth = depth; +} + +/** + * @brief get the SSL verifying depth of the SSL + */ +int SSL_get_verify_depth(const SSL *ssl) +{ + SSL_ASSERT1(ssl); + + return ssl->param.depth; +} + +/** + * @brief set the SSL verify depth of the SSL + */ +void SSL_set_verify_depth(SSL *ssl, int depth) +{ + SSL_ASSERT3(ssl); + + ssl->param.depth = depth; +} + +/** + * @brief set the SSL context verifying of the SSL context + */ +void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*verify_callback)(int, X509_STORE_CTX *)) +{ + SSL_ASSERT3(ctx); + + ctx->verify_mode = mode; + ctx->default_verify_callback = verify_callback; +} + +/** + * @brief set the SSL verifying of the SSL context + */ +void SSL_set_verify(SSL *ssl, int mode, int (*verify_callback)(int, X509_STORE_CTX *)) +{ + SSL_ASSERT3(ssl); + + ssl->verify_mode = mode; + ssl->verify_callback = verify_callback; +} + +void ERR_error_string_n(unsigned long e, char *buf, size_t len) +{ + lws_strncpy(buf, "unknown", len); +} + +void ERR_free_strings(void) +{ +} + +char *ERR_error_string(unsigned long e, char *buf) +{ + if (!buf) + return "unknown"; + + switch(e) { + case X509_V_ERR_INVALID_CA: + strcpy(buf, "CA is not trusted"); + break; + case X509_V_ERR_HOSTNAME_MISMATCH: + strcpy(buf, "Hostname mismatch"); + break; + case X509_V_ERR_CA_KEY_TOO_SMALL: + strcpy(buf, "CA key too small"); + break; + case X509_V_ERR_CA_MD_TOO_WEAK: + strcpy(buf, "MD key too weak"); + break; + case X509_V_ERR_CERT_NOT_YET_VALID: + strcpy(buf, "Cert from the future"); + break; + case X509_V_ERR_CERT_HAS_EXPIRED: + strcpy(buf, "Cert expired"); + break; + default: + strcpy(buf, "unknown"); + break; + } + + return buf; +} + +void *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx) +{ + return NULL; +} + +/* + * Openssl wants the valid protocol names supplied like this: + * + * (unsigned char *)"\x02h2\x08http/1.1", 6 + 9 + * + * Mbedtls wants this: + * + * Pointer to a NULL-terminated list of supported protocols, in decreasing + * preference order. The pointer to the list is recorded by the library for + * later reference as required, so the lifetime of the table must be at least + * as long as the lifetime of the SSL configuration structure. + * + * So accept the OpenSSL style and convert to mbedtls style + */ + +struct alpn_ctx { + unsigned char data[23]; + unsigned char len; +}; + +static void +_openssl_alpn_to_mbedtls(struct alpn_ctx *ac, char ***palpn_protos) +{ + unsigned char *p = ac->data, *q; + unsigned char len; + char **alpn_protos; + int count = 0; + + /* find out how many entries he gave us */ + + len = *p++; + while (p - ac->data < ac->len) { + if (len--) { + p++; + continue; + } + count++; + len = *p++; + if (!len) + break; + } + + if (!len) + count++; + + if (!count) + return; + + /* allocate space for count + 1 pointers and the data afterwards */ + + alpn_protos = ssl_mem_zalloc((count + 1) * sizeof(char *) + ac->len + 1); + if (!alpn_protos) + return; + + *palpn_protos = alpn_protos; + + /* convert to mbedtls format */ + + q = (unsigned char *)alpn_protos + (count + 1) * sizeof(char *); + p = ac->data; + count = 0; + + len = *p++; + alpn_protos[count] = (char *)q; + while (p - ac->data < ac->len) { + if (len--) { + *q++ = *p++; + continue; + } + *q++ = '\0'; + count++; + len = *p++; + alpn_protos[count] = (char *)q; + if (!len) + break; + } + if (!len) { + *q++ = '\0'; + count++; + len = *p++; + alpn_protos[count] = (char *)q; + } + alpn_protos[count] = NULL; /* last pointer ends list with NULL */ +} + +void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, next_proto_cb cb, void *arg) +{ + struct alpn_ctx *ac = arg; + + ctx->alpn_cb = cb; + + _openssl_alpn_to_mbedtls(ac, (char ***)&ctx->alpn_protos); +} + +void SSL_set_alpn_select_cb(SSL *ssl, void *arg) +{ + struct alpn_ctx *ac = arg; + + _openssl_alpn_to_mbedtls(ac, (char ***)&ssl->alpn_protos); + + _ssl_set_alpn_list(ssl); +} diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_methods.c b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_methods.c new file mode 100644 index 0000000000..0002360846 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_methods.c @@ -0,0 +1,81 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "ssl_methods.h" +#include "ssl_pm.h" + +/** + * TLS method function collection + */ +IMPLEMENT_TLS_METHOD_FUNC(TLS_method_func, + ssl_pm_new, ssl_pm_free, + ssl_pm_handshake, ssl_pm_shutdown, ssl_pm_clear, + ssl_pm_read, ssl_pm_send, ssl_pm_pending, + ssl_pm_set_fd, ssl_pm_get_fd, + ssl_pm_set_bufflen, + ssl_pm_get_verify_result, + ssl_pm_get_state); + +/** + * TLS or SSL client method collection + */ +IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 0, TLS_method_func, TLS_client_method); + +IMPLEMENT_TLS_METHOD(TLS1_2_VERSION, 0, TLS_method_func, TLSv1_2_client_method); + +IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 0, TLS_method_func, TLSv1_1_client_method); + +IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_client_method); + +IMPLEMENT_SSL_METHOD(SSL3_VERSION, 0, TLS_method_func, SSLv3_client_method); + +/** + * TLS or SSL server method collection + */ +IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 1, TLS_method_func, TLS_server_method); + +IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 1, TLS_method_func, TLSv1_1_server_method); + +IMPLEMENT_TLS_METHOD(TLS1_2_VERSION, 1, TLS_method_func, TLSv1_2_server_method); + +IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_server_method); + +IMPLEMENT_SSL_METHOD(SSL3_VERSION, 1, TLS_method_func, SSLv3_server_method); + +/** + * TLS or SSL method collection + */ +IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, -1, TLS_method_func, TLS_method); + +IMPLEMENT_SSL_METHOD(TLS1_2_VERSION, -1, TLS_method_func, TLSv1_2_method); + +IMPLEMENT_SSL_METHOD(TLS1_1_VERSION, -1, TLS_method_func, TLSv1_1_method); + +IMPLEMENT_SSL_METHOD(TLS1_VERSION, -1, TLS_method_func, TLSv1_method); + +IMPLEMENT_SSL_METHOD(SSL3_VERSION, -1, TLS_method_func, SSLv3_method); + +/** + * @brief get X509 object method + */ +IMPLEMENT_X509_METHOD(X509_method, + x509_pm_new, x509_pm_free, + x509_pm_load, x509_pm_show_info); + +/** + * @brief get private key object method + */ +IMPLEMENT_PKEY_METHOD(EVP_PKEY_method, + pkey_pm_new, pkey_pm_free, + pkey_pm_load); diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_pkey.c b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_pkey.c new file mode 100644 index 0000000000..567a33e2c2 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_pkey.c @@ -0,0 +1,239 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "ssl_pkey.h" +#include "ssl_methods.h" +#include "ssl_dbg.h" +#include "ssl_port.h" + +/** + * @brief create a private key object according to input private key + */ +EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk) +{ + int ret; + EVP_PKEY *pkey; + + pkey = ssl_mem_zalloc(sizeof(EVP_PKEY)); + if (!pkey) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "no enough memory > (pkey)"); + goto no_mem; + } + + if (ipk) { + pkey->method = ipk->method; + } else { + pkey->method = EVP_PKEY_method(); + } + + ret = EVP_PKEY_METHOD_CALL(new, pkey, ipk); + if (ret) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_METHOD_CALL(new) return %d", ret); + goto failed; + } + + return pkey; + +failed: + ssl_mem_free(pkey); +no_mem: + return NULL; +} + +/** + * @brief create a private key object + */ +EVP_PKEY* EVP_PKEY_new(void) +{ + return __EVP_PKEY_new(NULL); +} + +/** + * @brief free a private key object + */ +void EVP_PKEY_free(EVP_PKEY *pkey) +{ + SSL_ASSERT3(pkey); + + EVP_PKEY_METHOD_CALL(free, pkey); + + ssl_mem_free(pkey); +} + +/** + * @brief load a character key context into system context. If '*a' is pointed to the + * private key, then load key into it. Or create a new private key object + */ +EVP_PKEY *d2i_PrivateKey(int type, + EVP_PKEY **a, + const unsigned char **pp, + long length) +{ + int m = 0; + int ret; + EVP_PKEY *pkey; + + SSL_ASSERT2(pp); + SSL_ASSERT2(*pp); + SSL_ASSERT2(length); + + if (a && *a) { + pkey = *a; + } else { + pkey = EVP_PKEY_new();; + if (!pkey) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_new() return NULL"); + goto failed1; + } + + m = 1; + } + + ret = EVP_PKEY_METHOD_CALL(load, pkey, *pp, length); + if (ret) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_METHOD_CALL(load) return %d", ret); + goto failed2; + } + + if (a) + *a = pkey; + + return pkey; + +failed2: + if (m) + EVP_PKEY_free(pkey); +failed1: + return NULL; +} + +/** + * @brief set the SSL context private key + */ +int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) +{ + SSL_ASSERT1(ctx); + SSL_ASSERT1(pkey); + + if (ctx->cert->pkey == pkey) + return 1; + + if (ctx->cert->pkey) + EVP_PKEY_free(ctx->cert->pkey); + + ctx->cert->pkey = pkey; + + return 1; +} + +/** + * @brief set the SSL private key + */ +int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) +{ + SSL_ASSERT1(ssl); + SSL_ASSERT1(pkey); + + if (ssl->cert->pkey == pkey) + return 1; + + if (ssl->cert->pkey) + EVP_PKEY_free(ssl->cert->pkey); + + ssl->cert->pkey = pkey; + + return 1; +} + +/** + * @brief load private key into the SSL context + */ +int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, + const unsigned char *d, long len) +{ + int ret; + EVP_PKEY *pk; + + pk = d2i_PrivateKey(0, NULL, &d, len); + if (!pk) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_PrivateKey() return NULL"); + goto failed1; + } + + ret = SSL_CTX_use_PrivateKey(ctx, pk); + if (!ret) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_CTX_use_PrivateKey() return %d", ret); + goto failed2; + } + + return 1; + +failed2: + EVP_PKEY_free(pk); +failed1: + return 0; +} + +/** + * @brief load private key into the SSL + */ +int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, + const unsigned char *d, long len) +{ + int ret; + EVP_PKEY *pk; + + pk = d2i_PrivateKey(0, NULL, &d, len); + if (!pk) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_PrivateKey() return NULL"); + goto failed1; + } + + ret = SSL_use_PrivateKey(ssl, pk); + if (!ret) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_use_PrivateKey() return %d", ret); + goto failed2; + } + + return 1; + +failed2: + EVP_PKEY_free(pk); +failed1: + return 0; +} + +/** + * @brief load the private key file into SSL context + */ +int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) +{ + return 0; +} + +/** + * @brief load the private key file into SSL + */ +int SSL_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) +{ + return 0; +} + +/** + * @brief load the RSA ASN1 private key into SSL context + */ +int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len) +{ + return SSL_CTX_use_PrivateKey_ASN1(0, ctx, d, len); +} diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_stack.c b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_stack.c new file mode 100644 index 0000000000..da836daf9c --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_stack.c @@ -0,0 +1,74 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "ssl_stack.h" +#include "ssl_dbg.h" +#include "ssl_port.h" + +#ifndef CONFIG_MIN_NODES + #define MIN_NODES 4 +#else + #define MIN_NODES CONFIG_MIN_NODES +#endif + +/** + * @brief create a openssl stack object + */ +OPENSSL_STACK* OPENSSL_sk_new(OPENSSL_sk_compfunc c) +{ + OPENSSL_STACK *stack; + char **data; + + stack = ssl_mem_zalloc(sizeof(OPENSSL_STACK)); + if (!stack) { + SSL_DEBUG(SSL_STACK_ERROR_LEVEL, "no enough memory > (stack)"); + goto no_mem1; + } + + data = ssl_mem_zalloc(sizeof(*data) * MIN_NODES); + if (!data) { + SSL_DEBUG(SSL_STACK_ERROR_LEVEL, "no enough memory > (data)"); + goto no_mem2; + } + + stack->data = data; + stack->num_alloc = MIN_NODES; + stack->c = c; + + return stack; + +no_mem2: + ssl_mem_free(stack); +no_mem1: + return NULL; +} + +/** + * @brief create a NULL function openssl stack object + */ +OPENSSL_STACK *OPENSSL_sk_new_null(void) +{ + return OPENSSL_sk_new((OPENSSL_sk_compfunc)NULL); +} + +/** + * @brief free openssl stack object + */ +void OPENSSL_sk_free(OPENSSL_STACK *stack) +{ + SSL_ASSERT3(stack); + + ssl_mem_free(stack->data); + ssl_mem_free(stack); +} diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_x509.c b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_x509.c new file mode 100644 index 0000000000..ed79150831 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/library/ssl_x509.c @@ -0,0 +1,354 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "ssl_x509.h" +#include "ssl_methods.h" +#include "ssl_dbg.h" +#include "ssl_port.h" + +#include + +/** + * @brief show X509 certification information + */ +int __X509_show_info(X509 *x) +{ + return X509_METHOD_CALL(show_info, x); +} + +/** + * @brief create a X509 certification object according to input X509 certification + */ +X509* __X509_new(X509 *ix) +{ + int ret; + X509 *x; + + x = ssl_mem_zalloc(sizeof(X509)); + if (!x) { + SSL_DEBUG(SSL_X509_ERROR_LEVEL, "no enough memory > (x)"); + goto no_mem; + } + + if (ix) + x->method = ix->method; + else + x->method = X509_method(); + + ret = X509_METHOD_CALL(new, x, ix); + if (ret) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_METHOD_CALL(new) return %d", ret); + goto failed; + } + + return x; + +failed: + ssl_mem_free(x); +no_mem: + return NULL; +} + +/** + * @brief create a X509 certification object + */ +X509* X509_new(void) +{ + return __X509_new(NULL); +} + +/** + * @brief free a X509 certification object + */ +void X509_free(X509 *x) +{ + SSL_ASSERT3(x); + + X509_METHOD_CALL(free, x); + + ssl_mem_free(x); +}; + +/** + * @brief load a character certification context into system context. If '*cert' is pointed to the + * certification, then load certification into it. Or create a new X509 certification object + */ +X509* d2i_X509(X509 **cert, const unsigned char *buffer, long len) +{ + int m = 0; + int ret; + X509 *x; + + SSL_ASSERT2(buffer); + SSL_ASSERT2(len); + + if (cert && *cert) { + x = *cert; + } else { + x = X509_new(); + if (!x) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_new() return NULL"); + goto failed1; + } + m = 1; + } + + ret = X509_METHOD_CALL(load, x, buffer, len); + if (ret) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_METHOD_CALL(load) return %d", ret); + goto failed2; + } + + return x; + +failed2: + if (m) + X509_free(x); +failed1: + return NULL; +} + +/** + * @brief return SSL X509 verify parameters + */ + +X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl) +{ + return &ssl->param; +} + +/** + * @brief set X509 host verification flags + */ + +int X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, + unsigned long flags) +{ + /* flags not supported yet */ + return 0; +} + +/** + * @brief clear X509 host verification flags + */ + +int X509_VERIFY_PARAM_clear_hostflags(X509_VERIFY_PARAM *param, + unsigned long flags) +{ + /* flags not supported yet */ + return 0; +} + +/** + * @brief set SSL context client CA certification + */ +int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x) +{ + SSL_ASSERT1(ctx); + SSL_ASSERT1(x); + assert(ctx); + if (ctx->client_CA == x) + return 1; + + X509_free(ctx->client_CA); + + ctx->client_CA = x; + + return 1; +} + +/** + * @brief add CA client certification into the SSL + */ +int SSL_CTX_add_client_CA_ASN1(SSL_CTX *ctx, int len, + const unsigned char *d) +{ + X509 *x; + + x = d2i_X509(NULL, d, len); + if (!x) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL"); + return 0; + } + SSL_ASSERT1(ctx); + + X509_free(ctx->client_CA); + + ctx->client_CA = x; + + return 1; +} + +/** + * @brief add CA client certification into the SSL + */ +int SSL_add_client_CA(SSL *ssl, X509 *x) +{ + SSL_ASSERT1(ssl); + SSL_ASSERT1(x); + + if (ssl->client_CA == x) + return 1; + + X509_free(ssl->client_CA); + + ssl->client_CA = x; + + return 1; +} + +/** + * @brief set the SSL context certification + */ +int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) +{ + SSL_ASSERT1(ctx); + SSL_ASSERT1(x); + + if (ctx->cert->x509 == x) + return 1; + + X509_free(ctx->cert->x509); + + ctx->cert->x509 = x; + + return 1; +} + +/** + * @brief set the SSL certification + */ +int SSL_use_certificate(SSL *ssl, X509 *x) +{ + SSL_ASSERT1(ssl); + SSL_ASSERT1(x); + + if (ssl->cert->x509 == x) + return 1; + + X509_free(ssl->cert->x509); + + ssl->cert->x509 = x; + + return 1; +} + +/** + * @brief get the SSL certification point + */ +X509 *SSL_get_certificate(const SSL *ssl) +{ + SSL_ASSERT2(ssl); + + return ssl->cert->x509; +} + +/** + * @brief load certification into the SSL context + */ +int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, + const unsigned char *d) +{ + int ret; + X509 *x; + + x = d2i_X509(NULL, d, len); + if (!x) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL"); + goto failed1; + } + + ret = SSL_CTX_use_certificate(ctx, x); + if (!ret) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_CTX_use_certificate() return %d", ret); + goto failed2; + } + + return 1; + +failed2: + X509_free(x); +failed1: + return 0; +} + +/** + * @brief load certification into the SSL + */ +int SSL_use_certificate_ASN1(SSL *ssl, int len, + const unsigned char *d) +{ + int ret; + X509 *x; + + x = d2i_X509(NULL, d, len); + if (!x) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL"); + goto failed1; + } + + ret = SSL_use_certificate(ssl, x); + if (!ret) { + SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_use_certificate() return %d", ret); + goto failed2; + } + + return 1; + +failed2: + X509_free(x); +failed1: + return 0; +} + +/** + * @brief load the certification file into SSL context + */ +int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) +{ + return 0; +} + +/** + * @brief load the certification file into SSL + */ +int SSL_use_certificate_file(SSL *ssl, const char *file, int type) +{ + return 0; +} + +/** + * @brief get peer certification + */ +X509 *SSL_get_peer_certificate(const SSL *ssl) +{ + SSL_ASSERT2(ssl); + + return ssl->session->peer; +} + +int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) +{ + return X509_V_ERR_UNSPECIFIED; +} + +int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) +{ + return 0; +} + +const char *X509_verify_cert_error_string(long n) +{ + return "unknown"; +} diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_pm.c b/thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_pm.c new file mode 100755 index 0000000000..4716c1ff56 --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_pm.c @@ -0,0 +1,907 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "ssl_pm.h" +#include "ssl_port.h" +#include "ssl_dbg.h" + +/* mbedtls include */ +#include "mbedtls/platform.h" +#include "mbedtls/net_sockets.h" +#include "mbedtls/debug.h" +#include "mbedtls/entropy.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/error.h" +#include "mbedtls/certs.h" + +#include + +#define X509_INFO_STRING_LENGTH 8192 + +struct ssl_pm +{ + /* local socket file description */ + mbedtls_net_context fd; + /* remote client socket file description */ + mbedtls_net_context cl_fd; + + mbedtls_ssl_config conf; + + mbedtls_ctr_drbg_context ctr_drbg; + + mbedtls_ssl_context ssl; + + mbedtls_entropy_context entropy; + + SSL *owner; +}; + +struct x509_pm +{ + mbedtls_x509_crt *x509_crt; + + mbedtls_x509_crt *ex_crt; +}; + +struct pkey_pm +{ + mbedtls_pk_context *pkey; + + mbedtls_pk_context *ex_pkey; +}; + +unsigned int max_content_len; + +/*********************************************************************************************/ +/************************************ SSL arch interface *************************************/ + +//#ifdef CONFIG_OPENSSL_LOWLEVEL_DEBUG + +/* mbedtls debug level */ +#define MBEDTLS_DEBUG_LEVEL 4 + +/** + * @brief mbedtls debug function + */ +static void ssl_platform_debug(void *ctx, int level, + const char *file, int line, + const char *str) +{ + /* Shorten 'file' from the whole file path to just the filename + + This is a bit wasteful because the macros are compiled in with + the full _FILE_ path in each case. + */ +// char *file_sep = rindex(file, '/'); + // if(file_sep) + // file = file_sep + 1; + + printf("%s:%d %s", file, line, str); +} +//#endif + +/** + * @brief create SSL low-level object + */ +int ssl_pm_new(SSL *ssl) +{ + struct ssl_pm *ssl_pm; + int ret; + + const unsigned char pers[] = "OpenSSL PM"; + size_t pers_len = sizeof(pers); + + int endpoint; + int version; + + const SSL_METHOD *method = ssl->method; + + ssl_pm = ssl_mem_zalloc(sizeof(struct ssl_pm)); + if (!ssl_pm) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (ssl_pm)"); + goto no_mem; + } + + ssl_pm->owner = ssl; + + if (!ssl->ctx->read_buffer_len) + ssl->ctx->read_buffer_len = 2048; + + max_content_len = ssl->ctx->read_buffer_len; + // printf("ssl->ctx->read_buffer_len = %d ++++++++++++++++++++\n", ssl->ctx->read_buffer_len); + + mbedtls_net_init(&ssl_pm->fd); + mbedtls_net_init(&ssl_pm->cl_fd); + + mbedtls_ssl_config_init(&ssl_pm->conf); + mbedtls_ctr_drbg_init(&ssl_pm->ctr_drbg); + mbedtls_entropy_init(&ssl_pm->entropy); + mbedtls_ssl_init(&ssl_pm->ssl); + + ret = mbedtls_ctr_drbg_seed(&ssl_pm->ctr_drbg, mbedtls_entropy_func, &ssl_pm->entropy, pers, pers_len); + if (ret) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ctr_drbg_seed() return -0x%x", -ret); + goto mbedtls_err1; + } + + if (method->endpoint) { + endpoint = MBEDTLS_SSL_IS_SERVER; + } else { + endpoint = MBEDTLS_SSL_IS_CLIENT; + } + ret = mbedtls_ssl_config_defaults(&ssl_pm->conf, endpoint, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT); + if (ret) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_config_defaults() return -0x%x", -ret); + goto mbedtls_err2; + } + + if (TLS_ANY_VERSION != ssl->version) { + if (TLS1_2_VERSION == ssl->version) + version = MBEDTLS_SSL_MINOR_VERSION_3; + else if (TLS1_1_VERSION == ssl->version) + version = MBEDTLS_SSL_MINOR_VERSION_2; + else if (TLS1_VERSION == ssl->version) + version = MBEDTLS_SSL_MINOR_VERSION_1; + else + version = MBEDTLS_SSL_MINOR_VERSION_0; + + mbedtls_ssl_conf_max_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, version); + mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, version); + } else { + mbedtls_ssl_conf_max_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3); + mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0); + } + + mbedtls_ssl_conf_rng(&ssl_pm->conf, mbedtls_ctr_drbg_random, &ssl_pm->ctr_drbg); + +//#ifdef CONFIG_OPENSSL_LOWLEVEL_DEBUG + // mbedtls_debug_set_threshold(MBEDTLS_DEBUG_LEVEL); +// mbedtls_ssl_conf_dbg(&ssl_pm->conf, ssl_platform_debug, NULL); +//#else + mbedtls_ssl_conf_dbg(&ssl_pm->conf, ssl_platform_debug, NULL); +//#endif + + ret = mbedtls_ssl_setup(&ssl_pm->ssl, &ssl_pm->conf); + if (ret) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_setup() return -0x%x", -ret); + goto mbedtls_err2; + } + + mbedtls_ssl_set_bio(&ssl_pm->ssl, &ssl_pm->fd, mbedtls_net_send, mbedtls_net_recv, NULL); + + ssl->ssl_pm = ssl_pm; + + return 0; + +mbedtls_err2: + mbedtls_ssl_config_free(&ssl_pm->conf); + mbedtls_ctr_drbg_free(&ssl_pm->ctr_drbg); +mbedtls_err1: + mbedtls_entropy_free(&ssl_pm->entropy); + ssl_mem_free(ssl_pm); +no_mem: + return -1; +} + +/** + * @brief free SSL low-level object + */ +void ssl_pm_free(SSL *ssl) +{ + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + + mbedtls_ctr_drbg_free(&ssl_pm->ctr_drbg); + mbedtls_entropy_free(&ssl_pm->entropy); + mbedtls_ssl_config_free(&ssl_pm->conf); + mbedtls_ssl_free(&ssl_pm->ssl); + + ssl_mem_free(ssl_pm); + ssl->ssl_pm = NULL; +} + +/** + * @brief reload SSL low-level certification object + */ +static int ssl_pm_reload_crt(SSL *ssl) +{ + int ret; + int mode; + struct ssl_pm *ssl_pm = ssl->ssl_pm; + struct x509_pm *ca_pm = (struct x509_pm *)ssl->client_CA->x509_pm; + + struct pkey_pm *pkey_pm = (struct pkey_pm *)ssl->cert->pkey->pkey_pm; + struct x509_pm *crt_pm = (struct x509_pm *)ssl->cert->x509->x509_pm; + + if (ssl->verify_mode == SSL_VERIFY_PEER) + mode = MBEDTLS_SSL_VERIFY_OPTIONAL; + else if (ssl->verify_mode == SSL_VERIFY_FAIL_IF_NO_PEER_CERT) + mode = MBEDTLS_SSL_VERIFY_OPTIONAL; + else if (ssl->verify_mode == SSL_VERIFY_CLIENT_ONCE) + mode = MBEDTLS_SSL_VERIFY_UNSET; + else + mode = MBEDTLS_SSL_VERIFY_NONE; + + mbedtls_ssl_conf_authmode(&ssl_pm->conf, mode); + + if (ca_pm->x509_crt) { + mbedtls_ssl_conf_ca_chain(&ssl_pm->conf, ca_pm->x509_crt, NULL); + } else if (ca_pm->ex_crt) { + mbedtls_ssl_conf_ca_chain(&ssl_pm->conf, ca_pm->ex_crt, NULL); + } + + if (crt_pm->x509_crt && pkey_pm->pkey) { + ret = mbedtls_ssl_conf_own_cert(&ssl_pm->conf, crt_pm->x509_crt, pkey_pm->pkey); + } else if (crt_pm->ex_crt && pkey_pm->ex_pkey) { + ret = mbedtls_ssl_conf_own_cert(&ssl_pm->conf, crt_pm->ex_crt, pkey_pm->ex_pkey); + } else { + ret = 0; + } + + if (ret) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_conf_own_cert() return -0x%x", -ret); + ret = -1; + } + + return ret; +} + +/* + * Perform the mbedtls SSL handshake instead of mbedtls_ssl_handshake. + * We can add debug here. + */ +static int mbedtls_handshake( mbedtls_ssl_context *ssl ) +{ + int ret = 0; + + while (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + ret = mbedtls_ssl_handshake_step(ssl); + + lwsl_info("%s: ssl ret -%x state %d\n", __func__, -ret, ssl->state); + + if (ret != 0) + break; + } + + return ret; +} + +#include + +int ssl_pm_handshake(SSL *ssl) +{ + int ret; + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + + ssl->err = 0; + errno = 0; + + ret = ssl_pm_reload_crt(ssl); + if (ret) { + printf("%s: cert reload failed\n", __func__); + return 0; + } + + if (ssl_pm->ssl.state != MBEDTLS_SSL_HANDSHAKE_OVER) { + ssl_speed_up_enter(); + + /* mbedtls return codes + * 0 = successful, or MBEDTLS_ERR_SSL_WANT_READ/WRITE + * anything else = death + */ + ret = mbedtls_handshake(&ssl_pm->ssl); + ssl_speed_up_exit(); + } else + ret = 0; + + /* + * OpenSSL return codes: + * 0 = did not complete, but may be retried + * 1 = successfully completed + * <0 = death + */ + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { + ssl->err = ret; + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_handshake() return -0x%x", -ret); + return 0; /* OpenSSL: did not complete but may be retried */ + } + + if (ret == 0) { /* successful */ + struct x509_pm *x509_pm = (struct x509_pm *)ssl->session->peer->x509_pm; + + x509_pm->ex_crt = (mbedtls_x509_crt *)mbedtls_ssl_get_peer_cert(&ssl_pm->ssl); + return 1; /* openssl successful */ + } + + if (errno == 11) { + ssl->err = ret == MBEDTLS_ERR_SSL_WANT_READ; + + return 0; + } + + printf("%s: mbedtls_ssl_handshake() returned -0x%x\n", __func__, -ret); + + /* it's had it */ + + ssl->err = SSL_ERROR_SYSCALL; + + return -1; /* openssl death */ +} + +mbedtls_x509_crt * +ssl_ctx_get_mbedtls_x509_crt(SSL_CTX *ssl_ctx) +{ + struct x509_pm *x509_pm = (struct x509_pm *)ssl_ctx->cert->x509->x509_pm; + + if (!x509_pm) + return NULL; + + return x509_pm->x509_crt; +} + +mbedtls_x509_crt * +ssl_get_peer_mbedtls_x509_crt(SSL *ssl) +{ + struct x509_pm *x509_pm = (struct x509_pm *)ssl->session->peer->x509_pm; + + if (!x509_pm) + return NULL; + + return x509_pm->ex_crt; +} + +int ssl_pm_shutdown(SSL *ssl) +{ + int ret; + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + + ret = mbedtls_ssl_close_notify(&ssl_pm->ssl); + if (ret) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_close_notify() return -0x%x", -ret); + if (ret == MBEDTLS_ERR_NET_CONN_RESET) + ssl->err = SSL_ERROR_SYSCALL; + ret = -1; /* OpenSSL: "Call SSL_get_error with the return value to find the reason */ + } else { + struct x509_pm *x509_pm = (struct x509_pm *)ssl->session->peer->x509_pm; + + x509_pm->ex_crt = NULL; + ret = 1; /* OpenSSL: "The shutdown was successfully completed" + ...0 means retry */ + } + + return ret; +} + +int ssl_pm_clear(SSL *ssl) +{ + return ssl_pm_shutdown(ssl); +} + + +int ssl_pm_read(SSL *ssl, void *buffer, int len) +{ + int ret; + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + + ret = mbedtls_ssl_read(&ssl_pm->ssl, buffer, len); + if (ret < 0) { + // lwsl_notice("%s: mbedtls_ssl_read says -0x%x\n", __func__, -ret); + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_read() return -0x%x", -ret); + if (ret == MBEDTLS_ERR_NET_CONN_RESET || + ret <= MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE) /* fatal errors */ + ssl->err = SSL_ERROR_SYSCALL; + ret = -1; + } + + return ret; +} + +/* + * This returns -1, or the length sent. + * If -1, then you need to find out if the error was + * fatal or recoverable using SSL_get_error() + */ +int ssl_pm_send(SSL *ssl, const void *buffer, int len) +{ + int ret; + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + + ret = mbedtls_ssl_write(&ssl_pm->ssl, buffer, len); + /* + * We can get a positive number, which may be less than len... that + * much was sent successfully and you can call again to send more. + * + * We can get a negative mbedtls error code... if WANT_WRITE or WANT_READ, + * it's nonfatal and means it should be retried as-is. If something else, + * it's fatal actually. + * + * If this function returns something other than a positive value or + * MBEDTLS_ERR_SSL_WANT_READ/WRITE, the ssl context becomes unusable, and + * you should either free it or call mbedtls_ssl_session_reset() on it + * before re-using it for a new connection; the current connection must + * be closed. + * + * When this function returns MBEDTLS_ERR_SSL_WANT_WRITE/READ, it must be + * called later with the same arguments, until it returns a positive value. + */ + + if (ret < 0) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_write() return -0x%x", -ret); + switch (ret) { + case MBEDTLS_ERR_NET_SEND_FAILED: + case MBEDTLS_ERR_NET_CONN_RESET: + ssl->err = SSL_ERROR_SYSCALL; + break; + case MBEDTLS_ERR_SSL_WANT_WRITE: + ssl->err = SSL_ERROR_WANT_WRITE; + break; + case MBEDTLS_ERR_SSL_WANT_READ: + ssl->err = SSL_ERROR_WANT_READ; + break; + default: + break; + } + + ret = -1; + } + + return ret; +} + +int ssl_pm_pending(const SSL *ssl) +{ + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + + return mbedtls_ssl_get_bytes_avail(&ssl_pm->ssl); +} + +void ssl_pm_set_fd(SSL *ssl, int fd, int mode) +{ + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + + ssl_pm->fd.fd = fd; +} + +int ssl_pm_get_fd(const SSL *ssl, int mode) +{ + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + + return ssl_pm->fd.fd; +} + +OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl) +{ + OSSL_HANDSHAKE_STATE state; + + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + + switch (ssl_pm->ssl.state) + { + case MBEDTLS_SSL_CLIENT_HELLO: + state = TLS_ST_CW_CLNT_HELLO; + break; + case MBEDTLS_SSL_SERVER_HELLO: + state = TLS_ST_SW_SRVR_HELLO; + break; + case MBEDTLS_SSL_SERVER_CERTIFICATE: + state = TLS_ST_SW_CERT; + break; + case MBEDTLS_SSL_SERVER_HELLO_DONE: + state = TLS_ST_SW_SRVR_DONE; + break; + case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE: + state = TLS_ST_CW_KEY_EXCH; + break; + case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC: + state = TLS_ST_CW_CHANGE; + break; + case MBEDTLS_SSL_CLIENT_FINISHED: + state = TLS_ST_CW_FINISHED; + break; + case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC: + state = TLS_ST_SW_CHANGE; + break; + case MBEDTLS_SSL_SERVER_FINISHED: + state = TLS_ST_SW_FINISHED; + break; + case MBEDTLS_SSL_CLIENT_CERTIFICATE: + state = TLS_ST_CW_CERT; + break; + case MBEDTLS_SSL_SERVER_KEY_EXCHANGE: + state = TLS_ST_SR_KEY_EXCH; + break; + case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET: + state = TLS_ST_SW_SESSION_TICKET; + break; + case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT: + state = TLS_ST_SW_CERT_REQ; + break; + case MBEDTLS_SSL_HANDSHAKE_OVER: + state = TLS_ST_OK; + break; + default : + state = TLS_ST_BEFORE; + break; + } + + return state; +} + +int x509_pm_show_info(X509 *x) +{ + int ret; + char *buf; + mbedtls_x509_crt *x509_crt; + struct x509_pm *x509_pm = x->x509_pm; + + if (x509_pm->x509_crt) + x509_crt = x509_pm->x509_crt; + else if (x509_pm->ex_crt) + x509_crt = x509_pm->ex_crt; + else + x509_crt = NULL; + + if (!x509_crt) + return -1; + + buf = ssl_mem_malloc(X509_INFO_STRING_LENGTH); + if (!buf) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (buf)"); + goto no_mem; + } + + ret = mbedtls_x509_crt_info(buf, X509_INFO_STRING_LENGTH - 1, "", x509_crt); + if (ret <= 0) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_x509_crt_info() return -0x%x", -ret); + goto mbedtls_err1; + } + + buf[ret] = 0; + + ssl_mem_free(buf); + + SSL_DEBUG(SSL_DEBUG_ON, "%s", buf); + + return 0; + +mbedtls_err1: + ssl_mem_free(buf); +no_mem: + return -1; +} + +int x509_pm_new(X509 *x, X509 *m_x) +{ + struct x509_pm *x509_pm; + + x509_pm = ssl_mem_zalloc(sizeof(struct x509_pm)); + if (!x509_pm) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (x509_pm)"); + goto failed1; + } + + x->x509_pm = x509_pm; + + if (m_x) { + struct x509_pm *m_x509_pm = (struct x509_pm *)m_x->x509_pm; + + x509_pm->ex_crt = m_x509_pm->x509_crt; + } + + return 0; + +failed1: + return -1; +} + +void x509_pm_free(X509 *x) +{ + struct x509_pm *x509_pm = (struct x509_pm *)x->x509_pm; + + if (x509_pm->x509_crt) { + mbedtls_x509_crt_free(x509_pm->x509_crt); + + ssl_mem_free(x509_pm->x509_crt); + x509_pm->x509_crt = NULL; + } + + ssl_mem_free(x->x509_pm); + x->x509_pm = NULL; +} + +int x509_pm_load(X509 *x, const unsigned char *buffer, int len) +{ + int ret; + unsigned char *load_buf; + struct x509_pm *x509_pm = (struct x509_pm *)x->x509_pm; + + if (x509_pm->x509_crt) + mbedtls_x509_crt_free(x509_pm->x509_crt); + + if (!x509_pm->x509_crt) { + x509_pm->x509_crt = ssl_mem_malloc(sizeof(mbedtls_x509_crt)); + if (!x509_pm->x509_crt) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (x509_pm->x509_crt)"); + goto no_mem; + } + } + + mbedtls_x509_crt_init(x509_pm->x509_crt); + if (buffer[0] != 0x30) { + load_buf = ssl_mem_malloc(len + 1); + if (!load_buf) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (load_buf)"); + goto failed; + } + + ssl_memcpy(load_buf, buffer, len); + load_buf[len] = '\0'; + + ret = mbedtls_x509_crt_parse(x509_pm->x509_crt, load_buf, len + 1); + ssl_mem_free(load_buf); + } else { + printf("parsing as der\n"); + + ret = mbedtls_x509_crt_parse_der(x509_pm->x509_crt, buffer, len); + } + + if (ret) { + printf("mbedtls_x509_crt_parse return -0x%x", -ret); + goto failed; + } + + return 0; + +failed: + mbedtls_x509_crt_free(x509_pm->x509_crt); + ssl_mem_free(x509_pm->x509_crt); + x509_pm->x509_crt = NULL; +no_mem: + return -1; +} + +int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pkey) +{ + struct pkey_pm *pkey_pm; + + pkey_pm = ssl_mem_zalloc(sizeof(struct pkey_pm)); + if (!pkey_pm) + return -1; + + pk->pkey_pm = pkey_pm; + + if (m_pkey) { + struct pkey_pm *m_pkey_pm = (struct pkey_pm *)m_pkey->pkey_pm; + + pkey_pm->ex_pkey = m_pkey_pm->pkey; + } + + return 0; +} + +void pkey_pm_free(EVP_PKEY *pk) +{ + struct pkey_pm *pkey_pm = (struct pkey_pm *)pk->pkey_pm; + + if (pkey_pm->pkey) { + mbedtls_pk_free(pkey_pm->pkey); + + ssl_mem_free(pkey_pm->pkey); + pkey_pm->pkey = NULL; + } + + ssl_mem_free(pk->pkey_pm); + pk->pkey_pm = NULL; +} + +int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len) +{ + int ret; + unsigned char *load_buf; + struct pkey_pm *pkey_pm = (struct pkey_pm *)pk->pkey_pm; + + if (pkey_pm->pkey) + mbedtls_pk_free(pkey_pm->pkey); + + if (!pkey_pm->pkey) { + pkey_pm->pkey = ssl_mem_malloc(sizeof(mbedtls_pk_context)); + if (!pkey_pm->pkey) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (pkey_pm->pkey)"); + goto no_mem; + } + } + + load_buf = ssl_mem_malloc(len + 1); + if (!load_buf) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (load_buf)"); + goto failed; + } + + ssl_memcpy(load_buf, buffer, len); + load_buf[len] = '\0'; + + mbedtls_pk_init(pkey_pm->pkey); + + ret = mbedtls_pk_parse_key(pkey_pm->pkey, load_buf, len + 1, NULL, 0); + ssl_mem_free(load_buf); + + if (ret) { + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_pk_parse_key return -0x%x", -ret); + goto failed; + } + + return 0; + +failed: + mbedtls_pk_free(pkey_pm->pkey); + ssl_mem_free(pkey_pm->pkey); + pkey_pm->pkey = NULL; +no_mem: + return -1; +} + + + +void ssl_pm_set_bufflen(SSL *ssl, int len) +{ + max_content_len = len; +} + +long ssl_pm_get_verify_result(const SSL *ssl) +{ + uint32_t ret; + long verify_result; + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + + ret = mbedtls_ssl_get_verify_result(&ssl_pm->ssl); + if (!ret) + return X509_V_OK; + + if (ret & MBEDTLS_X509_BADCERT_NOT_TRUSTED || + (ret & MBEDTLS_X509_BADCRL_NOT_TRUSTED)) + verify_result = X509_V_ERR_INVALID_CA; + + else if (ret & MBEDTLS_X509_BADCERT_CN_MISMATCH) + verify_result = X509_V_ERR_HOSTNAME_MISMATCH; + + else if ((ret & MBEDTLS_X509_BADCERT_BAD_KEY) || + (ret & MBEDTLS_X509_BADCRL_BAD_KEY)) + verify_result = X509_V_ERR_CA_KEY_TOO_SMALL; + + else if ((ret & MBEDTLS_X509_BADCERT_BAD_MD) || + (ret & MBEDTLS_X509_BADCRL_BAD_MD)) + verify_result = X509_V_ERR_CA_MD_TOO_WEAK; + + else if ((ret & MBEDTLS_X509_BADCERT_FUTURE) || + (ret & MBEDTLS_X509_BADCRL_FUTURE)) + verify_result = X509_V_ERR_CERT_NOT_YET_VALID; + + else if ((ret & MBEDTLS_X509_BADCERT_EXPIRED) || + (ret & MBEDTLS_X509_BADCRL_EXPIRED)) + verify_result = X509_V_ERR_CERT_HAS_EXPIRED; + + else + verify_result = X509_V_ERR_UNSPECIFIED; + + SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, + "mbedtls_ssl_get_verify_result() return 0x%x", ret); + + return verify_result; +} + +/** + * @brief set expected hostname on peer cert CN + */ + +int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, + const char *name, size_t namelen) +{ + SSL *ssl = (SSL *)((char *)param - offsetof(SSL, param)); + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + char *name_cstr = NULL; + + if (namelen) { + name_cstr = malloc(namelen + 1); + if (!name_cstr) + return 0; + memcpy(name_cstr, name, namelen); + name_cstr[namelen] = '\0'; + name = name_cstr; + } + + mbedtls_ssl_set_hostname(&ssl_pm->ssl, name); + + if (namelen) + free(name_cstr); + + return 1; +} + +void _ssl_set_alpn_list(const SSL *ssl) +{ + if (ssl->alpn_protos) { + if (mbedtls_ssl_conf_alpn_protocols(&((struct ssl_pm *)(ssl->ssl_pm))->conf, ssl->alpn_protos)) + fprintf(stderr, "mbedtls_ssl_conf_alpn_protocols failed\n"); + + return; + } + if (!ssl->ctx->alpn_protos) + return; + if (mbedtls_ssl_conf_alpn_protocols(&((struct ssl_pm *)(ssl->ssl_pm))->conf, ssl->ctx->alpn_protos)) + fprintf(stderr, "mbedtls_ssl_conf_alpn_protocols failed\n"); +} + +void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, + unsigned int *len) +{ + const char *alp = mbedtls_ssl_get_alpn_protocol(&((struct ssl_pm *)(ssl->ssl_pm))->ssl); + + *data = (const unsigned char *)alp; + if (alp) + *len = strlen(alp); + else + *len = 0; +} + +int SSL_set_sni_callback(SSL *ssl, int(*cb)(void *, mbedtls_ssl_context *, + const unsigned char *, size_t), void *param) +{ + struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; + + mbedtls_ssl_conf_sni(&ssl_pm->conf, cb, param); + + return 0; +} + +SSL *SSL_SSL_from_mbedtls_ssl_context(mbedtls_ssl_context *msc) +{ + struct ssl_pm *ssl_pm = (struct ssl_pm *)((char *)msc - offsetof(struct ssl_pm, ssl)); + + return ssl_pm->owner; +} + +#include "ssl_cert.h" + +void SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx) +{ + struct ssl_pm *ssl_pm = ssl->ssl_pm; + struct x509_pm *x509_pm = (struct x509_pm *)ctx->cert->x509->x509_pm; + struct x509_pm *x509_pm_ca = (struct x509_pm *)ctx->client_CA->x509_pm; + + struct pkey_pm *pkey_pm = (struct pkey_pm *)ctx->cert->pkey->pkey_pm; + int mode; + + if (ssl->cert) + ssl_cert_free(ssl->cert); + ssl->ctx = ctx; + ssl->cert = __ssl_cert_new(ctx->cert); + + if (ctx->verify_mode == SSL_VERIFY_PEER) + mode = MBEDTLS_SSL_VERIFY_OPTIONAL; + else if (ctx->verify_mode == SSL_VERIFY_FAIL_IF_NO_PEER_CERT) + mode = MBEDTLS_SSL_VERIFY_OPTIONAL; + else if (ctx->verify_mode == SSL_VERIFY_CLIENT_ONCE) + mode = MBEDTLS_SSL_VERIFY_UNSET; + else + mode = MBEDTLS_SSL_VERIFY_NONE; + + // printf("ssl: %p, client ca x509_crt %p, mbedtls mode %d\n", ssl, x509_pm_ca->x509_crt, mode); + + /* apply new ctx cert to ssl */ + + ssl->verify_mode = ctx->verify_mode; + + mbedtls_ssl_set_hs_ca_chain(&ssl_pm->ssl, x509_pm_ca->x509_crt, NULL); + mbedtls_ssl_set_hs_own_cert(&ssl_pm->ssl, x509_pm->x509_crt, pkey_pm->pkey); + mbedtls_ssl_set_hs_authmode(&ssl_pm->ssl, mode); +} diff --git a/thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_port.c b/thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_port.c new file mode 100644 index 0000000000..8c7a31338b --- /dev/null +++ b/thirdparty/libwebsockets/tls/mbedtls/wrapper/platform/ssl_port.c @@ -0,0 +1,29 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at + +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include "ssl_port.h" + +/*********************************************************************************************/ +/********************************* SSL general interface *************************************/ + +void *ssl_mem_zalloc(size_t size) +{ + void *p = malloc(size); + + if (p) + memset(p, 0, size); + + return p; +} + diff --git a/thirdparty/libwebsockets/tls/private.h b/thirdparty/libwebsockets/tls/private.h new file mode 100644 index 0000000000..606e2574dc --- /dev/null +++ b/thirdparty/libwebsockets/tls/private.h @@ -0,0 +1,281 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010 - 2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * This is included from core/private.h if LWS_WITH_TLS + */ + +#if defined(LWS_WITH_TLS) + +#if defined(USE_WOLFSSL) + #if defined(USE_OLD_CYASSL) + #if defined(_WIN32) + #include + #include + #else + #include + #endif + #include + #include + #else + #if defined(_WIN32) + #include + #include + #else + #include + #endif + #include + #include + #define OPENSSL_NO_TLSEXT + #endif /* not USE_OLD_CYASSL */ +#else /* WOLFSSL */ + #if defined(LWS_WITH_ESP32) + #define OPENSSL_NO_TLSEXT + #undef MBEDTLS_CONFIG_FILE + #define MBEDTLS_CONFIG_FILE + #include + #include + #include "tls/mbedtls/wrapper/include/openssl/ssl.h" /* wrapper !!!! */ + #else /* not esp32 */ + #if defined(LWS_WITH_MBEDTLS) + #include + #include + #include + #include "tls/mbedtls/wrapper/include/openssl/ssl.h" /* wrapper !!!! */ + #else + #include + #include + #include + #include + #include + #ifdef LWS_HAVE_OPENSSL_ECDH_H + #include + #endif + #include + #endif /* not mbedtls */ + #if defined(OPENSSL_VERSION_NUMBER) + #if (OPENSSL_VERSION_NUMBER < 0x0009080afL) +/* later openssl defines this to negate the presence of tlsext... but it was only + * introduced at 0.9.8j. Earlier versions don't know it exists so don't + * define it... making it look like the feature exists... + */ + #define OPENSSL_NO_TLSEXT + #endif + #endif + #endif /* not ESP32 */ +#endif /* not USE_WOLFSSL */ + +#endif /* LWS_WITH_TLS */ + +enum lws_tls_extant { + LWS_TLS_EXTANT_NO, + LWS_TLS_EXTANT_YES, + LWS_TLS_EXTANT_ALTERNATIVE +}; + +struct lws_context_per_thread; + +struct lws_tls_ops { + int (*fake_POLLIN_for_buffered)(struct lws_context_per_thread *pt); + int (*periodic_housekeeping)(struct lws_context *context, time_t now); +}; + +#if defined(LWS_WITH_TLS) + +typedef SSL lws_tls_conn; +typedef SSL_CTX lws_tls_ctx; +typedef BIO lws_tls_bio; +typedef X509 lws_tls_x509; + + +#define LWS_SSL_ENABLED(context) (context->tls.use_ssl) + +extern const struct lws_tls_ops tls_ops_openssl, tls_ops_mbedtls; + +struct lws_context_tls { + char alpn_discovered[32]; + const char *alpn_default; + time_t last_cert_check_s; +}; + +struct lws_pt_tls { + struct lws *pending_read_list; /* linked list */ +}; + +struct lws_tls_ss_pieces; + +struct alpn_ctx { + uint8_t data[23]; + uint8_t len; +}; + +struct lws_vhost_tls { + lws_tls_ctx *ssl_ctx; + lws_tls_ctx *ssl_client_ctx; + const char *alpn; + struct lws_tls_ss_pieces *ss; /* for acme tls certs */ + char *alloc_cert_path; + char *key_path; +#if defined(LWS_WITH_MBEDTLS) + lws_tls_x509 *x509_client_CA; +#endif + char ecdh_curve[16]; + struct alpn_ctx alpn_ctx; + + int use_ssl; + int allow_non_ssl_on_ssl_port; + int ssl_info_event_mask; + + unsigned int user_supplied_ssl_ctx:1; + unsigned int skipped_certs:1; +}; + +struct lws_lws_tls { + lws_tls_conn *ssl; + lws_tls_bio *client_bio; + struct lws *pending_read_list_prev, *pending_read_list_next; + unsigned int use_ssl; + unsigned int redirect_to_https:1; +}; + +LWS_EXTERN void +lws_context_init_alpn(struct lws_vhost *vhost); +LWS_EXTERN enum lws_tls_extant +lws_tls_use_any_upgrade_check_extant(const char *name); +LWS_EXTERN int openssl_websocket_private_data_index; +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, int len); +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, int len); +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_ssl_pending(struct lws *wsi); +LWS_EXTERN int +lws_context_init_ssl_library(const struct lws_context_creation_info *info); +LWS_EXTERN int LWS_WARN_UNUSED_RESULT +lws_server_socket_service_ssl(struct lws *new_wsi, lws_sockfd_type accept_fd); +LWS_EXTERN int +lws_ssl_close(struct lws *wsi); +LWS_EXTERN void +lws_ssl_SSL_CTX_destroy(struct lws_vhost *vhost); +LWS_EXTERN void +lws_ssl_context_destroy(struct lws_context *context); +void +__lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi); +LWS_VISIBLE void +lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi); +LWS_EXTERN int +lws_ssl_client_bio_create(struct lws *wsi); +LWS_EXTERN int +lws_ssl_client_connect1(struct lws *wsi); +LWS_EXTERN int +lws_ssl_client_connect2(struct lws *wsi, char *errbuf, int len); +LWS_EXTERN void +lws_ssl_elaborate_error(void); +LWS_EXTERN int +lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt); +LWS_EXTERN int +lws_gate_accepts(struct lws_context *context, int on); +LWS_EXTERN void +lws_ssl_bind_passphrase(lws_tls_ctx *ssl_ctx, + const struct lws_context_creation_info *info); +LWS_EXTERN void +lws_ssl_info_callback(const lws_tls_conn *ssl, int where, int ret); +LWS_EXTERN int +lws_tls_openssl_cert_info(X509 *x509, enum lws_tls_cert_info type, + union lws_tls_cert_info_results *buf, size_t len); +LWS_EXTERN int +lws_tls_check_all_cert_lifetimes(struct lws_context *context); +LWS_EXTERN int +lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi, + const char *cert, const char *private_key, + const char *mem_cert, size_t len_mem_cert, + const char *mem_privkey, size_t mem_privkey_len); +LWS_EXTERN enum lws_tls_extant +lws_tls_generic_cert_checks(struct lws_vhost *vhost, const char *cert, + const char *private_key); +LWS_EXTERN int +lws_tls_alloc_pem_to_der_file(struct lws_context *context, const char *filename, + const char *inbuf, lws_filepos_t inlen, + uint8_t **buf, lws_filepos_t *amount); + +#if !defined(LWS_NO_SERVER) + LWS_EXTERN int + lws_context_init_server_ssl(const struct lws_context_creation_info *info, + struct lws_vhost *vhost); + void + lws_tls_acme_sni_cert_destroy(struct lws_vhost *vhost); +#else + #define lws_context_init_server_ssl(_a, _b) (0) + #define lws_tls_acme_sni_cert_destroy(_a) +#endif + +LWS_EXTERN void +lws_ssl_destroy(struct lws_vhost *vhost); +LWS_EXTERN char * +lws_ssl_get_error_string(int status, int ret, char *buf, size_t len); + +/* + * lws_tls_ abstract backend implementations + */ + +LWS_EXTERN int +lws_tls_server_client_cert_verify_config(struct lws_vhost *vh); +LWS_EXTERN int +lws_tls_server_vhost_backend_init(const struct lws_context_creation_info *info, + struct lws_vhost *vhost, struct lws *wsi); +LWS_EXTERN int +lws_tls_server_new_nonblocking(struct lws *wsi, lws_sockfd_type accept_fd); + +LWS_EXTERN enum lws_ssl_capable_status +lws_tls_server_accept(struct lws *wsi); + +LWS_EXTERN enum lws_ssl_capable_status +lws_tls_server_abort_connection(struct lws *wsi); + +LWS_EXTERN enum lws_ssl_capable_status +__lws_tls_shutdown(struct lws *wsi); + +LWS_EXTERN enum lws_ssl_capable_status +lws_tls_client_connect(struct lws *wsi); +LWS_EXTERN int +lws_tls_client_confirm_peer_cert(struct lws *wsi, char *ebuf, int ebuf_len); +LWS_EXTERN int +lws_tls_client_create_vhost_context(struct lws_vhost *vh, + const struct lws_context_creation_info *info, + const char *cipher_list, + const char *ca_filepath, + const char *cert_filepath, + const char *private_key_filepath); + +LWS_EXTERN lws_tls_ctx * +lws_tls_ctx_from_wsi(struct lws *wsi); +LWS_EXTERN int +lws_ssl_get_error(struct lws *wsi, int n); + +LWS_EXTERN int +lws_context_init_client_ssl(const struct lws_context_creation_info *info, + struct lws_vhost *vhost); + +LWS_EXTERN void +lws_ssl_info_callback(const lws_tls_conn *ssl, int where, int ret); + +int +lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt); + +#endif \ No newline at end of file diff --git a/thirdparty/libwebsockets/tls/tls-client.c b/thirdparty/libwebsockets/tls/tls-client.c new file mode 100644 index 0000000000..70eb6f6078 --- /dev/null +++ b/thirdparty/libwebsockets/tls/tls-client.c @@ -0,0 +1,150 @@ +/* + * libwebsockets - client-related ssl code independent of backend + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +int +lws_ssl_client_connect1(struct lws *wsi) +{ + struct lws_context *context = wsi->context; + int n = 0; + + lws_latency_pre(context, wsi); + n = lws_tls_client_connect(wsi); + lws_latency(context, wsi, "SSL_connect hs", n, n > 0); + + switch (n) { + case LWS_SSL_CAPABLE_ERROR: + return -1; + case LWS_SSL_CAPABLE_DONE: + return 1; /* connected */ + case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: + lws_callback_on_writable(wsi); + /* fallthru */ + case LWS_SSL_CAPABLE_MORE_SERVICE_READ: + lwsi_set_state(wsi, LRS_WAITING_SSL); + break; + case LWS_SSL_CAPABLE_MORE_SERVICE: + break; + } + + return 0; /* retry */ +} + +int +lws_ssl_client_connect2(struct lws *wsi, char *errbuf, int len) +{ + int n = 0; + + if (lwsi_state(wsi) == LRS_WAITING_SSL) { + lws_latency_pre(wsi->context, wsi); + + n = lws_tls_client_connect(wsi); + lwsl_debug("%s: SSL_connect says %d\n", __func__, n); + lws_latency(wsi->context, wsi, + "SSL_connect LRS_WAITING_SSL", n, n > 0); + + switch (n) { + case LWS_SSL_CAPABLE_ERROR: + lws_snprintf(errbuf, len, "client connect failed"); + return -1; + case LWS_SSL_CAPABLE_DONE: + break; /* connected */ + case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE: + lws_callback_on_writable(wsi); + /* fallthru */ + case LWS_SSL_CAPABLE_MORE_SERVICE_READ: + lwsi_set_state(wsi, LRS_WAITING_SSL); + /* fallthru */ + case LWS_SSL_CAPABLE_MORE_SERVICE: + return 0; + } + } + + if (lws_tls_client_confirm_peer_cert(wsi, errbuf, len)) + return -1; + + return 1; +} + + +int lws_context_init_client_ssl(const struct lws_context_creation_info *info, + struct lws_vhost *vhost) +{ + const char *ca_filepath = info->ssl_ca_filepath; + const char *cipher_list = info->ssl_cipher_list; + const char *private_key_filepath = info->ssl_private_key_filepath; + const char *cert_filepath = info->ssl_cert_filepath; + struct lws wsi; + + if (vhost->options & LWS_SERVER_OPTION_ONLY_RAW) + return 0; + + /* + * for backwards-compatibility default to using ssl_... members, but + * if the newer client-specific ones are given, use those + */ + if (info->client_ssl_cipher_list) + cipher_list = info->client_ssl_cipher_list; + if (info->client_ssl_cert_filepath) + cert_filepath = info->client_ssl_cert_filepath; + if (info->client_ssl_private_key_filepath) + private_key_filepath = info->client_ssl_private_key_filepath; + + if (info->client_ssl_ca_filepath) + ca_filepath = info->client_ssl_ca_filepath; + + if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) + return 0; + + if (vhost->tls.ssl_client_ctx) + return 0; + + if (info->provided_client_ssl_ctx) { + /* use the provided OpenSSL context if given one */ + vhost->tls.ssl_client_ctx = info->provided_client_ssl_ctx; + /* nothing for lib to delete */ + vhost->tls.user_supplied_ssl_ctx = 1; + + return 0; + } + + if (lws_tls_client_create_vhost_context(vhost, info, cipher_list, + ca_filepath, cert_filepath, + private_key_filepath)) + return 1; + + lwsl_notice("created client ssl context for %s\n", vhost->name); + + /* + * give him a fake wsi with context set, so he can use + * lws_get_context() in the callback + */ + memset(&wsi, 0, sizeof(wsi)); + wsi.vhost = vhost; + wsi.context = vhost->context; + + vhost->protocols[0].callback(&wsi, + LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS, + vhost->tls.ssl_client_ctx, NULL, 0); + + return 0; +} diff --git a/thirdparty/libwebsockets/tls/tls-server.c b/thirdparty/libwebsockets/tls/tls-server.c new file mode 100644 index 0000000000..440e790660 --- /dev/null +++ b/thirdparty/libwebsockets/tls/tls-server.c @@ -0,0 +1,382 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ + OPENSSL_VERSION_NUMBER >= 0x10002000L) +static int +alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen, + const unsigned char *in, unsigned int inlen, void *arg) +{ +#if !defined(LWS_WITH_MBEDTLS) + struct alpn_ctx *alpn_ctx = (struct alpn_ctx *)arg; + + if (SSL_select_next_proto((unsigned char **)out, outlen, alpn_ctx->data, + alpn_ctx->len, in, inlen) != + OPENSSL_NPN_NEGOTIATED) + return SSL_TLSEXT_ERR_NOACK; +#endif + + return SSL_TLSEXT_ERR_OK; +} +#endif + +void +lws_context_init_alpn(struct lws_vhost *vhost) +{ +#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ + OPENSSL_VERSION_NUMBER >= 0x10002000L) + const char *alpn_comma = vhost->context->tls.alpn_default; + + if (vhost->tls.alpn) + alpn_comma = vhost->tls.alpn; + + lwsl_info(" Server '%s' advertising ALPN: %s\n", + vhost->name, alpn_comma); + vhost->tls.alpn_ctx.len = lws_alpn_comma_to_openssl(alpn_comma, + vhost->tls.alpn_ctx.data, + sizeof(vhost->tls.alpn_ctx.data) - 1); + + SSL_CTX_set_alpn_select_cb(vhost->tls.ssl_ctx, alpn_cb, &vhost->tls.alpn_ctx); +#else + lwsl_err( + " HTTP2 / ALPN configured but not supported by OpenSSL 0x%lx\n", + OPENSSL_VERSION_NUMBER); +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L +} + +int +lws_tls_server_conn_alpn(struct lws *wsi) +{ +#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ + OPENSSL_VERSION_NUMBER >= 0x10002000L) + const unsigned char *name = NULL; + char cstr[10]; + unsigned len; + + SSL_get0_alpn_selected(wsi->tls.ssl, &name, &len); + if (!len) { + lwsl_info("no ALPN upgrade\n"); + return 0; + } + + if (len > sizeof(cstr) - 1) + len = sizeof(cstr) - 1; + + memcpy(cstr, name, len); + cstr[len] = '\0'; + + lwsl_info("negotiated '%s' using ALPN\n", cstr); + wsi->tls.use_ssl |= LCCSCF_USE_SSL; + + return lws_role_call_alpn_negotiated(wsi, (const char *)cstr); +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L + + return 0; +} + +LWS_VISIBLE int +lws_context_init_server_ssl(const struct lws_context_creation_info *info, + struct lws_vhost *vhost) +{ + struct lws_context *context = vhost->context; + struct lws wsi; + + if (!lws_check_opt(info->options, + LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) { + vhost->tls.use_ssl = 0; + + return 0; + } + + /* + * If he is giving a cert filepath, take it as a sign he wants to use + * it on this vhost. User code can leave the cert filepath NULL and + * set the LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX option itself, in + * which case he's expected to set up the cert himself at + * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which + * provides the vhost SSL_CTX * in the user parameter. + */ + if (info->ssl_cert_filepath) + vhost->options |= LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX; + + if (info->port != CONTEXT_PORT_NO_LISTEN) { + + vhost->tls.use_ssl = lws_check_opt(vhost->options, + LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX); + + if (vhost->tls.use_ssl && info->ssl_cipher_list) + lwsl_notice(" SSL ciphers: '%s'\n", + info->ssl_cipher_list); + + if (vhost->tls.use_ssl) + lwsl_notice(" Using SSL mode\n"); + else + lwsl_notice(" Using non-SSL mode\n"); + } + + /* + * give him a fake wsi with context + vhost set, so he can use + * lws_get_context() in the callback + */ + memset(&wsi, 0, sizeof(wsi)); + wsi.vhost = vhost; + wsi.context = context; + + /* + * as a server, if we are requiring clients to identify themselves + * then set the backend up for it + */ + if (lws_check_opt(info->options, + LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT)) + /* Normally SSL listener rejects non-ssl, optionally allow */ + vhost->tls.allow_non_ssl_on_ssl_port = 1; + + /* + * give user code a chance to load certs into the server + * allowing it to verify incoming client certs + */ + if (vhost->tls.use_ssl) { + if (lws_tls_server_vhost_backend_init(info, vhost, &wsi)) + return -1; + + lws_tls_server_client_cert_verify_config(vhost); + + if (vhost->protocols[0].callback(&wsi, + LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, + vhost->tls.ssl_ctx, vhost, 0)) + return -1; + } + + if (vhost->tls.use_ssl) + lws_context_init_alpn(vhost); + + return 0; +} + +LWS_VISIBLE int +lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd) +{ + struct lws_context *context = wsi->context; + struct lws_vhost *vh; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + int n; + char buf[256]; + + (void)buf; + + if (!LWS_SSL_ENABLED(wsi->vhost)) + return 0; + + switch (lwsi_state(wsi)) { + case LRS_SSL_INIT: + + if (wsi->tls.ssl) + lwsl_err("%s: leaking ssl\n", __func__); + if (accept_fd == LWS_SOCK_INVALID) + assert(0); + if (context->simultaneous_ssl_restriction && + context->simultaneous_ssl >= + context->simultaneous_ssl_restriction) { + lwsl_notice("unable to deal with SSL connection\n"); + return 1; + } + + if (lws_tls_server_new_nonblocking(wsi, accept_fd)) { + if (accept_fd != LWS_SOCK_INVALID) + compatible_close(accept_fd); + goto fail; + } + + if (context->simultaneous_ssl_restriction && + ++context->simultaneous_ssl == + context->simultaneous_ssl_restriction) + /* that was the last allowed SSL connection */ + lws_gate_accepts(context, 0); + +#if defined(LWS_WITH_STATS) + context->updated = 1; +#endif + /* + * we are not accepted yet, but we need to enter ourselves + * as a live connection. That way we can retry when more + * pieces come if we're not sorted yet + */ + lwsi_set_state(wsi, LRS_SSL_ACK_PENDING); + + lws_pt_lock(pt, __func__); + if (__insert_wsi_socket_into_fds(context, wsi)) { + lwsl_err("%s: failed to insert into fds\n", __func__); + goto fail; + } + lws_pt_unlock(pt); + + lws_set_timeout(wsi, PENDING_TIMEOUT_SSL_ACCEPT, + context->timeout_secs); + + lwsl_debug("inserted SSL accept into fds, trying SSL_accept\n"); + + /* fallthru */ + + case LRS_SSL_ACK_PENDING: + + if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { + lwsl_err("%s: lws_change_pollfd failed\n", __func__); + goto fail; + } + + lws_latency_pre(context, wsi); + + if (wsi->vhost->tls.allow_non_ssl_on_ssl_port) { + + n = recv(wsi->desc.sockfd, (char *)pt->serv_buf, + context->pt_serv_buf_size, MSG_PEEK); + + /* + * optionally allow non-SSL connect on SSL listening socket + * This is disabled by default, if enabled it goes around any + * SSL-level access control (eg, client-side certs) so leave + * it disabled unless you know it's not a problem for you + */ + if (n >= 1 && pt->serv_buf[0] >= ' ') { + /* + * TLS content-type for Handshake is 0x16, and + * for ChangeCipherSpec Record, it's 0x14 + * + * A non-ssl session will start with the HTTP + * method in ASCII. If we see it's not a legit + * SSL handshake kill the SSL for this + * connection and try to handle as a HTTP + * connection upgrade directly. + */ + wsi->tls.use_ssl = 0; + + lws_tls_server_abort_connection(wsi); + /* + * care... this creates wsi with no ssl + * when ssl is enabled and normally + * mandatory + */ + wsi->tls.ssl = NULL; + if (lws_check_opt(context->options, + LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS)) + wsi->tls.redirect_to_https = 1; + lwsl_debug("accepted as non-ssl\n"); + goto accepted; + } + if (!n) { + /* + * connection is gone, fail out + */ + lwsl_debug("PEEKed 0\n"); + goto fail; + } + if (n < 0 && (LWS_ERRNO == LWS_EAGAIN || + LWS_ERRNO == LWS_EWOULDBLOCK)) { + /* + * well, we get no way to know ssl or not + * so go around again waiting for something + * to come and give us a hint, or timeout the + * connection. + */ + if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) { + lwsl_info("%s: change_pollfd failed\n", + __func__); + return -1; + } + + lwsl_info("SSL_ERROR_WANT_READ\n"); + return 0; + } + } + + /* normal SSL connection processing path */ + +#if defined(LWS_WITH_STATS) + if (!wsi->accept_start_us) + wsi->accept_start_us = time_in_microseconds(); +#endif + errno = 0; + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, 1); + n = lws_tls_server_accept(wsi); + lws_latency(context, wsi, + "SSL_accept LRS_SSL_ACK_PENDING\n", n, n == 1); + lwsl_info("SSL_accept says %d\n", n); + switch (n) { + case LWS_SSL_CAPABLE_DONE: + break; + case LWS_SSL_CAPABLE_ERROR: + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_SSL_CONNECTIONS_FAILED, 1); + lwsl_info("SSL_accept failed socket %u: %d\n", + wsi->desc.sockfd, n); + wsi->socket_is_permanently_unusable = 1; + goto fail; + + default: /* MORE_SERVICE */ + return 0; + } + + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, 1); +#if defined(LWS_WITH_STATS) + lws_stats_atomic_bump(wsi->context, pt, + LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY, + time_in_microseconds() - wsi->accept_start_us); + wsi->accept_start_us = time_in_microseconds(); +#endif + +accepted: + + /* adapt our vhost to match the SNI SSL_CTX that was chosen */ + vh = context->vhost_list; + while (vh) { + if (!vh->being_destroyed && wsi->tls.ssl && + vh->tls.ssl_ctx == lws_tls_ctx_from_wsi(wsi)) { + lwsl_info("setting wsi to vh %s\n", vh->name); + wsi->vhost = vh; + break; + } + vh = vh->vhost_next; + } + + /* OK, we are accepted... give him some time to negotiate */ + lws_set_timeout(wsi, PENDING_TIMEOUT_ESTABLISH_WITH_SERVER, + context->timeout_secs); + + lwsi_set_state(wsi, LRS_ESTABLISHED); + if (lws_tls_server_conn_alpn(wsi)) + goto fail; + lwsl_debug("accepted new SSL conn\n"); + break; + + default: + break; + } + + return 0; + +fail: + return 1; +} + diff --git a/thirdparty/libwebsockets/tls/tls.c b/thirdparty/libwebsockets/tls/tls.c new file mode 100644 index 0000000000..92b7c5593c --- /dev/null +++ b/thirdparty/libwebsockets/tls/tls.c @@ -0,0 +1,522 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2017 Andy Green + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ + +#include "core/private.h" + +/* + * fakes POLLIN on all tls guys with buffered rx + * + * returns nonzero if any tls guys had POLLIN faked + */ + +int +lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt) +{ + struct lws *wsi, *wsi_next; + int ret = 0; + + wsi = pt->tls.pending_read_list; + while (wsi && wsi->position_in_fds_table != LWS_NO_FDS_POS) { + wsi_next = wsi->tls.pending_read_list_next; + pt->fds[wsi->position_in_fds_table].revents |= + pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN; + ret |= pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN; + + wsi = wsi_next; + } + + return !!ret; +} + +void +__lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi) +{ + struct lws_context *context = wsi->context; + struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; + + if (!wsi->tls.pending_read_list_prev && + !wsi->tls.pending_read_list_next && + pt->tls.pending_read_list != wsi) + /* we are not on the list */ + return; + + /* point previous guy's next to our next */ + if (!wsi->tls.pending_read_list_prev) + pt->tls.pending_read_list = wsi->tls.pending_read_list_next; + else + wsi->tls.pending_read_list_prev->tls.pending_read_list_next = + wsi->tls.pending_read_list_next; + + /* point next guy's previous to our previous */ + if (wsi->tls.pending_read_list_next) + wsi->tls.pending_read_list_next->tls.pending_read_list_prev = + wsi->tls.pending_read_list_prev; + + wsi->tls.pending_read_list_prev = NULL; + wsi->tls.pending_read_list_next = NULL; +} + +void +lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi) +{ + struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; + + lws_pt_lock(pt, __func__); + __lws_ssl_remove_wsi_from_buffered_list(wsi); + lws_pt_unlock(pt); +} + +#if defined(LWS_WITH_ESP32) +int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf, + lws_filepos_t *amount) +{ + nvs_handle nvh; + size_t s; + int n = 0; + + ESP_ERROR_CHECK(nvs_open("lws-station", NVS_READWRITE, &nvh)); + if (nvs_get_blob(nvh, filename, NULL, &s) != ESP_OK) { + n = 1; + goto bail; + } + *buf = lws_malloc(s + 1, "alloc_file"); + if (!*buf) { + n = 2; + goto bail; + } + if (nvs_get_blob(nvh, filename, (char *)*buf, &s) != ESP_OK) { + lws_free(*buf); + n = 1; + goto bail; + } + + *amount = s; + (*buf)[s] = '\0'; + + lwsl_notice("%s: nvs: read %s, %d bytes\n", __func__, filename, (int)s); + +bail: + nvs_close(nvh); + + return n; +} +#else +int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf, + lws_filepos_t *amount) +{ + FILE *f; + size_t s; + int n = 0; + + f = fopen(filename, "rb"); + if (f == NULL) { + n = 1; + goto bail; + } + + if (fseek(f, 0, SEEK_END) != 0) { + n = 1; + goto bail; + } + + s = ftell(f); + if (s == (size_t)-1) { + n = 1; + goto bail; + } + + if (fseek(f, 0, SEEK_SET) != 0) { + n = 1; + goto bail; + } + + *buf = lws_malloc(s, "alloc_file"); + if (!*buf) { + n = 2; + goto bail; + } + + if (fread(*buf, s, 1, f) != 1) { + lws_free(*buf); + n = 1; + goto bail; + } + + *amount = s; + +bail: + if (f) + fclose(f); + + return n; + +} +#endif + +int +lws_tls_alloc_pem_to_der_file(struct lws_context *context, const char *filename, + const char *inbuf, lws_filepos_t inlen, + uint8_t **buf, lws_filepos_t *amount) +{ + const uint8_t *pem, *p, *end; + uint8_t *q; + lws_filepos_t len; + int n; + + if (filename) { + n = alloc_file(context, filename, (uint8_t **)&pem, &len); + if (n) + return n; + } else { + pem = (const uint8_t *)inbuf; + len = inlen; + } + + /* trim the first line */ + + p = pem; + end = p + len; + if (strncmp((char *)p, "-----", 5)) + goto bail; + p += 5; + while (p < end && *p != '\n' && *p != '-') + p++; + + if (*p != '-') + goto bail; + + while (p < end && *p != '\n') + p++; + + if (p >= end) + goto bail; + + p++; + + /* trim the last line */ + + q = (uint8_t *)end - 2; + + while (q > pem && *q != '\n') + q--; + + if (*q != '\n') + goto bail; + + *q = '\0'; + + *amount = lws_b64_decode_string((char *)p, (char *)pem, + (int)(long long)len); + *buf = (uint8_t *)pem; + + return 0; + +bail: + lws_free((uint8_t *)pem); + + return 4; +} + +int +lws_tls_check_cert_lifetime(struct lws_vhost *v) +{ + union lws_tls_cert_info_results ir; + time_t now = (time_t)lws_now_secs(), life = 0; + struct lws_acme_cert_aging_args caa; + int n; + + if (v->tls.ssl_ctx && !v->tls.skipped_certs) { + + if (now < 1464083026) /* May 2016 */ + /* our clock is wrong and we can't judge the certs */ + return -1; + + n = lws_tls_vhost_cert_info(v, LWS_TLS_CERT_INFO_VALIDITY_TO, &ir, 0); + if (n) + return 1; + + life = (ir.time - now) / (24 * 3600); + lwsl_notice(" vhost %s: cert expiry: %dd\n", v->name, (int)life); + } else + lwsl_notice(" vhost %s: no cert\n", v->name); + + memset(&caa, 0, sizeof(caa)); + caa.vh = v; + lws_broadcast(v->context, LWS_CALLBACK_VHOST_CERT_AGING, (void *)&caa, + (size_t)(ssize_t)life); + + return 0; +} + +int +lws_tls_check_all_cert_lifetimes(struct lws_context *context) +{ + struct lws_vhost *v = context->vhost_list; + + while (v) { + if (lws_tls_check_cert_lifetime(v) < 0) + return -1; + v = v->vhost_next; + } + + return 0; +} +#if !defined(LWS_WITH_ESP32) && !defined(LWS_PLAT_OPTEE) +static int +lws_tls_extant(const char *name) +{ + /* it exists if we can open it... */ + int fd = open(name, O_RDONLY), n; + char buf[1]; + + if (fd < 0) + return 1; + + /* and we can read at least one byte out of it */ + n = read(fd, buf, 1); + close(fd); + + return n != 1; +} +#endif +/* + * Returns 0 if the filepath "name" exists and can be read from. + * + * In addition, if "name".upd exists, backup "name" to "name.old.1" + * and rename "name".upd to "name" before reporting its existence. + * + * There are four situations and three results possible: + * + * 1) LWS_TLS_EXTANT_NO: There are no certs at all (we are waiting for them to + * be provisioned). We also feel like this if we need privs we don't have + * any more to look in the directory. + * + * 2) There are provisioned certs written (xxx.upd) and we still have root + * privs... in this case we rename any existing cert to have a backup name + * and move the upd cert into place with the correct name. This then becomes + * situation 4 for the caller. + * + * 3) LWS_TLS_EXTANT_ALTERNATIVE: There are provisioned certs written (xxx.upd) + * but we no longer have the privs needed to read or rename them. In this + * case, indicate that the caller should use temp copies if any we do have + * rights to access. This is normal after we have updated the cert. + * + * But if we dropped privs, we can't detect the provisioned xxx.upd cert + + * key, because we can't see in the dir. So we have to upgrade NO to + * ALTERNATIVE when we actually have the in-memory alternative. + * + * 4) LWS_TLS_EXTANT_YES: The certs are present with the correct name and we + * have the rights to read them. + */ +enum lws_tls_extant +lws_tls_use_any_upgrade_check_extant(const char *name) +{ +#if !defined(LWS_PLAT_OPTEE) + + int n; + +#if !defined(LWS_WITH_ESP32) + char buf[256]; + + lws_snprintf(buf, sizeof(buf) - 1, "%s.upd", name); + if (!lws_tls_extant(buf)) { + /* ah there is an updated file... how about the desired file? */ + if (!lws_tls_extant(name)) { + /* rename the desired file */ + for (n = 0; n < 50; n++) { + lws_snprintf(buf, sizeof(buf) - 1, + "%s.old.%d", name, n); + if (!rename(name, buf)) + break; + } + if (n == 50) { + lwsl_notice("unable to rename %s\n", name); + + return LWS_TLS_EXTANT_ALTERNATIVE; + } + lws_snprintf(buf, sizeof(buf) - 1, "%s.upd", name); + } + /* desired file is out of the way, rename the updated file */ + if (rename(buf, name)) { + lwsl_notice("unable to rename %s to %s\n", buf, name); + + return LWS_TLS_EXTANT_ALTERNATIVE; + } + } + + if (lws_tls_extant(name)) + return LWS_TLS_EXTANT_NO; +#else + nvs_handle nvh; + size_t s = 8192; + + if (nvs_open("lws-station", NVS_READWRITE, &nvh)) { + lwsl_notice("%s: can't open nvs\n", __func__); + return LWS_TLS_EXTANT_NO; + } + + n = nvs_get_blob(nvh, name, NULL, &s); + nvs_close(nvh); + + if (n) + return LWS_TLS_EXTANT_NO; +#endif +#endif + return LWS_TLS_EXTANT_YES; +} + +/* + * LWS_TLS_EXTANT_NO : skip adding the cert + * LWS_TLS_EXTANT_YES : use the cert and private key paths normally + * LWS_TLS_EXTANT_ALTERNATIVE: normal paths not usable, try alternate if poss + */ +enum lws_tls_extant +lws_tls_generic_cert_checks(struct lws_vhost *vhost, const char *cert, + const char *private_key) +{ + int n, m; + + /* + * The user code can choose to either pass the cert and + * key filepaths using the info members like this, or it can + * leave them NULL; force the vhost SSL_CTX init using the info + * options flag LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX; and + * set up the cert himself using the user callback + * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which + * happened just above and has the vhost SSL_CTX * in the user + * parameter. + */ + + if (!cert || !private_key) + return LWS_TLS_EXTANT_NO; + + n = lws_tls_use_any_upgrade_check_extant(cert); + if (n == LWS_TLS_EXTANT_ALTERNATIVE) + return LWS_TLS_EXTANT_ALTERNATIVE; + m = lws_tls_use_any_upgrade_check_extant(private_key); + if (m == LWS_TLS_EXTANT_ALTERNATIVE) + return LWS_TLS_EXTANT_ALTERNATIVE; + + if ((n == LWS_TLS_EXTANT_NO || m == LWS_TLS_EXTANT_NO) && + (vhost->options & LWS_SERVER_OPTION_IGNORE_MISSING_CERT)) { + lwsl_notice("Ignoring missing %s or %s\n", cert, private_key); + vhost->tls.skipped_certs = 1; + + return LWS_TLS_EXTANT_NO; + } + + /* + * the cert + key exist + */ + + return LWS_TLS_EXTANT_YES; +} + +#if !defined(LWS_NO_SERVER) +/* + * update the cert for every vhost using the given path + */ + +LWS_VISIBLE int +lws_tls_cert_updated(struct lws_context *context, const char *certpath, + const char *keypath, + const char *mem_cert, size_t len_mem_cert, + const char *mem_privkey, size_t len_mem_privkey) +{ + struct lws wsi; + + wsi.context = context; + + lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) { + wsi.vhost = v; + if (v->tls.alloc_cert_path && v->tls.key_path && + !strcmp(v->tls.alloc_cert_path, certpath) && + !strcmp(v->tls.key_path, keypath)) { + lws_tls_server_certs_load(v, &wsi, certpath, keypath, + mem_cert, len_mem_cert, + mem_privkey, len_mem_privkey); + + if (v->tls.skipped_certs) + lwsl_notice("%s: vhost %s: cert unset\n", + __func__, v->name); + } + } lws_end_foreach_ll(v, vhost_next); + + return 0; +} +#endif + +int +lws_gate_accepts(struct lws_context *context, int on) +{ + struct lws_vhost *v = context->vhost_list; + + lwsl_notice("%s: on = %d\n", __func__, on); + +#if defined(LWS_WITH_STATS) + context->updated = 1; +#endif + + while (v) { + if (v->tls.use_ssl && v->lserv_wsi && + lws_change_pollfd(v->lserv_wsi, (LWS_POLLIN) * !on, + (LWS_POLLIN) * on)) + lwsl_notice("Unable to set accept POLLIN %d\n", on); + + v = v->vhost_next; + } + + return 0; +} + +/* comma-separated alpn list, like "h2,http/1.1" to openssl alpn format */ + +int +lws_alpn_comma_to_openssl(const char *comma, uint8_t *os, int len) +{ + uint8_t *oos = os, *plen = NULL; + + while (*comma && len > 1) { + if (!plen && *comma == ' ') { + comma++; + continue; + } + if (!plen) { + plen = os++; + len--; + } + + if (*comma == ',') { + *plen = lws_ptr_diff(os, plen + 1); + plen = NULL; + comma++; + } else { + *os++ = *comma++; + len--; + } + } + + if (plen) + *plen = lws_ptr_diff(os, plen + 1); + + return lws_ptr_diff(os, oos); +} + diff --git a/thirdparty/libwebsockets/uwp_fixes.diff b/thirdparty/libwebsockets/uwp_fixes.diff index 3350f2a661..21c3275bba 100644 --- a/thirdparty/libwebsockets/uwp_fixes.diff +++ b/thirdparty/libwebsockets/uwp_fixes.diff @@ -1,8 +1,8 @@ -diff --git a/thirdparty/libwebsockets/lib/plat/windows/windows-file.c b/thirdparty/libwebsockets/lib/plat/windows/windows-file.c -index 6516b70b0..eb73aab7f 100644 ---- a/thirdparty/libwebsockets/lib/plat/windows/windows-file.c -+++ b/thirdparty/libwebsockets/lib/plat/windows/windows-file.c -@@ -36,9 +36,20 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, +diff --git a/thirdparty/libwebsockets/plat/lws-plat-win.c b/thirdparty/libwebsockets/plat/lws-plat-win.c +index bd513b494..1850b6425 100644 +--- a/thirdparty/libwebsockets/plat/lws-plat-win.c ++++ b/thirdparty/libwebsockets/plat/lws-plat-win.c +@@ -641,9 +641,20 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, HANDLE ret; WCHAR buf[MAX_PATH]; lws_fop_fd_t fop_fd; @@ -24,7 +24,7 @@ index 6516b70b0..eb73aab7f 100644 if (((*flags) & 7) == _O_RDONLY) { ret = CreateFileW(buf, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); -@@ -46,6 +57,7 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, +@@ -651,6 +662,7 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, ret = CreateFileW(buf, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); } @@ -32,7 +32,7 @@ index 6516b70b0..eb73aab7f 100644 if (ret == LWS_INVALID_FILE) goto bail; -@@ -58,9 +70,9 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, +@@ -663,9 +675,9 @@ _lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename, fop_fd->fd = ret; fop_fd->filesystem_priv = NULL; /* we don't use it */ fop_fd->flags = *flags; diff --git a/thirdparty/libwebsockets/win32helpers/getopt.c b/thirdparty/libwebsockets/win32helpers/getopt.c index 2181f1cb12..3bb21f6f28 100644 --- a/thirdparty/libwebsockets/win32helpers/getopt.c +++ b/thirdparty/libwebsockets/win32helpers/getopt.c @@ -1,153 +1,153 @@ -/* $NetBSD: getopt.c,v 1.16 1999/12/02 13:15:56 kleink Exp $ */ - -/* - * Copyright (c) 1987, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if 0 -static char sccsid[] = "@(#)getopt.c 8.3 (Berkeley) 4/27/95"; -#endif - -#include -#include -#include -#include - -#define __P(x) x -#define _DIAGASSERT(x) assert(x) - -#ifdef __weak_alias -__weak_alias(getopt,_getopt); -#endif - - -int opterr = 1, /* if error message should be printed */ - optind = 1, /* index into parent argv vector */ - optopt, /* character checked for validity */ - optreset; /* reset getopt */ -char *optarg; /* argument associated with option */ - -static char * _progname __P((char *)); -int getopt_internal __P((int, char * const *, const char *)); - -static char * -_progname(nargv0) - char * nargv0; -{ - char * tmp; - - _DIAGASSERT(nargv0 != NULL); - - tmp = strrchr(nargv0, '/'); - if (tmp) - tmp++; - else - tmp = nargv0; - return(tmp); -} - -#define BADCH (int)'?' -#define BADARG (int)':' -#define EMSG "" - -/* - * getopt -- - * Parse argc/argv argument vector. - */ -int -getopt(nargc, nargv, ostr) - int nargc; - char * const nargv[]; - const char *ostr; -{ - static char *__progname = 0; - static char *place = EMSG; /* option letter processing */ - char *oli; /* option letter list index */ - __progname = __progname?__progname:_progname(*nargv); - - _DIAGASSERT(nargv != NULL); - _DIAGASSERT(ostr != NULL); - - if (optreset || !*place) { /* update scanning pointer */ - optreset = 0; - if (optind >= nargc || *(place = nargv[optind]) != '-') { - place = EMSG; - return (-1); - } - if (place[1] && *++place == '-' /* found "--" */ - && place[1] == '\0') { - ++optind; - place = EMSG; - return (-1); - } - } /* option letter okay? */ - if ((optopt = (int)*place++) == (int)':' || - !(oli = strchr(ostr, optopt))) { - /* - * if the user didn't specify '-' as an option, - * assume it means -1. - */ - if (optopt == (int)'-') - return (-1); - if (!*place) - ++optind; - if (opterr && *ostr != ':') - (void)fprintf(stderr, - "%s: illegal option -- %c\n", __progname, optopt); - return (BADCH); - } - if (*++oli != ':') { /* don't need argument */ - optarg = NULL; - if (!*place) - ++optind; - } - else { /* need an argument */ - if (*place) /* no white space */ - optarg = place; - else if (nargc <= ++optind) { /* no arg */ - place = EMSG; - if (*ostr == ':') - return (BADARG); - if (opterr) - (void)fprintf(stderr, - "%s: option requires an argument -- %c\n", - __progname, optopt); - return (BADCH); - } - else /* white space */ - optarg = nargv[optind]; - place = EMSG; - ++optind; - } - return (optopt); /* dump back option letter */ -} - +/* $NetBSD: getopt.c,v 1.16 1999/12/02 13:15:56 kleink Exp $ */ + +/* + * Copyright (c) 1987, 1993, 1994 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if 0 +static char sccsid[] = "@(#)getopt.c 8.3 (Berkeley) 4/27/95"; +#endif + +#include +#include +#include +#include + +#define __P(x) x +#define _DIAGASSERT(x) assert(x) + +#ifdef __weak_alias +__weak_alias(getopt,_getopt); +#endif + + +int opterr = 1, /* if error message should be printed */ + optind = 1, /* index into parent argv vector */ + optopt, /* character checked for validity */ + optreset; /* reset getopt */ +char *optarg; /* argument associated with option */ + +static char * _progname __P((char *)); +int getopt_internal __P((int, char * const *, const char *)); + +static char * +_progname(nargv0) + char * nargv0; +{ + char * tmp; + + _DIAGASSERT(nargv0 != NULL); + + tmp = strrchr(nargv0, '/'); + if (tmp) + tmp++; + else + tmp = nargv0; + return(tmp); +} + +#define BADCH (int)'?' +#define BADARG (int)':' +#define EMSG "" + +/* + * getopt -- + * Parse argc/argv argument vector. + */ +int +getopt(nargc, nargv, ostr) + int nargc; + char * const nargv[]; + const char *ostr; +{ + static char *__progname = 0; + static char *place = EMSG; /* option letter processing */ + char *oli; /* option letter list index */ + __progname = __progname?__progname:_progname(*nargv); + + _DIAGASSERT(nargv != NULL); + _DIAGASSERT(ostr != NULL); + + if (optreset || !*place) { /* update scanning pointer */ + optreset = 0; + if (optind >= nargc || *(place = nargv[optind]) != '-') { + place = EMSG; + return (-1); + } + if (place[1] && *++place == '-' /* found "--" */ + && place[1] == '\0') { + ++optind; + place = EMSG; + return (-1); + } + } /* option letter okay? */ + if ((optopt = (int)*place++) == (int)':' || + !(oli = strchr(ostr, optopt))) { + /* + * if the user didn't specify '-' as an option, + * assume it means -1. + */ + if (optopt == (int)'-') + return (-1); + if (!*place) + ++optind; + if (opterr && *ostr != ':') + (void)fprintf(stderr, + "%s: illegal option -- %c\n", __progname, optopt); + return (BADCH); + } + if (*++oli != ':') { /* don't need argument */ + optarg = NULL; + if (!*place) + ++optind; + } + else { /* need an argument */ + if (*place) /* no white space */ + optarg = place; + else if (nargc <= ++optind) { /* no arg */ + place = EMSG; + if (*ostr == ':') + return (BADARG); + if (opterr) + (void)fprintf(stderr, + "%s: option requires an argument -- %c\n", + __progname, optopt); + return (BADCH); + } + else /* white space */ + optarg = nargv[optind]; + place = EMSG; + ++optind; + } + return (optopt); /* dump back option letter */ +} + diff --git a/thirdparty/libwebsockets/win32helpers/getopt_long.c b/thirdparty/libwebsockets/win32helpers/getopt_long.c index 22e5fa8945..6dfccf367d 100644 --- a/thirdparty/libwebsockets/win32helpers/getopt_long.c +++ b/thirdparty/libwebsockets/win32helpers/getopt_long.c @@ -1,240 +1,240 @@ - -/* - * Copyright (c) 1987, 1993, 1994, 1996 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -#include -#include -#include -#include -#include -#include "getopt.h" - -#define lws_ptr_diff(head, tail) \ - ((int)((char *)(head) - (char *)(tail))) - -extern int opterr; /* if error message should be printed */ -extern int optind; /* index into parent argv vector */ -extern int optopt; /* character checked for validity */ -extern int optreset; /* reset getopt */ -extern char *optarg; /* argument associated with option */ - -#define __P(x) x -#define _DIAGASSERT(x) assert(x) - -static char * __progname __P((char *)); -int getopt_internal __P((int, char * const *, const char *)); - -static char * -__progname(nargv0) - char * nargv0; -{ - char * tmp; - - _DIAGASSERT(nargv0 != NULL); - - tmp = strrchr(nargv0, '/'); - if (tmp) - tmp++; - else - tmp = nargv0; - return(tmp); -} - -#define BADCH (int)'?' -#define BADARG (int)':' -#define EMSG "" - -/* - * getopt -- - * Parse argc/argv argument vector. - */ -int -getopt_internal(nargc, nargv, ostr) - int nargc; - char * const *nargv; - const char *ostr; -{ - static char *place = EMSG; /* option letter processing */ - char *oli; /* option letter list index */ - - _DIAGASSERT(nargv != NULL); - _DIAGASSERT(ostr != NULL); - - if (optreset || !*place) { /* update scanning pointer */ - optreset = 0; - if (optind >= nargc || *(place = nargv[optind]) != '-') { - place = EMSG; - return (-1); - } - if (place[1] && *++place == '-') { /* found "--" */ - /* ++optind; */ - place = EMSG; - return (-2); - } - } /* option letter okay? */ - if ((optopt = (int)*place++) == (int)':' || - !(oli = strchr(ostr, optopt))) { - /* - * if the user didn't specify '-' as an option, - * assume it means -1. - */ - if (optopt == (int)'-') - return (-1); - if (!*place) - ++optind; - if (opterr && *ostr != ':') - (void)fprintf(stderr, - "%s: illegal option -- %c\n", __progname(nargv[0]), optopt); - return (BADCH); - } - if (*++oli != ':') { /* don't need argument */ - optarg = NULL; - if (!*place) - ++optind; - } else { /* need an argument */ - if (*place) /* no white space */ - optarg = place; - else if (nargc <= ++optind) { /* no arg */ - place = EMSG; - if ((opterr) && (*ostr != ':')) - (void)fprintf(stderr, - "%s: option requires an argument -- %c\n", - __progname(nargv[0]), optopt); - return (BADARG); - } else /* white space */ - optarg = nargv[optind]; - place = EMSG; - ++optind; - } - return (optopt); /* dump back option letter */ -} - -#if 0 -/* - * getopt -- - * Parse argc/argv argument vector. - */ -int -getopt2(nargc, nargv, ostr) - int nargc; - char * const *nargv; - const char *ostr; -{ - int retval; - - if ((retval = getopt_internal(nargc, nargv, ostr)) == -2) { - retval = -1; - ++optind; - } - return(retval); -} -#endif - -/* - * getopt_long -- - * Parse argc/argv argument vector. - */ -int -getopt_long(nargc, nargv, options, long_options, index) - int nargc; - char ** nargv; - char * options; - struct option * long_options; - int * index; -{ - int retval; - - _DIAGASSERT(nargv != NULL); - _DIAGASSERT(options != NULL); - _DIAGASSERT(long_options != NULL); - /* index may be NULL */ - - if ((retval = getopt_internal(nargc, nargv, options)) == -2) { - char *current_argv = nargv[optind++] + 2, *has_equal; - int i, current_argv_len, match = -1; - - if (*current_argv == '\0') { - return(-1); - } - if ((has_equal = strchr(current_argv, '=')) != NULL) { - current_argv_len = lws_ptr_diff(has_equal, current_argv); - has_equal++; - } else - current_argv_len = (int)strlen(current_argv); - - for (i = 0; long_options[i].name; i++) { - if (strncmp(current_argv, long_options[i].name, current_argv_len)) - continue; - - if (strlen(long_options[i].name) == (unsigned)current_argv_len) { - match = i; - break; - } - if (match == -1) - match = i; - } - if (match != -1) { - if (long_options[match].has_arg == required_argument || - long_options[match].has_arg == optional_argument) { - if (has_equal) - optarg = has_equal; - else - optarg = nargv[optind++]; - } - if ((long_options[match].has_arg == required_argument) - && (optarg == NULL)) { - /* - * Missing argument, leading : - * indicates no error should be generated - */ - if ((opterr) && (*options != ':')) - (void)fprintf(stderr, - "%s: option requires an argument -- %s\n", - __progname(nargv[0]), current_argv); - return (BADARG); - } - } else { /* No matching argument */ - if ((opterr) && (*options != ':')) - (void)fprintf(stderr, - "%s: illegal option -- %s\n", __progname(nargv[0]), current_argv); - return (BADCH); - } - if (long_options[match].flag) { - *long_options[match].flag = long_options[match].val; - retval = 0; - } else - retval = long_options[match].val; - if (index) - *index = match; - } - return(retval); -} + +/* + * Copyright (c) 1987, 1993, 1994, 1996 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include +#include +#include +#include +#include "getopt.h" + +#define lws_ptr_diff(head, tail) \ + ((int)((char *)(head) - (char *)(tail))) + +extern int opterr; /* if error message should be printed */ +extern int optind; /* index into parent argv vector */ +extern int optopt; /* character checked for validity */ +extern int optreset; /* reset getopt */ +extern char *optarg; /* argument associated with option */ + +#define __P(x) x +#define _DIAGASSERT(x) assert(x) + +static char * __progname __P((char *)); +int getopt_internal __P((int, char * const *, const char *)); + +static char * +__progname(nargv0) + char * nargv0; +{ + char * tmp; + + _DIAGASSERT(nargv0 != NULL); + + tmp = strrchr(nargv0, '/'); + if (tmp) + tmp++; + else + tmp = nargv0; + return(tmp); +} + +#define BADCH (int)'?' +#define BADARG (int)':' +#define EMSG "" + +/* + * getopt -- + * Parse argc/argv argument vector. + */ +int +getopt_internal(nargc, nargv, ostr) + int nargc; + char * const *nargv; + const char *ostr; +{ + static char *place = EMSG; /* option letter processing */ + char *oli; /* option letter list index */ + + _DIAGASSERT(nargv != NULL); + _DIAGASSERT(ostr != NULL); + + if (optreset || !*place) { /* update scanning pointer */ + optreset = 0; + if (optind >= nargc || *(place = nargv[optind]) != '-') { + place = EMSG; + return (-1); + } + if (place[1] && *++place == '-') { /* found "--" */ + /* ++optind; */ + place = EMSG; + return (-2); + } + } /* option letter okay? */ + if ((optopt = (int)*place++) == (int)':' || + !(oli = strchr(ostr, optopt))) { + /* + * if the user didn't specify '-' as an option, + * assume it means -1. + */ + if (optopt == (int)'-') + return (-1); + if (!*place) + ++optind; + if (opterr && *ostr != ':') + (void)fprintf(stderr, + "%s: illegal option -- %c\n", __progname(nargv[0]), optopt); + return (BADCH); + } + if (*++oli != ':') { /* don't need argument */ + optarg = NULL; + if (!*place) + ++optind; + } else { /* need an argument */ + if (*place) /* no white space */ + optarg = place; + else if (nargc <= ++optind) { /* no arg */ + place = EMSG; + if ((opterr) && (*ostr != ':')) + (void)fprintf(stderr, + "%s: option requires an argument -- %c\n", + __progname(nargv[0]), optopt); + return (BADARG); + } else /* white space */ + optarg = nargv[optind]; + place = EMSG; + ++optind; + } + return (optopt); /* dump back option letter */ +} + +#if 0 +/* + * getopt -- + * Parse argc/argv argument vector. + */ +int +getopt2(nargc, nargv, ostr) + int nargc; + char * const *nargv; + const char *ostr; +{ + int retval; + + if ((retval = getopt_internal(nargc, nargv, ostr)) == -2) { + retval = -1; + ++optind; + } + return(retval); +} +#endif + +/* + * getopt_long -- + * Parse argc/argv argument vector. + */ +int +getopt_long(nargc, nargv, options, long_options, index) + int nargc; + char ** nargv; + char * options; + struct option * long_options; + int * index; +{ + int retval; + + _DIAGASSERT(nargv != NULL); + _DIAGASSERT(options != NULL); + _DIAGASSERT(long_options != NULL); + /* index may be NULL */ + + if ((retval = getopt_internal(nargc, nargv, options)) == -2) { + char *current_argv = nargv[optind++] + 2, *has_equal; + int i, current_argv_len, match = -1; + + if (*current_argv == '\0') { + return(-1); + } + if ((has_equal = strchr(current_argv, '=')) != NULL) { + current_argv_len = lws_ptr_diff(has_equal, current_argv); + has_equal++; + } else + current_argv_len = (int)strlen(current_argv); + + for (i = 0; long_options[i].name; i++) { + if (strncmp(current_argv, long_options[i].name, current_argv_len)) + continue; + + if (strlen(long_options[i].name) == (unsigned)current_argv_len) { + match = i; + break; + } + if (match == -1) + match = i; + } + if (match != -1) { + if (long_options[match].has_arg == required_argument || + long_options[match].has_arg == optional_argument) { + if (has_equal) + optarg = has_equal; + else + optarg = nargv[optind++]; + } + if ((long_options[match].has_arg == required_argument) + && (optarg == NULL)) { + /* + * Missing argument, leading : + * indicates no error should be generated + */ + if ((opterr) && (*options != ':')) + (void)fprintf(stderr, + "%s: option requires an argument -- %s\n", + __progname(nargv[0]), current_argv); + return (BADARG); + } + } else { /* No matching argument */ + if ((opterr) && (*options != ':')) + (void)fprintf(stderr, + "%s: illegal option -- %s\n", __progname(nargv[0]), current_argv); + return (BADCH); + } + if (long_options[match].flag) { + *long_options[match].flag = long_options[match].val; + retval = 0; + } else + retval = long_options[match].val; + if (index) + *index = match; + } + return(retval); +} diff --git a/thirdparty/libwebsockets/win32helpers/gettimeofday.c b/thirdparty/libwebsockets/win32helpers/gettimeofday.c index 08385c2320..35dd73531d 100644 --- a/thirdparty/libwebsockets/win32helpers/gettimeofday.c +++ b/thirdparty/libwebsockets/win32helpers/gettimeofday.c @@ -1,36 +1,36 @@ -#include -#include //I've omitted context line - -#include "gettimeofday.h" - -int gettimeofday(struct timeval *tv, struct timezone *tz) -{ - FILETIME ft; - unsigned __int64 tmpres = 0; - static int tzflag; - - if (NULL != tv) { - GetSystemTimeAsFileTime(&ft); - - tmpres |= ft.dwHighDateTime; - tmpres <<= 32; - tmpres |= ft.dwLowDateTime; - - /*converting file time to unix epoch*/ - tmpres /= 10; /*convert into microseconds*/ +#include +#include //I've omitted context line + +#include "gettimeofday.h" + +int gettimeofday(struct timeval *tv, struct timezone *tz) +{ + FILETIME ft; + unsigned __int64 tmpres = 0; + static int tzflag; + + if (NULL != tv) { + GetSystemTimeAsFileTime(&ft); + + tmpres |= ft.dwHighDateTime; + tmpres <<= 32; + tmpres |= ft.dwLowDateTime; + + /*converting file time to unix epoch*/ + tmpres /= 10; /*convert into microseconds*/ tmpres -= DELTA_EPOCH_IN_MICROSECS; - tv->tv_sec = (long)(tmpres / 1000000UL); - tv->tv_usec = (long)(tmpres % 1000000UL); - } - - if (NULL != tz) { - if (!tzflag) { - _tzset(); - tzflag++; - } - tz->tz_minuteswest = _timezone / 60; - tz->tz_dsttime = _daylight; - } - - return 0; -} + tv->tv_sec = (long)(tmpres / 1000000UL); + tv->tv_usec = (long)(tmpres % 1000000UL); + } + + if (NULL != tz) { + if (!tzflag) { + _tzset(); + tzflag++; + } + tz->tz_minuteswest = _timezone / 60; + tz->tz_dsttime = _daylight; + } + + return 0; +} -- cgit v1.2.3