res_http_websocket.c 44 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473
  1. /*
  2. * Asterisk -- An open source telephony toolkit.
  3. *
  4. * Copyright (C) 2012, Digium, Inc.
  5. *
  6. * Joshua Colp <jcolp@digium.com>
  7. *
  8. * See http://www.asterisk.org for more information about
  9. * the Asterisk project. Please do not directly contact
  10. * any of the maintainers of this project for assistance;
  11. * the project provides a web site, mailing lists and IRC
  12. * channels for your use.
  13. *
  14. * This program is free software, distributed under the terms of
  15. * the GNU General Public License Version 2. See the LICENSE file
  16. * at the top of the source tree.
  17. */
  18. /*! \file
  19. *
  20. * \brief WebSocket support for the Asterisk internal HTTP server
  21. *
  22. * \author Joshua Colp <jcolp@digium.com>
  23. */
  24. /*** MODULEINFO
  25. <support_level>core</support_level>
  26. ***/
  27. #include "asterisk.h"
  28. ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
  29. #include "asterisk/module.h"
  30. #include "asterisk/http.h"
  31. #include "asterisk/astobj2.h"
  32. #include "asterisk/strings.h"
  33. #include "asterisk/file.h"
  34. #include "asterisk/unaligned.h"
  35. #include "asterisk/uri.h"
  36. #define AST_API_MODULE
  37. #include "asterisk/http_websocket.h"
  38. /*! \brief GUID used to compute the accept key, defined in the specifications */
  39. #define WEBSOCKET_GUID "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
  40. /*! \brief Length of a websocket's client key */
  41. #define CLIENT_KEY_SIZE 16
  42. /*! \brief Number of buckets for registered protocols */
  43. #define MAX_PROTOCOL_BUCKETS 7
  44. #ifdef LOW_MEMORY
  45. /*! \brief Size of the pre-determined buffer for WebSocket frames */
  46. #define MAXIMUM_FRAME_SIZE 8192
  47. /*! \brief Default reconstruction size for multi-frame payload reconstruction. If exceeded the next frame will start a
  48. * payload.
  49. */
  50. #define DEFAULT_RECONSTRUCTION_CEILING 8192
  51. /*! \brief Maximum reconstruction size for multi-frame payload reconstruction. */
  52. #define MAXIMUM_RECONSTRUCTION_CEILING 8192
  53. #else
  54. /*! \brief Size of the pre-determined buffer for WebSocket frames */
  55. #define MAXIMUM_FRAME_SIZE 32768
  56. /*! \brief Default reconstruction size for multi-frame payload reconstruction. If exceeded the next frame will start a
  57. * payload.
  58. */
  59. #define DEFAULT_RECONSTRUCTION_CEILING 32768
  60. /*! \brief Maximum reconstruction size for multi-frame payload reconstruction. */
  61. #define MAXIMUM_RECONSTRUCTION_CEILING 32768
  62. #endif
  63. /*! \brief Maximum size of a websocket frame header
  64. * 1 byte flags and opcode
  65. * 1 byte mask flag + payload len
  66. * 8 bytes max extended length
  67. * 4 bytes optional masking key
  68. * ... payload follows ...
  69. * */
  70. #define MAX_WS_HDR_SZ 14
  71. #define MIN_WS_HDR_SZ 2
  72. /*! \brief Structure definition for session */
  73. struct ast_websocket {
  74. FILE *f; /*!< Pointer to the file instance used for writing and reading */
  75. int fd; /*!< File descriptor for the session, only used for polling */
  76. struct ast_sockaddr remote_address; /*!< Address of the remote client */
  77. struct ast_sockaddr local_address; /*!< Our local address */
  78. enum ast_websocket_opcode opcode; /*!< Cached opcode for multi-frame messages */
  79. size_t payload_len; /*!< Length of the payload */
  80. char *payload; /*!< Pointer to the payload */
  81. size_t reconstruct; /*!< Number of bytes before a reconstructed payload will be returned and a new one started */
  82. int timeout; /*!< The timeout for operations on the socket */
  83. unsigned int secure:1; /*!< Bit to indicate that the transport is secure */
  84. unsigned int closing:1; /*!< Bit to indicate that the session is in the process of being closed */
  85. unsigned int close_sent:1; /*!< Bit to indicate that the session close opcode has been sent and no further data will be sent */
  86. struct websocket_client *client; /*!< Client object when connected as a client websocket */
  87. uint16_t close_status_code; /*!< Status code sent in a CLOSE frame upon shutdown */
  88. };
  89. /*! \brief Hashing function for protocols */
  90. static int protocol_hash_fn(const void *obj, const int flags)
  91. {
  92. const struct ast_websocket_protocol *protocol = obj;
  93. const char *name = obj;
  94. return ast_str_case_hash(flags & OBJ_KEY ? name : protocol->name);
  95. }
  96. /*! \brief Comparison function for protocols */
  97. static int protocol_cmp_fn(void *obj, void *arg, int flags)
  98. {
  99. const struct ast_websocket_protocol *protocol1 = obj, *protocol2 = arg;
  100. const char *protocol = arg;
  101. return !strcasecmp(protocol1->name, flags & OBJ_KEY ? protocol : protocol2->name) ? CMP_MATCH | CMP_STOP : 0;
  102. }
  103. /*! \brief Destructor function for protocols */
  104. static void protocol_destroy_fn(void *obj)
  105. {
  106. struct ast_websocket_protocol *protocol = obj;
  107. ast_free(protocol->name);
  108. }
  109. /*! \brief Structure for a WebSocket server */
  110. struct ast_websocket_server {
  111. struct ao2_container *protocols; /*!< Container for registered protocols */
  112. };
  113. static void websocket_server_internal_dtor(void *obj)
  114. {
  115. struct ast_websocket_server *server = obj;
  116. ao2_cleanup(server->protocols);
  117. server->protocols = NULL;
  118. }
  119. static void websocket_server_dtor(void *obj)
  120. {
  121. websocket_server_internal_dtor(obj);
  122. ast_module_unref(ast_module_info->self);
  123. }
  124. static struct ast_websocket_server *websocket_server_create_impl(void (*dtor)(void *))
  125. {
  126. RAII_VAR(struct ast_websocket_server *, server, NULL, ao2_cleanup);
  127. server = ao2_alloc(sizeof(*server), dtor);
  128. if (!server) {
  129. return NULL;
  130. }
  131. server->protocols = ao2_container_alloc_hash(AO2_ALLOC_OPT_LOCK_MUTEX, 0,
  132. MAX_PROTOCOL_BUCKETS, protocol_hash_fn, NULL, protocol_cmp_fn);
  133. if (!server->protocols) {
  134. return NULL;
  135. }
  136. ao2_ref(server, +1);
  137. return server;
  138. }
  139. static struct ast_websocket_server *websocket_server_internal_create(void)
  140. {
  141. return websocket_server_create_impl(websocket_server_internal_dtor);
  142. }
  143. struct ast_websocket_server *AST_OPTIONAL_API_NAME(ast_websocket_server_create)(void)
  144. {
  145. ast_module_ref(ast_module_info->self);
  146. return websocket_server_create_impl(websocket_server_dtor);
  147. }
  148. /*! \brief Destructor function for sessions */
  149. static void session_destroy_fn(void *obj)
  150. {
  151. struct ast_websocket *session = obj;
  152. if (session->f) {
  153. ast_websocket_close(session, session->close_status_code);
  154. if (session->f) {
  155. fclose(session->f);
  156. ast_verb(2, "WebSocket connection %s '%s' closed\n", session->client ? "to" : "from",
  157. ast_sockaddr_stringify(&session->remote_address));
  158. }
  159. }
  160. ao2_cleanup(session->client);
  161. ast_free(session->payload);
  162. }
  163. struct ast_websocket_protocol *AST_OPTIONAL_API_NAME(ast_websocket_sub_protocol_alloc)(const char *name)
  164. {
  165. struct ast_websocket_protocol *protocol;
  166. protocol = ao2_alloc(sizeof(*protocol), protocol_destroy_fn);
  167. if (!protocol) {
  168. return NULL;
  169. }
  170. protocol->name = ast_strdup(name);
  171. if (!protocol->name) {
  172. ao2_ref(protocol, -1);
  173. return NULL;
  174. }
  175. protocol->version = AST_WEBSOCKET_PROTOCOL_VERSION;
  176. return protocol;
  177. }
  178. int AST_OPTIONAL_API_NAME(ast_websocket_server_add_protocol)(struct ast_websocket_server *server, const char *name, ast_websocket_callback callback)
  179. {
  180. struct ast_websocket_protocol *protocol;
  181. if (!server->protocols) {
  182. return -1;
  183. }
  184. protocol = ast_websocket_sub_protocol_alloc(name);
  185. if (!protocol) {
  186. return -1;
  187. }
  188. protocol->session_established = callback;
  189. if (ast_websocket_server_add_protocol2(server, protocol)) {
  190. ao2_ref(protocol, -1);
  191. return -1;
  192. }
  193. return 0;
  194. }
  195. int AST_OPTIONAL_API_NAME(ast_websocket_server_add_protocol2)(struct ast_websocket_server *server, struct ast_websocket_protocol *protocol)
  196. {
  197. struct ast_websocket_protocol *existing;
  198. if (!server->protocols) {
  199. return -1;
  200. }
  201. if (protocol->version != AST_WEBSOCKET_PROTOCOL_VERSION) {
  202. ast_log(LOG_WARNING, "WebSocket could not register sub-protocol '%s': "
  203. "expected version '%u', got version '%u'\n",
  204. protocol->name, AST_WEBSOCKET_PROTOCOL_VERSION, protocol->version);
  205. return -1;
  206. }
  207. ao2_lock(server->protocols);
  208. /* Ensure a second protocol handler is not registered for the same protocol */
  209. existing = ao2_find(server->protocols, protocol->name, OBJ_KEY | OBJ_NOLOCK);
  210. if (existing) {
  211. ao2_ref(existing, -1);
  212. ao2_unlock(server->protocols);
  213. return -1;
  214. }
  215. ao2_link_flags(server->protocols, protocol, OBJ_NOLOCK);
  216. ao2_unlock(server->protocols);
  217. ast_verb(2, "WebSocket registered sub-protocol '%s'\n", protocol->name);
  218. ao2_ref(protocol, -1);
  219. return 0;
  220. }
  221. int AST_OPTIONAL_API_NAME(ast_websocket_server_remove_protocol)(struct ast_websocket_server *server, const char *name, ast_websocket_callback callback)
  222. {
  223. struct ast_websocket_protocol *protocol;
  224. if (!(protocol = ao2_find(server->protocols, name, OBJ_KEY))) {
  225. return -1;
  226. }
  227. if (protocol->session_established != callback) {
  228. ao2_ref(protocol, -1);
  229. return -1;
  230. }
  231. ao2_unlink(server->protocols, protocol);
  232. ao2_ref(protocol, -1);
  233. ast_verb(2, "WebSocket unregistered sub-protocol '%s'\n", name);
  234. return 0;
  235. }
  236. /*! \brief Close function for websocket session */
  237. int AST_OPTIONAL_API_NAME(ast_websocket_close)(struct ast_websocket *session, uint16_t reason)
  238. {
  239. enum ast_websocket_opcode opcode = AST_WEBSOCKET_OPCODE_CLOSE;
  240. char frame[4] = { 0, }; /* The header is 2 bytes and the reason code takes up another 2 bytes */
  241. int res;
  242. if (session->close_sent) {
  243. return 0;
  244. }
  245. frame[0] = opcode | 0x80;
  246. frame[1] = 2; /* The reason code is always 2 bytes */
  247. /* If no reason has been specified assume 1000 which is normal closure */
  248. put_unaligned_uint16(&frame[2], htons(reason ? reason : 1000));
  249. session->closing = 1;
  250. session->close_sent = 1;
  251. ao2_lock(session);
  252. res = ast_careful_fwrite(session->f, session->fd, frame, 4, session->timeout);
  253. /* If an error occurred when trying to close this connection explicitly terminate it now.
  254. * Doing so will cause the thread polling on it to wake up and terminate.
  255. */
  256. if (res) {
  257. fclose(session->f);
  258. session->f = NULL;
  259. ast_verb(2, "WebSocket connection %s '%s' forcefully closed due to fatal write error\n",
  260. session->client ? "to" : "from", ast_sockaddr_stringify(&session->remote_address));
  261. }
  262. ao2_unlock(session);
  263. return res;
  264. }
  265. static const char *opcode_map[] = {
  266. [AST_WEBSOCKET_OPCODE_CONTINUATION] = "continuation",
  267. [AST_WEBSOCKET_OPCODE_TEXT] = "text",
  268. [AST_WEBSOCKET_OPCODE_BINARY] = "binary",
  269. [AST_WEBSOCKET_OPCODE_CLOSE] = "close",
  270. [AST_WEBSOCKET_OPCODE_PING] = "ping",
  271. [AST_WEBSOCKET_OPCODE_PONG] = "pong",
  272. };
  273. static const char *websocket_opcode2str(enum ast_websocket_opcode opcode)
  274. {
  275. if (opcode < AST_WEBSOCKET_OPCODE_CONTINUATION ||
  276. opcode > AST_WEBSOCKET_OPCODE_PONG) {
  277. return "<unknown>";
  278. } else {
  279. return opcode_map[opcode];
  280. }
  281. }
  282. /*! \brief Write function for websocket traffic */
  283. int AST_OPTIONAL_API_NAME(ast_websocket_write)(struct ast_websocket *session, enum ast_websocket_opcode opcode, char *payload, uint64_t payload_size)
  284. {
  285. size_t header_size = 2; /* The minimum size of a websocket frame is 2 bytes */
  286. char *frame;
  287. uint64_t length;
  288. uint64_t frame_size;
  289. ast_debug(3, "Writing websocket %s frame, length %" PRIu64 "\n",
  290. websocket_opcode2str(opcode), payload_size);
  291. if (payload_size < 126) {
  292. length = payload_size;
  293. } else if (payload_size < (1 << 16)) {
  294. length = 126;
  295. /* We need an additional 2 bytes to store the extended length */
  296. header_size += 2;
  297. } else {
  298. length = 127;
  299. /* We need an additional 8 bytes to store the really really extended length */
  300. header_size += 8;
  301. }
  302. frame_size = header_size + payload_size;
  303. frame = ast_alloca(frame_size + 1);
  304. memset(frame, 0, frame_size + 1);
  305. frame[0] = opcode | 0x80;
  306. frame[1] = length;
  307. /* Use the additional available bytes to store the length */
  308. if (length == 126) {
  309. put_unaligned_uint16(&frame[2], htons(payload_size));
  310. } else if (length == 127) {
  311. put_unaligned_uint64(&frame[2], htonll(payload_size));
  312. }
  313. memcpy(&frame[header_size], payload, payload_size);
  314. ao2_lock(session);
  315. if (session->closing) {
  316. ao2_unlock(session);
  317. return -1;
  318. }
  319. if (ast_careful_fwrite(session->f, session->fd, frame, frame_size, session->timeout)) {
  320. ao2_unlock(session);
  321. /* 1011 - server terminating connection due to not being able to fulfill the request */
  322. ast_debug(1, "Closing WS with 1011 because we can't fulfill a write request\n");
  323. ast_websocket_close(session, 1011);
  324. return -1;
  325. }
  326. fflush(session->f);
  327. ao2_unlock(session);
  328. return 0;
  329. }
  330. void AST_OPTIONAL_API_NAME(ast_websocket_reconstruct_enable)(struct ast_websocket *session, size_t bytes)
  331. {
  332. session->reconstruct = MIN(bytes, MAXIMUM_RECONSTRUCTION_CEILING);
  333. }
  334. void AST_OPTIONAL_API_NAME(ast_websocket_reconstruct_disable)(struct ast_websocket *session)
  335. {
  336. session->reconstruct = 0;
  337. }
  338. void AST_OPTIONAL_API_NAME(ast_websocket_ref)(struct ast_websocket *session)
  339. {
  340. ao2_ref(session, +1);
  341. }
  342. void AST_OPTIONAL_API_NAME(ast_websocket_unref)(struct ast_websocket *session)
  343. {
  344. ao2_cleanup(session);
  345. }
  346. int AST_OPTIONAL_API_NAME(ast_websocket_fd)(struct ast_websocket *session)
  347. {
  348. return session->closing ? -1 : session->fd;
  349. }
  350. struct ast_sockaddr * AST_OPTIONAL_API_NAME(ast_websocket_remote_address)(struct ast_websocket *session)
  351. {
  352. return &session->remote_address;
  353. }
  354. struct ast_sockaddr * AST_OPTIONAL_API_NAME(ast_websocket_local_address)(struct ast_websocket *session)
  355. {
  356. return &session->local_address;
  357. }
  358. int AST_OPTIONAL_API_NAME(ast_websocket_is_secure)(struct ast_websocket *session)
  359. {
  360. return session->secure;
  361. }
  362. int AST_OPTIONAL_API_NAME(ast_websocket_set_nonblock)(struct ast_websocket *session)
  363. {
  364. return ast_fd_set_flags(session->fd, O_NONBLOCK);
  365. }
  366. int AST_OPTIONAL_API_NAME(ast_websocket_set_timeout)(struct ast_websocket *session, int timeout)
  367. {
  368. session->timeout = timeout;
  369. return 0;
  370. }
  371. /* MAINTENANCE WARNING on ast_websocket_read()!
  372. *
  373. * We have to keep in mind during this function that the fact that session->fd seems ready
  374. * (via poll) does not necessarily mean we have application data ready, because in the case
  375. * of an SSL socket, there is some encryption data overhead that needs to be read from the
  376. * TCP socket, so poll() may say there are bytes to be read, but whether it is just 1 byte
  377. * or N bytes we do not know that, and we do not know how many of those bytes (if any) are
  378. * for application data (for us) and not just for the SSL protocol consumption
  379. *
  380. * There used to be a couple of nasty bugs here that were fixed in last refactoring but I
  381. * want to document them so the constraints are clear and we do not re-introduce them:
  382. *
  383. * - This function would incorrectly assume that fread() would necessarily return more than
  384. * 1 byte of data, just because a websocket frame is always >= 2 bytes, but the thing
  385. * is we're dealing with a TCP bitstream here, we could read just one byte and that's normal.
  386. * The problem before was that if just one byte was read, the function bailed out and returned
  387. * an error, effectively dropping the first byte of a websocket frame header!
  388. *
  389. * - Another subtle bug was that it would just read up to MAX_WS_HDR_SZ (14 bytes) via fread()
  390. * then assume that executing poll() would tell you if there is more to read, but since
  391. * we're dealing with a buffered stream (session->f is a FILE*), poll would say there is
  392. * nothing else to read (in the real tcp socket session->fd) and we would get stuck here
  393. * without processing the rest of the data in session->f internal buffers until another packet
  394. * came on the network to unblock us!
  395. *
  396. * Note during the header parsing stage we try to read in small chunks just what we need, this
  397. * is buffered data anyways, no expensive syscall required most of the time ...
  398. */
  399. static inline int ws_safe_read(struct ast_websocket *session, char *buf, int len, enum ast_websocket_opcode *opcode)
  400. {
  401. size_t rlen;
  402. int xlen = len;
  403. char *rbuf = buf;
  404. int sanity = 10;
  405. ao2_lock(session);
  406. if (!session->f) {
  407. ao2_unlock(session);
  408. errno = ECONNABORTED;
  409. return -1;
  410. }
  411. for (;;) {
  412. clearerr(session->f);
  413. rlen = fread(rbuf, 1, xlen, session->f);
  414. if (!rlen) {
  415. if (feof(session->f)) {
  416. ast_log(LOG_WARNING, "Web socket closed abruptly\n");
  417. *opcode = AST_WEBSOCKET_OPCODE_CLOSE;
  418. session->closing = 1;
  419. ao2_unlock(session);
  420. return -1;
  421. }
  422. if (ferror(session->f) && errno != EAGAIN) {
  423. ast_log(LOG_ERROR, "Error reading from web socket: %s\n", strerror(errno));
  424. *opcode = AST_WEBSOCKET_OPCODE_CLOSE;
  425. session->closing = 1;
  426. ao2_unlock(session);
  427. return -1;
  428. }
  429. if (!--sanity) {
  430. ast_log(LOG_WARNING, "Websocket seems unresponsive, disconnecting ...\n");
  431. *opcode = AST_WEBSOCKET_OPCODE_CLOSE;
  432. session->closing = 1;
  433. ao2_unlock(session);
  434. return -1;
  435. }
  436. }
  437. xlen = xlen - rlen;
  438. rbuf = rbuf + rlen;
  439. if (!xlen) {
  440. break;
  441. }
  442. if (ast_wait_for_input(session->fd, 1000) < 0) {
  443. ast_log(LOG_ERROR, "ast_wait_for_input returned err: %s\n", strerror(errno));
  444. *opcode = AST_WEBSOCKET_OPCODE_CLOSE;
  445. session->closing = 1;
  446. ao2_unlock(session);
  447. return -1;
  448. }
  449. }
  450. ao2_unlock(session);
  451. return 0;
  452. }
  453. int AST_OPTIONAL_API_NAME(ast_websocket_read)(struct ast_websocket *session, char **payload, uint64_t *payload_len, enum ast_websocket_opcode *opcode, int *fragmented)
  454. {
  455. char buf[MAXIMUM_FRAME_SIZE] = "";
  456. int fin = 0;
  457. int mask_present = 0;
  458. char *mask = NULL, *new_payload = NULL;
  459. size_t options_len = 0, frame_size = 0;
  460. *payload = NULL;
  461. *payload_len = 0;
  462. *fragmented = 0;
  463. if (ws_safe_read(session, &buf[0], MIN_WS_HDR_SZ, opcode)) {
  464. return -1;
  465. }
  466. frame_size += MIN_WS_HDR_SZ;
  467. /* ok, now we have the first 2 bytes, so we know some flags, opcode and payload length (or whether payload length extension will be required) */
  468. *opcode = buf[0] & 0xf;
  469. *payload_len = buf[1] & 0x7f;
  470. if (*opcode == AST_WEBSOCKET_OPCODE_TEXT || *opcode == AST_WEBSOCKET_OPCODE_BINARY || *opcode == AST_WEBSOCKET_OPCODE_CONTINUATION ||
  471. *opcode == AST_WEBSOCKET_OPCODE_PING || *opcode == AST_WEBSOCKET_OPCODE_PONG || *opcode == AST_WEBSOCKET_OPCODE_CLOSE) {
  472. fin = (buf[0] >> 7) & 1;
  473. mask_present = (buf[1] >> 7) & 1;
  474. /* Based on the mask flag and payload length, determine how much more we need to read before start parsing the rest of the header */
  475. options_len += mask_present ? 4 : 0;
  476. options_len += (*payload_len == 126) ? 2 : (*payload_len == 127) ? 8 : 0;
  477. if (options_len) {
  478. /* read the rest of the header options */
  479. if (ws_safe_read(session, &buf[frame_size], options_len, opcode)) {
  480. return -1;
  481. }
  482. frame_size += options_len;
  483. }
  484. if (*payload_len == 126) {
  485. /* Grab the 2-byte payload length */
  486. *payload_len = ntohs(get_unaligned_uint16(&buf[2]));
  487. mask = &buf[4];
  488. } else if (*payload_len == 127) {
  489. /* Grab the 8-byte payload length */
  490. *payload_len = ntohl(get_unaligned_uint64(&buf[2]));
  491. mask = &buf[10];
  492. } else {
  493. /* Just set the mask after the small 2-byte header */
  494. mask = &buf[2];
  495. }
  496. /* Now read the rest of the payload */
  497. *payload = &buf[frame_size]; /* payload will start here, at the end of the options, if any */
  498. frame_size = frame_size + (*payload_len); /* final frame size is header + optional headers + payload data */
  499. if (frame_size > MAXIMUM_FRAME_SIZE) {
  500. ast_log(LOG_WARNING, "Cannot fit huge websocket frame of %zu bytes\n", frame_size);
  501. /* The frame won't fit :-( */
  502. ast_websocket_close(session, 1009);
  503. return -1;
  504. }
  505. if (ws_safe_read(session, *payload, *payload_len, opcode)) {
  506. return -1;
  507. }
  508. /* If a mask is present unmask the payload */
  509. if (mask_present) {
  510. unsigned int pos;
  511. for (pos = 0; pos < *payload_len; pos++) {
  512. (*payload)[pos] ^= mask[pos % 4];
  513. }
  514. }
  515. /* Per the RFC for PING we need to send back an opcode with the application data as received */
  516. if (*opcode == AST_WEBSOCKET_OPCODE_PING) {
  517. if (ast_websocket_write(session, AST_WEBSOCKET_OPCODE_PONG, *payload, *payload_len)) {
  518. ast_websocket_close(session, 1009);
  519. }
  520. *payload_len = 0;
  521. return 0;
  522. }
  523. /* Stop PONG processing here */
  524. if (*opcode == AST_WEBSOCKET_OPCODE_PONG) {
  525. *payload_len = 0;
  526. return 0;
  527. }
  528. /* Save the CLOSE status code which will be sent in our own CLOSE in the destructor */
  529. if (*opcode == AST_WEBSOCKET_OPCODE_CLOSE) {
  530. session->closing = 1;
  531. if (*payload_len >= 2) {
  532. session->close_status_code = ntohs(get_unaligned_uint16(*payload));
  533. }
  534. *payload_len = 0;
  535. return 0;
  536. }
  537. /* Below this point we are handling TEXT, BINARY or CONTINUATION opcodes */
  538. if (*payload_len) {
  539. if (!(new_payload = ast_realloc(session->payload, (session->payload_len + *payload_len)))) {
  540. ast_log(LOG_WARNING, "Failed allocation: %p, %zu, %"PRIu64"\n",
  541. session->payload, session->payload_len, *payload_len);
  542. *payload_len = 0;
  543. ast_websocket_close(session, 1009);
  544. return -1;
  545. }
  546. session->payload = new_payload;
  547. memcpy((session->payload + session->payload_len), (*payload), (*payload_len));
  548. session->payload_len += *payload_len;
  549. } else if (!session->payload_len && session->payload) {
  550. ast_free(session->payload);
  551. session->payload = NULL;
  552. }
  553. if (!fin && session->reconstruct && (session->payload_len < session->reconstruct)) {
  554. /* If this is not a final message we need to defer returning it until later */
  555. if (*opcode != AST_WEBSOCKET_OPCODE_CONTINUATION) {
  556. session->opcode = *opcode;
  557. }
  558. *opcode = AST_WEBSOCKET_OPCODE_CONTINUATION;
  559. *payload_len = 0;
  560. *payload = NULL;
  561. } else {
  562. if (*opcode == AST_WEBSOCKET_OPCODE_CONTINUATION) {
  563. if (!fin) {
  564. /* If this was not actually the final message tell the user it is fragmented so they can deal with it accordingly */
  565. *fragmented = 1;
  566. } else {
  567. /* Final frame in multi-frame so push up the actual opcode */
  568. *opcode = session->opcode;
  569. }
  570. }
  571. *payload_len = session->payload_len;
  572. *payload = session->payload;
  573. session->payload_len = 0;
  574. }
  575. } else {
  576. ast_log(LOG_WARNING, "WebSocket unknown opcode %u\n", *opcode);
  577. /* We received an opcode that we don't understand, the RFC states that 1003 is for a type of data that can't be accepted... opcodes
  578. * fit that, I think. */
  579. ast_websocket_close(session, 1003);
  580. }
  581. return 0;
  582. }
  583. /*!
  584. * \brief If the server has exactly one configured protocol, return it.
  585. */
  586. static struct ast_websocket_protocol *one_protocol(
  587. struct ast_websocket_server *server)
  588. {
  589. SCOPED_AO2LOCK(lock, server->protocols);
  590. if (ao2_container_count(server->protocols) != 1) {
  591. return NULL;
  592. }
  593. return ao2_callback(server->protocols, OBJ_NOLOCK, NULL, NULL);
  594. }
  595. static char *websocket_combine_key(const char *key, char *res, int res_size)
  596. {
  597. char *combined;
  598. unsigned combined_length = strlen(key) + strlen(WEBSOCKET_GUID) + 1;
  599. uint8_t sha[20];
  600. combined = ast_alloca(combined_length);
  601. snprintf(combined, combined_length, "%s%s", key, WEBSOCKET_GUID);
  602. ast_sha1_hash_uint(sha, combined);
  603. ast_base64encode(res, (const unsigned char*)sha, 20, res_size);
  604. return res;
  605. }
  606. static void websocket_bad_request(struct ast_tcptls_session_instance *ser)
  607. {
  608. struct ast_str *http_header = ast_str_create(64);
  609. if (!http_header) {
  610. ast_http_request_close_on_completion(ser);
  611. ast_http_error(ser, 500, "Server Error", "Out of memory");
  612. return;
  613. }
  614. ast_str_set(&http_header, 0, "Sec-WebSocket-Version: 7, 8, 13\r\n");
  615. ast_http_send(ser, AST_HTTP_UNKNOWN, 400, "Bad Request", http_header, NULL, 0, 0);
  616. }
  617. int AST_OPTIONAL_API_NAME(ast_websocket_uri_cb)(struct ast_tcptls_session_instance *ser, const struct ast_http_uri *urih, const char *uri, enum ast_http_method method, struct ast_variable *get_vars, struct ast_variable *headers)
  618. {
  619. struct ast_variable *v;
  620. const char *upgrade = NULL, *key = NULL, *key1 = NULL, *key2 = NULL, *protos = NULL;
  621. char *requested_protocols = NULL, *protocol = NULL;
  622. int version = 0, flags = 1;
  623. struct ast_websocket_protocol *protocol_handler = NULL;
  624. struct ast_websocket *session;
  625. struct ast_websocket_server *server;
  626. SCOPED_MODULE_USE(ast_module_info->self);
  627. /* Upgrade requests are only permitted on GET methods */
  628. if (method != AST_HTTP_GET) {
  629. ast_http_error(ser, 501, "Not Implemented", "Attempt to use unimplemented / unsupported method");
  630. return 0;
  631. }
  632. server = urih->data;
  633. /* Get the minimum headers required to satisfy our needs */
  634. for (v = headers; v; v = v->next) {
  635. if (!strcasecmp(v->name, "Upgrade")) {
  636. upgrade = v->value;
  637. } else if (!strcasecmp(v->name, "Sec-WebSocket-Key")) {
  638. key = v->value;
  639. } else if (!strcasecmp(v->name, "Sec-WebSocket-Key1")) {
  640. key1 = v->value;
  641. } else if (!strcasecmp(v->name, "Sec-WebSocket-Key2")) {
  642. key2 = v->value;
  643. } else if (!strcasecmp(v->name, "Sec-WebSocket-Protocol")) {
  644. protos = v->value;
  645. } else if (!strcasecmp(v->name, "Sec-WebSocket-Version")) {
  646. if (sscanf(v->value, "%30d", &version) != 1) {
  647. version = 0;
  648. }
  649. }
  650. }
  651. /* If this is not a websocket upgrade abort */
  652. if (!upgrade || strcasecmp(upgrade, "websocket")) {
  653. ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - did not request WebSocket\n",
  654. ast_sockaddr_stringify(&ser->remote_address));
  655. ast_http_error(ser, 426, "Upgrade Required", NULL);
  656. return 0;
  657. } else if (ast_strlen_zero(protos)) {
  658. /* If there's only a single protocol registered, and the
  659. * client doesn't specify what protocol it's using, go ahead
  660. * and accept the connection */
  661. protocol_handler = one_protocol(server);
  662. if (!protocol_handler) {
  663. /* Multiple registered subprotocols; client must specify */
  664. ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - no protocols requested\n",
  665. ast_sockaddr_stringify(&ser->remote_address));
  666. websocket_bad_request(ser);
  667. return 0;
  668. }
  669. } else if (key1 && key2) {
  670. /* Specification defined in http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-76 and
  671. * http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-00 -- not currently supported*/
  672. ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - unsupported version '00/76' chosen\n",
  673. ast_sockaddr_stringify(&ser->remote_address));
  674. websocket_bad_request(ser);
  675. return 0;
  676. }
  677. if (!protocol_handler && protos) {
  678. requested_protocols = ast_strdupa(protos);
  679. /* Iterate through the requested protocols trying to find one that we have a handler for */
  680. while (!protocol_handler && (protocol = strsep(&requested_protocols, ","))) {
  681. protocol_handler = ao2_find(server->protocols, ast_strip(protocol), OBJ_KEY);
  682. }
  683. }
  684. /* If no protocol handler exists bump this back to the requester */
  685. if (!protocol_handler) {
  686. ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - no protocols out of '%s' supported\n",
  687. ast_sockaddr_stringify(&ser->remote_address), protos);
  688. websocket_bad_request(ser);
  689. return 0;
  690. }
  691. /* Determine how to respond depending on the version */
  692. if (version == 7 || version == 8 || version == 13) {
  693. char base64[64];
  694. if (!key || strlen(key) + strlen(WEBSOCKET_GUID) + 1 > 8192) { /* no stack overflows please */
  695. websocket_bad_request(ser);
  696. ao2_ref(protocol_handler, -1);
  697. return 0;
  698. }
  699. if (ast_http_body_discard(ser)) {
  700. websocket_bad_request(ser);
  701. ao2_ref(protocol_handler, -1);
  702. return 0;
  703. }
  704. if (!(session = ao2_alloc(sizeof(*session), session_destroy_fn))) {
  705. ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted\n",
  706. ast_sockaddr_stringify(&ser->remote_address));
  707. websocket_bad_request(ser);
  708. ao2_ref(protocol_handler, -1);
  709. return 0;
  710. }
  711. session->timeout = AST_DEFAULT_WEBSOCKET_WRITE_TIMEOUT;
  712. if (protocol_handler->session_attempted
  713. && protocol_handler->session_attempted(ser, get_vars, headers)) {
  714. ast_debug(3, "WebSocket connection from '%s' rejected by protocol handler '%s'\n",
  715. ast_sockaddr_stringify(&ser->remote_address), protocol_handler->name);
  716. websocket_bad_request(ser);
  717. ao2_ref(protocol_handler, -1);
  718. return 0;
  719. }
  720. /* RFC 6455, Section 4.1:
  721. *
  722. * 6. If the response includes a |Sec-WebSocket-Protocol| header
  723. * field and this header field indicates the use of a
  724. * subprotocol that was not present in the client's handshake
  725. * (the server has indicated a subprotocol not requested by
  726. * the client), the client MUST _Fail the WebSocket
  727. * Connection_.
  728. */
  729. if (protocol) {
  730. fprintf(ser->f, "HTTP/1.1 101 Switching Protocols\r\n"
  731. "Upgrade: %s\r\n"
  732. "Connection: Upgrade\r\n"
  733. "Sec-WebSocket-Accept: %s\r\n"
  734. "Sec-WebSocket-Protocol: %s\r\n\r\n",
  735. upgrade,
  736. websocket_combine_key(key, base64, sizeof(base64)),
  737. protocol);
  738. } else {
  739. fprintf(ser->f, "HTTP/1.1 101 Switching Protocols\r\n"
  740. "Upgrade: %s\r\n"
  741. "Connection: Upgrade\r\n"
  742. "Sec-WebSocket-Accept: %s\r\n\r\n",
  743. upgrade,
  744. websocket_combine_key(key, base64, sizeof(base64)));
  745. }
  746. fflush(ser->f);
  747. } else {
  748. /* Specification defined in http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-75 or completely unknown */
  749. ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - unsupported version '%d' chosen\n",
  750. ast_sockaddr_stringify(&ser->remote_address), version ? version : 75);
  751. websocket_bad_request(ser);
  752. ao2_ref(protocol_handler, -1);
  753. return 0;
  754. }
  755. /* Enable keepalive on all sessions so the underlying user does not have to */
  756. if (setsockopt(ser->fd, SOL_SOCKET, SO_KEEPALIVE, &flags, sizeof(flags))) {
  757. ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - failed to enable keepalive\n",
  758. ast_sockaddr_stringify(&ser->remote_address));
  759. websocket_bad_request(ser);
  760. ao2_ref(session, -1);
  761. ao2_ref(protocol_handler, -1);
  762. return 0;
  763. }
  764. /* Get our local address for the connected socket */
  765. if (ast_getsockname(ser->fd, &session->local_address)) {
  766. ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - failed to get local address\n",
  767. ast_sockaddr_stringify(&ser->remote_address));
  768. websocket_bad_request(ser);
  769. ao2_ref(session, -1);
  770. ao2_ref(protocol_handler, -1);
  771. return 0;
  772. }
  773. ast_verb(2, "WebSocket connection from '%s' for protocol '%s' accepted using version '%d'\n", ast_sockaddr_stringify(&ser->remote_address), protocol ? : "", version);
  774. /* Populate the session with all the needed details */
  775. session->f = ser->f;
  776. session->fd = ser->fd;
  777. ast_sockaddr_copy(&session->remote_address, &ser->remote_address);
  778. session->opcode = -1;
  779. session->reconstruct = DEFAULT_RECONSTRUCTION_CEILING;
  780. session->secure = ser->ssl ? 1 : 0;
  781. /* Give up ownership of the socket and pass it to the protocol handler */
  782. ast_tcptls_stream_set_exclusive_input(ser->stream_cookie, 0);
  783. protocol_handler->session_established(session, get_vars, headers);
  784. ao2_ref(protocol_handler, -1);
  785. /*
  786. * By dropping the FILE* and fd from the session the connection
  787. * won't get closed when the HTTP server cleans up because we
  788. * passed the connection to the protocol handler.
  789. */
  790. ser->f = NULL;
  791. ser->fd = -1;
  792. return 0;
  793. }
  794. static struct ast_http_uri websocketuri = {
  795. .callback = AST_OPTIONAL_API_NAME(ast_websocket_uri_cb),
  796. .description = "Asterisk HTTP WebSocket",
  797. .uri = "ws",
  798. .has_subtree = 0,
  799. .data = NULL,
  800. .key = __FILE__,
  801. };
  802. /*! \brief Simple echo implementation which echoes received text and binary frames */
  803. static void websocket_echo_callback(struct ast_websocket *session, struct ast_variable *parameters, struct ast_variable *headers)
  804. {
  805. int res;
  806. ast_debug(1, "Entering WebSocket echo loop\n");
  807. if (ast_fd_set_flags(ast_websocket_fd(session), O_NONBLOCK)) {
  808. goto end;
  809. }
  810. while ((res = ast_wait_for_input(ast_websocket_fd(session), -1)) > 0) {
  811. char *payload;
  812. uint64_t payload_len;
  813. enum ast_websocket_opcode opcode;
  814. int fragmented;
  815. if (ast_websocket_read(session, &payload, &payload_len, &opcode, &fragmented)) {
  816. /* We err on the side of caution and terminate the session if any error occurs */
  817. ast_log(LOG_WARNING, "Read failure during WebSocket echo loop\n");
  818. break;
  819. }
  820. if (opcode == AST_WEBSOCKET_OPCODE_TEXT || opcode == AST_WEBSOCKET_OPCODE_BINARY) {
  821. ast_websocket_write(session, opcode, payload, payload_len);
  822. } else if (opcode == AST_WEBSOCKET_OPCODE_CLOSE) {
  823. break;
  824. } else {
  825. ast_debug(1, "Ignored WebSocket opcode %u\n", opcode);
  826. }
  827. }
  828. end:
  829. ast_debug(1, "Exiting WebSocket echo loop\n");
  830. ast_websocket_unref(session);
  831. }
  832. static int websocket_add_protocol_internal(const char *name, ast_websocket_callback callback)
  833. {
  834. struct ast_websocket_server *ws_server = websocketuri.data;
  835. if (!ws_server) {
  836. return -1;
  837. }
  838. return ast_websocket_server_add_protocol(ws_server, name, callback);
  839. }
  840. int AST_OPTIONAL_API_NAME(ast_websocket_add_protocol)(const char *name, ast_websocket_callback callback)
  841. {
  842. int res = websocket_add_protocol_internal(name, callback);
  843. if (res == 0) {
  844. ast_module_ref(ast_module_info->self);
  845. }
  846. return res;
  847. }
  848. int AST_OPTIONAL_API_NAME(ast_websocket_add_protocol2)(struct ast_websocket_protocol *protocol)
  849. {
  850. struct ast_websocket_server *ws_server = websocketuri.data;
  851. if (!ws_server) {
  852. return -1;
  853. }
  854. if (ast_websocket_server_add_protocol2(ws_server, protocol)) {
  855. return -1;
  856. }
  857. ast_module_ref(ast_module_info->self);
  858. return 0;
  859. }
  860. static int websocket_remove_protocol_internal(const char *name, ast_websocket_callback callback)
  861. {
  862. struct ast_websocket_server *ws_server = websocketuri.data;
  863. if (!ws_server) {
  864. return -1;
  865. }
  866. return ast_websocket_server_remove_protocol(ws_server, name, callback);
  867. }
  868. int AST_OPTIONAL_API_NAME(ast_websocket_remove_protocol)(const char *name, ast_websocket_callback callback)
  869. {
  870. int res = websocket_remove_protocol_internal(name, callback);
  871. if (res == 0) {
  872. ast_module_unref(ast_module_info->self);
  873. }
  874. return res;
  875. }
  876. /*! \brief Parse the given uri into a path and remote address.
  877. *
  878. * Expected uri form: [ws[s]]://<host>[:port][/<path>]
  879. *
  880. * The returned host will contain the address and optional port while
  881. * path will contain everything after the address/port if included.
  882. */
  883. static int websocket_client_parse_uri(const char *uri, char **host, struct ast_str **path)
  884. {
  885. struct ast_uri *parsed_uri = ast_uri_parse_websocket(uri);
  886. if (!parsed_uri) {
  887. return -1;
  888. }
  889. *host = ast_uri_make_host_with_port(parsed_uri);
  890. if (ast_uri_path(parsed_uri) || ast_uri_query(parsed_uri)) {
  891. *path = ast_str_create(64);
  892. if (!*path) {
  893. ao2_ref(parsed_uri, -1);
  894. return -1;
  895. }
  896. if (ast_uri_path(parsed_uri)) {
  897. ast_str_set(path, 0, "%s", ast_uri_path(parsed_uri));
  898. }
  899. if (ast_uri_query(parsed_uri)) {
  900. ast_str_append(path, 0, "?%s", ast_uri_query(parsed_uri));
  901. }
  902. }
  903. ao2_ref(parsed_uri, -1);
  904. return 0;
  905. }
  906. static void websocket_client_args_destroy(void *obj)
  907. {
  908. struct ast_tcptls_session_args *args = obj;
  909. if (args->tls_cfg) {
  910. ast_free(args->tls_cfg->certfile);
  911. ast_free(args->tls_cfg->pvtfile);
  912. ast_free(args->tls_cfg->cipher);
  913. ast_free(args->tls_cfg->cafile);
  914. ast_free(args->tls_cfg->capath);
  915. ast_ssl_teardown(args->tls_cfg);
  916. }
  917. ast_free(args->tls_cfg);
  918. }
  919. static struct ast_tcptls_session_args *websocket_client_args_create(
  920. const char *host, struct ast_tls_config *tls_cfg,
  921. enum ast_websocket_result *result)
  922. {
  923. struct ast_sockaddr *addr;
  924. struct ast_tcptls_session_args *args = ao2_alloc(
  925. sizeof(*args), websocket_client_args_destroy);
  926. if (!args) {
  927. *result = WS_ALLOCATE_ERROR;
  928. return NULL;
  929. }
  930. args->accept_fd = -1;
  931. args->tls_cfg = tls_cfg;
  932. args->name = "websocket client";
  933. if (!ast_sockaddr_resolve(&addr, host, 0, 0)) {
  934. ast_log(LOG_ERROR, "Unable to resolve address %s\n",
  935. host);
  936. ao2_ref(args, -1);
  937. *result = WS_URI_RESOLVE_ERROR;
  938. return NULL;
  939. }
  940. ast_sockaddr_copy(&args->remote_address, addr);
  941. ast_free(addr);
  942. return args;
  943. }
  944. static char *websocket_client_create_key(void)
  945. {
  946. static int encoded_size = CLIENT_KEY_SIZE * 2 * sizeof(char) + 1;
  947. /* key is randomly selected 16-byte base64 encoded value */
  948. unsigned char key[CLIENT_KEY_SIZE + sizeof(long) - 1];
  949. char *encoded = ast_malloc(encoded_size);
  950. long i = 0;
  951. if (!encoded) {
  952. ast_log(LOG_ERROR, "Unable to allocate client websocket key\n");
  953. return NULL;
  954. }
  955. while (i < CLIENT_KEY_SIZE) {
  956. long num = ast_random();
  957. memcpy(key + i, &num, sizeof(long));
  958. i += sizeof(long);
  959. }
  960. ast_base64encode(encoded, key, CLIENT_KEY_SIZE, encoded_size);
  961. return encoded;
  962. }
  963. struct websocket_client {
  964. /*! host portion of client uri */
  965. char *host;
  966. /*! path for logical websocket connection */
  967. struct ast_str *resource_name;
  968. /*! unique key used during server handshaking */
  969. char *key;
  970. /*! container for registered protocols */
  971. char *protocols;
  972. /*! the protocol accepted by the server */
  973. char *accept_protocol;
  974. /*! websocket protocol version */
  975. int version;
  976. /*! tcptls connection arguments */
  977. struct ast_tcptls_session_args *args;
  978. /*! tcptls connection instance */
  979. struct ast_tcptls_session_instance *ser;
  980. };
  981. static void websocket_client_destroy(void *obj)
  982. {
  983. struct websocket_client *client = obj;
  984. ao2_cleanup(client->ser);
  985. ao2_cleanup(client->args);
  986. ast_free(client->accept_protocol);
  987. ast_free(client->protocols);
  988. ast_free(client->key);
  989. ast_free(client->resource_name);
  990. ast_free(client->host);
  991. }
  992. static struct ast_websocket * websocket_client_create(
  993. const char *uri, const char *protocols, struct ast_tls_config *tls_cfg,
  994. enum ast_websocket_result *result)
  995. {
  996. struct ast_websocket *ws = ao2_alloc(sizeof(*ws), session_destroy_fn);
  997. if (!ws) {
  998. ast_log(LOG_ERROR, "Unable to allocate websocket\n");
  999. *result = WS_ALLOCATE_ERROR;
  1000. return NULL;
  1001. }
  1002. if (!(ws->client = ao2_alloc(
  1003. sizeof(*ws->client), websocket_client_destroy))) {
  1004. ast_log(LOG_ERROR, "Unable to allocate websocket client\n");
  1005. *result = WS_ALLOCATE_ERROR;
  1006. return NULL;
  1007. }
  1008. if (!(ws->client->key = websocket_client_create_key())) {
  1009. ao2_ref(ws, -1);
  1010. *result = WS_KEY_ERROR;
  1011. return NULL;
  1012. }
  1013. if (websocket_client_parse_uri(
  1014. uri, &ws->client->host, &ws->client->resource_name)) {
  1015. ao2_ref(ws, -1);
  1016. *result = WS_URI_PARSE_ERROR;
  1017. return NULL;
  1018. }
  1019. if (!(ws->client->args = websocket_client_args_create(
  1020. ws->client->host, tls_cfg, result))) {
  1021. ao2_ref(ws, -1);
  1022. return NULL;
  1023. }
  1024. ws->client->protocols = ast_strdup(protocols);
  1025. ws->client->version = 13;
  1026. ws->opcode = -1;
  1027. ws->reconstruct = DEFAULT_RECONSTRUCTION_CEILING;
  1028. return ws;
  1029. }
  1030. const char * AST_OPTIONAL_API_NAME(
  1031. ast_websocket_client_accept_protocol)(struct ast_websocket *ws)
  1032. {
  1033. return ws->client->accept_protocol;
  1034. }
  1035. static enum ast_websocket_result websocket_client_handle_response_code(
  1036. struct websocket_client *client, int response_code)
  1037. {
  1038. if (response_code <= 0) {
  1039. return WS_INVALID_RESPONSE;
  1040. }
  1041. switch (response_code) {
  1042. case 101:
  1043. return 0;
  1044. case 400:
  1045. ast_log(LOG_ERROR, "Received response 400 - Bad Request "
  1046. "- from %s\n", client->host);
  1047. return WS_BAD_REQUEST;
  1048. case 404:
  1049. ast_log(LOG_ERROR, "Received response 404 - Request URL not "
  1050. "found - from %s\n", client->host);
  1051. return WS_URL_NOT_FOUND;
  1052. }
  1053. ast_log(LOG_ERROR, "Invalid HTTP response code %d from %s\n",
  1054. response_code, client->host);
  1055. return WS_INVALID_RESPONSE;
  1056. }
  1057. static enum ast_websocket_result websocket_client_handshake_get_response(
  1058. struct websocket_client *client)
  1059. {
  1060. enum ast_websocket_result res;
  1061. char buf[4096];
  1062. char base64[64];
  1063. int has_upgrade = 0;
  1064. int has_connection = 0;
  1065. int has_accept = 0;
  1066. int has_protocol = 0;
  1067. if (!fgets(buf, sizeof(buf), client->ser->f)) {
  1068. ast_log(LOG_ERROR, "Unable to retrieve HTTP status line.");
  1069. return WS_BAD_STATUS;
  1070. }
  1071. if ((res = websocket_client_handle_response_code(client,
  1072. ast_http_response_status_line(
  1073. buf, "HTTP/1.1", 101))) != WS_OK) {
  1074. return res;
  1075. }
  1076. /* Ignoring line folding - assuming header field values are contained
  1077. within a single line */
  1078. while (fgets(buf, sizeof(buf), client->ser->f)) {
  1079. char *name, *value;
  1080. int parsed = ast_http_header_parse(buf, &name, &value);
  1081. if (parsed < 0) {
  1082. break;
  1083. }
  1084. if (parsed > 0) {
  1085. continue;
  1086. }
  1087. if (!has_upgrade &&
  1088. (has_upgrade = ast_http_header_match(
  1089. name, "upgrade", value, "websocket")) < 0) {
  1090. return WS_HEADER_MISMATCH;
  1091. } else if (!has_connection &&
  1092. (has_connection = ast_http_header_match(
  1093. name, "connection", value, "upgrade")) < 0) {
  1094. return WS_HEADER_MISMATCH;
  1095. } else if (!has_accept &&
  1096. (has_accept = ast_http_header_match(
  1097. name, "sec-websocket-accept", value,
  1098. websocket_combine_key(
  1099. client->key, base64, sizeof(base64)))) < 0) {
  1100. return WS_HEADER_MISMATCH;
  1101. } else if (!has_protocol &&
  1102. (has_protocol = ast_http_header_match_in(
  1103. name, "sec-websocket-protocol", value, client->protocols))) {
  1104. if (has_protocol < 0) {
  1105. return WS_HEADER_MISMATCH;
  1106. }
  1107. client->accept_protocol = ast_strdup(value);
  1108. } else if (!strcasecmp(name, "sec-websocket-extensions")) {
  1109. ast_log(LOG_ERROR, "Extensions received, but not "
  1110. "supported by client\n");
  1111. return WS_NOT_SUPPORTED;
  1112. }
  1113. }
  1114. return has_upgrade && has_connection && has_accept ?
  1115. WS_OK : WS_HEADER_MISSING;
  1116. }
  1117. static enum ast_websocket_result websocket_client_handshake(
  1118. struct websocket_client *client)
  1119. {
  1120. char protocols[100] = "";
  1121. if (!ast_strlen_zero(client->protocols)) {
  1122. sprintf(protocols, "Sec-WebSocket-Protocol: %s\r\n",
  1123. client->protocols);
  1124. }
  1125. if (fprintf(client->ser->f,
  1126. "GET /%s HTTP/1.1\r\n"
  1127. "Sec-WebSocket-Version: %d\r\n"
  1128. "Upgrade: websocket\r\n"
  1129. "Connection: Upgrade\r\n"
  1130. "Host: %s\r\n"
  1131. "Sec-WebSocket-Key: %s\r\n"
  1132. "%s\r\n",
  1133. client->resource_name ? ast_str_buffer(client->resource_name) : "",
  1134. client->version,
  1135. client->host,
  1136. client->key,
  1137. protocols) < 0) {
  1138. ast_log(LOG_ERROR, "Failed to send handshake.\n");
  1139. return WS_WRITE_ERROR;
  1140. }
  1141. /* wait for a response before doing anything else */
  1142. return websocket_client_handshake_get_response(client);
  1143. }
  1144. static enum ast_websocket_result websocket_client_connect(struct ast_websocket *ws)
  1145. {
  1146. enum ast_websocket_result res;
  1147. /* create and connect the client - note client_start
  1148. releases the session instance on failure */
  1149. if (!(ws->client->ser = ast_tcptls_client_start(
  1150. ast_tcptls_client_create(ws->client->args)))) {
  1151. return WS_CLIENT_START_ERROR;
  1152. }
  1153. if ((res = websocket_client_handshake(ws->client)) != WS_OK) {
  1154. ao2_ref(ws->client->ser, -1);
  1155. ws->client->ser = NULL;
  1156. return res;
  1157. }
  1158. ws->f = ws->client->ser->f;
  1159. ws->fd = ws->client->ser->fd;
  1160. ws->secure = ws->client->ser->ssl ? 1 : 0;
  1161. ast_sockaddr_copy(&ws->remote_address, &ws->client->ser->remote_address);
  1162. return WS_OK;
  1163. }
  1164. struct ast_websocket *AST_OPTIONAL_API_NAME(ast_websocket_client_create)
  1165. (const char *uri, const char *protocols, struct ast_tls_config *tls_cfg,
  1166. enum ast_websocket_result *result)
  1167. {
  1168. struct ast_websocket *ws = websocket_client_create(
  1169. uri, protocols, tls_cfg, result);
  1170. if (!ws) {
  1171. return NULL;
  1172. }
  1173. if ((*result = websocket_client_connect(ws)) != WS_OK) {
  1174. ao2_ref(ws, -1);
  1175. return NULL;
  1176. }
  1177. return ws;
  1178. }
  1179. int AST_OPTIONAL_API_NAME(ast_websocket_read_string)
  1180. (struct ast_websocket *ws, char **buf)
  1181. {
  1182. char *payload;
  1183. uint64_t payload_len;
  1184. enum ast_websocket_opcode opcode;
  1185. int fragmented = 1;
  1186. while (fragmented) {
  1187. if (ast_websocket_read(ws, &payload, &payload_len,
  1188. &opcode, &fragmented)) {
  1189. ast_log(LOG_ERROR, "Client WebSocket string read - "
  1190. "error reading string data\n");
  1191. return -1;
  1192. }
  1193. if (opcode == AST_WEBSOCKET_OPCODE_CONTINUATION) {
  1194. continue;
  1195. }
  1196. if (opcode == AST_WEBSOCKET_OPCODE_CLOSE) {
  1197. return -1;
  1198. }
  1199. if (opcode != AST_WEBSOCKET_OPCODE_TEXT) {
  1200. ast_log(LOG_ERROR, "Client WebSocket string read - "
  1201. "non string data received\n");
  1202. return -1;
  1203. }
  1204. }
  1205. if (!(*buf = ast_malloc(payload_len + 1))) {
  1206. return -1;
  1207. }
  1208. ast_copy_string(*buf, payload, payload_len + 1);
  1209. return payload_len + 1;
  1210. }
  1211. int AST_OPTIONAL_API_NAME(ast_websocket_write_string)
  1212. (struct ast_websocket *ws, const char *buf)
  1213. {
  1214. uint64_t len = strlen(buf);
  1215. ast_debug(3, "Writing websocket string of length %" PRIu64 "\n", len);
  1216. /* We do not pass strlen(buf) to ast_websocket_write() directly because the
  1217. * size_t returned by strlen() may not require the same storage size
  1218. * as the uint64_t that ast_websocket_write() uses. This normally
  1219. * would not cause a problem, but since ast_websocket_write() uses
  1220. * the optional API, this function call goes through a series of macros
  1221. * that may cause a 32-bit to 64-bit conversion to go awry.
  1222. */
  1223. return ast_websocket_write(ws, AST_WEBSOCKET_OPCODE_TEXT,
  1224. (char *)buf, len);
  1225. }
  1226. static int load_module(void)
  1227. {
  1228. websocketuri.data = websocket_server_internal_create();
  1229. if (!websocketuri.data) {
  1230. return AST_MODULE_LOAD_DECLINE;
  1231. }
  1232. ast_http_uri_link(&websocketuri);
  1233. websocket_add_protocol_internal("echo", websocket_echo_callback);
  1234. /* For Optional API. */
  1235. ast_module_shutdown_ref(ast_module_info->self);
  1236. return 0;
  1237. }
  1238. static int unload_module(void)
  1239. {
  1240. websocket_remove_protocol_internal("echo", websocket_echo_callback);
  1241. ast_http_uri_unlink(&websocketuri);
  1242. ao2_ref(websocketuri.data, -1);
  1243. websocketuri.data = NULL;
  1244. return 0;
  1245. }
  1246. AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_GLOBAL_SYMBOLS | AST_MODFLAG_LOAD_ORDER, "HTTP WebSocket Support",
  1247. .support_level = AST_MODULE_SUPPORT_EXTENDED,
  1248. .load = load_module,
  1249. .unload = unload_module,
  1250. .load_pri = AST_MODPRI_CHANNEL_DEPEND,
  1251. );