2 * libwebsockets - small server side websockets and web server implementation
4 * Copyright (C) 2010 Andy Green <andy@warmcat.com>
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation:
9 * version 2.1 of the License.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
22 #include "private-libwebsockets.h"
24 #ifdef LWS_OPENSSL_SUPPORT
30 libwebsocket_close_and_free_session(struct libwebsocket *wsi)
34 if ((unsigned long)wsi < LWS_MAX_PROTOCOLS)
39 wsi->state = WSI_STATE_DEAD_SOCKET;
41 if (wsi->protocol->callback && n == WSI_STATE_ESTABLISHED)
42 wsi->protocol->callback(wsi, LWS_CALLBACK_CLOSED,
43 wsi->user_space, NULL, 0);
45 for (n = 0; n < WSI_TOKEN_COUNT; n++)
46 if (wsi->utf8_token[n].token)
47 free(wsi->utf8_token[n].token);
49 /* fprintf(stderr, "closing fd=%d\n", wsi->sock); */
51 #ifdef LWS_OPENSSL_SUPPORT
53 n = SSL_get_fd(wsi->ssl);
54 SSL_shutdown(wsi->ssl);
59 shutdown(wsi->sock, SHUT_RDWR);
61 #ifdef LWS_OPENSSL_SUPPORT
65 free(wsi->user_space);
71 libwebsocket_poll_connections(struct libwebsocket_context *this)
73 unsigned char buf[LWS_SEND_BUFFER_PRE_PADDING + MAX_BROADCAST_PAYLOAD +
74 LWS_SEND_BUFFER_POST_PADDING];
75 int client = this->count_protocols + 1;
76 struct libwebsocket *wsi;
80 /* check for activity on client sockets */
82 for (; client < this->fds_count; client++) {
84 /* handle session socket closed */
86 if (this->fds[client].revents & (POLLERR | POLLHUP)) {
88 debug("Session Socket %d %p (fd=%d) dead\n",
89 client, this->wsi[client], this->fds[client]);
91 libwebsocket_close_and_free_session(this->wsi[client]);
95 /* any incoming data ready? */
97 if (!(this->fds[client].revents & POLLIN))
102 if ((unsigned long)this->wsi[client] < LWS_MAX_PROTOCOLS) {
104 /* get the issued broadcast payload from the socket */
106 len = read(this->fds[client].fd,
107 buf + LWS_SEND_BUFFER_PRE_PADDING,
108 MAX_BROADCAST_PAYLOAD);
112 "Error reading broadcast payload\n");
116 /* broadcast it to all guys with this protocol index */
118 for (n = this->count_protocols + 1;
119 n < this->fds_count; n++) {
123 if ((unsigned long)wsi < LWS_MAX_PROTOCOLS)
127 * never broadcast to non-established
131 if (wsi->state != WSI_STATE_ESTABLISHED)
134 /* only to clients connected to us */
136 if (wsi->client_mode)
140 * only broadcast to connections using
141 * the requested protocol
144 if (wsi->protocol->protocol_index !=
145 (int)(unsigned long)this->wsi[client])
148 /* broadcast it to this connection */
150 wsi->protocol->callback(wsi,
151 LWS_CALLBACK_BROADCAST,
153 buf + LWS_SEND_BUFFER_PRE_PADDING, len);
159 #ifdef LWS_OPENSSL_SUPPORT
161 n = SSL_read(this->wsi[client]->ssl, buf, sizeof buf);
164 n = recv(this->fds[client].fd, buf, sizeof buf, 0);
167 fprintf(stderr, "Socket read returned %d\n", n);
171 libwebsocket_close_and_free_session(this->wsi[client]);
175 /* service incoming data */
177 if (libwebsocket_read(this->wsi[client], buf, n) >= 0)
181 * it closed and nuked wsi[client], so remove the
182 * socket handle and wsi from our service list
186 debug("nuking wsi %p, fsd_count = %d\n",
187 this->wsi[client], this->fds_count - 1);
190 for (n = client; n < this->fds_count; n++) {
191 this->fds[n] = this->fds[n + 1];
192 this->wsi[n] = this->wsi[n + 1];
202 libwebsocket_service(struct libwebsocket_context *this, int timeout_ms)
207 struct sockaddr_in cli_addr;
210 /* stay dead once we are dead */
215 /* don't check listen socket if we are not listening */
217 if (this->listen_port)
218 n = poll(this->fds, this->fds_count, timeout_ms);
220 n = poll(&this->fds[1], this->fds_count - 1, timeout_ms);
223 if (n < 0 || this->fds[0].revents & (POLLERR | POLLHUP)) {
224 fprintf(stderr, "Listen Socket dead\n");
227 if (n == 0) /* poll timeout */
230 /* handle accept on listening socket? */
232 for (client = 0; client < this->count_protocols + 1; client++) {
234 if (!this->fds[client].revents & POLLIN)
237 /* listen socket got an unencrypted connection... */
239 clilen = sizeof(cli_addr);
240 fd = accept(this->fds[client].fd,
241 (struct sockaddr *)&cli_addr, &clilen);
243 fprintf(stderr, "ERROR on accept");
247 if (this->fds_count >= MAX_CLIENTS) {
248 fprintf(stderr, "too busy");
255 * accepting a connection to broadcast socket
256 * set wsi to be protocol index not pointer
259 this->wsi[this->fds_count] =
260 (struct libwebsocket *)(long)(client - 1);
265 /* accepting connection to main listener */
267 this->wsi[this->fds_count] =
268 malloc(sizeof(struct libwebsocket));
269 if (!this->wsi[this->fds_count]) {
270 fprintf(stderr, "Out of memory for new connection\n");
274 #ifdef LWS_OPENSSL_SUPPORT
277 this->wsi[this->fds_count]->ssl = SSL_new(ssl_ctx);
278 if (this->wsi[this->fds_count]->ssl == NULL) {
279 fprintf(stderr, "SSL_new failed: %s\n",
280 ERR_error_string(SSL_get_error(
281 this->wsi[this->fds_count]->ssl, 0),
283 free(this->wsi[this->fds_count]);
287 SSL_set_fd(this->wsi[this->fds_count]->ssl, fd);
289 n = SSL_accept(this->wsi[this->fds_count]->ssl);
292 * browsers seem to probe with various
293 * ssl params which fail then retry
296 debug("SSL_accept failed skt %u: %s\n",
298 ERR_error_string(SSL_get_error(
299 this->wsi[this->fds_count]->ssl,
302 this->wsi[this->fds_count]->ssl);
303 free(this->wsi[this->fds_count]);
306 debug("accepted new SSL conn "
307 "port %u on fd=%d SSL ver %s\n",
308 ntohs(cli_addr.sin_port), fd,
309 SSL_get_version(this->wsi[
310 this->fds_count]->ssl));
314 debug("accepted new conn port %u on fd=%d\n",
315 ntohs(cli_addr.sin_port), fd);
317 /* intialize the instance struct */
319 this->wsi[this->fds_count]->sock = fd;
320 this->wsi[this->fds_count]->state = WSI_STATE_HTTP;
321 this->wsi[this->fds_count]->name_buffer_pos = 0;
322 this->wsi[this->fds_count]->client_mode = 0;
324 for (n = 0; n < WSI_TOKEN_COUNT; n++) {
325 this->wsi[this->fds_count]->
326 utf8_token[n].token = NULL;
327 this->wsi[this->fds_count]->
328 utf8_token[n].token_len = 0;
332 * these can only be set once the protocol is known
333 * we set an unestablished connection's protocol pointer
334 * to the start of the supported list, so it can look
335 * for matching ones during the handshake
337 this->wsi[this->fds_count]->protocol = this->protocols;
338 this->wsi[this->fds_count]->user_space = NULL;
341 * Default protocol is 76 / 00
342 * After 76, there's a header specified to inform which
343 * draft the client wants, when that's seen we modify
344 * the individual connection's spec revision accordingly
346 this->wsi[this->fds_count]->ietf_spec_revision = 0;
351 * make sure NO events are seen yet on this new socket
352 * (otherwise we inherit old fds[client].revents from
353 * previous socket there and die mysteriously! )
355 this->fds[this->fds_count].revents = 0;
357 this->fds[this->fds_count].events = POLLIN;
358 this->fds[this->fds_count++].fd = fd;
362 /* service anything incoming on websocket connection */
364 libwebsocket_poll_connections(this);
366 /* this round is done */
372 /* close listening skt and per-protocol broadcast sockets */
373 for (client = 0; client < this->fds_count; client++)
374 close(this->fds[0].fd);
376 #ifdef LWS_OPENSSL_SUPPORT
377 SSL_CTX_free(ssl_ctx);
386 /* inform caller we are dead */
393 * libwebsocket_create_context() - Create the websocket handler
394 * @port: Port to listen on... you can use 0 to suppress listening on
395 * any port, that's what you want if you are not running a
396 * websocket server at all but just using it as a client
397 * @protocols: Array of structures listing supported protocols and a protocol-
398 * specific callback for each one. The list is ended with an
399 * entry that has a NULL callback pointer.
400 * It's not const because we write the owning_server member
401 * @ssl_cert_filepath: If libwebsockets was compiled to use ssl, and you want
402 * to listen using SSL, set to the filepath to fetch the
403 * server cert from, otherwise NULL for unencrypted
404 * @ssl_private_key_filepath: filepath to private key if wanting SSL mode,
406 * @gid: group id to change to after setting listen socket, or -1.
407 * @uid: user id to change to after setting listen socket, or -1.
409 * This function creates the listening socket and takes care
410 * of all initialization in one step.
412 * After initialization, it returns a struct libwebsocket_context * that
413 * represents this server. After calling, user code needs to take care
414 * of calling libwebsocket_service() with the context pointer to get the
415 * server's sockets serviced. This can be done in the same process context
416 * or a forked process, or another thread,
418 * The protocol callback functions are called for a handful of events
419 * including http requests coming in, websocket connections becoming
420 * established, and data arriving; it's also called periodically to allow
421 * async transmission.
423 * HTTP requests are sent always to the FIRST protocol in @protocol, since
424 * at that time websocket protocol has not been negotiated. Other
425 * protocols after the first one never see any HTTP callack activity.
427 * The server created is a simple http server by default; part of the
428 * websocket standard is upgrading this http connection to a websocket one.
430 * This allows the same server to provide files like scripts and favicon /
431 * images or whatever over http and dynamic data over websockets all in
432 * one place; they're all handled in the user callback.
435 struct libwebsocket_context *
436 libwebsocket_create_context(int port,
437 struct libwebsocket_protocols *protocols,
438 const char *ssl_cert_filepath,
439 const char *ssl_private_key_filepath,
445 struct sockaddr_in serv_addr, cli_addr;
447 struct libwebsocket_context *this = NULL;
450 #ifdef LWS_OPENSSL_SUPPORT
452 char ssl_err_buf[512];
454 use_ssl = ssl_cert_filepath != NULL && ssl_private_key_filepath != NULL;
456 fprintf(stderr, " Compiled with SSL support, using it\n");
458 fprintf(stderr, " Compiled with SSL support, not using it\n");
461 if (ssl_cert_filepath != NULL && ssl_private_key_filepath != NULL) {
462 fprintf(stderr, " Not compiled for OpenSSl support!\n");
465 fprintf(stderr, " Compiled without SSL support, serving unencrypted\n");
468 #ifdef LWS_OPENSSL_SUPPORT
472 OpenSSL_add_all_algorithms();
473 SSL_load_error_strings();
476 * Firefox insists on SSLv23 not SSLv3
477 * Konq disables SSLv2 by default now, SSLv23 works
480 method = (SSL_METHOD *)SSLv23_server_method();
482 fprintf(stderr, "problem creating ssl method: %s\n",
483 ERR_error_string(ERR_get_error(), ssl_err_buf));
486 ssl_ctx = SSL_CTX_new(method); /* create context */
488 printf("problem creating ssl context: %s\n",
489 ERR_error_string(ERR_get_error(), ssl_err_buf));
492 /* set the local certificate from CertFile */
493 n = SSL_CTX_use_certificate_file(ssl_ctx,
494 ssl_cert_filepath, SSL_FILETYPE_PEM);
496 fprintf(stderr, "problem getting cert '%s': %s\n",
498 ERR_error_string(ERR_get_error(), ssl_err_buf));
501 /* set the private key from KeyFile */
502 if (SSL_CTX_use_PrivateKey_file(ssl_ctx,
503 ssl_private_key_filepath,
504 SSL_FILETYPE_PEM) != 1) {
505 fprintf(stderr, "ssl problem getting key '%s': %s\n",
506 ssl_private_key_filepath,
507 ERR_error_string(ERR_get_error(), ssl_err_buf));
510 /* verify private key */
511 if (!SSL_CTX_check_private_key(ssl_ctx)) {
512 fprintf(stderr, "Private SSL key doesn't match cert\n");
516 /* SSL is happy and has a cert it's content with */
522 if (lws_b64_selftest())
526 this = malloc(sizeof(struct libwebsocket_context));
528 this->protocols = protocols;
529 this->listen_port = port;
531 /* set up our external listening socket we serve on */
535 sockfd = socket(AF_INET, SOCK_STREAM, 0);
537 fprintf(stderr, "ERROR opening socket");
541 /* allow us to restart even if old sockets in TIME_WAIT */
542 setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
544 bzero((char *) &serv_addr, sizeof(serv_addr));
545 serv_addr.sin_family = AF_INET;
546 serv_addr.sin_addr.s_addr = INADDR_ANY;
547 serv_addr.sin_port = htons(port);
549 n = bind(sockfd, (struct sockaddr *) &serv_addr,
552 fprintf(stderr, "ERROR on binding to port %d (%d %d)\n",
558 /* drop any root privs for this process */
562 fprintf(stderr, "setgid: %s\n", strerror(errno));
565 fprintf(stderr, "setuid: %s\n", strerror(errno));
568 * prepare the poll() fd array... it's like this
570 * [0] = external listening socket
571 * [1 .. this->count_protocols] = per-protocol broadcast sockets
572 * [this->count_protocols + 1 ... this->fds_count-1] = connection skts
576 this->fds[0].fd = sockfd;
577 this->fds[0].events = POLLIN;
578 this->count_protocols = 0;
579 #ifdef LWS_OPENSSL_SUPPORT
580 this->use_ssl = use_ssl;
585 fprintf(stderr, " Listening on port %d\n", port);
588 /* set up our internal broadcast trigger sockets per-protocol */
590 for (; protocols[this->count_protocols].callback;
591 this->count_protocols++) {
592 protocols[this->count_protocols].owning_server = this;
593 protocols[this->count_protocols].protocol_index =
594 this->count_protocols;
596 fd = socket(AF_INET, SOCK_STREAM, 0);
598 fprintf(stderr, "ERROR opening socket");
602 /* allow us to restart even if old sockets in TIME_WAIT */
603 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
605 bzero((char *) &serv_addr, sizeof(serv_addr));
606 serv_addr.sin_family = AF_INET;
607 serv_addr.sin_addr.s_addr = inet_addr("127.0.0.1");
608 serv_addr.sin_port = 0; /* pick the port for us */
610 n = bind(fd, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
612 fprintf(stderr, "ERROR on binding to port %d (%d %d)\n",
617 slen = sizeof cli_addr;
618 n = getsockname(fd, (struct sockaddr *)&cli_addr, &slen);
620 fprintf(stderr, "getsockname failed\n");
623 protocols[this->count_protocols].broadcast_socket_port =
624 ntohs(cli_addr.sin_port);
627 debug(" Protocol %s broadcast socket %d\n",
628 protocols[this->count_protocols].name,
629 ntohs(cli_addr.sin_port));
631 this->fds[this->fds_count].fd = fd;
632 this->fds[this->fds_count].events = POLLIN;
633 /* wsi only exists for connections, not broadcast listener */
634 this->wsi[this->fds_count] = NULL;
645 * libwebsockets_fork_service_loop() - Optional helper function forks off
646 * a process for the websocket server loop.
647 * You don't have to use this but if not, you
648 * have to make sure you are calling
649 * libwebsocket_service periodically to service
650 * the websocket traffic
651 * @this: server context returned by creation function
655 libwebsockets_fork_service_loop(struct libwebsocket_context *this)
659 struct sockaddr_in cli_addr;
668 /* main process context */
670 for (client = 1; client < this->count_protocols + 1; client++) {
671 fd = socket(AF_INET, SOCK_STREAM, 0);
673 fprintf(stderr, "Unable to create socket\n");
676 cli_addr.sin_family = AF_INET;
677 cli_addr.sin_port = htons(
678 this->protocols[client - 1].broadcast_socket_port);
679 cli_addr.sin_addr.s_addr = inet_addr("127.0.0.1");
680 n = connect(fd, (struct sockaddr *)&cli_addr,
683 fprintf(stderr, "Unable to connect to "
684 "broadcast socket %d, %s\n",
685 client, strerror(errno));
689 this->protocols[client - 1].broadcast_socket_user_fd =
697 /* we want a SIGHUP when our parent goes down */
698 prctl(PR_SET_PDEATHSIG, SIGHUP);
700 /* in this forked process, sit and service websocket connections */
703 if (libwebsocket_service(this, 1000))
712 * libwebsockets_get_protocol() - Returns a protocol pointer from a websocket
714 * @wsi: pointer to struct websocket you want to know the protocol of
717 * This is useful to get the protocol to broadcast back to from inside
721 const struct libwebsocket_protocols *
722 libwebsockets_get_protocol(struct libwebsocket *wsi)
724 return wsi->protocol;
728 * libwebsockets_broadcast() - Sends a buffer to the callback for all active
729 * connections of the given protocol.
730 * @protocol: pointer to the protocol you will broadcast to all members of
731 * @buf: buffer containing the data to be broadcase. NOTE: this has to be
732 * allocated with LWS_SEND_BUFFER_PRE_PADDING valid bytes before
733 * the pointer and LWS_SEND_BUFFER_POST_PADDING afterwards in the
734 * case you are calling this function from callback context.
735 * @len: length of payload data in buf, starting from buf.
737 * This function allows bulk sending of a packet to every connection using
738 * the given protocol. It does not send the data directly; instead it calls
739 * the callback with a reason type of LWS_CALLBACK_BROADCAST. If the callback
740 * wants to actually send the data for that connection, the callback itself
741 * should call libwebsocket_write().
743 * libwebsockets_broadcast() can be called from another fork context without
744 * having to take any care about data visibility between the processes, it'll
750 libwebsockets_broadcast(const struct libwebsocket_protocols *protocol,
751 unsigned char *buf, size_t len)
753 struct libwebsocket_context *this = protocol->owning_server;
756 if (!protocol->broadcast_socket_user_fd) {
758 * We are either running unforked / flat, or we are being
759 * called from poll thread context
760 * eg, from a callback. In that case don't use sockets for
761 * broadcast IPC (since we can't open a socket connection to
762 * a socket listening on our own thread) but directly do the
765 * Locking is not needed because we are by definition being
766 * called in the poll thread context and are serialized.
769 for (n = this->count_protocols + 1; n < this->fds_count; n++) {
771 if ((unsigned long)this->wsi[n] < LWS_MAX_PROTOCOLS)
774 /* never broadcast to non-established connection */
775 if (this->wsi[n]->state != WSI_STATE_ESTABLISHED)
778 /* only broadcast to guys using requested protocol */
779 if (this->wsi[n]->protocol != protocol)
782 this->wsi[n]->protocol->callback(this->wsi[n],
783 LWS_CALLBACK_BROADCAST,
784 this->wsi[n]->user_space,
792 * We're being called from a different process context than the server
793 * loop. Instead of broadcasting directly, we send our
794 * payload on a socket to do the IPC; the server process will serialize
795 * the broadcast action in its main poll() loop.
797 * There's one broadcast socket listening for each protocol supported
798 * set up when the websocket server initializes
801 n = send(protocol->broadcast_socket_user_fd, buf, len, 0);