2 * libwebsockets - small server side websockets and web server implementation
4 * Copyright (C) 2010 Andy Green <andy@warmcat.com>
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation:
9 * version 2.1 of the License.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
22 #include "private-libwebsockets.h"
30 #ifdef LWS_OPENSSL_SUPPORT
31 int openssl_websocket_private_data_index;
35 * In-place str to lower case
47 /* file descriptor hash management */
50 wsi_from_fd(struct libwebsocket_context *context, int fd)
52 int h = LWS_FD_HASH(fd);
55 for (n = 0; n < context->fd_hashtable[h].length; n++)
56 if (context->fd_hashtable[h].wsi[n]->sock == fd)
57 return context->fd_hashtable[h].wsi[n];
63 insert_wsi(struct libwebsocket_context *context, struct libwebsocket *wsi)
65 int h = LWS_FD_HASH(wsi->sock);
67 if (context->fd_hashtable[h].length == MAX_CLIENTS - 1) {
68 fprintf(stderr, "hash table overflow\n");
72 context->fd_hashtable[h].wsi[context->fd_hashtable[h].length++] = wsi;
78 delete_from_fd(struct libwebsocket_context *context, int fd)
80 int h = LWS_FD_HASH(fd);
83 for (n = 0; n < context->fd_hashtable[h].length; n++)
84 if (context->fd_hashtable[h].wsi[n]->sock == fd) {
85 while (n < context->fd_hashtable[h].length) {
86 context->fd_hashtable[h].wsi[n] =
87 context->fd_hashtable[h].wsi[n + 1];
90 context->fd_hashtable[h].length--;
95 fprintf(stderr, "Failed to find fd %d requested for "
96 "delete in hashtable\n", fd);
100 #ifdef LWS_OPENSSL_SUPPORT
102 libwebsockets_decode_ssl_error(void)
107 while ((err = ERR_get_error()) != 0) {
108 ERR_error_string_n(err, buf, sizeof(buf));
109 fprintf(stderr, "*** %s\n", buf);
116 interface_to_sa(const char* ifname, struct sockaddr_in *addr, size_t addrlen)
124 struct sockaddr_in *sin;
127 for (ifc = ifr; ifc != NULL; ifc = ifc->ifa_next) {
128 if (strcmp(ifc->ifa_name, ifname))
130 if (ifc->ifa_addr == NULL)
132 sin = (struct sockaddr_in *)ifc->ifa_addr;
133 if (sin->sin_family != AF_INET)
135 memcpy(addr, sin, addrlen);
145 libwebsocket_close_and_free_session(struct libwebsocket_context *context,
146 struct libwebsocket *wsi, enum lws_close_status reason)
150 unsigned char buf[LWS_SEND_BUFFER_PRE_PADDING + 2 +
151 LWS_SEND_BUFFER_POST_PADDING];
156 old_state = wsi->state;
158 if (old_state == WSI_STATE_DEAD_SOCKET)
161 /* remove this fd from wsi mapping hashtable */
163 delete_from_fd(context, wsi->sock);
165 /* delete it from the internal poll list if still present */
167 for (n = 0; n < context->fds_count; n++) {
168 if (context->fds[n].fd != wsi->sock)
170 while (n < context->fds_count - 1) {
171 context->fds[n] = context->fds[n + 1];
174 context->fds_count--;
175 /* we only have to deal with one */
176 n = context->fds_count;
179 /* remove also from external POLL support via protocol 0 */
181 context->protocols[0].callback(context, wsi,
182 LWS_CALLBACK_DEL_POLL_FD, (void *)(long)wsi->sock, NULL, 0);
184 wsi->close_reason = reason;
187 * signal we are closing, libsocket_write will
188 * add any necessary version-specific stuff. If the write fails,
189 * no worries we are closing anyway. If we didn't initiate this
190 * close, then our state has been changed to
191 * WSI_STATE_RETURNED_CLOSE_ALREADY and we will skip this
194 if (old_state == WSI_STATE_ESTABLISHED)
195 libwebsocket_write(wsi, &buf[LWS_SEND_BUFFER_PRE_PADDING], 0,
198 wsi->state = WSI_STATE_DEAD_SOCKET;
200 /* tell the user it's all over for this guy */
202 if (wsi->protocol && wsi->protocol->callback &&
203 old_state == WSI_STATE_ESTABLISHED)
204 wsi->protocol->callback(context, wsi, LWS_CALLBACK_CLOSED,
205 wsi->user_space, NULL, 0);
207 /* deallocate any active extension contexts */
209 for (n = 0; n < wsi->count_active_extensions; n++) {
210 if (!wsi->active_extensions[n]->callback)
213 wsi->active_extensions[n]->callback(context, wsi,
214 LWS_EXT_CALLBACK_DESTROY,
215 wsi->active_extensions_user[n], NULL, 0);
217 free(wsi->active_extensions_user[n]);
220 /* free up his parsing allocations */
222 for (n = 0; n < WSI_TOKEN_COUNT; n++)
223 if (wsi->utf8_token[n].token)
224 free(wsi->utf8_token[n].token);
226 /* fprintf(stderr, "closing fd=%d\n", wsi->sock); */
228 #ifdef LWS_OPENSSL_SUPPORT
230 n = SSL_get_fd(wsi->ssl);
231 SSL_shutdown(wsi->ssl);
240 shutdown(wsi->sock, SHUT_RDWR);
242 closesocket(wsi->sock);
246 #ifdef LWS_OPENSSL_SUPPORT
250 free(wsi->user_space);
256 * libwebsockets_hangup_on_client() - Server calls to terminate client
258 * @context: libwebsockets context
259 * @fd: Connection socket descriptor
263 libwebsockets_hangup_on_client(struct libwebsocket_context *context, int fd)
265 struct libwebsocket *wsi = wsi_from_fd(context, fd);
270 libwebsocket_close_and_free_session(context, wsi,
271 LWS_CLOSE_STATUS_NOSTATUS);
276 * libwebsockets_get_peer_addresses() - Get client address information
277 * @fd: Connection socket descriptor
278 * @name: Buffer to take client address name
279 * @name_len: Length of client address name buffer
280 * @rip: Buffer to take client address IP qotted quad
281 * @rip_len: Length of client address IP buffer
283 * This function fills in @name and @rip with the name and IP of
284 * the client connected with socket descriptor @fd. Names may be
285 * truncated if there is not enough room. If either cannot be
286 * determined, they will be returned as valid zero-length strings.
290 libwebsockets_get_peer_addresses(int fd, char *name, int name_len,
291 char *rip, int rip_len)
294 struct sockaddr_in sin;
295 struct hostent *host;
296 struct hostent *host1;
305 if (getpeername(fd, (struct sockaddr *) &sin, &len) < 0) {
306 perror("getpeername");
310 host = gethostbyaddr((char *) &sin.sin_addr, sizeof sin.sin_addr,
313 perror("gethostbyaddr");
317 strncpy(name, host->h_name, name_len);
318 name[name_len - 1] = '\0';
320 host1 = gethostbyname(host->h_name);
326 p = host1->h_addr_list[n++];
329 if (host1->h_addrtype != AF_INET)
332 sprintf(ip, "%d.%d.%d.%d",
333 p[0], p[1], p[2], p[3]);
335 strncpy(rip, ip, rip_len);
336 rip[rip_len - 1] = '\0';
340 int libwebsockets_get_random(struct libwebsocket_context *context,
347 for (n = 0; n < len; n++)
348 p[n] = (unsigned char)rand();
350 n = read(context->fd_random, p, len);
356 void libwebsockets_00_spaceout(char *key, int spaces, int seed)
362 if (*key && (seed & 1))
366 p = key + strlen(key);
375 void libwebsockets_00_spam(char *key, int count, int seed)
382 if (*key && (seed & 1))
386 p = key + strlen(key);
391 *key++ = 0x21 + ((seed & 0xffff) % 15);
392 /* 4 would use it up too fast.. not like it matters */
397 int lws_send_pipe_choked(struct libwebsocket *wsi)
402 fds.events = POLLOUT;
405 if (poll(&fds, 1, 0) != 1)
408 if ((fds.revents & POLLOUT) == 0)
411 /* okay to send another packet without blocking */
417 * libwebsocket_service_fd() - Service polled socket with something waiting
418 * @context: Websocket context
419 * @pollfd: The pollfd entry describing the socket fd and which events
422 * This function closes any active connections and then frees the
423 * context. After calling this, any further use of the context is
428 libwebsocket_service_fd(struct libwebsocket_context *context,
429 struct pollfd *pollfd)
431 unsigned char buf[LWS_SEND_BUFFER_PRE_PADDING + MAX_BROADCAST_PAYLOAD +
432 LWS_SEND_BUFFER_POST_PADDING];
433 struct libwebsocket *wsi;
434 struct libwebsocket *new_wsi;
440 struct sockaddr_in cli_addr;
442 static const char magic_websocket_guid[] =
443 "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
444 static const char magic_websocket_04_masking_guid[] =
445 "61AC5F19-FBBA-4540-B96F-6561F1AB40A8";
451 #ifdef LWS_OPENSSL_SUPPORT
452 char ssl_err_buf[512];
455 * you can call us with pollfd = NULL to just allow the once-per-second
456 * global timeout checks; if less than a second since the last check
457 * it returns immediately then.
460 gettimeofday(&tv, NULL);
462 if (context->last_timeout_check_s != tv.tv_sec) {
463 context->last_timeout_check_s = tv.tv_sec;
465 /* global timeout check once per second */
467 for (n = 0; n < context->fds_count; n++) {
468 wsi = wsi_from_fd(context, context->fds[n].fd);
469 if (!wsi->pending_timeout)
473 * if we went beyond the allowed time, kill the
477 if (tv.tv_sec > wsi->pending_timeout_limit)
478 libwebsocket_close_and_free_session(context,
479 wsi, LWS_CLOSE_STATUS_NOSTATUS);
483 /* just here for timeout management? */
488 /* no, here to service a socket descriptor */
490 wsi = wsi_from_fd(context, pollfd->fd);
496 case LWS_CONNMODE_SERVER_LISTENER:
498 /* pollin means a client has connected to us then */
500 if (!pollfd->revents & POLLIN)
503 /* listen socket got an unencrypted connection... */
505 clilen = sizeof(cli_addr);
506 accept_fd = accept(pollfd->fd, (struct sockaddr *)&cli_addr,
509 fprintf(stderr, "ERROR on accept");
513 if (context->fds_count >= MAX_CLIENTS) {
514 fprintf(stderr, "too busy to accept new client\n");
516 closesocket(accept_fd);
524 * look at who we connected to and give user code a chance
525 * to reject based on client IP. There's no protocol selected
526 * yet so we issue this to protocols[0]
529 if ((context->protocols[0].callback)(context, wsi,
530 LWS_CALLBACK_FILTER_NETWORK_CONNECTION,
531 (void*)(long)accept_fd, NULL, 0)) {
532 fprintf(stderr, "Callback denied network connection\n");
534 closesocket(accept_fd);
541 /* accepting connection to main listener */
543 new_wsi = malloc(sizeof(struct libwebsocket));
544 if (new_wsi == NULL) {
545 fprintf(stderr, "Out of memory for new connection\n");
549 memset(new_wsi, 0, sizeof (struct libwebsocket));
550 new_wsi->sock = accept_fd;
551 new_wsi->count_active_extensions = 0;
552 new_wsi->pending_timeout = NO_PENDING_TIMEOUT;
554 #ifdef LWS_OPENSSL_SUPPORT
557 if (context->use_ssl) {
559 new_wsi->ssl = SSL_new(context->ssl_ctx);
560 if (new_wsi->ssl == NULL) {
561 fprintf(stderr, "SSL_new failed: %s\n",
562 ERR_error_string(SSL_get_error(
563 new_wsi->ssl, 0), NULL));
564 libwebsockets_decode_ssl_error();
569 SSL_set_fd(new_wsi->ssl, accept_fd);
571 n = SSL_accept(new_wsi->ssl);
574 * browsers seem to probe with various
575 * ssl params which fail then retry
578 debug("SSL_accept failed skt %u: %s\n",
580 ERR_error_string(SSL_get_error(
581 new_wsi->ssl, n), NULL));
588 debug("accepted new SSL conn "
589 "port %u on fd=%d SSL ver %s\n",
590 ntohs(cli_addr.sin_port), accept_fd,
591 SSL_get_version(new_wsi->ssl));
595 debug("accepted new conn port %u on fd=%d\n",
596 ntohs(cli_addr.sin_port), accept_fd);
598 /* intialize the instance struct */
600 new_wsi->state = WSI_STATE_HTTP;
601 new_wsi->name_buffer_pos = 0;
602 new_wsi->mode = LWS_CONNMODE_WS_SERVING;
604 for (n = 0; n < WSI_TOKEN_COUNT; n++) {
605 new_wsi->utf8_token[n].token = NULL;
606 new_wsi->utf8_token[n].token_len = 0;
610 * these can only be set once the protocol is known
611 * we set an unestablished connection's protocol pointer
612 * to the start of the supported list, so it can look
613 * for matching ones during the handshake
615 new_wsi->protocol = context->protocols;
616 new_wsi->user_space = NULL;
619 * Default protocol is 76 / 00
620 * After 76, there's a header specified to inform which
621 * draft the client wants, when that's seen we modify
622 * the individual connection's spec revision accordingly
624 new_wsi->ietf_spec_revision = 0;
626 insert_wsi(context, new_wsi);
629 * make sure NO events are seen yet on this new socket
630 * (otherwise we inherit old fds[client].revents from
631 * previous socket there and die mysteriously! )
633 context->fds[context->fds_count].revents = 0;
635 context->fds[context->fds_count].events = POLLIN;
636 context->fds[context->fds_count++].fd = accept_fd;
638 /* external POLL support via protocol 0 */
639 context->protocols[0].callback(context, new_wsi,
640 LWS_CALLBACK_ADD_POLL_FD,
641 (void *)(long)accept_fd, NULL, POLLIN);
645 case LWS_CONNMODE_BROADCAST_PROXY_LISTENER:
647 /* as we are listening, POLLIN means accept() is needed */
649 if (!pollfd->revents & POLLIN)
652 /* listen socket got an unencrypted connection... */
654 clilen = sizeof(cli_addr);
655 accept_fd = accept(pollfd->fd, (struct sockaddr *)&cli_addr,
658 fprintf(stderr, "ERROR on accept");
662 if (context->fds_count >= MAX_CLIENTS) {
663 fprintf(stderr, "too busy to accept new broadcast "
666 closesocket(accept_fd);
673 /* create a dummy wsi for the connection and add it */
675 new_wsi = malloc(sizeof(struct libwebsocket));
676 memset(new_wsi, 0, sizeof (struct libwebsocket));
677 new_wsi->sock = accept_fd;
678 new_wsi->mode = LWS_CONNMODE_BROADCAST_PROXY;
679 new_wsi->state = WSI_STATE_ESTABLISHED;
680 new_wsi->count_active_extensions = 0;
681 /* note which protocol we are proxying */
682 new_wsi->protocol_index_for_broadcast_proxy =
683 wsi->protocol_index_for_broadcast_proxy;
684 insert_wsi(context, new_wsi);
686 /* add connected socket to internal poll array */
688 context->fds[context->fds_count].revents = 0;
689 context->fds[context->fds_count].events = POLLIN;
690 context->fds[context->fds_count++].fd = accept_fd;
692 /* external POLL support via protocol 0 */
693 context->protocols[0].callback(context, new_wsi,
694 LWS_CALLBACK_ADD_POLL_FD,
695 (void *)(long)accept_fd, NULL, POLLIN);
699 case LWS_CONNMODE_BROADCAST_PROXY:
701 /* handle session socket closed */
703 if (pollfd->revents & (POLLERR | POLLHUP)) {
705 debug("Session Socket %p (fd=%d) dead\n",
706 (void *)wsi, pollfd->fd);
708 libwebsocket_close_and_free_session(context, wsi,
709 LWS_CLOSE_STATUS_NORMAL);
713 /* the guy requested a callback when it was OK to write */
715 if (pollfd->revents & POLLOUT) {
719 pollfd->events &= ~POLLOUT;
721 /* external POLL support via protocol 0 */
722 context->protocols[0].callback(context, wsi,
723 LWS_CALLBACK_CLEAR_MODE_POLL_FD,
724 (void *)(long)wsi->sock, NULL, POLLOUT);
726 wsi->protocol->callback(context, wsi,
727 LWS_CALLBACK_CLIENT_WRITEABLE,
732 /* any incoming data ready? */
734 if (!(pollfd->revents & POLLIN))
737 /* get the issued broadcast payload from the socket */
739 len = read(pollfd->fd, buf + LWS_SEND_BUFFER_PRE_PADDING,
740 MAX_BROADCAST_PAYLOAD);
742 fprintf(stderr, "Error reading broadcast payload\n");
746 /* broadcast it to all guys with this protocol index */
748 for (n = 0; n < FD_HASHTABLE_MODULUS; n++) {
750 for (m = 0; m < context->fd_hashtable[n].length; m++) {
752 new_wsi = context->fd_hashtable[n].wsi[m];
754 /* only to clients we are serving to */
756 if (new_wsi->mode != LWS_CONNMODE_WS_SERVING)
760 * never broadcast to non-established
764 if (new_wsi->state != WSI_STATE_ESTABLISHED)
768 * only broadcast to connections using
769 * the requested protocol
772 if (new_wsi->protocol->protocol_index !=
773 wsi->protocol_index_for_broadcast_proxy)
776 /* broadcast it to this connection */
778 new_wsi->protocol->callback(context, new_wsi,
779 LWS_CALLBACK_BROADCAST,
781 buf + LWS_SEND_BUFFER_PRE_PADDING, len);
786 case LWS_CONNMODE_WS_CLIENT_WAITING_PROXY_REPLY:
788 /* handle proxy hung up on us */
790 if (pollfd->revents & (POLLERR | POLLHUP)) {
792 fprintf(stderr, "Proxy connection %p (fd=%d) dead\n",
793 (void *)wsi, pollfd->fd);
795 libwebsocket_close_and_free_session(context, wsi,
796 LWS_CLOSE_STATUS_NOSTATUS);
800 n = recv(wsi->sock, pkt, sizeof pkt, 0);
802 libwebsocket_close_and_free_session(context, wsi,
803 LWS_CLOSE_STATUS_NOSTATUS);
804 fprintf(stderr, "ERROR reading from proxy socket\n");
809 if (strcmp(pkt, "HTTP/1.0 200 ") != 0) {
810 libwebsocket_close_and_free_session(context, wsi,
811 LWS_CLOSE_STATUS_NOSTATUS);
812 fprintf(stderr, "ERROR from proxy: %s\n", pkt);
816 /* clear his proxy connection timeout */
818 libwebsocket_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
822 case LWS_CONNMODE_WS_CLIENT_ISSUE_HANDSHAKE:
824 #ifdef LWS_OPENSSL_SUPPORT
827 wsi->ssl = SSL_new(context->ssl_client_ctx);
828 wsi->client_bio = BIO_new_socket(wsi->sock,
830 SSL_set_bio(wsi->ssl, wsi->client_bio, wsi->client_bio);
832 SSL_set_ex_data(wsi->ssl,
833 openssl_websocket_private_data_index,
836 if (SSL_connect(wsi->ssl) <= 0) {
837 fprintf(stderr, "SSL connect error %s\n",
838 ERR_error_string(ERR_get_error(),
840 libwebsocket_close_and_free_session(context, wsi,
841 LWS_CLOSE_STATUS_NOSTATUS);
845 n = SSL_get_verify_result(wsi->ssl);
846 if ((n != X509_V_OK) && (
847 n != X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT ||
848 wsi->use_ssl != 2)) {
850 fprintf(stderr, "server's cert didn't "
851 "look good %d\n", n);
852 libwebsocket_close_and_free_session(context,
853 wsi, LWS_CLOSE_STATUS_NOSTATUS);
861 #ifdef LWS_OPENSSL_SUPPORT
866 * create the random key
869 n = libwebsockets_get_random(context, hash, 16);
871 fprintf(stderr, "Unable to read from random dev %s\n",
872 SYSTEM_RANDOM_FILEPATH);
878 free(wsi->c_protocol);
879 libwebsocket_close_and_free_session(context, wsi,
880 LWS_CLOSE_STATUS_NOSTATUS);
884 lws_b64_encode_string(hash, 16, wsi->key_b64,
885 sizeof wsi->key_b64);
888 * 00 example client handshake
890 * GET /socket.io/websocket HTTP/1.1
892 * Connection: Upgrade
893 * Host: 127.0.0.1:9999
894 * Origin: http://127.0.0.1
895 * Sec-WebSocket-Key1: 1 0 2#0W 9 89 7 92 ^
896 * Sec-WebSocket-Key2: 7 7Y 4328 B2v[8(z1
897 * Cookie: socketio=websocket
901 * 04 example client handshake
904 * Host: server.example.com
906 * Connection: Upgrade
907 * Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
908 * Sec-WebSocket-Origin: http://example.com
909 * Sec-WebSocket-Protocol: chat, superchat
910 * Sec-WebSocket-Version: 4
913 p += sprintf(p, "GET %s HTTP/1.1\x0d\x0a", wsi->c_path);
915 if (wsi->ietf_spec_revision == 0) {
916 unsigned char spaces_1, spaces_2;
917 unsigned int max_1, max_2;
918 unsigned int num_1, num_2;
919 unsigned long product_1, product_2;
926 libwebsockets_get_random(context, &spaces_1,
928 libwebsockets_get_random(context, &spaces_2,
931 spaces_1 = (spaces_1 % 12) + 1;
932 spaces_2 = (spaces_2 % 12) + 1;
934 max_1 = 4294967295 / spaces_1;
935 max_2 = 4294967295 / spaces_2;
937 libwebsockets_get_random(context, &num_1, sizeof(int));
938 libwebsockets_get_random(context, &num_2, sizeof(int));
940 num_1 = (num_1 % max_1);
941 num_2 = (num_2 % max_2);
943 challenge[0] = num_1 >> 24;
944 challenge[1] = num_1 >> 16;
945 challenge[2] = num_1 >> 8;
946 challenge[3] = num_1;
947 challenge[4] = num_2 >> 24;
948 challenge[5] = num_2 >> 16;
949 challenge[6] = num_2 >> 8;
950 challenge[7] = num_2;
952 product_1 = num_1 * spaces_1;
953 product_2 = num_2 * spaces_2;
955 sprintf(key_1, "%lu", product_1);
956 sprintf(key_2, "%lu", product_2);
958 libwebsockets_get_random(context, &seed, sizeof(int));
959 libwebsockets_get_random(context, &count, sizeof(int));
961 libwebsockets_00_spam(key_1, (count % 12) + 1, seed);
963 libwebsockets_get_random(context, &seed, sizeof(int));
964 libwebsockets_get_random(context, &count, sizeof(int));
966 libwebsockets_00_spam(key_2, (count % 12) + 1, seed);
968 libwebsockets_get_random(context, &seed, sizeof(int));
970 libwebsockets_00_spaceout(key_1, spaces_1, seed);
971 libwebsockets_00_spaceout(key_2, spaces_2, seed >> 16);
973 p += sprintf(p, "Upgrade: websocket\x0d\x0a"
974 "Connection: Upgrade\x0d\x0aHost: %s\x0d\x0a",
977 p += sprintf(p, "Origin: %s\x0d\x0a",
981 p += sprintf(p, "Sec-WebSocket-Protocol: %s"
982 "\x0d\x0a", wsi->c_protocol);
984 p += sprintf(p, "Sec-WebSocket-Key1: %s\x0d\x0a",
986 p += sprintf(p, "Sec-WebSocket-Key2: %s\x0d\x0a",
989 /* give userland a chance to append, eg, cookies */
991 context->protocols[0].callback(context, wsi,
992 LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER,
993 NULL, &p, (pkt + sizeof(pkt)) - p - 12);
995 p += sprintf(p, "\x0d\x0a");
997 read(context->fd_random, p, 8);
998 memcpy(&challenge[8], p, 8);
1001 /* precompute what we want to see from the server */
1003 MD5((unsigned char *)challenge, 16,
1004 (unsigned char *)wsi->initial_handshake_hash_base64);
1009 p += sprintf(p, "Host: %s\x0d\x0a", wsi->c_host);
1010 p += sprintf(p, "Upgrade: websocket\x0d\x0a");
1011 p += sprintf(p, "Connection: Upgrade\x0d\x0a"
1012 "Sec-WebSocket-Key: ");
1013 strcpy(p, wsi->key_b64);
1014 p += strlen(wsi->key_b64);
1015 p += sprintf(p, "\x0d\x0a");
1017 p += sprintf(p, "Sec-WebSocket-Origin: %s\x0d\x0a",
1019 if (wsi->c_protocol)
1020 p += sprintf(p, "Sec-WebSocket-Protocol: %s\x0d\x0a",
1022 p += sprintf(p, "Sec-WebSocket-Version: %d\x0d\x0a",
1023 wsi->ietf_spec_revision);
1024 /* give userland a chance to append, eg, cookies */
1026 context->protocols[0].callback(context, wsi,
1027 LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER,
1028 NULL, &p, (pkt + sizeof(pkt)) - p - 12);
1030 p += sprintf(p, "\x0d\x0a");
1032 /* prepare the expected server accept response */
1034 strcpy((char *)buf, wsi->key_b64);
1035 strcpy((char *)&buf[strlen((char *)buf)], magic_websocket_guid);
1037 SHA1(buf, strlen((char *)buf), (unsigned char *)hash);
1039 lws_b64_encode_string(hash, 20,
1040 wsi->initial_handshake_hash_base64,
1041 sizeof wsi->initial_handshake_hash_base64);
1045 /* done with these now */
1050 free(wsi->c_origin);
1052 /* send our request to the server */
1054 #ifdef LWS_OPENSSL_SUPPORT
1056 n = SSL_write(wsi->ssl, pkt, p - pkt);
1059 n = send(wsi->sock, pkt, p - pkt, 0);
1062 fprintf(stderr, "ERROR writing to client socket\n");
1063 libwebsocket_close_and_free_session(context, wsi,
1064 LWS_CLOSE_STATUS_NOSTATUS);
1068 wsi->parser_state = WSI_TOKEN_NAME_PART;
1069 wsi->mode = LWS_CONNMODE_WS_CLIENT_WAITING_SERVER_REPLY;
1070 libwebsocket_set_timeout(wsi,
1071 PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, 5);
1075 case LWS_CONNMODE_WS_CLIENT_WAITING_SERVER_REPLY:
1077 /* handle server hung up on us */
1079 if (pollfd->revents & (POLLERR | POLLHUP)) {
1081 fprintf(stderr, "Server connection %p (fd=%d) dead\n",
1082 (void *)wsi, pollfd->fd);
1088 /* interpret the server response */
1091 * HTTP/1.1 101 Switching Protocols
1092 * Upgrade: websocket
1093 * Connection: Upgrade
1094 * Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo=
1095 * Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC==
1096 * Sec-WebSocket-Protocol: chat
1099 #ifdef LWS_OPENSSL_SUPPORT
1101 len = SSL_read(wsi->ssl, pkt, sizeof pkt);
1104 len = recv(wsi->sock, pkt, sizeof pkt, 0);
1108 "libwebsocket_client_handshake read error\n");
1113 for (n = 0; n < len; n++)
1114 libwebsocket_parse(wsi, *p++);
1116 if (wsi->parser_state != WSI_PARSING_COMPLETE) {
1117 fprintf(stderr, "libwebsocket_client_handshake "
1118 "server response failed parsing\n");
1125 * HTTP/1.1 101 WebSocket Protocol Handshake
1126 * Upgrade: WebSocket
1127 * Connection: Upgrade
1128 * Sec-WebSocket-Origin: http://127.0.0.1
1129 * Sec-WebSocket-Location: ws://127.0.0.1:9999/socket.io/websocket
1134 if (wsi->ietf_spec_revision == 0) {
1135 if (!wsi->utf8_token[WSI_TOKEN_HTTP].token_len ||
1136 !wsi->utf8_token[WSI_TOKEN_UPGRADE].token_len ||
1137 !wsi->utf8_token[WSI_TOKEN_CHALLENGE].token_len ||
1138 !wsi->utf8_token[WSI_TOKEN_CONNECTION].token_len ||
1139 (!wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len &&
1140 wsi->c_protocol != NULL)) {
1141 fprintf(stderr, "libwebsocket_client_handshake "
1142 "missing required header(s)\n");
1144 fprintf(stderr, "%s", pkt);
1148 strtolower(wsi->utf8_token[WSI_TOKEN_HTTP].token);
1149 if (strcmp(wsi->utf8_token[WSI_TOKEN_HTTP].token,
1150 "101 websocket protocol handshake")) {
1151 fprintf(stderr, "libwebsocket_client_handshake "
1152 "server sent bad HTTP response '%s'\n",
1153 wsi->utf8_token[WSI_TOKEN_HTTP].token);
1157 if (wsi->utf8_token[WSI_TOKEN_CHALLENGE].token_len <
1159 fprintf(stderr, "libwebsocket_client_handshake "
1160 "challenge reply too short %d\n",
1162 WSI_TOKEN_CHALLENGE].token_len);
1164 fprintf(stderr, "%s", pkt);
1169 goto select_protocol;
1173 * well, what the server sent looked reasonable for syntax.
1174 * Now let's confirm it sent all the necessary headers
1177 if (!wsi->utf8_token[WSI_TOKEN_HTTP].token_len ||
1178 !wsi->utf8_token[WSI_TOKEN_UPGRADE].token_len ||
1179 !wsi->utf8_token[WSI_TOKEN_CONNECTION].token_len ||
1180 !wsi->utf8_token[WSI_TOKEN_ACCEPT].token_len ||
1181 (!wsi->utf8_token[WSI_TOKEN_NONCE].token_len &&
1182 wsi->ietf_spec_revision == 4) ||
1183 (!wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len &&
1184 wsi->c_protocol != NULL)) {
1185 fprintf(stderr, "libwebsocket_client_handshake "
1186 "missing required header(s)\n");
1188 fprintf(stderr, "%s", pkt);
1193 * Everything seems to be there, now take a closer look at what
1197 strtolower(wsi->utf8_token[WSI_TOKEN_HTTP].token);
1198 if (strcmp(wsi->utf8_token[WSI_TOKEN_HTTP].token,
1199 "101 switching protocols")) {
1200 fprintf(stderr, "libwebsocket_client_handshake "
1201 "server sent bad HTTP response '%s'\n",
1202 wsi->utf8_token[WSI_TOKEN_HTTP].token);
1206 strtolower(wsi->utf8_token[WSI_TOKEN_UPGRADE].token);
1207 if (strcmp(wsi->utf8_token[WSI_TOKEN_UPGRADE].token,
1209 fprintf(stderr, "libwebsocket_client_handshake server "
1210 "sent bad Upgrade header '%s'\n",
1211 wsi->utf8_token[WSI_TOKEN_UPGRADE].token);
1215 strtolower(wsi->utf8_token[WSI_TOKEN_CONNECTION].token);
1216 if (strcmp(wsi->utf8_token[WSI_TOKEN_CONNECTION].token,
1218 fprintf(stderr, "libwebsocket_client_handshake server "
1219 "sent bad Connection hdr '%s'\n",
1220 wsi->utf8_token[WSI_TOKEN_CONNECTION].token);
1225 pc = wsi->c_protocol;
1228 * confirm the protocol the server wants to talk was in the list
1229 * of protocols we offered
1232 if (!wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len) {
1235 * no protocol name to work from,
1236 * default to first protocol
1238 wsi->protocol = &context->protocols[0];
1240 free(wsi->c_protocol);
1245 while (*pc && !okay) {
1247 wsi->utf8_token[WSI_TOKEN_PROTOCOL].token,
1248 wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len)) &&
1249 (pc[wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len] == ',' ||
1250 pc[wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len] == '\0')) {
1254 while (*pc && *pc != ',')
1256 while (*pc && *pc != ' ')
1260 /* done with him now */
1262 if (wsi->c_protocol)
1263 free(wsi->c_protocol);
1267 fprintf(stderr, "libwebsocket_client_handshake server "
1268 "sent bad protocol '%s'\n",
1269 wsi->utf8_token[WSI_TOKEN_PROTOCOL].token);
1274 * identify the selected protocol struct and set it
1277 wsi->protocol = NULL;
1278 while (context->protocols[n].callback) {
1279 if (strcmp(wsi->utf8_token[WSI_TOKEN_PROTOCOL].token,
1280 context->protocols[n].name) == 0)
1281 wsi->protocol = &context->protocols[n];
1285 if (wsi->protocol == NULL) {
1286 fprintf(stderr, "libwebsocket_client_handshake server "
1287 "requested protocol '%s', which we "
1288 "said we supported but we don't!\n",
1289 wsi->utf8_token[WSI_TOKEN_PROTOCOL].token);
1295 if (wsi->ietf_spec_revision == 0) {
1297 if (memcmp(wsi->initial_handshake_hash_base64,
1298 wsi->utf8_token[WSI_TOKEN_CHALLENGE].token, 16)) {
1299 fprintf(stderr, "libwebsocket_client_handshake "
1300 "failed 00 challenge compare\n");
1302 fprintf(stderr, "%s", pkt);
1310 * Confirm his accept token is the one we precomputed
1313 if (strcmp(wsi->utf8_token[WSI_TOKEN_ACCEPT].token,
1314 wsi->initial_handshake_hash_base64)) {
1315 fprintf(stderr, "libwebsocket_client_handshake server "
1316 "sent bad ACCEPT '%s' vs computed '%s'\n",
1317 wsi->utf8_token[WSI_TOKEN_ACCEPT].token,
1318 wsi->initial_handshake_hash_base64);
1322 if (wsi->ietf_spec_revision == 4) {
1324 * Calculate the 04 masking key to use when
1325 * sending data to server
1328 strcpy((char *)buf, wsi->key_b64);
1329 p = (char *)buf + strlen(wsi->key_b64);
1330 strcpy(p, wsi->utf8_token[WSI_TOKEN_NONCE].token);
1331 p += wsi->utf8_token[WSI_TOKEN_NONCE].token_len;
1332 strcpy(p, magic_websocket_04_masking_guid);
1333 SHA1(buf, strlen((char *)buf), wsi->masking_key_04);
1337 /* allocate the per-connection user memory (if any) */
1339 if (wsi->protocol->per_session_data_size) {
1340 wsi->user_space = malloc(
1341 wsi->protocol->per_session_data_size);
1342 if (wsi->user_space == NULL) {
1343 fprintf(stderr, "Out of memory for "
1344 "conn user space\n");
1348 wsi->user_space = NULL;
1350 /* clear his proxy connection timeout */
1352 libwebsocket_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
1354 /* mark him as being alive */
1356 wsi->state = WSI_STATE_ESTABLISHED;
1357 wsi->mode = LWS_CONNMODE_WS_CLIENT;
1359 fprintf(stderr, "handshake OK for protocol %s\n",
1360 wsi->protocol->name);
1362 /* call him back to inform him he is up */
1364 wsi->protocol->callback(context, wsi,
1365 LWS_CALLBACK_CLIENT_ESTABLISHED,
1372 if (wsi->c_protocol)
1373 free(wsi->c_protocol);
1376 libwebsocket_close_and_free_session(context, wsi,
1377 LWS_CLOSE_STATUS_NOSTATUS);
1381 case LWS_CONNMODE_WS_SERVING:
1382 case LWS_CONNMODE_WS_CLIENT:
1384 /* handle session socket closed */
1386 if (pollfd->revents & (POLLERR | POLLHUP)) {
1388 fprintf(stderr, "Session Socket %p (fd=%d) dead\n",
1389 (void *)wsi, pollfd->fd);
1391 libwebsocket_close_and_free_session(context, wsi,
1392 LWS_CLOSE_STATUS_NOSTATUS);
1396 /* the guy requested a callback when it was OK to write */
1398 if (pollfd->revents & POLLOUT) {
1400 pollfd->events &= ~POLLOUT;
1402 /* external POLL support via protocol 0 */
1403 context->protocols[0].callback(context, wsi,
1404 LWS_CALLBACK_CLEAR_MODE_POLL_FD,
1405 (void *)(long)wsi->sock, NULL, POLLOUT);
1407 wsi->protocol->callback(context, wsi,
1408 LWS_CALLBACK_CLIENT_WRITEABLE,
1413 /* any incoming data ready? */
1415 if (!(pollfd->revents & POLLIN))
1418 #ifdef LWS_OPENSSL_SUPPORT
1420 n = SSL_read(wsi->ssl, buf, sizeof buf);
1423 n = recv(pollfd->fd, buf, sizeof buf, 0);
1426 fprintf(stderr, "Socket read returned %d\n", n);
1430 libwebsocket_close_and_free_session(context, wsi,
1431 LWS_CLOSE_STATUS_NOSTATUS);
1435 /* service incoming data */
1437 n = libwebsocket_read(context, wsi, buf, n);
1451 * libwebsocket_context_destroy() - Destroy the websocket context
1452 * @context: Websocket context
1454 * This function closes any active connections and then frees the
1455 * context. After calling this, any further use of the context is
1459 libwebsocket_context_destroy(struct libwebsocket_context *context)
1463 struct libwebsocket *wsi;
1465 for (n = 0; n < FD_HASHTABLE_MODULUS; n++)
1466 for (m = 0; m < context->fd_hashtable[n].length; m++) {
1467 wsi = context->fd_hashtable[n].wsi[m];
1468 libwebsocket_close_and_free_session(context, wsi,
1469 LWS_CLOSE_STATUS_GOINGAWAY);
1474 close(context->fd_random);
1477 #ifdef LWS_OPENSSL_SUPPORT
1478 if (context->ssl_ctx)
1479 SSL_CTX_free(context->ssl_ctx);
1480 if (context->ssl_client_ctx)
1481 SSL_CTX_free(context->ssl_client_ctx);
1492 * libwebsocket_service() - Service any pending websocket activity
1493 * @context: Websocket context
1494 * @timeout_ms: Timeout for poll; 0 means return immediately if nothing needed
1495 * service otherwise block and service immediately, returning
1496 * after the timeout if nothing needed service.
1498 * This function deals with any pending websocket traffic, for three
1499 * kinds of event. It handles these events on both server and client
1500 * types of connection the same.
1502 * 1) Accept new connections to our context's server
1504 * 2) Perform pending broadcast writes initiated from other forked
1505 * processes (effectively serializing asynchronous broadcasts)
1507 * 3) Call the receive callback for incoming frame data received by
1508 * server or client connections.
1510 * You need to call this service function periodically to all the above
1511 * functions to happen; if your application is single-threaded you can
1512 * just call it in your main event loop.
1514 * Alternatively you can fork a new process that asynchronously handles
1515 * calling this service in a loop. In that case you are happy if this
1516 * call blocks your thread until it needs to take care of something and
1517 * would call it with a large nonzero timeout. Your loop then takes no
1518 * CPU while there is nothing happening.
1520 * If you are calling it in a single-threaded app, you don't want it to
1521 * wait around blocking other things in your loop from happening, so you
1522 * would call it with a timeout_ms of 0, so it returns immediately if
1523 * nothing is pending, or as soon as it services whatever was pending.
1528 libwebsocket_service(struct libwebsocket_context *context, int timeout_ms)
1532 /* stay dead once we are dead */
1534 if (context == NULL)
1537 /* wait for something to need service */
1539 n = poll(context->fds, context->fds_count, timeout_ms);
1540 if (n == 0) /* poll timeout */
1545 fprintf(stderr, "Listen Socket dead\n");
1550 /* handle accept on listening socket? */
1552 for (n = 0; n < context->fds_count; n++)
1553 if (context->fds[n].revents)
1554 libwebsocket_service_fd(context, &context->fds[n]);
1560 * libwebsocket_callback_on_writable() - Request a callback when this socket
1561 * becomes able to be written to without
1564 * @context: libwebsockets context
1565 * @wsi: Websocket connection instance to get callback for
1569 libwebsocket_callback_on_writable(struct libwebsocket_context *context,
1570 struct libwebsocket *wsi)
1574 for (n = 0; n < context->fds_count; n++)
1575 if (context->fds[n].fd == wsi->sock) {
1576 context->fds[n].events |= POLLOUT;
1577 n = context->fds_count;
1580 /* external POLL support via protocol 0 */
1581 context->protocols[0].callback(context, wsi,
1582 LWS_CALLBACK_SET_MODE_POLL_FD,
1583 (void *)(long)wsi->sock, NULL, POLLOUT);
1589 * libwebsocket_callback_on_writable_all_protocol() - Request a callback for
1590 * all connections using the given protocol when it
1591 * becomes possible to write to each socket without
1594 * @protocol: Protocol whose connections will get callbacks
1598 libwebsocket_callback_on_writable_all_protocol(
1599 const struct libwebsocket_protocols *protocol)
1601 struct libwebsocket_context *context = protocol->owning_server;
1604 struct libwebsocket *wsi;
1606 for (n = 0; n < FD_HASHTABLE_MODULUS; n++) {
1608 for (m = 0; m < context->fd_hashtable[n].length; m++) {
1610 wsi = context->fd_hashtable[n].wsi[m];
1612 if (wsi->protocol == protocol)
1613 libwebsocket_callback_on_writable(context, wsi);
1621 * libwebsocket_set_timeout() - marks the wsi as subject to a timeout
1623 * You will not need this unless you are doing something special
1625 * @wsi: Websocket connection instance
1626 * @reason: timeout reason
1627 * @secs: how many seconds
1631 libwebsocket_set_timeout(struct libwebsocket *wsi,
1632 enum pending_timeout reason, int secs)
1636 gettimeofday(&tv, NULL);
1638 wsi->pending_timeout_limit = tv.tv_sec + secs;
1639 wsi->pending_timeout = reason;
1644 * libwebsocket_get_socket_fd() - returns the socket file descriptor
1646 * You will not need this unless you are doing something special
1648 * @wsi: Websocket connection instance
1652 libwebsocket_get_socket_fd(struct libwebsocket *wsi)
1658 * libwebsocket_rx_flow_control() - Enable and disable socket servicing for
1659 * receieved packets.
1661 * If the output side of a server process becomes choked, this allows flow
1662 * control for the input side.
1664 * @wsi: Websocket connection instance to get callback for
1665 * @enable: 0 = disable read servicing for this connection, 1 = enable
1669 libwebsocket_rx_flow_control(struct libwebsocket *wsi, int enable)
1671 struct libwebsocket_context *context = wsi->protocol->owning_server;
1674 for (n = 0; n < context->fds_count; n++)
1675 if (context->fds[n].fd == wsi->sock) {
1677 context->fds[n].events |= POLLIN;
1679 context->fds[n].events &= ~POLLIN;
1685 /* external POLL support via protocol 0 */
1686 context->protocols[0].callback(context, wsi,
1687 LWS_CALLBACK_SET_MODE_POLL_FD,
1688 (void *)(long)wsi->sock, NULL, POLLIN);
1690 /* external POLL support via protocol 0 */
1691 context->protocols[0].callback(context, wsi,
1692 LWS_CALLBACK_CLEAR_MODE_POLL_FD,
1693 (void *)(long)wsi->sock, NULL, POLLIN);
1696 fprintf(stderr, "libwebsocket_callback_on_writable "
1697 "unable to find socket\n");
1702 * libwebsocket_canonical_hostname() - returns this host's hostname
1704 * This is typically used by client code to fill in the host parameter
1705 * when making a client connection. You can only call it after the context
1708 * @context: Websocket context
1713 libwebsocket_canonical_hostname(struct libwebsocket_context *context)
1715 return (const char *)context->canonical_hostname;
1719 static void sigpipe_handler(int x)
1723 #ifdef LWS_OPENSSL_SUPPORT
1725 OpenSSL_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
1730 struct libwebsocket_context *context;
1732 ssl = X509_STORE_CTX_get_ex_data(x509_ctx,
1733 SSL_get_ex_data_X509_STORE_CTX_idx());
1736 * !!! nasty openssl requires the index to come as a library-scope
1739 context = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);
1741 n = context->protocols[0].callback(NULL, NULL,
1742 LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION,
1743 x509_ctx, ssl, preverify_ok);
1745 /* convert return code from 0 = OK to 1 = OK */
1758 * libwebsocket_create_context() - Create the websocket handler
1759 * @port: Port to listen on... you can use 0 to suppress listening on
1760 * any port, that's what you want if you are not running a
1761 * websocket server at all but just using it as a client
1762 * @interf: NULL to bind the listen socket to all interfaces, or the
1763 * interface name, eg, "eth2"
1764 * @protocols: Array of structures listing supported protocols and a protocol-
1765 * specific callback for each one. The list is ended with an
1766 * entry that has a NULL callback pointer.
1767 * It's not const because we write the owning_server member
1768 * @extensions: NULL or array of libwebsocket_extension structs listing the
1769 * extensions this context supports
1770 * @ssl_cert_filepath: If libwebsockets was compiled to use ssl, and you want
1771 * to listen using SSL, set to the filepath to fetch the
1772 * server cert from, otherwise NULL for unencrypted
1773 * @ssl_private_key_filepath: filepath to private key if wanting SSL mode,
1775 * @gid: group id to change to after setting listen socket, or -1.
1776 * @uid: user id to change to after setting listen socket, or -1.
1777 * @options: 0, or LWS_SERVER_OPTION_DEFEAT_CLIENT_MASK
1779 * This function creates the listening socket and takes care
1780 * of all initialization in one step.
1782 * After initialization, it returns a struct libwebsocket_context * that
1783 * represents this server. After calling, user code needs to take care
1784 * of calling libwebsocket_service() with the context pointer to get the
1785 * server's sockets serviced. This can be done in the same process context
1786 * or a forked process, or another thread,
1788 * The protocol callback functions are called for a handful of events
1789 * including http requests coming in, websocket connections becoming
1790 * established, and data arriving; it's also called periodically to allow
1791 * async transmission.
1793 * HTTP requests are sent always to the FIRST protocol in @protocol, since
1794 * at that time websocket protocol has not been negotiated. Other
1795 * protocols after the first one never see any HTTP callack activity.
1797 * The server created is a simple http server by default; part of the
1798 * websocket standard is upgrading this http connection to a websocket one.
1800 * This allows the same server to provide files like scripts and favicon /
1801 * images or whatever over http and dynamic data over websockets all in
1802 * one place; they're all handled in the user callback.
1805 struct libwebsocket_context *
1806 libwebsocket_create_context(int port, const char *interf,
1807 struct libwebsocket_protocols *protocols,
1808 struct libwebsocket_extension *extensions,
1809 const char *ssl_cert_filepath,
1810 const char *ssl_private_key_filepath,
1811 int gid, int uid, unsigned int options)
1816 struct sockaddr_in serv_addr, cli_addr;
1818 struct libwebsocket_context *context = NULL;
1821 char hostname[1024];
1823 struct libwebsocket *wsi;
1825 #ifdef LWS_OPENSSL_SUPPORT
1827 char ssl_err_buf[512];
1832 WORD wVersionRequested;
1836 /* Use the MAKEWORD(lowbyte, highbyte) macro from Windef.h */
1837 wVersionRequested = MAKEWORD(2, 2);
1839 err = WSAStartup(wVersionRequested, &wsaData);
1841 /* Tell the user that we could not find a usable */
1843 fprintf(stderr, "WSAStartup failed with error: %d\n",
1851 context = malloc(sizeof(struct libwebsocket_context));
1853 fprintf(stderr, "No memory for websocket context\n");
1856 context->protocols = protocols;
1857 context->listen_port = port;
1858 context->http_proxy_port = 0;
1859 context->http_proxy_address[0] = '\0';
1860 context->options = options;
1861 context->fds_count = 0;
1862 context->extensions = extensions;
1865 context->fd_random = 0;
1867 context->fd_random = open(SYSTEM_RANDOM_FILEPATH, O_RDONLY);
1868 if (context->fd_random < 0) {
1869 fprintf(stderr, "Unable to open random device %s %d\n",
1870 SYSTEM_RANDOM_FILEPATH, context->fd_random);
1875 #ifdef LWS_OPENSSL_SUPPORT
1876 context->use_ssl = 0;
1877 context->ssl_ctx = NULL;
1878 context->ssl_client_ctx = NULL;
1879 openssl_websocket_private_data_index = 0;
1881 /* find canonical hostname */
1883 hostname[(sizeof hostname) - 1] = '\0';
1884 gethostname(hostname, (sizeof hostname) - 1);
1885 he = gethostbyname(hostname);
1887 strncpy(context->canonical_hostname, he->h_name,
1888 sizeof context->canonical_hostname - 1);
1889 context->canonical_hostname[
1890 sizeof context->canonical_hostname - 1] = '\0';
1892 strncpy(context->canonical_hostname, hostname,
1893 sizeof context->canonical_hostname - 1);
1895 /* split the proxy ads:port if given */
1897 p = getenv("http_proxy");
1899 strncpy(context->http_proxy_address, p,
1900 sizeof context->http_proxy_address - 1);
1901 context->http_proxy_address[
1902 sizeof context->http_proxy_address - 1] = '\0';
1904 p = strchr(context->http_proxy_address, ':');
1906 fprintf(stderr, "http_proxy needs to be ads:port\n");
1910 context->http_proxy_port = atoi(p + 1);
1912 fprintf(stderr, "Using proxy %s:%u\n",
1913 context->http_proxy_address,
1914 context->http_proxy_port);
1919 #ifdef LWS_OPENSSL_SUPPORT
1920 context->use_ssl = ssl_cert_filepath != NULL &&
1921 ssl_private_key_filepath != NULL;
1922 if (context->use_ssl)
1923 fprintf(stderr, " Compiled with SSL support, "
1926 fprintf(stderr, " Compiled with SSL support, "
1930 if (ssl_cert_filepath != NULL &&
1931 ssl_private_key_filepath != NULL) {
1932 fprintf(stderr, " Not compiled for OpenSSl support!\n");
1935 fprintf(stderr, " Compiled without SSL support, "
1936 "serving unencrypted\n");
1940 /* ignore SIGPIPE */
1943 signal(SIGPIPE, sigpipe_handler);
1947 #ifdef LWS_OPENSSL_SUPPORT
1949 /* basic openssl init */
1953 OpenSSL_add_all_algorithms();
1954 SSL_load_error_strings();
1956 openssl_websocket_private_data_index =
1957 SSL_get_ex_new_index(0, "libwebsockets", NULL, NULL, NULL);
1960 * Firefox insists on SSLv23 not SSLv3
1961 * Konq disables SSLv2 by default now, SSLv23 works
1964 method = (SSL_METHOD *)SSLv23_server_method();
1966 fprintf(stderr, "problem creating ssl method: %s\n",
1967 ERR_error_string(ERR_get_error(), ssl_err_buf));
1970 context->ssl_ctx = SSL_CTX_new(method); /* create context */
1971 if (!context->ssl_ctx) {
1972 fprintf(stderr, "problem creating ssl context: %s\n",
1973 ERR_error_string(ERR_get_error(), ssl_err_buf));
1977 /* client context */
1978 if (port == CONTEXT_PORT_NO_LISTEN)
1980 method = (SSL_METHOD *)SSLv23_client_method();
1982 fprintf(stderr, "problem creating ssl method: %s\n",
1983 ERR_error_string(ERR_get_error(), ssl_err_buf));
1986 /* create context */
1987 context->ssl_client_ctx = SSL_CTX_new(method);
1988 if (!context->ssl_client_ctx) {
1989 fprintf(stderr, "problem creating ssl context: %s\n",
1990 ERR_error_string(ERR_get_error(), ssl_err_buf));
1994 /* openssl init for cert verification (for client sockets) */
1996 if (!SSL_CTX_load_verify_locations(
1997 context->ssl_client_ctx, NULL,
1998 LWS_OPENSSL_CLIENT_CERTS))
2000 "Unable to load SSL Client certs from %s "
2001 "(set by --with-client-cert-dir= in configure) -- "
2002 " client ssl isn't going to work",
2003 LWS_OPENSSL_CLIENT_CERTS);
2006 * callback allowing user code to load extra verification certs
2007 * helping the client to verify server identity
2010 context->protocols[0].callback(context, NULL,
2011 LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS,
2012 context->ssl_client_ctx, NULL, 0);
2014 /* as a server, are we requiring clients to identify themselves? */
2016 if (options & LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT) {
2018 /* absolutely require the client cert */
2020 SSL_CTX_set_verify(context->ssl_ctx,
2021 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
2022 OpenSSL_verify_callback);
2025 * give user code a chance to load certs into the server
2026 * allowing it to verify incoming client certs
2029 context->protocols[0].callback(context, NULL,
2030 LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS,
2031 context->ssl_ctx, NULL, 0);
2034 if (context->use_ssl) {
2036 /* openssl init for server sockets */
2038 /* set the local certificate from CertFile */
2039 n = SSL_CTX_use_certificate_file(context->ssl_ctx,
2040 ssl_cert_filepath, SSL_FILETYPE_PEM);
2042 fprintf(stderr, "problem getting cert '%s': %s\n",
2044 ERR_error_string(ERR_get_error(), ssl_err_buf));
2047 /* set the private key from KeyFile */
2048 if (SSL_CTX_use_PrivateKey_file(context->ssl_ctx,
2049 ssl_private_key_filepath, SSL_FILETYPE_PEM) != 1) {
2050 fprintf(stderr, "ssl problem getting key '%s': %s\n",
2051 ssl_private_key_filepath,
2052 ERR_error_string(ERR_get_error(), ssl_err_buf));
2055 /* verify private key */
2056 if (!SSL_CTX_check_private_key(context->ssl_ctx)) {
2057 fprintf(stderr, "Private SSL key doesn't match cert\n");
2061 /* SSL is happy and has a cert it's content with */
2067 if (lws_b64_selftest())
2070 /* fd hashtable init */
2072 for (n = 0; n < FD_HASHTABLE_MODULUS; n++)
2073 context->fd_hashtable[n].length = 0;
2075 /* set up our external listening socket we serve on */
2079 sockfd = socket(AF_INET, SOCK_STREAM, 0);
2081 fprintf(stderr, "ERROR opening socket");
2085 /* allow us to restart even if old sockets in TIME_WAIT */
2086 setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
2088 bzero((char *) &serv_addr, sizeof(serv_addr));
2089 serv_addr.sin_family = AF_INET;
2091 serv_addr.sin_addr.s_addr = INADDR_ANY;
2093 interface_to_sa(interf, &serv_addr,
2095 serv_addr.sin_port = htons(port);
2097 n = bind(sockfd, (struct sockaddr *) &serv_addr,
2100 fprintf(stderr, "ERROR on binding to port %d (%d %d)\n",
2105 wsi = malloc(sizeof(struct libwebsocket));
2106 memset(wsi, 0, sizeof (struct libwebsocket));
2108 wsi->count_active_extensions = 0;
2109 wsi->mode = LWS_CONNMODE_SERVER_LISTENER;
2110 insert_wsi(context, wsi);
2113 fprintf(stderr, " Listening on port %d\n", port);
2115 /* list in the internal poll array */
2117 context->fds[context->fds_count].fd = sockfd;
2118 context->fds[context->fds_count++].events = POLLIN;
2120 /* external POLL support via protocol 0 */
2121 context->protocols[0].callback(context, wsi,
2122 LWS_CALLBACK_ADD_POLL_FD,
2123 (void *)(long)sockfd, NULL, POLLIN);
2127 /* drop any root privs for this process */
2132 fprintf(stderr, "setgid: %s\n", strerror(errno));
2135 fprintf(stderr, "setuid: %s\n", strerror(errno));
2138 /* set up our internal broadcast trigger sockets per-protocol */
2140 for (context->count_protocols = 0;
2141 protocols[context->count_protocols].callback;
2142 context->count_protocols++) {
2143 protocols[context->count_protocols].owning_server = context;
2144 protocols[context->count_protocols].protocol_index =
2145 context->count_protocols;
2147 fd = socket(AF_INET, SOCK_STREAM, 0);
2149 fprintf(stderr, "ERROR opening socket");
2153 /* allow us to restart even if old sockets in TIME_WAIT */
2154 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
2156 bzero((char *) &serv_addr, sizeof(serv_addr));
2157 serv_addr.sin_family = AF_INET;
2158 serv_addr.sin_addr.s_addr = inet_addr("127.0.0.1");
2159 serv_addr.sin_port = 0; /* pick the port for us */
2161 n = bind(fd, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
2163 fprintf(stderr, "ERROR on binding to port %d (%d %d)\n",
2168 slen = sizeof cli_addr;
2169 n = getsockname(fd, (struct sockaddr *)&cli_addr, &slen);
2171 fprintf(stderr, "getsockname failed\n");
2174 protocols[context->count_protocols].broadcast_socket_port =
2175 ntohs(cli_addr.sin_port);
2178 debug(" Protocol %s broadcast socket %d\n",
2179 protocols[context->count_protocols].name,
2180 ntohs(cli_addr.sin_port));
2182 /* dummy wsi per broadcast proxy socket */
2184 wsi = malloc(sizeof(struct libwebsocket));
2185 memset(wsi, 0, sizeof (struct libwebsocket));
2187 wsi->mode = LWS_CONNMODE_BROADCAST_PROXY_LISTENER;
2188 wsi->count_active_extensions = 0;
2189 /* note which protocol we are proxying */
2190 wsi->protocol_index_for_broadcast_proxy =
2191 context->count_protocols;
2192 insert_wsi(context, wsi);
2194 /* list in internal poll array */
2196 context->fds[context->fds_count].fd = fd;
2197 context->fds[context->fds_count].events = POLLIN;
2198 context->fds[context->fds_count].revents = 0;
2199 context->fds_count++;
2201 /* external POLL support via protocol 0 */
2202 context->protocols[0].callback(context, wsi,
2203 LWS_CALLBACK_ADD_POLL_FD,
2204 (void *)(long)fd, NULL, POLLIN);
2214 * libwebsockets_fork_service_loop() - Optional helper function forks off
2215 * a process for the websocket server loop.
2216 * You don't have to use this but if not, you
2217 * have to make sure you are calling
2218 * libwebsocket_service periodically to service
2219 * the websocket traffic
2220 * @context: server context returned by creation function
2224 libwebsockets_fork_service_loop(struct libwebsocket_context *context)
2227 struct sockaddr_in cli_addr;
2237 /* main process context */
2240 * set up the proxy sockets to allow broadcast from
2241 * service process context
2244 for (p = 0; p < context->count_protocols; p++) {
2245 fd = socket(AF_INET, SOCK_STREAM, 0);
2247 fprintf(stderr, "Unable to create socket\n");
2250 cli_addr.sin_family = AF_INET;
2251 cli_addr.sin_port = htons(
2252 context->protocols[p].broadcast_socket_port);
2253 cli_addr.sin_addr.s_addr = inet_addr("127.0.0.1");
2254 n = connect(fd, (struct sockaddr *)&cli_addr,
2257 fprintf(stderr, "Unable to connect to "
2258 "broadcast socket %d, %s\n",
2259 n, strerror(errno));
2263 context->protocols[p].broadcast_socket_user_fd = fd;
2269 /* we want a SIGHUP when our parent goes down */
2270 prctl(PR_SET_PDEATHSIG, SIGHUP);
2272 /* in this forked process, sit and service websocket connections */
2275 if (libwebsocket_service(context, 1000))
2284 * libwebsockets_get_protocol() - Returns a protocol pointer from a websocket
2286 * @wsi: pointer to struct websocket you want to know the protocol of
2289 * This is useful to get the protocol to broadcast back to from inside
2293 const struct libwebsocket_protocols *
2294 libwebsockets_get_protocol(struct libwebsocket *wsi)
2296 return wsi->protocol;
2300 * libwebsockets_broadcast() - Sends a buffer to the callback for all active
2301 * connections of the given protocol.
2302 * @protocol: pointer to the protocol you will broadcast to all members of
2303 * @buf: buffer containing the data to be broadcase. NOTE: this has to be
2304 * allocated with LWS_SEND_BUFFER_PRE_PADDING valid bytes before
2305 * the pointer and LWS_SEND_BUFFER_POST_PADDING afterwards in the
2306 * case you are calling this function from callback context.
2307 * @len: length of payload data in buf, starting from buf.
2309 * This function allows bulk sending of a packet to every connection using
2310 * the given protocol. It does not send the data directly; instead it calls
2311 * the callback with a reason type of LWS_CALLBACK_BROADCAST. If the callback
2312 * wants to actually send the data for that connection, the callback itself
2313 * should call libwebsocket_write().
2315 * libwebsockets_broadcast() can be called from another fork context without
2316 * having to take any care about data visibility between the processes, it'll
2322 libwebsockets_broadcast(const struct libwebsocket_protocols *protocol,
2323 unsigned char *buf, size_t len)
2325 struct libwebsocket_context *context = protocol->owning_server;
2328 struct libwebsocket * wsi;
2330 if (!protocol->broadcast_socket_user_fd) {
2332 * We are either running unforked / flat, or we are being
2333 * called from poll thread context
2334 * eg, from a callback. In that case don't use sockets for
2335 * broadcast IPC (since we can't open a socket connection to
2336 * a socket listening on our own thread) but directly do the
2339 * Locking is not needed because we are by definition being
2340 * called in the poll thread context and are serialized.
2343 for (n = 0; n < FD_HASHTABLE_MODULUS; n++) {
2345 for (m = 0; m < context->fd_hashtable[n].length; m++) {
2347 wsi = context->fd_hashtable[n].wsi[m];
2349 if (wsi->mode != LWS_CONNMODE_WS_SERVING)
2353 * never broadcast to
2354 * non-established connections
2356 if (wsi->state != WSI_STATE_ESTABLISHED)
2359 /* only broadcast to guys using
2360 * requested protocol
2362 if (wsi->protocol != protocol)
2365 wsi->protocol->callback(context, wsi,
2366 LWS_CALLBACK_BROADCAST,
2376 * We're being called from a different process context than the server
2377 * loop. Instead of broadcasting directly, we send our
2378 * payload on a socket to do the IPC; the server process will serialize
2379 * the broadcast action in its main poll() loop.
2381 * There's one broadcast socket listening for each protocol supported
2382 * set up when the websocket server initializes
2385 n = send(protocol->broadcast_socket_user_fd, buf, len, MSG_NOSIGNAL);