2 * libwebsockets - small server side websockets and web server implementation
4 * Copyright (C) 2010 Andy Green <andy@warmcat.com>
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation:
9 * version 2.1 of the License.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
22 #include "private-libwebsockets.h"
31 #ifdef LWS_OPENSSL_SUPPORT
32 int openssl_websocket_private_data_index;
36 * In-place str to lower case
48 /* file descriptor hash management */
51 wsi_from_fd(struct libwebsocket_context *context, int fd)
53 int h = LWS_FD_HASH(fd);
56 for (n = 0; n < context->fd_hashtable[h].length; n++)
57 if (context->fd_hashtable[h].wsi[n]->sock == fd)
58 return context->fd_hashtable[h].wsi[n];
64 insert_wsi(struct libwebsocket_context *context, struct libwebsocket *wsi)
66 int h = LWS_FD_HASH(wsi->sock);
68 if (context->fd_hashtable[h].length == MAX_CLIENTS - 1) {
69 fprintf(stderr, "hash table overflow\n");
73 context->fd_hashtable[h].wsi[context->fd_hashtable[h].length++] = wsi;
79 delete_from_fd(struct libwebsocket_context *context, int fd)
81 int h = LWS_FD_HASH(fd);
84 for (n = 0; n < context->fd_hashtable[h].length; n++)
85 if (context->fd_hashtable[h].wsi[n]->sock == fd) {
86 while (n < context->fd_hashtable[h].length) {
87 context->fd_hashtable[h].wsi[n] =
88 context->fd_hashtable[h].wsi[n + 1];
91 context->fd_hashtable[h].length--;
96 fprintf(stderr, "Failed to find fd %d requested for "
97 "delete in hashtable\n", fd);
101 #ifdef LWS_OPENSSL_SUPPORT
103 libwebsockets_decode_ssl_error(void)
108 while ((err = ERR_get_error()) != 0) {
109 ERR_error_string_n(err, buf, sizeof(buf));
110 fprintf(stderr, "*** %s\n", buf);
117 interface_to_sa(const char* ifname, struct sockaddr_in *addr, size_t addrlen)
125 struct sockaddr_in *sin;
128 for (ifc = ifr; ifc != NULL; ifc = ifc->ifa_next) {
129 if (strcmp(ifc->ifa_name, ifname))
131 if (ifc->ifa_addr == NULL)
133 sin = (struct sockaddr_in *)ifc->ifa_addr;
134 if (sin->sin_family != AF_INET)
136 memcpy(addr, sin, addrlen);
146 libwebsocket_close_and_free_session(struct libwebsocket_context *context,
147 struct libwebsocket *wsi, enum lws_close_status reason)
151 unsigned char buf[LWS_SEND_BUFFER_PRE_PADDING + 2 +
152 LWS_SEND_BUFFER_POST_PADDING];
155 struct lws_tokens eff_buf;
160 old_state = wsi->state;
162 if (old_state == WSI_STATE_DEAD_SOCKET)
165 wsi->close_reason = reason;
168 * flush any tx pending from extensions, since we may send close packet
169 * if there are problems with send, just nuke the connection
175 /* default to nobody has more to spill */
178 eff_buf.token = NULL;
179 eff_buf.token_len = 0;
181 /* show every extension the new incoming data */
183 for (n = 0; n < wsi->count_active_extensions; n++) {
184 m = wsi->active_extensions[n]->callback(
185 wsi->protocol->owning_server, wsi,
186 LWS_EXT_CALLBACK_FLUSH_PENDING_TX,
187 wsi->active_extensions_user[n], &eff_buf, 0);
189 fprintf(stderr, "Extension reports "
191 goto just_kill_connection;
195 * at least one extension told us he has more
196 * to spill, so we will go around again after
201 /* assuming they left us something to send, send it */
203 if (eff_buf.token_len)
204 if (lws_issue_raw(wsi, (unsigned char *)eff_buf.token,
206 goto just_kill_connection;
210 * signal we are closing, libsocket_write will
211 * add any necessary version-specific stuff. If the write fails,
212 * no worries we are closing anyway. If we didn't initiate this
213 * close, then our state has been changed to
214 * WSI_STATE_RETURNED_CLOSE_ALREADY and we will skip this.
216 * Likewise if it's a second call to close this connection after we
217 * sent the close indication to the peer already, we are in state
218 * WSI_STATE_AWAITING_CLOSE_ACK and will skip doing this a second time.
221 if (old_state == WSI_STATE_ESTABLISHED &&
222 reason != LWS_CLOSE_STATUS_NOSTATUS) {
223 n = libwebsocket_write(wsi, &buf[LWS_SEND_BUFFER_PRE_PADDING],
227 * we have sent a nice protocol level indication we
228 * now wish to close, we should not send anything more
231 wsi->state = WSI_STATE_AWAITING_CLOSE_ACK;
233 /* and we should wait for a reply for a bit */
235 libwebsocket_set_timeout(wsi,
236 PENDING_TIMEOUT_CLOSE_ACK, 5);
238 fprintf(stderr, "sent close indication, awaiting ack\n");
243 /* else, the send failed and we should just hang up */
246 just_kill_connection:
248 * we won't be servicing or receiving anything further from this guy
249 * remove this fd from wsi mapping hashtable
252 delete_from_fd(context, wsi->sock);
254 /* delete it from the internal poll list if still present */
256 for (n = 0; n < context->fds_count; n++) {
257 if (context->fds[n].fd != wsi->sock)
259 while (n < context->fds_count - 1) {
260 context->fds[n] = context->fds[n + 1];
263 context->fds_count--;
264 /* we only have to deal with one */
265 n = context->fds_count;
268 /* remove also from external POLL support via protocol 0 */
270 context->protocols[0].callback(context, wsi,
271 LWS_CALLBACK_DEL_POLL_FD, (void *)(long)wsi->sock, NULL, 0);
273 wsi->state = WSI_STATE_DEAD_SOCKET;
275 /* tell the user it's all over for this guy */
277 if (wsi->protocol && wsi->protocol->callback &&
278 old_state == WSI_STATE_ESTABLISHED)
279 wsi->protocol->callback(context, wsi, LWS_CALLBACK_CLOSED,
280 wsi->user_space, NULL, 0);
282 /* deallocate any active extension contexts */
284 for (n = 0; n < wsi->count_active_extensions; n++) {
285 if (!wsi->active_extensions[n]->callback)
288 wsi->active_extensions[n]->callback(context, wsi,
289 LWS_EXT_CALLBACK_DESTROY,
290 wsi->active_extensions_user[n], NULL, 0);
292 free(wsi->active_extensions_user[n]);
295 /* free up his parsing allocations */
297 for (n = 0; n < WSI_TOKEN_COUNT; n++)
298 if (wsi->utf8_token[n].token)
299 free(wsi->utf8_token[n].token);
301 /* fprintf(stderr, "closing fd=%d\n", wsi->sock); */
303 #ifdef LWS_OPENSSL_SUPPORT
305 n = SSL_get_fd(wsi->ssl);
306 SSL_shutdown(wsi->ssl);
315 shutdown(wsi->sock, SHUT_RDWR);
317 closesocket(wsi->sock);
321 #ifdef LWS_OPENSSL_SUPPORT
325 free(wsi->user_space);
331 * libwebsockets_hangup_on_client() - Server calls to terminate client
333 * @context: libwebsockets context
334 * @fd: Connection socket descriptor
338 libwebsockets_hangup_on_client(struct libwebsocket_context *context, int fd)
340 struct libwebsocket *wsi = wsi_from_fd(context, fd);
345 libwebsocket_close_and_free_session(context, wsi,
346 LWS_CLOSE_STATUS_NOSTATUS);
351 * libwebsockets_get_peer_addresses() - Get client address information
352 * @fd: Connection socket descriptor
353 * @name: Buffer to take client address name
354 * @name_len: Length of client address name buffer
355 * @rip: Buffer to take client address IP qotted quad
356 * @rip_len: Length of client address IP buffer
358 * This function fills in @name and @rip with the name and IP of
359 * the client connected with socket descriptor @fd. Names may be
360 * truncated if there is not enough room. If either cannot be
361 * determined, they will be returned as valid zero-length strings.
365 libwebsockets_get_peer_addresses(int fd, char *name, int name_len,
366 char *rip, int rip_len)
369 struct sockaddr_in sin;
370 struct hostent *host;
371 struct hostent *host1;
375 struct sockaddr_un *un;
381 if (getpeername(fd, (struct sockaddr *) &sin, &len) < 0) {
382 perror("getpeername");
386 host = gethostbyaddr((char *) &sin.sin_addr, sizeof sin.sin_addr,
389 perror("gethostbyaddr");
393 strncpy(name, host->h_name, name_len);
394 name[name_len - 1] = '\0';
396 host1 = gethostbyname(host->h_name);
399 p = (unsigned char *)host1;
402 p = (unsigned char *)host1->h_addr_list[n++];
405 if ((host1->h_addrtype != AF_INET)
407 && (host1->h_addrtype != AF_LOCAL)
412 if (host1->h_addrtype == AF_INET)
413 sprintf(ip, "%u.%u.%u.%u", p[0], p[1], p[2], p[3]);
416 un = (struct sockaddr_un *)p;
417 strncpy(ip, un->sun_path, sizeof(ip) -1);
418 ip[sizeof(ip) - 1] = '\0';
422 strncpy(rip, ip, rip_len);
423 rip[rip_len - 1] = '\0';
427 int libwebsockets_get_random(struct libwebsocket_context *context,
434 for (n = 0; n < len; n++)
435 p[n] = (unsigned char)rand();
437 n = read(context->fd_random, p, len);
444 libwebsockets_SHA1(const unsigned char *d, size_t n, unsigned char *md)
446 return SHA1(d, n, md);
449 void libwebsockets_00_spaceout(char *key, int spaces, int seed)
455 if (*key && (seed & 1))
459 p = key + strlen(key);
468 void libwebsockets_00_spam(char *key, int count, int seed)
475 if (*key && (seed & 1))
479 p = key + strlen(key);
484 *key++ = 0x21 + ((seed & 0xffff) % 15);
485 /* 4 would use it up too fast.. not like it matters */
490 int lws_send_pipe_choked(struct libwebsocket *wsi)
495 fds.events = POLLOUT;
498 if (poll(&fds, 1, 0) != 1)
501 if ((fds.revents & POLLOUT) == 0)
504 /* okay to send another packet without blocking */
510 lws_handle_POLLOUT_event(struct libwebsocket_context *context,
511 struct libwebsocket *wsi, struct pollfd *pollfd)
513 struct lws_tokens eff_buf;
518 if (!wsi->extension_data_pending)
522 * check in on the active extensions, see if they
523 * had pending stuff to spill... they need to get the
524 * first look-in otherwise sequence will be disordered
526 * NULL, zero-length eff_buf means just spill pending
532 /* default to nobody has more to spill */
535 eff_buf.token = NULL;
536 eff_buf.token_len = 0;
538 /* give every extension a chance to spill */
540 for (n = 0; n < wsi->count_active_extensions; n++) {
541 m = wsi->active_extensions[n]->callback(
542 wsi->protocol->owning_server, wsi,
543 LWS_EXT_CALLBACK_PACKET_TX_PRESEND,
544 wsi->active_extensions_user[n], &eff_buf, 0);
546 fprintf(stderr, "extension reports fatal error\n");
551 * at least one extension told us he has more
552 * to spill, so we will go around again after
557 /* assuming they gave us something to send, send it */
559 if (eff_buf.token_len) {
560 if (lws_issue_raw(wsi, (unsigned char *)eff_buf.token,
566 /* no extension has more to spill */
572 * There's more to spill from an extension, but we just sent
573 * something... did that leave the pipe choked?
576 if (!lws_send_pipe_choked(wsi))
577 /* no we could add more */
580 fprintf(stderr, "choked in POLLOUT service\n");
583 * Yes, he's choked. Leave the POLLOUT masked on so we will
584 * come back here when he is unchoked. Don't call the user
585 * callback to enforce ordering of spilling, he'll get called
586 * when we come back here and there's nothing more to spill.
592 wsi->extension_data_pending = 0;
597 pollfd->events &= ~POLLOUT;
599 /* external POLL support via protocol 0 */
600 context->protocols[0].callback(context, wsi,
601 LWS_CALLBACK_CLEAR_MODE_POLL_FD,
602 (void *)(long)wsi->sock, NULL, POLLOUT);
604 if (wsi->mode == LWS_CONNMODE_WS_CLIENT)
605 n = LWS_CALLBACK_CLIENT_WRITEABLE;
607 n = LWS_CALLBACK_SERVER_WRITEABLE;
609 wsi->protocol->callback(context, wsi, n, wsi->user_space, NULL, 0);
617 * libwebsocket_service_fd() - Service polled socket with something waiting
618 * @context: Websocket context
619 * @pollfd: The pollfd entry describing the socket fd and which events
622 * This function closes any active connections and then frees the
623 * context. After calling this, any further use of the context is
628 libwebsocket_service_fd(struct libwebsocket_context *context,
629 struct pollfd *pollfd)
631 unsigned char buf[LWS_SEND_BUFFER_PRE_PADDING + 1 + MAX_BROADCAST_PAYLOAD +
632 LWS_SEND_BUFFER_POST_PADDING];
633 struct libwebsocket *wsi;
634 struct libwebsocket *new_wsi;
640 struct sockaddr_in cli_addr;
642 static const char magic_websocket_guid[] =
643 "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
644 static const char magic_websocket_04_masking_guid[] =
645 "61AC5F19-FBBA-4540-B96F-6561F1AB40A8";
654 struct lws_tokens eff_buf;
656 struct libwebsocket_extension *ext;
659 #ifdef LWS_OPENSSL_SUPPORT
660 char ssl_err_buf[512];
663 * you can call us with pollfd = NULL to just allow the once-per-second
664 * global timeout checks; if less than a second since the last check
665 * it returns immediately then.
668 gettimeofday(&tv, NULL);
670 if (context->last_timeout_check_s != tv.tv_sec) {
671 context->last_timeout_check_s = tv.tv_sec;
673 /* global timeout check once per second */
675 for (n = 0; n < context->fds_count; n++) {
676 wsi = wsi_from_fd(context, context->fds[n].fd);
677 if (!wsi->pending_timeout)
681 * if we went beyond the allowed time, kill the
685 if (tv.tv_sec > wsi->pending_timeout_limit) {
686 fprintf(stderr, "TIMEDOUT WAITING\n");
687 libwebsocket_close_and_free_session(context,
688 wsi, LWS_CLOSE_STATUS_NOSTATUS);
693 /* just here for timeout management? */
698 /* no, here to service a socket descriptor */
700 wsi = wsi_from_fd(context, pollfd->fd);
706 case LWS_CONNMODE_SERVER_LISTENER:
708 /* pollin means a client has connected to us then */
710 if (!pollfd->revents & POLLIN)
713 /* listen socket got an unencrypted connection... */
715 clilen = sizeof(cli_addr);
716 accept_fd = accept(pollfd->fd, (struct sockaddr *)&cli_addr,
719 fprintf(stderr, "ERROR on accept");
725 setsockopt(accept_fd, SOL_TCP, TCP_NODELAY, &opt, sizeof(opt));
727 if (context->fds_count >= MAX_CLIENTS) {
728 fprintf(stderr, "too busy to accept new client\n");
730 closesocket(accept_fd);
738 * look at who we connected to and give user code a chance
739 * to reject based on client IP. There's no protocol selected
740 * yet so we issue this to protocols[0]
743 if ((context->protocols[0].callback)(context, wsi,
744 LWS_CALLBACK_FILTER_NETWORK_CONNECTION,
745 (void*)(long)accept_fd, NULL, 0)) {
746 fprintf(stderr, "Callback denied network connection\n");
748 closesocket(accept_fd);
755 /* accepting connection to main listener */
757 new_wsi = malloc(sizeof(struct libwebsocket));
758 if (new_wsi == NULL) {
759 fprintf(stderr, "Out of memory for new connection\n");
763 memset(new_wsi, 0, sizeof (struct libwebsocket));
764 new_wsi->sock = accept_fd;
765 new_wsi->count_active_extensions = 0;
766 new_wsi->pending_timeout = NO_PENDING_TIMEOUT;
768 #ifdef LWS_OPENSSL_SUPPORT
771 if (context->use_ssl) {
773 new_wsi->ssl = SSL_new(context->ssl_ctx);
774 if (new_wsi->ssl == NULL) {
775 fprintf(stderr, "SSL_new failed: %s\n",
776 ERR_error_string(SSL_get_error(
777 new_wsi->ssl, 0), NULL));
778 libwebsockets_decode_ssl_error();
783 SSL_set_fd(new_wsi->ssl, accept_fd);
785 n = SSL_accept(new_wsi->ssl);
788 * browsers seem to probe with various
789 * ssl params which fail then retry
792 debug("SSL_accept failed skt %u: %s\n",
794 ERR_error_string(SSL_get_error(
795 new_wsi->ssl, n), NULL));
802 debug("accepted new SSL conn "
803 "port %u on fd=%d SSL ver %s\n",
804 ntohs(cli_addr.sin_port), accept_fd,
805 SSL_get_version(new_wsi->ssl));
809 debug("accepted new conn port %u on fd=%d\n",
810 ntohs(cli_addr.sin_port), accept_fd);
812 /* intialize the instance struct */
814 new_wsi->state = WSI_STATE_HTTP;
815 new_wsi->name_buffer_pos = 0;
816 new_wsi->mode = LWS_CONNMODE_WS_SERVING;
818 for (n = 0; n < WSI_TOKEN_COUNT; n++) {
819 new_wsi->utf8_token[n].token = NULL;
820 new_wsi->utf8_token[n].token_len = 0;
824 * these can only be set once the protocol is known
825 * we set an unestablished connection's protocol pointer
826 * to the start of the supported list, so it can look
827 * for matching ones during the handshake
829 new_wsi->protocol = context->protocols;
830 new_wsi->user_space = NULL;
833 * Default protocol is 76 / 00
834 * After 76, there's a header specified to inform which
835 * draft the client wants, when that's seen we modify
836 * the individual connection's spec revision accordingly
838 new_wsi->ietf_spec_revision = 0;
840 insert_wsi(context, new_wsi);
843 * make sure NO events are seen yet on this new socket
844 * (otherwise we inherit old fds[client].revents from
845 * previous socket there and die mysteriously! )
847 context->fds[context->fds_count].revents = 0;
849 context->fds[context->fds_count].events = POLLIN;
850 context->fds[context->fds_count++].fd = accept_fd;
852 /* external POLL support via protocol 0 */
853 context->protocols[0].callback(context, new_wsi,
854 LWS_CALLBACK_ADD_POLL_FD,
855 (void *)(long)accept_fd, NULL, POLLIN);
859 case LWS_CONNMODE_BROADCAST_PROXY_LISTENER:
861 /* as we are listening, POLLIN means accept() is needed */
863 if (!pollfd->revents & POLLIN)
866 /* listen socket got an unencrypted connection... */
868 clilen = sizeof(cli_addr);
869 accept_fd = accept(pollfd->fd, (struct sockaddr *)&cli_addr,
872 fprintf(stderr, "ERROR on accept");
876 if (context->fds_count >= MAX_CLIENTS) {
877 fprintf(stderr, "too busy to accept new broadcast "
880 closesocket(accept_fd);
887 /* create a dummy wsi for the connection and add it */
889 new_wsi = malloc(sizeof(struct libwebsocket));
890 memset(new_wsi, 0, sizeof (struct libwebsocket));
891 new_wsi->sock = accept_fd;
892 new_wsi->mode = LWS_CONNMODE_BROADCAST_PROXY;
893 new_wsi->state = WSI_STATE_ESTABLISHED;
894 new_wsi->count_active_extensions = 0;
895 /* note which protocol we are proxying */
896 new_wsi->protocol_index_for_broadcast_proxy =
897 wsi->protocol_index_for_broadcast_proxy;
898 insert_wsi(context, new_wsi);
900 /* add connected socket to internal poll array */
902 context->fds[context->fds_count].revents = 0;
903 context->fds[context->fds_count].events = POLLIN;
904 context->fds[context->fds_count++].fd = accept_fd;
906 /* external POLL support via protocol 0 */
907 context->protocols[0].callback(context, new_wsi,
908 LWS_CALLBACK_ADD_POLL_FD,
909 (void *)(long)accept_fd, NULL, POLLIN);
913 case LWS_CONNMODE_BROADCAST_PROXY:
915 /* handle session socket closed */
917 if (pollfd->revents & (POLLERR | POLLHUP)) {
919 debug("Session Socket %p (fd=%d) dead\n",
920 (void *)wsi, pollfd->fd);
922 libwebsocket_close_and_free_session(context, wsi,
923 LWS_CLOSE_STATUS_NORMAL);
928 * either extension code with stuff to spill, or the user code,
929 * requested a callback when it was OK to write
932 if (pollfd->revents & POLLOUT)
933 if (lws_handle_POLLOUT_event(context, wsi, pollfd) < 0) {
934 libwebsocket_close_and_free_session(context, wsi,
935 LWS_CLOSE_STATUS_NORMAL);
939 /* any incoming data ready? */
941 if (!(pollfd->revents & POLLIN))
944 /* get the issued broadcast payload from the socket */
946 len = read(pollfd->fd, buf + LWS_SEND_BUFFER_PRE_PADDING,
947 MAX_BROADCAST_PAYLOAD);
949 fprintf(stderr, "Error reading broadcast payload\n");
953 /* broadcast it to all guys with this protocol index */
955 for (n = 0; n < FD_HASHTABLE_MODULUS; n++) {
957 for (m = 0; m < context->fd_hashtable[n].length; m++) {
959 new_wsi = context->fd_hashtable[n].wsi[m];
961 /* only to clients we are serving to */
963 if (new_wsi->mode != LWS_CONNMODE_WS_SERVING)
967 * never broadcast to non-established
971 if (new_wsi->state != WSI_STATE_ESTABLISHED)
975 * only broadcast to connections using
976 * the requested protocol
979 if (new_wsi->protocol->protocol_index !=
980 wsi->protocol_index_for_broadcast_proxy)
983 /* broadcast it to this connection */
985 new_wsi->protocol->callback(context, new_wsi,
986 LWS_CALLBACK_BROADCAST,
988 buf + LWS_SEND_BUFFER_PRE_PADDING, len);
993 case LWS_CONNMODE_WS_CLIENT_WAITING_PROXY_REPLY:
995 /* handle proxy hung up on us */
997 if (pollfd->revents & (POLLERR | POLLHUP)) {
999 fprintf(stderr, "Proxy connection %p (fd=%d) dead\n",
1000 (void *)wsi, pollfd->fd);
1002 libwebsocket_close_and_free_session(context, wsi,
1003 LWS_CLOSE_STATUS_NOSTATUS);
1007 n = recv(wsi->sock, pkt, sizeof pkt, 0);
1009 libwebsocket_close_and_free_session(context, wsi,
1010 LWS_CLOSE_STATUS_NOSTATUS);
1011 fprintf(stderr, "ERROR reading from proxy socket\n");
1016 if (strcmp(pkt, "HTTP/1.0 200 ") != 0) {
1017 libwebsocket_close_and_free_session(context, wsi,
1018 LWS_CLOSE_STATUS_NOSTATUS);
1019 fprintf(stderr, "ERROR from proxy: %s\n", pkt);
1023 /* clear his proxy connection timeout */
1025 libwebsocket_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
1029 case LWS_CONNMODE_WS_CLIENT_ISSUE_HANDSHAKE:
1031 #ifdef LWS_OPENSSL_SUPPORT
1034 wsi->ssl = SSL_new(context->ssl_client_ctx);
1035 wsi->client_bio = BIO_new_socket(wsi->sock,
1037 SSL_set_bio(wsi->ssl, wsi->client_bio, wsi->client_bio);
1039 SSL_set_ex_data(wsi->ssl,
1040 openssl_websocket_private_data_index,
1043 if (SSL_connect(wsi->ssl) <= 0) {
1044 fprintf(stderr, "SSL connect error %s\n",
1045 ERR_error_string(ERR_get_error(),
1047 libwebsocket_close_and_free_session(context, wsi,
1048 LWS_CLOSE_STATUS_NOSTATUS);
1052 n = SSL_get_verify_result(wsi->ssl);
1053 if ((n != X509_V_OK) && (
1054 n != X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT ||
1055 wsi->use_ssl != 2)) {
1057 fprintf(stderr, "server's cert didn't "
1058 "look good %d\n", n);
1059 libwebsocket_close_and_free_session(context,
1060 wsi, LWS_CLOSE_STATUS_NOSTATUS);
1068 #ifdef LWS_OPENSSL_SUPPORT
1073 * create the random key
1076 n = libwebsockets_get_random(context, hash, 16);
1078 fprintf(stderr, "Unable to read from random dev %s\n",
1079 SYSTEM_RANDOM_FILEPATH);
1083 free(wsi->c_origin);
1084 if (wsi->c_protocol)
1085 free(wsi->c_protocol);
1086 libwebsocket_close_and_free_session(context, wsi,
1087 LWS_CLOSE_STATUS_NOSTATUS);
1091 lws_b64_encode_string(hash, 16, wsi->key_b64,
1092 sizeof wsi->key_b64);
1095 * 00 example client handshake
1097 * GET /socket.io/websocket HTTP/1.1
1098 * Upgrade: WebSocket
1099 * Connection: Upgrade
1100 * Host: 127.0.0.1:9999
1101 * Origin: http://127.0.0.1
1102 * Sec-WebSocket-Key1: 1 0 2#0W 9 89 7 92 ^
1103 * Sec-WebSocket-Key2: 7 7Y 4328 B2v[8(z1
1104 * Cookie: socketio=websocket
1108 * 04 example client handshake
1110 * GET /chat HTTP/1.1
1111 * Host: server.example.com
1112 * Upgrade: websocket
1113 * Connection: Upgrade
1114 * Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
1115 * Sec-WebSocket-Origin: http://example.com
1116 * Sec-WebSocket-Protocol: chat, superchat
1117 * Sec-WebSocket-Version: 4
1120 p += sprintf(p, "GET %s HTTP/1.1\x0d\x0a", wsi->c_path);
1122 if (wsi->ietf_spec_revision == 0) {
1123 unsigned char spaces_1, spaces_2;
1124 unsigned int max_1, max_2;
1125 unsigned int num_1, num_2;
1126 unsigned long product_1, product_2;
1133 libwebsockets_get_random(context, &spaces_1,
1135 libwebsockets_get_random(context, &spaces_2,
1138 spaces_1 = (spaces_1 % 12) + 1;
1139 spaces_2 = (spaces_2 % 12) + 1;
1141 max_1 = 4294967295 / spaces_1;
1142 max_2 = 4294967295 / spaces_2;
1144 libwebsockets_get_random(context, &num_1, sizeof(int));
1145 libwebsockets_get_random(context, &num_2, sizeof(int));
1147 num_1 = (num_1 % max_1);
1148 num_2 = (num_2 % max_2);
1150 challenge[0] = num_1 >> 24;
1151 challenge[1] = num_1 >> 16;
1152 challenge[2] = num_1 >> 8;
1153 challenge[3] = num_1;
1154 challenge[4] = num_2 >> 24;
1155 challenge[5] = num_2 >> 16;
1156 challenge[6] = num_2 >> 8;
1157 challenge[7] = num_2;
1159 product_1 = num_1 * spaces_1;
1160 product_2 = num_2 * spaces_2;
1162 sprintf(key_1, "%lu", product_1);
1163 sprintf(key_2, "%lu", product_2);
1165 libwebsockets_get_random(context, &seed, sizeof(int));
1166 libwebsockets_get_random(context, &count, sizeof(int));
1168 libwebsockets_00_spam(key_1, (count % 12) + 1, seed);
1170 libwebsockets_get_random(context, &seed, sizeof(int));
1171 libwebsockets_get_random(context, &count, sizeof(int));
1173 libwebsockets_00_spam(key_2, (count % 12) + 1, seed);
1175 libwebsockets_get_random(context, &seed, sizeof(int));
1177 libwebsockets_00_spaceout(key_1, spaces_1, seed);
1178 libwebsockets_00_spaceout(key_2, spaces_2, seed >> 16);
1180 p += sprintf(p, "Upgrade: websocket\x0d\x0a"
1181 "Connection: Upgrade\x0d\x0aHost: %s\x0d\x0a",
1184 p += sprintf(p, "Origin: %s\x0d\x0a",
1187 if (wsi->c_protocol)
1188 p += sprintf(p, "Sec-WebSocket-Protocol: %s"
1189 "\x0d\x0a", wsi->c_protocol);
1191 p += sprintf(p, "Sec-WebSocket-Key1: %s\x0d\x0a",
1193 p += sprintf(p, "Sec-WebSocket-Key2: %s\x0d\x0a",
1196 /* give userland a chance to append, eg, cookies */
1198 context->protocols[0].callback(context, wsi,
1199 LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER,
1200 NULL, &p, (pkt + sizeof(pkt)) - p - 12);
1202 p += sprintf(p, "\x0d\x0a");
1204 if (libwebsockets_get_random(context, p, 8) != 8)
1206 memcpy(&challenge[8], p, 8);
1209 /* precompute what we want to see from the server */
1211 MD5((unsigned char *)challenge, 16,
1212 (unsigned char *)wsi->initial_handshake_hash_base64);
1217 p += sprintf(p, "Host: %s\x0d\x0a", wsi->c_host);
1218 p += sprintf(p, "Upgrade: websocket\x0d\x0a");
1219 p += sprintf(p, "Connection: Upgrade\x0d\x0a"
1220 "Sec-WebSocket-Key: ");
1221 strcpy(p, wsi->key_b64);
1222 p += strlen(wsi->key_b64);
1223 p += sprintf(p, "\x0d\x0a");
1225 p += sprintf(p, "Sec-WebSocket-Origin: %s\x0d\x0a",
1227 if (wsi->c_protocol)
1228 p += sprintf(p, "Sec-WebSocket-Protocol: %s\x0d\x0a",
1231 /* tell the server what extensions we could support */
1233 p += sprintf(p, "Sec-WebSocket-Extensions: ");
1235 ext =context->extensions;
1236 while (ext && ext->callback) {
1239 n = context->protocols[0].callback(context, wsi,
1240 LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED,
1241 wsi->user_space, (char *)ext->name, 0);
1244 * zero return from callback means
1245 * go ahead and allow the extension,
1246 * it's what we get if the callback is
1259 p += sprintf(p, "%s", ext->name);
1265 p += sprintf(p, "\x0d\x0a");
1267 if (wsi->ietf_spec_revision)
1268 p += sprintf(p, "Sec-WebSocket-Version: %d\x0d\x0a",
1269 wsi->ietf_spec_revision);
1271 /* give userland a chance to append, eg, cookies */
1273 context->protocols[0].callback(context, wsi,
1274 LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER,
1275 NULL, &p, (pkt + sizeof(pkt)) - p - 12);
1277 p += sprintf(p, "\x0d\x0a");
1279 /* prepare the expected server accept response */
1281 strcpy((char *)buf, wsi->key_b64);
1282 strcpy((char *)&buf[strlen((char *)buf)], magic_websocket_guid);
1284 SHA1(buf, strlen((char *)buf), (unsigned char *)hash);
1286 lws_b64_encode_string(hash, 20,
1287 wsi->initial_handshake_hash_base64,
1288 sizeof wsi->initial_handshake_hash_base64);
1292 /* done with these now */
1297 free(wsi->c_origin);
1299 /* send our request to the server */
1301 #ifdef LWS_OPENSSL_SUPPORT
1303 n = SSL_write(wsi->ssl, pkt, p - pkt);
1306 n = send(wsi->sock, pkt, p - pkt, 0);
1309 fprintf(stderr, "ERROR writing to client socket\n");
1310 libwebsocket_close_and_free_session(context, wsi,
1311 LWS_CLOSE_STATUS_NOSTATUS);
1315 wsi->parser_state = WSI_TOKEN_NAME_PART;
1316 wsi->mode = LWS_CONNMODE_WS_CLIENT_WAITING_SERVER_REPLY;
1317 libwebsocket_set_timeout(wsi,
1318 PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, 5);
1322 case LWS_CONNMODE_WS_CLIENT_WAITING_SERVER_REPLY:
1324 /* handle server hung up on us */
1326 if (pollfd->revents & (POLLERR | POLLHUP)) {
1328 fprintf(stderr, "Server connection %p (fd=%d) dead\n",
1329 (void *)wsi, pollfd->fd);
1335 /* interpret the server response */
1338 * HTTP/1.1 101 Switching Protocols
1339 * Upgrade: websocket
1340 * Connection: Upgrade
1341 * Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo=
1342 * Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC==
1343 * Sec-WebSocket-Protocol: chat
1346 #ifdef LWS_OPENSSL_SUPPORT
1348 len = SSL_read(wsi->ssl, pkt, sizeof pkt);
1351 len = recv(wsi->sock, pkt, sizeof pkt, 0);
1355 "libwebsocket_client_handshake read error\n");
1360 for (n = 0; n < len; n++)
1361 libwebsocket_parse(wsi, *p++);
1363 if (wsi->parser_state != WSI_PARSING_COMPLETE) {
1364 fprintf(stderr, "libwebsocket_client_handshake "
1365 "server response failed parsing\n");
1372 * HTTP/1.1 101 WebSocket Protocol Handshake
1373 * Upgrade: WebSocket
1374 * Connection: Upgrade
1375 * Sec-WebSocket-Origin: http://127.0.0.1
1376 * Sec-WebSocket-Location: ws://127.0.0.1:9999/socket.io/websocket
1381 if (wsi->ietf_spec_revision == 0) {
1382 if (!wsi->utf8_token[WSI_TOKEN_HTTP].token_len ||
1383 !wsi->utf8_token[WSI_TOKEN_UPGRADE].token_len ||
1384 !wsi->utf8_token[WSI_TOKEN_CHALLENGE].token_len ||
1385 !wsi->utf8_token[WSI_TOKEN_CONNECTION].token_len ||
1386 (!wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len &&
1387 wsi->c_protocol != NULL)) {
1388 fprintf(stderr, "libwebsocket_client_handshake "
1389 "missing required header(s)\n");
1391 fprintf(stderr, "%s", pkt);
1395 strtolower(wsi->utf8_token[WSI_TOKEN_HTTP].token);
1396 if (strcmp(wsi->utf8_token[WSI_TOKEN_HTTP].token,
1397 "101 websocket protocol handshake")) {
1398 fprintf(stderr, "libwebsocket_client_handshake "
1399 "server sent bad HTTP response '%s'\n",
1400 wsi->utf8_token[WSI_TOKEN_HTTP].token);
1404 if (wsi->utf8_token[WSI_TOKEN_CHALLENGE].token_len <
1406 fprintf(stderr, "libwebsocket_client_handshake "
1407 "challenge reply too short %d\n",
1409 WSI_TOKEN_CHALLENGE].token_len);
1411 fprintf(stderr, "%s", pkt);
1416 goto select_protocol;
1420 * well, what the server sent looked reasonable for syntax.
1421 * Now let's confirm it sent all the necessary headers
1424 if (!wsi->utf8_token[WSI_TOKEN_HTTP].token_len ||
1425 !wsi->utf8_token[WSI_TOKEN_UPGRADE].token_len ||
1426 !wsi->utf8_token[WSI_TOKEN_CONNECTION].token_len ||
1427 !wsi->utf8_token[WSI_TOKEN_ACCEPT].token_len ||
1428 (!wsi->utf8_token[WSI_TOKEN_NONCE].token_len &&
1429 wsi->ietf_spec_revision == 4) ||
1430 (!wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len &&
1431 wsi->c_protocol != NULL)) {
1432 fprintf(stderr, "libwebsocket_client_handshake "
1433 "missing required header(s)\n");
1435 fprintf(stderr, "%s", pkt);
1440 * Everything seems to be there, now take a closer look at what
1444 strtolower(wsi->utf8_token[WSI_TOKEN_HTTP].token);
1445 if (strcmp(wsi->utf8_token[WSI_TOKEN_HTTP].token,
1446 "101 switching protocols")) {
1447 fprintf(stderr, "libwebsocket_client_handshake "
1448 "server sent bad HTTP response '%s'\n",
1449 wsi->utf8_token[WSI_TOKEN_HTTP].token);
1453 strtolower(wsi->utf8_token[WSI_TOKEN_UPGRADE].token);
1454 if (strcmp(wsi->utf8_token[WSI_TOKEN_UPGRADE].token,
1456 fprintf(stderr, "libwebsocket_client_handshake server "
1457 "sent bad Upgrade header '%s'\n",
1458 wsi->utf8_token[WSI_TOKEN_UPGRADE].token);
1462 strtolower(wsi->utf8_token[WSI_TOKEN_CONNECTION].token);
1463 if (strcmp(wsi->utf8_token[WSI_TOKEN_CONNECTION].token,
1465 fprintf(stderr, "libwebsocket_client_handshake server "
1466 "sent bad Connection hdr '%s'\n",
1467 wsi->utf8_token[WSI_TOKEN_CONNECTION].token);
1472 pc = wsi->c_protocol;
1475 * confirm the protocol the server wants to talk was in the list
1476 * of protocols we offered
1479 if (!wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len) {
1482 * no protocol name to work from,
1483 * default to first protocol
1485 wsi->protocol = &context->protocols[0];
1487 free(wsi->c_protocol);
1492 while (*pc && !okay) {
1494 wsi->utf8_token[WSI_TOKEN_PROTOCOL].token,
1495 wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len)) &&
1496 (pc[wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len] == ',' ||
1497 pc[wsi->utf8_token[WSI_TOKEN_PROTOCOL].token_len] == '\0')) {
1501 while (*pc && *pc != ',')
1503 while (*pc && *pc != ' ')
1507 /* done with him now */
1509 if (wsi->c_protocol)
1510 free(wsi->c_protocol);
1514 fprintf(stderr, "libwebsocket_client_handshake server "
1515 "sent bad protocol '%s'\n",
1516 wsi->utf8_token[WSI_TOKEN_PROTOCOL].token);
1521 * identify the selected protocol struct and set it
1524 wsi->protocol = NULL;
1525 while (context->protocols[n].callback) {
1526 if (strcmp(wsi->utf8_token[WSI_TOKEN_PROTOCOL].token,
1527 context->protocols[n].name) == 0)
1528 wsi->protocol = &context->protocols[n];
1532 if (wsi->protocol == NULL) {
1533 fprintf(stderr, "libwebsocket_client_handshake server "
1534 "requested protocol '%s', which we "
1535 "said we supported but we don't!\n",
1536 wsi->utf8_token[WSI_TOKEN_PROTOCOL].token);
1541 /* instantiate the accepted extensions */
1543 if (!wsi->utf8_token[WSI_TOKEN_EXTENSIONS].token_len)
1547 * break down the list of server accepted extensions
1548 * and go through matching them or identifying bogons
1551 c = wsi->utf8_token[WSI_TOKEN_EXTENSIONS].token;
1555 if (*c && *c != ',') {
1557 if (n < sizeof(ext_name) - 1)
1565 /* check we actually support it */
1568 ext = wsi->protocol->owning_server->extensions;
1569 while (ext && ext->callback) {
1571 if (strcmp(ext_name, ext->name)) {
1578 /* instantiate the extension on this conn */
1580 wsi->active_extensions_user[
1581 wsi->count_active_extensions] =
1582 malloc(ext->per_session_data_size);
1583 wsi->active_extensions[
1584 wsi->count_active_extensions] = ext;
1586 /* allow him to construct his context */
1588 ext->callback(wsi->protocol->owning_server,
1589 wsi, LWS_EXT_CALLBACK_CLIENT_CONSTRUCT,
1590 wsi->active_extensions_user[
1591 wsi->count_active_extensions], NULL, 0);
1593 wsi->count_active_extensions++;
1599 fprintf(stderr, "Server said we should use"
1600 "an unknown extension '%s'!\n", ext_name);
1610 if (wsi->ietf_spec_revision == 0) {
1612 if (memcmp(wsi->initial_handshake_hash_base64,
1613 wsi->utf8_token[WSI_TOKEN_CHALLENGE].token, 16)) {
1614 fprintf(stderr, "libwebsocket_client_handshake "
1615 "failed 00 challenge compare\n");
1617 fprintf(stderr, "%s", pkt);
1625 * Confirm his accept token is the one we precomputed
1628 if (strcmp(wsi->utf8_token[WSI_TOKEN_ACCEPT].token,
1629 wsi->initial_handshake_hash_base64)) {
1630 fprintf(stderr, "libwebsocket_client_handshake server "
1631 "sent bad ACCEPT '%s' vs computed '%s'\n",
1632 wsi->utf8_token[WSI_TOKEN_ACCEPT].token,
1633 wsi->initial_handshake_hash_base64);
1637 if (wsi->ietf_spec_revision == 4) {
1639 * Calculate the 04 masking key to use when
1640 * sending data to server
1643 strcpy((char *)buf, wsi->key_b64);
1644 p = (char *)buf + strlen(wsi->key_b64);
1645 strcpy(p, wsi->utf8_token[WSI_TOKEN_NONCE].token);
1646 p += wsi->utf8_token[WSI_TOKEN_NONCE].token_len;
1647 strcpy(p, magic_websocket_04_masking_guid);
1648 SHA1(buf, strlen((char *)buf), wsi->masking_key_04);
1652 /* allocate the per-connection user memory (if any) */
1654 if (wsi->protocol->per_session_data_size) {
1655 wsi->user_space = malloc(
1656 wsi->protocol->per_session_data_size);
1657 if (wsi->user_space == NULL) {
1658 fprintf(stderr, "Out of memory for "
1659 "conn user space\n");
1663 wsi->user_space = NULL;
1665 /* clear his proxy connection timeout */
1667 libwebsocket_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
1669 /* mark him as being alive */
1671 wsi->state = WSI_STATE_ESTABLISHED;
1672 wsi->mode = LWS_CONNMODE_WS_CLIENT;
1674 fprintf(stderr, "handshake OK for protocol %s\n",
1675 wsi->protocol->name);
1677 /* call him back to inform him he is up */
1679 wsi->protocol->callback(context, wsi,
1680 LWS_CALLBACK_CLIENT_ESTABLISHED,
1687 if (wsi->c_protocol)
1688 free(wsi->c_protocol);
1691 libwebsocket_close_and_free_session(context, wsi,
1692 LWS_CLOSE_STATUS_NOSTATUS);
1696 case LWS_CONNMODE_WS_SERVING:
1697 case LWS_CONNMODE_WS_CLIENT:
1699 /* handle session socket closed */
1701 if (pollfd->revents & (POLLERR | POLLHUP)) {
1703 fprintf(stderr, "Session Socket %p (fd=%d) dead\n",
1704 (void *)wsi, pollfd->fd);
1706 libwebsocket_close_and_free_session(context, wsi,
1707 LWS_CLOSE_STATUS_NOSTATUS);
1711 /* the guy requested a callback when it was OK to write */
1713 if ((pollfd->revents & POLLOUT) &&
1714 wsi->state == WSI_STATE_ESTABLISHED)
1715 if (lws_handle_POLLOUT_event(context, wsi,
1717 libwebsocket_close_and_free_session(
1718 context, wsi, LWS_CLOSE_STATUS_NORMAL);
1723 /* any incoming data ready? */
1725 if (!(pollfd->revents & POLLIN))
1728 #ifdef LWS_OPENSSL_SUPPORT
1730 eff_buf.token_len = SSL_read(wsi->ssl, buf, sizeof buf);
1734 recv(pollfd->fd, buf, sizeof buf, 0);
1736 if (eff_buf.token_len < 0) {
1737 fprintf(stderr, "Socket read returned %d\n",
1741 if (!eff_buf.token_len) {
1742 libwebsocket_close_and_free_session(context, wsi,
1743 LWS_CLOSE_STATUS_NOSTATUS);
1748 * give any active extensions a chance to munge the buffer
1749 * before parse. We pass in a pointer to an lws_tokens struct
1750 * prepared with the default buffer and content length that's in
1751 * there. Rather than rewrite the default buffer, extensions
1752 * that expect to grow the buffer can adapt .token to
1753 * point to their own per-connection buffer in the extension
1754 * user allocation. By default with no extensions or no
1755 * extension callback handling, just the normal input buffer is
1756 * used then so it is efficient.
1759 eff_buf.token = (char *)buf;
1766 for (n = 0; n < wsi->count_active_extensions; n++) {
1767 m = wsi->active_extensions[n]->callback(context, wsi,
1768 LWS_EXT_CALLBACK_PACKET_RX_PREPARSE,
1769 wsi->active_extensions_user[n], &eff_buf, 0);
1771 fprintf(stderr, "Extension reports fatal error\n");
1772 libwebsocket_close_and_free_session(context, wsi,
1773 LWS_CLOSE_STATUS_NOSTATUS);
1780 /* service incoming data */
1782 if (eff_buf.token_len) {
1783 n = libwebsocket_read(context, wsi,
1784 (unsigned char *)eff_buf.token, eff_buf.token_len);
1790 eff_buf.token = NULL;
1791 eff_buf.token_len = 0;
1801 * libwebsocket_context_destroy() - Destroy the websocket context
1802 * @context: Websocket context
1804 * This function closes any active connections and then frees the
1805 * context. After calling this, any further use of the context is
1809 libwebsocket_context_destroy(struct libwebsocket_context *context)
1813 struct libwebsocket *wsi;
1815 for (n = 0; n < FD_HASHTABLE_MODULUS; n++)
1816 for (m = 0; m < context->fd_hashtable[n].length; m++) {
1817 wsi = context->fd_hashtable[n].wsi[m];
1818 libwebsocket_close_and_free_session(context, wsi,
1819 LWS_CLOSE_STATUS_GOINGAWAY);
1824 close(context->fd_random);
1827 #ifdef LWS_OPENSSL_SUPPORT
1828 if (context->ssl_ctx)
1829 SSL_CTX_free(context->ssl_ctx);
1830 if (context->ssl_client_ctx)
1831 SSL_CTX_free(context->ssl_client_ctx);
1842 * libwebsocket_service() - Service any pending websocket activity
1843 * @context: Websocket context
1844 * @timeout_ms: Timeout for poll; 0 means return immediately if nothing needed
1845 * service otherwise block and service immediately, returning
1846 * after the timeout if nothing needed service.
1848 * This function deals with any pending websocket traffic, for three
1849 * kinds of event. It handles these events on both server and client
1850 * types of connection the same.
1852 * 1) Accept new connections to our context's server
1854 * 2) Perform pending broadcast writes initiated from other forked
1855 * processes (effectively serializing asynchronous broadcasts)
1857 * 3) Call the receive callback for incoming frame data received by
1858 * server or client connections.
1860 * You need to call this service function periodically to all the above
1861 * functions to happen; if your application is single-threaded you can
1862 * just call it in your main event loop.
1864 * Alternatively you can fork a new process that asynchronously handles
1865 * calling this service in a loop. In that case you are happy if this
1866 * call blocks your thread until it needs to take care of something and
1867 * would call it with a large nonzero timeout. Your loop then takes no
1868 * CPU while there is nothing happening.
1870 * If you are calling it in a single-threaded app, you don't want it to
1871 * wait around blocking other things in your loop from happening, so you
1872 * would call it with a timeout_ms of 0, so it returns immediately if
1873 * nothing is pending, or as soon as it services whatever was pending.
1878 libwebsocket_service(struct libwebsocket_context *context, int timeout_ms)
1882 /* stay dead once we are dead */
1884 if (context == NULL)
1887 /* wait for something to need service */
1889 n = poll(context->fds, context->fds_count, timeout_ms);
1890 if (n == 0) /* poll timeout */
1895 fprintf(stderr, "Listen Socket dead\n");
1900 /* handle accept on listening socket? */
1902 for (n = 0; n < context->fds_count; n++)
1903 if (context->fds[n].revents)
1904 libwebsocket_service_fd(context, &context->fds[n]);
1910 * libwebsocket_callback_on_writable() - Request a callback when this socket
1911 * becomes able to be written to without
1914 * @context: libwebsockets context
1915 * @wsi: Websocket connection instance to get callback for
1919 libwebsocket_callback_on_writable(struct libwebsocket_context *context,
1920 struct libwebsocket *wsi)
1924 for (n = 0; n < context->fds_count; n++)
1925 if (context->fds[n].fd == wsi->sock) {
1926 context->fds[n].events |= POLLOUT;
1927 n = context->fds_count;
1930 /* external POLL support via protocol 0 */
1931 context->protocols[0].callback(context, wsi,
1932 LWS_CALLBACK_SET_MODE_POLL_FD,
1933 (void *)(long)wsi->sock, NULL, POLLOUT);
1939 * libwebsocket_callback_on_writable_all_protocol() - Request a callback for
1940 * all connections using the given protocol when it
1941 * becomes possible to write to each socket without
1944 * @protocol: Protocol whose connections will get callbacks
1948 libwebsocket_callback_on_writable_all_protocol(
1949 const struct libwebsocket_protocols *protocol)
1951 struct libwebsocket_context *context = protocol->owning_server;
1954 struct libwebsocket *wsi;
1956 for (n = 0; n < FD_HASHTABLE_MODULUS; n++) {
1958 for (m = 0; m < context->fd_hashtable[n].length; m++) {
1960 wsi = context->fd_hashtable[n].wsi[m];
1962 if (wsi->protocol == protocol)
1963 libwebsocket_callback_on_writable(context, wsi);
1971 * libwebsocket_set_timeout() - marks the wsi as subject to a timeout
1973 * You will not need this unless you are doing something special
1975 * @wsi: Websocket connection instance
1976 * @reason: timeout reason
1977 * @secs: how many seconds
1981 libwebsocket_set_timeout(struct libwebsocket *wsi,
1982 enum pending_timeout reason, int secs)
1986 gettimeofday(&tv, NULL);
1988 wsi->pending_timeout_limit = tv.tv_sec + secs;
1989 wsi->pending_timeout = reason;
1994 * libwebsocket_get_socket_fd() - returns the socket file descriptor
1996 * You will not need this unless you are doing something special
1998 * @wsi: Websocket connection instance
2002 libwebsocket_get_socket_fd(struct libwebsocket *wsi)
2008 * libwebsocket_rx_flow_control() - Enable and disable socket servicing for
2009 * receieved packets.
2011 * If the output side of a server process becomes choked, this allows flow
2012 * control for the input side.
2014 * @wsi: Websocket connection instance to get callback for
2015 * @enable: 0 = disable read servicing for this connection, 1 = enable
2019 libwebsocket_rx_flow_control(struct libwebsocket *wsi, int enable)
2021 struct libwebsocket_context *context = wsi->protocol->owning_server;
2024 for (n = 0; n < context->fds_count; n++)
2025 if (context->fds[n].fd == wsi->sock) {
2027 context->fds[n].events |= POLLIN;
2029 context->fds[n].events &= ~POLLIN;
2035 /* external POLL support via protocol 0 */
2036 context->protocols[0].callback(context, wsi,
2037 LWS_CALLBACK_SET_MODE_POLL_FD,
2038 (void *)(long)wsi->sock, NULL, POLLIN);
2040 /* external POLL support via protocol 0 */
2041 context->protocols[0].callback(context, wsi,
2042 LWS_CALLBACK_CLEAR_MODE_POLL_FD,
2043 (void *)(long)wsi->sock, NULL, POLLIN);
2046 fprintf(stderr, "libwebsocket_callback_on_writable "
2047 "unable to find socket\n");
2052 * libwebsocket_canonical_hostname() - returns this host's hostname
2054 * This is typically used by client code to fill in the host parameter
2055 * when making a client connection. You can only call it after the context
2058 * @context: Websocket context
2063 libwebsocket_canonical_hostname(struct libwebsocket_context *context)
2065 return (const char *)context->canonical_hostname;
2069 static void sigpipe_handler(int x)
2073 #ifdef LWS_OPENSSL_SUPPORT
2075 OpenSSL_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
2080 struct libwebsocket_context *context;
2082 ssl = X509_STORE_CTX_get_ex_data(x509_ctx,
2083 SSL_get_ex_data_X509_STORE_CTX_idx());
2086 * !!! nasty openssl requires the index to come as a library-scope
2089 context = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);
2091 n = context->protocols[0].callback(NULL, NULL,
2092 LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION,
2093 x509_ctx, ssl, preverify_ok);
2095 /* convert return code from 0 = OK to 1 = OK */
2108 * libwebsocket_create_context() - Create the websocket handler
2109 * @port: Port to listen on... you can use 0 to suppress listening on
2110 * any port, that's what you want if you are not running a
2111 * websocket server at all but just using it as a client
2112 * @interf: NULL to bind the listen socket to all interfaces, or the
2113 * interface name, eg, "eth2"
2114 * @protocols: Array of structures listing supported protocols and a protocol-
2115 * specific callback for each one. The list is ended with an
2116 * entry that has a NULL callback pointer.
2117 * It's not const because we write the owning_server member
2118 * @extensions: NULL or array of libwebsocket_extension structs listing the
2119 * extensions this context supports
2120 * @ssl_cert_filepath: If libwebsockets was compiled to use ssl, and you want
2121 * to listen using SSL, set to the filepath to fetch the
2122 * server cert from, otherwise NULL for unencrypted
2123 * @ssl_private_key_filepath: filepath to private key if wanting SSL mode,
2125 * @gid: group id to change to after setting listen socket, or -1.
2126 * @uid: user id to change to after setting listen socket, or -1.
2127 * @options: 0, or LWS_SERVER_OPTION_DEFEAT_CLIENT_MASK
2129 * This function creates the listening socket and takes care
2130 * of all initialization in one step.
2132 * After initialization, it returns a struct libwebsocket_context * that
2133 * represents this server. After calling, user code needs to take care
2134 * of calling libwebsocket_service() with the context pointer to get the
2135 * server's sockets serviced. This can be done in the same process context
2136 * or a forked process, or another thread,
2138 * The protocol callback functions are called for a handful of events
2139 * including http requests coming in, websocket connections becoming
2140 * established, and data arriving; it's also called periodically to allow
2141 * async transmission.
2143 * HTTP requests are sent always to the FIRST protocol in @protocol, since
2144 * at that time websocket protocol has not been negotiated. Other
2145 * protocols after the first one never see any HTTP callack activity.
2147 * The server created is a simple http server by default; part of the
2148 * websocket standard is upgrading this http connection to a websocket one.
2150 * This allows the same server to provide files like scripts and favicon /
2151 * images or whatever over http and dynamic data over websockets all in
2152 * one place; they're all handled in the user callback.
2155 struct libwebsocket_context *
2156 libwebsocket_create_context(int port, const char *interf,
2157 struct libwebsocket_protocols *protocols,
2158 struct libwebsocket_extension *extensions,
2159 const char *ssl_cert_filepath,
2160 const char *ssl_private_key_filepath,
2161 int gid, int uid, unsigned int options)
2166 struct sockaddr_in serv_addr, cli_addr;
2168 struct libwebsocket_context *context = NULL;
2171 char hostname[1024];
2173 struct libwebsocket *wsi;
2175 #ifdef LWS_OPENSSL_SUPPORT
2177 char ssl_err_buf[512];
2182 WORD wVersionRequested;
2186 /* Use the MAKEWORD(lowbyte, highbyte) macro from Windef.h */
2187 wVersionRequested = MAKEWORD(2, 2);
2189 err = WSAStartup(wVersionRequested, &wsaData);
2191 /* Tell the user that we could not find a usable */
2193 fprintf(stderr, "WSAStartup failed with error: %d\n",
2201 context = malloc(sizeof(struct libwebsocket_context));
2203 fprintf(stderr, "No memory for websocket context\n");
2206 context->protocols = protocols;
2207 context->listen_port = port;
2208 context->http_proxy_port = 0;
2209 context->http_proxy_address[0] = '\0';
2210 context->options = options;
2211 context->fds_count = 0;
2212 context->extensions = extensions;
2215 context->fd_random = 0;
2217 context->fd_random = open(SYSTEM_RANDOM_FILEPATH, O_RDONLY);
2218 if (context->fd_random < 0) {
2219 fprintf(stderr, "Unable to open random device %s %d\n",
2220 SYSTEM_RANDOM_FILEPATH, context->fd_random);
2225 #ifdef LWS_OPENSSL_SUPPORT
2226 context->use_ssl = 0;
2227 context->ssl_ctx = NULL;
2228 context->ssl_client_ctx = NULL;
2229 openssl_websocket_private_data_index = 0;
2231 /* find canonical hostname */
2233 hostname[(sizeof hostname) - 1] = '\0';
2234 gethostname(hostname, (sizeof hostname) - 1);
2235 he = gethostbyname(hostname);
2237 strncpy(context->canonical_hostname, he->h_name,
2238 sizeof context->canonical_hostname - 1);
2239 context->canonical_hostname[
2240 sizeof context->canonical_hostname - 1] = '\0';
2242 strncpy(context->canonical_hostname, hostname,
2243 sizeof context->canonical_hostname - 1);
2245 /* split the proxy ads:port if given */
2247 p = getenv("http_proxy");
2249 strncpy(context->http_proxy_address, p,
2250 sizeof context->http_proxy_address - 1);
2251 context->http_proxy_address[
2252 sizeof context->http_proxy_address - 1] = '\0';
2254 p = strchr(context->http_proxy_address, ':');
2256 fprintf(stderr, "http_proxy needs to be ads:port\n");
2260 context->http_proxy_port = atoi(p + 1);
2262 fprintf(stderr, "Using proxy %s:%u\n",
2263 context->http_proxy_address,
2264 context->http_proxy_port);
2269 #ifdef LWS_OPENSSL_SUPPORT
2270 context->use_ssl = ssl_cert_filepath != NULL &&
2271 ssl_private_key_filepath != NULL;
2272 if (context->use_ssl)
2273 fprintf(stderr, " Compiled with SSL support, "
2276 fprintf(stderr, " Compiled with SSL support, "
2280 if (ssl_cert_filepath != NULL &&
2281 ssl_private_key_filepath != NULL) {
2282 fprintf(stderr, " Not compiled for OpenSSl support!\n");
2285 fprintf(stderr, " Compiled without SSL support, "
2286 "serving unencrypted\n");
2290 /* ignore SIGPIPE */
2293 signal(SIGPIPE, sigpipe_handler);
2297 #ifdef LWS_OPENSSL_SUPPORT
2299 /* basic openssl init */
2303 OpenSSL_add_all_algorithms();
2304 SSL_load_error_strings();
2306 openssl_websocket_private_data_index =
2307 SSL_get_ex_new_index(0, "libwebsockets", NULL, NULL, NULL);
2310 * Firefox insists on SSLv23 not SSLv3
2311 * Konq disables SSLv2 by default now, SSLv23 works
2314 method = (SSL_METHOD *)SSLv23_server_method();
2316 fprintf(stderr, "problem creating ssl method: %s\n",
2317 ERR_error_string(ERR_get_error(), ssl_err_buf));
2320 context->ssl_ctx = SSL_CTX_new(method); /* create context */
2321 if (!context->ssl_ctx) {
2322 fprintf(stderr, "problem creating ssl context: %s\n",
2323 ERR_error_string(ERR_get_error(), ssl_err_buf));
2327 /* client context */
2328 if (port == CONTEXT_PORT_NO_LISTEN)
2330 method = (SSL_METHOD *)SSLv23_client_method();
2332 fprintf(stderr, "problem creating ssl method: %s\n",
2333 ERR_error_string(ERR_get_error(), ssl_err_buf));
2336 /* create context */
2337 context->ssl_client_ctx = SSL_CTX_new(method);
2338 if (!context->ssl_client_ctx) {
2339 fprintf(stderr, "problem creating ssl context: %s\n",
2340 ERR_error_string(ERR_get_error(), ssl_err_buf));
2344 /* openssl init for cert verification (for client sockets) */
2346 if (!SSL_CTX_load_verify_locations(
2347 context->ssl_client_ctx, NULL,
2348 LWS_OPENSSL_CLIENT_CERTS))
2350 "Unable to load SSL Client certs from %s "
2351 "(set by --with-client-cert-dir= in configure) -- "
2352 " client ssl isn't going to work",
2353 LWS_OPENSSL_CLIENT_CERTS);
2356 * callback allowing user code to load extra verification certs
2357 * helping the client to verify server identity
2360 context->protocols[0].callback(context, NULL,
2361 LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS,
2362 context->ssl_client_ctx, NULL, 0);
2364 /* as a server, are we requiring clients to identify themselves? */
2366 if (options & LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT) {
2368 /* absolutely require the client cert */
2370 SSL_CTX_set_verify(context->ssl_ctx,
2371 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
2372 OpenSSL_verify_callback);
2375 * give user code a chance to load certs into the server
2376 * allowing it to verify incoming client certs
2379 context->protocols[0].callback(context, NULL,
2380 LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS,
2381 context->ssl_ctx, NULL, 0);
2384 if (context->use_ssl) {
2386 /* openssl init for server sockets */
2388 /* set the local certificate from CertFile */
2389 n = SSL_CTX_use_certificate_file(context->ssl_ctx,
2390 ssl_cert_filepath, SSL_FILETYPE_PEM);
2392 fprintf(stderr, "problem getting cert '%s': %s\n",
2394 ERR_error_string(ERR_get_error(), ssl_err_buf));
2397 /* set the private key from KeyFile */
2398 if (SSL_CTX_use_PrivateKey_file(context->ssl_ctx,
2399 ssl_private_key_filepath, SSL_FILETYPE_PEM) != 1) {
2400 fprintf(stderr, "ssl problem getting key '%s': %s\n",
2401 ssl_private_key_filepath,
2402 ERR_error_string(ERR_get_error(), ssl_err_buf));
2405 /* verify private key */
2406 if (!SSL_CTX_check_private_key(context->ssl_ctx)) {
2407 fprintf(stderr, "Private SSL key doesn't match cert\n");
2411 /* SSL is happy and has a cert it's content with */
2417 if (lws_b64_selftest())
2420 /* fd hashtable init */
2422 for (n = 0; n < FD_HASHTABLE_MODULUS; n++)
2423 context->fd_hashtable[n].length = 0;
2425 /* set up our external listening socket we serve on */
2429 sockfd = socket(AF_INET, SOCK_STREAM, 0);
2431 fprintf(stderr, "ERROR opening socket");
2435 /* allow us to restart even if old sockets in TIME_WAIT */
2436 setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
2441 setsockopt(sockfd, SOL_TCP, TCP_NODELAY, &opt, sizeof(opt));
2443 bzero((char *) &serv_addr, sizeof(serv_addr));
2444 serv_addr.sin_family = AF_INET;
2446 serv_addr.sin_addr.s_addr = INADDR_ANY;
2448 interface_to_sa(interf, &serv_addr,
2450 serv_addr.sin_port = htons(port);
2452 n = bind(sockfd, (struct sockaddr *) &serv_addr,
2455 fprintf(stderr, "ERROR on binding to port %d (%d %d)\n",
2460 wsi = malloc(sizeof(struct libwebsocket));
2461 memset(wsi, 0, sizeof (struct libwebsocket));
2463 wsi->count_active_extensions = 0;
2464 wsi->mode = LWS_CONNMODE_SERVER_LISTENER;
2465 insert_wsi(context, wsi);
2468 fprintf(stderr, " Listening on port %d\n", port);
2470 /* list in the internal poll array */
2472 context->fds[context->fds_count].fd = sockfd;
2473 context->fds[context->fds_count++].events = POLLIN;
2475 /* external POLL support via protocol 0 */
2476 context->protocols[0].callback(context, wsi,
2477 LWS_CALLBACK_ADD_POLL_FD,
2478 (void *)(long)sockfd, NULL, POLLIN);
2482 /* drop any root privs for this process */
2487 fprintf(stderr, "setgid: %s\n", strerror(errno));
2490 fprintf(stderr, "setuid: %s\n", strerror(errno));
2493 /* set up our internal broadcast trigger sockets per-protocol */
2495 for (context->count_protocols = 0;
2496 protocols[context->count_protocols].callback;
2497 context->count_protocols++) {
2498 protocols[context->count_protocols].owning_server = context;
2499 protocols[context->count_protocols].protocol_index =
2500 context->count_protocols;
2502 fd = socket(AF_INET, SOCK_STREAM, 0);
2504 fprintf(stderr, "ERROR opening socket");
2508 /* allow us to restart even if old sockets in TIME_WAIT */
2509 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
2511 bzero((char *) &serv_addr, sizeof(serv_addr));
2512 serv_addr.sin_family = AF_INET;
2513 serv_addr.sin_addr.s_addr = inet_addr("127.0.0.1");
2514 serv_addr.sin_port = 0; /* pick the port for us */
2516 n = bind(fd, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
2518 fprintf(stderr, "ERROR on binding to port %d (%d %d)\n",
2523 slen = sizeof cli_addr;
2524 n = getsockname(fd, (struct sockaddr *)&cli_addr, &slen);
2526 fprintf(stderr, "getsockname failed\n");
2529 protocols[context->count_protocols].broadcast_socket_port =
2530 ntohs(cli_addr.sin_port);
2533 debug(" Protocol %s broadcast socket %d\n",
2534 protocols[context->count_protocols].name,
2535 ntohs(cli_addr.sin_port));
2537 /* dummy wsi per broadcast proxy socket */
2539 wsi = malloc(sizeof(struct libwebsocket));
2540 memset(wsi, 0, sizeof (struct libwebsocket));
2542 wsi->mode = LWS_CONNMODE_BROADCAST_PROXY_LISTENER;
2543 wsi->count_active_extensions = 0;
2544 /* note which protocol we are proxying */
2545 wsi->protocol_index_for_broadcast_proxy =
2546 context->count_protocols;
2547 insert_wsi(context, wsi);
2549 /* list in internal poll array */
2551 context->fds[context->fds_count].fd = fd;
2552 context->fds[context->fds_count].events = POLLIN;
2553 context->fds[context->fds_count].revents = 0;
2554 context->fds_count++;
2556 /* external POLL support via protocol 0 */
2557 context->protocols[0].callback(context, wsi,
2558 LWS_CALLBACK_ADD_POLL_FD,
2559 (void *)(long)fd, NULL, POLLIN);
2569 * libwebsockets_fork_service_loop() - Optional helper function forks off
2570 * a process for the websocket server loop.
2571 * You don't have to use this but if not, you
2572 * have to make sure you are calling
2573 * libwebsocket_service periodically to service
2574 * the websocket traffic
2575 * @context: server context returned by creation function
2579 libwebsockets_fork_service_loop(struct libwebsocket_context *context)
2582 struct sockaddr_in cli_addr;
2592 /* main process context */
2595 * set up the proxy sockets to allow broadcast from
2596 * service process context
2599 for (p = 0; p < context->count_protocols; p++) {
2600 fd = socket(AF_INET, SOCK_STREAM, 0);
2602 fprintf(stderr, "Unable to create socket\n");
2605 cli_addr.sin_family = AF_INET;
2606 cli_addr.sin_port = htons(
2607 context->protocols[p].broadcast_socket_port);
2608 cli_addr.sin_addr.s_addr = inet_addr("127.0.0.1");
2609 n = connect(fd, (struct sockaddr *)&cli_addr,
2612 fprintf(stderr, "Unable to connect to "
2613 "broadcast socket %d, %s\n",
2614 n, strerror(errno));
2618 context->protocols[p].broadcast_socket_user_fd = fd;
2624 /* we want a SIGHUP when our parent goes down */
2625 prctl(PR_SET_PDEATHSIG, SIGHUP);
2627 /* in this forked process, sit and service websocket connections */
2630 if (libwebsocket_service(context, 1000))
2639 * libwebsockets_get_protocol() - Returns a protocol pointer from a websocket
2641 * @wsi: pointer to struct websocket you want to know the protocol of
2644 * This is useful to get the protocol to broadcast back to from inside
2648 const struct libwebsocket_protocols *
2649 libwebsockets_get_protocol(struct libwebsocket *wsi)
2651 return wsi->protocol;
2655 * libwebsockets_broadcast() - Sends a buffer to the callback for all active
2656 * connections of the given protocol.
2657 * @protocol: pointer to the protocol you will broadcast to all members of
2658 * @buf: buffer containing the data to be broadcase. NOTE: this has to be
2659 * allocated with LWS_SEND_BUFFER_PRE_PADDING valid bytes before
2660 * the pointer and LWS_SEND_BUFFER_POST_PADDING afterwards in the
2661 * case you are calling this function from callback context.
2662 * @len: length of payload data in buf, starting from buf.
2664 * This function allows bulk sending of a packet to every connection using
2665 * the given protocol. It does not send the data directly; instead it calls
2666 * the callback with a reason type of LWS_CALLBACK_BROADCAST. If the callback
2667 * wants to actually send the data for that connection, the callback itself
2668 * should call libwebsocket_write().
2670 * libwebsockets_broadcast() can be called from another fork context without
2671 * having to take any care about data visibility between the processes, it'll
2677 libwebsockets_broadcast(const struct libwebsocket_protocols *protocol,
2678 unsigned char *buf, size_t len)
2680 struct libwebsocket_context *context = protocol->owning_server;
2683 struct libwebsocket * wsi;
2685 if (!protocol->broadcast_socket_user_fd) {
2687 * We are either running unforked / flat, or we are being
2688 * called from poll thread context
2689 * eg, from a callback. In that case don't use sockets for
2690 * broadcast IPC (since we can't open a socket connection to
2691 * a socket listening on our own thread) but directly do the
2694 * Locking is not needed because we are by definition being
2695 * called in the poll thread context and are serialized.
2698 for (n = 0; n < FD_HASHTABLE_MODULUS; n++) {
2700 for (m = 0; m < context->fd_hashtable[n].length; m++) {
2702 wsi = context->fd_hashtable[n].wsi[m];
2704 if (wsi->mode != LWS_CONNMODE_WS_SERVING)
2708 * never broadcast to
2709 * non-established connections
2711 if (wsi->state != WSI_STATE_ESTABLISHED)
2714 /* only broadcast to guys using
2715 * requested protocol
2717 if (wsi->protocol != protocol)
2720 wsi->protocol->callback(context, wsi,
2721 LWS_CALLBACK_BROADCAST,
2731 * We're being called from a different process context than the server
2732 * loop. Instead of broadcasting directly, we send our
2733 * payload on a socket to do the IPC; the server process will serialize
2734 * the broadcast action in its main poll() loop.
2736 * There's one broadcast socket listening for each protocol supported
2737 * set up when the websocket server initializes
2740 n = send(protocol->broadcast_socket_user_fd, buf, len, MSG_NOSIGNAL);
2746 libwebsocket_is_final_fragment(struct libwebsocket *wsi)