2 * libwebsockets - small server side websockets and web server implementation
4 * Copyright (C) 2010-2013 Andy Green <andy@warmcat.com>
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation:
9 * version 2.1 of the License.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
22 #include "private-libwebsockets.h"
24 unsigned char lextable[] = {
28 #define FAIL_CHAR 0x08
30 int lextable_decode(int pos, char c)
35 if (lextable[pos] & (1 << 7)) { /* 1-byte, fail on mismatch */
36 if ((lextable[pos] & 0x7f) != c)
40 if (lextable[pos] == FAIL_CHAR)
45 if (lextable[pos] == FAIL_CHAR)
48 /* b7 = 0, end or 3-byte */
49 if (lextable[pos] < FAIL_CHAR) /* terminal marker */
52 if (lextable[pos] == c) /* goto */
53 return pos + (lextable[pos + 1]) +
54 (lextable[pos + 2] << 8);
61 int lws_allocate_header_table(struct lws *wsi)
63 /* Be sure to free any existing header data to avoid mem leak: */
64 lws_free_header_table(wsi);
65 wsi->u.hdr.ah = lws_malloc(sizeof(*wsi->u.hdr.ah));
66 if (wsi->u.hdr.ah == NULL) {
67 lwsl_err("Out of memory\n");
70 memset(wsi->u.hdr.ah->frag_index, 0, sizeof(wsi->u.hdr.ah->frag_index));
71 wsi->u.hdr.ah->nfrag = 0;
72 wsi->u.hdr.ah->pos = 0;
77 int lws_free_header_table(struct lws *wsi)
79 lws_free_set_NULL(wsi->u.hdr.ah);
84 LWS_VISIBLE int lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h)
89 n = wsi->u.hdr.ah->frag_index[h];
93 len += wsi->u.hdr.ah->frags[n].len;
94 n = wsi->u.hdr.ah->frags[n].nfrag;
100 LWS_VISIBLE int lws_hdr_copy_fragment(struct lws *wsi, char *dst, int len,
101 enum lws_token_indexes h, int frag_idx)
104 int f = wsi->u.hdr.ah->frag_index[h];
106 while (n < frag_idx) {
107 f = wsi->u.hdr.ah->frags[f].nfrag;
113 if (wsi->u.hdr.ah->frags[f].len >= (len - 1))
116 memcpy(dst, &wsi->u.hdr.ah->data[wsi->u.hdr.ah->frags[f].offset],
117 wsi->u.hdr.ah->frags[f].len);
118 dst[wsi->u.hdr.ah->frags[f].len] = '\0';
120 return wsi->u.hdr.ah->frags[f].len;
123 LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len,
124 enum lws_token_indexes h)
126 int toklen = lws_hdr_total_length(wsi, h);
132 n = wsi->u.hdr.ah->frag_index[h];
137 strcpy(dst, &wsi->u.hdr.ah->data[wsi->u.hdr.ah->frags[n].offset]);
138 dst += wsi->u.hdr.ah->frags[n].len;
139 n = wsi->u.hdr.ah->frags[n].nfrag;
145 char *lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h)
149 n = wsi->u.hdr.ah->frag_index[h];
153 return &wsi->u.hdr.ah->data[wsi->u.hdr.ah->frags[n].offset];
156 int lws_hdr_simple_create(struct lws *wsi, enum lws_token_indexes h,
159 wsi->u.hdr.ah->nfrag++;
160 if (wsi->u.hdr.ah->nfrag == ARRAY_SIZE(wsi->u.hdr.ah->frags)) {
161 lwsl_warn("More hdr frags than we can deal with, dropping\n");
165 wsi->u.hdr.ah->frag_index[h] = wsi->u.hdr.ah->nfrag;
167 wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].offset = wsi->u.hdr.ah->pos;
168 wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].len = 0;
169 wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].nfrag = 0;
172 if (wsi->u.hdr.ah->pos == sizeof(wsi->u.hdr.ah->data)) {
173 lwsl_err("Ran out of header data space\n");
176 wsi->u.hdr.ah->data[wsi->u.hdr.ah->pos++] = *s;
178 wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].len++;
184 static signed char char_to_hex(const char c)
186 if (c >= '0' && c <= '9')
189 if (c >= 'a' && c <= 'f')
192 if (c >= 'A' && c <= 'F')
198 static int issue_char(struct lws *wsi, unsigned char c)
200 unsigned short frag_len;
202 if (wsi->u.hdr.ah->pos == sizeof(wsi->u.hdr.ah->data)) {
203 lwsl_warn("excessive header content\n");
207 frag_len = wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].len;
209 * If we haven't hit the token limit, just copy the character into
212 if (frag_len < wsi->u.hdr.current_token_limit) {
213 wsi->u.hdr.ah->data[wsi->u.hdr.ah->pos++] = c;
215 wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].len++;
219 /* Insert a null character when we *hit* the limit: */
220 if (frag_len == wsi->u.hdr.current_token_limit) {
221 wsi->u.hdr.ah->data[wsi->u.hdr.ah->pos++] = '\0';
222 lwsl_warn("header %i exceeds limit\n",
223 wsi->u.hdr.parser_state);
229 int lws_parse(struct lws *wsi, unsigned char c)
231 static const unsigned char methods[] = {
234 WSI_TOKEN_OPTIONS_URI,
237 WSI_TOKEN_DELETE_URI,
239 struct allocated_headers *ah = wsi->u.hdr.ah;
240 struct lws_context *context = wsi->context;
241 unsigned int n, m, enc = 0;
243 switch (wsi->u.hdr.parser_state) {
246 lwsl_parser("WSI_TOK_(%d) '%c'\n", wsi->u.hdr.parser_state, c);
248 /* collect into malloc'd buffers */
249 /* optional initial space swallow */
250 if (!ah->frags[ah->frag_index[
251 wsi->u.hdr.parser_state]].len && c == ' ')
254 for (m = 0; m < ARRAY_SIZE(methods); m++)
255 if (wsi->u.hdr.parser_state == methods[m])
257 if (m == ARRAY_SIZE(methods))
258 /* it was not any of the methods */
261 /* special URI processing... end at space */
264 /* enforce starting with / */
265 if (!ah->frags[ah->nfrag].len)
266 if (issue_char(wsi, '/') < 0)
269 /* begin parsing HTTP version: */
270 if (issue_char(wsi, '\0') < 0)
272 wsi->u.hdr.parser_state = WSI_TOKEN_HTTP;
276 /* special URI processing... convert %xx */
278 switch (wsi->u.hdr.ues) {
281 wsi->u.hdr.ues = URIES_SEEN_PERCENT;
285 case URIES_SEEN_PERCENT:
286 if (char_to_hex(c) < 0) {
288 if (issue_char(wsi, '%') < 0)
290 wsi->u.hdr.ues = URIES_IDLE;
291 /* continue on to assess c */
294 wsi->u.hdr.esc_stash = c;
295 wsi->u.hdr.ues = URIES_SEEN_PERCENT_H1;
298 case URIES_SEEN_PERCENT_H1:
299 if (char_to_hex(c) < 0) {
301 issue_char(wsi, '%');
302 wsi->u.hdr.ues = URIES_IDLE;
303 /* regurgitate + assess */
304 if (lws_parse(wsi, wsi->u.hdr.esc_stash) < 0)
306 /* continue on to assess c */
309 c = (char_to_hex(wsi->u.hdr.esc_stash) << 4) |
312 wsi->u.hdr.ues = URIES_IDLE;
317 * special URI processing...
318 * convert /.. or /... or /../ etc to /
320 * convert // or /// etc to /
321 * leave /.dir or whatever alone
324 switch (wsi->u.hdr.ups) {
326 /* genuine delimiter */
327 if ((c == '&' || c == ';') && !enc) {
329 /* swallow the terminator */
330 ah->frags[ah->nfrag].len--;
331 /* link to next fragment */
332 ah->frags[ah->nfrag].nfrag = ah->nfrag + 1;
334 if (ah->nfrag >= ARRAY_SIZE(ah->frags))
336 /* start next fragment after the & */
337 wsi->u.hdr.post_literal_equal = 0;
338 ah->frags[ah->nfrag].offset = ah->pos;
339 ah->frags[ah->nfrag].len = 0;
340 ah->frags[ah->nfrag].nfrag = 0;
343 /* uriencoded = in the name part, disallow */
344 if (c == '=' && enc && !wsi->u.hdr.post_literal_equal)
347 /* after the real =, we don't care how many = */
348 if (c == '=' && !enc)
349 wsi->u.hdr.post_literal_equal = 1;
352 if (c == '+' && !enc)
354 /* issue the first / always */
355 if (c == '/' && !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS])
356 wsi->u.hdr.ups = URIPS_SEEN_SLASH;
358 case URIPS_SEEN_SLASH:
359 /* swallow subsequent slashes */
362 /* track and swallow the first . after / */
364 wsi->u.hdr.ups = URIPS_SEEN_SLASH_DOT;
367 wsi->u.hdr.ups = URIPS_IDLE;
369 case URIPS_SEEN_SLASH_DOT:
370 /* swallow second . */
373 * back up one dir level if possible
374 * safe against header fragmentation because
375 * the method URI can only be in 1 fragment
377 if (ah->frags[ah->nfrag].len > 2) {
379 ah->frags[ah->nfrag].len--;
382 ah->frags[ah->nfrag].len--;
383 } while (ah->frags[ah->nfrag].len > 1 &&
384 ah->data[ah->pos] != '/');
386 wsi->u.hdr.ups = URIPS_SEEN_SLASH_DOT_DOT;
389 /* change /./ to / */
391 wsi->u.hdr.ups = URIPS_SEEN_SLASH;
394 /* it was like /.dir ... regurgitate the . */
395 wsi->u.hdr.ups = URIPS_IDLE;
396 if (issue_char(wsi, '.') < 0)
400 case URIPS_SEEN_SLASH_DOT_DOT:
401 /* swallow prior .. chars and any subsequent . */
404 /* last issued was /, so another / == // */
407 /* last we issued was / so SEEN_SLASH */
408 wsi->u.hdr.ups = URIPS_SEEN_SLASH;
412 if (c == '?' && !enc &&
413 !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS]) { /* start of URI arguments */
414 /* seal off uri header */
415 ah->data[ah->pos++] = '\0';
417 /* move to using WSI_TOKEN_HTTP_URI_ARGS */
419 if (ah->nfrag >= ARRAY_SIZE(ah->frags))
421 ah->frags[ah->nfrag].offset = ah->pos;
422 ah->frags[ah->nfrag].len = 0;
423 ah->frags[ah->nfrag].nfrag = 0;
425 wsi->u.hdr.post_literal_equal = 0;
426 ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] = ah->nfrag;
427 wsi->u.hdr.ups = URIPS_IDLE;
434 if (wsi->u.hdr.parser_state != WSI_TOKEN_CHALLENGE &&
437 wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING_SAW_CR;
441 n = issue_char(wsi, c);
445 wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING;
448 /* per-protocol end of headers management */
450 if (wsi->u.hdr.parser_state == WSI_TOKEN_CHALLENGE)
451 goto set_parsing_complete;
454 /* collecting and checking a name part */
455 case WSI_TOKEN_NAME_PART:
456 lwsl_parser("WSI_TOKEN_NAME_PART '%c' (mode=%d)\n", c, wsi->mode);
458 wsi->u.hdr.lextable_pos =
459 lextable_decode(wsi->u.hdr.lextable_pos, c);
461 * Server needs to look out for unknown methods...
463 if (wsi->u.hdr.lextable_pos < 0 &&
464 wsi->mode == LWSCM_HTTP_SERVING) {
465 /* this is not a header we know about */
466 for (m = 0; m < ARRAY_SIZE(methods); m++)
467 if (ah->frag_index[methods[m]]) {
469 * already had the method, no idea what
470 * this crap from the client is, ignore
472 wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING;
476 * hm it's an unknown http method from a client in fact,
479 if (m == ARRAY_SIZE(methods)) {
480 lwsl_info("Unknown method - dropping\n");
486 * ...otherwise for a client, let him ignore unknown headers
487 * coming from the server
489 if (wsi->u.hdr.lextable_pos < 0) {
490 wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING;
494 if (lextable[wsi->u.hdr.lextable_pos] < FAIL_CHAR) {
497 n = ((unsigned int)lextable[wsi->u.hdr.lextable_pos] << 8) |
498 lextable[wsi->u.hdr.lextable_pos + 1];
500 lwsl_parser("known hdr %d\n", n);
501 for (m = 0; m < ARRAY_SIZE(methods); m++)
502 if (n == methods[m] &&
505 lwsl_warn("Duplicated method\n");
510 * WSORIGIN is protocol equiv to ORIGIN,
511 * JWebSocket likes to send it, map to ORIGIN
513 if (n == WSI_TOKEN_SWORIGIN)
514 n = WSI_TOKEN_ORIGIN;
516 wsi->u.hdr.parser_state = (enum lws_token_indexes)
517 (WSI_TOKEN_GET_URI + n);
519 if (context->token_limits)
520 wsi->u.hdr.current_token_limit =
521 context->token_limits->token_limit[
522 wsi->u.hdr.parser_state];
524 wsi->u.hdr.current_token_limit = sizeof(ah->data);
526 if (wsi->u.hdr.parser_state == WSI_TOKEN_CHALLENGE)
527 goto set_parsing_complete;
536 if (ah->nfrag == ARRAY_SIZE(ah->frags)) {
537 lwsl_warn("More hdr frags than we can deal with\n");
541 ah->frags[ah->nfrag].offset = ah->pos;
542 ah->frags[ah->nfrag].len = 0;
543 ah->frags[ ah->nfrag].nfrag = 0;
545 n = ah->frag_index[wsi->u.hdr.parser_state];
546 if (!n) { /* first fragment */
547 ah->frag_index[wsi->u.hdr.parser_state] = ah->nfrag;
551 while (ah->frags[n].nfrag)
552 n = ah->frags[n].nfrag;
553 ah->frags[n].nfrag = ah->nfrag;
555 if (ah->pos == sizeof(ah->data)) {
556 lwsl_warn("excessive header content\n");
560 ah->data[ah->pos++] = ' ';
561 ah->frags[ah->nfrag].len++;
564 /* skipping arg part of a name we didn't recognize */
565 case WSI_TOKEN_SKIPPING:
566 lwsl_parser("WSI_TOKEN_SKIPPING '%c'\n", c);
569 wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING_SAW_CR;
572 case WSI_TOKEN_SKIPPING_SAW_CR:
573 lwsl_parser("WSI_TOKEN_SKIPPING_SAW_CR '%c'\n", c);
575 wsi->u.hdr.parser_state = WSI_TOKEN_NAME_PART;
576 wsi->u.hdr.lextable_pos = 0;
578 wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING;
580 /* we're done, ignore anything else */
582 case WSI_PARSING_COMPLETE:
583 lwsl_parser("WSI_PARSING_COMPLETE '%c'\n", c);
589 set_parsing_complete:
591 if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) {
592 if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION))
593 wsi->ietf_spec_revision =
594 atoi(lws_hdr_simple_ptr(wsi, WSI_TOKEN_VERSION));
596 lwsl_parser("v%02d hdrs completed\n", wsi->ietf_spec_revision);
598 wsi->u.hdr.parser_state = WSI_PARSING_COMPLETE;
599 wsi->hdr_parsing_completed = 1;
606 * lws_frame_is_binary: true if the current frame was sent in binary mode
608 * @wsi: the connection we are inquiring about
610 * This is intended to be called from the LWS_CALLBACK_RECEIVE callback if
611 * it's interested to see if the frame it's dealing with was sent in binary
615 LWS_VISIBLE int lws_frame_is_binary(struct lws *wsi)
617 return wsi->u.ws.frame_is_binary;
621 lws_rx_sm(struct lws *wsi, unsigned char c)
623 struct lws_tokens eff_buf;
625 int callback_action = LWS_CALLBACK_RECEIVE;
627 switch (wsi->lws_rx_parse_state) {
630 switch (wsi->ietf_spec_revision) {
633 * no prepended frame key any more
635 wsi->u.ws.all_zero_nonce = 1;
639 lwsl_warn("lws_rx_sm: unknown spec version %d\n",
640 wsi->ietf_spec_revision);
644 case LWS_RXPS_04_MASK_NONCE_1:
645 wsi->u.ws.mask_nonce[1] = c;
647 wsi->u.ws.all_zero_nonce = 0;
648 wsi->lws_rx_parse_state = LWS_RXPS_04_MASK_NONCE_2;
650 case LWS_RXPS_04_MASK_NONCE_2:
651 wsi->u.ws.mask_nonce[2] = c;
653 wsi->u.ws.all_zero_nonce = 0;
654 wsi->lws_rx_parse_state = LWS_RXPS_04_MASK_NONCE_3;
656 case LWS_RXPS_04_MASK_NONCE_3:
657 wsi->u.ws.mask_nonce[3] = c;
659 wsi->u.ws.all_zero_nonce = 0;
662 * start from the zero'th byte in the XOR key buffer since
663 * this is the start of a frame with a new key
666 wsi->u.ws.frame_mask_index = 0;
668 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_1;
672 * 04 logical framing from the spec (all this is masked when incoming
673 * and has to be unmasked)
675 * We ignore the possibility of extension data because we don't
676 * negotiate any extensions at the moment.
679 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
680 * +-+-+-+-+-------+-+-------------+-------------------------------+
681 * |F|R|R|R| opcode|R| Payload len | Extended payload length |
682 * |I|S|S|S| (4) |S| (7) | (16/63) |
683 * |N|V|V|V| |V| | (if payload len==126/127) |
685 * +-+-+-+-+-------+-+-------------+ - - - - - - - - - - - - - - - +
686 * | Extended payload length continued, if payload len == 127 |
687 * + - - - - - - - - - - - - - - - +-------------------------------+
688 * | | Extension data |
689 * +-------------------------------+ - - - - - - - - - - - - - - - +
691 * +---------------------------------------------------------------+
692 * : Application data :
693 * +---------------------------------------------------------------+
695 * We pass payload through to userland as soon as we get it, ignoring
696 * FIN. It's up to userland to buffer it up if it wants to see a
697 * whole unfragmented block of the original size (which may be up to
701 case LWS_RXPS_04_FRAME_HDR_1:
704 wsi->u.ws.opcode = c & 0xf;
705 wsi->u.ws.rsv = c & 0x70;
706 wsi->u.ws.final = !!((c >> 7) & 1);
708 switch (wsi->u.ws.opcode) {
709 case LWSWSOPC_TEXT_FRAME:
710 case LWSWSOPC_BINARY_FRAME:
711 wsi->u.ws.frame_is_binary =
712 wsi->u.ws.opcode == LWSWSOPC_BINARY_FRAME;
715 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN;
718 case LWS_RXPS_04_FRAME_HDR_LEN:
720 wsi->u.ws.this_frame_masked = !!(c & 0x80);
724 /* control frames are not allowed to have big lengths */
725 if (wsi->u.ws.opcode & 8)
726 goto illegal_ctl_length;
728 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2;
731 /* control frames are not allowed to have big lengths */
732 if (wsi->u.ws.opcode & 8)
733 goto illegal_ctl_length;
735 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8;
738 wsi->u.ws.rx_packet_length = c & 0x7f;
739 if (wsi->u.ws.this_frame_masked)
740 wsi->lws_rx_parse_state =
741 LWS_RXPS_07_COLLECT_FRAME_KEY_1;
743 if (wsi->u.ws.rx_packet_length)
744 wsi->lws_rx_parse_state =
745 LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
747 wsi->lws_rx_parse_state = LWS_RXPS_NEW;
754 case LWS_RXPS_04_FRAME_HDR_LEN16_2:
755 wsi->u.ws.rx_packet_length = c << 8;
756 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1;
759 case LWS_RXPS_04_FRAME_HDR_LEN16_1:
760 wsi->u.ws.rx_packet_length |= c;
761 if (wsi->u.ws.this_frame_masked)
762 wsi->lws_rx_parse_state =
763 LWS_RXPS_07_COLLECT_FRAME_KEY_1;
765 wsi->lws_rx_parse_state =
766 LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
769 case LWS_RXPS_04_FRAME_HDR_LEN64_8:
771 lwsl_warn("b63 of length must be zero\n");
772 /* kill the connection */
776 wsi->u.ws.rx_packet_length = ((size_t)c) << 56;
778 wsi->u.ws.rx_packet_length = 0;
780 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7;
783 case LWS_RXPS_04_FRAME_HDR_LEN64_7:
785 wsi->u.ws.rx_packet_length |= ((size_t)c) << 48;
787 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6;
790 case LWS_RXPS_04_FRAME_HDR_LEN64_6:
792 wsi->u.ws.rx_packet_length |= ((size_t)c) << 40;
794 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5;
797 case LWS_RXPS_04_FRAME_HDR_LEN64_5:
799 wsi->u.ws.rx_packet_length |= ((size_t)c) << 32;
801 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4;
804 case LWS_RXPS_04_FRAME_HDR_LEN64_4:
805 wsi->u.ws.rx_packet_length |= ((size_t)c) << 24;
806 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3;
809 case LWS_RXPS_04_FRAME_HDR_LEN64_3:
810 wsi->u.ws.rx_packet_length |= ((size_t)c) << 16;
811 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2;
814 case LWS_RXPS_04_FRAME_HDR_LEN64_2:
815 wsi->u.ws.rx_packet_length |= ((size_t)c) << 8;
816 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1;
819 case LWS_RXPS_04_FRAME_HDR_LEN64_1:
820 wsi->u.ws.rx_packet_length |= ((size_t)c);
821 if (wsi->u.ws.this_frame_masked)
822 wsi->lws_rx_parse_state =
823 LWS_RXPS_07_COLLECT_FRAME_KEY_1;
825 wsi->lws_rx_parse_state =
826 LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
829 case LWS_RXPS_07_COLLECT_FRAME_KEY_1:
830 wsi->u.ws.mask_nonce[0] = c;
832 wsi->u.ws.all_zero_nonce = 0;
833 wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2;
836 case LWS_RXPS_07_COLLECT_FRAME_KEY_2:
837 wsi->u.ws.mask_nonce[1] = c;
839 wsi->u.ws.all_zero_nonce = 0;
840 wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3;
843 case LWS_RXPS_07_COLLECT_FRAME_KEY_3:
844 wsi->u.ws.mask_nonce[2] = c;
846 wsi->u.ws.all_zero_nonce = 0;
847 wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4;
850 case LWS_RXPS_07_COLLECT_FRAME_KEY_4:
851 wsi->u.ws.mask_nonce[3] = c;
853 wsi->u.ws.all_zero_nonce = 0;
854 wsi->lws_rx_parse_state =
855 LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
856 wsi->u.ws.frame_mask_index = 0;
857 if (wsi->u.ws.rx_packet_length == 0) {
858 wsi->lws_rx_parse_state = LWS_RXPS_NEW;
864 case LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED:
866 if (!wsi->u.ws.rx_user_buffer) {
867 lwsl_err("NULL user buffer...\n");
871 if (wsi->u.ws.all_zero_nonce)
872 wsi->u.ws.rx_user_buffer[LWS_SEND_BUFFER_PRE_PADDING +
873 (wsi->u.ws.rx_user_buffer_head++)] = c;
875 wsi->u.ws.rx_user_buffer[LWS_SEND_BUFFER_PRE_PADDING +
876 (wsi->u.ws.rx_user_buffer_head++)] =
877 c ^ wsi->u.ws.mask_nonce[
878 (wsi->u.ws.frame_mask_index++) & 3];
880 if (--wsi->u.ws.rx_packet_length == 0) {
881 /* spill because we have the whole frame */
882 wsi->lws_rx_parse_state = LWS_RXPS_NEW;
887 * if there's no protocol max frame size given, we are
888 * supposed to default to LWS_MAX_SOCKET_IO_BUF
891 if (!wsi->protocol->rx_buffer_size &&
892 wsi->u.ws.rx_user_buffer_head !=
893 LWS_MAX_SOCKET_IO_BUF)
896 if (wsi->protocol->rx_buffer_size &&
897 wsi->u.ws.rx_user_buffer_head !=
898 wsi->protocol->rx_buffer_size)
901 /* spill because we filled our rx buffer */
904 * is this frame a control packet we should take care of at this
905 * layer? If so service it and hide it from the user callback
908 lwsl_parser("spill on %s\n", wsi->protocol->name);
910 switch (wsi->u.ws.opcode) {
912 /* is this an acknowledgement of our close? */
913 if (wsi->state == LWSS_AWAITING_CLOSE_ACK) {
915 * fine he has told us he is closing too, let's
918 lwsl_parser("seen client close ack\n");
921 if (wsi->state == LWSS_RETURNED_CLOSE_ALREADY)
922 /* if he sends us 2 CLOSE, kill him */
925 lwsl_parser("server sees client close packet\n");
926 wsi->state = LWSS_RETURNED_CLOSE_ALREADY;
927 /* deal with the close packet contents as a PONG */
928 wsi->u.ws.payload_is_close = 1;
929 goto process_as_ping;
932 lwsl_info("received %d byte ping, sending pong\n",
933 wsi->u.ws.rx_user_buffer_head);
935 if (wsi->u.ws.ping_pending_flag) {
937 * there is already a pending ping payload
938 * we should just log and drop
940 lwsl_parser("DROP PING since one pending\n");
944 /* control packets can only be < 128 bytes long */
945 if (wsi->u.ws.rx_user_buffer_head > 128 - 4) {
946 lwsl_parser("DROP PING payload too large\n");
950 /* if existing buffer is too small, drop it */
951 if (wsi->u.ws.ping_payload_buf &&
952 wsi->u.ws.ping_payload_alloc < wsi->u.ws.rx_user_buffer_head) {
953 lws_free_set_NULL(wsi->u.ws.ping_payload_buf);
956 /* if no buffer, allocate it */
957 if (!wsi->u.ws.ping_payload_buf) {
958 wsi->u.ws.ping_payload_buf = lws_malloc(wsi->u.ws.rx_user_buffer_head
959 + LWS_SEND_BUFFER_PRE_PADDING);
960 wsi->u.ws.ping_payload_alloc = wsi->u.ws.rx_user_buffer_head;
963 /* stash the pong payload */
964 memcpy(wsi->u.ws.ping_payload_buf + LWS_SEND_BUFFER_PRE_PADDING,
965 &wsi->u.ws.rx_user_buffer[LWS_SEND_BUFFER_PRE_PADDING],
966 wsi->u.ws.rx_user_buffer_head);
968 wsi->u.ws.ping_payload_len = wsi->u.ws.rx_user_buffer_head;
969 wsi->u.ws.ping_pending_flag = 1;
971 /* get it sent as soon as possible */
972 lws_callback_on_writable(wsi);
974 wsi->u.ws.rx_user_buffer_head = 0;
978 lwsl_info("received pong\n");
979 lwsl_hexdump(&wsi->u.ws.rx_user_buffer[LWS_SEND_BUFFER_PRE_PADDING],
980 wsi->u.ws.rx_user_buffer_head);
983 callback_action = LWS_CALLBACK_RECEIVE_PONG;
986 case LWSWSOPC_TEXT_FRAME:
987 case LWSWSOPC_BINARY_FRAME:
988 case LWSWSOPC_CONTINUATION:
992 lwsl_parser("passing opc %x up to exts\n",
995 * It's something special we can't understand here.
996 * Pass the payload up to the extension's parsing
1000 eff_buf.token = &wsi->u.ws.rx_user_buffer[
1001 LWS_SEND_BUFFER_PRE_PADDING];
1002 eff_buf.token_len = wsi->u.ws.rx_user_buffer_head;
1004 if (lws_ext_cb_wsi_active_exts(wsi,
1005 LWS_EXT_CALLBACK_EXTENDED_PAYLOAD_RX,
1006 &eff_buf, 0) <= 0) /* not handle or fail */
1007 lwsl_ext("ext opc opcode 0x%x unknown\n",
1010 wsi->u.ws.rx_user_buffer_head = 0;
1015 * No it's real payload, pass it up to the user callback.
1016 * It's nicely buffered with the pre-padding taken care of
1017 * so it can be sent straight out again using lws_write
1020 eff_buf.token = &wsi->u.ws.rx_user_buffer[
1021 LWS_SEND_BUFFER_PRE_PADDING];
1022 eff_buf.token_len = wsi->u.ws.rx_user_buffer_head;
1024 if (lws_ext_cb_wsi_active_exts(wsi,
1025 LWS_EXT_CALLBACK_PAYLOAD_RX, &eff_buf, 0) < 0)
1028 if (eff_buf.token_len > 0 ||
1029 callback_action == LWS_CALLBACK_RECEIVE_PONG) {
1030 eff_buf.token[eff_buf.token_len] = '\0';
1032 if (wsi->protocol->callback) {
1034 if (callback_action == LWS_CALLBACK_RECEIVE_PONG)
1035 lwsl_info("Doing pong callback\n");
1037 ret = user_callback_handle_rxflow(
1038 wsi->protocol->callback,
1040 (enum lws_callback_reasons)callback_action,
1046 lwsl_err("No callback on payload spill!\n");
1049 wsi->u.ws.rx_user_buffer_head = 0;
1057 lwsl_warn("Control frame with xtended length is illegal\n");
1058 /* kill the connection */
1064 * lws_remaining_packet_payload() - Bytes to come before "overall"
1065 * rx packet is complete
1066 * @wsi: Websocket instance (available from user callback)
1068 * This function is intended to be called from the callback if the
1069 * user code is interested in "complete packets" from the client.
1070 * libwebsockets just passes through payload as it comes and issues a buffer
1071 * additionally when it hits a built-in limit. The LWS_CALLBACK_RECEIVE
1072 * callback handler can use this API to find out if the buffer it has just
1073 * been given is the last piece of a "complete packet" from the client --
1074 * when that is the case lws_remaining_packet_payload() will return
1077 * Many protocols won't care becuse their packets are always small.
1081 lws_remaining_packet_payload(struct lws *wsi)
1083 return wsi->u.ws.rx_packet_length;