2 * libwebsockets web server application
4 * Copyright (C) 2010-2016 Andy Green <andy@warmcat.com>
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public
8 * License as published by the Free Software Foundation:
9 * version 2.1 of the License.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
23 /* http server gets files from this path */
24 #define LOCAL_RESOURCE_PATH INSTALL_DATADIR"/libwebsockets-test-server"
25 char *resource_path = LOCAL_RESOURCE_PATH;
30 * We take a strict whitelist approach to stop ../ attacks
37 const char * get_mimetype(const char *file)
44 if (!strcmp(&file[n - 4], ".ico"))
45 return "image/x-icon";
47 if (!strcmp(&file[n - 4], ".png"))
50 if (!strcmp(&file[n - 4], ".jpg"))
53 if (!strcmp(&file[n - 5], ".html"))
56 if (!strcmp(&file[n - 4], ".css"))
62 /* this protocol server (always the first one) handles HTTP,
64 * Some misc callbacks that aren't associated with a protocol also turn up only
65 * here on the first protocol server.
68 int callback_http(struct lws *wsi, enum lws_callback_reasons reason, void *user,
71 struct per_session_data__http *pss =
72 (struct per_session_data__http *)user;
73 unsigned char buffer[4096 + LWS_PRE];
77 unsigned char *end, *start;
81 struct per_session_data__http *pss1;
88 struct lws_pollargs *pa = (struct lws_pollargs *)in;
91 // lwsl_err("%s: reason %d\n", __func__, reason);
94 case LWS_CALLBACK_HTTP:
97 char name[100], rip[50];
98 lws_get_peer_addresses(wsi, lws_get_socket_fd(wsi), name,
99 sizeof(name), rip, sizeof(rip));
100 sprintf(buf, "%s (%s)", name, rip);
101 lwsl_notice("HTTP connect from %s\n", buf);
105 lws_return_http_status(wsi,
106 HTTP_STATUS_BAD_REQUEST, NULL);
110 #ifndef LWS_NO_CLIENT
111 if (!strncmp(in, "/proxytest", 10)) {
112 struct lws_client_connect_info i;
113 char *rootpath = "/";
114 const char *p = (const char *)in;
116 if (lws_get_child(wsi))
119 pss->client_finished = 0;
120 memset(&i,0, sizeof(i));
121 i.context = lws_get_context(wsi);
122 i.address = "git.libwebsockets.org";
124 i.ssl_connection = 0;
126 i.path = (char *)in + 10;
129 i.host = "git.libwebsockets.org";
133 i.uri_replace_from = "git.libwebsockets.org/";
134 i.uri_replace_to = "/proxytest/";
135 if (!lws_client_connect_via_info(&i)) {
136 lwsl_err("proxy connect fail\n");
144 /* this example server has no concept of directories */
145 if (strchr((const char *)in + 1, '/')) {
146 lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL);
151 if (strlen(in) >= 12 &&
152 !strncmp(in + strlen(in) - 12, "/postresults", 12)) {
153 m = sprintf(buf, "<html><body>Form results: '%s'<br>"
154 "</body></html>", pss->post_string);
156 p = buffer + LWS_PRE;
158 end = p + sizeof(buffer) - LWS_PRE;
160 if (lws_add_http_header_status(wsi, 200, &p, end))
162 if (lws_add_http_header_by_token(wsi,
163 WSI_TOKEN_HTTP_CONTENT_TYPE,
164 (unsigned char *)"text/html",
167 if (lws_add_http_header_content_length(wsi, m, &p,
170 if (lws_finalize_http_header(wsi, &p, end))
173 n = lws_write(wsi, start, p - start,
174 LWS_WRITE_HTTP_HEADERS);
178 n = lws_write(wsi, (unsigned char *)buf, m, LWS_WRITE_HTTP);
185 /* if a legal POST URL, let it continue and accept data */
186 if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI))
189 strncpy(buf, resource_path, sizeof(buf) - 1);
190 buf[sizeof(buf) - 1] = '\0';
191 if (strcmp(in, "/")) {
192 if (*((const char *)in) != '/')
194 strncat(buf, in, sizeof(buf) - strlen(buf) - 1);
195 } else /* default file to serve */
196 strcat(buf, "/test.html");
197 buf[sizeof(buf) - 1] = '\0';
199 /* refuse to serve files we don't understand */
200 mimetype = get_mimetype(buf);
202 lwsl_err("Unknown mimetype for %s\n", buf);
203 lws_return_http_status(wsi,
204 HTTP_STATUS_UNSUPPORTED_MEDIA_TYPE, NULL);
208 /* demonstrates how to set a cookie on / */
210 other_headers = leaf_path;
211 p = (unsigned char *)leaf_path;
212 if (!strcmp((const char *)in, "/") &&
213 !lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COOKIE)) {
214 /* this isn't very unguessable but it'll do for us */
215 gettimeofday(&tv, NULL);
216 n = sprintf(b64, "test=LWS_%u_%u_COOKIE;Max-Age=360000",
217 (unsigned int)tv.tv_sec,
218 (unsigned int)tv.tv_usec);
220 if (lws_add_http_header_by_name(wsi,
221 (unsigned char *)"set-cookie:",
222 (unsigned char *)b64, n, &p,
223 (unsigned char *)leaf_path + sizeof(leaf_path)))
226 if (lws_is_ssl(wsi) && lws_add_http_header_by_name(wsi,
228 "Strict-Transport-Security:",
230 "max-age=15768000 ; "
231 "includeSubDomains", 36, &p,
232 (unsigned char *)leaf_path +
235 n = (char *)p - leaf_path;
237 n = lws_serve_http_file(wsi, buf, mimetype, other_headers, n);
238 if (n < 0 || ((n > 0) && lws_http_transaction_completed(wsi)))
239 return -1; /* error or can't reuse connection: close the socket */
242 * notice that the sending of the file completes asynchronously,
243 * we'll get a LWS_CALLBACK_HTTP_FILE_COMPLETION callback when
248 case LWS_CALLBACK_HTTP_BODY:
249 lwsl_notice("LWS_CALLBACK_HTTP_BODY: len %d\n", (int)len);
250 strncpy(pss->post_string, in, sizeof (pss->post_string) -1);
251 pss->post_string[sizeof(pss->post_string) - 1] = '\0';
254 case LWS_CALLBACK_HTTP_BODY_COMPLETION:
255 lwsl_notice("LWS_CALLBACK_HTTP_BODY_COMPLETION\n");
257 * the whole of the sent body arrived,
258 * respond to the client with a redirect to show the
261 p = (unsigned char *)buf + LWS_PRE;
262 n = lws_http_redirect(wsi,
263 HTTP_STATUS_SEE_OTHER, /* 303 */
264 (unsigned char *)"postresults", 12, /* location + len */
265 &p, /* temp buffer to use */
266 p + sizeof(buf) - 1 - LWS_PRE /* buffer len */
270 case LWS_CALLBACK_HTTP_FILE_COMPLETION:
273 case LWS_CALLBACK_HTTP_WRITEABLE:
274 // lwsl_notice("LWS_CALLBACK_HTTP_WRITEABLE\n");
277 if (pss->reason_bf & 1) {
278 if (lws_cgi_write_split_stdout_headers(wsi) < 0) {
279 lwsl_debug("lws_cgi_write_split_stdout_headers says close\n");
283 pss->reason_bf &= ~1;
289 #ifndef LWS_NO_CLIENT
290 if (pss->reason_bf & 2) {
291 char *px = buf + LWS_PRE;
292 int lenx = sizeof(buf) - LWS_PRE;
294 * our sink is writeable and our source has something
295 * to read. So read a lump of source material of
296 * suitable size to send or what's available, whichever
299 pss->reason_bf &= ~2;
300 wsi1 = lws_get_child(wsi);
303 if (lws_http_client_read(wsi1, &px, &lenx) < 0)
306 if (pss->client_finished)
313 #ifndef LWS_NO_CLIENT
315 case LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP: {
316 char ctype[64], ctlen = 0;
317 lwsl_err("LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP\n");
318 p = buffer + LWS_PRE;
319 end = p + sizeof(buffer) - LWS_PRE;
320 if (lws_add_http_header_status(lws_get_parent(wsi), 200, &p, end))
322 if (lws_add_http_header_by_token(lws_get_parent(wsi),
323 WSI_TOKEN_HTTP_SERVER,
324 (unsigned char *)"libwebsockets",
328 ctlen = lws_hdr_copy(wsi, ctype, sizeof(ctype), WSI_TOKEN_HTTP_CONTENT_TYPE);
330 if (lws_add_http_header_by_token(lws_get_parent(wsi),
331 WSI_TOKEN_HTTP_CONTENT_TYPE,
332 (unsigned char *)ctype, ctlen, &p, end))
336 if (lws_add_http_header_content_length(lws_get_parent(wsi),
340 if (lws_finalize_http_header(lws_get_parent(wsi), &p, end))
344 lwsl_info("%s\n", buffer + LWS_PRE);
346 n = lws_write(lws_get_parent(wsi), buffer + LWS_PRE,
347 p - (buffer + LWS_PRE),
348 LWS_WRITE_HTTP_HEADERS);
353 case LWS_CALLBACK_CLOSED_CLIENT_HTTP:
354 //lwsl_err("LWS_CALLBACK_CLOSED_CLIENT_HTTP\n");
357 case LWS_CALLBACK_RECEIVE_CLIENT_HTTP:
358 //lwsl_err("LWS_CALLBACK_RECEIVE_CLIENT_HTTP: wsi %p\n", wsi);
359 assert(lws_get_parent(wsi));
360 if (!lws_get_parent(wsi))
362 // lwsl_err("LWS_CALLBACK_RECEIVE_CLIENT_HTTP: wsi %p: sock: %d, parent_wsi: %p, parent_sock:%d, len %d\n",
363 // wsi, lws_get_socket_fd(wsi),
364 // lws_get_parent(wsi),
365 // lws_get_socket_fd(lws_get_parent(wsi)), len);
366 pss1 = lws_wsi_user(lws_get_parent(wsi));
367 pss1->reason_bf |= 2;
368 lws_callback_on_writable(lws_get_parent(wsi));
370 case LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ:
371 //lwsl_err("LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ len %d\n", len);
372 assert(lws_get_parent(wsi));
373 m = lws_write(lws_get_parent(wsi), (unsigned char *)in,
374 len, LWS_WRITE_HTTP);
378 case LWS_CALLBACK_COMPLETED_CLIENT_HTTP:
379 //lwsl_err("LWS_CALLBACK_COMPLETED_CLIENT_HTTP\n");
380 assert(lws_get_parent(wsi));
381 if (!lws_get_parent(wsi))
383 pss1 = lws_wsi_user(lws_get_parent(wsi));
384 pss1->client_finished = 1;
389 /* CGI IO events (POLLIN/OUT) appear here our demo user code policy is
391 * - POST data goes on subprocess stdin
392 * - subprocess stdout goes on http via writeable callback
393 * - subprocess stderr goes to the logs
395 case LWS_CALLBACK_CGI:
396 pss->args = *((struct lws_cgi_args *)in);
397 //lwsl_notice("LWS_CALLBACK_CGI: ch %d\n", pss->args.ch);
398 switch (pss->args.ch) { /* which of stdin/out/err ? */
400 /* TBD stdin rx flow control */
404 /* when writing to MASTER would not block */
405 lws_callback_on_writable(wsi);
408 n = read(lws_get_socket_fd(pss->args.stdwsi[LWS_STDERR]),
410 //lwsl_notice("stderr reads %d\n", n);
412 if (buf[n - 1] != '\n')
415 lwsl_notice("CGI-stderr: %s\n", buf);
421 case LWS_CALLBACK_CGI_TERMINATED:
422 //lwsl_notice("LWS_CALLBACK_CGI_TERMINATED\n");
423 /* because we sent on openended http, close the connection */
426 case LWS_CALLBACK_CGI_STDIN_DATA: /* POST body for stdin */
427 lwsl_notice("LWS_CALLBACK_CGI_STDIN_DATA\n");
428 pss->args = *((struct lws_cgi_args *)in);
429 pss->args.data[pss->args.len] = '\0';
430 //lwsl_err("(stdin fd = %d) %s\n", lws_get_socket_fd(pss->args.stdwsi[LWS_STDIN]), pss->args.data);
431 n = write(lws_get_socket_fd(pss->args.stdwsi[LWS_STDIN]),
432 pss->args.data, pss->args.len);
433 //lwsl_notice("LWS_CALLBACK_CGI_STDIN_DATA: write says %d", n);
434 if (n < pss->args.len)
435 lwsl_notice("LWS_CALLBACK_CGI_STDIN_DATA: sent %d only %d went",
441 * callbacks for managing the external poll() array appear in
442 * protocol 0 callback
445 case LWS_CALLBACK_LOCK_POLL:
446 test_server_lock(len);
449 case LWS_CALLBACK_UNLOCK_POLL:
450 test_server_unlock(len);
453 case LWS_CALLBACK_GET_THREAD_ID:
454 /* return pthread_getthreadid_np(); */
464 /* if we're on HTTP1.1 or 2.0, will keep the idle connection alive */
466 if (lws_http_transaction_completed(wsi))