diff --git a/include/libwebsockets/lws-secure-streams.h b/include/libwebsockets/lws-secure-streams.h index 05b9043d5..00d32664b 100644 --- a/include/libwebsockets/lws-secure-streams.h +++ b/include/libwebsockets/lws-secure-streams.h @@ -73,7 +73,7 @@ * - 3: 4-byte MSB-first flags * - 7: 4-byte MSB-first us between client requested write and wrote to proxy * - 11: 8-byte MSB-first us resolution unix time client wrote to proxy - * - 17: payload + * - 19: payload * * - Proxied secure stream destroy * diff --git a/lib/secure-streams/secure-streams-serialize.c b/lib/secure-streams/secure-streams-serialize.c index a14b2b7e3..0d1d26b54 100644 --- a/lib/secure-streams/secure-streams-serialize.c +++ b/lib/secure-streams/secure-streams-serialize.c @@ -190,7 +190,9 @@ lws_ss_deserialize_tx_payload(struct lws_dsh *dsh, struct lws *wsi, if (*len <= si - 23 || si < 23) { /* - * What comes out of the dsh needs to fit in the tx buffer + * What comes out of the dsh needs to fit in the tx buffer... + * we have arrangements at the proxy rx of the client UDS to + * chop chunks larger than 1380 into seuqential lumps of 1380 */ lwsl_err("%s: *len = %d, si = %d\n", __func__, (int)*len, (int)si); assert(0); @@ -533,17 +535,44 @@ payload_ff: n = (int)len + 1; if (n > par->rem) n = par->rem; + /* + * We get called with a serialized buffer of a size + * chosen by the client. We can only create dsh entries + * with up to 1380 payload, to guarantee we can emit + * them on the onward connection atomically. + * + * If 1380 isn't enough to cover what was handed to us, + * we'll stop at 1380 and go around again and create + * more dsh entries for the rest, with their own + * headers. + */ + if (n > 1380) n = 1380; - /* deal with refragmented SOM / EOM flags */ + /* + * Since we're in the business of fragmenting client + * serialized payloads at 1380, we have to deal with + * refragmenting the SOM / EOM flags that covered the + * whole client serialized packet, so they apply to + * each dsh entry we split it into correctly + */ flags = par->flags & LWSSS_FLAG_RELATED_START; if (par->frag1) + /* + * Only set the first time we came to this + * state after deserialization of the header + */ flags |= par->flags & (LWSSS_FLAG_SOM | LWSSS_FLAG_POLL); if (par->rem == n) + /* + * We are going to complete the advertised + * payload length from the client on this dsh, + * so give him the EOM type flags if any + */ flags |= par->flags & (LWSSS_FLAG_EOM | LWSSS_FLAG_RELATED_END); @@ -556,8 +585,9 @@ payload_ff: * the client. * * The header for buffering private to the - * proxy is 23 bytes vs 19 to hold the + * proxy is 23 bytes vs 19, so we can hold the * current time when it was buffered + * additionally */ lwsl_info("%s: C2P RX: len %d\n", __func__, (int)n); @@ -619,6 +649,11 @@ payload_ff: cp += n; par->rem -= n; len = (len + 1) - n; + /* + * if we didn't consume it all, we'll come + * around again and produce more dsh entries up + * to 1380 each until it is gone + */ } if (!par->rem) par->ps = RPAR_TYPE; diff --git a/minimal-examples/secure-streams/minimal-secure-streams-alexa/CMakeLists.txt b/minimal-examples/secure-streams/minimal-secure-streams-alexa/CMakeLists.txt index 6e5bdb3b3..fa74bfeeb 100644 --- a/minimal-examples/secure-streams/minimal-secure-streams-alexa/CMakeLists.txt +++ b/minimal-examples/secure-streams/minimal-secure-streams-alexa/CMakeLists.txt @@ -28,7 +28,7 @@ if (requirements) CHECK_C_SOURCE_COMPILES("#include \nint main(void) {\ni#if defined(LWS_WITH_SECURE_STREAMS_PROXY_API)\n return 0;\n #else\n fail\n #endif\n return 0;\n}\n" HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) - if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) + if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API OR LWS_WITH_SECURE_STREAMS_PROXY_API) add_compile_options(-DLWS_SS_USE_SSPC) add_executable(${SAMP}-client ${SRCS}) diff --git a/minimal-examples/secure-streams/minimal-secure-streams-avs/CMakeLists.txt b/minimal-examples/secure-streams/minimal-secure-streams-avs/CMakeLists.txt index 859df44a6..c7c0e09f3 100644 --- a/minimal-examples/secure-streams/minimal-secure-streams-avs/CMakeLists.txt +++ b/minimal-examples/secure-streams/minimal-secure-streams-avs/CMakeLists.txt @@ -26,7 +26,7 @@ if (requirements) CHECK_C_SOURCE_COMPILES("#include \nint main(void) {\ni#if defined(LWS_WITH_SECURE_STREAMS_PROXY_API)\n return 0;\n #else\n fail\n #endif\n return 0;\n}\n" HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) - if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) + if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API OR LWS_WITH_SECURE_STREAMS_PROXY_API) add_compile_options(-DLWS_SS_USE_SSPC) add_executable(${SAMP}-client main-client.c avs.c) diff --git a/minimal-examples/secure-streams/minimal-secure-streams-metadata/CMakeLists.txt b/minimal-examples/secure-streams/minimal-secure-streams-metadata/CMakeLists.txt index f315c7a0c..7611ff5b6 100644 --- a/minimal-examples/secure-streams/minimal-secure-streams-metadata/CMakeLists.txt +++ b/minimal-examples/secure-streams/minimal-secure-streams-metadata/CMakeLists.txt @@ -26,7 +26,7 @@ if (requirements) CHECK_C_SOURCE_COMPILES("#include \nint main(void) {\ni#if defined(LWS_WITH_SECURE_STREAMS_PROXY_API)\n return 0;\n #else\n fail\n #endif\n return 0;\n}\n" HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) - if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) + if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API OR LWS_WITH_SECURE_STREAMS_PROXY_API) add_compile_options(-DLWS_SS_USE_SSPC) add_executable(${SAMP}-client minimal-secure-streams.c) diff --git a/minimal-examples/secure-streams/minimal-secure-streams-post/CMakeLists.txt b/minimal-examples/secure-streams/minimal-secure-streams-post/CMakeLists.txt index c3d3d7b4a..50668e8c7 100644 --- a/minimal-examples/secure-streams/minimal-secure-streams-post/CMakeLists.txt +++ b/minimal-examples/secure-streams/minimal-secure-streams-post/CMakeLists.txt @@ -34,7 +34,7 @@ if (requirements) CHECK_C_SOURCE_COMPILES("#include \nint main(void) {\ni#if defined(LWS_WITH_SECURE_STREAMS_PROXY_API)\n return 0;\n #else\n fail\n #endif\n return 0;\n}\n" HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) - if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) + if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API OR LWS_WITH_SECURE_STREAMS_PROXY_API) add_compile_options(-DLWS_SS_USE_SSPC) add_executable(${SAMP}-client minimal-secure-streams-post.c) diff --git a/minimal-examples/secure-streams/minimal-secure-streams-post/minimal-secure-streams-post.c b/minimal-examples/secure-streams/minimal-secure-streams-post/minimal-secure-streams-post.c index 8df205fb4..3ca808332 100644 --- a/minimal-examples/secure-streams/minimal-secure-streams-post/minimal-secure-streams-post.c +++ b/minimal-examples/secure-streams/minimal-secure-streams-post/minimal-secure-streams-post.c @@ -53,10 +53,88 @@ static const char * const postbody = "name=\"field2\"; filename=\"example.txt\"\r\n" "\r\n" "value2\r\n" + "00-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "01-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "02-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "03-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "04-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "05-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "06-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "07-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "08-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "09-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "0a-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "0b-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "0c-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "0d-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "0e-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "0f-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "10-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "11-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "12-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "13-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "14-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "15-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "16-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "17-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "18-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "19-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "1a-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "1b-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "1c-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "1d-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "1e-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "1f-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "20-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "21-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "22-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "23-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "24-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "25-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "26-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "27-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "28-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "29-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "2a-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "2b-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "2c-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "2d-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "2e-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "2f-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "30-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "31-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "32-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "33-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "34-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "35-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "36-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "37-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "38-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "39-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "3a-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "3b-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "3c-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "3d-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "3e-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "3f-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "40-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "41-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "42-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "43-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "44-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "45-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "46-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "47-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "48-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "49-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "4a-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "4b-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "4c-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "4d-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "4e-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" + "4f-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\r\n" "--boundary--\r\n"; -#define POSTBODY_SIZE strlen(postbody) - /* * If the -proxy app is fulfilling our connection, then we don't need to have * the policy in the client. @@ -220,6 +298,9 @@ typedef struct myss { void *opaque_data; /* ... application specific state ... */ lws_sorted_usec_list_t sul; + + size_t pos; + size_t len; } myss_t; #if !defined(LWS_SS_USE_SSPC) @@ -266,20 +347,27 @@ static int myss_tx(void *userobj, lws_ss_tx_ordinal_t ord, uint8_t *buf, size_t *len, int *flags) { - // myss_t *m = (myss_t *)userobj; + myss_t *m = (myss_t *)userobj; - /* - * A more flexible solution would send incrementally tracking the - * status in members in m above. - */ - - if (*len < POSTBODY_SIZE) + if (m->pos == m->len) return LWSSSSRET_TX_DONT_SEND; - *flags = LWSSS_FLAG_SOM | LWSSS_FLAG_EOM; + if (m->len - m->pos < *len) + *len = m->len - m->pos; - memcpy(buf, postbody, strlen(postbody)); - *len = POSTBODY_SIZE; + *flags = 0; + if (!m->pos) + *flags |= LWSSS_FLAG_SOM; + + memcpy(buf, postbody + m->pos, *len); + + m->pos += *len; + if (m->pos == m->len) + *flags |= LWSSS_FLAG_EOM; + else + lws_ss_request_tx(m->ss); + + lwsl_notice("%s: write %d flags %d\n", __func__, (int)*len, (int)*flags); return 0; } @@ -306,6 +394,8 @@ myss_state(void *userobj, void *sh, lws_ss_constate_t state, 39); /* provide a hint about the payload size */ + m->pos = 0; + m->len = strlen(postbody); lws_ss_request_tx_len(m->ss, strlen(postbody)); break; case LWSSSCS_CONNECTED: diff --git a/minimal-examples/secure-streams/minimal-secure-streams-smd/CMakeLists.txt b/minimal-examples/secure-streams/minimal-secure-streams-smd/CMakeLists.txt index 223e3e8c0..48a825845 100644 --- a/minimal-examples/secure-streams/minimal-secure-streams-smd/CMakeLists.txt +++ b/minimal-examples/secure-streams/minimal-secure-streams-smd/CMakeLists.txt @@ -33,7 +33,7 @@ if (requirements) CHECK_C_SOURCE_COMPILES("#include \nint main(void) {\ni#if defined(LWS_WITH_SECURE_STREAMS_PROXY_API)\n return 0;\n #else\n fail\n #endif\n return 0;\n}\n" HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) - if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) + if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API OR LWS_WITH_SECURE_STREAMS_PROXY_API) add_compile_options(-DLWS_SS_USE_SSPC) add_executable(${PROJECT_NAME}-client minimal-secure-streams-smd.c) diff --git a/minimal-examples/secure-streams/minimal-secure-streams/CMakeLists.txt b/minimal-examples/secure-streams/minimal-secure-streams/CMakeLists.txt index 5a3d6ebef..1a731c6c8 100644 --- a/minimal-examples/secure-streams/minimal-secure-streams/CMakeLists.txt +++ b/minimal-examples/secure-streams/minimal-secure-streams/CMakeLists.txt @@ -34,7 +34,7 @@ if (requirements) CHECK_C_SOURCE_COMPILES("#include \nint main(void) {\ni#if defined(LWS_WITH_SECURE_STREAMS_PROXY_API)\n return 0;\n #else\n fail\n #endif\n return 0;\n}\n" HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) - if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API) + if (HAS_LWS_WITH_SECURE_STREAMS_PROXY_API OR LWS_WITH_SECURE_STREAMS_PROXY_API) add_compile_options(-DLWS_SS_USE_SSPC) add_executable(${SAMP}-client minimal-secure-streams.c)