/* * libwebsockets - small server side websockets and web server implementation * * Copyright (C) 2010 Andy Green * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation: * version 2.1 of the License. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301 USA */ #include "private-libwebsockets.h" /* file descriptor hash management */ struct libwebsocket * wsi_from_fd(struct libwebsocket_context *this, int fd) { int h = LWS_FD_HASH(fd); int n = 0; for (n = 0; n < this->fd_hashtable[h].length; n++) if (this->fd_hashtable[h].wsi[n]->sock == fd) return this->fd_hashtable[h].wsi[n]; return NULL; } int insert_wsi(struct libwebsocket_context *this, struct libwebsocket *wsi) { int h = LWS_FD_HASH(wsi->sock); if (this->fd_hashtable[h].length == MAX_CLIENTS - 1) { fprintf(stderr, "hash table overflow\n"); return 1; } this->fd_hashtable[h].wsi[this->fd_hashtable[h].length++] = wsi; return 0; } int delete_from_fd(struct libwebsocket_context *this, int fd) { int h = LWS_FD_HASH(fd); int n = 0; for (n = 0; n < this->fd_hashtable[h].length; n++) if (this->fd_hashtable[h].wsi[n]->sock == fd) { while (n < this->fd_hashtable[h].length) { this->fd_hashtable[h].wsi[n] = this->fd_hashtable[h].wsi[n + 1]; n++; } this->fd_hashtable[h].length--; return 0; } fprintf(stderr, "Failed to find fd %d requested for " "delete in hashtable\n", fd); return 1; } void libwebsocket_close_and_free_session(struct libwebsocket *wsi) { int n; unsigned char buf[LWS_SEND_BUFFER_PRE_PADDING + 2 + LWS_SEND_BUFFER_POST_PADDING]; if ((unsigned long)wsi < LWS_MAX_PROTOCOLS) return; n = wsi->state; if (n == WSI_STATE_DEAD_SOCKET) return; /* * signal we are closing, libsocket_write will * add any necessary version-specific stuff. If the write fails, * no worries we are closing anyway. If we didn't initiate this * close, then our state has been changed to * WSI_STATE_RETURNED_CLOSE_ALREADY and we can skip this */ if (n == WSI_STATE_ESTABLISHED) libwebsocket_write(wsi, &buf[LWS_SEND_BUFFER_PRE_PADDING], 0, LWS_WRITE_CLOSE); wsi->state = WSI_STATE_DEAD_SOCKET; if (wsi->protocol->callback && n == WSI_STATE_ESTABLISHED) wsi->protocol->callback(wsi, LWS_CALLBACK_CLOSED, wsi->user_space, NULL, 0); for (n = 0; n < WSI_TOKEN_COUNT; n++) if (wsi->utf8_token[n].token) free(wsi->utf8_token[n].token); /* fprintf(stderr, "closing fd=%d\n", wsi->sock); */ #ifdef LWS_OPENSSL_SUPPORT if (wsi->ssl) { n = SSL_get_fd(wsi->ssl); SSL_shutdown(wsi->ssl); close(n); SSL_free(wsi->ssl); } else { #endif shutdown(wsi->sock, SHUT_RDWR); close(wsi->sock); #ifdef LWS_OPENSSL_SUPPORT } #endif if (wsi->user_space) free(wsi->user_space); free(wsi); } /** * libwebsockets_hangup_on_client() - Server calls to terminate client * connection * @this: libwebsockets context * @fd: Connection socket descriptor */ void libwebsockets_hangup_on_client(struct libwebsocket_context *this, int fd) { struct libwebsocket *wsi = wsi_from_fd(this, fd); if (wsi == NULL) return; libwebsocket_close_and_free_session(wsi); } /** * libwebsockets_get_peer_addresses() - Get client address information * @fd: Connection socket descriptor * @name: Buffer to take client address name * @name_len: Length of client address name buffer * @rip: Buffer to take client address IP qotted quad * @rip_len: Length of client address IP buffer * * This function fills in @name and @rip with the name and IP of * the client connected with socket descriptor @fd. Names may be * truncated if there is not enough room. If either cannot be * determined, they will be returned as valid zero-length strings. */ void libwebsockets_get_peer_addresses(int fd, char *name, int name_len, char *rip, int rip_len) { unsigned int len; struct sockaddr_in sin; struct hostent *host; struct hostent *host1; char ip[128]; char *p; int n; rip[0] = '\0'; name[0] = '\0'; len = sizeof sin; if (getpeername(fd, (struct sockaddr *) &sin, &len) < 0) { perror("getpeername"); return; } host = gethostbyaddr((char *) &sin.sin_addr, sizeof sin.sin_addr, AF_INET); if (host == NULL) { perror("gethostbyaddr"); return; } strncpy(name, host->h_name, name_len); name[name_len - 1] = '\0'; host1 = gethostbyname(host->h_name); if (host1 == NULL) return; p = (char *)host1; n = 0; while (p != NULL) { p = host1->h_addr_list[n++]; if (p == NULL) continue; if (host1->h_addrtype != AF_INET) continue; sprintf(ip, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); p = NULL; strncpy(rip, ip, rip_len); rip[rip_len - 1] = '\0'; } } /** * libwebsocket_service_fd() - Service polled socket with something waiting * @this: Websocket context * @pollfd: The pollfd entry describing the socket fd and which events * happened. * * This function closes any active connections and then frees the * context. After calling this, any further use of the context is * undefined. */ int libwebsocket_service_fd(struct libwebsocket_context *this, struct pollfd *pollfd) { unsigned char buf[LWS_SEND_BUFFER_PRE_PADDING + MAX_BROADCAST_PAYLOAD + LWS_SEND_BUFFER_POST_PADDING]; struct libwebsocket *wsi = wsi_from_fd(this, pollfd->fd); struct libwebsocket *new_wsi; int n; int m; size_t len; int accept_fd; unsigned int clilen; struct sockaddr_in cli_addr; if (wsi == NULL) return 1; switch (wsi->mode) { case LWS_CONNMODE_SERVER_LISTENER: /* pollin means a client has connected to us then */ if (!pollfd->revents & POLLIN) break; /* listen socket got an unencrypted connection... */ clilen = sizeof(cli_addr); accept_fd = accept(pollfd->fd, (struct sockaddr *)&cli_addr, &clilen); if (accept_fd < 0) { fprintf(stderr, "ERROR on accept"); break; } if (this->fds_count >= MAX_CLIENTS) { fprintf(stderr, "too busy to accept new client\n"); close(accept_fd); break; } /* * look at who we connected to and give user code a chance * to reject based on client IP. There's no protocol selected * yet so we issue this to protocols[0] */ if ((this->protocols[0].callback)(wsi, LWS_CALLBACK_FILTER_NETWORK_CONNECTION, (void*)(long)accept_fd, NULL, 0)) { fprintf(stderr, "Callback denied network connection\n"); close(accept_fd); break; } /* accepting connection to main listener */ new_wsi = malloc(sizeof(struct libwebsocket)); if (new_wsi == NULL) { fprintf(stderr, "Out of memory for new connection\n"); break; } memset(new_wsi, 0, sizeof (struct libwebsocket)); new_wsi->sock = accept_fd; #ifdef LWS_OPENSSL_SUPPORT new_wsi->ssl = NULL; this->ssl_ctx = NULL; if (this->use_ssl) { new_wsi->ssl = SSL_new(this->ssl_ctx); if (new_wsi->ssl == NULL) { fprintf(stderr, "SSL_new failed: %s\n", ERR_error_string(SSL_get_error( new_wsi->ssl, 0), NULL)); free(new_wsi); break; } SSL_set_fd(new_wsi->ssl, accept_fd); n = SSL_accept(new_wsi->ssl); if (n != 1) { /* * browsers seem to probe with various * ssl params which fail then retry * and succeed */ debug("SSL_accept failed skt %u: %s\n", pollfd->fd, ERR_error_string(SSL_get_error( new_wsi->ssl, n), NULL)); SSL_free( new_wsi->ssl); free(new_wsi); break; } debug("accepted new SSL conn " "port %u on fd=%d SSL ver %s\n", ntohs(cli_addr.sin_port), accept_fd, SSL_get_version(new_wsi->ssl)); } else #endif debug("accepted new conn port %u on fd=%d\n", ntohs(cli_addr.sin_port), accept_fd); /* intialize the instance struct */ new_wsi->state = WSI_STATE_HTTP; new_wsi->name_buffer_pos = 0; new_wsi->mode = LWS_CONNMODE_WS_SERVING; for (n = 0; n < WSI_TOKEN_COUNT; n++) { new_wsi->utf8_token[n].token = NULL; new_wsi->utf8_token[n].token_len = 0; } /* * these can only be set once the protocol is known * we set an unestablished connection's protocol pointer * to the start of the supported list, so it can look * for matching ones during the handshake */ new_wsi->protocol = this->protocols; new_wsi->user_space = NULL; /* * Default protocol is 76 / 00 * After 76, there's a header specified to inform which * draft the client wants, when that's seen we modify * the individual connection's spec revision accordingly */ new_wsi->ietf_spec_revision = 0; insert_wsi(this, new_wsi); /* * make sure NO events are seen yet on this new socket * (otherwise we inherit old fds[client].revents from * previous socket there and die mysteriously! ) */ this->fds[this->fds_count].revents = 0; this->fds[this->fds_count].events = POLLIN; this->fds[this->fds_count++].fd = accept_fd; /* external POLL support via protocol 0 */ this->protocols[0].callback(new_wsi, LWS_CALLBACK_ADD_POLL_FD, (void *)(long)accept_fd, NULL, POLLIN); break; case LWS_CONNMODE_BROADCAST_PROXY_LISTENER: /* as we are listening, POLLIN means accept() is needed */ if (!pollfd->revents & POLLIN) break; /* listen socket got an unencrypted connection... */ clilen = sizeof(cli_addr); accept_fd = accept(pollfd->fd, (struct sockaddr *)&cli_addr, &clilen); if (accept_fd < 0) { fprintf(stderr, "ERROR on accept"); break; } if (this->fds_count >= MAX_CLIENTS) { fprintf(stderr, "too busy to accept new broadcast " "proxy client\n"); close(accept_fd); break; } /* create a dummy wsi for the connection and add it */ new_wsi = malloc(sizeof(struct libwebsocket)); memset(new_wsi, 0, sizeof (struct libwebsocket)); new_wsi->sock = accept_fd; new_wsi->mode = LWS_CONNMODE_BROADCAST_PROXY; new_wsi->state = WSI_STATE_ESTABLISHED; /* note which protocol we are proxying */ new_wsi->protocol_index_for_broadcast_proxy = wsi->protocol_index_for_broadcast_proxy; insert_wsi(this, new_wsi); /* add connected socket to internal poll array */ this->fds[this->fds_count].revents = 0; this->fds[this->fds_count].events = POLLIN; this->fds[this->fds_count++].fd = accept_fd; /* external POLL support via protocol 0 */ this->protocols[0].callback(new_wsi, LWS_CALLBACK_ADD_POLL_FD, (void *)(long)accept_fd, NULL, POLLIN); break; case LWS_CONNMODE_BROADCAST_PROXY: /* handle session socket closed */ if (pollfd->revents & (POLLERR | POLLHUP)) { debug("Session Socket %p (fd=%d) dead\n", (void *)wsi, accept_fd); libwebsocket_close_and_free_session(wsi); goto nuke_this; } /* the guy requested a callback when it was OK to write */ if (pollfd->revents & POLLOUT) { /* one shot */ pollfd->events &= ~POLLOUT; /* external POLL support via protocol 0 */ this->protocols[0].callback(wsi, LWS_CALLBACK_CLEAR_MODE_POLL_FD, (void *)(long)wsi->sock, NULL, POLLOUT); wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_WRITEABLE, wsi->user_space, NULL, 0); } /* any incoming data ready? */ if (!(pollfd->revents & POLLIN)) break; /* get the issued broadcast payload from the socket */ len = read(pollfd->fd, buf + LWS_SEND_BUFFER_PRE_PADDING, MAX_BROADCAST_PAYLOAD); if (len < 0) { fprintf(stderr, "Error reading broadcast payload\n"); break;; } /* broadcast it to all guys with this protocol index */ for (n = 0; n < FD_HASHTABLE_MODULUS; n++) { for (m = 0; m < this->fd_hashtable[n].length; m++) { new_wsi = this->fd_hashtable[n].wsi[m]; /* only to clients we are serving to */ if (new_wsi->mode != LWS_CONNMODE_WS_SERVING) continue; /* * never broadcast to non-established * connection */ if (new_wsi->state != WSI_STATE_ESTABLISHED) continue; /* * only broadcast to connections using * the requested protocol */ if (new_wsi->protocol->protocol_index != wsi->protocol_index_for_broadcast_proxy) continue; /* broadcast it to this connection */ new_wsi->protocol->callback(new_wsi, LWS_CALLBACK_BROADCAST, new_wsi->user_space, buf + LWS_SEND_BUFFER_PRE_PADDING, len); } } break; case LWS_CONNMODE_WS_SERVING: case LWS_CONNMODE_WS_CLIENT: /* handle session socket closed */ if (pollfd->revents & (POLLERR | POLLHUP)) { debug("Session Socket %p (fd=%d) dead\n", (void *)wsi, pollfd->fd); libwebsocket_close_and_free_session(wsi); goto nuke_this; } /* the guy requested a callback when it was OK to write */ if (pollfd->revents & POLLOUT) { pollfd->events &= ~POLLOUT; /* external POLL support via protocol 0 */ this->protocols[0].callback(wsi, LWS_CALLBACK_CLEAR_MODE_POLL_FD, (void *)(long)wsi->sock, NULL, POLLOUT); wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_WRITEABLE, wsi->user_space, NULL, 0); } /* any incoming data ready? */ if (!(pollfd->revents & POLLIN)) break; #ifdef LWS_OPENSSL_SUPPORT if (wsi->ssl) n = SSL_read(wsi->ssl, buf, sizeof buf); else #endif n = recv(pollfd->fd, buf, sizeof buf, 0); if (n < 0) { fprintf(stderr, "Socket read returned %d\n", n); break;; } if (!n) { libwebsocket_close_and_free_session(wsi); goto nuke_this; } /* service incoming data */ n = libwebsocket_read(wsi, buf, n); if (n >= 0) break;; /* * it closed and nuked wsi[client], so remove the * socket handle and wsi from our service list */ nuke_this: debug("nuking wsi %p, fsd_count = %d\n", (void *)wsi, this->fds_count - 1); delete_from_fd(this, pollfd->fd); this->fds_count--; for (n = 0; n < this->fds_count; n++) if (this->fds[n].fd == pollfd->fd) { while (n < this->fds_count) { this->fds[n] = this->fds[n + 1]; n++; } n = this->fds_count; } /* external POLL support via protocol 0 */ this->protocols[0].callback(wsi, LWS_CALLBACK_DEL_POLL_FD, (void *)(long)pollfd->fd, NULL, 0); break; } return 0; } /** * libwebsocket_context_destroy() - Destroy the websocket context * @this: Websocket context * * This function closes any active connections and then frees the * context. After calling this, any further use of the context is * undefined. */ void libwebsocket_context_destroy(struct libwebsocket_context *this) { int n; int m; struct libwebsocket *wsi; for (n = 0; n < FD_HASHTABLE_MODULUS; n++) { for (m = 0; m < this->fd_hashtable[n].length; m++) { wsi = this->fd_hashtable[n].wsi[m]; switch (wsi->mode) { case LWS_CONNMODE_WS_SERVING: libwebsocket_close_and_free_session(wsi); break; case LWS_CONNMODE_WS_CLIENT: libwebsocket_client_close(wsi); break; default: break; } } } close(this->fd_random); #ifdef LWS_OPENSSL_SUPPORT if (this->ssl_ctx) SSL_CTX_free(this->ssl_ctx); if (this->ssl_client_ctx) SSL_CTX_free(this->ssl_client_ctx); #endif free(this); } /** * libwebsocket_service() - Service any pending websocket activity * @this: Websocket context * @timeout_ms: Timeout for poll; 0 means return immediately if nothing needed * service otherwise block and service immediately, returning * after the timeout if nothing needed service. * * This function deals with any pending websocket traffic, for three * kinds of event. It handles these events on both server and client * types of connection the same. * * 1) Accept new connections to our context's server * * 2) Perform pending broadcast writes initiated from other forked * processes (effectively serializing asynchronous broadcasts) * * 3) Call the receive callback for incoming frame data received by * server or client connections. * * You need to call this service function periodically to all the above * functions to happen; if your application is single-threaded you can * just call it in your main event loop. * * Alternatively you can fork a new process that asynchronously handles * calling this service in a loop. In that case you are happy if this * call blocks your thread until it needs to take care of something and * would call it with a large nonzero timeout. Your loop then takes no * CPU while there is nothing happening. * * If you are calling it in a single-threaded app, you don't want it to * wait around blocking other things in your loop from happening, so you * would call it with a timeout_ms of 0, so it returns immediately if * nothing is pending, or as soon as it services whatever was pending. */ int libwebsocket_service(struct libwebsocket_context *this, int timeout_ms) { int n; /* stay dead once we are dead */ if (this == NULL) return 1; /* wait for something to need service */ n = poll(this->fds, this->fds_count, timeout_ms); if (n == 0) /* poll timeout */ return 0; if (n < 0 || this->fds[0].revents & (POLLERR | POLLHUP)) { /* fprintf(stderr, "Listen Socket dead\n"); */ return 1; } /* handle accept on listening socket? */ for (n = 0; n < this->fds_count; n++) if (this->fds[n].revents) libwebsocket_service_fd(this, &this->fds[n]); return 0; } /** * libwebsocket_callback_on_writable() - Request a callback when this socket * becomes able to be written to without * blocking * * * @wsi: Websocket connection instance to get callback for */ int libwebsocket_callback_on_writable(struct libwebsocket *wsi) { struct libwebsocket_context *this = wsi->protocol->owning_server; int n; for (n = 0; n < this->fds_count; n++) if (this->fds[n].fd == wsi->sock) { this->fds[n].events |= POLLOUT; n = this->fds_count; } /* external POLL support via protocol 0 */ this->protocols[0].callback(wsi, LWS_CALLBACK_SET_MODE_POLL_FD, (void *)(long)wsi->sock, NULL, POLLOUT); return 1; } /** * libwebsocket_callback_on_writable_all_protocol() - Request a callback for * all connections using the given protocol when it * becomes possible to write to each socket without * blocking in turn. * * @protocol: Protocol whose connections will get callbacks */ int libwebsocket_callback_on_writable_all_protocol( const struct libwebsocket_protocols *protocol) { struct libwebsocket_context *this = protocol->owning_server; int n; int m; struct libwebsocket *wsi; for (n = 0; n < FD_HASHTABLE_MODULUS; n++) { for (m = 0; m < this->fd_hashtable[n].length; m++) { wsi = this->fd_hashtable[n].wsi[m]; if (wsi->protocol == protocol) libwebsocket_callback_on_writable(wsi); } } return 0; } /** * libwebsocket_get_socket_fd() - returns the socket file descriptor * * You will not need this unless you are doing something special * * @wsi: Websocket connection instance */ int libwebsocket_get_socket_fd(struct libwebsocket *wsi) { return wsi->sock; } /** * libwebsocket_rx_flow_control() - Enable and disable socket servicing for * receieved packets. * * If the output side of a server process becomes choked, this allows flow * control for the input side. * * @wsi: Websocket connection instance to get callback for * @enable: 0 = disable read servicing for this connection, 1 = enable */ int libwebsocket_rx_flow_control(struct libwebsocket *wsi, int enable) { struct libwebsocket_context *this = wsi->protocol->owning_server; int n; for (n = 0; n < this->fds_count; n++) if (this->fds[n].fd == wsi->sock) { if (enable) this->fds[n].events |= POLLIN; else this->fds[n].events &= ~POLLIN; return 0; } if (enable) /* external POLL support via protocol 0 */ this->protocols[0].callback(wsi, LWS_CALLBACK_SET_MODE_POLL_FD, (void *)(long)wsi->sock, NULL, POLLIN); else /* external POLL support via protocol 0 */ this->protocols[0].callback(wsi, LWS_CALLBACK_CLEAR_MODE_POLL_FD, (void *)(long)wsi->sock, NULL, POLLIN); fprintf(stderr, "libwebsocket_callback_on_writable " "unable to find socket\n"); return 1; } /** * libwebsocket_canonical_hostname() - returns this host's hostname * * This is typically used by client code to fill in the host parameter * when making a client connection. You can only call it after the context * has been created. * * @this: Websocket context */ extern const char * libwebsocket_canonical_hostname(struct libwebsocket_context *this) { return (const char *)this->canonical_hostname; } static void sigpipe_handler(int x) { } /** * libwebsocket_create_context() - Create the websocket handler * @port: Port to listen on... you can use 0 to suppress listening on * any port, that's what you want if you are not running a * websocket server at all but just using it as a client * @protocols: Array of structures listing supported protocols and a protocol- * specific callback for each one. The list is ended with an * entry that has a NULL callback pointer. * It's not const because we write the owning_server member * @ssl_cert_filepath: If libwebsockets was compiled to use ssl, and you want * to listen using SSL, set to the filepath to fetch the * server cert from, otherwise NULL for unencrypted * @ssl_private_key_filepath: filepath to private key if wanting SSL mode, * else ignored * @gid: group id to change to after setting listen socket, or -1. * @uid: user id to change to after setting listen socket, or -1. * @options: 0, or LWS_SERVER_OPTION_DEFEAT_CLIENT_MASK * * This function creates the listening socket and takes care * of all initialization in one step. * * After initialization, it returns a struct libwebsocket_context * that * represents this server. After calling, user code needs to take care * of calling libwebsocket_service() with the context pointer to get the * server's sockets serviced. This can be done in the same process context * or a forked process, or another thread, * * The protocol callback functions are called for a handful of events * including http requests coming in, websocket connections becoming * established, and data arriving; it's also called periodically to allow * async transmission. * * HTTP requests are sent always to the FIRST protocol in @protocol, since * at that time websocket protocol has not been negotiated. Other * protocols after the first one never see any HTTP callack activity. * * The server created is a simple http server by default; part of the * websocket standard is upgrading this http connection to a websocket one. * * This allows the same server to provide files like scripts and favicon / * images or whatever over http and dynamic data over websockets all in * one place; they're all handled in the user callback. */ struct libwebsocket_context * libwebsocket_create_context(int port, struct libwebsocket_protocols *protocols, const char *ssl_cert_filepath, const char *ssl_private_key_filepath, int gid, int uid, unsigned int options) { int n; int sockfd = 0; int fd; struct sockaddr_in serv_addr, cli_addr; int opt = 1; struct libwebsocket_context *this = NULL; unsigned int slen; char *p; char hostname[1024]; struct hostent *he; struct libwebsocket *wsi; #ifdef LWS_OPENSSL_SUPPORT SSL_METHOD *method; char ssl_err_buf[512]; #endif this = malloc(sizeof(struct libwebsocket_context)); if (!this) { fprintf(stderr, "No memory for websocket context\n"); return NULL; } this->protocols = protocols; this->listen_port = port; this->http_proxy_port = 0; this->http_proxy_address[0] = '\0'; this->options = options; this->fds_count = 0; this->fd_random = open(SYSTEM_RANDOM_FILEPATH, O_RDONLY); if (this->fd_random < 0) { fprintf(stderr, "Unable to open random device %s %d\n", SYSTEM_RANDOM_FILEPATH, this->fd_random); return NULL; } /* find canonical hostname */ hostname[(sizeof hostname) - 1] = '\0'; gethostname(hostname, (sizeof hostname) - 1); he = gethostbyname(hostname); strncpy(this->canonical_hostname, he->h_name, sizeof this->canonical_hostname - 1); this->canonical_hostname[sizeof this->canonical_hostname - 1] = '\0'; /* split the proxy ads:port if given */ p = getenv("http_proxy"); if (p) { strncpy(this->http_proxy_address, p, sizeof this->http_proxy_address - 1); this->http_proxy_address[ sizeof this->http_proxy_address - 1] = '\0'; p = strchr(this->http_proxy_address, ':'); if (p == NULL) { fprintf(stderr, "http_proxy needs to be ads:port\n"); return NULL; } *p = '\0'; this->http_proxy_port = atoi(p + 1); fprintf(stderr, "Using proxy %s:%u\n", this->http_proxy_address, this->http_proxy_port); } if (port) { #ifdef LWS_OPENSSL_SUPPORT this->use_ssl = ssl_cert_filepath != NULL && ssl_private_key_filepath != NULL; if (this->use_ssl) fprintf(stderr, " Compiled with SSL support, " "using it\n"); else fprintf(stderr, " Compiled with SSL support, " "not using it\n"); #else if (ssl_cert_filepath != NULL && ssl_private_key_filepath != NULL) { fprintf(stderr, " Not compiled for OpenSSl support!\n"); return NULL; } fprintf(stderr, " Compiled without SSL support, " "serving unencrypted\n"); #endif } /* ignore SIGPIPE */ signal(SIGPIPE, sigpipe_handler); #ifdef LWS_OPENSSL_SUPPORT /* basic openssl init */ SSL_library_init(); OpenSSL_add_all_algorithms(); SSL_load_error_strings(); /* * Firefox insists on SSLv23 not SSLv3 * Konq disables SSLv2 by default now, SSLv23 works */ method = (SSL_METHOD *)SSLv23_server_method(); if (!method) { fprintf(stderr, "problem creating ssl method: %s\n", ERR_error_string(ERR_get_error(), ssl_err_buf)); return NULL; } this->ssl_ctx = SSL_CTX_new(method); /* create context */ if (!this->ssl_ctx) { fprintf(stderr, "problem creating ssl context: %s\n", ERR_error_string(ERR_get_error(), ssl_err_buf)); return NULL; } /* client context */ method = (SSL_METHOD *)SSLv23_client_method(); if (!method) { fprintf(stderr, "problem creating ssl method: %s\n", ERR_error_string(ERR_get_error(), ssl_err_buf)); return NULL; } this->ssl_client_ctx = SSL_CTX_new(method); /* create context */ if (!this->ssl_client_ctx) { fprintf(stderr, "problem creating ssl context: %s\n", ERR_error_string(ERR_get_error(), ssl_err_buf)); return NULL; } /* openssl init for cert verification (used with client sockets) */ if (!SSL_CTX_load_verify_locations(this->ssl_client_ctx, NULL, LWS_OPENSSL_CLIENT_CERTS)) { fprintf(stderr, "Unable to load SSL Client certs from %s " "(set by --with-client-cert-dir= in configure) -- " " client ssl isn't going to work", LWS_OPENSSL_CLIENT_CERTS); } if (this->use_ssl) { /* openssl init for server sockets */ /* set the local certificate from CertFile */ n = SSL_CTX_use_certificate_file(this->ssl_ctx, ssl_cert_filepath, SSL_FILETYPE_PEM); if (n != 1) { fprintf(stderr, "problem getting cert '%s': %s\n", ssl_cert_filepath, ERR_error_string(ERR_get_error(), ssl_err_buf)); return NULL; } /* set the private key from KeyFile */ if (SSL_CTX_use_PrivateKey_file(this->ssl_ctx, ssl_private_key_filepath, SSL_FILETYPE_PEM) != 1) { fprintf(stderr, "ssl problem getting key '%s': %s\n", ssl_private_key_filepath, ERR_error_string(ERR_get_error(), ssl_err_buf)); return NULL; } /* verify private key */ if (!SSL_CTX_check_private_key(this->ssl_ctx)) { fprintf(stderr, "Private SSL key doesn't match cert\n"); return NULL; } /* SSL is happy and has a cert it's content with */ } #endif /* selftest */ if (lws_b64_selftest()) return NULL; /* fd hashtable init */ for (n = 0; n < FD_HASHTABLE_MODULUS; n++) this->fd_hashtable[n].length = 0; /* set up our external listening socket we serve on */ if (port) { sockfd = socket(AF_INET, SOCK_STREAM, 0); if (sockfd < 0) { fprintf(stderr, "ERROR opening socket"); return NULL; } /* allow us to restart even if old sockets in TIME_WAIT */ setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)); bzero((char *) &serv_addr, sizeof(serv_addr)); serv_addr.sin_family = AF_INET; serv_addr.sin_addr.s_addr = INADDR_ANY; serv_addr.sin_port = htons(port); n = bind(sockfd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)); if (n < 0) { fprintf(stderr, "ERROR on binding to port %d (%d %d)\n", port, n, errno); return NULL; } wsi = malloc(sizeof(struct libwebsocket)); memset(wsi, 0, sizeof (struct libwebsocket)); wsi->sock = sockfd; wsi->mode = LWS_CONNMODE_SERVER_LISTENER; insert_wsi(this, wsi); listen(sockfd, 5); fprintf(stderr, " Listening on port %d\n", port); /* list in the internal poll array */ this->fds[this->fds_count].fd = sockfd; this->fds[this->fds_count++].events = POLLIN; /* external POLL support via protocol 0 */ this->protocols[0].callback(wsi, LWS_CALLBACK_ADD_POLL_FD, (void *)(long)sockfd, NULL, POLLIN); } /* drop any root privs for this process */ if (gid != -1) if (setgid(gid)) fprintf(stderr, "setgid: %s\n", strerror(errno)); if (uid != -1) if (setuid(uid)) fprintf(stderr, "setuid: %s\n", strerror(errno)); /* set up our internal broadcast trigger sockets per-protocol */ for (this->count_protocols = 0; protocols[this->count_protocols].callback; this->count_protocols++) { protocols[this->count_protocols].owning_server = this; protocols[this->count_protocols].protocol_index = this->count_protocols; fd = socket(AF_INET, SOCK_STREAM, 0); if (fd < 0) { fprintf(stderr, "ERROR opening socket"); return NULL; } /* allow us to restart even if old sockets in TIME_WAIT */ setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)); bzero((char *) &serv_addr, sizeof(serv_addr)); serv_addr.sin_family = AF_INET; serv_addr.sin_addr.s_addr = inet_addr("127.0.0.1"); serv_addr.sin_port = 0; /* pick the port for us */ n = bind(fd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)); if (n < 0) { fprintf(stderr, "ERROR on binding to port %d (%d %d)\n", port, n, errno); return NULL; } slen = sizeof cli_addr; n = getsockname(fd, (struct sockaddr *)&cli_addr, &slen); if (n < 0) { fprintf(stderr, "getsockname failed\n"); return NULL; } protocols[this->count_protocols].broadcast_socket_port = ntohs(cli_addr.sin_port); listen(fd, 5); debug(" Protocol %s broadcast socket %d\n", protocols[this->count_protocols].name, ntohs(cli_addr.sin_port)); /* dummy wsi per broadcast proxy socket */ wsi = malloc(sizeof(struct libwebsocket)); memset(wsi, 0, sizeof (struct libwebsocket)); wsi->sock = fd; wsi->mode = LWS_CONNMODE_BROADCAST_PROXY_LISTENER; /* note which protocol we are proxying */ wsi->protocol_index_for_broadcast_proxy = this->count_protocols; insert_wsi(this, wsi); /* list in internal poll array */ this->fds[this->fds_count].fd = fd; this->fds[this->fds_count].events = POLLIN; this->fds[this->fds_count].revents = 0; this->fds_count++; /* external POLL support via protocol 0 */ this->protocols[0].callback(wsi, LWS_CALLBACK_ADD_POLL_FD, (void *)(long)fd, NULL, POLLIN); } return this; } #ifndef LWS_NO_FORK /** * libwebsockets_fork_service_loop() - Optional helper function forks off * a process for the websocket server loop. * You don't have to use this but if not, you * have to make sure you are calling * libwebsocket_service periodically to service * the websocket traffic * @this: server context returned by creation function */ int libwebsockets_fork_service_loop(struct libwebsocket_context *this) { int fd; struct sockaddr_in cli_addr; int n; int p; n = fork(); if (n < 0) return n; if (!n) { /* main process context */ /* * set up the proxy sockets to allow broadcast from * service process context */ for (p = 0; p < this->count_protocols; p++) { fd = socket(AF_INET, SOCK_STREAM, 0); if (fd < 0) { fprintf(stderr, "Unable to create socket\n"); return -1; } cli_addr.sin_family = AF_INET; cli_addr.sin_port = htons( this->protocols[p].broadcast_socket_port); cli_addr.sin_addr.s_addr = inet_addr("127.0.0.1"); n = connect(fd, (struct sockaddr *)&cli_addr, sizeof cli_addr); if (n < 0) { fprintf(stderr, "Unable to connect to " "broadcast socket %d, %s\n", n, strerror(errno)); return -1; } this->protocols[p].broadcast_socket_user_fd = fd; } return 0; } /* we want a SIGHUP when our parent goes down */ prctl(PR_SET_PDEATHSIG, SIGHUP); /* in this forked process, sit and service websocket connections */ while (1) if (libwebsocket_service(this, 1000)) return -1; return 0; } #endif /** * libwebsockets_get_protocol() - Returns a protocol pointer from a websocket * connection. * @wsi: pointer to struct websocket you want to know the protocol of * * * This is useful to get the protocol to broadcast back to from inside * the callback. */ const struct libwebsocket_protocols * libwebsockets_get_protocol(struct libwebsocket *wsi) { return wsi->protocol; } /** * libwebsockets_broadcast() - Sends a buffer to the callback for all active * connections of the given protocol. * @protocol: pointer to the protocol you will broadcast to all members of * @buf: buffer containing the data to be broadcase. NOTE: this has to be * allocated with LWS_SEND_BUFFER_PRE_PADDING valid bytes before * the pointer and LWS_SEND_BUFFER_POST_PADDING afterwards in the * case you are calling this function from callback context. * @len: length of payload data in buf, starting from buf. * * This function allows bulk sending of a packet to every connection using * the given protocol. It does not send the data directly; instead it calls * the callback with a reason type of LWS_CALLBACK_BROADCAST. If the callback * wants to actually send the data for that connection, the callback itself * should call libwebsocket_write(). * * libwebsockets_broadcast() can be called from another fork context without * having to take any care about data visibility between the processes, it'll * "just work". */ int libwebsockets_broadcast(const struct libwebsocket_protocols *protocol, unsigned char *buf, size_t len) { struct libwebsocket_context *this = protocol->owning_server; int n; int m; struct libwebsocket * wsi; if (!protocol->broadcast_socket_user_fd) { /* * We are either running unforked / flat, or we are being * called from poll thread context * eg, from a callback. In that case don't use sockets for * broadcast IPC (since we can't open a socket connection to * a socket listening on our own thread) but directly do the * send action. * * Locking is not needed because we are by definition being * called in the poll thread context and are serialized. */ for (n = 0; n < FD_HASHTABLE_MODULUS; n++) { for (m = 0; m < this->fd_hashtable[n].length; m++) { wsi = this->fd_hashtable[n].wsi[m]; if (wsi->mode != LWS_CONNMODE_WS_SERVING) continue; /* * never broadcast to * non-established connections */ if (wsi->state != WSI_STATE_ESTABLISHED) continue; /* only broadcast to guys using * requested protocol */ if (wsi->protocol != protocol) continue; wsi->protocol->callback(wsi, LWS_CALLBACK_BROADCAST, wsi->user_space, buf, len); } } return 0; } /* * We're being called from a different process context than the server * loop. Instead of broadcasting directly, we send our * payload on a socket to do the IPC; the server process will serialize * the broadcast action in its main poll() loop. * * There's one broadcast socket listening for each protocol supported * set up when the websocket server initializes */ n = send(protocol->broadcast_socket_user_fd, buf, len, MSG_NOSIGNAL); return n; }