diff --git a/Makefile b/Makefile index 04c817cf2e..64f90a01ff 100644 --- a/Makefile +++ b/Makefile @@ -28,7 +28,7 @@ # It's authors were Jonathan Wallace and Bernhard Fluehmann. -objects = network_utilities.o sha1.o base64.o +objects = network_utilities.o sha1.o base64.o md5.o libs = -lboost_system -lboost_date_time -lboost_regex -lboost_random -lboost_program_options @@ -139,6 +139,9 @@ $(objdir)/sha1.o: $(srcdir)/sha1/sha1.cpp $(objdir)/base64.o: $(srcdir)/base64/base64.cpp $(CXX) $< -o $@ $(CXXFLAGS) +$(objdir)/md5.o: $(srcdir)/md5/md5.c + $(CXX) $< -o $@ $(CXXFLAGS) + $(objdir)/%.o: $(srcdir)/%.cpp $(CXX) $< -o $@ $(CXXFLAGS) diff --git a/src/http/parser.hpp b/src/http/parser.hpp index 4e701b56b4..7b1b5e9a0d 100644 --- a/src/http/parser.hpp +++ b/src/http/parser.hpp @@ -253,7 +253,6 @@ private: status_code::value m_status_code; std::string m_status_msg; }; - } } diff --git a/src/md5/md5.c b/src/md5/md5.c new file mode 100644 index 0000000000..c35d96c5ef --- /dev/null +++ b/src/md5/md5.c @@ -0,0 +1,381 @@ +/* + Copyright (C) 1999, 2000, 2002 Aladdin Enterprises. All rights reserved. + + This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. + + Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. + 2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. + 3. This notice may not be removed or altered from any source distribution. + + L. Peter Deutsch + ghost@aladdin.com + + */ +/* $Id: md5.c,v 1.6 2002/04/13 19:20:28 lpd Exp $ */ +/* + Independent implementation of MD5 (RFC 1321). + + This code implements the MD5 Algorithm defined in RFC 1321, whose + text is available at + http://www.ietf.org/rfc/rfc1321.txt + The code is derived from the text of the RFC, including the test suite + (section A.5) but excluding the rest of Appendix A. It does not include + any code or documentation that is identified in the RFC as being + copyrighted. + + The original and principal author of md5.c is L. Peter Deutsch + . Other authors are noted in the change history + that follows (in reverse chronological order): + + 2002-04-13 lpd Clarified derivation from RFC 1321; now handles byte order + either statically or dynamically; added missing #include + in library. + 2002-03-11 lpd Corrected argument list for main(), and added int return + type, in test program and T value program. + 2002-02-21 lpd Added missing #include in test program. + 2000-07-03 lpd Patched to eliminate warnings about "constant is + unsigned in ANSI C, signed in traditional"; made test program + self-checking. + 1999-11-04 lpd Edited comments slightly for automatic TOC extraction. + 1999-10-18 lpd Fixed typo in header comment (ansi2knr rather than md5). + 1999-05-03 lpd Original version. + */ + +#include "md5.h" +#include + +#undef BYTE_ORDER /* 1 = big-endian, -1 = little-endian, 0 = unknown */ +#ifdef ARCH_IS_BIG_ENDIAN +# define BYTE_ORDER (ARCH_IS_BIG_ENDIAN ? 1 : -1) +#else +# define BYTE_ORDER 0 +#endif + +#define T_MASK ((md5_word_t)~0) +#define T1 /* 0xd76aa478 */ (T_MASK ^ 0x28955b87) +#define T2 /* 0xe8c7b756 */ (T_MASK ^ 0x173848a9) +#define T3 0x242070db +#define T4 /* 0xc1bdceee */ (T_MASK ^ 0x3e423111) +#define T5 /* 0xf57c0faf */ (T_MASK ^ 0x0a83f050) +#define T6 0x4787c62a +#define T7 /* 0xa8304613 */ (T_MASK ^ 0x57cfb9ec) +#define T8 /* 0xfd469501 */ (T_MASK ^ 0x02b96afe) +#define T9 0x698098d8 +#define T10 /* 0x8b44f7af */ (T_MASK ^ 0x74bb0850) +#define T11 /* 0xffff5bb1 */ (T_MASK ^ 0x0000a44e) +#define T12 /* 0x895cd7be */ (T_MASK ^ 0x76a32841) +#define T13 0x6b901122 +#define T14 /* 0xfd987193 */ (T_MASK ^ 0x02678e6c) +#define T15 /* 0xa679438e */ (T_MASK ^ 0x5986bc71) +#define T16 0x49b40821 +#define T17 /* 0xf61e2562 */ (T_MASK ^ 0x09e1da9d) +#define T18 /* 0xc040b340 */ (T_MASK ^ 0x3fbf4cbf) +#define T19 0x265e5a51 +#define T20 /* 0xe9b6c7aa */ (T_MASK ^ 0x16493855) +#define T21 /* 0xd62f105d */ (T_MASK ^ 0x29d0efa2) +#define T22 0x02441453 +#define T23 /* 0xd8a1e681 */ (T_MASK ^ 0x275e197e) +#define T24 /* 0xe7d3fbc8 */ (T_MASK ^ 0x182c0437) +#define T25 0x21e1cde6 +#define T26 /* 0xc33707d6 */ (T_MASK ^ 0x3cc8f829) +#define T27 /* 0xf4d50d87 */ (T_MASK ^ 0x0b2af278) +#define T28 0x455a14ed +#define T29 /* 0xa9e3e905 */ (T_MASK ^ 0x561c16fa) +#define T30 /* 0xfcefa3f8 */ (T_MASK ^ 0x03105c07) +#define T31 0x676f02d9 +#define T32 /* 0x8d2a4c8a */ (T_MASK ^ 0x72d5b375) +#define T33 /* 0xfffa3942 */ (T_MASK ^ 0x0005c6bd) +#define T34 /* 0x8771f681 */ (T_MASK ^ 0x788e097e) +#define T35 0x6d9d6122 +#define T36 /* 0xfde5380c */ (T_MASK ^ 0x021ac7f3) +#define T37 /* 0xa4beea44 */ (T_MASK ^ 0x5b4115bb) +#define T38 0x4bdecfa9 +#define T39 /* 0xf6bb4b60 */ (T_MASK ^ 0x0944b49f) +#define T40 /* 0xbebfbc70 */ (T_MASK ^ 0x4140438f) +#define T41 0x289b7ec6 +#define T42 /* 0xeaa127fa */ (T_MASK ^ 0x155ed805) +#define T43 /* 0xd4ef3085 */ (T_MASK ^ 0x2b10cf7a) +#define T44 0x04881d05 +#define T45 /* 0xd9d4d039 */ (T_MASK ^ 0x262b2fc6) +#define T46 /* 0xe6db99e5 */ (T_MASK ^ 0x1924661a) +#define T47 0x1fa27cf8 +#define T48 /* 0xc4ac5665 */ (T_MASK ^ 0x3b53a99a) +#define T49 /* 0xf4292244 */ (T_MASK ^ 0x0bd6ddbb) +#define T50 0x432aff97 +#define T51 /* 0xab9423a7 */ (T_MASK ^ 0x546bdc58) +#define T52 /* 0xfc93a039 */ (T_MASK ^ 0x036c5fc6) +#define T53 0x655b59c3 +#define T54 /* 0x8f0ccc92 */ (T_MASK ^ 0x70f3336d) +#define T55 /* 0xffeff47d */ (T_MASK ^ 0x00100b82) +#define T56 /* 0x85845dd1 */ (T_MASK ^ 0x7a7ba22e) +#define T57 0x6fa87e4f +#define T58 /* 0xfe2ce6e0 */ (T_MASK ^ 0x01d3191f) +#define T59 /* 0xa3014314 */ (T_MASK ^ 0x5cfebceb) +#define T60 0x4e0811a1 +#define T61 /* 0xf7537e82 */ (T_MASK ^ 0x08ac817d) +#define T62 /* 0xbd3af235 */ (T_MASK ^ 0x42c50dca) +#define T63 0x2ad7d2bb +#define T64 /* 0xeb86d391 */ (T_MASK ^ 0x14792c6e) + + +static void +md5_process(md5_state_t *pms, const md5_byte_t *data /*[64]*/) +{ + md5_word_t + a = pms->abcd[0], b = pms->abcd[1], + c = pms->abcd[2], d = pms->abcd[3]; + md5_word_t t; +#if BYTE_ORDER > 0 + /* Define storage only for big-endian CPUs. */ + md5_word_t X[16]; +#else + /* Define storage for little-endian or both types of CPUs. */ + md5_word_t xbuf[16]; + const md5_word_t *X; +#endif + + { +#if BYTE_ORDER == 0 + /* + * Determine dynamically whether this is a big-endian or + * little-endian machine, since we can use a more efficient + * algorithm on the latter. + */ + static const int w = 1; + + if (*((const md5_byte_t *)&w)) /* dynamic little-endian */ +#endif +#if BYTE_ORDER <= 0 /* little-endian */ + { + /* + * On little-endian machines, we can process properly aligned + * data without copying it. + */ + if (!((data - (const md5_byte_t *)0) & 3)) { + /* data are properly aligned */ + X = (const md5_word_t *)data; + } else { + /* not aligned */ + memcpy(xbuf, data, 64); + X = xbuf; + } + } +#endif +#if BYTE_ORDER == 0 + else /* dynamic big-endian */ +#endif +#if BYTE_ORDER >= 0 /* big-endian */ + { + /* + * On big-endian machines, we must arrange the bytes in the + * right order. + */ + const md5_byte_t *xp = data; + int i; + +# if BYTE_ORDER == 0 + X = xbuf; /* (dynamic only) */ +# else +# define xbuf X /* (static only) */ +# endif + for (i = 0; i < 16; ++i, xp += 4) + xbuf[i] = xp[0] + (xp[1] << 8) + (xp[2] << 16) + (xp[3] << 24); + } +#endif + } + +#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32 - (n)))) + + /* Round 1. */ + /* Let [abcd k s i] denote the operation + a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s). */ +#define F(x, y, z) (((x) & (y)) | (~(x) & (z))) +#define SET(a, b, c, d, k, s, Ti)\ + t = a + F(b,c,d) + X[k] + Ti;\ + a = ROTATE_LEFT(t, s) + b + /* Do the following 16 operations. */ + SET(a, b, c, d, 0, 7, T1); + SET(d, a, b, c, 1, 12, T2); + SET(c, d, a, b, 2, 17, T3); + SET(b, c, d, a, 3, 22, T4); + SET(a, b, c, d, 4, 7, T5); + SET(d, a, b, c, 5, 12, T6); + SET(c, d, a, b, 6, 17, T7); + SET(b, c, d, a, 7, 22, T8); + SET(a, b, c, d, 8, 7, T9); + SET(d, a, b, c, 9, 12, T10); + SET(c, d, a, b, 10, 17, T11); + SET(b, c, d, a, 11, 22, T12); + SET(a, b, c, d, 12, 7, T13); + SET(d, a, b, c, 13, 12, T14); + SET(c, d, a, b, 14, 17, T15); + SET(b, c, d, a, 15, 22, T16); +#undef SET + + /* Round 2. */ + /* Let [abcd k s i] denote the operation + a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s). */ +#define G(x, y, z) (((x) & (z)) | ((y) & ~(z))) +#define SET(a, b, c, d, k, s, Ti)\ + t = a + G(b,c,d) + X[k] + Ti;\ + a = ROTATE_LEFT(t, s) + b + /* Do the following 16 operations. */ + SET(a, b, c, d, 1, 5, T17); + SET(d, a, b, c, 6, 9, T18); + SET(c, d, a, b, 11, 14, T19); + SET(b, c, d, a, 0, 20, T20); + SET(a, b, c, d, 5, 5, T21); + SET(d, a, b, c, 10, 9, T22); + SET(c, d, a, b, 15, 14, T23); + SET(b, c, d, a, 4, 20, T24); + SET(a, b, c, d, 9, 5, T25); + SET(d, a, b, c, 14, 9, T26); + SET(c, d, a, b, 3, 14, T27); + SET(b, c, d, a, 8, 20, T28); + SET(a, b, c, d, 13, 5, T29); + SET(d, a, b, c, 2, 9, T30); + SET(c, d, a, b, 7, 14, T31); + SET(b, c, d, a, 12, 20, T32); +#undef SET + + /* Round 3. */ + /* Let [abcd k s t] denote the operation + a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */ +#define H(x, y, z) ((x) ^ (y) ^ (z)) +#define SET(a, b, c, d, k, s, Ti)\ + t = a + H(b,c,d) + X[k] + Ti;\ + a = ROTATE_LEFT(t, s) + b + /* Do the following 16 operations. */ + SET(a, b, c, d, 5, 4, T33); + SET(d, a, b, c, 8, 11, T34); + SET(c, d, a, b, 11, 16, T35); + SET(b, c, d, a, 14, 23, T36); + SET(a, b, c, d, 1, 4, T37); + SET(d, a, b, c, 4, 11, T38); + SET(c, d, a, b, 7, 16, T39); + SET(b, c, d, a, 10, 23, T40); + SET(a, b, c, d, 13, 4, T41); + SET(d, a, b, c, 0, 11, T42); + SET(c, d, a, b, 3, 16, T43); + SET(b, c, d, a, 6, 23, T44); + SET(a, b, c, d, 9, 4, T45); + SET(d, a, b, c, 12, 11, T46); + SET(c, d, a, b, 15, 16, T47); + SET(b, c, d, a, 2, 23, T48); +#undef SET + + /* Round 4. */ + /* Let [abcd k s t] denote the operation + a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */ +#define I(x, y, z) ((y) ^ ((x) | ~(z))) +#define SET(a, b, c, d, k, s, Ti)\ + t = a + I(b,c,d) + X[k] + Ti;\ + a = ROTATE_LEFT(t, s) + b + /* Do the following 16 operations. */ + SET(a, b, c, d, 0, 6, T49); + SET(d, a, b, c, 7, 10, T50); + SET(c, d, a, b, 14, 15, T51); + SET(b, c, d, a, 5, 21, T52); + SET(a, b, c, d, 12, 6, T53); + SET(d, a, b, c, 3, 10, T54); + SET(c, d, a, b, 10, 15, T55); + SET(b, c, d, a, 1, 21, T56); + SET(a, b, c, d, 8, 6, T57); + SET(d, a, b, c, 15, 10, T58); + SET(c, d, a, b, 6, 15, T59); + SET(b, c, d, a, 13, 21, T60); + SET(a, b, c, d, 4, 6, T61); + SET(d, a, b, c, 11, 10, T62); + SET(c, d, a, b, 2, 15, T63); + SET(b, c, d, a, 9, 21, T64); +#undef SET + + /* Then perform the following additions. (That is increment each + of the four registers by the value it had before this block + was started.) */ + pms->abcd[0] += a; + pms->abcd[1] += b; + pms->abcd[2] += c; + pms->abcd[3] += d; +} + +void +md5_init(md5_state_t *pms) +{ + pms->count[0] = pms->count[1] = 0; + pms->abcd[0] = 0x67452301; + pms->abcd[1] = /*0xefcdab89*/ T_MASK ^ 0x10325476; + pms->abcd[2] = /*0x98badcfe*/ T_MASK ^ 0x67452301; + pms->abcd[3] = 0x10325476; +} + +void +md5_append(md5_state_t *pms, const md5_byte_t *data, int nbytes) +{ + const md5_byte_t *p = data; + int left = nbytes; + int offset = (pms->count[0] >> 3) & 63; + md5_word_t nbits = (md5_word_t)(nbytes << 3); + + if (nbytes <= 0) + return; + + /* Update the message length. */ + pms->count[1] += nbytes >> 29; + pms->count[0] += nbits; + if (pms->count[0] < nbits) + pms->count[1]++; + + /* Process an initial partial block. */ + if (offset) { + int copy = (offset + nbytes > 64 ? 64 - offset : nbytes); + + memcpy(pms->buf + offset, p, copy); + if (offset + copy < 64) + return; + p += copy; + left -= copy; + md5_process(pms, pms->buf); + } + + /* Process full blocks. */ + for (; left >= 64; p += 64, left -= 64) + md5_process(pms, p); + + /* Process a final partial block. */ + if (left) + memcpy(pms->buf, p, left); +} + +void +md5_finish(md5_state_t *pms, md5_byte_t digest[16]) +{ + static const md5_byte_t pad[64] = { + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 + }; + md5_byte_t data[8]; + int i; + + /* Save the length before padding. */ + for (i = 0; i < 8; ++i) + data[i] = (md5_byte_t)(pms->count[i >> 2] >> ((i & 3) << 3)); + /* Pad to 56 bytes mod 64. */ + md5_append(pms, pad, ((55 - (pms->count[0] >> 3)) & 63) + 1); + /* Append the length. */ + md5_append(pms, data, 8); + for (i = 0; i < 16; ++i) + digest[i] = (md5_byte_t)(pms->abcd[i >> 2] >> ((i & 3) << 3)); +} diff --git a/src/md5/md5.h b/src/md5/md5.h new file mode 100644 index 0000000000..698c995d8f --- /dev/null +++ b/src/md5/md5.h @@ -0,0 +1,91 @@ +/* + Copyright (C) 1999, 2002 Aladdin Enterprises. All rights reserved. + + This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. + + Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. + 2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. + 3. This notice may not be removed or altered from any source distribution. + + L. Peter Deutsch + ghost@aladdin.com + + */ +/* $Id: md5.h,v 1.4 2002/04/13 19:20:28 lpd Exp $ */ +/* + Independent implementation of MD5 (RFC 1321). + + This code implements the MD5 Algorithm defined in RFC 1321, whose + text is available at + http://www.ietf.org/rfc/rfc1321.txt + The code is derived from the text of the RFC, including the test suite + (section A.5) but excluding the rest of Appendix A. It does not include + any code or documentation that is identified in the RFC as being + copyrighted. + + The original and principal author of md5.h is L. Peter Deutsch + . Other authors are noted in the change history + that follows (in reverse chronological order): + + 2002-04-13 lpd Removed support for non-ANSI compilers; removed + references to Ghostscript; clarified derivation from RFC 1321; + now handles byte order either statically or dynamically. + 1999-11-04 lpd Edited comments slightly for automatic TOC extraction. + 1999-10-18 lpd Fixed typo in header comment (ansi2knr rather than md5); + added conditionalization for C++ compilation from Martin + Purschke . + 1999-05-03 lpd Original version. + */ + +#ifndef md5_INCLUDED +# define md5_INCLUDED + +/* + * This package supports both compile-time and run-time determination of CPU + * byte order. If ARCH_IS_BIG_ENDIAN is defined as 0, the code will be + * compiled to run only on little-endian CPUs; if ARCH_IS_BIG_ENDIAN is + * defined as non-zero, the code will be compiled to run only on big-endian + * CPUs; if ARCH_IS_BIG_ENDIAN is not defined, the code will be compiled to + * run on either big- or little-endian CPUs, but will run slightly less + * efficiently on either one than if ARCH_IS_BIG_ENDIAN is defined. + */ + +typedef unsigned char md5_byte_t; /* 8-bit byte */ +typedef unsigned int md5_word_t; /* 32-bit word */ + +/* Define the state of the MD5 Algorithm. */ +typedef struct md5_state_s { + md5_word_t count[2]; /* message length in bits, lsw first */ + md5_word_t abcd[4]; /* digest buffer */ + md5_byte_t buf[64]; /* accumulate block */ +} md5_state_t; + +#ifdef __cplusplus +extern "C" +{ +#endif + +/* Initialize the algorithm. */ +void md5_init(md5_state_t *pms); + +/* Append a string to the message. */ +void md5_append(md5_state_t *pms, const md5_byte_t *data, int nbytes); + +/* Finish the message and return the digest. */ +void md5_finish(md5_state_t *pms, md5_byte_t digest[16]); + +#ifdef __cplusplus +} /* end extern "C" */ +#endif + +#endif /* md5_INCLUDED */ diff --git a/src/network_utilities.cpp b/src/network_utilities.cpp index 9ebf52b9b7..571ef1a1ab 100644 --- a/src/network_utilities.cpp +++ b/src/network_utilities.cpp @@ -27,6 +27,9 @@ #include "network_utilities.hpp" +#include +#include "md5/md5.h" + uint64_t htonll(uint64_t src) { static int typ = TYP_INIT; unsigned char c; @@ -173,3 +176,49 @@ bool websocketpp::ws_uri::parse(const std::string& uri) { } } + +std::string websocketpp::ws_uri::base() { + std::stringstream s; + + s << "ws" << (secure ? "s" : "") << "://" << host; + + if (port != (secure ? 443 : 80)) { + s << ":" << port; + } + + s << "/"; + return s.str(); +} + +void md5_hash_string(char *string,char *hash) { + md5_state_t state; + + md5_init(&state); + md5_append(&state, (const md5_byte_t *)string, 16); + md5_finish(&state, (md5_byte_t *)hash); +} + +// Given a hybi 00 websocket key returns the 32 bit decoded value or 0 on error. +uint32_t decode_hybi_00_client_key(const std::string& key) { + int spaces = 0; + std::string digits = ""; + uint32_t num; + + // key2 + for (size_t i = 0; i < key.size(); i++) { + if (key[i] == ' ') { + spaces++; + } else if (key[i] >= '0' && key[i] <= '9') { + digits += key[i]; + } + } + + num = atoi(digits.c_str()); + if (spaces > 0 && num > 0) { + return htonl(num/spaces); + } else { + return 0; + } +} + + diff --git a/src/network_utilities.hpp b/src/network_utilities.hpp index a5871219e8..6404726e17 100644 --- a/src/network_utilities.hpp +++ b/src/network_utilities.hpp @@ -32,6 +32,8 @@ #include #include + + // http://www.viva64.com/en/k/0018/ // TODO: impliment stuff from here: // http://stackoverflow.com/questions/809902/64-bit-ntohl-in-c @@ -49,7 +51,8 @@ std::string lookup_ws_close_status_string(uint16_t code); namespace websocketpp { struct ws_uri { bool parse(const std::string& uri); - + std::string base(); + bool secure; std::string host; uint16_t port; @@ -57,5 +60,11 @@ struct ws_uri { }; } +// calculate the md5 hash of string and store it in the 16 byte hash buffer +void md5_hash_string(char *string,char *hash); + + + +uint32_t decode_hybi_00_client_key(const std::string& key); #endif // NETWORK_UTILITIES_HPP diff --git a/src/websocket_frame.hpp b/src/websocket_frame.hpp index bc93f0919f..fe88027e6a 100644 --- a/src/websocket_frame.hpp +++ b/src/websocket_frame.hpp @@ -638,6 +638,106 @@ private: rng_policy& m_rng; }; +class hybi_00_parser { +public: + // TODO: not hardcode this + static const uint64_t max_payload_size = 100000000; // 100MB + + hybi_00_parser() : m_state(STATE_READ_TYPE) { + reset(); + } + + bool ready() const { + return m_state == STATE_READY; + } + uint64_t get_bytes_needed() const { + return 1; + } + void reset() { + m_state = STATE_READ_TYPE; + } + + void set_fin(bool fin) {} + void set_opcode(opcode::value op) { + if (op != frame::opcode::TEXT) { + // TODO: what happens when you try to send non-text to a hybi_00 frame + } + } + + // hybi_00 frames are UTF-8 text only. + opcode::value get_opcode() const { + return frame::opcode::TEXT; + } + + void set_payload(const std::string source) { + if (source.size() > max_payload_size) { + throw exception("requested payload is over implimentation defined limit",error::MESSAGE_TOO_BIG); + } + + // TODO: utf8 validation? + + m_payload.resize(source.size()+2); + + m_payload[0] = 0x00; + std::copy(source.begin(),source.end(),m_payload.begin()+1); + m_payload[m_payload.size()-1] = 0xFF; + } + + void set_masked(bool masked) {} + + void process_payload() {} + + bool is_control() const { + return false; + } + + std::vector &get_payload() { + return m_payload; + } + + char* get_header() { + // TODO: this might be a problem + return NULL; + } + + unsigned int get_header_len() const { + return 0; + } + + void validate_utf8(uint32_t* state,uint32_t* codep,size_t offset = 0) const { + for (size_t i = offset; i < m_payload.size(); i++) { + using utf8_validator::decode; + + if (decode(state,codep,m_payload[i]) == utf8_validator::UTF8_REJECT) { + throw exception("Invalid UTF-8 Data",error::PAYLOAD_VIOLATION); + } + } + } + + // Method invariant: One of the following must always be true even in the case + // of exceptions. + // - m_bytes_needed > 0 + // - m-state = STATE_READY + void consume(std::istream &s) { + // read a byte. if it is 0x00 then read payload bytes until 0xFF. + // otherwise it may be another type of frame. Test whether or not + // hybi00 clients actually send them. + + // should do streaming utf8 validation and throw an exception on error. + } +private: + static const uint8_t STATE_READ_TYPE = 1; + static const uint8_t STATE_READ_LENGTH = 2; + static const uint8_t STATE_READ_PAYLOAD = 3; + static const uint8_t STATE_READY = 4; + + uint8_t m_state; + std::vector m_payload; +}; + + + + } } diff --git a/src/websocket_server.hpp b/src/websocket_server.hpp index c5918fc6e4..c664e5ae71 100644 --- a/src/websocket_server.hpp +++ b/src/websocket_server.hpp @@ -210,7 +210,7 @@ public: throw(handshake_error(err.str(),http::status_code::BAD_REQUEST)); } - if (handshake.header("Sec-WebSocket-Key") == "") { + if (handshake.header("Sec-WebSocket-Key") == "" && handshake.header("Sec-WebSocket-Key1") == "" && handshake.header("Sec-WebSocket-Key2") == "") { throw(handshake_error("Required Sec-WebSocket-Key header is missing",http::status_code::BAD_REQUEST)); } @@ -218,7 +218,7 @@ public: if (h == "") { // TODO: if we want to support draft 00 this line should set version to 0 // rather than bail - throw(handshake_error("Required Sec-WebSocket-Version header is missing",http::status_code::BAD_REQUEST)); + //throw(handshake_error("Required Sec-WebSocket-Version header is missing",http::status_code::BAD_REQUEST)); } else { int version = atoi(h.c_str()); diff --git a/src/websocket_session.hpp b/src/websocket_session.hpp index f7a0cea58f..76c48bddf0 100644 --- a/src/websocket_session.hpp +++ b/src/websocket_session.hpp @@ -561,6 +561,35 @@ public: m_origin = m_request.header(h); + // TODO: how does a server know if it is secure or not? + // set m_uri based on client host header + // TODO: what if uri is a full uri? + m_uri.secure = false; + m_uri.host = "localhost"; + m_uri.port = 9002; + m_uri.resource = m_request.uri(); + + h = m_request.header("Sec-WebSocket-Version"); + + // TODO: the generic consume API will handle this better. + // if we have determined that this is trying to be a websocket + // connection for hybi-00 read the key after the HTTP request. + if (m_version == 0) { + char foo[9]; + foo[8] = 0; + + request.get(foo,9); + + if (request.gcount() != 8) { + + std::cout << "gcount: " << request.gcount() << " foo: " << foo << std::endl; + + throw handshake_error("Missing Key3",http::status_code::BAD_REQUEST); + } + + m_request.set_header("Sec-WebSocket-Key3",std::string(foo)); + } + // TODO: extract subprotocols? // TODO: extract extensions? @@ -592,36 +621,74 @@ public: m_response.set_version("HTTP/1.1"); + char digest[17]; + if (m_response.status_code() == http::status_code::SWITCHING_PROTOCOLS) { - std::string server_key = m_request.header("Sec-WebSocket-Key"); - server_key += "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"; - - SHA1 sha; - uint32_t message_digest[5]; - - sha.Reset(); - sha << server_key.c_str(); - - if (sha.Result(message_digest)){ - // convert sha1 hash bytes to network byte order because this sha1 - // library works on ints rather than bytes - for (int i = 0; i < 5; i++) { - message_digest[i] = htonl(message_digest[i]); - } + if (m_version == 0) { + char key_final[16]; - server_key = base64_encode( - reinterpret_cast(message_digest),20 - ); + // key1 + *reinterpret_cast(&key_final[0]) = decode_hybi_00_client_key( + m_request.header("Sec-WebSocket-Key2")); + + // key2 + *reinterpret_cast(&key_final[4]) = decode_hybi_00_client_key( + m_request.header("Sec-WebSocket-Key2")); + + // key3 + memcpy(&key_final[8], + m_request.header("Sec-WebSocket-Key3").c_str(), + 8); + + // md5 + md5_hash_string(key_final,digest); + digest[16] = 0; - // set handshake accept headers - m_response.replace_header("Sec-WebSocket-Accept",server_key); m_response.set_header("Upgrade","websocket"); m_response.set_header("Connection","Upgrade"); - } else { - m_endpoint->elog().at(log::elevel::ERROR) - << "Error computing handshake sha1 hash" << log::endl; - m_response.set_status(http::status_code::INTERNAL_SERVER_ERROR); + // Echo back client's origin unless our local application set a + // more restrictive one. + if (m_response.header("Sec-WebSocket-Origin") == "") { + m_response.set_header("Sec-WebSocket-Origin",m_request.header("Origin")); + } + + // Echo back the client's request host unless our local application + // set a different one. + if (m_response.header("Sec-WebSocket-Location") == "") { + m_response.set_header("Sec-WebSocket-Location",m_uri.base()); + } + } else { + std::string server_key = m_request.header("Sec-WebSocket-Key"); + server_key += "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"; + + SHA1 sha; + uint32_t message_digest[5]; + + sha.Reset(); + sha << server_key.c_str(); + + if (sha.Result(message_digest)){ + // convert sha1 hash bytes to network byte order because this sha1 + // library works on ints rather than bytes + for (int i = 0; i < 5; i++) { + message_digest[i] = htonl(message_digest[i]); + } + + server_key = base64_encode( + reinterpret_cast(message_digest),20 + ); + + // set handshake accept headers + m_response.replace_header("Sec-WebSocket-Accept",server_key); + m_response.set_header("Upgrade","websocket"); + m_response.set_header("Connection","Upgrade"); + } else { + m_endpoint->elog().at(log::elevel::ERROR) + << "Error computing handshake sha1 hash" << log::endl; + + m_response.set_status(http::status_code::INTERNAL_SERVER_ERROR); + } } } @@ -638,10 +705,16 @@ public: m_endpoint->alog().at(log::alevel::DEBUG_HANDSHAKE) << m_response.raw() << log::endl; + std::string raw = m_response.raw(); + + if (m_version == 0) { + raw += digest; + } + // start async write to handle_write_handshake boost::asio::async_write( m_socket, - boost::asio::buffer(m_response.raw()), + boost::asio::buffer(raw), boost::bind( &session_type::handle_write_response, session_type::shared_from_this(), diff --git a/websocketpp.xcodeproj/project.pbxproj b/websocketpp.xcodeproj/project.pbxproj index 975e9529a9..b0085b938c 100644 --- a/websocketpp.xcodeproj/project.pbxproj +++ b/websocketpp.xcodeproj/project.pbxproj @@ -71,6 +71,10 @@ B6FE8CEC145A0F1900B32547 /* libboost_program_options.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = B6FE8CEB145A0F1900B32547 /* libboost_program_options.dylib */; }; B6FE8D06145AFF5F00B32547 /* websocket_constants.hpp in Headers */ = {isa = PBXBuildFile; fileRef = B6FE8D05145AFF5F00B32547 /* websocket_constants.hpp */; }; B6FE8D07145AFF5F00B32547 /* websocket_constants.hpp in Headers */ = {isa = PBXBuildFile; fileRef = B6FE8D05145AFF5F00B32547 /* websocket_constants.hpp */; }; + B6FE8D181468707200B32547 /* md5.c in Sources */ = {isa = PBXBuildFile; fileRef = B6FE8D1614686A8500B32547 /* md5.c */; }; + B6FE8D191468708200B32547 /* md5.h in Headers */ = {isa = PBXBuildFile; fileRef = B6FE8D1714686A8500B32547 /* md5.h */; }; + B6FE8D1A1468709300B32547 /* md5.c in Sources */ = {isa = PBXBuildFile; fileRef = B6FE8D1614686A8500B32547 /* md5.c */; }; + B6FE8D1B1468709A00B32547 /* md5.h in Headers */ = {isa = PBXBuildFile; fileRef = B6FE8D1714686A8500B32547 /* md5.h */; }; /* End PBXBuildFile section */ /* Begin PBXContainerItemProxy section */ @@ -187,6 +191,8 @@ B6FE8CE2144DE17F00B32547 /* readme.txt */ = {isa = PBXFileReference; lastKnownFileType = text; path = readme.txt; sourceTree = ""; }; B6FE8CEB145A0F1900B32547 /* libboost_program_options.dylib */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.dylib"; name = libboost_program_options.dylib; path = usr/local/lib/libboost_program_options.dylib; sourceTree = SDKROOT; }; B6FE8D05145AFF5F00B32547 /* websocket_constants.hpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.h; name = websocket_constants.hpp; path = src/websocket_constants.hpp; sourceTree = ""; }; + B6FE8D1614686A8500B32547 /* md5.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; name = md5.c; path = src/md5/md5.c; sourceTree = ""; }; + B6FE8D1714686A8500B32547 /* md5.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = md5.h; path = src/md5/md5.h; sourceTree = ""; }; /* End PBXFileReference section */ /* Begin PBXFrameworksBuildPhase section */ @@ -305,6 +311,7 @@ B6DF1C7F1434ABB70029A1B1 /* src */ = { isa = PBXGroup; children = ( + B6FE8D1414686A6D00B32547 /* md5 */, B61387B51462B34400ED9B19 /* logger */, B61387A4145D847A00ED9B19 /* http */, B6FE8D09145B0F7400B32547 /* rng */, @@ -438,6 +445,15 @@ name = rng; sourceTree = ""; }; + B6FE8D1414686A6D00B32547 /* md5 */ = { + isa = PBXGroup; + children = ( + B6FE8D1614686A8500B32547 /* md5.c */, + B6FE8D1714686A8500B32547 /* md5.h */, + ); + name = md5; + sourceTree = ""; + }; /* End PBXGroup section */ /* Begin PBXHeadersBuildPhase section */ @@ -447,6 +463,7 @@ files = ( B6DF1CBA1434AC470029A1B1 /* websocketpp.hpp in Headers */, B6DF1CA81434AC470029A1B1 /* websocket_connection_handler.hpp in Headers */, + B6FE8D1B1468709A00B32547 /* md5.h in Headers */, B6DF1C7E1434AB9E0029A1B1 /* network_utilities.hpp in Headers */, B6DF1C851434ABE20029A1B1 /* base64.h in Headers */, B6DF1C8C1434AC330029A1B1 /* sha1.h in Headers */, @@ -468,6 +485,7 @@ files = ( B6DF1CBB1434AC470029A1B1 /* websocketpp.hpp in Headers */, B6DF1CA91434AC470029A1B1 /* websocket_connection_handler.hpp in Headers */, + B6FE8D191468708200B32547 /* md5.h in Headers */, B6DF1C7D1434AB920029A1B1 /* network_utilities.hpp in Headers */, B6DF1C861434ABE20029A1B1 /* base64.h in Headers */, B6DF1C8D1434AC330029A1B1 /* sha1.h in Headers */, @@ -625,6 +643,7 @@ isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( + B6FE8D1A1468709300B32547 /* md5.c in Sources */, B6DF1C7A1434AB740029A1B1 /* network_utilities.cpp in Sources */, B6DF1C831434ABE20029A1B1 /* base64.cpp in Sources */, B6DF1C8A1434AC330029A1B1 /* sha1.cpp in Sources */, @@ -641,6 +660,7 @@ isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( + B6FE8D181468707200B32547 /* md5.c in Sources */, B6DF1CC41434AF9E0029A1B1 /* network_utilities.cpp in Sources */, B6DF1C841434ABE20029A1B1 /* base64.cpp in Sources */, B6DF1C8B1434AC330029A1B1 /* sha1.cpp in Sources */,