2 * QEMU I/O channels driver websockets
4 * Copyright (c) 2015 Red Hat, Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #include "qemu/osdep.h"
22 #include "qapi/error.h"
23 #include "qemu/bswap.h"
24 #include "io/channel-websock.h"
25 #include "crypto/hash.h"
28 #include "qemu/module.h"
30 /* Max amount to allow in rawinput/encoutput buffers */
31 #define QIO_CHANNEL_WEBSOCK_MAX_BUFFER 8192
33 #define QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN 24
34 #define QIO_CHANNEL_WEBSOCK_GUID "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
35 #define QIO_CHANNEL_WEBSOCK_GUID_LEN (sizeof(QIO_CHANNEL_WEBSOCK_GUID) - 1)
37 #define QIO_CHANNEL_WEBSOCK_HEADER_PROTOCOL "sec-websocket-protocol"
38 #define QIO_CHANNEL_WEBSOCK_HEADER_VERSION "sec-websocket-version"
39 #define QIO_CHANNEL_WEBSOCK_HEADER_KEY "sec-websocket-key"
40 #define QIO_CHANNEL_WEBSOCK_HEADER_UPGRADE "upgrade"
41 #define QIO_CHANNEL_WEBSOCK_HEADER_HOST "host"
42 #define QIO_CHANNEL_WEBSOCK_HEADER_CONNECTION "connection"
44 #define QIO_CHANNEL_WEBSOCK_PROTOCOL_BINARY "binary"
45 #define QIO_CHANNEL_WEBSOCK_CONNECTION_UPGRADE "Upgrade"
46 #define QIO_CHANNEL_WEBSOCK_UPGRADE_WEBSOCKET "websocket"
48 #define QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_COMMON \
49 "Server: QEMU VNC\r\n" \
52 #define QIO_CHANNEL_WEBSOCK_HANDSHAKE_WITH_PROTO_RES_OK \
53 "HTTP/1.1 101 Switching Protocols\r\n" \
54 QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_COMMON \
55 "Upgrade: websocket\r\n" \
56 "Connection: Upgrade\r\n" \
57 "Sec-WebSocket-Accept: %s\r\n" \
58 "Sec-WebSocket-Protocol: binary\r\n" \
60 #define QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_OK \
61 "HTTP/1.1 101 Switching Protocols\r\n" \
62 QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_COMMON \
63 "Upgrade: websocket\r\n" \
64 "Connection: Upgrade\r\n" \
65 "Sec-WebSocket-Accept: %s\r\n" \
67 #define QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_NOT_FOUND \
68 "HTTP/1.1 404 Not Found\r\n" \
69 QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_COMMON \
70 "Connection: close\r\n" \
72 #define QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_BAD_REQUEST \
73 "HTTP/1.1 400 Bad Request\r\n" \
74 QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_COMMON \
75 "Connection: close\r\n" \
76 "Sec-WebSocket-Version: " \
77 QIO_CHANNEL_WEBSOCK_SUPPORTED_VERSION \
79 #define QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_SERVER_ERR \
80 "HTTP/1.1 500 Internal Server Error\r\n" \
81 QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_COMMON \
82 "Connection: close\r\n" \
84 #define QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_TOO_LARGE \
85 "HTTP/1.1 403 Request Entity Too Large\r\n" \
86 QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_COMMON \
87 "Connection: close\r\n" \
89 #define QIO_CHANNEL_WEBSOCK_HANDSHAKE_DELIM "\r\n"
90 #define QIO_CHANNEL_WEBSOCK_HANDSHAKE_END "\r\n\r\n"
91 #define QIO_CHANNEL_WEBSOCK_SUPPORTED_VERSION "13"
92 #define QIO_CHANNEL_WEBSOCK_HTTP_METHOD "GET"
93 #define QIO_CHANNEL_WEBSOCK_HTTP_PATH "/"
94 #define QIO_CHANNEL_WEBSOCK_HTTP_VERSION "HTTP/1.1"
96 /* The websockets packet header is variable length
97 * depending on the size of the payload... */
99 /* ...length when using 7-bit payload length */
100 #define QIO_CHANNEL_WEBSOCK_HEADER_LEN_7_BIT 6
101 /* ...length when using 16-bit payload length */
102 #define QIO_CHANNEL_WEBSOCK_HEADER_LEN_16_BIT 8
103 /* ...length when using 64-bit payload length */
104 #define QIO_CHANNEL_WEBSOCK_HEADER_LEN_64_BIT 14
106 /* Length of the optional data mask field in header */
107 #define QIO_CHANNEL_WEBSOCK_HEADER_LEN_MASK 4
109 /* Maximum length that can fit in 7-bit payload size */
110 #define QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_THRESHOLD_7_BIT 126
111 /* Maximum length that can fit in 16-bit payload size */
112 #define QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_THRESHOLD_16_BIT 65536
114 /* Magic 7-bit length to indicate use of 16-bit payload length */
115 #define QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_MAGIC_16_BIT 126
116 /* Magic 7-bit length to indicate use of 64-bit payload length */
117 #define QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_MAGIC_64_BIT 127
119 /* Bitmasks for accessing header fields */
120 #define QIO_CHANNEL_WEBSOCK_HEADER_FIELD_FIN 0x80
121 #define QIO_CHANNEL_WEBSOCK_HEADER_FIELD_OPCODE 0x0f
122 #define QIO_CHANNEL_WEBSOCK_HEADER_FIELD_HAS_MASK 0x80
123 #define QIO_CHANNEL_WEBSOCK_HEADER_FIELD_PAYLOAD_LEN 0x7f
124 #define QIO_CHANNEL_WEBSOCK_CONTROL_OPCODE_MASK 0x8
126 typedef struct QIOChannelWebsockHeader QIOChannelWebsockHeader;
128 struct QEMU_PACKED QIOChannelWebsockHeader {
134 QIOChannelWebsockMask m16;
138 QIOChannelWebsockMask m64;
140 QIOChannelWebsockMask m;
144 typedef struct QIOChannelWebsockHTTPHeader QIOChannelWebsockHTTPHeader;
146 struct QIOChannelWebsockHTTPHeader {
152 QIO_CHANNEL_WEBSOCK_OPCODE_CONTINUATION = 0x0,
153 QIO_CHANNEL_WEBSOCK_OPCODE_TEXT_FRAME = 0x1,
154 QIO_CHANNEL_WEBSOCK_OPCODE_BINARY_FRAME = 0x2,
155 QIO_CHANNEL_WEBSOCK_OPCODE_CLOSE = 0x8,
156 QIO_CHANNEL_WEBSOCK_OPCODE_PING = 0x9,
157 QIO_CHANNEL_WEBSOCK_OPCODE_PONG = 0xA
160 static void G_GNUC_PRINTF(2, 3)
161 qio_channel_websock_handshake_send_res(QIOChannelWebsock *ioc,
169 va_start(vargs, resmsg);
170 response = g_strdup_vprintf(resmsg, vargs);
171 responselen = strlen(response);
172 buffer_reserve(&ioc->encoutput, responselen);
173 buffer_append(&ioc->encoutput, response, responselen);
178 static gchar *qio_channel_websock_date_str(void)
180 g_autoptr(GDateTime) now = g_date_time_new_now_utc();
182 return g_date_time_format(now, "%a, %d %b %Y %H:%M:%S GMT");
185 static void qio_channel_websock_handshake_send_res_err(QIOChannelWebsock *ioc,
188 char *date = qio_channel_websock_date_str();
189 qio_channel_websock_handshake_send_res(ioc, resdata, date);
194 QIO_CHANNEL_WEBSOCK_STATUS_NORMAL = 1000,
195 QIO_CHANNEL_WEBSOCK_STATUS_PROTOCOL_ERR = 1002,
196 QIO_CHANNEL_WEBSOCK_STATUS_INVALID_DATA = 1003,
197 QIO_CHANNEL_WEBSOCK_STATUS_POLICY = 1008,
198 QIO_CHANNEL_WEBSOCK_STATUS_TOO_LARGE = 1009,
199 QIO_CHANNEL_WEBSOCK_STATUS_SERVER_ERR = 1011,
203 qio_channel_websock_extract_headers(QIOChannelWebsock *ioc,
205 QIOChannelWebsockHTTPHeader *hdrs,
209 char *nl, *sep, *tmp;
213 * First parse the HTTP protocol greeting of format:
215 * $METHOD $PATH $VERSION
222 nl = strstr(buffer, QIO_CHANNEL_WEBSOCK_HANDSHAKE_DELIM);
224 error_setg(errp, "Missing HTTP header delimiter");
228 trace_qio_channel_websock_http_greeting(ioc, buffer);
230 tmp = strchr(buffer, ' ');
232 error_setg(errp, "Missing HTTP path delimiter");
237 if (!g_str_equal(buffer, QIO_CHANNEL_WEBSOCK_HTTP_METHOD)) {
238 error_setg(errp, "Unsupported HTTP method %s", buffer);
243 tmp = strchr(buffer, ' ');
245 error_setg(errp, "Missing HTTP version delimiter");
250 if (!g_str_equal(buffer, QIO_CHANNEL_WEBSOCK_HTTP_PATH)) {
251 qio_channel_websock_handshake_send_res_err(
252 ioc, QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_NOT_FOUND);
253 error_setg(errp, "Unexpected HTTP path %s", buffer);
259 if (!g_str_equal(buffer, QIO_CHANNEL_WEBSOCK_HTTP_VERSION)) {
260 error_setg(errp, "Unsupported HTTP version %s", buffer);
264 buffer = nl + strlen(QIO_CHANNEL_WEBSOCK_HANDSHAKE_DELIM);
267 * Now parse all the header fields of format
273 * Cache-control: no-cache
276 QIOChannelWebsockHTTPHeader *hdr;
278 nl = strstr(buffer, QIO_CHANNEL_WEBSOCK_HANDSHAKE_DELIM);
283 sep = strchr(buffer, ':');
285 error_setg(errp, "Malformed HTTP header");
290 while (*sep == ' ') {
294 if (nhdrs >= nhdrsalloc) {
295 error_setg(errp, "Too many HTTP headers");
299 hdr = &hdrs[nhdrs++];
303 /* Canonicalize header name for easier identification later */
304 for (tmp = hdr->name; *tmp; tmp++) {
305 *tmp = g_ascii_tolower(*tmp);
309 buffer = nl + strlen(QIO_CHANNEL_WEBSOCK_HANDSHAKE_DELIM);
311 } while (nl != NULL);
316 qio_channel_websock_handshake_send_res_err(
317 ioc, QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_BAD_REQUEST);
322 qio_channel_websock_find_header(QIOChannelWebsockHTTPHeader *hdrs,
328 for (i = 0; i < nhdrs; i++) {
329 if (g_str_equal(hdrs[i].name, name)) {
330 return hdrs[i].value;
338 static void qio_channel_websock_handshake_send_res_ok(QIOChannelWebsock *ioc,
340 const bool use_protocols,
343 char combined_key[QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN +
344 QIO_CHANNEL_WEBSOCK_GUID_LEN + 1];
348 g_strlcpy(combined_key, key, QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN + 1);
349 g_strlcat(combined_key, QIO_CHANNEL_WEBSOCK_GUID,
350 QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN +
351 QIO_CHANNEL_WEBSOCK_GUID_LEN + 1);
353 /* hash and encode it */
354 if (qcrypto_hash_base64(QCRYPTO_HASH_ALG_SHA1,
356 QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN +
357 QIO_CHANNEL_WEBSOCK_GUID_LEN,
360 qio_channel_websock_handshake_send_res_err(
361 ioc, QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_SERVER_ERR);
365 date = qio_channel_websock_date_str();
367 qio_channel_websock_handshake_send_res(
368 ioc, QIO_CHANNEL_WEBSOCK_HANDSHAKE_WITH_PROTO_RES_OK,
371 qio_channel_websock_handshake_send_res(
372 ioc, QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_OK, date, accept);
379 static void qio_channel_websock_handshake_process(QIOChannelWebsock *ioc,
383 QIOChannelWebsockHTTPHeader hdrs[32];
384 size_t nhdrs = G_N_ELEMENTS(hdrs);
385 const char *protocols = NULL, *version = NULL, *key = NULL,
386 *host = NULL, *connection = NULL, *upgrade = NULL;
388 bool upgraded = false;
391 nhdrs = qio_channel_websock_extract_headers(ioc, buffer, hdrs, nhdrs, errp);
396 protocols = qio_channel_websock_find_header(
397 hdrs, nhdrs, QIO_CHANNEL_WEBSOCK_HEADER_PROTOCOL);
399 version = qio_channel_websock_find_header(
400 hdrs, nhdrs, QIO_CHANNEL_WEBSOCK_HEADER_VERSION);
402 error_setg(errp, "Missing websocket version header data");
406 key = qio_channel_websock_find_header(
407 hdrs, nhdrs, QIO_CHANNEL_WEBSOCK_HEADER_KEY);
409 error_setg(errp, "Missing websocket key header data");
413 host = qio_channel_websock_find_header(
414 hdrs, nhdrs, QIO_CHANNEL_WEBSOCK_HEADER_HOST);
416 error_setg(errp, "Missing websocket host header data");
420 connection = qio_channel_websock_find_header(
421 hdrs, nhdrs, QIO_CHANNEL_WEBSOCK_HEADER_CONNECTION);
423 error_setg(errp, "Missing websocket connection header data");
427 upgrade = qio_channel_websock_find_header(
428 hdrs, nhdrs, QIO_CHANNEL_WEBSOCK_HEADER_UPGRADE);
430 error_setg(errp, "Missing websocket upgrade header data");
434 trace_qio_channel_websock_http_request(ioc, protocols, version,
435 host, connection, upgrade, key);
438 if (!g_strrstr(protocols, QIO_CHANNEL_WEBSOCK_PROTOCOL_BINARY)) {
439 error_setg(errp, "No '%s' protocol is supported by client '%s'",
440 QIO_CHANNEL_WEBSOCK_PROTOCOL_BINARY, protocols);
445 if (!g_str_equal(version, QIO_CHANNEL_WEBSOCK_SUPPORTED_VERSION)) {
446 error_setg(errp, "Version '%s' is not supported by client '%s'",
447 QIO_CHANNEL_WEBSOCK_SUPPORTED_VERSION, version);
451 if (strlen(key) != QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN) {
452 error_setg(errp, "Key length '%zu' was not as expected '%d'",
453 strlen(key), QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN);
457 connectionv = g_strsplit(connection, ",", 0);
458 for (i = 0; connectionv != NULL && connectionv[i] != NULL; i++) {
459 g_strstrip(connectionv[i]);
460 if (strcasecmp(connectionv[i],
461 QIO_CHANNEL_WEBSOCK_CONNECTION_UPGRADE) == 0) {
465 g_strfreev(connectionv);
467 error_setg(errp, "No connection upgrade requested '%s'", connection);
471 if (strcasecmp(upgrade, QIO_CHANNEL_WEBSOCK_UPGRADE_WEBSOCKET) != 0) {
472 error_setg(errp, "Incorrect upgrade method '%s'", upgrade);
476 qio_channel_websock_handshake_send_res_ok(ioc, key, !!protocols, errp);
480 qio_channel_websock_handshake_send_res_err(
481 ioc, QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_BAD_REQUEST);
484 static int qio_channel_websock_handshake_read(QIOChannelWebsock *ioc,
489 /* Typical HTTP headers from novnc are 512 bytes, so limiting
490 * total header size to 4096 is easily enough. */
491 size_t want = 4096 - ioc->encinput.offset;
492 buffer_reserve(&ioc->encinput, want);
493 ret = qio_channel_read(ioc->master,
494 (char *)buffer_end(&ioc->encinput), want, errp);
498 ioc->encinput.offset += ret;
500 handshake_end = g_strstr_len((char *)ioc->encinput.buffer,
501 ioc->encinput.offset,
502 QIO_CHANNEL_WEBSOCK_HANDSHAKE_END);
503 if (!handshake_end) {
504 if (ioc->encinput.offset >= 4096) {
505 qio_channel_websock_handshake_send_res_err(
506 ioc, QIO_CHANNEL_WEBSOCK_HANDSHAKE_RES_TOO_LARGE);
508 "End of headers not found in first 4096 bytes");
510 } else if (ret == 0) {
512 "End of headers not found before connection closed");
517 *handshake_end = '\0';
519 qio_channel_websock_handshake_process(ioc,
520 (char *)ioc->encinput.buffer,
523 buffer_advance(&ioc->encinput,
524 handshake_end - (char *)ioc->encinput.buffer +
525 strlen(QIO_CHANNEL_WEBSOCK_HANDSHAKE_END));
529 static gboolean qio_channel_websock_handshake_send(QIOChannel *ioc,
530 GIOCondition condition,
533 QIOTask *task = user_data;
534 QIOChannelWebsock *wioc = QIO_CHANNEL_WEBSOCK(
535 qio_task_get_source(task));
539 ret = qio_channel_write(wioc->master,
540 (char *)wioc->encoutput.buffer,
541 wioc->encoutput.offset,
545 trace_qio_channel_websock_handshake_fail(ioc, error_get_pretty(err));
546 qio_task_set_error(task, err);
547 qio_task_complete(task);
551 buffer_advance(&wioc->encoutput, ret);
552 if (wioc->encoutput.offset == 0) {
554 trace_qio_channel_websock_handshake_fail(
555 ioc, error_get_pretty(wioc->io_err));
556 qio_task_set_error(task, wioc->io_err);
558 qio_task_complete(task);
560 trace_qio_channel_websock_handshake_complete(ioc);
561 qio_task_complete(task);
565 trace_qio_channel_websock_handshake_pending(ioc, G_IO_OUT);
569 static gboolean qio_channel_websock_handshake_io(QIOChannel *ioc,
570 GIOCondition condition,
573 QIOTask *task = user_data;
574 QIOChannelWebsock *wioc = QIO_CHANNEL_WEBSOCK(
575 qio_task_get_source(task));
579 ret = qio_channel_websock_handshake_read(wioc, &err);
582 * We only take this path on a fatal I/O error reading from
583 * client connection, as most of the time we have an
584 * HTTP 4xx err response to send instead
586 trace_qio_channel_websock_handshake_fail(ioc, error_get_pretty(err));
587 qio_task_set_error(task, err);
588 qio_task_complete(task);
592 trace_qio_channel_websock_handshake_pending(ioc, G_IO_IN);
593 /* need more data still */
597 error_propagate(&wioc->io_err, err);
599 trace_qio_channel_websock_handshake_reply(ioc);
600 qio_channel_add_watch(
603 qio_channel_websock_handshake_send,
610 static void qio_channel_websock_encode(QIOChannelWebsock *ioc,
612 const struct iovec *iov,
619 char buf[QIO_CHANNEL_WEBSOCK_HEADER_LEN_64_BIT];
620 QIOChannelWebsockHeader ws;
623 assert(size <= iov_size(iov, niov));
625 header.ws.b0 = QIO_CHANNEL_WEBSOCK_HEADER_FIELD_FIN |
626 (opcode & QIO_CHANNEL_WEBSOCK_HEADER_FIELD_OPCODE);
627 if (size < QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_THRESHOLD_7_BIT) {
628 header.ws.b1 = (uint8_t)size;
629 header_size = QIO_CHANNEL_WEBSOCK_HEADER_LEN_7_BIT;
630 } else if (size < QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_THRESHOLD_16_BIT) {
631 header.ws.b1 = QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_MAGIC_16_BIT;
632 header.ws.u.s16.l16 = cpu_to_be16((uint16_t)size);
633 header_size = QIO_CHANNEL_WEBSOCK_HEADER_LEN_16_BIT;
635 header.ws.b1 = QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_MAGIC_64_BIT;
636 header.ws.u.s64.l64 = cpu_to_be64(size);
637 header_size = QIO_CHANNEL_WEBSOCK_HEADER_LEN_64_BIT;
639 header_size -= QIO_CHANNEL_WEBSOCK_HEADER_LEN_MASK;
641 trace_qio_channel_websock_encode(ioc, opcode, header_size, size);
642 buffer_reserve(&ioc->encoutput, header_size + size);
643 buffer_append(&ioc->encoutput, header.buf, header_size);
644 for (i = 0; i < niov && size != 0; i++) {
645 size_t want = iov[i].iov_len;
649 buffer_append(&ioc->encoutput, iov[i].iov_base, want);
655 static ssize_t qio_channel_websock_write_wire(QIOChannelWebsock *, Error **);
658 static void qio_channel_websock_write_close(QIOChannelWebsock *ioc,
659 uint16_t code, const char *reason)
661 struct iovec iov[2] = {
662 { .iov_base = &code, .iov_len = sizeof(code) },
665 size_t size = iov[0].iov_len;
670 iov[1].iov_base = (void *)reason;
671 iov[1].iov_len = strlen(reason);
672 size += iov[1].iov_len;
675 qio_channel_websock_encode(ioc, QIO_CHANNEL_WEBSOCK_OPCODE_CLOSE,
677 qio_channel_websock_write_wire(ioc, NULL);
678 qio_channel_shutdown(ioc->master, QIO_CHANNEL_SHUTDOWN_BOTH, NULL);
682 static int qio_channel_websock_decode_header(QIOChannelWebsock *ioc,
685 unsigned char opcode, fin, has_mask;
688 QIOChannelWebsockHeader *header =
689 (QIOChannelWebsockHeader *)ioc->encinput.buffer;
691 if (ioc->payload_remain) {
693 "Decoding header but %zu bytes of payload remain",
694 ioc->payload_remain);
695 qio_channel_websock_write_close(
696 ioc, QIO_CHANNEL_WEBSOCK_STATUS_SERVER_ERR,
697 "internal server error");
700 if (ioc->encinput.offset < QIO_CHANNEL_WEBSOCK_HEADER_LEN_7_BIT) {
701 /* header not complete */
702 return QIO_CHANNEL_ERR_BLOCK;
705 fin = header->b0 & QIO_CHANNEL_WEBSOCK_HEADER_FIELD_FIN;
706 opcode = header->b0 & QIO_CHANNEL_WEBSOCK_HEADER_FIELD_OPCODE;
707 has_mask = header->b1 & QIO_CHANNEL_WEBSOCK_HEADER_FIELD_HAS_MASK;
708 payload_len = header->b1 & QIO_CHANNEL_WEBSOCK_HEADER_FIELD_PAYLOAD_LEN;
710 /* Save or restore opcode. */
712 ioc->opcode = opcode;
714 opcode = ioc->opcode;
717 trace_qio_channel_websock_header_partial_decode(ioc, payload_len,
718 fin, opcode, (int)has_mask);
720 if (opcode == QIO_CHANNEL_WEBSOCK_OPCODE_CLOSE) {
725 /* Websocket frame sanity check:
726 * * Fragmentation is only supported for binary frames.
727 * * All frames sent by a client MUST be masked.
728 * * Only binary and ping/pong encoding is supported.
731 if (opcode != QIO_CHANNEL_WEBSOCK_OPCODE_BINARY_FRAME) {
732 error_setg(errp, "only binary websocket frames may be fragmented");
733 qio_channel_websock_write_close(
734 ioc, QIO_CHANNEL_WEBSOCK_STATUS_POLICY ,
735 "only binary frames may be fragmented");
739 if (opcode != QIO_CHANNEL_WEBSOCK_OPCODE_BINARY_FRAME &&
740 opcode != QIO_CHANNEL_WEBSOCK_OPCODE_CLOSE &&
741 opcode != QIO_CHANNEL_WEBSOCK_OPCODE_PING &&
742 opcode != QIO_CHANNEL_WEBSOCK_OPCODE_PONG) {
743 error_setg(errp, "unsupported opcode: 0x%04x; only binary, close, "
744 "ping, and pong websocket frames are supported", opcode);
745 qio_channel_websock_write_close(
746 ioc, QIO_CHANNEL_WEBSOCK_STATUS_INVALID_DATA ,
747 "only binary, close, ping, and pong frames are supported");
752 error_setg(errp, "client websocket frames must be masked");
753 qio_channel_websock_write_close(
754 ioc, QIO_CHANNEL_WEBSOCK_STATUS_PROTOCOL_ERR,
755 "client frames must be masked");
759 if (payload_len < QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_MAGIC_16_BIT) {
760 ioc->payload_remain = payload_len;
761 header_size = QIO_CHANNEL_WEBSOCK_HEADER_LEN_7_BIT;
762 ioc->mask = header->u.m;
763 } else if (opcode & QIO_CHANNEL_WEBSOCK_CONTROL_OPCODE_MASK) {
764 error_setg(errp, "websocket control frame is too large");
765 qio_channel_websock_write_close(
766 ioc, QIO_CHANNEL_WEBSOCK_STATUS_PROTOCOL_ERR,
767 "control frame is too large");
769 } else if (payload_len == QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_MAGIC_16_BIT &&
770 ioc->encinput.offset >= QIO_CHANNEL_WEBSOCK_HEADER_LEN_16_BIT) {
771 ioc->payload_remain = be16_to_cpu(header->u.s16.l16);
772 header_size = QIO_CHANNEL_WEBSOCK_HEADER_LEN_16_BIT;
773 ioc->mask = header->u.s16.m16;
774 } else if (payload_len == QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_MAGIC_64_BIT &&
775 ioc->encinput.offset >= QIO_CHANNEL_WEBSOCK_HEADER_LEN_64_BIT) {
776 ioc->payload_remain = be64_to_cpu(header->u.s64.l64);
777 header_size = QIO_CHANNEL_WEBSOCK_HEADER_LEN_64_BIT;
778 ioc->mask = header->u.s64.m64;
780 /* header not complete */
781 return QIO_CHANNEL_ERR_BLOCK;
784 trace_qio_channel_websock_header_full_decode(
785 ioc, header_size, ioc->payload_remain, ioc->mask.u);
786 buffer_advance(&ioc->encinput, header_size);
791 static int qio_channel_websock_decode_payload(QIOChannelWebsock *ioc,
795 size_t payload_len = 0;
798 if (ioc->payload_remain) {
799 /* If we aren't at the end of the payload, then drop
800 * off the last bytes, so we're always multiple of 4
801 * for purpose of unmasking, except at end of payload
803 if (ioc->encinput.offset < ioc->payload_remain) {
804 /* Wait for the entire payload before processing control frames
805 * because the payload will most likely be echoed back. */
806 if (ioc->opcode & QIO_CHANNEL_WEBSOCK_CONTROL_OPCODE_MASK) {
807 return QIO_CHANNEL_ERR_BLOCK;
809 payload_len = ioc->encinput.offset - (ioc->encinput.offset % 4);
811 payload_len = ioc->payload_remain;
813 if (payload_len == 0) {
814 return QIO_CHANNEL_ERR_BLOCK;
817 ioc->payload_remain -= payload_len;
820 /* process 1 frame (32 bit op) */
821 payload32 = (uint32_t *)ioc->encinput.buffer;
822 for (i = 0; i < payload_len / 4; i++) {
823 payload32[i] ^= ioc->mask.u;
825 /* process the remaining bytes (if any) */
826 for (i *= 4; i < payload_len; i++) {
827 ioc->encinput.buffer[i] ^= ioc->mask.c[i % 4];
831 trace_qio_channel_websock_payload_decode(
832 ioc, ioc->opcode, ioc->payload_remain);
834 if (ioc->opcode == QIO_CHANNEL_WEBSOCK_OPCODE_BINARY_FRAME) {
836 /* binary frames are passed on */
837 buffer_reserve(&ioc->rawinput, payload_len);
838 buffer_append(&ioc->rawinput, ioc->encinput.buffer, payload_len);
840 } else if (ioc->opcode == QIO_CHANNEL_WEBSOCK_OPCODE_CLOSE) {
841 /* close frames are echoed back */
842 error_setg(errp, "websocket closed by peer");
844 /* echo client status */
845 struct iovec iov = { .iov_base = ioc->encinput.buffer,
846 .iov_len = ioc->encinput.offset };
847 qio_channel_websock_encode(ioc, QIO_CHANNEL_WEBSOCK_OPCODE_CLOSE,
848 &iov, 1, iov.iov_len);
849 qio_channel_websock_write_wire(ioc, NULL);
850 qio_channel_shutdown(ioc->master, QIO_CHANNEL_SHUTDOWN_BOTH, NULL);
852 /* send our own status */
853 qio_channel_websock_write_close(
854 ioc, QIO_CHANNEL_WEBSOCK_STATUS_NORMAL, "peer requested close");
857 } else if (ioc->opcode == QIO_CHANNEL_WEBSOCK_OPCODE_PING) {
858 /* ping frames produce an immediate reply, as long as we've not still
859 * got a previous pong queued, in which case we drop the new pong */
860 if (ioc->pong_remain == 0) {
861 struct iovec iov = { .iov_base = ioc->encinput.buffer,
862 .iov_len = ioc->encinput.offset };
863 qio_channel_websock_encode(ioc, QIO_CHANNEL_WEBSOCK_OPCODE_PONG,
864 &iov, 1, iov.iov_len);
865 ioc->pong_remain = ioc->encoutput.offset;
867 } /* pong frames are ignored */
870 buffer_advance(&ioc->encinput, payload_len);
877 qio_channel_websock_new_server(QIOChannel *master)
879 QIOChannelWebsock *wioc;
882 wioc = QIO_CHANNEL_WEBSOCK(object_new(TYPE_QIO_CHANNEL_WEBSOCK));
883 ioc = QIO_CHANNEL(wioc);
885 wioc->master = master;
886 if (qio_channel_has_feature(master, QIO_CHANNEL_FEATURE_SHUTDOWN)) {
887 qio_channel_set_feature(ioc, QIO_CHANNEL_FEATURE_SHUTDOWN);
889 object_ref(OBJECT(master));
891 trace_qio_channel_websock_new_server(wioc, master);
895 void qio_channel_websock_handshake(QIOChannelWebsock *ioc,
898 GDestroyNotify destroy)
902 task = qio_task_new(OBJECT(ioc),
907 trace_qio_channel_websock_handshake_start(ioc);
908 trace_qio_channel_websock_handshake_pending(ioc, G_IO_IN);
909 qio_channel_add_watch(ioc->master,
911 qio_channel_websock_handshake_io,
917 static void qio_channel_websock_finalize(Object *obj)
919 QIOChannelWebsock *ioc = QIO_CHANNEL_WEBSOCK(obj);
921 buffer_free(&ioc->encinput);
922 buffer_free(&ioc->encoutput);
923 buffer_free(&ioc->rawinput);
924 object_unref(OBJECT(ioc->master));
926 g_source_remove(ioc->io_tag);
929 error_free(ioc->io_err);
934 static ssize_t qio_channel_websock_read_wire(QIOChannelWebsock *ioc,
939 if (ioc->encinput.offset < 4096) {
940 size_t want = 4096 - ioc->encinput.offset;
942 buffer_reserve(&ioc->encinput, want);
943 ret = qio_channel_read(ioc->master,
944 (char *)ioc->encinput.buffer +
945 ioc->encinput.offset,
951 if (ret == 0 && ioc->encinput.offset == 0) {
955 ioc->encinput.offset += ret;
958 while (ioc->encinput.offset != 0) {
959 if (ioc->payload_remain == 0) {
960 ret = qio_channel_websock_decode_header(ioc, errp);
966 ret = qio_channel_websock_decode_payload(ioc, errp);
975 static ssize_t qio_channel_websock_write_wire(QIOChannelWebsock *ioc,
981 while (ioc->encoutput.offset > 0) {
982 ret = qio_channel_write(ioc->master,
983 (char *)ioc->encoutput.buffer,
984 ioc->encoutput.offset,
987 if (ret == QIO_CHANNEL_ERR_BLOCK &&
994 buffer_advance(&ioc->encoutput, ret);
996 if (ioc->pong_remain < ret) {
997 ioc->pong_remain = 0;
999 ioc->pong_remain -= ret;
1006 static void qio_channel_websock_flush_free(gpointer user_data)
1008 QIOChannelWebsock *wioc = QIO_CHANNEL_WEBSOCK(user_data);
1009 object_unref(OBJECT(wioc));
1012 static void qio_channel_websock_set_watch(QIOChannelWebsock *ioc);
1014 static gboolean qio_channel_websock_flush(QIOChannel *ioc,
1015 GIOCondition condition,
1018 QIOChannelWebsock *wioc = QIO_CHANNEL_WEBSOCK(user_data);
1021 if (condition & G_IO_OUT) {
1022 ret = qio_channel_websock_write_wire(wioc, &wioc->io_err);
1028 if (condition & G_IO_IN) {
1029 ret = qio_channel_websock_read_wire(wioc, &wioc->io_err);
1036 qio_channel_websock_set_watch(wioc);
1041 static void qio_channel_websock_unset_watch(QIOChannelWebsock *ioc)
1044 g_source_remove(ioc->io_tag);
1049 static void qio_channel_websock_set_watch(QIOChannelWebsock *ioc)
1051 GIOCondition cond = 0;
1053 qio_channel_websock_unset_watch(ioc);
1059 if (ioc->encoutput.offset) {
1062 if (ioc->encinput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER &&
1068 object_ref(OBJECT(ioc));
1070 qio_channel_add_watch(ioc->master,
1072 qio_channel_websock_flush,
1074 qio_channel_websock_flush_free);
1079 static ssize_t qio_channel_websock_readv(QIOChannel *ioc,
1080 const struct iovec *iov,
1087 QIOChannelWebsock *wioc = QIO_CHANNEL_WEBSOCK(ioc);
1093 error_propagate(errp, error_copy(wioc->io_err));
1097 if (!wioc->rawinput.offset) {
1098 ret = qio_channel_websock_read_wire(QIO_CHANNEL_WEBSOCK(ioc), errp);
1104 for (i = 0 ; i < niov ; i++) {
1105 size_t want = iov[i].iov_len;
1106 if (want > (wioc->rawinput.offset - got)) {
1107 want = (wioc->rawinput.offset - got);
1110 memcpy(iov[i].iov_base,
1111 wioc->rawinput.buffer + got,
1115 if (want < iov[i].iov_len) {
1120 buffer_advance(&wioc->rawinput, got);
1121 qio_channel_websock_set_watch(wioc);
1126 static ssize_t qio_channel_websock_writev(QIOChannel *ioc,
1127 const struct iovec *iov,
1134 QIOChannelWebsock *wioc = QIO_CHANNEL_WEBSOCK(ioc);
1135 ssize_t want = iov_size(iov, niov);
1140 error_propagate(errp, error_copy(wioc->io_err));
1145 error_setg(errp, "%s", "Broken pipe");
1149 avail = wioc->encoutput.offset >= QIO_CHANNEL_WEBSOCK_MAX_BUFFER ?
1150 0 : (QIO_CHANNEL_WEBSOCK_MAX_BUFFER - wioc->encoutput.offset);
1156 qio_channel_websock_encode(wioc,
1157 QIO_CHANNEL_WEBSOCK_OPCODE_BINARY_FRAME,
1161 /* Even if want == 0, we'll try write_wire in case there's
1162 * pending data we could usefully flush out
1164 ret = qio_channel_websock_write_wire(wioc, errp);
1166 ret != QIO_CHANNEL_ERR_BLOCK) {
1167 qio_channel_websock_unset_watch(wioc);
1171 qio_channel_websock_set_watch(wioc);
1174 return QIO_CHANNEL_ERR_BLOCK;
1180 static int qio_channel_websock_set_blocking(QIOChannel *ioc,
1184 QIOChannelWebsock *wioc = QIO_CHANNEL_WEBSOCK(ioc);
1186 qio_channel_set_blocking(wioc->master, enabled, errp);
1190 static void qio_channel_websock_set_delay(QIOChannel *ioc,
1193 QIOChannelWebsock *tioc = QIO_CHANNEL_WEBSOCK(ioc);
1195 qio_channel_set_delay(tioc->master, enabled);
1198 static void qio_channel_websock_set_cork(QIOChannel *ioc,
1201 QIOChannelWebsock *tioc = QIO_CHANNEL_WEBSOCK(ioc);
1203 qio_channel_set_cork(tioc->master, enabled);
1206 static int qio_channel_websock_shutdown(QIOChannel *ioc,
1207 QIOChannelShutdown how,
1210 QIOChannelWebsock *tioc = QIO_CHANNEL_WEBSOCK(ioc);
1212 return qio_channel_shutdown(tioc->master, how, errp);
1215 static int qio_channel_websock_close(QIOChannel *ioc,
1218 QIOChannelWebsock *wioc = QIO_CHANNEL_WEBSOCK(ioc);
1220 trace_qio_channel_websock_close(ioc);
1221 return qio_channel_close(wioc->master, errp);
1224 typedef struct QIOChannelWebsockSource QIOChannelWebsockSource;
1225 struct QIOChannelWebsockSource {
1227 QIOChannelWebsock *wioc;
1228 GIOCondition condition;
1232 qio_channel_websock_source_check(GSource *source)
1234 QIOChannelWebsockSource *wsource = (QIOChannelWebsockSource *)source;
1235 GIOCondition cond = 0;
1237 if (wsource->wioc->rawinput.offset) {
1240 if (wsource->wioc->encoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
1243 if (wsource->wioc->io_eof) {
1246 if (wsource->wioc->io_err) {
1250 return cond & wsource->condition;
1254 qio_channel_websock_source_prepare(GSource *source,
1258 return qio_channel_websock_source_check(source);
1262 qio_channel_websock_source_dispatch(GSource *source,
1263 GSourceFunc callback,
1266 QIOChannelFunc func = (QIOChannelFunc)callback;
1267 QIOChannelWebsockSource *wsource = (QIOChannelWebsockSource *)source;
1269 return (*func)(QIO_CHANNEL(wsource->wioc),
1270 qio_channel_websock_source_check(source),
1275 qio_channel_websock_source_finalize(GSource *source)
1277 QIOChannelWebsockSource *ssource = (QIOChannelWebsockSource *)source;
1279 object_unref(OBJECT(ssource->wioc));
1282 GSourceFuncs qio_channel_websock_source_funcs = {
1283 qio_channel_websock_source_prepare,
1284 qio_channel_websock_source_check,
1285 qio_channel_websock_source_dispatch,
1286 qio_channel_websock_source_finalize
1289 static GSource *qio_channel_websock_create_watch(QIOChannel *ioc,
1290 GIOCondition condition)
1292 QIOChannelWebsock *wioc = QIO_CHANNEL_WEBSOCK(ioc);
1293 QIOChannelWebsockSource *ssource;
1296 source = g_source_new(&qio_channel_websock_source_funcs,
1297 sizeof(QIOChannelWebsockSource));
1298 ssource = (QIOChannelWebsockSource *)source;
1300 ssource->wioc = wioc;
1301 object_ref(OBJECT(wioc));
1303 ssource->condition = condition;
1305 qio_channel_websock_set_watch(wioc);
1309 static void qio_channel_websock_class_init(ObjectClass *klass,
1310 void *class_data G_GNUC_UNUSED)
1312 QIOChannelClass *ioc_klass = QIO_CHANNEL_CLASS(klass);
1314 ioc_klass->io_writev = qio_channel_websock_writev;
1315 ioc_klass->io_readv = qio_channel_websock_readv;
1316 ioc_klass->io_set_blocking = qio_channel_websock_set_blocking;
1317 ioc_klass->io_set_cork = qio_channel_websock_set_cork;
1318 ioc_klass->io_set_delay = qio_channel_websock_set_delay;
1319 ioc_klass->io_close = qio_channel_websock_close;
1320 ioc_klass->io_shutdown = qio_channel_websock_shutdown;
1321 ioc_klass->io_create_watch = qio_channel_websock_create_watch;
1324 static const TypeInfo qio_channel_websock_info = {
1325 .parent = TYPE_QIO_CHANNEL,
1326 .name = TYPE_QIO_CHANNEL_WEBSOCK,
1327 .instance_size = sizeof(QIOChannelWebsock),
1328 .instance_finalize = qio_channel_websock_finalize,
1329 .class_init = qio_channel_websock_class_init,
1332 static void qio_channel_websock_register_types(void)
1334 type_register_static(&qio_channel_websock_info);
1337 type_init(qio_channel_websock_register_types);