1 /*
2 * lws-minimal-secure-streams-client
3 *
4 * Written in 2010-2020 by Andy Green <andy@warmcat.com>
5 *
6 * This file is made available under the Creative Commons CC0 1.0
7 * Universal Public Domain Dedication.
8 *
9 *
10 * This client does not perform any INET networking... instead it opens a unix
11 * domain socket on a proxy that is listening for it, and that creates the
12 * actual secure stream connection.
13 *
14 * We are able to use the usual secure streams api in the client process, with
15 * payloads and connection state information proxied over the unix domain
16 * socket and fulfilled in the proxy process.
17 *
18 * The public client helper pieces are built as part of lws
19 */
20 #include <private-lib-core.h>
21
22 static void
lws_sspc_sul_retry_cb(lws_sorted_usec_list_t * sul)23 lws_sspc_sul_retry_cb(lws_sorted_usec_list_t *sul)
24 {
25 lws_sspc_handle_t *h = lws_container_of(sul, lws_sspc_handle_t, sul_retry);
26 static struct lws_client_connect_info i;
27
28 /*
29 * We may have started up before the system proxy, so be prepared with
30 * a sul to retry at 1Hz
31 */
32
33 memset(&i, 0, sizeof i);
34 i.context = h->context;
35 if (h->context->ss_proxy_port) { /* tcp */
36 i.address = h->context->ss_proxy_address;
37 i.port = h->context->ss_proxy_port;
38 i.iface = h->context->ss_proxy_bind;
39 } else {
40 if (h->context->ss_proxy_bind)
41 i.address = h->context->ss_proxy_bind;
42 else
43 i.address = "+@proxy.ss.lws";
44 }
45 i.host = i.address;
46 i.origin = i.address;
47 i.method = "RAW";
48 i.protocol = lws_sspc_protocols[0].name;
49 i.local_protocol_name = lws_sspc_protocols[0].name;
50 i.path = "";
51 i.pwsi = &h->cwsi;
52 i.opaque_user_data = (void *)h;
53
54 if (!lws_client_connect_via_info(&i)) {
55 lws_sul_schedule(h->context, 0, &h->sul_retry,
56 lws_sspc_sul_retry_cb, LWS_US_PER_SEC);
57
58 return;
59 }
60 }
61
62 static int
lws_sspc_serialize_metadata(lws_sspc_metadata_t * md,uint8_t * p)63 lws_sspc_serialize_metadata(lws_sspc_metadata_t *md, uint8_t *p)
64 {
65 int n, txc;
66
67 if (md->name[0] == '\0') {
68
69 lwsl_info("%s: sending tx credit update %d\n", __func__,
70 md->tx_cr_adjust);
71
72 p[0] = LWSSS_SER_TXPRE_TXCR_UPDATE;
73 lws_ser_wu16be(&p[1], 4);
74 lws_ser_wu32be(&p[3], md->tx_cr_adjust);
75
76 n = 7;
77
78 } else {
79
80 lwsl_info("%s: sending metadata\n", __func__);
81
82 p[0] = LWSSS_SER_TXPRE_METADATA;
83 txc = strlen(md->name);
84 n = txc + 1 + md->len;
85 lws_ser_wu16be(&p[1], n);
86 p[3] = txc;
87 memcpy(&p[4], md->name, txc);
88 memcpy(&p[4 + txc], &md[1], md->len);
89 n = 4 + txc + md->len;
90 }
91
92 lws_dll2_remove(&md->list);
93 lws_free(md);
94
95 return n;
96 }
97
98 static int
callback_sspc_client(struct lws * wsi,enum lws_callback_reasons reason,void * user,void * in,size_t len)99 callback_sspc_client(struct lws *wsi, enum lws_callback_reasons reason,
100 void *user, void *in, size_t len)
101 {
102 lws_sspc_handle_t *h = (lws_sspc_handle_t *)lws_get_opaque_user_data(wsi);
103 uint8_t s[32], pkt[LWS_PRE + 1400], *p = pkt + LWS_PRE;
104 void *m = (void *)((uint8_t *)&h[1]);
105 const uint8_t *cp;
106 lws_usec_t us;
107 int flags, n;
108
109 switch (reason) {
110 case LWS_CALLBACK_PROTOCOL_INIT:
111 break;
112
113 case LWS_CALLBACK_PROTOCOL_DESTROY:
114 break;
115
116 case LWS_CALLBACK_CLIENT_CONNECTION_ERROR:
117 lwsl_warn("%s: CONNECTION_ERROR\n", __func__);
118 lws_set_opaque_user_data(wsi, NULL);
119 h->cwsi = NULL;
120 lws_sul_schedule(h->context, 0, &h->sul_retry,
121 lws_sspc_sul_retry_cb, LWS_US_PER_SEC);
122 break;
123
124 case LWS_CALLBACK_RAW_CONNECTED:
125 if (!h)
126 return -1;
127 lwsl_info("%s: CONNECTED (%s)\n", __func__, h->ssi.streamtype);
128
129 h->state = LPCS_SENDING_INITIAL_TX;
130 h->dsh = lws_dsh_create(NULL, (LWS_PRE + LWS_SS_MTU) * 160, 1);
131 if (!h->dsh)
132 return -1;
133
134 lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND, 3);
135 lws_callback_on_writable(wsi);
136 break;
137
138 case LWS_CALLBACK_RAW_CLOSE:
139 /*
140 * our ss proxy Unix Domain socket has closed...
141 */
142 lwsl_notice("%s: LWS_CALLBACK_RAW_CLOSE: proxy conn down\n", __func__);
143 h->cwsi = NULL;
144 //lws_sspc_destroy(&h);
145 break;
146
147 case LWS_CALLBACK_RAW_RX:
148 lwsl_info("%s: RAW_RX: rx %d\n", __func__, (int)len);
149
150 if (!h || !h->cwsi) {
151 lwsl_err("%s: rx with bad conn state\n", __func__);
152
153 return -1;
154 }
155
156 if (lws_ss_deserialize_parse(&h->parser, lws_get_context(wsi),
157 h->dsh, in, len, &h->state, h,
158 (lws_ss_handle_t **)m, &h->ssi, 1))
159 return -1;
160
161 if (wsi && h->state == LPCS_LOCAL_CONNECTED)
162 lws_set_timeout(wsi, 0, 0);
163
164 break;
165
166 case LWS_CALLBACK_RAW_WRITEABLE:
167
168 /*
169 * We can transmit something to the proxy...
170 */
171
172 if (!h)
173 break;
174
175 lwsl_info("%s: WRITEABLE %p: (%s) state %d\n", __func__, wsi,
176 h->ssi.streamtype, h->state);
177
178 n = 0;
179 cp = s;
180 s[1] = 0;
181 switch (h->state) {
182 case LPCS_SENDING_INITIAL_TX:
183 n = strlen(h->ssi.streamtype) + 4;
184
185 s[0] = LWSSS_SER_TXPRE_STREAMTYPE;
186 lws_ser_wu16be(&s[1], n);
187 lws_ser_wu32be(&s[3], h->txc.peer_tx_cr_est);
188 //h->txcr_out = txc;
189 lws_strncpy((char *)&s[7], h->ssi.streamtype, sizeof(s) - 7);
190 n += 3;
191 h->state = LPCS_WAITING_CREATE_RESULT;
192 break;
193
194 case LPCS_LOCAL_CONNECTED:
195 if (!h->conn_req)
196 break;
197
198 /*
199 * Do we need to prioritize sending any metadata
200 * changes?
201 */
202
203 if (h->metadata_owner.count) {
204 lws_sspc_metadata_t *md = lws_container_of(
205 lws_dll2_get_tail(&h->metadata_owner),
206 lws_sspc_metadata_t, list);
207
208 cp = p;
209 n = lws_sspc_serialize_metadata(md, p);
210
211 /* in case anything else to write */
212 lws_callback_on_writable(h->cwsi);
213
214 break;
215 }
216
217
218 h->conn_req = 0;
219 s[0] = LWSSS_SER_TXPRE_ONWARD_CONNECT;
220 s[1] = 0;
221 s[2] = 0;
222 n = 3;
223 break;
224
225 case LPCS_OPERATIONAL:
226
227 /*
228 * Do we want to adjust the peer's ability to write
229 * to us?
230 */
231
232 /*
233 * Do we need to prioritize sending any metadata
234 * changes?
235 */
236
237 if (h->metadata_owner.count) {
238 lws_sspc_metadata_t *md = lws_container_of(
239 lws_dll2_get_tail(&h->metadata_owner),
240 lws_sspc_metadata_t, list);
241
242 cp = p;
243 n = lws_sspc_serialize_metadata(md, p);
244
245 /* in case anything else to write */
246 lws_callback_on_writable(h->cwsi);
247
248 break;
249 }
250
251
252 /* we can't write anything if we don't have credit */
253 if (h->txc.tx_cr <= 0) {
254 lwsl_notice("%s: WRITEABLE / OPERATIONAL:"
255 " lack credit (%d)\n", __func__,
256 h->txc.tx_cr);
257 break;
258 }
259
260 len = sizeof(pkt) - LWS_PRE - 19;
261 flags = 0;
262 if (h->ssi.tx(m, h->ord++, pkt + LWS_PRE + 19, &len, &flags))
263 break;
264
265 h->txc.tx_cr -= len;
266
267 cp = p;
268 n = len + 19;
269 us = lws_now_usecs();
270 p[0] = LWSSS_SER_TXPRE_TX_PAYLOAD;
271 lws_ser_wu16be(&p[1], len + 19 - 3);
272 lws_ser_wu32be(&p[3], flags);
273 /* time spent here waiting to send this */
274 lws_ser_wu32be(&p[7], us - h->us_earliest_write_req);
275 /* ust that the client write happened */
276 lws_ser_wu64be(&p[11], us);
277 h->us_earliest_write_req = 0;
278
279 if (flags & LWSSS_FLAG_EOM)
280 if (h->rsidx + 1 < (int)LWS_ARRAY_SIZE(h->rideshare_ofs) &&
281 h->rideshare_ofs[h->rsidx + 1])
282 h->rsidx++;
283
284 break;
285 default:
286 break;
287 }
288
289 if (!n)
290 break;
291
292 // lwsl_hexdump_notice(cp, n);
293
294 n = lws_write(wsi, (uint8_t *)cp, n, LWS_WRITE_RAW);
295 if (n < 0) {
296 lwsl_notice("%s: WRITEABLE: %d\n", __func__, n);
297
298 goto hangup;
299 }
300 break;
301
302 default:
303 break;
304 }
305
306 return lws_callback_http_dummy(wsi, reason, user, in, len);
307
308 hangup:
309 lwsl_warn("hangup\n");
310 /* hang up on him */
311 return -1;
312 }
313
314 const struct lws_protocols lws_sspc_protocols[] = {
315 {
316 "ssproxy-protocol",
317 callback_sspc_client,
318 0,
319 2048, 2048, NULL, 0
320 },
321 { NULL, NULL, 0, 0, 0, NULL, 0 }
322 };
323
324 int
lws_sspc_create(struct lws_context * context,int tsi,const lws_ss_info_t * ssi,void * opaque_user_data,lws_sspc_handle_t ** ppss,struct lws_sequencer * seq_owner,const char ** ppayload_fmt)325 lws_sspc_create(struct lws_context *context, int tsi, const lws_ss_info_t *ssi,
326 void *opaque_user_data, lws_sspc_handle_t **ppss,
327 struct lws_sequencer *seq_owner, const char **ppayload_fmt)
328 {
329 lws_sspc_handle_t *h;
330 uint8_t *ua;
331 char *p;
332
333 lwsl_notice("%s: streamtype %s\n", __func__, ssi->streamtype);
334
335 /* allocate the handle (including ssi), the user alloc,
336 * and the streamname */
337
338 h = malloc(sizeof(lws_sspc_handle_t) + ssi->user_alloc +
339 strlen(ssi->streamtype) + 1);
340 memset(h, 0, sizeof(*h));
341 memcpy(&h->ssi, ssi, sizeof(*ssi));
342 ua = (uint8_t *)&h[1];
343 memset(ua, 0, ssi->user_alloc);
344 p = (char *)ua + ssi->user_alloc;
345 memcpy(p, ssi->streamtype, strlen(ssi->streamtype) + 1);
346 h->ssi.streamtype = (const char *)p;
347 h->context = context;
348 if (!ssi->manual_initial_tx_credit)
349 h->txc.peer_tx_cr_est = 500000000;
350 else
351 h->txc.peer_tx_cr_est = ssi->manual_initial_tx_credit;
352
353 lws_dll2_add_head(&h->client_list, &context->pt[tsi].ss_client_owner);
354
355 /* fill in the things the real api does for the caller */
356
357 *((void **)(ua + ssi->opaque_user_data_offset)) = opaque_user_data;
358 *((void **)(ua + ssi->handle_offset)) = h;
359
360 if (ppss)
361 *ppss = h;
362
363 /* try the actual connect */
364
365 lws_sspc_sul_retry_cb(&h->sul_retry);
366
367 return 0;
368 }
369
370 /* used on context destroy when iterating listed lws_ss on a pt */
371
372 int
lws_sspc_destroy_dll(struct lws_dll2 * d,void * user)373 lws_sspc_destroy_dll(struct lws_dll2 *d, void *user)
374 {
375 lws_sspc_handle_t *h = lws_container_of(d, lws_sspc_handle_t, client_list);
376
377 lws_sspc_destroy(&h);
378
379 return 0;
380 }
381
382
383 void
lws_sspc_destroy(lws_sspc_handle_t ** ph)384 lws_sspc_destroy(lws_sspc_handle_t **ph)
385 {
386 lws_sspc_handle_t *h;
387 void *m;
388
389 lwsl_debug("%s\n", __func__);
390
391 if (!*ph)
392 return;
393
394 h = *ph;
395 m = (void *)((uint8_t *)&h[1]);
396
397 if (h->destroying)
398 return;
399
400 h->destroying = 1;
401
402 lws_sul_schedule(h->context, 0, &h->sul_retry, NULL,
403 LWS_SET_TIMER_USEC_CANCEL);
404 lws_dll2_remove(&h->client_list);
405
406 if (h->dsh)
407 lws_dsh_destroy(&h->dsh);
408 if (h->cwsi) {
409 struct lws *wsi = h->cwsi;
410 h->cwsi = NULL;
411 lws_set_timeout(wsi, 1, LWS_TO_KILL_SYNC);
412 }
413
414 /* clean out any pending metadata changes that didn't make it */
415
416 lws_start_foreach_dll_safe(struct lws_dll2 *, d, d1,
417 lws_dll2_get_head(&(*ph)->metadata_owner)) {
418 lws_sspc_metadata_t *md =
419 lws_container_of(d, lws_sspc_metadata_t, list);
420
421 lws_dll2_remove(&md->list);
422 lws_free(md);
423
424 } lws_end_foreach_dll_safe(d, d1);
425
426 h->ssi.state(m, NULL, LWSSSCS_DESTROYING, 0);
427 *ph = NULL;
428 free(h);
429 }
430
431 void
lws_sspc_request_tx(lws_sspc_handle_t * h)432 lws_sspc_request_tx(lws_sspc_handle_t *h)
433 {
434 if (!h || !h->cwsi)
435 return;
436
437 if (!h->us_earliest_write_req)
438 h->us_earliest_write_req = lws_now_usecs();
439
440 lws_callback_on_writable(h->cwsi);
441 }
442
443 int
lws_sspc_client_connect(lws_sspc_handle_t * h)444 lws_sspc_client_connect(lws_sspc_handle_t *h)
445 {
446 if (!h || h->state == LPCS_OPERATIONAL)
447 return 0;
448
449 assert(h->state == LPCS_LOCAL_CONNECTED);
450 h->conn_req = 1;
451 if (h->cwsi)
452 lws_callback_on_writable(h->cwsi);
453
454 return 0;
455 }
456
457 struct lws_context *
lws_sspc_get_context(struct lws_sspc_handle * h)458 lws_sspc_get_context(struct lws_sspc_handle *h)
459 {
460 return h->context;
461 }
462
463 const char *
lws_sspc_rideshare(struct lws_sspc_handle * h)464 lws_sspc_rideshare(struct lws_sspc_handle *h)
465 {
466 /*
467 * ...the serialized RX rideshare name if any...
468 */
469
470 if (h->parser.rideshare[0]) {
471 lwsl_info("%s: parser %s\n", __func__, h->parser.rideshare);
472 return h->parser.rideshare;
473 }
474
475 /*
476 * The tx rideshare index
477 */
478
479 if (h->rideshare_list[0]) {
480 lwsl_info("%s: tx list %s\n", __func__,
481 &h->rideshare_list[h->rideshare_ofs[h->rsidx]]);
482 return &h->rideshare_list[h->rideshare_ofs[h->rsidx]];
483 }
484
485 /*
486 * ... otherwise default to our stream type name
487 */
488
489 lwsl_info("%s: def %s\n", __func__, h->ssi.streamtype);
490
491 return h->ssi.streamtype;
492 }
493
494 static int
_lws_sspc_set_metadata(struct lws_sspc_handle * h,const char * name,void * value,size_t len,int tx_cr_adjust)495 _lws_sspc_set_metadata(struct lws_sspc_handle *h, const char *name,
496 void *value, size_t len, int tx_cr_adjust)
497 {
498 lws_sspc_metadata_t *md;
499
500 /*
501 * Are we replacing a pending metadata of the same name? It's not
502 * efficient to do this but user code can do what it likes... let's
503 * optimize away the old one.
504 *
505 * Tx credit adjust always has name ""
506 */
507
508 lws_start_foreach_dll_safe(struct lws_dll2 *, d, d1,
509 lws_dll2_get_head(&h->metadata_owner)) {
510 md = lws_container_of(d, lws_sspc_metadata_t, list);
511
512 if (!strcmp(name, md->name)) {
513 lws_dll2_remove(&md->list);
514 lws_free(md);
515 break;
516 }
517
518 } lws_end_foreach_dll_safe(d, d1);
519
520 /*
521 * We have to stash the metadata and pass it to the proxy
522 */
523
524 md = lws_malloc(sizeof(*md) + len, "set metadata");
525 if (!md) {
526 lwsl_err("%s: OOM\n", __func__);
527
528 return 1;
529 }
530
531 memset(md, 0, sizeof(*md));
532
533 md->tx_cr_adjust = tx_cr_adjust;
534 h->txc.peer_tx_cr_est += tx_cr_adjust;
535
536 lws_strncpy(md->name, name, sizeof(md->name));
537 md->len = len;
538 if (len)
539 memcpy(&md[1], value, len);
540
541 lws_dll2_add_tail(&md->list, &h->metadata_owner);
542
543 if (len) {
544 lwsl_info("%s: set metadata %s\n", __func__, name);
545 lwsl_hexdump_info(value, len);
546 } else
547 lwsl_info("%s: serializing tx cr adj %d\n", __func__,
548 (int)tx_cr_adjust);
549
550 if (h->cwsi)
551 lws_callback_on_writable(h->cwsi);
552
553 return 0;
554 }
555
556 int
lws_sspc_set_metadata(struct lws_sspc_handle * h,const char * name,void * value,size_t len)557 lws_sspc_set_metadata(struct lws_sspc_handle *h, const char *name,
558 void *value, size_t len)
559 {
560 return _lws_sspc_set_metadata(h, name, value, len, 0);
561 }
562
563 int
lws_sspc_add_peer_tx_credit(struct lws_sspc_handle * h,int32_t bump)564 lws_sspc_add_peer_tx_credit(struct lws_sspc_handle *h, int32_t bump)
565 {
566 lwsl_notice("%s: %d\n", __func__, bump);
567 return _lws_sspc_set_metadata(h, "", NULL, 0, (int)bump);
568 }
569
570 int
lws_sspc_get_est_peer_tx_credit(struct lws_sspc_handle * h)571 lws_sspc_get_est_peer_tx_credit(struct lws_sspc_handle *h)
572 {
573 return h->txc.peer_tx_cr_est;
574 }
575