• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * lws-minimal-secure-streams-client
3  *
4  * Written in 2010-2020 by Andy Green <andy@warmcat.com>
5  *
6  * This file is made available under the Creative Commons CC0 1.0
7  * Universal Public Domain Dedication.
8  *
9  *
10  * This client does not perform any INET networking... instead it opens a unix
11  * domain socket on a proxy that is listening for it, and that creates the
12  * actual secure stream connection.
13  *
14  * We are able to use the usual secure streams api in the client process, with
15  * payloads and connection state information proxied over the unix domain
16  * socket and fulfilled in the proxy process.
17  *
18  * The public client helper pieces are built as part of lws
19  */
20 #include <private-lib-core.h>
21 
22 static void
lws_sspc_sul_retry_cb(lws_sorted_usec_list_t * sul)23 lws_sspc_sul_retry_cb(lws_sorted_usec_list_t *sul)
24 {
25 	lws_sspc_handle_t *h = lws_container_of(sul, lws_sspc_handle_t, sul_retry);
26 	static struct lws_client_connect_info i;
27 
28 	/*
29 	 * We may have started up before the system proxy, so be prepared with
30 	 * a sul to retry at 1Hz
31 	 */
32 
33 	memset(&i, 0, sizeof i);
34 	i.context = h->context;
35 	if (h->context->ss_proxy_port) { /* tcp */
36 		i.address = h->context->ss_proxy_address;
37 		i.port = h->context->ss_proxy_port;
38 		i.iface = h->context->ss_proxy_bind;
39 	} else {
40 		if (h->context->ss_proxy_bind)
41 			i.address = h->context->ss_proxy_bind;
42 		else
43 			i.address = "+@proxy.ss.lws";
44 	}
45 	i.host = i.address;
46 	i.origin = i.address;
47 	i.method = "RAW";
48 	i.protocol = lws_sspc_protocols[0].name;
49 	i.local_protocol_name = lws_sspc_protocols[0].name;
50 	i.path = "";
51 	i.pwsi = &h->cwsi;
52 	i.opaque_user_data = (void *)h;
53 
54 	if (!lws_client_connect_via_info(&i)) {
55 		lws_sul_schedule(h->context, 0, &h->sul_retry,
56 				 lws_sspc_sul_retry_cb, LWS_US_PER_SEC);
57 
58 		return;
59 	}
60 }
61 
62 static int
lws_sspc_serialize_metadata(lws_sspc_metadata_t * md,uint8_t * p)63 lws_sspc_serialize_metadata(lws_sspc_metadata_t *md, uint8_t *p)
64 {
65 	int n, txc;
66 
67 	if (md->name[0] == '\0') {
68 
69 		lwsl_info("%s: sending tx credit update %d\n", __func__,
70 				md->tx_cr_adjust);
71 
72 		p[0] = LWSSS_SER_TXPRE_TXCR_UPDATE;
73 		lws_ser_wu16be(&p[1], 4);
74 		lws_ser_wu32be(&p[3], md->tx_cr_adjust);
75 
76 		n = 7;
77 
78 	} else {
79 
80 		lwsl_info("%s: sending metadata\n", __func__);
81 
82 		p[0] = LWSSS_SER_TXPRE_METADATA;
83 		txc = strlen(md->name);
84 		n = txc + 1 + md->len;
85 		lws_ser_wu16be(&p[1], n);
86 		p[3] = txc;
87 		memcpy(&p[4], md->name, txc);
88 		memcpy(&p[4 + txc], &md[1], md->len);
89 		n = 4 + txc + md->len;
90 	}
91 
92 	lws_dll2_remove(&md->list);
93 	lws_free(md);
94 
95 	return n;
96 }
97 
98 static int
callback_sspc_client(struct lws * wsi,enum lws_callback_reasons reason,void * user,void * in,size_t len)99 callback_sspc_client(struct lws *wsi, enum lws_callback_reasons reason,
100 		     void *user, void *in, size_t len)
101 {
102 	lws_sspc_handle_t *h = (lws_sspc_handle_t *)lws_get_opaque_user_data(wsi);
103 	uint8_t s[32], pkt[LWS_PRE + 1400], *p = pkt + LWS_PRE;
104 	void *m = (void *)((uint8_t *)&h[1]);
105 	const uint8_t *cp;
106 	lws_usec_t us;
107 	int flags, n;
108 
109 	switch (reason) {
110 	case LWS_CALLBACK_PROTOCOL_INIT:
111 		break;
112 
113 	case LWS_CALLBACK_PROTOCOL_DESTROY:
114 		break;
115 
116 	case LWS_CALLBACK_CLIENT_CONNECTION_ERROR:
117 		lwsl_warn("%s: CONNECTION_ERROR\n", __func__);
118 		lws_set_opaque_user_data(wsi, NULL);
119 		h->cwsi = NULL;
120 		lws_sul_schedule(h->context, 0, &h->sul_retry,
121 				 lws_sspc_sul_retry_cb, LWS_US_PER_SEC);
122 		break;
123 
124         case LWS_CALLBACK_RAW_CONNECTED:
125 		if (!h)
126 			return -1;
127 		lwsl_info("%s: CONNECTED (%s)\n", __func__, h->ssi.streamtype);
128 
129 		h->state = LPCS_SENDING_INITIAL_TX;
130 		h->dsh = lws_dsh_create(NULL, (LWS_PRE + LWS_SS_MTU) * 160, 1);
131 		if (!h->dsh)
132 			return -1;
133 
134 		lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND, 3);
135 		lws_callback_on_writable(wsi);
136                 break;
137 
138 	case LWS_CALLBACK_RAW_CLOSE:
139 		/*
140 		 * our ss proxy Unix Domain socket has closed...
141 		 */
142 		lwsl_notice("%s: LWS_CALLBACK_RAW_CLOSE: proxy conn down\n", __func__);
143 		h->cwsi = NULL;
144 		//lws_sspc_destroy(&h);
145 		break;
146 
147 	case LWS_CALLBACK_RAW_RX:
148 		lwsl_info("%s: RAW_RX: rx %d\n", __func__, (int)len);
149 
150 		if (!h || !h->cwsi) {
151 			lwsl_err("%s: rx with bad conn state\n", __func__);
152 
153 			return -1;
154 		}
155 
156 		if (lws_ss_deserialize_parse(&h->parser, lws_get_context(wsi),
157 					     h->dsh, in, len, &h->state, h,
158 					     (lws_ss_handle_t **)m, &h->ssi, 1))
159 			return -1;
160 
161 		if (wsi && h->state == LPCS_LOCAL_CONNECTED)
162 			lws_set_timeout(wsi, 0, 0);
163 
164 		break;
165 
166 	case LWS_CALLBACK_RAW_WRITEABLE:
167 
168 		/*
169 		 * We can transmit something to the proxy...
170 		 */
171 
172 		if (!h)
173 			break;
174 
175 		lwsl_info("%s: WRITEABLE %p: (%s) state %d\n", __func__, wsi,
176 				h->ssi.streamtype, h->state);
177 
178 		n = 0;
179 		cp = s;
180 		s[1] = 0;
181 		switch (h->state) {
182 		case LPCS_SENDING_INITIAL_TX:
183 			n = strlen(h->ssi.streamtype) + 4;
184 
185 			s[0] = LWSSS_SER_TXPRE_STREAMTYPE;
186 			lws_ser_wu16be(&s[1], n);
187 			lws_ser_wu32be(&s[3], h->txc.peer_tx_cr_est);
188 			//h->txcr_out = txc;
189 			lws_strncpy((char *)&s[7], h->ssi.streamtype, sizeof(s) - 7);
190 			n += 3;
191 			h->state = LPCS_WAITING_CREATE_RESULT;
192 			break;
193 
194 		case LPCS_LOCAL_CONNECTED:
195 			if (!h->conn_req)
196 				break;
197 
198 			/*
199 			 * Do we need to prioritize sending any metadata
200 			 * changes?
201 			 */
202 
203 			if (h->metadata_owner.count) {
204 				lws_sspc_metadata_t *md = lws_container_of(
205 					lws_dll2_get_tail(&h->metadata_owner),
206 					lws_sspc_metadata_t, list);
207 
208 				cp = p;
209 				n = lws_sspc_serialize_metadata(md, p);
210 
211 				/* in case anything else to write */
212 				lws_callback_on_writable(h->cwsi);
213 
214 				break;
215 			}
216 
217 
218 			h->conn_req = 0;
219 			s[0] = LWSSS_SER_TXPRE_ONWARD_CONNECT;
220 			s[1] = 0;
221 			s[2] = 0;
222 			n = 3;
223 			break;
224 
225 		case LPCS_OPERATIONAL:
226 
227 			/*
228 			 * Do we want to adjust the peer's ability to write
229 			 * to us?
230 			 */
231 
232 			/*
233 			 * Do we need to prioritize sending any metadata
234 			 * changes?
235 			 */
236 
237 			if (h->metadata_owner.count) {
238 				lws_sspc_metadata_t *md = lws_container_of(
239 					lws_dll2_get_tail(&h->metadata_owner),
240 					lws_sspc_metadata_t, list);
241 
242 				cp = p;
243 				n = lws_sspc_serialize_metadata(md, p);
244 
245 				/* in case anything else to write */
246 				lws_callback_on_writable(h->cwsi);
247 
248 				break;
249 			}
250 
251 
252 			/* we can't write anything if we don't have credit */
253 			if (h->txc.tx_cr <= 0) {
254 				lwsl_notice("%s: WRITEABLE / OPERATIONAL:"
255 					    " lack credit (%d)\n", __func__,
256 					    h->txc.tx_cr);
257 				break;
258 			}
259 
260 			len = sizeof(pkt) - LWS_PRE - 19;
261 			flags = 0;
262 			if (h->ssi.tx(m, h->ord++, pkt + LWS_PRE + 19, &len, &flags))
263 				break;
264 
265 			h->txc.tx_cr -= len;
266 
267 			cp = p;
268 			n = len + 19;
269 			us = lws_now_usecs();
270 			p[0] = LWSSS_SER_TXPRE_TX_PAYLOAD;
271 			lws_ser_wu16be(&p[1], len + 19 - 3);
272 			lws_ser_wu32be(&p[3], flags);
273 			/* time spent here waiting to send this */
274 			lws_ser_wu32be(&p[7], us - h->us_earliest_write_req);
275 			/* ust that the client write happened */
276 			lws_ser_wu64be(&p[11], us);
277 			h->us_earliest_write_req = 0;
278 
279 			if (flags & LWSSS_FLAG_EOM)
280 				if (h->rsidx + 1 < (int)LWS_ARRAY_SIZE(h->rideshare_ofs) &&
281 				    h->rideshare_ofs[h->rsidx + 1])
282 					h->rsidx++;
283 
284 			break;
285 		default:
286 			break;
287 		}
288 
289 		if (!n)
290 			break;
291 
292 		// lwsl_hexdump_notice(cp, n);
293 
294 		n = lws_write(wsi, (uint8_t *)cp, n, LWS_WRITE_RAW);
295 		if (n < 0) {
296 			lwsl_notice("%s: WRITEABLE: %d\n", __func__, n);
297 
298 			goto hangup;
299 		}
300 		break;
301 
302 	default:
303 		break;
304 	}
305 
306 	return lws_callback_http_dummy(wsi, reason, user, in, len);
307 
308 hangup:
309 	lwsl_warn("hangup\n");
310 	/* hang up on him */
311 	return -1;
312 }
313 
314 const struct lws_protocols lws_sspc_protocols[] = {
315 	{
316 		"ssproxy-protocol",
317 		callback_sspc_client,
318 		0,
319 		2048, 2048, NULL, 0
320 	},
321 	{ NULL, NULL, 0, 0, 0, NULL, 0 }
322 };
323 
324 int
lws_sspc_create(struct lws_context * context,int tsi,const lws_ss_info_t * ssi,void * opaque_user_data,lws_sspc_handle_t ** ppss,struct lws_sequencer * seq_owner,const char ** ppayload_fmt)325 lws_sspc_create(struct lws_context *context, int tsi, const lws_ss_info_t *ssi,
326 	        void *opaque_user_data, lws_sspc_handle_t **ppss,
327 	        struct lws_sequencer *seq_owner, const char **ppayload_fmt)
328 {
329 	lws_sspc_handle_t *h;
330 	uint8_t *ua;
331 	char *p;
332 
333 	lwsl_notice("%s: streamtype %s\n", __func__, ssi->streamtype);
334 
335 	/* allocate the handle (including ssi), the user alloc,
336 	 * and the streamname */
337 
338 	h = malloc(sizeof(lws_sspc_handle_t) + ssi->user_alloc +
339 		   strlen(ssi->streamtype) + 1);
340 	memset(h, 0, sizeof(*h));
341 	memcpy(&h->ssi, ssi, sizeof(*ssi));
342 	ua = (uint8_t *)&h[1];
343 	memset(ua, 0, ssi->user_alloc);
344 	p = (char *)ua + ssi->user_alloc;
345 	memcpy(p, ssi->streamtype, strlen(ssi->streamtype) + 1);
346 	h->ssi.streamtype = (const char *)p;
347 	h->context = context;
348 	if (!ssi->manual_initial_tx_credit)
349 		h->txc.peer_tx_cr_est = 500000000;
350 	else
351 		h->txc.peer_tx_cr_est = ssi->manual_initial_tx_credit;
352 
353 	lws_dll2_add_head(&h->client_list, &context->pt[tsi].ss_client_owner);
354 
355 	/* fill in the things the real api does for the caller */
356 
357 	*((void **)(ua + ssi->opaque_user_data_offset)) = opaque_user_data;
358 	*((void **)(ua + ssi->handle_offset)) = h;
359 
360 	if (ppss)
361 		*ppss = h;
362 
363 	/* try the actual connect */
364 
365 	lws_sspc_sul_retry_cb(&h->sul_retry);
366 
367 	return 0;
368 }
369 
370 /* used on context destroy when iterating listed lws_ss on a pt */
371 
372 int
lws_sspc_destroy_dll(struct lws_dll2 * d,void * user)373 lws_sspc_destroy_dll(struct lws_dll2 *d, void *user)
374 {
375 	lws_sspc_handle_t *h = lws_container_of(d, lws_sspc_handle_t, client_list);
376 
377 	lws_sspc_destroy(&h);
378 
379 	return 0;
380 }
381 
382 
383 void
lws_sspc_destroy(lws_sspc_handle_t ** ph)384 lws_sspc_destroy(lws_sspc_handle_t **ph)
385 {
386 	lws_sspc_handle_t *h;
387 	void *m;
388 
389 	lwsl_debug("%s\n", __func__);
390 
391 	if (!*ph)
392 		return;
393 
394 	h = *ph;
395 	m = (void *)((uint8_t *)&h[1]);
396 
397 	if (h->destroying)
398 		return;
399 
400 	h->destroying = 1;
401 
402 	lws_sul_schedule(h->context, 0, &h->sul_retry, NULL,
403 			 LWS_SET_TIMER_USEC_CANCEL);
404 	lws_dll2_remove(&h->client_list);
405 
406 	if (h->dsh)
407 		lws_dsh_destroy(&h->dsh);
408 	if (h->cwsi) {
409 		struct lws *wsi = h->cwsi;
410 		h->cwsi = NULL;
411 		lws_set_timeout(wsi, 1, LWS_TO_KILL_SYNC);
412 	}
413 
414 	/* clean out any pending metadata changes that didn't make it */
415 
416 	lws_start_foreach_dll_safe(struct lws_dll2 *, d, d1,
417 			lws_dll2_get_head(&(*ph)->metadata_owner)) {
418 		lws_sspc_metadata_t *md =
419 				lws_container_of(d, lws_sspc_metadata_t, list);
420 
421 		lws_dll2_remove(&md->list);
422 		lws_free(md);
423 
424 	} lws_end_foreach_dll_safe(d, d1);
425 
426 	h->ssi.state(m, NULL, LWSSSCS_DESTROYING, 0);
427 	*ph = NULL;
428 	free(h);
429 }
430 
431 void
lws_sspc_request_tx(lws_sspc_handle_t * h)432 lws_sspc_request_tx(lws_sspc_handle_t *h)
433 {
434 	if (!h || !h->cwsi)
435 		return;
436 
437 	if (!h->us_earliest_write_req)
438 		h->us_earliest_write_req = lws_now_usecs();
439 
440 	lws_callback_on_writable(h->cwsi);
441 }
442 
443 int
lws_sspc_client_connect(lws_sspc_handle_t * h)444 lws_sspc_client_connect(lws_sspc_handle_t *h)
445 {
446 	if (!h || h->state == LPCS_OPERATIONAL)
447 		return 0;
448 
449 	assert(h->state == LPCS_LOCAL_CONNECTED);
450 	h->conn_req = 1;
451 	if (h->cwsi)
452 		lws_callback_on_writable(h->cwsi);
453 
454 	return 0;
455 }
456 
457 struct lws_context *
lws_sspc_get_context(struct lws_sspc_handle * h)458 lws_sspc_get_context(struct lws_sspc_handle *h)
459 {
460 	return h->context;
461 }
462 
463 const char *
lws_sspc_rideshare(struct lws_sspc_handle * h)464 lws_sspc_rideshare(struct lws_sspc_handle *h)
465 {
466 	/*
467 	 * ...the serialized RX rideshare name if any...
468 	 */
469 
470 	if (h->parser.rideshare[0]) {
471 		lwsl_info("%s: parser %s\n", __func__, h->parser.rideshare);
472 		return h->parser.rideshare;
473 	}
474 
475 	/*
476 	 * The tx rideshare index
477 	 */
478 
479 	if (h->rideshare_list[0]) {
480 		lwsl_info("%s: tx list %s\n", __func__,
481 			  &h->rideshare_list[h->rideshare_ofs[h->rsidx]]);
482 		return &h->rideshare_list[h->rideshare_ofs[h->rsidx]];
483 	}
484 
485 	/*
486 	 * ... otherwise default to our stream type name
487 	 */
488 
489 	lwsl_info("%s: def %s\n", __func__, h->ssi.streamtype);
490 
491 	return h->ssi.streamtype;
492 }
493 
494 static int
_lws_sspc_set_metadata(struct lws_sspc_handle * h,const char * name,void * value,size_t len,int tx_cr_adjust)495 _lws_sspc_set_metadata(struct lws_sspc_handle *h, const char *name,
496 		       void *value, size_t len, int tx_cr_adjust)
497 {
498 	lws_sspc_metadata_t *md;
499 
500 	/*
501 	 * Are we replacing a pending metadata of the same name?  It's not
502 	 * efficient to do this but user code can do what it likes... let's
503 	 * optimize away the old one.
504 	 *
505 	 * Tx credit adjust always has name ""
506 	 */
507 
508 	lws_start_foreach_dll_safe(struct lws_dll2 *, d, d1,
509 				   lws_dll2_get_head(&h->metadata_owner)) {
510 		md = lws_container_of(d, lws_sspc_metadata_t, list);
511 
512 		if (!strcmp(name, md->name)) {
513 			lws_dll2_remove(&md->list);
514 			lws_free(md);
515 			break;
516 		}
517 
518 	} lws_end_foreach_dll_safe(d, d1);
519 
520 	/*
521 	 * We have to stash the metadata and pass it to the proxy
522 	 */
523 
524 	md = lws_malloc(sizeof(*md) + len, "set metadata");
525 	if (!md) {
526 		lwsl_err("%s: OOM\n", __func__);
527 
528 		return 1;
529 	}
530 
531 	memset(md, 0, sizeof(*md));
532 
533 	md->tx_cr_adjust = tx_cr_adjust;
534 	h->txc.peer_tx_cr_est += tx_cr_adjust;
535 
536 	lws_strncpy(md->name, name, sizeof(md->name));
537 	md->len = len;
538 	if (len)
539 		memcpy(&md[1], value, len);
540 
541 	lws_dll2_add_tail(&md->list, &h->metadata_owner);
542 
543 	if (len) {
544 		lwsl_info("%s: set metadata %s\n", __func__, name);
545 		lwsl_hexdump_info(value, len);
546 	} else
547 		lwsl_info("%s: serializing tx cr adj %d\n", __func__,
548 			    (int)tx_cr_adjust);
549 
550 	if (h->cwsi)
551 		lws_callback_on_writable(h->cwsi);
552 
553 	return 0;
554 }
555 
556 int
lws_sspc_set_metadata(struct lws_sspc_handle * h,const char * name,void * value,size_t len)557 lws_sspc_set_metadata(struct lws_sspc_handle *h, const char *name,
558 		      void *value, size_t len)
559 {
560 	return _lws_sspc_set_metadata(h, name, value, len, 0);
561 }
562 
563 int
lws_sspc_add_peer_tx_credit(struct lws_sspc_handle * h,int32_t bump)564 lws_sspc_add_peer_tx_credit(struct lws_sspc_handle *h, int32_t bump)
565 {
566 	lwsl_notice("%s: %d\n", __func__, bump);
567 	return _lws_sspc_set_metadata(h, "", NULL, 0, (int)bump);
568 }
569 
570 int
lws_sspc_get_est_peer_tx_credit(struct lws_sspc_handle * h)571 lws_sspc_get_est_peer_tx_credit(struct lws_sspc_handle *h)
572 {
573 	return h->txc.peer_tx_cr_est;
574 }
575