prosody-modules: mod_websocket/mod_websocket.lua comparison

comparison mod_websocket/mod_websocket.lua @ 842:32df4d13f178

mod_websocket: More robust frame handling

author	Florian Zeitz <florob@babelmonkeys.de>
date	Fri, 05 Oct 2012 16:57:34 +0200
parents	f568661c9d39
children	a0987c0e4e1d

comparison

equal deleted inserted replaced

-:0649883de4d3
+:32df4d13f178
 	local pos = 1;
 	local length_bytes = 0;
 	local counter = 0;
 	local tmp_byte;
+	if #frame < 2 then return; end
 	tmp_byte = string.byte(frame, pos);
 	result.FIN = band(tmp_byte, 0x80) > 0;
 	result.RSV1 = band(tmp_byte, 0x40) > 0;
 	result.RSV2 = band(tmp_byte, 0x20) > 0;
 	result.RSV3 = band(tmp_byte, 0x10) > 0;
 	elseif result.length == 127 then
 		length_bytes = 8;
 		result.length = 0;
 	end
+	if #frame < (2 + length_bytes) then return; end
 	for i = 1, length_bytes do
 		pos = pos + 1;
 		result.length = result.length * 256 + string.byte(frame, pos);
 	end
+	if #frame < (2 + length_bytes + (result.MASK and 4 or 0) + result.length) then return; end
 	if result.MASK then
 		result.key = {string.byte(frame, pos+1), string.byte(frame, pos+2),
 				string.byte(frame, pos+3), string.byte(frame, pos+4)}
 		end
 	else
 		result.data = frame:sub(pos + 1, pos + result.length);
 	end
-	return result;
+	return result, 2 + length_bytes + (result.MASK and 4 or 0) + result.length;
 end
 local function build_frame(desc)
 	local length;
 	local result = "";
+	local data = desc.data or "";
 	result = result .. string.char(0x80 * (desc.FIN and 1 or 0) + desc.opcode);
-	length = #desc.data;
+	length = #data;
 	if length <= 125 then -- 7-bit length
 		result = result .. string.char(length);
 	elseif length <= 0xFFFF then -- 2-byte length
 		result = result .. string.char(126);
 		result = result .. string.char(length/0x100) .. string.char(length%0x100);
 		for i = 7, 0, -1 do
 			result = result .. string.char(( length / (2^(8*i)) ) % 0x100);
 		end
 	end
-	result = result .. desc.data;
+	result = result .. data;
 	return result;
 end
 --- Stream events handlers
 	function session.reset_stream()
 		session.notopen = true;
 		session.stream:reset();
 	end
+	local function websocket_close(code, message)
+		local data = string.char(code/0x100) .. string.char(code%0x100) .. message;
+		conn:write(build_frame({opcode = 0x8, FIN = true, data = data}));
+		conn:close();
+	end
 	local filter = session.filter;
-	local buffer = "";
+	local dataBuffer;
-	function session.data(data)
+	local function handle_frame(frame)
-		local frame = parse_frame(data);
 		module:log("debug", "Websocket received: %s (%i bytes)", frame.data, #frame.data);
-		if frame.opcode == 0x0 or frame.opcode == 0x1 then -- Text or continuation frame
-			buffer = buffer .. frame.data;
+		-- Error cases
+		if frame.RSV1 or frame.RSV2 or frame.RSV3 then -- Reserved bits non zero
+			websocket_close(1002, "Reserved bits not zero");
+			return false;
+		end
+		if frame.opcode >= 0x8 and frame.length > 125 then -- Control frame with too much payload
+			websocket_close(1002, "Payload too large");
+			return false;
+		end
+		if frame.opcode >= 0x8 and not frame.FIN then -- Fragmented control frame
+			websocket_close(1002, "Fragmented control frame");
+			return false;
+		end
+		if (frame.opcode > 0x2 and frame.opcode < 0x8) or (frame.opcode > 0xA) then
+			websocket_close(1002, "Reserved opcode");
+			return false;
+		end
+		if frame.opcode == 0x0 and not dataBuffer then
+			websocket_close(1002, "Unexpected continuation frame");
+			return false;
+		end
+		if (frame.opcode == 0x1 or frame.opcode == 0x2) and dataBuffer then
+			websocket_close(1002, "Continuation frame expected");
+			return false;
+		end
+		-- Valid cases
+		if frame.opcode == 0x0 then -- Continuation frame
+			dataBuffer = dataBuffer .. frame.data;
+		elseif frame.opcode == 0x1 then -- Text frame
+			dataBuffer = frame.data;
+		elseif frame.opcode == 0x2 then -- Binary frame
+			websocket_close(1003, "Only text frames are supported");
+			return false;
+		elseif frame.opcode == 0x8 then -- Close request
+			websocket_close(1000, "Goodbye");
+			return false;
 		elseif frame.opcode == 0x9 then -- Ping frame
 			frame.opcode = 0xA;
 			conn:write(build_frame(frame));
-			return;
+			return true;
 		else
 			log("warn", "Received frame with unsupported opcode %i", frame.opcode);
-			return;
+			return true;
 		end
 		if frame.FIN then
-			data = buffer;
+			data = dataBuffer;
-			buffer = "";
+			dataBuffer = nil;
 			-- COMPAT: Current client implementations send a self-closing <stream:stream>
 			if self_closing_stream then
 				data = data:gsub("(<stream:stream.*)/>$", "%1>");
 			end
 				local ok, err = stream:feed(data);
 				if ok then return; end
 				log("debug", "Received invalid XML (%s) %d bytes: %s", tostring(err), #data, data:sub(1, 300):gsub("[\r\n]+", " "):gsub("[%z\1-\31]", "_"));
 				session:close("not-well-formed");
 			end
+		end
+		return true;
+	end
+	local frameBuffer = "";
+	function session.data(data)
+		frameBuffer = frameBuffer .. data;
+		local frame, length = parse_frame(frameBuffer);
+		while frame do
+			frameBuffer = frameBuffer:sub(length + 1);
+			if not handle_frame(frame) then return; end
+			frame, length = parse_frame(frameBuffer);
 		end
 	end
 	function session.send(s)
 		conn:write(build_frame({ FIN = true, opcode = 0x01, data = tostring(s)}));
 		return [[<!DOCTYPE html><html><head><title>Websocket</title></head><body>
 			<p>It works! Now point your WebSocket client to this URL to connect to Prosody.</p>
 			</body></html>]];
 	end
+	-- TODO: Handle requested subprotocols
 	response.conn:setlistener(listener);
 	response.status = "101 Switching Protocols";
 	response.headers.Upgrade = "websocket";
 	response.headers.Connection = "Upgrade";
 	response.headers.Sec_WebSocket_Accept = base64(sha1(request.headers.sec_websocket_key .. "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"));

Mercurial > prosody-modules

comparison mod_websocket/mod_websocket.lua @ 842:32df4d13f178