Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / 0ed80c8ce93a38eca6951ffad5c3143a3a720053 / . / http / websocket.hpp
blob: 9a5aa29737d3060cd73abfca4237e995bf291666 [file] [log] [blame]
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]1#pragma once
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]2#include "async_resp.hpp"
Ed Tanous04e438c2020-10-03 08:06:26 -0700[diff] [blame]3#include "http_request.hpp"
Gunnar Mills1214b7e2020-06-04 10:11:30 -0500[diff] [blame]4
Ed Tanous609145a2018-09-05 16:27:36 -0700[diff] [blame]5#include <boost/asio/buffer.hpp>
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]6#include <boost/beast/core/multi_buffer.hpp>
Ed Tanous1b0044b2018-08-03 14:30:05 -0700[diff] [blame]7#include <boost/beast/websocket.hpp>
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]8
Gunnar Mills1214b7e2020-06-04 10:11:30 -0500[diff] [blame]9#include <array>
10#include <functional>
Ed Tanous1b0044b2018-08-03 14:30:05 -0700[diff] [blame]11
12#ifdef BMCWEB_ENABLE_SSL
13#include <boost/beast/websocket/ssl.hpp>
14#endif
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]15
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]16namespace crow
17{
18namespace websocket
19{
Iwona Klimaszewskac0a1c8a2019-07-12 18:26:38 +0200[diff] [blame]20
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]21enum class MessageType
22{
23 Binary,
24 Text,
25};
26
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]27struct Connection : std::enable_shared_from_this<Connection>
28{
29 public:
Ed Tanouse551b5f2023-02-27 14:19:07 -0800[diff] [blame]30 explicit Connection(const crow::Request& reqIn) : req(reqIn.req)
Ed Tanous23a21a12020-07-25 04:45:05 +0000[diff] [blame]31 {}
Przemyslaw Czarnowski250b0eb2020-02-24 10:23:56 +0100[diff] [blame]32
Ed Tanousecd6a3a2022-01-07 09:18:40 -0800[diff] [blame]33 Connection(const Connection&) = delete;
34 Connection(Connection&&) = delete;
35 Connection& operator=(const Connection&) = delete;
36 Connection& operator=(const Connection&&) = delete;
37
Ed Tanous9eb808c2022-01-25 10:19:23 -0800[diff] [blame]38 virtual void sendBinary(std::string_view msg) = 0;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]39 virtual void sendBinary(std::string&& msg) = 0;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]40 virtual void sendEx(MessageType type, std::string_view msg,
41 std::function<void()>&& onDone) = 0;
Ed Tanous9eb808c2022-01-25 10:19:23 -0800[diff] [blame]42 virtual void sendText(std::string_view msg) = 0;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]43 virtual void sendText(std::string&& msg) = 0;
Ed Tanous9eb808c2022-01-25 10:19:23 -0800[diff] [blame]44 virtual void close(std::string_view msg = "quit") = 0;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]45 virtual void deferRead() = 0;
46 virtual void resumeRead() = 0;
Ed Tanous2c70f802020-09-28 14:29:23 -0700[diff] [blame]47 virtual boost::asio::io_context& getIoContext() = 0;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]48 virtual ~Connection() = default;
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]49
Jan Sowinskiee52ae12020-01-09 16:28:32 +0000[diff] [blame]50 boost::beast::http::request<boost::beast::http::string_body> req;
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]51};
52
Gunnar Mills1214b7e2020-06-04 10:11:30 -0500[diff] [blame]53template <typename Adaptor>
54class ConnectionImpl : public Connection
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]55{
56 public:
57 ConnectionImpl(
Jan Sowinskiee52ae12020-01-09 16:28:32 +0000[diff] [blame]58 const crow::Request& reqIn, Adaptor adaptorIn,
Ed Tanous8a592812022-06-04 09:06:59 -0700[diff] [blame]59 std::function<void(Connection&)> openHandlerIn,
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]60 std::function<void(Connection&, const std::string&, bool)>
Ed Tanous8a592812022-06-04 09:06:59 -0700[diff] [blame]61 messageHandlerIn,
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]62 std::function<void(crow::websocket::Connection&, std::string_view,
63 crow::websocket::MessageType type,
64 std::function<void()>&& whenComplete)>
65 messageExHandlerIn,
Ed Tanous8a592812022-06-04 09:06:59 -0700[diff] [blame]66 std::function<void(Connection&, const std::string&)> closeHandlerIn,
67 std::function<void(Connection&)> errorHandlerIn) :
Ed Tanouse551b5f2023-02-27 14:19:07 -0800[diff] [blame]68 Connection(reqIn),
Ed Tanouse05aec52022-01-25 10:28:56 -0800[diff] [blame]69 ws(std::move(adaptorIn)), inBuffer(inString, 131088),
Ed Tanous8a592812022-06-04 09:06:59 -0700[diff] [blame]70 openHandler(std::move(openHandlerIn)),
71 messageHandler(std::move(messageHandlerIn)),
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]72 messageExHandler(std::move(messageExHandlerIn)),
Ed Tanous8a592812022-06-04 09:06:59 -0700[diff] [blame]73 closeHandler(std::move(closeHandlerIn)),
74 errorHandler(std::move(errorHandlerIn)), session(reqIn.session)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]75 {
dhineskumare02bdd962021-07-08 16:06:49 +0530[diff] [blame]76 /* Turn on the timeouts on websocket stream to server role */
77 ws.set_option(boost::beast::websocket::stream_base::timeout::suggested(
78 boost::beast::role_type::server));
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]79 BMCWEB_LOG_DEBUG << "Creating new connection " << this;
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]80 }
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]81
Ed Tanous2c70f802020-09-28 14:29:23 -0700[diff] [blame]82 boost::asio::io_context& getIoContext() override
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]83 {
Ed Tanous271584a2019-07-09 16:24:22 -0700[diff] [blame]84 return static_cast<boost::asio::io_context&>(
85 ws.get_executor().context());
Ed Tanous911ac312017-08-15 09:37:42 -0700[diff] [blame]86 }
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]87
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]88 void start()
89 {
90 BMCWEB_LOG_DEBUG << "starting connection " << this;
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]91
Ed Tanousfe5b2162019-05-22 14:28:16 -0700[diff] [blame]92 using bf = boost::beast::http::field;
93
Jan Sowinskiee52ae12020-01-09 16:28:32 +0000[diff] [blame]94 std::string_view protocol = req[bf::sec_websocket_protocol];
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]95
Ed Tanousd4d77e32020-08-18 00:07:28 -0700[diff] [blame]96 ws.set_option(boost::beast::websocket::stream_base::decorator(
James Feistf8aa3d22020-04-08 18:32:33 -0700[diff] [blame]97 [session{session}, protocol{std::string(protocol)}](
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]98 boost::beast::websocket::response_type& m) {
James Feistf8aa3d22020-04-08 18:32:33 -0700[diff] [blame]99
100#ifndef BMCWEB_INSECURE_DISABLE_CSRF_PREVENTION
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]101 if (session != nullptr)
102 {
103 // use protocol for csrf checking
104 if (session->cookieAuth &&
105 !crow::utility::constantTimeStringCompare(
106 protocol, session->csrfToken))
James Feistf8aa3d22020-04-08 18:32:33 -0700[diff] [blame]107 {
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]108 BMCWEB_LOG_ERROR << "Websocket CSRF error";
109 m.result(boost::beast::http::status::unauthorized);
110 return;
James Feistf8aa3d22020-04-08 18:32:33 -0700[diff] [blame]111 }
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]112 }
James Feistf8aa3d22020-04-08 18:32:33 -0700[diff] [blame]113#endif
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]114 if (!protocol.empty())
115 {
116 m.insert(bf::sec_websocket_protocol, protocol);
117 }
Ed Tanousfe5b2162019-05-22 14:28:16 -0700[diff] [blame]118
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]119 m.insert(bf::strict_transport_security, "max-age=31536000; "
120 "includeSubdomains; "
121 "preload");
122 m.insert(bf::pragma, "no-cache");
123 m.insert(bf::cache_control, "no-Store,no-Cache");
124 m.insert("Content-Security-Policy", "default-src 'self'");
125 m.insert("X-XSS-Protection", "1; "
126 "mode=block");
127 m.insert("X-Content-Type-Options", "nosniff");
128 }));
Ed Tanousd4d77e32020-08-18 00:07:28 -0700[diff] [blame]129
130 // Perform the websocket upgrade
131 ws.async_accept(req, [this, self(shared_from_this())](
Ed Tanous5e7e2dc2023-02-16 10:37:01 -0800[diff] [blame]132 const boost::system::error_code& ec) {
Ed Tanousd4d77e32020-08-18 00:07:28 -0700[diff] [blame]133 if (ec)
134 {
135 BMCWEB_LOG_ERROR << "Error in ws.async_accept " << ec;
136 return;
137 }
138 acceptDone();
139 });
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]140 }
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]141
Ed Tanous26ccae32023-02-16 10:28:44 -0800[diff] [blame]142 void sendBinary(std::string_view msg) override
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]143 {
144 ws.binary(true);
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]145 outBuffer.commit(boost::asio::buffer_copy(outBuffer.prepare(msg.size()),
146 boost::asio::buffer(msg)));
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]147 doWrite();
148 }
149
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]150 void sendEx(MessageType type, std::string_view msg,
151 std::function<void()>&& onDone) override
152 {
153 if (doingWrite)
154 {
155 BMCWEB_LOG_CRITICAL
156 << "Cannot mix sendEx usage with sendBinary or sendText";
157 onDone();
158 return;
159 }
160 ws.binary(type == MessageType::Binary);
161
162 ws.async_write(boost::asio::buffer(msg),
163 [weak(weak_from_this()), onDone{std::move(onDone)}](
164 const boost::beast::error_code& ec, size_t) {
165 std::shared_ptr<Connection> self = weak.lock();
166
167 // Call the done handler regardless of whether we
168 // errored, but before we close things out
169 onDone();
170
171 if (ec)
172 {
173 BMCWEB_LOG_ERROR << "Error in ws.async_write " << ec;
174 self->close("write error");
175 }
176 });
177 }
178
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]179 void sendBinary(std::string&& msg) override
180 {
181 ws.binary(true);
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]182 outBuffer.commit(boost::asio::buffer_copy(outBuffer.prepare(msg.size()),
183 boost::asio::buffer(msg)));
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]184 doWrite();
185 }
186
Ed Tanous26ccae32023-02-16 10:28:44 -0800[diff] [blame]187 void sendText(std::string_view msg) override
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]188 {
189 ws.text(true);
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]190 outBuffer.commit(boost::asio::buffer_copy(outBuffer.prepare(msg.size()),
191 boost::asio::buffer(msg)));
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]192 doWrite();
193 }
194
195 void sendText(std::string&& msg) override
196 {
197 ws.text(true);
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]198 outBuffer.commit(boost::asio::buffer_copy(outBuffer.prepare(msg.size()),
199 boost::asio::buffer(msg)));
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]200 doWrite();
201 }
202
Ed Tanous26ccae32023-02-16 10:28:44 -0800[diff] [blame]203 void close(std::string_view msg) override
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]204 {
205 ws.async_close(
Wludzik, Jozeff6a0d632020-07-16 15:16:02 +0200[diff] [blame]206 {boost::beast::websocket::close_code::normal, msg},
Ed Tanous5e7e2dc2023-02-16 10:37:01 -0800[diff] [blame]207 [self(shared_from_this())](const boost::system::error_code& ec) {
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]208 if (ec == boost::asio::error::operation_aborted)
209 {
210 return;
211 }
212 if (ec)
213 {
214 BMCWEB_LOG_ERROR << "Error closing websocket " << ec;
215 return;
216 }
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]217 });
218 }
219
220 void acceptDone()
221 {
222 BMCWEB_LOG_DEBUG << "Websocket accepted connection";
223
224 if (openHandler)
225 {
zhanghch0577726382021-10-21 14:07:57 +0800[diff] [blame]226 openHandler(*this);
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]227 }
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]228 doRead();
229 }
230
231 void deferRead() override
232 {
233 readingDefered = true;
234
235 // If we're not actively reading, we need to take ownership of
236 // ourselves for a small portion of time, do that, and clear when we
237 // resume.
238 selfOwned = shared_from_this();
239 }
240
241 void resumeRead() override
242 {
243 readingDefered = false;
244 doRead();
245
246 // No longer need to keep ourselves alive now that read is active.
247 selfOwned.reset();
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]248 }
249
250 void doRead()
251 {
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]252 if (readingDefered)
253 {
254 return;
255 }
256 ws.async_read(inBuffer, [this, self(shared_from_this())](
257 const boost::beast::error_code& ec,
258 size_t bytesRead) {
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]259 if (ec)
260 {
261 if (ec != boost::beast::websocket::error::closed)
262 {
263 BMCWEB_LOG_ERROR << "doRead error " << ec;
264 }
265 if (closeHandler)
266 {
Ed Tanous079360a2022-06-29 10:05:19 -0700[diff] [blame]267 std::string reason{ws.reason().reason.c_str()};
268 closeHandler(*this, reason);
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]269 }
270 return;
271 }
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]272
273 handleMessage(bytesRead);
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]274 });
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]275 }
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]276 void doWrite()
277 {
278 // If we're already doing a write, ignore the request, it will be picked
279 // up when the current write is complete
280 if (doingWrite)
281 {
282 return;
283 }
284
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]285 if (outBuffer.size() == 0)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]286 {
287 // Done for now
288 return;
289 }
290 doingWrite = true;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]291 ws.async_write(outBuffer.data(), [this, self(shared_from_this())](
292 const boost::beast::error_code& ec,
293 size_t bytesSent) {
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]294 doingWrite = false;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]295 outBuffer.consume(bytesSent);
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]296 if (ec == boost::beast::websocket::error::closed)
297 {
298 // Do nothing here. doRead handler will call the
299 // closeHandler.
300 close("Write error");
301 return;
302 }
303 if (ec)
304 {
305 BMCWEB_LOG_ERROR << "Error in ws.async_write " << ec;
306 return;
307 }
308 doWrite();
309 });
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]310 }
311
312 private:
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]313 void handleMessage(size_t bytesRead)
314 {
315 if (messageExHandler)
316 {
317 // Note, because of the interactions with the read buffers,
318 // this message handler overrides the normal message handler
319 messageExHandler(*this, inString, MessageType::Binary,
320 [this, self(shared_from_this()), bytesRead]() {
321 if (self == nullptr)
322 {
323 return;
324 }
325
326 inBuffer.consume(bytesRead);
327 inString.clear();
328
329 doRead();
330 });
331 return;
332 }
333
334 if (messageHandler)
335 {
336 messageHandler(*this, inString, ws.got_text());
337 }
338 inBuffer.consume(bytesRead);
339 inString.clear();
340 doRead();
341 }
342
Ed Tanous2aee6ca2021-02-01 09:52:17 -0800[diff] [blame]343 boost::beast::websocket::stream<Adaptor, false> ws;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]344
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]345 bool readingDefered = false;
Ed Tanous609145a2018-09-05 16:27:36 -0700[diff] [blame]346 std::string inString;
347 boost::asio::dynamic_string_buffer<std::string::value_type,
348 std::string::traits_type,
349 std::string::allocator_type>
350 inBuffer;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]351
352 boost::beast::multi_buffer outBuffer;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]353 bool doingWrite = false;
354
zhanghch0577726382021-10-21 14:07:57 +0800[diff] [blame]355 std::function<void(Connection&)> openHandler;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]356 std::function<void(Connection&, const std::string&, bool)> messageHandler;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]357 std::function<void(crow::websocket::Connection&, std::string_view,
358 crow::websocket::MessageType type,
359 std::function<void()>&& whenComplete)>
360 messageExHandler;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]361 std::function<void(Connection&, const std::string&)> closeHandler;
362 std::function<void(Connection&)> errorHandler;
Ed Tanous52cc1122020-07-18 13:51:21 -0700[diff] [blame]363 std::shared_ptr<persistent_data::UserSession> session;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]364
365 std::shared_ptr<Connection> selfOwned;
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]366};
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]367} // namespace websocket
368} // namespace crow