Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 1 | #pragma once |
Ed Tanous | 3ccb3ad | 2023-01-13 17:40:03 -0800 | [diff] [blame] | 2 | #include "async_resp.hpp" |
Ed Tanous | 04e438c | 2020-10-03 08:06:26 -0700 | [diff] [blame] | 3 | #include "http_request.hpp" |
Gunnar Mills | 1214b7e | 2020-06-04 10:11:30 -0500 | [diff] [blame] | 4 | |
Ed Tanous | 609145a | 2018-09-05 16:27:36 -0700 | [diff] [blame] | 5 | #include <boost/asio/buffer.hpp> |
Ed Tanous | 1b0044b | 2018-08-03 14:30:05 -0700 | [diff] [blame] | 6 | #include <boost/beast/websocket.hpp> |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 7 | |
Gunnar Mills | 1214b7e | 2020-06-04 10:11:30 -0500 | [diff] [blame] | 8 | #include <array> |
| 9 | #include <functional> |
Ed Tanous | 1b0044b | 2018-08-03 14:30:05 -0700 | [diff] [blame] | 10 | |
| 11 | #ifdef BMCWEB_ENABLE_SSL |
| 12 | #include <boost/beast/websocket/ssl.hpp> |
| 13 | #endif |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 14 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 15 | namespace crow |
| 16 | { |
| 17 | namespace websocket |
| 18 | { |
Iwona Klimaszewska | c0a1c8a | 2019-07-12 18:26:38 +0200 | [diff] [blame] | 19 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 20 | struct Connection : std::enable_shared_from_this<Connection> |
| 21 | { |
| 22 | public: |
Ed Tanous | e551b5f | 2023-02-27 14:19:07 -0800 | [diff] [blame] | 23 | explicit Connection(const crow::Request& reqIn) : req(reqIn.req) |
Ed Tanous | 23a21a1 | 2020-07-25 04:45:05 +0000 | [diff] [blame] | 24 | {} |
Przemyslaw Czarnowski | 250b0eb | 2020-02-24 10:23:56 +0100 | [diff] [blame] | 25 | |
Ed Tanous | ecd6a3a | 2022-01-07 09:18:40 -0800 | [diff] [blame] | 26 | Connection(const Connection&) = delete; |
| 27 | Connection(Connection&&) = delete; |
| 28 | Connection& operator=(const Connection&) = delete; |
| 29 | Connection& operator=(const Connection&&) = delete; |
| 30 | |
Ed Tanous | 9eb808c | 2022-01-25 10:19:23 -0800 | [diff] [blame] | 31 | virtual void sendBinary(std::string_view msg) = 0; |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 32 | virtual void sendBinary(std::string&& msg) = 0; |
Ed Tanous | 9eb808c | 2022-01-25 10:19:23 -0800 | [diff] [blame] | 33 | virtual void sendText(std::string_view msg) = 0; |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 34 | virtual void sendText(std::string&& msg) = 0; |
Ed Tanous | 9eb808c | 2022-01-25 10:19:23 -0800 | [diff] [blame] | 35 | virtual void close(std::string_view msg = "quit") = 0; |
Ed Tanous | 2c70f80 | 2020-09-28 14:29:23 -0700 | [diff] [blame] | 36 | virtual boost::asio::io_context& getIoContext() = 0; |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 37 | virtual ~Connection() = default; |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 38 | |
Jan Sowinski | ee52ae1 | 2020-01-09 16:28:32 +0000 | [diff] [blame] | 39 | boost::beast::http::request<boost::beast::http::string_body> req; |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 40 | }; |
| 41 | |
Gunnar Mills | 1214b7e | 2020-06-04 10:11:30 -0500 | [diff] [blame] | 42 | template <typename Adaptor> |
| 43 | class ConnectionImpl : public Connection |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 44 | { |
| 45 | public: |
| 46 | ConnectionImpl( |
Jan Sowinski | ee52ae1 | 2020-01-09 16:28:32 +0000 | [diff] [blame] | 47 | const crow::Request& reqIn, Adaptor adaptorIn, |
Ed Tanous | 8a59281 | 2022-06-04 09:06:59 -0700 | [diff] [blame] | 48 | std::function<void(Connection&)> openHandlerIn, |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 49 | std::function<void(Connection&, const std::string&, bool)> |
Ed Tanous | 8a59281 | 2022-06-04 09:06:59 -0700 | [diff] [blame] | 50 | messageHandlerIn, |
| 51 | std::function<void(Connection&, const std::string&)> closeHandlerIn, |
| 52 | std::function<void(Connection&)> errorHandlerIn) : |
Ed Tanous | e551b5f | 2023-02-27 14:19:07 -0800 | [diff] [blame] | 53 | Connection(reqIn), |
Ed Tanous | e05aec5 | 2022-01-25 10:28:56 -0800 | [diff] [blame] | 54 | ws(std::move(adaptorIn)), inBuffer(inString, 131088), |
Ed Tanous | 8a59281 | 2022-06-04 09:06:59 -0700 | [diff] [blame] | 55 | openHandler(std::move(openHandlerIn)), |
| 56 | messageHandler(std::move(messageHandlerIn)), |
| 57 | closeHandler(std::move(closeHandlerIn)), |
| 58 | errorHandler(std::move(errorHandlerIn)), session(reqIn.session) |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 59 | { |
dhineskumare | 02bdd96 | 2021-07-08 16:06:49 +0530 | [diff] [blame] | 60 | /* Turn on the timeouts on websocket stream to server role */ |
| 61 | ws.set_option(boost::beast::websocket::stream_base::timeout::suggested( |
| 62 | boost::beast::role_type::server)); |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 63 | BMCWEB_LOG_DEBUG << "Creating new connection " << this; |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 64 | } |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 65 | |
Ed Tanous | 2c70f80 | 2020-09-28 14:29:23 -0700 | [diff] [blame] | 66 | boost::asio::io_context& getIoContext() override |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 67 | { |
Ed Tanous | 271584a | 2019-07-09 16:24:22 -0700 | [diff] [blame] | 68 | return static_cast<boost::asio::io_context&>( |
| 69 | ws.get_executor().context()); |
Ed Tanous | 911ac31 | 2017-08-15 09:37:42 -0700 | [diff] [blame] | 70 | } |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 71 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 72 | void start() |
| 73 | { |
| 74 | BMCWEB_LOG_DEBUG << "starting connection " << this; |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 75 | |
Ed Tanous | fe5b216 | 2019-05-22 14:28:16 -0700 | [diff] [blame] | 76 | using bf = boost::beast::http::field; |
| 77 | |
Jan Sowinski | ee52ae1 | 2020-01-09 16:28:32 +0000 | [diff] [blame] | 78 | std::string_view protocol = req[bf::sec_websocket_protocol]; |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 79 | |
Ed Tanous | d4d77e3 | 2020-08-18 00:07:28 -0700 | [diff] [blame] | 80 | ws.set_option(boost::beast::websocket::stream_base::decorator( |
James Feist | f8aa3d2 | 2020-04-08 18:32:33 -0700 | [diff] [blame] | 81 | [session{session}, protocol{std::string(protocol)}]( |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 82 | boost::beast::websocket::response_type& m) { |
James Feist | f8aa3d2 | 2020-04-08 18:32:33 -0700 | [diff] [blame] | 83 | |
| 84 | #ifndef BMCWEB_INSECURE_DISABLE_CSRF_PREVENTION |
Ed Tanous | 002d39b | 2022-05-31 08:59:27 -0700 | [diff] [blame] | 85 | if (session != nullptr) |
| 86 | { |
| 87 | // use protocol for csrf checking |
| 88 | if (session->cookieAuth && |
| 89 | !crow::utility::constantTimeStringCompare( |
| 90 | protocol, session->csrfToken)) |
James Feist | f8aa3d2 | 2020-04-08 18:32:33 -0700 | [diff] [blame] | 91 | { |
Ed Tanous | 002d39b | 2022-05-31 08:59:27 -0700 | [diff] [blame] | 92 | BMCWEB_LOG_ERROR << "Websocket CSRF error"; |
| 93 | m.result(boost::beast::http::status::unauthorized); |
| 94 | return; |
James Feist | f8aa3d2 | 2020-04-08 18:32:33 -0700 | [diff] [blame] | 95 | } |
Ed Tanous | 002d39b | 2022-05-31 08:59:27 -0700 | [diff] [blame] | 96 | } |
James Feist | f8aa3d2 | 2020-04-08 18:32:33 -0700 | [diff] [blame] | 97 | #endif |
Ed Tanous | 002d39b | 2022-05-31 08:59:27 -0700 | [diff] [blame] | 98 | if (!protocol.empty()) |
| 99 | { |
| 100 | m.insert(bf::sec_websocket_protocol, protocol); |
| 101 | } |
Ed Tanous | fe5b216 | 2019-05-22 14:28:16 -0700 | [diff] [blame] | 102 | |
Ed Tanous | 002d39b | 2022-05-31 08:59:27 -0700 | [diff] [blame] | 103 | m.insert(bf::strict_transport_security, "max-age=31536000; " |
| 104 | "includeSubdomains; " |
| 105 | "preload"); |
| 106 | m.insert(bf::pragma, "no-cache"); |
| 107 | m.insert(bf::cache_control, "no-Store,no-Cache"); |
| 108 | m.insert("Content-Security-Policy", "default-src 'self'"); |
| 109 | m.insert("X-XSS-Protection", "1; " |
| 110 | "mode=block"); |
| 111 | m.insert("X-Content-Type-Options", "nosniff"); |
| 112 | })); |
Ed Tanous | d4d77e3 | 2020-08-18 00:07:28 -0700 | [diff] [blame] | 113 | |
| 114 | // Perform the websocket upgrade |
| 115 | ws.async_accept(req, [this, self(shared_from_this())]( |
Ed Tanous | 5e7e2dc | 2023-02-16 10:37:01 -0800 | [diff] [blame] | 116 | const boost::system::error_code& ec) { |
Ed Tanous | d4d77e3 | 2020-08-18 00:07:28 -0700 | [diff] [blame] | 117 | if (ec) |
| 118 | { |
| 119 | BMCWEB_LOG_ERROR << "Error in ws.async_accept " << ec; |
| 120 | return; |
| 121 | } |
| 122 | acceptDone(); |
| 123 | }); |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 124 | } |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 125 | |
Ed Tanous | 26ccae3 | 2023-02-16 10:28:44 -0800 | [diff] [blame] | 126 | void sendBinary(std::string_view msg) override |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 127 | { |
| 128 | ws.binary(true); |
| 129 | outBuffer.emplace_back(msg); |
| 130 | doWrite(); |
| 131 | } |
| 132 | |
| 133 | void sendBinary(std::string&& msg) override |
| 134 | { |
| 135 | ws.binary(true); |
| 136 | outBuffer.emplace_back(std::move(msg)); |
| 137 | doWrite(); |
| 138 | } |
| 139 | |
Ed Tanous | 26ccae3 | 2023-02-16 10:28:44 -0800 | [diff] [blame] | 140 | void sendText(std::string_view msg) override |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 141 | { |
| 142 | ws.text(true); |
| 143 | outBuffer.emplace_back(msg); |
| 144 | doWrite(); |
| 145 | } |
| 146 | |
| 147 | void sendText(std::string&& msg) override |
| 148 | { |
| 149 | ws.text(true); |
| 150 | outBuffer.emplace_back(std::move(msg)); |
| 151 | doWrite(); |
| 152 | } |
| 153 | |
Ed Tanous | 26ccae3 | 2023-02-16 10:28:44 -0800 | [diff] [blame] | 154 | void close(std::string_view msg) override |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 155 | { |
| 156 | ws.async_close( |
Wludzik, Jozef | f6a0d63 | 2020-07-16 15:16:02 +0200 | [diff] [blame] | 157 | {boost::beast::websocket::close_code::normal, msg}, |
Ed Tanous | 5e7e2dc | 2023-02-16 10:37:01 -0800 | [diff] [blame] | 158 | [self(shared_from_this())](const boost::system::error_code& ec) { |
Ed Tanous | 002d39b | 2022-05-31 08:59:27 -0700 | [diff] [blame] | 159 | if (ec == boost::asio::error::operation_aborted) |
| 160 | { |
| 161 | return; |
| 162 | } |
| 163 | if (ec) |
| 164 | { |
| 165 | BMCWEB_LOG_ERROR << "Error closing websocket " << ec; |
| 166 | return; |
| 167 | } |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 168 | }); |
| 169 | } |
| 170 | |
| 171 | void acceptDone() |
| 172 | { |
| 173 | BMCWEB_LOG_DEBUG << "Websocket accepted connection"; |
| 174 | |
Nan Zhou | 72374eb | 2022-01-27 17:06:51 -0800 | [diff] [blame] | 175 | doRead(); |
Iwona Klimaszewska | c0a1c8a | 2019-07-12 18:26:38 +0200 | [diff] [blame] | 176 | |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 177 | if (openHandler) |
| 178 | { |
zhanghch05 | 7772638 | 2021-10-21 14:07:57 +0800 | [diff] [blame] | 179 | openHandler(*this); |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 180 | } |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 181 | } |
| 182 | |
| 183 | void doRead() |
| 184 | { |
Adriana Kobylak | ae29b8c | 2019-04-24 11:19:18 -0500 | [diff] [blame] | 185 | ws.async_read(inBuffer, |
| 186 | [this, self(shared_from_this())]( |
Ed Tanous | 81ce609 | 2020-12-17 16:54:55 +0000 | [diff] [blame] | 187 | boost::beast::error_code ec, std::size_t bytesRead) { |
Ed Tanous | 002d39b | 2022-05-31 08:59:27 -0700 | [diff] [blame] | 188 | if (ec) |
| 189 | { |
| 190 | if (ec != boost::beast::websocket::error::closed) |
| 191 | { |
| 192 | BMCWEB_LOG_ERROR << "doRead error " << ec; |
| 193 | } |
| 194 | if (closeHandler) |
| 195 | { |
Ed Tanous | 079360a | 2022-06-29 10:05:19 -0700 | [diff] [blame] | 196 | std::string reason{ws.reason().reason.c_str()}; |
| 197 | closeHandler(*this, reason); |
Ed Tanous | 002d39b | 2022-05-31 08:59:27 -0700 | [diff] [blame] | 198 | } |
| 199 | return; |
| 200 | } |
| 201 | if (messageHandler) |
| 202 | { |
| 203 | messageHandler(*this, inString, ws.got_text()); |
| 204 | } |
| 205 | inBuffer.consume(bytesRead); |
| 206 | inString.clear(); |
| 207 | doRead(); |
| 208 | }); |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 209 | } |
| 210 | |
| 211 | void doWrite() |
| 212 | { |
| 213 | // If we're already doing a write, ignore the request, it will be picked |
| 214 | // up when the current write is complete |
| 215 | if (doingWrite) |
| 216 | { |
| 217 | return; |
| 218 | } |
| 219 | |
| 220 | if (outBuffer.empty()) |
| 221 | { |
| 222 | // Done for now |
| 223 | return; |
| 224 | } |
| 225 | doingWrite = true; |
Ed Tanous | cb13a39 | 2020-07-25 19:02:03 +0000 | [diff] [blame] | 226 | ws.async_write(boost::asio::buffer(outBuffer.front()), |
| 227 | [this, self(shared_from_this())]( |
| 228 | boost::beast::error_code ec, std::size_t) { |
Ed Tanous | 002d39b | 2022-05-31 08:59:27 -0700 | [diff] [blame] | 229 | doingWrite = false; |
| 230 | outBuffer.erase(outBuffer.begin()); |
| 231 | if (ec == boost::beast::websocket::error::closed) |
| 232 | { |
| 233 | // Do nothing here. doRead handler will call the |
| 234 | // closeHandler. |
| 235 | close("Write error"); |
| 236 | return; |
| 237 | } |
| 238 | if (ec) |
| 239 | { |
| 240 | BMCWEB_LOG_ERROR << "Error in ws.async_write " << ec; |
| 241 | return; |
| 242 | } |
| 243 | doWrite(); |
| 244 | }); |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 245 | } |
| 246 | |
| 247 | private: |
Ed Tanous | 2aee6ca | 2021-02-01 09:52:17 -0800 | [diff] [blame] | 248 | boost::beast::websocket::stream<Adaptor, false> ws; |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 249 | |
Ed Tanous | 609145a | 2018-09-05 16:27:36 -0700 | [diff] [blame] | 250 | std::string inString; |
| 251 | boost::asio::dynamic_string_buffer<std::string::value_type, |
| 252 | std::string::traits_type, |
| 253 | std::string::allocator_type> |
| 254 | inBuffer; |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 255 | std::vector<std::string> outBuffer; |
| 256 | bool doingWrite = false; |
| 257 | |
zhanghch05 | 7772638 | 2021-10-21 14:07:57 +0800 | [diff] [blame] | 258 | std::function<void(Connection&)> openHandler; |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 259 | std::function<void(Connection&, const std::string&, bool)> messageHandler; |
| 260 | std::function<void(Connection&, const std::string&)> closeHandler; |
| 261 | std::function<void(Connection&)> errorHandler; |
Ed Tanous | 52cc112 | 2020-07-18 13:51:21 -0700 | [diff] [blame] | 262 | std::shared_ptr<persistent_data::UserSession> session; |
Ed Tanous | 7045c8d | 2017-04-03 10:04:37 -0700 | [diff] [blame] | 263 | }; |
Ed Tanous | 1abe55e | 2018-09-05 08:30:59 -0700 | [diff] [blame] | 264 | } // namespace websocket |
| 265 | } // namespace crow |