Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / f42e859032d9a28752108b327f02340be4de8de2 / . / http / websocket.hpp
blob: 216c4131dbb395e4a23300d184eaa881fb48bd3e [file] [log] [blame]
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]1#pragma once
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]2#include "async_resp.hpp"
Ed Tanous04e438c2020-10-03 08:06:26 -0700[diff] [blame]3#include "http_request.hpp"
Gunnar Mills1214b7e2020-06-04 10:11:30 -0500[diff] [blame]4
Ed Tanous609145a2018-09-05 16:27:36 -0700[diff] [blame]5#include <boost/asio/buffer.hpp>
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]6#include <boost/beast/core/multi_buffer.hpp>
Ed Tanous1b0044b2018-08-03 14:30:05 -0700[diff] [blame]7#include <boost/beast/websocket.hpp>
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]8
Gunnar Mills1214b7e2020-06-04 10:11:30 -0500[diff] [blame]9#include <array>
10#include <functional>
Ed Tanous1b0044b2018-08-03 14:30:05 -0700[diff] [blame]11
12#ifdef BMCWEB_ENABLE_SSL
13#include <boost/beast/websocket/ssl.hpp>
14#endif
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]15
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]16namespace crow
17{
18namespace websocket
19{
Iwona Klimaszewskac0a1c8a2019-07-12 18:26:38 +0200[diff] [blame]20
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]21enum class MessageType
22{
23 Binary,
24 Text,
25};
26
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]27struct Connection : std::enable_shared_from_this<Connection>
28{
29 public:
Patrick Williams89492a12023-05-10 07:51:34 -0500[diff] [blame]30 explicit Connection(const crow::Request& reqIn) : req(reqIn.req) {}
Przemyslaw Czarnowski250b0eb2020-02-24 10:23:56 +0100[diff] [blame]31
Ed Tanousecd6a3a2022-01-07 09:18:40 -0800[diff] [blame]32 Connection(const Connection&) = delete;
33 Connection(Connection&&) = delete;
34 Connection& operator=(const Connection&) = delete;
35 Connection& operator=(const Connection&&) = delete;
36
Ed Tanous9eb808c2022-01-25 10:19:23 -0800[diff] [blame]37 virtual void sendBinary(std::string_view msg) = 0;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]38 virtual void sendBinary(std::string&& msg) = 0;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]39 virtual void sendEx(MessageType type, std::string_view msg,
40 std::function<void()>&& onDone) = 0;
Ed Tanous9eb808c2022-01-25 10:19:23 -0800[diff] [blame]41 virtual void sendText(std::string_view msg) = 0;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]42 virtual void sendText(std::string&& msg) = 0;
Ed Tanous9eb808c2022-01-25 10:19:23 -0800[diff] [blame]43 virtual void close(std::string_view msg = "quit") = 0;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]44 virtual void deferRead() = 0;
45 virtual void resumeRead() = 0;
Ed Tanous2c70f802020-09-28 14:29:23 -0700[diff] [blame]46 virtual boost::asio::io_context& getIoContext() = 0;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]47 virtual ~Connection() = default;
Ninad Palsule052bcbf2023-05-30 11:10:58 -0500[diff] [blame]48 virtual boost::urls::url_view url() = 0;
Jan Sowinskiee52ae12020-01-09 16:28:32 +0000[diff] [blame]49 boost::beast::http::request<boost::beast::http::string_body> req;
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]50};
51
Gunnar Mills1214b7e2020-06-04 10:11:30 -0500[diff] [blame]52template <typename Adaptor>
53class ConnectionImpl : public Connection
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]54{
55 public:
56 ConnectionImpl(
Ninad Palsule052bcbf2023-05-30 11:10:58 -0500[diff] [blame]57 const crow::Request& reqIn, boost::urls::url_view urlViewIn,
58 Adaptor adaptorIn, std::function<void(Connection&)> openHandlerIn,
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]59 std::function<void(Connection&, const std::string&, bool)>
Ed Tanous8a592812022-06-04 09:06:59 -0700[diff] [blame]60 messageHandlerIn,
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]61 std::function<void(crow::websocket::Connection&, std::string_view,
62 crow::websocket::MessageType type,
63 std::function<void()>&& whenComplete)>
64 messageExHandlerIn,
Ed Tanous8a592812022-06-04 09:06:59 -0700[diff] [blame]65 std::function<void(Connection&, const std::string&)> closeHandlerIn,
66 std::function<void(Connection&)> errorHandlerIn) :
Ed Tanouse551b5f2023-02-27 14:19:07 -0800[diff] [blame]67 Connection(reqIn),
Ninad Palsule052bcbf2023-05-30 11:10:58 -0500[diff] [blame]68 uri(urlViewIn), ws(std::move(adaptorIn)), inBuffer(inString, 131088),
Ed Tanous8a592812022-06-04 09:06:59 -0700[diff] [blame]69 openHandler(std::move(openHandlerIn)),
70 messageHandler(std::move(messageHandlerIn)),
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]71 messageExHandler(std::move(messageExHandlerIn)),
Ed Tanous8a592812022-06-04 09:06:59 -0700[diff] [blame]72 closeHandler(std::move(closeHandlerIn)),
73 errorHandler(std::move(errorHandlerIn)), session(reqIn.session)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]74 {
dhineskumare02bdd962021-07-08 16:06:49 +0530[diff] [blame]75 /* Turn on the timeouts on websocket stream to server role */
76 ws.set_option(boost::beast::websocket::stream_base::timeout::suggested(
77 boost::beast::role_type::server));
Ed Tanous62598e32023-07-17 17:06:25 -0700[diff] [blame]78 BMCWEB_LOG_DEBUG("Creating new connection {}", logPtr(this));
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]79 }
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]80
Ed Tanous2c70f802020-09-28 14:29:23 -0700[diff] [blame]81 boost::asio::io_context& getIoContext() override
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]82 {
Ed Tanous271584a2019-07-09 16:24:22 -0700[diff] [blame]83 return static_cast<boost::asio::io_context&>(
84 ws.get_executor().context());
Ed Tanous911ac312017-08-15 09:37:42 -0700[diff] [blame]85 }
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]86
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]87 void start()
88 {
Ed Tanous62598e32023-07-17 17:06:25 -0700[diff] [blame]89 BMCWEB_LOG_DEBUG("starting connection {}", logPtr(this));
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]90
Ed Tanousfe5b2162019-05-22 14:28:16 -0700[diff] [blame]91 using bf = boost::beast::http::field;
92
Jan Sowinskiee52ae12020-01-09 16:28:32 +0000[diff] [blame]93 std::string_view protocol = req[bf::sec_websocket_protocol];
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]94
Ed Tanousd4d77e32020-08-18 00:07:28 -0700[diff] [blame]95 ws.set_option(boost::beast::websocket::stream_base::decorator(
James Feistf8aa3d22020-04-08 18:32:33 -0700[diff] [blame]96 [session{session}, protocol{std::string(protocol)}](
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]97 boost::beast::websocket::response_type& m) {
James Feistf8aa3d22020-04-08 18:32:33 -0700[diff] [blame]98
99#ifndef BMCWEB_INSECURE_DISABLE_CSRF_PREVENTION
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]100 if (session != nullptr)
101 {
102 // use protocol for csrf checking
Ed Tanous7e9c08e2023-06-16 11:29:37 -0700[diff] [blame]103 if (session->cookieAuth &&
104 !crow::utility::constantTimeStringCompare(
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]105 protocol, session->csrfToken))
James Feistf8aa3d22020-04-08 18:32:33 -0700[diff] [blame]106 {
Ed Tanous62598e32023-07-17 17:06:25 -0700[diff] [blame]107 BMCWEB_LOG_ERROR("Websocket CSRF error");
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]108 m.result(boost::beast::http::status::unauthorized);
109 return;
James Feistf8aa3d22020-04-08 18:32:33 -0700[diff] [blame]110 }
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]111 }
James Feistf8aa3d22020-04-08 18:32:33 -0700[diff] [blame]112#endif
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]113 if (!protocol.empty())
114 {
115 m.insert(bf::sec_websocket_protocol, protocol);
116 }
Ed Tanousfe5b2162019-05-22 14:28:16 -0700[diff] [blame]117
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]118 m.insert(bf::strict_transport_security, "max-age=31536000; "
119 "includeSubdomains; "
120 "preload");
121 m.insert(bf::pragma, "no-cache");
122 m.insert(bf::cache_control, "no-Store,no-Cache");
123 m.insert("Content-Security-Policy", "default-src 'self'");
124 m.insert("X-XSS-Protection", "1; "
125 "mode=block");
126 m.insert("X-Content-Type-Options", "nosniff");
127 }));
Ed Tanousd4d77e32020-08-18 00:07:28 -0700[diff] [blame]128
129 // Perform the websocket upgrade
130 ws.async_accept(req, [this, self(shared_from_this())](
Ed Tanous5e7e2dc2023-02-16 10:37:01 -0800[diff] [blame]131 const boost::system::error_code& ec) {
Ed Tanousd4d77e32020-08-18 00:07:28 -0700[diff] [blame]132 if (ec)
133 {
Ed Tanous62598e32023-07-17 17:06:25 -0700[diff] [blame]134 BMCWEB_LOG_ERROR("Error in ws.async_accept {}", ec);
Ed Tanousd4d77e32020-08-18 00:07:28 -0700[diff] [blame]135 return;
136 }
137 acceptDone();
138 });
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]139 }
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]140
Ed Tanous26ccae32023-02-16 10:28:44 -0800[diff] [blame]141 void sendBinary(std::string_view msg) override
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]142 {
143 ws.binary(true);
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]144 outBuffer.commit(boost::asio::buffer_copy(outBuffer.prepare(msg.size()),
145 boost::asio::buffer(msg)));
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]146 doWrite();
147 }
148
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]149 void sendEx(MessageType type, std::string_view msg,
150 std::function<void()>&& onDone) override
151 {
152 if (doingWrite)
153 {
Ed Tanous62598e32023-07-17 17:06:25 -0700[diff] [blame]154 BMCWEB_LOG_CRITICAL(
155 "Cannot mix sendEx usage with sendBinary or sendText");
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]156 onDone();
157 return;
158 }
159 ws.binary(type == MessageType::Binary);
160
161 ws.async_write(boost::asio::buffer(msg),
162 [weak(weak_from_this()), onDone{std::move(onDone)}](
163 const boost::beast::error_code& ec, size_t) {
164 std::shared_ptr<Connection> self = weak.lock();
165
166 // Call the done handler regardless of whether we
167 // errored, but before we close things out
168 onDone();
169
170 if (ec)
171 {
Ed Tanous62598e32023-07-17 17:06:25 -0700[diff] [blame]172 BMCWEB_LOG_ERROR("Error in ws.async_write {}", ec);
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]173 self->close("write error");
174 }
175 });
176 }
177
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]178 void sendBinary(std::string&& msg) override
179 {
180 ws.binary(true);
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]181 outBuffer.commit(boost::asio::buffer_copy(outBuffer.prepare(msg.size()),
182 boost::asio::buffer(msg)));
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]183 doWrite();
184 }
185
Ed Tanous26ccae32023-02-16 10:28:44 -0800[diff] [blame]186 void sendText(std::string_view msg) override
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]187 {
188 ws.text(true);
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]189 outBuffer.commit(boost::asio::buffer_copy(outBuffer.prepare(msg.size()),
190 boost::asio::buffer(msg)));
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]191 doWrite();
192 }
193
194 void sendText(std::string&& msg) override
195 {
196 ws.text(true);
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]197 outBuffer.commit(boost::asio::buffer_copy(outBuffer.prepare(msg.size()),
198 boost::asio::buffer(msg)));
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]199 doWrite();
200 }
201
Ed Tanous26ccae32023-02-16 10:28:44 -0800[diff] [blame]202 void close(std::string_view msg) override
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]203 {
204 ws.async_close(
Wludzik, Jozeff6a0d632020-07-16 15:16:02 +0200[diff] [blame]205 {boost::beast::websocket::close_code::normal, msg},
Ed Tanous5e7e2dc2023-02-16 10:37:01 -0800[diff] [blame]206 [self(shared_from_this())](const boost::system::error_code& ec) {
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]207 if (ec == boost::asio::error::operation_aborted)
208 {
209 return;
210 }
211 if (ec)
212 {
Ed Tanous62598e32023-07-17 17:06:25 -0700[diff] [blame]213 BMCWEB_LOG_ERROR("Error closing websocket {}", ec);
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]214 return;
215 }
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]216 });
217 }
218
Ninad Palsule052bcbf2023-05-30 11:10:58 -0500[diff] [blame]219 boost::urls::url_view url() override
220 {
221 return uri;
222 }
223
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]224 void acceptDone()
225 {
Ed Tanous62598e32023-07-17 17:06:25 -0700[diff] [blame]226 BMCWEB_LOG_DEBUG("Websocket accepted connection");
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]227
228 if (openHandler)
229 {
zhanghch0577726382021-10-21 14:07:57 +0800[diff] [blame]230 openHandler(*this);
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]231 }
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]232 doRead();
233 }
234
235 void deferRead() override
236 {
237 readingDefered = true;
238
239 // If we're not actively reading, we need to take ownership of
240 // ourselves for a small portion of time, do that, and clear when we
241 // resume.
242 selfOwned = shared_from_this();
243 }
244
245 void resumeRead() override
246 {
247 readingDefered = false;
248 doRead();
249
250 // No longer need to keep ourselves alive now that read is active.
251 selfOwned.reset();
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]252 }
253
254 void doRead()
255 {
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]256 if (readingDefered)
257 {
258 return;
259 }
260 ws.async_read(inBuffer, [this, self(shared_from_this())](
261 const boost::beast::error_code& ec,
262 size_t bytesRead) {
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]263 if (ec)
264 {
265 if (ec != boost::beast::websocket::error::closed)
266 {
Ed Tanous62598e32023-07-17 17:06:25 -0700[diff] [blame]267 BMCWEB_LOG_ERROR("doRead error {}", ec);
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]268 }
269 if (closeHandler)
270 {
Ed Tanous079360a2022-06-29 10:05:19 -0700[diff] [blame]271 std::string reason{ws.reason().reason.c_str()};
272 closeHandler(*this, reason);
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]273 }
274 return;
275 }
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]276
277 handleMessage(bytesRead);
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]278 });
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]279 }
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]280 void doWrite()
281 {
282 // If we're already doing a write, ignore the request, it will be picked
283 // up when the current write is complete
284 if (doingWrite)
285 {
286 return;
287 }
288
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]289 if (outBuffer.size() == 0)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]290 {
291 // Done for now
292 return;
293 }
294 doingWrite = true;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]295 ws.async_write(outBuffer.data(), [this, self(shared_from_this())](
296 const boost::beast::error_code& ec,
297 size_t bytesSent) {
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]298 doingWrite = false;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]299 outBuffer.consume(bytesSent);
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]300 if (ec == boost::beast::websocket::error::closed)
301 {
302 // Do nothing here. doRead handler will call the
303 // closeHandler.
304 close("Write error");
305 return;
306 }
307 if (ec)
308 {
Ed Tanous62598e32023-07-17 17:06:25 -0700[diff] [blame]309 BMCWEB_LOG_ERROR("Error in ws.async_write {}", ec);
Ed Tanous002d39b2022-05-31 08:59:27 -0700[diff] [blame]310 return;
311 }
312 doWrite();
313 });
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]314 }
315
316 private:
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]317 void handleMessage(size_t bytesRead)
318 {
319 if (messageExHandler)
320 {
321 // Note, because of the interactions with the read buffers,
322 // this message handler overrides the normal message handler
323 messageExHandler(*this, inString, MessageType::Binary,
324 [this, self(shared_from_this()), bytesRead]() {
325 if (self == nullptr)
326 {
327 return;
328 }
329
330 inBuffer.consume(bytesRead);
331 inString.clear();
332
333 doRead();
334 });
335 return;
336 }
337
338 if (messageHandler)
339 {
340 messageHandler(*this, inString, ws.got_text());
341 }
342 inBuffer.consume(bytesRead);
343 inString.clear();
344 doRead();
345 }
346
Ninad Palsule052bcbf2023-05-30 11:10:58 -0500[diff] [blame]347 boost::urls::url uri;
348
Ed Tanous2aee6ca2021-02-01 09:52:17 -0800[diff] [blame]349 boost::beast::websocket::stream<Adaptor, false> ws;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]350
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]351 bool readingDefered = false;
Ed Tanous609145a2018-09-05 16:27:36 -0700[diff] [blame]352 std::string inString;
353 boost::asio::dynamic_string_buffer<std::string::value_type,
354 std::string::traits_type,
355 std::string::allocator_type>
356 inBuffer;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]357
358 boost::beast::multi_buffer outBuffer;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]359 bool doingWrite = false;
360
zhanghch0577726382021-10-21 14:07:57 +0800[diff] [blame]361 std::function<void(Connection&)> openHandler;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]362 std::function<void(Connection&, const std::string&, bool)> messageHandler;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]363 std::function<void(crow::websocket::Connection&, std::string_view,
364 crow::websocket::MessageType type,
365 std::function<void()>&& whenComplete)>
366 messageExHandler;
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]367 std::function<void(Connection&, const std::string&)> closeHandler;
368 std::function<void(Connection&)> errorHandler;
Ed Tanous52cc1122020-07-18 13:51:21 -0700[diff] [blame]369 std::shared_ptr<persistent_data::UserSession> session;
Ed Tanous863c1c22022-02-21 21:33:06 -0800[diff] [blame]370
371 std::shared_ptr<Connection> selfOwned;
Ed Tanous7045c8d2017-04-03 10:04:37 -0700[diff] [blame]372};
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]373} // namespace websocket
374} // namespace crow