From: Matteo Nastasi (mop) Date: Wed, 7 Aug 2013 07:05:25 +0000 (+0200) Subject: transport API: add header argument to the init methon (required by websocket handshake) X-Git-Tag: v4.9.0~4 X-Git-Url: http://mop.ddnsfree.com/gitweb/?p=brisk.git;a=commitdiff_plain;h=645d558d0d1411fc2c1f33c95b2783e1b0ae3e06 transport API: add header argument to the init methon (required by websocket handshake) --- diff --git a/web/Obj/brisk.phh b/web/Obj/brisk.phh index d90c2ea..0e3c67a 100644 --- a/web/Obj/brisk.phh +++ b/web/Obj/brisk.phh @@ -2366,7 +2366,7 @@ class Room } $content = ""; - $user->stream_init($s_a_p->rndstr, $enc, $header_out, $content, $get, $post, $cookie); + $user->stream_init($s_a_p->rndstr, $enc, $header, $header_out, $content, $get, $post, $cookie); $response = headers_render($header_out, -1).chunked_content($user->rd_zls_get(), $content); $response_l = mb_strlen($response, "ASCII"); diff --git a/web/Obj/transports.phh b/web/Obj/transports.phh index 2d9714e..32befba 100644 --- a/web/Obj/transports.phh +++ b/web/Obj/transports.phh @@ -58,7 +58,8 @@ class Transport_template { function Transport_template() { } - function init($enc, &$header_out, $init_string, $base, $step) + // return string value is appended to the content of the returned page + function init($enc, $header, &$header_out, $init_string, $base, $step) { } @@ -71,12 +72,120 @@ class Transport_template { } } +class Transport_websocket { + $magicGUID = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"; + + function Transport_websocket() { + } + + protected function doHandshake($user, $buffer) { + $magicGUID = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"; + $headers = array(); + $lines = explode("\n",$buffer); + foreach ($lines as $line) { + if (strpos($line,":") !== false) { + $header = explode(":",$line,2); + $headers[strtolower(trim($header[0]))] = trim($header[1]); + } else if (stripos($line,"get ") !== false) { + preg_match("/GET (.*) HTTP/i", $buffer, $reqResource); + $headers['get'] = trim($reqResource[1]); + } + } + if (isset($headers['get'])) { + $user->requestedResource = $headers['get']; + } else { + // todo: fail the connection + $handshakeResponse = "HTTP/1.1 405 Method Not Allowed\r\n\r\n"; + } + if (!isset($headers['host']) || !$this->checkHost($headers['host'])) { + $handshakeResponse = "HTTP/1.1 400 Bad Request"; + } + if (!isset($headers['upgrade']) || strtolower($headers['upgrade']) != 'websocket') { + $handshakeResponse = "HTTP/1.1 400 Bad Request"; + } + if (!isset($headers['connection']) || strpos(strtolower($headers['connection']), 'upgrade') === FALSE) { + $handshakeResponse = "HTTP/1.1 400 Bad Request"; + } + if (!isset($headers['sec-websocket-key'])) { + $handshakeResponse = "HTTP/1.1 400 Bad Request"; + } else { + + } + if (!isset($headers['sec-websocket-version']) || strtolower($headers['sec-websocket-version']) != 13) { + $handshakeResponse = "HTTP/1.1 426 Upgrade Required\r\nSec-WebSocketVersion: 13"; + } + if (($this->headerOriginRequired && !isset($headers['origin']) ) || ($this->headerOriginRequired && !$this->checkOrigin($headers['origin']))) { + $handshakeResponse = "HTTP/1.1 403 Forbidden"; + } + if (($this->headerSecWebSocketProtocolRequired && !isset($headers['sec-websocket-protocol'])) || ($this->headerSecWebSocketProtocolRequired && !$this->checkWebsocProtocol($header['sec-websocket-protocol']))) { + $handshakeResponse = "HTTP/1.1 400 Bad Request"; + } + if (($this->headerSecWebSocketExtensionsRequired && !isset($headers['sec-websocket-extensions'])) || ($this->headerSecWebSocketExtensionsRequired && !$this->checkWebsocExtensions($header['sec-websocket-extensions']))) { + $handshakeResponse = "HTTP/1.1 400 Bad Request"; + } + + // Done verifying the _required_ headers and optionally required headers. + + if (isset($handshakeResponse)) { + socket_write($user->socket,$handshakeResponse,strlen($handshakeResponse)); + $this->disconnect($user->socket); + return false; + } + + $user->headers = $headers; + $user->handshake = $buffer; + + $webSocketKeyHash = sha1($headers['sec-websocket-key'] . $magicGUID); + + $rawToken = ""; + for ($i = 0; $i < 20; $i++) { + $rawToken .= chr(hexdec(substr($webSocketKeyHash,$i*2, 2))); + } + $handshakeToken = base64_encode($rawToken) . "\r\n"; + + $subProtocol = (isset($headers['sec-websocket-protocol'])) ? $this->processProtocol($headers['sec-websocket-protocol']) : ""; + $extensions = (isset($headers['sec-websocket-extensions'])) ? $this->processExtensions($headers['sec-websocket-extensions']) : ""; + + $handshakeResponse = "HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: $handshakeToken$subProtocol$extensions\r\n"; + socket_write($user->socket,$handshakeResponse,strlen($handshakeResponse)); + $this->connected($user); + } + + + function init($enc, $header, &$header_out, $init_string, $base, $step) + { + + + + + $ret = sprintf("@BEGIN@ /* %s */ @END@", $init_string); + if ($enc != 'plain') + $header_out['Content-Encoding'] = $enc; + $header_out['Cache-Control'] = 'no-cache, must-revalidate'; // HTTP/1.1 + $header_out['Expires'] = 'Mon, 26 Jul 1997 05:00:00 GMT'; // Date in the past + $header_out['Content-type'] = 'application/xml; charset="utf-8"'; + + return ($ret); + } + + static function fini($init_string, $base, $blockerr) + { + return (sprintf('@BEGIN@ %s window.onbeforeunload = null; window.onunload = null; document.location.assign("%sindex.php"); @END@', ($blockerr ? 'xstm.stop(); ' : ''), $base)); + return (""); + } + + function chunk($step, $cont) + { + return ("@BEGIN@".$cont."@END@"); + } +} + class Transport_xhr { function Transport_xhr() { } - function init($enc, &$header_out, $init_string, $base, $step) + function init($enc, $header, &$header_out, $init_string, $base, $step) { $ret = sprintf("@BEGIN@ /* %s */ @END@", $init_string); if ($enc != 'plain') @@ -105,7 +214,7 @@ class Transport_iframe { function Transport_iframe() { } - function init($enc, &$header_out, $init_string, $base, $step) + function init($enc, $header, &$header_out, $init_string, $base, $step) { $ret = ""; diff --git a/web/Obj/user.phh b/web/Obj/user.phh index 11b808f..97b0a38 100644 --- a/web/Obj/user.phh +++ b/web/Obj/user.phh @@ -696,7 +696,7 @@ class User { stat step */ -function stream_init($init_string, $enc, &$header_out, &$body, $get, $post, $cookie) +function stream_init($init_string, $enc, $header, &$header_out, &$body, $get, $post, $cookie) { $curtime = time(); @@ -717,7 +717,7 @@ function stream_init($init_string, $enc, &$header_out, &$body, $get, $post, $coo $this->rd_data_set($curtime, $transp, $enc, $stat, $subst, $step, $from); - $body .= $this->rd_transp->init($enc, &$header_out, $init_string, self::base_get(), $this->rd_scristp); + $body .= $this->rd_transp->init($enc, $header, &$header_out, $init_string, self::base_get(), $this->rd_scristp); return TRUE; } diff --git a/web/briskin5/Obj/briskin5.phh b/web/briskin5/Obj/briskin5.phh index 10edf1b..0f49f59 100644 --- a/web/briskin5/Obj/briskin5.phh +++ b/web/briskin5/Obj/briskin5.phh @@ -1233,7 +1233,7 @@ class Bin5 { } $content = ""; - $user->stream_init($s_a_p->rndstr, $enc, $header_out, $content, $get, $post, $cookie); + $user->stream_init($s_a_p->rndstr, $enc, $header, $header_out, $content, $get, $post, $cookie); $response = headers_render($header_out, -1).chunked_content($user->rd_zls_get(), $content); $response_l = mb_strlen($response, "ASCII"); diff --git a/web/xynt_test01.php b/web/xynt_test01.php index b60ca9c..6673d34 100644 --- a/web/xynt_test01.php +++ b/web/xynt_test01.php @@ -67,8 +67,9 @@ if ($isstream == "true") { else $init_string .= chr(mt_rand(65, 90)); } + $header = array(); - $body = $transp->init("plain", $header_out, $init_string, "", "0"); + $body = $transp->init("plain", $header, $header_out, $init_string, "", "0"); foreach ($header_out as $key => $value) { header(sprintf("%s: %s", $key, $value));