/* * libwebsockets - small server side websockets and web server implementation * * Copyright (C) 2010 - 2025 Andy Green * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to * deal in the Software without restriction, including without limitation the * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or * sell copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS * IN THE SOFTWARE. */ #include "private-lib-core.h" void lws_client_http_body_pending(struct lws *wsi, int something_left_to_send) { wsi->client_http_body_pending = !!something_left_to_send; } /* * Returns 0 for wsi survived OK, or LWS_HPI_RET_WSI_ALREADY_DIED * meaning the wsi was destroyed by us before return. */ int lws_http_client_socket_service(struct lws *wsi, struct lws_pollfd *pollfd) { struct lws_context *context = wsi->a.context; struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi]; char *p = (char *)&pt->serv_buf[0], *end = p + wsi->a.context->pt_serv_buf_size; #if defined(LWS_WITH_TLS) char ebuf[128]; #endif const char *cce = NULL; char *sb = p; int n = 0; switch (lwsi_state(wsi)) { case LRS_WAITING_DNS: /* * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE * timeout protection set in client-handshake.c */ lwsl_err("%s: %s: WAITING_DNS\n", __func__, lws_wsi_tag(wsi)); if (!lws_client_connect_2_dnsreq_MAY_CLOSE_WSI(wsi)) { /* closed */ lwsl_client("closed\n"); return LWS_HPI_RET_WSI_ALREADY_DIED; } /* either still pending connection, or changed mode */ return 0; case LRS_WAITING_CONNECT: /* * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE * timeout protection set in client-handshake.c */ if (pollfd->revents & LWS_POLLOUT) if (lws_client_connect_3_connect(wsi, NULL, NULL, 0, NULL) == NULL) { lwsl_client("closed\n"); return LWS_HPI_RET_WSI_ALREADY_DIED; } break; #if defined(LWS_WITH_SOCKS5) /* SOCKS Greeting Reply */ case LRS_WAITING_SOCKS_GREETING_REPLY: case LRS_WAITING_SOCKS_AUTH_REPLY: case LRS_WAITING_SOCKS_CONNECT_REPLY: switch (lws_socks5c_handle_state(wsi, pollfd, &cce)) { case LW5CHS_RET_RET0: return 0; case LW5CHS_RET_BAIL3: goto bail3; case LW5CHS_RET_STARTHS: goto start_ws_handshake; default: break; } break; #endif #if defined(LWS_CLIENT_HTTP_PROXYING) && (defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)) case LRS_WAITING_PROXY_REPLY: /* handle proxy hung up on us */ if (pollfd->revents & LWS_POLLHUP) { lwsl_warn("Proxy conn %s (fd=%d) dead\n", lws_wsi_tag(wsi), pollfd->fd); cce = "proxy conn dead"; goto bail3; } n = (int)recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0); if (n < 0) { if (LWS_ERRNO == LWS_EAGAIN) { lwsl_debug("Proxy read EAGAIN... retrying\n"); return 0; } lwsl_err("ERROR reading from proxy socket\n"); cce = "proxy read err"; goto bail3; } /* sanity check what we were sent... */ pt->serv_buf[13] = '\0'; if (n < 13 || strncmp(sb, "HTTP/1.", 7) || (sb[7] != '0' && sb[7] != '1') || sb[8] != ' ') { /* lwsl_hexdump_notice(sb, n); */ cce = "http_proxy fail"; goto bail3; } /* it's h1 alright... what's his logical response code? */ n = atoi(&sb[9]); if (n != 200) { lws_snprintf(sb, 20, "http_proxy -> %u", (unsigned int)n); cce = sb; goto bail3; } lwsl_info("%s: proxy connection established\n", __func__); /* clear his proxy connection timeout */ lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); /* fallthru */ #endif /* dummy fallthru to satisfy compiler */ /* fallthru */ case LRS_H1C_ISSUE_HANDSHAKE: lwsl_debug("%s: LRS_H1C_ISSUE_HANDSHAKE\n", __func__); /* * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE * timeout protection set in client-handshake.c * * take care of our lws_callback_on_writable * happening at a time when there's no real connection yet */ #if defined(LWS_WITH_SOCKS5) start_ws_handshake: #endif if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { cce = "unable to clear POLLOUT"; /* turn whatever went wrong into a clean close */ goto bail3; } #if defined(LWS_ROLE_H2) || defined(LWS_WITH_TLS) if ( #if defined(LWS_WITH_TLS) !(wsi->tls.use_ssl & LCCSCF_USE_SSL) #endif #if defined(LWS_ROLE_H2) && defined(LWS_WITH_TLS) && #endif #if defined(LWS_ROLE_H2) !(wsi->flags & LCCSCF_H2_PRIOR_KNOWLEDGE) #endif ) goto hs2; #endif #if defined(LWS_WITH_TLS) n = lws_client_create_tls(wsi, &cce, 1); if (n == CCTLS_RETURN_ERROR) goto bail3; if (n == CCTLS_RETURN_RETRY) return 0; /* * lws_client_create_tls() can already have done the * whole tls setup and preface send... if so he set our state * to LRS_H1C_ISSUE_HANDSHAKE2... let's proceed but be prepared * to notice our state and not resend the preface... */ lwsl_debug("%s: LRS_H1C_ISSUE_HANDSHAKE fallthru\n", __func__); /* fallthru */ case LRS_WAITING_SSL: if (wsi->tls.use_ssl & LCCSCF_USE_SSL) { n = lws_ssl_client_connect2(wsi, ebuf, sizeof(ebuf)); if (!n) return 0; if (n < 0) { cce = ebuf; goto bail3; } } else { wsi->tls.ssl = NULL; if (wsi->flags & LCCSCF_H2_PRIOR_KNOWLEDGE) { lwsl_info("h2 prior knowledge\n"); lws_role_call_alpn_negotiated(wsi, "h2"); } } #endif #if defined (LWS_WITH_HTTP2) if (wsi->client_h2_alpn //&& //lwsi_state(wsi) != LRS_H1C_ISSUE_HANDSHAKE2 ) { /* * We connected to the server and set up tls and * negotiated "h2" or connected as clear text * with http/2 prior knowledge. * * So this is it, we are an h2 nwsi client connection * now, not an h1 client connection. */ lwsl_info("%s: doing h2 hello path\n", __func__); /* * send the H2 preface to legitimize the connection * * transitions us to LRS_H2_WAITING_TO_SEND_HEADERS */ if (wsi->client_h2_alpn) if (lws_h2_issue_preface(wsi)) { cce = "error sending h2 preface"; goto bail3; } // lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND, (int)context->timeout_secs); break; } #endif /* fallthru */ case LRS_H1C_ISSUE_HANDSHAKE2: hs2: p = lws_generate_client_handshake(wsi, p, lws_ptr_diff_size_t(end, p)); if (p == NULL) { if (wsi->role_ops == &role_ops_raw_skt #if defined(LWS_ROLE_RAW_FILE) || wsi->role_ops == &role_ops_raw_file #endif ) return 0; lwsl_err("Failed to generate handshake for client\n"); lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "chs"); return -1; } /* send our request to the server */ lwsl_info("%s: HANDSHAKE2: %s: sending headers " "(wsistate 0x%lx), w sock %d\n", __func__, lws_wsi_tag(wsi), (unsigned long)wsi->wsistate, wsi->desc.sockfd); n = lws_ssl_capable_write(wsi, (unsigned char *)sb, lws_ptr_diff_size_t(p, sb)); switch (n) { case LWS_SSL_CAPABLE_ERROR: lwsl_debug("ERROR writing to client socket\n"); lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cws"); return LWS_HPI_RET_WSI_ALREADY_DIED; case LWS_SSL_CAPABLE_MORE_SERVICE: lws_callback_on_writable(wsi); break; } if (wsi->client_http_body_pending || lws_has_buffered_out(wsi)) { lwsl_debug("body pending\n"); lwsi_set_state(wsi, LRS_ISSUE_HTTP_BODY); lws_set_timeout(wsi, PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, (int)context->timeout_secs); if (wsi->flags & LCCSCF_HTTP_X_WWW_FORM_URLENCODED) lws_callback_on_writable(wsi); #if defined(LWS_WITH_HTTP_PROXY) if (wsi->http.proxy_clientside && wsi->parent && wsi->parent->http.buflist_post_body) lws_callback_on_writable(wsi); #endif /* user code must ask for writable callback */ break; } lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); wsi->hdr_parsing_completed = 0; if (lwsi_state(wsi) == LRS_IDLING) { lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); wsi->hdr_parsing_completed = 0; #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) wsi->http.ah->parser_state = WSI_TOKEN_NAME_PART; wsi->http.ah->lextable_pos = 0; wsi->http.ah->unk_pos = 0; /* If we're (re)starting on hdr, need other implied init */ wsi->http.ah->ues = URIES_IDLE; #endif } lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, (int)wsi->a.context->timeout_secs); lws_callback_on_writable(wsi); goto client_http_body_sent; case LRS_ISSUE_HTTP_BODY: #if defined(LWS_WITH_HTTP_PROXY) if (wsi->http.proxy_clientside && wsi->parent && wsi->parent->http.buflist_post_body) lws_callback_on_writable(wsi); #endif if (wsi->client_http_body_pending || lws_has_buffered_out(wsi)) { //lws_set_timeout(wsi, // PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD, // context->timeout_secs); /* user code must ask for writable callback */ break; } client_http_body_sent: #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) /* prepare ourselves to do the parsing */ wsi->http.ah->parser_state = WSI_TOKEN_NAME_PART; wsi->http.ah->lextable_pos = 0; wsi->http.ah->unk_pos = 0; #endif lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, (int)context->timeout_secs); break; case LRS_WAITING_SERVER_REPLY: /* * handle server hanging up on us... * but if there is POLLIN waiting, handle that first */ if ((pollfd->revents & (LWS_POLLIN | LWS_POLLHUP)) == LWS_POLLHUP) { if (lws_buflist_total_len(&wsi->buflist)) lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_ACK, 3); else { lwsl_debug("Server conn %s (fd=%d) dead\n", lws_wsi_tag(wsi), pollfd->fd); cce = "Peer hung up"; goto bail3; } } if (pollfd->revents & LWS_POLLOUT) if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) { cce = "Unable to clear POLLOUT"; goto bail3; } if (!(pollfd->revents & LWS_POLLIN)) break; #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) /* interpret the server response * * HTTP/1.1 101 Switching Protocols * Upgrade: websocket * Connection: Upgrade * Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo= * Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC== * Sec-WebSocket-Protocol: chat * * we have to take some care here to only take from the * socket bytewise. The browser may (and has been seen to * in the case that onopen() performs websocket traffic) * coalesce both handshake response and websocket traffic * in one packet, since at that point the connection is * definitively ready from browser pov. */ while (wsi->http.ah->parser_state != WSI_PARSING_COMPLETE) { struct lws_tokens eb; int n, m, buffered; eb.token = NULL; eb.len = 0; buffered = lws_buflist_aware_read(pt, wsi, &eb, 0, __func__); lwsl_debug("%s: buflist-aware-read %d %d\n", __func__, buffered, eb.len); if (eb.len == LWS_SSL_CAPABLE_MORE_SERVICE) return 0; if (buffered < 0 || eb.len < 0) { cce = "read failed"; goto bail3; } if (!eb.len) return 0; n = eb.len; if (lws_parse(wsi, eb.token, &n)) { lwsl_warn("problems parsing header\n"); cce = "problems parsing header"; goto bail3; } m = eb.len - n; #if defined(LWS_WITH_SECURE_STREAMS_BUFFER_DUMP) do { lws_ss_handle_t *h = (lws_ss_handle_t *)lws_get_opaque_user_data(wsi); if (!h) break; if (h->info.dump) { h->info.dump(ss_to_userobj(h), (const uint8_t *)eb.token, (size_t)m, (wsi->http.ah->parser_state == WSI_PARSING_COMPLETE) ? 1 : 0); } } while (0); #endif if (lws_buflist_aware_finished_consuming(wsi, &eb, m, buffered, __func__)) goto bail3; /* * coverity: uncomment if extended * * eb.token += m; * eb.len -= m; */ if (n) { assert(wsi->http.ah->parser_state == WSI_PARSING_COMPLETE); break; } } /* * hs may also be coming in multiple packets, there is a 5-sec * libwebsocket timeout still active here too, so if parsing did * not complete just wait for next packet coming in this state */ if (wsi->http.ah->parser_state != WSI_PARSING_COMPLETE) break; #endif /* * otherwise deal with the handshake. If there's any * packet traffic already arrived we'll trigger poll() again * right away and deal with it that way */ return lws_client_interpret_server_handshake(wsi); bail3: lwsl_info("%s: closing conn at LWS_CONNMODE...SERVER_REPLY, %s, state 0x%x\n", __func__, lws_wsi_tag(wsi), lwsi_state(wsi)); if (cce) lwsl_info("reason: %s\n", cce); else cce = "unknown"; lws_inform_client_conn_fail(wsi, (void *)cce, strlen(cce)); lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "cbail3"); return LWS_HPI_RET_WSI_ALREADY_DIED; default: break; } return 0; } #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) int LWS_WARN_UNUSED_RESULT lws_http_transaction_completed_client(struct lws *wsi) { struct lws_context_per_thread *pt = &wsi->a.context->pt[(int)wsi->tsi]; int n; lwsl_info("%s: %s (%s)\n", __func__, lws_wsi_tag(wsi), wsi->a.protocol->name); // if (wsi->http.ah && wsi->http.ah->http_response) /* we're only judging if any (200, or 500 etc) http txn completed */ lws_metrics_caliper_report(wsi->cal_conn, METRES_GO); if (user_callback_handle_rxflow(wsi->a.protocol->callback, wsi, LWS_CALLBACK_COMPLETED_CLIENT_HTTP, wsi->user_space, NULL, 0)) { lwsl_debug("%s: Completed call returned nonzero (role 0x%lx)\n", __func__, (unsigned long)lwsi_role(wsi)); return -1; } wsi->http.rx_content_length = 0; /* * For h1, wsi may pass some assets on to a queued child and be * destroyed during this. */ lws_pt_lock(pt, __func__); n = _lws_generic_transaction_completed_active_conn(&wsi, 1); lws_pt_unlock(pt); if (wsi->http.ah) { if (wsi->client_mux_substream) /* * As an h2 client, once we did our transaction, that is * it for us. Further transactions will happen as new * SIDs on the connection. */ __lws_header_table_detach(wsi, 0); else if (!n) _lws_header_table_reset(wsi->http.ah); } if (!n || !wsi->http.ah) return 0; /* * H1: we can serialize the queued guys into the same ah * H2: everybody needs their own ah until their own STREAM_END */ /* otherwise set ourselves up ready to go again */ lwsi_set_state(wsi, LRS_WAITING_SERVER_REPLY); wsi->http.ah->parser_state = WSI_TOKEN_NAME_PART; wsi->http.ah->lextable_pos = 0; wsi->http.ah->unk_pos = 0; lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE, (int)wsi->a.context->timeout_secs); /* If we're (re)starting on headers, need other implied init */ wsi->http.ah->ues = URIES_IDLE; lwsi_set_state(wsi, LRS_H1C_ISSUE_HANDSHAKE2); lwsl_info("%s: %s: new queued transaction\n", __func__, lws_wsi_tag(wsi)); lws_callback_on_writable(wsi); return 0; } unsigned int lws_http_client_http_response(struct lws *wsi) { if (wsi->http.ah && wsi->http.ah->http_response) return wsi->http.ah->http_response; return 0; } #endif #if defined(LWS_WITH_HTTP_DIGEST_AUTH) && defined(LWS_WITH_TLS) static const char *digest_toks[] = { "Digest", // 1 << 0 "username", // 1 << 1 "realm", // 1 << 2 "nonce", // 1 << 3 "uri", // 1 << 4 optional "response", // 1 << 5 "opaque", // 1 << 6 "qop", // 1 << 7 "algorithm", // 1 << 8 "nc", // 1 << 9 "cnonce", // 1 << 10 "domain", // 1 << 11 }; #define PEND_NAME_EQ -1 #define PEND_DELIM -2 enum lws_check_basic_auth_results lws_http_digest_auth(struct lws* wsi) { uint8_t nonce[256], response[LWS_GENHASH_LARGEST], qop[32]; int seen = 0, n, pend = -1; char *tmp_digest = NULL; struct lws_tokenize ts; char resp_username[32]; lws_tokenize_elem e; char realm[64]; char b64[512]; int m, ml, fi; /* Did he send auth? */ ml = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_WWW_AUTHENTICATE); if (!ml) return LCBA_FAILED_AUTH; /* Disallow fragmentation monkey business */ fi = wsi->http.ah->frag_index[WSI_TOKEN_HTTP_WWW_AUTHENTICATE]; if (wsi->http.ah->frags[fi].nfrag) { lwsl_wsi_err(wsi, "fragmented http auth header not allowed\n"); return LCBA_FAILED_AUTH; } m = lws_hdr_copy(wsi, b64, sizeof(b64), WSI_TOKEN_HTTP_WWW_AUTHENTICATE); if (m < 7) { lwsl_wsi_err(wsi, "HTTP auth length bad\n"); return LCBA_END_TRANSACTION; } /* * We are expecting AUTHORIZATION to have something like this * * Authorization: Digest * username="Mufasa", * realm="testrealm@host.com", * nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", * uri="/dir/index.html", * response="e966c932a9242554e42c8ee200cec7f6", * opaque="5ccc069c403ebaf9f0171e9517f40e41" * * but the order, whitespace etc is quite open. uri is optional */ lws_tokenize_init(&ts,b64, LWS_TOKENIZE_F_MINUS_NONTERM | LWS_TOKENIZE_F_NO_INTEGERS | LWS_TOKENIZE_F_RFC7230_DELIMS); do { e = lws_tokenize(&ts); switch (e) { case LWS_TOKZE_TOKEN: if (pend == 8) { /* algorithm name */ if (!strncasecmp(ts.token, "MD5", ts.token_len)) { lwsl_wsi_err(wsi, "wrong alg %.*s\n", (int)ts.token_len, ts.token); return LCBA_END_TRANSACTION; } pend = PEND_DELIM; break; } if (!strncasecmp(ts.token, "Digest", ts.token_len)) { seen |= 1 << 0; break; } if (seen) /* we must be first and one time */ return LCBA_END_TRANSACTION; seen |= 1 << 15; pend = PEND_NAME_EQ; break; case LWS_TOKZE_TOKEN_NAME_EQUALS: if ((seen & (1 << 15)) == (1 << 15) || pend != -1) /* no auth type token or disordered */ return LCBA_END_TRANSACTION; for (n = 0; n < (int)LWS_ARRAY_SIZE(digest_toks); n++) if (!strncmp(ts.token, digest_toks[n], ts.token_len)) break; if (n == LWS_ARRAY_SIZE(digest_toks)) { lwsl_wsi_notice(wsi, "c: '%.*s'\n", (int)ts.token_len, ts.token); return LCBA_END_TRANSACTION; } if (seen & (1 << n) || (seen & (1 << 15)) == (1 << 15)) /* dup or no auth type token */ return LCBA_END_TRANSACTION; seen |= 1 << n; pend = n; break; case LWS_TOKZE_QUOTED_STRING: if (pend < 0) return LCBA_END_TRANSACTION; switch (pend) { case 1: /* username */ if (ts.token_len >= (int)sizeof(resp_username)) return LCBA_END_TRANSACTION; strncpy(resp_username, ts.token, ts.token_len); break; case 2: /* realm */ if (ts.token_len >= (int)sizeof(realm)) return LCBA_END_TRANSACTION; strncpy(realm, ts.token, ts.token_len); realm[ts.token_len] = 0; break; case 3: /* nonce */ if (ts.token_len >= (int)sizeof(nonce)) return LCBA_END_TRANSACTION; strncpy((char *)nonce, ts.token, ts.token_len); nonce[ts.token_len] = 0; break; case 4: /* uri */ break; case 5: /* response */ if (ts.token_len != lws_genhash_size(LWS_GENHASH_TYPE_MD5) * 2) return LCBA_END_TRANSACTION; if (lws_hex_len_to_byte_array(ts.token, ts.token_len, response, sizeof(response)) < 0) return LCBA_END_TRANSACTION; break; case 6: /* opaque */ break; case 7: /* qop */ if (strncmp(ts.token, "auth", ts.token_len)) return LCBA_END_TRANSACTION; strncpy((char *)qop, ts.token, ts.token_len); qop[ts.token_len] = 0; break; } pend = PEND_DELIM; break; case LWS_TOKZE_DELIMITER: if (*ts.token == ',') { if (pend != PEND_DELIM) return LCBA_END_TRANSACTION; pend = PEND_NAME_EQ; break; } if (*ts.token == ';') { /* it's the end */ e = LWS_TOKZE_ENDED; break; } break; case LWS_TOKZE_ENDED: break; default: lwsl_wsi_notice(wsi, "unexpected token %d\n", e); return LCBA_END_TRANSACTION; } } while (e > 0); /* we got all the parts we care about? Realm + Nonce... */ if ((seen & 0xc) != 0xc) { lwsl_wsi_err(wsi, "%s: Not all digest auth tokens found! " "m: 0x%x\nServer sent: %s", __func__, seen & 0x81ef, b64); return LCBA_END_TRANSACTION; } lwsl_wsi_info(wsi, "HTTP digest auth realm %s nonce %s\n", realm, nonce); if (wsi->stash && wsi->stash->cis[CIS_PATH]) { char *username = wsi->stash->cis[CIS_USERNAME]; char *password = wsi->stash->cis[CIS_PASSWORD]; uint8_t digest[LWS_GENHASH_LARGEST * 2 + 1]; char *uri = wsi->stash->cis[CIS_PATH]; char a1[LWS_GENHASH_LARGEST * 2 + 1]; char a2[LWS_GENHASH_LARGEST * 2 + 1]; char nc[sizeof(int) * 2 + 1]; struct lws_genhash_ctx hc; int ncount = 1, ssl; const char *a, *p; struct lws *nwsi; char cnonce[256]; size_t l; l = sizeof(a1) + sizeof(a2) + sizeof(nonce) + (sizeof(ncount) *2) + sizeof(response) + sizeof(cnonce) + sizeof(qop) + strlen(uri) + strlen(username) + strlen(password) + strlen(realm) + 111; tmp_digest = lws_malloc(l, __func__); if (!tmp_digest) return LCBA_FAILED_AUTH; n = lws_snprintf(tmp_digest, l, "%s:%s:%s", username, realm, password); if (lws_genhash_init(&hc, LWS_GENHASH_TYPE_MD5) || lws_genhash_update(&hc, tmp_digest, (size_t)n) || lws_genhash_destroy(&hc, digest)) { lws_genhash_destroy(&hc, NULL); goto bail; } lws_hex_from_byte_array(digest, lws_genhash_size(LWS_GENHASH_TYPE_MD5), a1, sizeof(a1)); lwsl_debug("A1: %s:%s:%s = %s\n", username, realm, password, a1); /* * In case of Websocket upgrade, method is NULL * we assume it is a GET */ n = lws_snprintf(tmp_digest, l, "%s:%s", wsi->stash->cis[CIS_METHOD] ? wsi->stash->cis[CIS_METHOD] : "GET", uri); if (lws_genhash_init(&hc, LWS_GENHASH_TYPE_MD5) || lws_genhash_update(&hc, tmp_digest, (size_t)n) || lws_genhash_destroy(&hc, digest)) { lws_genhash_destroy(&hc, NULL); lwsl_err("%s: hash failed\n", __func__); goto bail; } lws_hex_from_byte_array(digest, lws_genhash_size(LWS_GENHASH_TYPE_MD5), a2, sizeof(a2)); lwsl_debug("A2: %s:%s = %s\n", wsi->stash->cis[CIS_METHOD], uri, a2); lws_hex_random(lws_get_context(wsi), cnonce, sizeof(cnonce)); lws_hex_from_byte_array((const uint8_t *)&ncount, sizeof(ncount), nc, sizeof(nc)); n = lws_snprintf(tmp_digest, l, "%s:%s:%08x:%s:%s:%s", a1, nonce, ncount, cnonce, qop, a2); lwsl_wsi_debug(wsi, "digest response: %s\n", tmp_digest); if (lws_genhash_init(&hc, LWS_GENHASH_TYPE_MD5) || lws_genhash_update(&hc, tmp_digest, (size_t)n) || lws_genhash_destroy(&hc, digest)) { lws_genhash_destroy(&hc, NULL); lwsl_wsi_err(wsi, "hash failed\n"); goto bail; } lws_hex_from_byte_array(digest, lws_genhash_size(LWS_GENHASH_TYPE_MD5), (char *)response, lws_genhash_size(LWS_GENHASH_TYPE_MD5) * 2 + 1); n = lws_snprintf(tmp_digest, l, "Digest username=\"%s\", realm=\"%s\", " "nonce=\"%s\", uri=\"%s\", qop=%s, nc=%08x, " "cnonce=\"%s\", response=\"%s\", " "algorithm=\"MD5\"", username, realm, nonce, uri, qop, ncount, cnonce, response); lwsl_hexdump(tmp_digest, l); if (lws_hdr_simple_create(wsi, WSI_TOKEN_HTTP_AUTHORIZATION, tmp_digest)) { lwsl_wsi_err(wsi, "Failed to add Digest auth header"); goto bail; } nwsi = lws_get_network_wsi(wsi); ssl = nwsi->tls.use_ssl & LCCSCF_USE_SSL; a = wsi->stash->cis[CIS_ADDRESS]; p = &wsi->stash->cis[CIS_PATH][1]; /* * This prevents connection pipelining when two * HTTP connection use the same tcp socket. */ wsi->keepalive_rejected = 1; if (!lws_client_reset(&wsi, ssl, a, wsi->c_port, p, a, 1)) { lwsl_wsi_err(wsi, "Failed to reset WSI for Digest auth"); goto bail; } /* * Keep track of digest auth to send it at next attempt, lws_client_reset will free it */ wsi->http.digest_auth_hdr = tmp_digest; wsi->client_pipeline = 0; } return 0; bail: lws_free(tmp_digest); return LCBA_FAILED_AUTH; } #endif #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) int lws_http_is_redirected_to_get(struct lws *wsi) { return wsi->redirected_to_get; } int lws_client_interpret_server_handshake(struct lws *wsi) { int n, port = 0, ssl = 0; int close_reason = LWS_CLOSE_STATUS_PROTOCOL_ERR; const char *prot, *ads = NULL, *path, *cce = NULL; struct allocated_headers *ah, *ah1; struct lws *nwsi = lws_get_network_wsi(wsi); char *p = NULL, *q, *simp; char new_path[300]; void *opaque; // lws_free_set_NULL(wsi->stash); #if defined(LWS_WITH_CONMON) wsi->conmon.ciu_txn_resp = (lws_conmon_interval_us_t) (lws_now_usecs() - wsi->conmon_datum); #endif // lws_free_set_NULL(wsi->stash); ah = wsi->http.ah; if (!wsi->do_ws) { /* we are being an http client... */ #if defined(LWS_ROLE_H2) if (wsi->client_h2_alpn || wsi->client_mux_substream) { lwsl_debug("%s: %s: transitioning to h2 client\n", __func__, lws_wsi_tag(wsi)); lws_role_transition(wsi, LWSIFR_CLIENT, LRS_ESTABLISHED, &role_ops_h2); } else #endif { #if defined(LWS_ROLE_H1) { lwsl_debug("%s: %s: transitioning to h1 client\n", __func__, lws_wsi_tag(wsi)); lws_role_transition(wsi, LWSIFR_CLIENT, LRS_ESTABLISHED, &role_ops_h1); } #else cce = "h1 not built"; goto bail3; #endif } wsi->http.ah = ah; ah->http_response = 0; } #if defined(LWS_WITH_CACHE_NSCOOKIEJAR) && defined(LWS_WITH_CLIENT) if ((wsi->flags & LCCSCF_CACHE_COOKIES) && lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_SET_COOKIE)) lws_parse_set_cookie(wsi); #endif /* * well, what the server sent looked reasonable for syntax. * Now let's confirm it sent all the necessary headers * * http (non-ws) client will expect something like this * * HTTP/1.0.200 * server:.libwebsockets * content-type:.text/html * content-length:.17703 * set-cookie:.test=LWS_1456736240_336776_COOKIE;Max-Age=360000 */ wsi->http.conn_type = HTTP_CONNECTION_KEEP_ALIVE; if (!wsi->client_mux_substream) { p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP); /* if (wsi->do_ws && !p) { lwsl_info("no URI\n"); cce = "HS: URI missing"; goto bail3; } */ if (!p) { p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP1_0); wsi->http.conn_type = HTTP_CONNECTION_CLOSE; } if (!p) { cce = "HS: URI missing"; lwsl_info("no URI\n"); goto bail3; } #if defined(LWS_ROLE_H2) } else { p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_COLON_STATUS); if (!p) { cce = "HS: :status missing"; lwsl_info("no status\n"); goto bail3; } #endif } #if !defined(LWS_ROLE_H2) if (!p) { cce = "HS: :status missing"; lwsl_info("no status\n"); goto bail3; } #endif n = atoi(p); #if defined(LWS_WITH_HTTP_DIGEST_AUTH) && defined(LWS_WITH_TLS) if (n == 401 && lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_WWW_AUTHENTICATE)) { if (!(wsi->stash && wsi->stash->cis[CIS_USERNAME] && wsi->stash->cis[CIS_PASSWORD])) { lwsl_err("Digest auth requested by server but no credentials provided by user\n"); return LCBA_FAILED_AUTH; } if (lws_http_digest_auth(wsi)) goto bail3; opaque = wsi->a.opaque_user_data; lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "digest_auth_step2"); wsi->a.opaque_user_data = opaque; return -1; } ah = wsi->http.ah; #endif if (ah) ah->http_response = (unsigned int)n; if (!wsi->client_no_follow_redirect && #if defined(LWS_WITH_HTTP_PROXY) !wsi->http.proxy_clientside && #endif (n == 301 || n == 302 || n == 303 || n == 307 || n == 308)) { p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_LOCATION); if (!p) { cce = "HS: Redirect code but no Location"; goto bail3; } #if defined(LWS_WITH_CONMON) if (wsi->conmon.pcol == LWSCONMON_PCOL_NONE) { wsi->conmon.pcol = LWSCONMON_PCOL_HTTP; wsi->conmon.protocol_specific.http.response = n; } #if defined(LWS_WITH_SECURE_STREAMS) if (wsi->for_ss #if defined(LWS_WITH_SECURE_STREAMS_PROXY_API) && !wsi->client_bound_sspc #endif ) { lws_ss_handle_t *h = (lws_ss_handle_t *)lws_get_opaque_user_data(wsi); if (h) lws_conmon_ss_json(h); } #endif #endif /* let's let the user code know, if he cares */ if (wsi->a.protocol->callback(wsi, LWS_CALLBACK_CLIENT_HTTP_REDIRECT, wsi->user_space, p, (unsigned int)n)) { cce = "HS: user code rejected redirect"; goto bail3; } /* Relative reference absolute path */ if (p[0] == '/' || !strchr(p, ':')) { #if defined(LWS_WITH_TLS) ssl = nwsi->tls.use_ssl & LCCSCF_USE_SSL; #endif ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); port = nwsi->c_port; path = p; /* lws_client_reset expects leading / omitted */ if (*path == '/') path++; } /* Absolute (Full) URI */ else if (strchr(p, ':')) { if (lws_parse_uri(p, &prot, &ads, &port, &path)) { cce = "HS: URI did not parse"; goto bail3; } if (!strcmp(prot, "wss") || !strcmp(prot, "https")) ssl = LCCSCF_USE_SSL; } /* Relative reference relative path */ else { /* This doesn't try to calculate an absolute path, * that will be left to the server */ #if defined(LWS_WITH_TLS) ssl = nwsi->tls.use_ssl & LCCSCF_USE_SSL; #endif ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS); port = wsi->c_port; /* +1 as lws_client_reset expects leading / omitted */ path = new_path + 1; if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI)) lws_strncpy(new_path, lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI), sizeof(new_path)); else { new_path[0] = '/'; new_path[1] = '\0'; } q = strrchr(new_path, '/'); if (q) lws_strncpy(q + 1, p, sizeof(new_path) - (unsigned int)(q - new_path) - 1); else path = p; } /* * Some redirect codes imply we have to change the method * used for the subsequent transaction. * * ugh... https://peterdaugaardrasmussen.com/2020/05/09/how-to-redirect-http-put-or-post-requests/ * says only 307 or 308 mean keep POST or other method */ if (n != 307 && n != 308) { char *mp = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); int ml = lws_hdr_total_length(wsi, _WSI_TOKEN_CLIENT_METHOD); uint16_t pl = (uint16_t)strlen(path); if (ml >= 3 && mp) { lwsl_info("%s: 303 switching to GET\n", __func__); memcpy(mp, "GET", 4); wsi->redirected_to_get = 1; wsi->http.ah->frags[wsi->http.ah->frag_index[ _WSI_TOKEN_CLIENT_METHOD]].len = 3; } if (wsi->stash) wsi->stash->cis[CIS_METHOD] = "GET"; mp = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI); ml = lws_hdr_total_length(wsi, _WSI_TOKEN_CLIENT_URI); if (wsi->http.ah->pos + pl + 1 >= wsi->http.ah->data_length) { lwsl_warn("%s: redirect path exceeds ah size\n", __func__); goto bail3; } memcpy(wsi->http.ah->data + wsi->http.ah->pos + 1, path, pl + 1u); wsi->http.ah->data[wsi->http.ah->pos] = '/'; wsi->http.ah->frags[wsi->http.ah->frag_index[_WSI_TOKEN_CLIENT_URI]].offset = wsi->http.ah->pos; wsi->http.ah->frags[wsi->http.ah->frag_index[_WSI_TOKEN_CLIENT_URI]].len = (uint16_t)(pl + 1u); if (wsi->stash) wsi->stash->cis[CIS_PATH] = wsi->http.ah->data + wsi->http.ah->pos; wsi->http.ah->pos += pl + 1u; } #if defined(LWS_WITH_TLS) if ((wsi->tls.use_ssl & LCCSCF_USE_SSL) && !ssl && !(wsi->flags & LCCSCF_ACCEPT_TLS_DOWNGRADE_REDIRECTS)) { cce = "HS: Redirect attempted SSL downgrade"; goto bail3; } #endif if (!ads) /* make coverity happy */ { cce = "no ads"; goto bail3; } if (!lws_client_reset(&wsi, ssl, ads, port, path, ads, 1)) { lwsl_err("Redirect failed\n"); cce = "HS: Redirect failed"; goto bail3; } /* * We are redirecting, let's close in order to extricate * ourselves from the current wsi usage, eg, h2 mux cleanly. * * We will notice close_is_redirect and switch to redirect * flow late in the close action. */ opaque = wsi->a.opaque_user_data; lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS, "redir"); wsi->a.opaque_user_data = opaque; return LWS_HPI_RET_WSI_ALREADY_DIED; } /* if h1 KA is allowed, enable the queued pipeline guys */ if (!wsi->client_h2_alpn && !wsi->client_mux_substream) { /* ie, coming to this for the first time */ if (wsi->http.conn_type == HTTP_CONNECTION_KEEP_ALIVE) wsi->keepalive_active = 1; else { /* * Ugh... now the main http connection has seen * both sides, we learn the server doesn't * support keepalive. * * That means any guys queued on us are going * to have to be restarted from connect2 with * their own connections. */ /* * stick around telling any new guys they can't * pipeline to this server */ wsi->keepalive_rejected = 1; lws_vhost_lock(wsi->a.vhost); lws_start_foreach_dll_safe(struct lws_dll2 *, d, d1, wsi->dll2_cli_txn_queue_owner.head) { struct lws *ww = lws_container_of(d, struct lws, dll2_cli_txn_queue); /* remove him from our queue */ lws_dll2_remove(&ww->dll2_cli_txn_queue); /* give up on pipelining */ ww->client_pipeline = 0; /* go back to "trying to connect" state */ lws_role_transition(ww, LWSIFR_CLIENT, LRS_UNCONNECTED, #if defined(LWS_ROLE_H1) &role_ops_h1); #else #if defined (LWS_ROLE_H2) &role_ops_h2); #else &role_ops_raw); #endif #endif ww->user_space = NULL; } lws_end_foreach_dll_safe(d, d1); lws_vhost_unlock(wsi->a.vhost); } } #ifdef LWS_WITH_HTTP_PROXY wsi->http.perform_rewrite = 0; if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE)) { if (!strncmp(lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE), "text/html", 9)) wsi->http.perform_rewrite = 0; } #endif /* he may choose to send us stuff in chunked transfer-coding */ wsi->chunked = 0; wsi->chunk_remaining = 0; /* ie, next thing is chunk size */ if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_TRANSFER_ENCODING)) { simp = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_TRANSFER_ENCODING); /* cannot be NULL, since it has nonzero length... coverity */ if (!simp) goto bail2; wsi->chunked = !strcmp(simp, "chunked"); /* first thing is hex, after payload there is crlf */ wsi->chunk_parser = ELCP_HEX; } wsi->http.content_length_given = 0; if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { simp = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH); /* cannot be NULL, since it has nonzero length... coverity */ if (!simp) goto bail2; wsi->http.rx_content_length = (lws_filepos_t)atoll(simp); lwsl_info("%s: incoming content length %llu\n", __func__, (unsigned long long) wsi->http.rx_content_length); wsi->http.rx_content_remain = wsi->http.rx_content_length; wsi->http.content_length_given = 1; } else { /* can't do 1.1 without a content length or chunked */ if (!wsi->chunked) wsi->http.conn_type = HTTP_CONNECTION_CLOSE; lwsl_debug("%s: no content length\n", __func__); } if (wsi->do_ws) { /* * Give one last opportunity to ws protocols to inspect server reply * before the ws upgrade code discard it. ie: download reply body in case * of any other response code than 101. */ if (wsi->a.protocol->callback(wsi, LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP, wsi->user_space, NULL, 0)) { cce = "HS: disallowed by client filter"; goto bail2; } } else { /* allocate the per-connection user memory (if any) */ if (lws_ensure_user_space(wsi)) { lwsl_err("Problem allocating wsi user mem\n"); cce = "HS: OOM"; goto bail2; } /* * we seem to be good to go, give client last chance to check * headers and OK it */ ah1 = wsi->http.ah; wsi->http.ah = ah; if (wsi->a.protocol->callback(wsi, LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH, wsi->user_space, NULL, 0)) { wsi->http.ah = ah1; cce = "HS: disallowed by client filter"; goto bail2; } /* clear his proxy connection timeout */ lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); wsi->rxflow_change_to = LWS_RXFLOW_ALLOW; /* call him back to inform him he is up */ if (wsi->a.protocol->callback(wsi, LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP, wsi->user_space, NULL, 0)) { wsi->http.ah = ah1; cce = "HS: disallowed at ESTABLISHED"; goto bail3; } wsi->http.ah = ah1; lwsl_info("%s: %s: client conn up\n", __func__, lws_wsi_tag(wsi)); /* * Did we get a response from the server with an explicit * content-length of zero? If so, and it's not H2 which will * notice it via END_STREAM, this transaction is already * completed at the end of the header processing... * We also completed it if the request method is HEAD which as * no content leftover. * Or if the response status code is 204 : No Content */ simp = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); if (!wsi->mux_substream && !wsi->client_mux_substream && (204 == lws_http_client_http_response(wsi) || (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH) && (!wsi->http.rx_content_length || (simp && !strcmp(simp,"HEAD")))))) return !!lws_http_transaction_completed_client(wsi); /* * We can also get a case where it's http/1 and there's no * content-length at all, so anything that comes is the body * until it hangs up on us. With that situation, hanging up * on us past this point should generate a valid * LWS_CALLBACK_COMPLETED_CLIENT_HTTP. * * In that situation, he can't pipeline because in h1 there's * no post-header in-band way to signal the end of the * transaction except hangup. * * lws_http_transaction_completed_client() is the right guy to * issue it when we see the peer has hung up on us. */ return 0; } #if defined(LWS_ROLE_WS) switch (lws_client_ws_upgrade(wsi, &cce)) { case 2: goto bail2; case 3: goto bail3; } return 0; #endif bail3: close_reason = LWS_CLOSE_STATUS_NOSTATUS; bail2: if (wsi->a.protocol) { n = 0; if (cce) n = (int)strlen(cce); lws_inform_client_conn_fail(wsi, (void *)cce, (unsigned int)n); } lwsl_info("closing connection (prot %s) " "due to bail2 connection error: %s\n", wsi->a.protocol ? wsi->a.protocol->name : "unknown", cce); /* closing will free up his parsing allocations */ lws_close_free_wsi(wsi, (enum lws_close_status)close_reason, "c hs interp"); return LWS_HPI_RET_WSI_ALREADY_DIED; } #endif /* * set the boundary string and the content-type for client multipart mime */ uint8_t * lws_http_multipart_headers(struct lws *wsi, uint8_t *p) { char buf[10], arg[48]; int n; if (lws_get_random(wsi->a.context, (uint8_t *)buf, sizeof(buf)) != sizeof(buf)) return NULL; lws_b64_encode_string(buf, sizeof(buf), wsi->http.multipart_boundary, sizeof(wsi->http.multipart_boundary)); n = lws_snprintf(arg, sizeof(arg), "multipart/form-data; boundary=\"%s\"", wsi->http.multipart_boundary); if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, (uint8_t *)arg, n, &p, p + 100)) return NULL; wsi->http.multipart = wsi->http.multipart_issue_boundary = 1; lws_client_http_body_pending(wsi, 1); return p; } int lws_client_http_multipart(struct lws *wsi, const char *name, const char *filename, const char *content_type, char **p, char *end) { /* * Client conn must have been created with LCCSCF_HTTP_MULTIPART_MIME * flag to use this api */ assert(wsi->http.multipart); if (!name) { *p += lws_snprintf((char *)(*p), lws_ptr_diff_size_t(end, *p), "\xd\xa--%s--\xd\xa", wsi->http.multipart_boundary); return 0; } if (wsi->client_subsequent_mime_part) *p += lws_snprintf((char *)(*p), lws_ptr_diff_size_t(end, *p), "\xd\xa"); wsi->client_subsequent_mime_part = 1; *p += lws_snprintf((char *)(*p), lws_ptr_diff_size_t(end, *p), "--%s\xd\xa" "Content-Disposition: form-data; " "name=\"%s\"", wsi->http.multipart_boundary, name); if (filename) *p += lws_snprintf((char *)(*p), lws_ptr_diff_size_t(end, *p), "; filename=\"%s\"", filename); if (content_type) *p += lws_snprintf((char *)(*p), lws_ptr_diff_size_t(end, *p), "\xd\xa" "Content-Type: %s", content_type); *p += lws_snprintf((char *)(*p), lws_ptr_diff_size_t(end, *p), "\xd\xa\xd\xa"); return *p == end; } /* * replacement multipart state machine * * We want it to emit this kind of thing: * * POST /builds?project=warmcat%2Flibwebsockets HTTP/1.1 * Host: 127.0.0.1 * User-Agent: lws * Accept: * / * * Content-Length: 698 * Content-Type: multipart/form-data; boundary=------------------------dbe229171d826cc3 * * --------------------------dbe229171d826cc3 * Content-Disposition: form-data; name="file"; filename="xxx.bin" * Content-Type: application/octet-stream * * #!/bin/bash -x * xxx * exit $? * * --------------------------dbe229171d826cc3 * Content-Disposition: form-data; name="version" * * f2dcc4ea * --------------------------dbe229171d826cc3 * Content-Disposition: form-data; name="description" * * lws qa * --------------------------dbe229171d826cc3 * Content-Disposition: form-data; name="token" * * mytoken * --------------------------dbe229171d826cc3 * Content-Disposition: form-data; name="email" * * my@email.com * --------------------------dbe229171d826cc3-- * */ typedef enum { LWS_POST_STATE__NEXT, LWS_POST_STATE__FILE, LWS_POST_STATE__DATA, } post_state; typedef struct lws_http_mp_sm { struct lws_context *cx; lws_http_mp_sm_cb_t cb; char boundary[24 + 16 + 1]; char ft[4096]; char *eq; int fd; lws_filepos_t pos; lws_filepos_t total; const char *a; /* last hit */ post_state ps; } lws_http_mp_sm_t; struct lws_http_mp_sm * lws_http_mp_sm_init(struct lws *wsi, lws_http_mp_sm_cb_t cb, uint8_t **p, uint8_t *end) { struct lws_http_mp_sm *phms; char cla[512 + sizeof(phms->boundary)], ft[256], *eq; uint64_t cl = 0; struct stat s; int n; phms = lws_malloc(sizeof(*phms), __func__); if (!phms) return NULL; phms->cb = cb; phms->cx = lws_get_context(wsi); for (n = 0; n < 24; n++) phms->boundary[n] = '-'; lws_hex_random(phms->cx, phms->boundary + 24, 16); phms->boundary[24 + 16] = '\0'; n = lws_snprintf(cla, sizeof(cla), "multipart/form-data; boundary=%s", phms->boundary); if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE, (const uint8_t *)cla, n, p, end)) { lwsl_warn("%s: failed to set content_type\n", __func__); goto bail; } /* * We have to now add together the length of everything we will put in * the body, in order to know the content-length now at header-time. * * That includes the multipart boundaries, headers, and CRLF delimiters. */ phms->a = NULL; do { /* The cb will a) use cla / len as a scratchpad and * b) provide a string formelem=@name or formelem=name */ n = phms->cb(lws_get_context(wsi), ft, sizeof(ft), &phms->a); if (n < 0) goto bail; if (n) break; eq = strchr(ft, '='); if (eq) { *eq = '\0'; eq++; } /* ft contains the lhs of the = (now NUL) and eq the rhs sz */ cl += 2 /* -- */ + strlen(phms->boundary) + 2 /* CRLF */; if (eq && *eq == '@') { /* ie, form file contents */ cl += (unsigned int)lws_snprintf(cla, sizeof(cla), "Content-Disposition: form-data; name=\"%s\"; filename=\"%s\"\x0d\x0a" "Content-Type: application/octet-stream\x0d\x0a\x0d\x0a", ft, eq + 1); if (stat(eq + 1, &s)) { lwsl_warn("%s: failed to stat %s\n", __func__, eq + 1); goto bail; } cl += (uint64_t)s.st_size + 2 /* ending CRLF */; continue; } /* form data */ cl += (unsigned int)lws_snprintf(cla, sizeof(cla), "Content-Disposition: form-data; name=\"%s\"\x0d\x0a\x0d\x0a", ft); if (eq) cl += strlen(eq) + 2 /* CRLF */; } while (1); cl += 2 /* -- */ + strlen(phms->boundary) + 2 /* -- */ + 2 /* CRLF */; // lwsl_warn("%s: going with content length 0x%x\n", __func__, (unsigned int)cl); if (lws_add_http_header_content_length(wsi, cl, p, end)) goto bail; phms->a = NULL; phms->pos = 0; phms->total = 0; phms->ps = LWS_POST_STATE__NEXT; /* * Tell lws we are going to send the body next... */ return phms; bail: free(phms); return NULL; } void lws_http_mp_sm_destroy(struct lws_http_mp_sm **pphms) { if (*pphms) { lws_free(*pphms); *pphms = NULL; } } int lws_http_mp_sm_fill(struct lws_http_mp_sm *phms, uint8_t **p, uint8_t *end) { int n; assert(phms); do { switch (phms->ps) { case LWS_POST_STATE__NEXT: if (lws_ptr_diff(end, *p) < 300) return 1; n = phms->cb(phms->cx, phms->ft, sizeof(phms->ft), &phms->a); if (n < 0) { /* error */ return -1; } if (n) { /* no more form elements */ *p += lws_snprintf((char *)(*p), lws_ptr_diff_size_t(end, *p), "--%s--\x0d\x0a", phms->boundary); return 0; /* finished then */ } phms->eq = strchr(phms->ft, '='); if (phms->eq) { *phms->eq = '\0'; phms->eq++; } /* phms->ft contains the lhs of the = (now NUL) and eq the rhs sz */ *p += lws_snprintf((char *)(*p), lws_ptr_diff_size_t(end, *p), "--%s\x0d\x0a", phms->boundary); if (phms->eq && *phms->eq == '@') { /* ie, form file contents */ struct stat s; *p += lws_snprintf((char *)(*p), lws_ptr_diff_size_t(end, *p), "Content-Disposition: form-data; name=\"%s\"; filename=\"%s\"\x0d\x0a" "Content-Type: application/octet-stream\x0d\x0a\x0d\x0a", phms->ft, phms->eq + 1); phms->fd = open(phms->eq + 1, O_RDONLY); if (phms->fd == -1) { lwsl_warn("%s: unable to open '%s'\n", __func__, phms->eq + 1); return -1; /* failed */ } if (fstat(phms->fd, &s)) { lwsl_warn("%s: failed to stat %s\n", __func__, phms->eq + 1); return -1; /* failed */ } phms->pos = 0; phms->total = (lws_filepos_t)s.st_size; phms->ps = LWS_POST_STATE__FILE; continue; } /* form data */ *p += lws_snprintf((char *)(*p), lws_ptr_diff_size_t(end, *p), "Content-Disposition: form-data; name=\"%s\"\x0d\x0a\x0d\x0a", phms->ft); phms->ps = LWS_POST_STATE__DATA; break; case LWS_POST_STATE__FILE: { size_t chunk = lws_ptr_diff_size_t(end, *p) - 2; ssize_t r; if (lws_ptr_diff(end, *p) < 100) return 1; r = read(phms->fd, *p, LWS_POSIX_LENGTH_CAST(chunk)); if (r < 0) { close(phms->fd); lwsl_warn("%s: unable to read\n", __func__); return -1; /* failed */ } *p += r; phms->pos += (uint64_t)r; if (phms->pos == phms->total) { **p = '\x0d'; *p += 1; **p = '\x0a'; *p += 1; close(phms->fd); phms->ps = LWS_POST_STATE__NEXT; } break; } case LWS_POST_STATE__DATA: if (lws_ptr_diff(end, *p) < 300) return 1; *p += lws_snprintf((char *)(*p), lws_ptr_diff_size_t(end, *p), "%s\x0d\x0a", phms->eq); phms->ps = LWS_POST_STATE__NEXT; break; } /* switch */ } while (lws_ptr_diff(end, *p) > 100); return 1; /* more to do */ } char * lws_generate_client_handshake(struct lws *wsi, char *pkt, size_t pkt_len) { const char *meth, *pp = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS), *path; char *p = pkt, *p1, *end = p + pkt_len; meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD); if (!meth) { meth = "GET"; wsi->do_ws = 1; } else { wsi->do_ws = 0; } if (!strcmp(meth, "RAW")) { lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0); lwsl_notice("client transition to raw\n"); if (pp) { const struct lws_protocols *pr; pr = lws_vhost_name_to_protocol(wsi->a.vhost, pp); if (!pr) { lwsl_err("protocol %s not enabled on vhost\n", pp); return NULL; } lws_bind_protocol(wsi, pr, __func__); } if ((wsi->a.protocol->callback)(wsi, LWS_CALLBACK_RAW_ADOPT, wsi->user_space, NULL, 0)) return NULL; lws_role_transition(wsi, LWSIFR_CLIENT, LRS_ESTABLISHED, &role_ops_raw_skt); lws_header_table_detach(wsi, 1); return NULL; } /* * 04 example client handshake * * GET /chat HTTP/1.1 * Host: server.example.com * Upgrade: websocket * Connection: Upgrade * Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== * Sec-WebSocket-Origin: http://example.com * Sec-WebSocket-Protocol: chat, superchat * Sec-WebSocket-Version: 4 */ path = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI); if (!path) { if (wsi->stash && wsi->stash->cis[CIS_PATH] && wsi->stash->cis[CIS_PATH][0]) path = wsi->stash->cis[CIS_PATH]; else path = "/"; } p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "%s %s HTTP/1.1\x0d\x0a", meth, path); if (!(wsi->flags & LCCSCF_HTTP_NO_CACHE_CONTROL)) p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "Pragma: no-cache\x0d\x0a" "Cache-Control: no-cache\x0d\x0a"); p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "Host: %s\x0d\x0a", lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_HOST)); if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN)) { if (lws_check_opt(wsi->a.context->options, LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN)) p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "Origin: %s\x0d\x0a", lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN)); else p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "Origin: %s://%s\x0d\x0a", wsi->flags & LCCSCF_USE_SSL ? "https" : "http", lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN)); } if (wsi->flags & LCCSCF_HTTP_MULTIPART_MIME) { p1 = (char *)lws_http_multipart_headers(wsi, (uint8_t *)p); if (!p1) return NULL; p = p1; } #if defined(LWS_WITH_HTTP_PROXY) if (wsi->parent && lws_hdr_total_length(wsi->parent, WSI_TOKEN_HTTP_CONTENT_LENGTH)) { p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "Content-Length: %s\x0d\x0a", lws_hdr_simple_ptr(wsi->parent, WSI_TOKEN_HTTP_CONTENT_LENGTH)); if (atoi(lws_hdr_simple_ptr(wsi->parent, WSI_TOKEN_HTTP_CONTENT_LENGTH))) wsi->client_http_body_pending = 1; } if (wsi->parent && lws_hdr_total_length(wsi->parent, WSI_TOKEN_HTTP_AUTHORIZATION)) { p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "Authorization: %s\x0d\x0a", lws_hdr_simple_ptr(wsi->parent, WSI_TOKEN_HTTP_AUTHORIZATION)); } if (wsi->parent && lws_hdr_total_length(wsi->parent, WSI_TOKEN_HTTP_CONTENT_TYPE)) { p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "Content-Type: %s\x0d\x0a", lws_hdr_simple_ptr(wsi->parent, WSI_TOKEN_HTTP_CONTENT_TYPE)); } #endif #if defined(LWS_WITH_HTTP_DIGEST_AUTH) if (wsi->http.digest_auth_hdr) { p += lws_snprintf(p, 1024, "Authorization: %s\x0d\x0a", wsi->http.digest_auth_hdr); lws_free(wsi->http.digest_auth_hdr); wsi->http.digest_auth_hdr = NULL; } #endif #if defined(LWS_ROLE_WS) if (wsi->do_ws) { const char *conn1 = ""; // if (!wsi->client_pipeline) // conn1 = "close, "; p = lws_generate_client_ws_handshake(wsi, p, conn1, lws_ptr_diff_size_t(end, p)); if (!p) return NULL; } else #endif { if (!wsi->client_pipeline) p += lws_snprintf(p, 64, "connection: close\x0d\x0a"); } /* give userland a chance to append, eg, cookies */ #if defined(LWS_WITH_CACHE_NSCOOKIEJAR) && defined(LWS_WITH_CLIENT) if (wsi->flags & LCCSCF_CACHE_COOKIES) lws_cookie_send_cookies(wsi, &p, end); #endif if (wsi->a.protocol->callback(wsi, LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER, wsi->user_space, &p, (unsigned int)((pkt + wsi->a.context->pt_serv_buf_size) - p - 12))) return NULL; if (wsi->flags & LCCSCF_HTTP_X_WWW_FORM_URLENCODED) { p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "Content-Type: application/x-www-form-urlencoded\x0d\x0a"); p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "Content-Length: %lu\x0d\x0a", wsi->http.writeable_len); lws_client_http_body_pending(wsi, 1); } p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "\x0d\x0a"); if (wsi->client_http_body_pending || lws_has_buffered_out(wsi)) lws_callback_on_writable(wsi); lws_metrics_caliper_bind(wsi->cal_conn, wsi->a.context->mt_http_txn); #if defined(LWS_WITH_CONMON) wsi->conmon_datum = lws_now_usecs(); #endif // puts(pkt); return p; } #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2) #if defined(LWS_WITH_HTTP_BASIC_AUTH) int lws_http_basic_auth_gen2(const char *user, const void *pw, size_t pwd_len, char *buf, size_t len) { size_t n = strlen(user), m = pwd_len; char b[128]; if (len < 6 + ((4 * (n + m + 1)) / 3) + 1) return 1; memcpy(buf, "Basic ", 6); n = (unsigned int)lws_snprintf(b, sizeof(b), "%s:", user); if ((n + pwd_len) >= sizeof(b) - 2) return 2; memcpy(&b[n], pw, pwd_len); n += pwd_len; lws_b64_encode_string(b, (int)n, buf + 6, (int)len - 6); buf[len - 1] = '\0'; return 0; } int lws_http_basic_auth_gen(const char *user, const char *pw, char *buf, size_t len) { return lws_http_basic_auth_gen2(user, pw, strlen(pw), buf, len); } #endif int lws_http_client_read(struct lws *wsi, char **buf, int *len) { struct lws_context_per_thread *pt = &wsi->a.context->pt[(int)wsi->tsi]; struct lws_tokens eb; int buffered, n, consumed = 0; /* * If the caller provided a non-NULL *buf and nonzero *len, we should * use that as the buffer for the read action, limititing it to *len * (actual payload will be less if chunked headers inside). * * If it's NULL / 0 length, buflist_aware_read will use the pt_serv_buf */ eb.token = (unsigned char *)*buf; eb.len = *len; buffered = lws_buflist_aware_read(pt, wsi, &eb, 0, __func__); *buf = (char *)eb.token; /* may be pointing to buflist or pt_serv_buf */ *len = 0; /* * we're taking on responsibility for handling used / unused eb * when we leave, via lws_buflist_aware_finished_consuming() */ // lwsl_notice("%s: eb.len %d ENTRY chunk remaining %d\n", __func__, eb.len, // wsi->chunk_remaining); /* allow the source to signal he has data again next time */ if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) return -1; if (buffered < 0) { lwsl_debug("%s: SSL capable error\n", __func__); if (wsi->http.ah && wsi->http.ah->parser_state == WSI_PARSING_COMPLETE && !lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) /* * We had the headers from this stream, but as there * was no content-length: we had to wait until the * stream ended to inform the user code the transaction * has completed to the best of our knowledge */ if (lws_http_transaction_completed_client(wsi)) /* * We're going to close anyway, but that api has * warn_unused_result */ return -1; return -1; } if (eb.len <= 0) return 0; *len = eb.len; wsi->client_rx_avail = 0; /* * server may insist on transfer-encoding: chunked, * so http client must deal with it */ spin_chunks: //lwsl_notice("%s: len %d SPIN chunk remaining %d\n", __func__, *len, // wsi->chunk_remaining); while (wsi->chunked && (wsi->chunk_parser != ELCP_CONTENT) && *len) { switch (wsi->chunk_parser) { case ELCP_HEX: if ((*buf)[0] == '\x0d') { wsi->chunk_parser = ELCP_CR; break; } n = char_to_hex((*buf)[0]); if (n < 0) { lwsl_err("%s: chunking failure A\n", __func__); return -1; } wsi->chunk_remaining <<= 4; wsi->chunk_remaining |= n; break; case ELCP_CR: if ((*buf)[0] != '\x0a') { lwsl_err("%s: chunking failure B\n", __func__); return -1; } if (wsi->chunk_remaining) { wsi->chunk_parser = ELCP_CONTENT; //lwsl_notice("starting chunk size %d (block rem %d)\n", // wsi->chunk_remaining, *len); break; } wsi->chunk_parser = ELCP_TRAILER_CR; break; case ELCP_CONTENT: break; case ELCP_POST_CR: if ((*buf)[0] != '\x0d') { lwsl_err("%s: chunking failure C\n", __func__); lwsl_hexdump_err(*buf, (unsigned int)*len); return -1; } wsi->chunk_parser = ELCP_POST_LF; break; case ELCP_POST_LF: if ((*buf)[0] != '\x0a') { lwsl_err("%s: chunking failure D\n", __func__); return -1; } wsi->chunk_parser = ELCP_HEX; wsi->chunk_remaining = 0; break; case ELCP_TRAILER_CR: if ((*buf)[0] != '\x0d') { lwsl_err("%s: chunking failure F\n", __func__); lwsl_hexdump_err(*buf, (unsigned int)*len); return -1; } wsi->chunk_parser = ELCP_TRAILER_LF; break; case ELCP_TRAILER_LF: if ((*buf)[0] != '\x0a') { lwsl_err("%s: chunking failure F\n", __func__); lwsl_hexdump_err(*buf, (unsigned int)*len); return -1; } (*buf)++; (*len)--; consumed++; lwsl_info("final chunk\n"); goto completed; } (*buf)++; (*len)--; consumed++; } if (wsi->chunked && !wsi->chunk_remaining) goto account_and_ret; if (wsi->http.rx_content_remain && wsi->http.rx_content_remain < (unsigned int)*len) n = (int)wsi->http.rx_content_remain; else n = *len; if (wsi->chunked && wsi->chunk_remaining && wsi->chunk_remaining < n) n = wsi->chunk_remaining; #if defined(LWS_WITH_HTTP_PROXY) && defined(LWS_WITH_HUBBUB) /* hubbub */ if (wsi->http.perform_rewrite) lws_rewrite_parse(wsi->http.rw, (unsigned char *)*buf, n); else #endif { if ( #if defined(LWS_WITH_HTTP_PROXY) !wsi->protocol_bind_balance == !!wsi->http.proxy_clientside #else !!wsi->protocol_bind_balance #endif ) { int q; q = user_callback_handle_rxflow(wsi->a.protocol->callback, wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ, wsi->user_space, *buf, (unsigned int)n); if (q) { lwsl_info("%s: RECEIVE_CLIENT_HTTP_READ returned %d\n", __func__, q); return q; } } else lwsl_notice("%s: swallowed read (%d)\n", __func__, n); } (*buf) += n; *len -= n; if (wsi->chunked && wsi->chunk_remaining) wsi->chunk_remaining -= n; //lwsl_notice("chunk_remaining <- %d, block remaining %d\n", // wsi->chunk_remaining, *len); consumed += n; //eb.token += n; //eb.len -= n; if (wsi->chunked && !wsi->chunk_remaining) wsi->chunk_parser = ELCP_POST_CR; if (wsi->chunked && *len) goto spin_chunks; if (wsi->chunked) goto account_and_ret; /* if we know the content length, decrement the content remaining */ if (wsi->http.rx_content_length > 0) wsi->http.rx_content_remain -= (unsigned int)n; // lwsl_notice("rx_content_remain %lld, rx_content_length %lld, giv %d\n", // wsi->http.rx_content_remain, wsi->http.rx_content_length, // wsi->http.content_length_given); if (wsi->http.rx_content_remain || !wsi->http.content_length_given) goto account_and_ret; completed: if (lws_http_transaction_completed_client(wsi)) { lwsl_info("%s: transaction completed says -1\n", __func__); return -1; } account_and_ret: // lwsl_warn("%s: on way out, consuming %d / %d\n", __func__, consumed, eb.len); if (lws_buflist_aware_finished_consuming(wsi, &eb, consumed, buffered, __func__)) return -1; return 0; } #endif static uint8_t hnames2[] = { _WSI_TOKEN_CLIENT_ORIGIN, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS, _WSI_TOKEN_CLIENT_METHOD, _WSI_TOKEN_CLIENT_IFACE }; /** * lws_client_reset() - retarget a connected wsi to start over with a new * connection (ie, redirect) * this only works if still in HTTP, ie, not upgraded yet * wsi: connection to reset * address: network address of the new server * port: port to connect to * path: uri path to connect to on the new server * host: host header to send to the new server */ struct lws * lws_client_reset(struct lws **pwsi, int ssl, const char *address, int port, const char *path, const char *host, char weak) { struct lws_context_per_thread *pt; #if defined(LWS_ROLE_WS) struct _lws_websocket_related *ws; #endif const char *cisin[CIS_COUNT]; struct lws *wsi; size_t o; int n, r; if (!pwsi) return NULL; wsi = *pwsi; pt = &wsi->a.context->pt[(int)wsi->tsi]; lwsl_debug("%s: %s: redir %d: %s\n", __func__, lws_wsi_tag(wsi), wsi->redirects, address); if (wsi->redirects == 4) { lwsl_err("%s: Too many redirects\n", __func__); return NULL; } wsi->redirects++; /* * goal is to close our role part, close the sockfd, detach the ah * but leave our wsi extant and still bound to whatever vhost it was */ o = path[0] == '/' && path[1] == '/'; memset((char *)cisin, 0, sizeof(cisin)); cisin[CIS_ADDRESS] = address; cisin[CIS_PATH] = path + o; cisin[CIS_HOST] = host; for (n = 0; n < (int)LWS_ARRAY_SIZE(hnames2); n++) cisin[n + 3] = lws_hdr_simple_ptr(wsi, hnames2[n]); r = (int)wsi->http.ah->http_response; #if defined(LWS_WITH_TLS) cisin[CIS_ALPN] = wsi->alpn; #endif if (!wsi->stash && lws_client_stash_create(wsi, cisin)) return NULL; if (!port) { lwsl_info("%s: forcing port 443\n", __func__); port = 443; ssl = 1; } wsi->c_port = (uint16_t)port; wsi->flags = (wsi->flags & (~LCCSCF_USE_SSL)) | (ssl ? LCCSCF_USE_SSL : 0); if (!cisin[CIS_ALPN] || !cisin[CIS_ALPN][0]) #if defined(LWS_ROLE_H2) cisin[CIS_ALPN] = "h2,http/1.1"; #else cisin[CIS_ALPN] = "http/1.1"; #endif lwsl_notice("%s: REDIRECT %d: %s %s:%d, path='%s', ssl = %d, alpn='%s'\n", __func__, r, cisin[CIS_METHOD], address, port, path, ssl, cisin[CIS_ALPN]); lws_pt_lock(pt, __func__); __remove_wsi_socket_from_fds(wsi); lws_pt_unlock(pt); #if defined(LWS_ROLE_WS) if (weak) { ws = wsi->ws; wsi->ws = NULL; } #endif /* * After this point we can't trust the incoming strings like address, * path any more, since they may have been pointing into the old ah. * * We must use the copies in the wsi->stash instead if we want them. */ __lws_reset_wsi(wsi); /* detaches ah here */ #if defined(LWS_ROLE_WS) if (weak) wsi->ws = ws; #endif wsi->client_pipeline = 1; /* * We could be a redirect before, or after the POST was done. * Http's hack around this is 307 / 308 keep the method, ie, * it's pre and they have to repeat the body. Other 3xx * turn it into a GET. */ if ((r / 100) == 3 && r != 307 && r != 308) wsi->redirected_to_get = 1; /* * Will complete at close flow */ wsi->close_is_redirect = 1; return *pwsi; }