Software / code / prosody
Annotate
net/websocket/frames.lua @ 13801:a5d5fefb8b68 13.0
mod_tls: Enable Prosody's certificate checking for incoming s2s connections (fixes #1916) (thanks Damian, Zash)
Various options in Prosody allow control over the behaviour of the certificate
verification process For example, some deployments choose to allow falling
back to traditional "dialback" authentication (XEP-0220), while others verify
via DANE, hard-coded fingerprints, or other custom plugins.
Implementing this flexibility requires us to override OpenSSL's default
certificate verification, to allow Prosody to verify the certificate itself,
apply custom policies and make decisions based on the outcome.
To enable our custom logic, we have to suppress OpenSSL's default behaviour of
aborting the connection with a TLS alert message. With LuaSec, this can be
achieved by using the verifyext "lsec_continue" flag.
We also need to use the lsec_ignore_purpose flag, because XMPP s2s uses server
certificates as "client" certificates (for mutual TLS verification in outgoing
s2s connections).
Commit 99d2100d2918 moved these settings out of the defaults and into mod_s2s,
because we only really need these changes for s2s, and they should be opt-in,
rather than automatically applied to all TLS services we offer.
That commit was incomplete, because it only added the flags for incoming
direct TLS connections. StartTLS connections are handled by mod_tls, which was
not applying the lsec_* flags. It previously worked because they were already
in the defaults.
This resulted in incoming s2s connections with "invalid" certificates being
aborted early by OpenSSL, even if settings such as `s2s_secure_auth = false`
or DANE were present in the config.
Outgoing s2s connections inherit verify "none" from the defaults, which means
OpenSSL will receive the cert but will not terminate the connection when it is
deemed invalid. This means we don't need lsec_continue there, and we also
don't need lsec_ignore_purpose (because the remote peer is a "server").
Wondering why we can't just use verify "none" for incoming s2s? It's because
in that mode, OpenSSL won't request a certificate from the peer for incoming
connections. Setting verify "peer" is how you ask OpenSSL to request a
certificate from the client, but also what triggers its built-in verification.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Tue, 01 Apr 2025 17:26:56 +0100 |
| parent | 13250:cfd062d025b0 |
| rev | line source |
|---|---|
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
1 -- Prosody IM |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
2 -- Copyright (C) 2012 Florian Zeitz |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
3 -- Copyright (C) 2014 Daurnimator |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
4 -- |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
5 -- This project is MIT/X11 licensed. Please see the |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
6 -- COPYING file in the source package for more information. |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
7 -- |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
8 |
|
12974
ba409c67353b
net: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents:
12386
diff
changeset
|
9 local random_bytes = require "prosody.util.random".bytes; |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
10 |
|
12974
ba409c67353b
net: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents:
12386
diff
changeset
|
11 local bit = require "prosody.util.bitcompat"; |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
12 local band = bit.band; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
13 local bor = bit.bor; |
|
12974
ba409c67353b
net: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents:
12386
diff
changeset
|
14 local sbit = require "prosody.util.strbitop"; |
|
11164
4e5a2af9dd19
net.websocket.frames: Use C string XOR implementation
Kim Alvefur <zash@zash.se>
parents:
11157
diff
changeset
|
15 local sxor = sbit.sxor; |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
16 |
|
12386
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
17 local s_char = string.char; |
|
12974
ba409c67353b
net: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents:
12386
diff
changeset
|
18 local s_pack = require"prosody.util.struct".pack; |
|
ba409c67353b
net: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents:
12386
diff
changeset
|
19 local s_unpack = require"prosody.util.struct".unpack; |
|
6899
5f3da8b00b9b
net.websocket.frames: Use struct packing in Lua 5.3 or struct lib if available
Kim Alvefur <zash@zash.se>
parents:
6898
diff
changeset
|
20 |
|
12386
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
21 local function pack_uint16be(x) |
|
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
22 return s_pack(">I2", x); |
|
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
23 end |
|
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
24 local function pack_uint64be(x) |
|
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
25 return s_pack(">I8", x); |
|
6899
5f3da8b00b9b
net.websocket.frames: Use struct packing in Lua 5.3 or struct lib if available
Kim Alvefur <zash@zash.se>
parents:
6898
diff
changeset
|
26 end |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
27 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
28 local function read_uint16be(str, pos) |
|
12386
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
29 if type(str) ~= "string" then |
|
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
30 str, pos = str:sub(pos, pos+1), 1; |
|
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
31 end |
|
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
32 return s_unpack(">I2", str, pos); |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
33 end |
|
12386
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
34 local function read_uint64be(str, pos) |
|
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
35 if type(str) ~= "string" then |
|
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
36 str, pos = str:sub(pos, pos+7), 1; |
|
6899
5f3da8b00b9b
net.websocket.frames: Use struct packing in Lua 5.3 or struct lib if available
Kim Alvefur <zash@zash.se>
parents:
6898
diff
changeset
|
37 end |
|
12386
2d3080d02960
net.websocket.frames: Replace bit fiddling code with util.struct
Kim Alvefur <zash@zash.se>
parents:
11166
diff
changeset
|
38 return s_unpack(">I8", str, pos); |
|
6899
5f3da8b00b9b
net.websocket.frames: Use struct packing in Lua 5.3 or struct lib if available
Kim Alvefur <zash@zash.se>
parents:
6898
diff
changeset
|
39 end |
|
5f3da8b00b9b
net.websocket.frames: Use struct packing in Lua 5.3 or struct lib if available
Kim Alvefur <zash@zash.se>
parents:
6898
diff
changeset
|
40 |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
41 local function parse_frame_header(frame) |
|
11157
413bd21ba449
net.websocket.frames: Read buffer length correctly in Lua 5.1 (fix #1598)
Kim Alvefur <zash@zash.se>
parents:
11112
diff
changeset
|
42 if frame:len() < 2 then return; end |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
43 |
|
11106
76f46c2579a2
net.websocket.frames: Allow all methods to work on non-string objects
Matthew Wild <mwild1@gmail.com>
parents:
8728
diff
changeset
|
44 local byte1, byte2 = frame:byte(1, 2); |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
45 local result = { |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
46 FIN = band(byte1, 0x80) > 0; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
47 RSV1 = band(byte1, 0x40) > 0; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
48 RSV2 = band(byte1, 0x20) > 0; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
49 RSV3 = band(byte1, 0x10) > 0; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
50 opcode = band(byte1, 0x0F); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
51 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
52 MASK = band(byte2, 0x80) > 0; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
53 length = band(byte2, 0x7F); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
54 }; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
55 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
56 local length_bytes = 0; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
57 if result.length == 126 then |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
58 length_bytes = 2; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
59 elseif result.length == 127 then |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
60 length_bytes = 8; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
61 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
62 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
63 local header_length = 2 + length_bytes + (result.MASK and 4 or 0); |
|
11157
413bd21ba449
net.websocket.frames: Read buffer length correctly in Lua 5.1 (fix #1598)
Kim Alvefur <zash@zash.se>
parents:
11112
diff
changeset
|
64 if frame:len() < header_length then return; end |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
65 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
66 if length_bytes == 2 then |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
67 result.length = read_uint16be(frame, 3); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
68 elseif length_bytes == 8 then |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
69 result.length = read_uint64be(frame, 3); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
70 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
71 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
72 if result.MASK then |
|
11164
4e5a2af9dd19
net.websocket.frames: Use C string XOR implementation
Kim Alvefur <zash@zash.se>
parents:
11157
diff
changeset
|
73 result.key = frame:sub(length_bytes+3, length_bytes+6); |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
74 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
75 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
76 return result, header_length; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
77 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
78 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
79 -- XORs the string `str` with the array of bytes `key` |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
80 local function apply_mask(str, key, from, to) |
|
11164
4e5a2af9dd19
net.websocket.frames: Use C string XOR implementation
Kim Alvefur <zash@zash.se>
parents:
11157
diff
changeset
|
81 return sxor(str:sub(from or 1, to or -1), key); |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
82 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
83 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
84 local function parse_frame_body(frame, header, pos) |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
85 if header.MASK then |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
86 return apply_mask(frame, header.key, pos, pos + header.length - 1); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
87 else |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
88 return frame:sub(pos, pos + header.length - 1); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
89 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
90 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
91 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
92 local function parse_frame(frame) |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
93 local result, pos = parse_frame_header(frame); |
|
11157
413bd21ba449
net.websocket.frames: Read buffer length correctly in Lua 5.1 (fix #1598)
Kim Alvefur <zash@zash.se>
parents:
11112
diff
changeset
|
94 if result == nil or frame:len() < (pos + result.length) then return nil, nil, result; end |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
95 result.data = parse_frame_body(frame, result, pos+1); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
96 return result, pos + result.length; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
97 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
98 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
99 local function build_frame(desc) |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
100 local data = desc.data or ""; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
101 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
102 assert(desc.opcode and desc.opcode >= 0 and desc.opcode <= 0xF, "Invalid WebSocket opcode"); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
103 if desc.opcode >= 0x8 then |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
104 -- RFC 6455 5.5 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
105 assert(#data <= 125, "WebSocket control frames MUST have a payload length of 125 bytes or less."); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
106 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
107 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
108 local b1 = bor(desc.opcode, |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
109 desc.FIN and 0x80 or 0, |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
110 desc.RSV1 and 0x40 or 0, |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
111 desc.RSV2 and 0x20 or 0, |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
112 desc.RSV3 and 0x10 or 0); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
113 |
|
6395
e0164b0fcafd
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
114 local b2 = #data; |
|
e0164b0fcafd
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
115 local length_extra; |
|
e0164b0fcafd
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
116 if b2 <= 125 then -- 7-bit length |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
117 length_extra = ""; |
|
6395
e0164b0fcafd
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
118 elseif b2 <= 0xFFFF then -- 2-byte length |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
119 b2 = 126; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
120 length_extra = pack_uint16be(#data); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
121 else -- 8-byte length |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
122 b2 = 127; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
123 length_extra = pack_uint64be(#data); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
124 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
125 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
126 local key = "" |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
127 if desc.MASK then |
|
11164
4e5a2af9dd19
net.websocket.frames: Use C string XOR implementation
Kim Alvefur <zash@zash.se>
parents:
11157
diff
changeset
|
128 key = desc.key |
|
4e5a2af9dd19
net.websocket.frames: Use C string XOR implementation
Kim Alvefur <zash@zash.se>
parents:
11157
diff
changeset
|
129 if not key then |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
130 key = random_bytes(4); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
131 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
132 b2 = bor(b2, 0x80); |
|
11164
4e5a2af9dd19
net.websocket.frames: Use C string XOR implementation
Kim Alvefur <zash@zash.se>
parents:
11157
diff
changeset
|
133 data = apply_mask(data, key); |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
134 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
135 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
136 return s_char(b1, b2) .. length_extra .. key .. data |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
137 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
138 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
139 local function parse_close(data) |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
140 local code, message |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
141 if #data >= 2 then |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
142 code = read_uint16be(data, 1); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
143 if #data > 2 then |
|
11106
76f46c2579a2
net.websocket.frames: Allow all methods to work on non-string objects
Matthew Wild <mwild1@gmail.com>
parents:
8728
diff
changeset
|
144 message = data:sub(3); |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
145 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
146 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
147 return code, message |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
148 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
149 |
|
6455
b6514e691a70
net.websocket: Make data masking configurable
Florian Zeitz <florob@babelmonkeys.de>
parents:
6398
diff
changeset
|
150 local function build_close(code, message, mask) |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
151 local data = pack_uint16be(code); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
152 if message then |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
153 assert(#message<=123, "Close reason must be <=123 bytes"); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
154 data = data .. message; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
155 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
156 return build_frame({ |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
157 opcode = 0x8; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
158 FIN = true; |
|
6455
b6514e691a70
net.websocket: Make data masking configurable
Florian Zeitz <florob@babelmonkeys.de>
parents:
6398
diff
changeset
|
159 MASK = mask; |
|
6389
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
160 data = data; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
161 }); |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
162 end |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
163 |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
164 return { |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
165 parse_header = parse_frame_header; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
166 parse_body = parse_frame_body; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
167 parse = parse_frame; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
168 build = build_frame; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
169 parse_close = parse_close; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
170 build_close = build_close; |
|
8eccd07b619c
net/websocket: Add new websocket client code
daurnimator <quae@daurnimator.com>
parents:
diff
changeset
|
171 }; |
