Fail WebSocket channel when handshake fails.

net/websockets/websocket_basic_handshake_stream.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/websockets/websocket_basic_handshake_stream.h"
 
 #include <algorithm>
 #include <iterator>
 
 #include "base/base64.h"
 #include "base/basictypes.h"
 #include "base/bind.h"
 #include "base/containers/hash_tables.h"
 #include "base/stl_util.h"
 #include "base/strings/string_util.h"
+#include "base/strings/stringprintf.h"
 #include "crypto/random.h"
 #include "net/http/http_request_headers.h"
 #include "net/http/http_request_info.h"
 #include "net/http/http_response_body_drainer.h"
 #include "net/http/http_response_headers.h"
 #include "net/http/http_status_code.h"
 #include "net/http/http_stream_parser.h"
 #include "net/socket/client_socket_handle.h"
 #include "net/websockets/websocket_basic_stream.h"
+#include "net/websockets/websocket_extension_parser.h"
 #include "net/websockets/websocket_handshake_constants.h"
 #include "net/websockets/websocket_handshake_handler.h"
 #include "net/websockets/websocket_stream.h"
 
 namespace net {
 namespace {
 
+enum GetHeaderResult {
+  GET_HEADER_OK,
+  GET_HEADER_MISSING,
+  GET_HEADER_MULTIPLE,
+};
+
+std::string MissingHeader(const std::string& header_name) {
+  return std::string("'") + header_name + "' header is missing";
+}
+
+std::string MultipleHeaderValues(const std::string& header_name) {
+  return
+      std::string("'") +
+      header_name +
+      "' header must not appear more than once in a response";
+}
+
 std::string GenerateHandshakeChallenge() {
   std::string raw_challenge(websockets::kRawChallengeLength, '\0');
   crypto::RandBytes(string_as_array(&raw_challenge), raw_challenge.length());
   std::string encoded_challenge;
   bool encode_success = base::Base64Encode(raw_challenge, &encoded_challenge);
   DCHECK(encode_success);
   return encoded_challenge;
 }
 
 void AddVectorHeaderIfNonEmpty(const char* name,
                                const std::vector<std::string>& value,
                                HttpRequestHeaders* headers) {
   if (value.empty())
     return;
   headers->SetHeader(name, JoinString(value, ", "));
 }
 
-// If |case_sensitive| is false, then |value| must be in lower-case.
-bool ValidateSingleTokenHeader(
-    const scoped_refptr<HttpResponseHeaders>& headers,
-    const base::StringPiece& name,
-    const std::string& value,
-    bool case_sensitive) {
+GetHeaderResult GetSingleHeaderValue(const HttpResponseHeaders* headers,
+                                     const base::StringPiece& name,
+                                     std::string* value) {
   void* state = NULL;
+  int tokens = 0;
   std::string token;
-  int tokens = 0;
-  bool has_value = false;
   while (headers->EnumerateHeader(&state, name, &token)) {
     if (++tokens > 1)
-      return false;
-    has_value = case_sensitive ? value == token
-                               : LowerCaseEqualsASCII(token, value.c_str());
+      return GET_HEADER_MULTIPLE;
+    *value = token;
   }
-  return has_value;
+  return tokens > 0 ? GET_HEADER_OK : GET_HEADER_MISSING;
+}
+
+bool ValidateHeaderHasSingleValue(GetHeaderResult result,
+                                  const std::string& header_name,
+                                  std::string* failure_message) {
+  if (result == GET_HEADER_MISSING) {
+    *failure_message = MissingHeader(header_name);
+    return false;
+  }
+  if (result == GET_HEADER_MULTIPLE) {
+    *failure_message = MultipleHeaderValues(header_name);
+    return false;
+  }
+  DCHECK_EQ(result, GET_HEADER_OK);
+  return true;
+}
+
+bool ValidateUpgrade(const HttpResponseHeaders* headers,
+                     std::string* failure_message) {
+  std::string value;
+  GetHeaderResult result =
+      GetSingleHeaderValue(headers, websockets::kUpgrade, &value);
+  if (!ValidateHeaderHasSingleValue(result,
+                                    websockets::kUpgrade,
+                                    failure_message)) {
+    return false;
+  }
+
+  if (!LowerCaseEqualsASCII(value, websockets::kWebSocketLowercase)) {
+    *failure_message =
+        "'Upgrade' header value is not 'WebSocket': " + value;
+    return false;
+  }
+  return true;
+}
+
+bool ValidateSecWebSocketAccept(const HttpResponseHeaders* headers,
+                                const std::string& expected,
+                                std::string* failure_message) {
+  std::string actual;
+  GetHeaderResult result =
+      GetSingleHeaderValue(headers, websockets::kSecWebSocketAccept, &actual);
+  if (!ValidateHeaderHasSingleValue(result,
+                                    websockets::kSecWebSocketAccept,
+                                    failure_message)) {
+    return false;
+  }
+
+  if (expected != actual) {
+    *failure_message = "Incorrect 'Sec-WebSocket-Accept' header value";
+    return false;
+  }
+  return true;
+}
+
+bool ValidateConnection(const HttpResponseHeaders* headers,
+                        std::string* failure_message) {
+  // Connection header is permitted to contain other tokens.
+  if (!headers->HasHeader(HttpRequestHeaders::kConnection)) {
+    *failure_message = MissingHeader(HttpRequestHeaders::kConnection);
+    return false;
+  }
+  if (!headers->HasHeaderValue(HttpRequestHeaders::kConnection,
+                               websockets::kUpgrade)) {
+    *failure_message = "'Connection' header value must contain 'Upgrade'";
+    return false;
+  }
+  return true;
 }
 
 bool ValidateSubProtocol(
-    const scoped_refptr<HttpResponseHeaders>& headers,
+    const HttpResponseHeaders* headers,
     const std::vector<std::string>& requested_sub_protocols,
-    std::string* sub_protocol) {
+    std::string* sub_protocol,
+    std::string* failure_message) {
   void* state = NULL;
   std::string token;
+  std::string last_token;
   base::hash_set<std::string> requested_set(requested_sub_protocols.begin(),
                                             requested_sub_protocols.end());
-  int accepted = 0;
+  int count = 0;
+  bool has_multiple_protocols = false;
+  bool has_invalid_protocol = false;
+
   while (headers->EnumerateHeader(
-      &state, websockets::kSecWebSocketProtocol, &token)) {
+             &state, websockets::kSecWebSocketProtocol, &token) &&
+         !(has_multiple_protocols && has_invalid_protocol)) {
     if (requested_set.count(token) == 0)
-      return false;
+      has_invalid_protocol = true;
+    if (++count > 1)
+      has_multiple_protocols = true;
+    last_token = token;
+  }
 
-    *sub_protocol = token;
-    // The server is only allowed to accept one protocol.
-    if (++accepted > 1)
-      return false;
+  if (has_multiple_protocols) {
+    *failure_message = MultipleHeaderValues(websockets::kSecWebSocketProtocol);
+    return false;
+  } else if (count > 0 && requested_sub_protocols.size() == 0) {
+    *failure_message =
+        std::string("Response must not include 'Sec-WebSocket-Protocol' "
+                    "header if not present in request: ")
+        + last_token;
+    return false;
+  } else if (has_invalid_protocol) {
+    *failure_message =
+        "'Sec-WebSocket-Protocol' header value '" +
+        last_token +
+        "' in response does not match any of sent values";
+    return false;
+  } else if (requested_sub_protocols.size() > 0 && count == 0) {
+    *failure_message =
+        "Sent non-empty 'Sec-WebSocket-Protocol' header "
+        "but no response was received";
+    return false;
   }
-  // If the browser requested > 0 protocols, the server is required to accept
-  // one.
-  return requested_set.empty() || accepted == 1;
+  *sub_protocol = last_token;
+  return true;
 }
 
-bool ValidateExtensions(const scoped_refptr<HttpResponseHeaders>& headers,
+bool ValidateExtensions(const HttpResponseHeaders* headers,
                         const std::vector<std::string>& requested_extensions,
-                        std::string* extensions) {
+                        std::string* extensions,
+                        std::string* failure_message) {
   void* state = NULL;
   std::string token;
   while (headers->EnumerateHeader(
       &state, websockets::kSecWebSocketExtensions, &token)) {
+    WebSocketExtensionParser parser;
+    parser.Parse(token);
+    if (parser.has_error()) {
+      // TODO(yhirano) Set appropriate failure message.
+      *failure_message =
+          "'WebSocket-Extensions' header value is rejected by the parser: " +
+          token;
+      return false;
+    }
     // TODO(ricea): Accept permessage-deflate with valid parameters.
+    *failure_message =
+        "Found an unsupported extension '" +
+        parser.extension().name() +
+        "' in 'Sec-WebSocket-Extensions' header";
     return false;
   }
   return true;
 }
 
 }  // namespace
 
 WebSocketBasicHandshakeStream::WebSocketBasicHandshakeStream(
     scoped_ptr<ClientSocketHandle> connection,
     bool using_proxy,
@@ skipping 147 matching lines @@
                                state_.read_buf(),
                                sub_protocol_,
                                extensions_));
 }
 
 void WebSocketBasicHandshakeStream::SetWebSocketKeyForTesting(
     const std::string& key) {
   handshake_challenge_for_testing_.reset(new std::string(key));
 }
 
+std::string WebSocketBasicHandshakeStream::FailureMessage() const {
+  return failure_message_;
+}
+
 void WebSocketBasicHandshakeStream::ReadResponseHeadersCallback(
     const CompletionCallback& callback,
     int result) {
   if (result == OK)
     result = ValidateResponse();
   callback.Run(result);
 }
 
 int WebSocketBasicHandshakeStream::ValidateResponse() {
   DCHECK(http_response_info_);
   const scoped_refptr<HttpResponseHeaders>& headers =
       http_response_info_->headers;
 
   switch (headers->response_code()) {
     case HTTP_SWITCHING_PROTOCOLS:
       return ValidateUpgradeResponse(headers);
 
     // We need to pass these through for authentication to work.
     case HTTP_UNAUTHORIZED:
     case HTTP_PROXY_AUTHENTICATION_REQUIRED:
       return OK;
 
     // Other status codes are potentially risky (see the warnings in the
     // WHATWG WebSocket API spec) and so are dropped by default.
     default:
+      failure_message_ = base::StringPrintf("Unexpected status code: %d",
+                                            headers->response_code());
       return ERR_INVALID_RESPONSE;
   }
 }
 
 int WebSocketBasicHandshakeStream::ValidateUpgradeResponse(
     const scoped_refptr<HttpResponseHeaders>& headers) {
-  if (ValidateSingleTokenHeader(headers,
-                                websockets::kUpgrade,
-                                websockets::kWebSocketLowercase,
-                                false) &&
-      ValidateSingleTokenHeader(headers,
-                                websockets::kSecWebSocketAccept,
-                                handshake_challenge_response_,
-                                true) &&
-      headers->HasHeaderValue(HttpRequestHeaders::kConnection,
-                              websockets::kUpgrade) &&
-      ValidateSubProtocol(headers, requested_sub_protocols_, &sub_protocol_) &&
-      ValidateExtensions(headers, requested_extensions_, &extensions_)) {
+  if (ValidateUpgrade(headers.get(), &failure_message_) &&
+      ValidateSecWebSocketAccept(headers.get(),
+                                 handshake_challenge_response_,
+                                 &failure_message_) &&
+      ValidateConnection(headers.get(), &failure_message_) &&
+      ValidateSubProtocol(headers.get(),
+                          requested_sub_protocols_,
+                          &sub_protocol_,
+                          &failure_message_) &&
+      ValidateExtensions(headers.get(),
+                         requested_extensions_,
+                         &extensions_,
+                         &failure_message_)) {
     return OK;
   }
+  failure_message_ = "Error during WebSocket handshake: " + failure_message_;
   return ERR_INVALID_RESPONSE;
 }
 
 }  // namespace net