WebSocketBasicStream framing logic

net/websockets/websocket_basic_stream.cc

+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/websockets/websocket_basic_stream.h"
+
+#include <algorithm>
+#include <limits>
+#include <string>
+#include <vector>
+
+#include "base/base64.h"
+#include "base/basictypes.h"
+#include "base/bind.h"
+#include "base/rand_util.h"
+#include "base/safe_numerics.h"
+#include "base/sha1.h"
+#include "base/strings/string_util.h"
+#include "base/strings/stringprintf.h"
+#include "googleurl/src/url_canon.h"
+#include "net/base/io_buffer.h"
+#include "net/base/load_flags.h"
+#include "net/http/http_request_headers.h"
+#include "net/http/http_request_info.h"
+#include "net/http/http_response_headers.h"
+#include "net/http/http_stream_parser.h"
+#include "net/http/http_util.h"
+#include "net/socket/client_socket_handle.h"
+#include "net/websockets/websocket_errors.h"
+#include "net/websockets/websocket_frame.h"
+#include "net/websockets/websocket_frame_parser.h"
+
+namespace net {
+
+namespace {
+
+// The number of bytes to attempt to read at a time.
+// TODO(ricea): See if there is a better number. Should it start small, and get
+// bigger if needed?
+const int kReadAtATime = 32 * 1024;
+
+// RFC6455 only requires HTTP/1.1 "or better" but in practice an HTTP version
+// other than 1.1 should not occur in a WebSocket handshake.
+const char kWebSocketUpgradeOkStatusLineStartsWith[] = "HTTP/1.1 101 ";
+
+// The Sec-WebSockey-Key challenge is 16 random bytes, base64 encoded.
+const size_t kRawChallengeLength = 16;
+
+// TODO(ricea): Define all these constants in one central place

[tyoshino (SeeGerritForStatus), 2013/08/01 04:47:52]

yes. you can split this into a cl adding a file containing WebSocket protocol
constants. it's nice if you also replace string literal occurrence of protocol
constants in Chromium code base with them.

+const char kSecWebSocketProtocol[] = "Sec-WebSocket-Protocol";
+const char kSecWebSocketExtensions[] = "Sec-WebSocket-Extensions";
+const char kSecWebSocketKey[] = "Sec-WebSocket-Key";
+const char kSecWebSocketAccept[] = "Sec-WebSocket-Accept";
+const char kUpgrade[] = "Upgrade";
+const char kConnection[] = "Connection";
+const char kWebSocketToken[] = "websocket";
+const char kWebSocketGuid[] = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
+
+inline bool CaseInsensitiveLessASCII(char lhs, char rhs) {
+  return base::ToLowerASCII(lhs) < base::ToLowerASCII(rhs);
+}
+
+}  // namespace
+
+struct WebSocketBasicStream::HandshakeData {
+ public:
+  HandshakeData() : http_response_info(NULL) {}
+  ~HandshakeData() {}
+
+  // HTTP implementation, used for the handshake.
+  scoped_ptr<HttpStreamParser> http_parser;
+
+  // Only used during handshake
+  scoped_ptr<HttpRequestInfo> http_request_info;
+
+  // Owned by the caller of SendHandshakeRequest.
+  HttpResponseInfo* http_response_info;
+
+  // The expected value for the Sec-WebSocket-Accept header, extracted from the
+  // request headers.
+  std::string handshake_response;
+
+  // The extensions that were requested.
+  std::vector<std::string> requested_extensions;
+
+  // The sub-protocols that were requested.
+  std::vector<std::string> requested_sub_protocols;
+
+ private:
+  DISALLOW_COPY_AND_ASSIGN(HandshakeData);
+};
+
+struct WebSocketBasicStream::ParseRequestHeadersArg {
+  std::string key;
+  std::vector<std::string>* tokens;
+  bool operator<(const ParseRequestHeadersArg& rhs) const;
+};
+
+WebSocketBasicStream::WebSocketBasicStream(
+    scoped_ptr<ClientSocketHandle> connection)
+    : read_buffer_(new IOBufferWithSize(kReadAtATime)),
+      connection_(connection.Pass()) {}
+
+WebSocketBasicStream::~WebSocketBasicStream() {
+  connection_->socket()->Disconnect();
+}
+
+int WebSocketBasicStream::ReadFrames(
+    ScopedVector<WebSocketFrameChunk>* frame_chunks,
+    const CompletionCallback& callback) {
+  DCHECK(frame_chunks->empty());
+  // If there is data left over after parsing the HTTP headers, attempt to parse
+  // it as WebSocket frames.
+  if (http_read_buffer_) {
+    DCHECK_GE(http_read_buffer_->offset(), 0);
+    if (!parser_.Decode(http_read_buffer_->data(),
+                        http_read_buffer_->offset(),
+                        frame_chunks)) {
+      http_read_buffer_ = NULL;
+      return WebSocketErrorToNetError(parser_.websocket_error());
+    }
+    http_read_buffer_ = NULL;
+  }
+  // Loop until we either have at least one chunk to return, or we get
+  // ERR_IO_PENDING, or something goes wrong.
+  while (frame_chunks->empty()) {
+    // This use of base::Unretained() is safe because WebSocketChannel will
+    // delete us before deleting frame_chunks.
+    int result =
+        connection_->socket()->Read(read_buffer_.get(),
+                                    read_buffer_->size(),
+                                    base::Bind(&WebSocketBasicStream::ReadDone,
+                                               base::Unretained(this),
+                                               base::Unretained(frame_chunks),
+                                               callback));
+    if (result > 0) {
+      if (!parser_.Decode(read_buffer_->data(), result, frame_chunks)) {
+        return WebSocketErrorToNetError(parser_.websocket_error());
+      }
+    } else if (result == 0 && frame_chunks->empty()) {
+      return ERR_CONNECTION_CLOSED;
+    } else {
+      return result;
+    }
+  }
+  return OK;
+}
+
+void WebSocketBasicStream::ReadDone(
+    ScopedVector<WebSocketFrameChunk>* frame_chunks,
+    const CompletionCallback& callback,
+    int result) {
+  if (result > 0) {
+    if (parser_.Decode(read_buffer_->data(), result, frame_chunks)) {
+      if (!frame_chunks->empty()) {
+        callback.Run(OK);
+      } else {
+        result = ReadFrames(frame_chunks, callback);
+        if (result == ERR_IO_PENDING) {
+          // We will be called back again.
+          return;
+        }
+      }
+    } else {
+      result = WebSocketErrorToNetError(parser_.websocket_error());
+    }
+  }
+  if (result == 0 && frame_chunks->empty()) {
+    result = ERR_CONNECTION_CLOSED;
+  }
+  DCHECK_NE(ERR_IO_PENDING, result);
+  callback.Run(result);
+}
+
+int WebSocketBasicStream::WriteFrames(
+    ScopedVector<WebSocketFrameChunk>* frame_chunks,
+    const CompletionCallback& callback) {
+  // This function always concatenates all frames into a single buffer.
+  // TODO(ricea): Investigate whether it would be better in some cases to
+  // perform multiple writes with smaller buffers.
+  //
+  // First calculate the size of the buffer we need to allocate.
+  typedef ScopedVector<WebSocketFrameChunk>::const_iterator Iterator;
+  int total_size = 0;
+  for (Iterator it = frame_chunks->begin(); it != frame_chunks->end(); ++it) {
+    WebSocketFrameChunk* chunk = *it;
+    DCHECK(chunk->header && chunk->final_chunk)
+        << "Only complete frames are supported by WebSocketBasicStream";
+    // Force the masked bit on.
+    chunk->header->masked = true;
+    // We enforce flow control so the renderer should never be able to force us
+    // to cache anywhere near 2GB of frames.
+    int chunk_size =
+        chunk->data->size() + GetWebSocketFrameHeaderSize(*(chunk->header));
+    CHECK_GE(std::numeric_limits<int>::max() - total_size, chunk_size)
+        << "Aborting to prevent overflow";
+    total_size += chunk_size;
+  }
+  scoped_refptr<IOBufferWithSize> total(new IOBufferWithSize(total_size));
+  char* data = total->data();
+  int remaining_size = total_size;
+  for (Iterator it = frame_chunks->begin(); it != frame_chunks->end(); ++it) {
+    WebSocketFrameChunk* chunk = *it;
+    WebSocketMaskingKey mask = GenerateWebSocketMaskingKey();
+    int result = WriteWebSocketFrameHeader(
+        *(chunk->header), &mask, data, remaining_size);
+    DCHECK(result != ERR_INVALID_ARGUMENT)
+        << "WriteWebSocketFrameHeader() says that " << remaining_size
+        << " is not enough to write the header in. This should not happen.";
+    CHECK_GE(result, 0) << "Potentially security-critical check failed";
+    data += result;
+    remaining_size -= result;
+    const char* const frame_data = chunk->data->data();
+    const int frame_size = chunk->data->size();
+    CHECK_GE(remaining_size, frame_size);
+    std::copy(frame_data, frame_data + frame_size, data);
+    MaskWebSocketFramePayload(mask, 0, data, frame_size);
+    data += frame_size;
+    remaining_size -= frame_size;
+  }
+  DCHECK_EQ(0, remaining_size) << "Buffer size calculation was wrong; "
+                               << remaining_size << " bytes left over.";
+  scoped_refptr<DrainableIOBuffer> drainable_buffer(
+      new DrainableIOBuffer(total, total_size));
+  return WriteEverything(drainable_buffer, callback);
+}
+
+int WebSocketBasicStream::WriteEverything(
+    const scoped_refptr<DrainableIOBuffer>& buffer,
+    const CompletionCallback& callback) {
+  while (buffer->BytesRemaining() > 0) {
+    // The use of base::Unretained() here is safe because on destruction we
+    // disconnect the socket, preventing any further callbacks.
+    int result = connection_->socket()
+        ->Write(buffer.get(),
+                buffer->BytesRemaining(),
+                base::Bind(&WebSocketBasicStream::WriteDone,
+                           base::Unretained(this),
+                           buffer,
+                           callback));
+    if (result > 0) {
+      buffer->DidConsume(result);
+    } else {
+      return result;
+    }
+  }
+  return OK;
+}
+
+void WebSocketBasicStream::WriteDone(
+    const scoped_refptr<DrainableIOBuffer>& buffer,
+    const CompletionCallback& callback,
+    int result) {
+  if (result > 0) {
+    buffer->DidConsume(result);
+    if (buffer->BytesRemaining() > 0) {
+      int result = WriteEverything(buffer, callback);
+      if (result != ERR_IO_PENDING) {
+        callback.Run(result);
+      }
+    }
+  }
+}
+
+void WebSocketBasicStream::Close() { connection_->socket()->Disconnect(); }
+
+std::string WebSocketBasicStream::GetSubProtocol() const {
+  return sub_protocol_;
+}
+
+std::string WebSocketBasicStream::GetExtensions() const { return extensions_; }
+
+std::string GenerateHandshakeChallenge() {
+  std::string raw_challenge = base::RandBytesAsString(kRawChallengeLength);
+  std::string encoded_challenge;
+  bool encode_success = base::Base64Encode(raw_challenge, &encoded_challenge);
+  DCHECK(encode_success);
+  return encoded_challenge;
+}
+
+// TODO(ricea): Factor this and the implementation in
+// websocket_handshake_handler.cc (and maybe the one in net/server as well) out
+// into a single utility class.
+std::string GenerateHandshakeResponse(std::string challenge) {
+  challenge += kWebSocketGuid;
+  std::string hash = base::SHA1HashString(challenge);
+  std::string websocket_accept;
+  bool encode_success = base::Base64Encode(hash, &websocket_accept);
+  DCHECK(encode_success);
+  return websocket_accept;
+}
+
+int WebSocketBasicStream::SendHandshakeRequest(
+    const GURL& url,
+    const HttpRequestHeaders& headers,
+    HttpResponseInfo* response_info,
+    const CompletionCallback& callback) {
+  DCHECK(!headers.HasHeader(kSecWebSocketKey))
+      << "The caller of SendHandshakeRequest included a Sec-WebSocket-Key "
+      << "header. They are not supposed to do that.";
+  http_read_buffer_ = new GrowableIOBuffer;
+  scoped_ptr<HttpRequestInfo> info(new HttpRequestInfo);
+  info->url = url;
+  // TODO(ricea): WTF does using_proxy come from?
+  bool using_proxy = false;
+  // TODO(ricea): See comment below.
+  info->method = using_proxy ? "CONNECT" : HttpRequestHeaders::kGetMethod;
+  // TODO(ricea): Double-check these flags
+  info->load_flags = LOAD_VERIFY_EV_CERT | LOAD_DISABLE_CACHE;
+  info->motivation = HttpRequestInfo::NORMAL_MOTIVATION;
+  bool enable_privacy_mode = true;
+  // TODO(ricea): Somehow make this work
+  // if (context_ && context_->network_delegate()) {
+  //   enable_privacy_mode =
+  //       context_->network_delegate()->CanEnablePrivacyMode(url_, url_);
+  // }
+  info->privacy_mode =
+      enable_privacy_mode ? kPrivacyModeEnabled : kPrivacyModeDisabled;
+  handshake_data_->http_request_info = info.Pass();
+  ParseRequestHeadersArg args[] = {
+    {kSecWebSocketProtocol, &(handshake_data_->requested_sub_protocols)},
+    {kSecWebSocketExtensions, &(handshake_data_->requested_extensions)},
+  };
+  ParseRequestHeaders(headers, args, arraysize(args));
+
+  // TODO(ricea): Where is this supposed to come from?
+  BoundNetLog net_log;
+
+  handshake_data_->http_parser
+      .reset(new HttpStreamParser(connection_.get(),
+                                  handshake_data_->http_request_info.get(),
+                                  http_read_buffer_.get(),
+                                  net_log));
+  // Create a new URL which is identical except that the scheme is changed from
+  // ws: or wss: to http: or https:. For some reason this takes 6 lines of
+  // code. This is literally one of the most insane APIs I have ever used.
+  std::string new_scheme = url.SchemeIsSecure() ? "https" : "http";
+  url_canon::Replacements<char> replacements;
+  url_parse::Component comp;
+  comp.len = base::checked_numeric_cast<int>(new_scheme.length());
+  replacements.SetScheme(new_scheme.c_str(), comp);
+  GURL httpified_url = url.ReplaceComponents(replacements);
+  // TODO(ricea): The proxy case. In this case we need to send two sets of
+  // headers, eg.
+  //
+  // CONNECT www.google.com:80 HTTP/1.1
+  // Host: www.google.com:80
+  // Proxy-Authorization: basic aGVsbG86d29ybGQ
+  //
+  // GET /ws_endpoint?type=text HTTP/1.1
+  // Host: www.google.com:80
+  // Cookie: ...
+  //
+  // Or maybe we won't be called until the proxy tunnel has already been
+  // established and we just send headers as normal.
+  const std::string path = HttpUtil::PathForRequest(httpified_url);
+  std::string request_line =
+      base::StringPrintf("%s %s HTTP/1.1\r\n",
+                         handshake_data_->http_request_info->method.c_str(),
+                         path.c_str());
+  handshake_data_->http_response_info = response_info;
+
+  // Create a new header object, so that we can add the Sec-WebSockey-Key
+  // header.
+  HttpRequestHeaders enriched_headers;
+  enriched_headers.CopyFrom(headers);
+  std::string handshake_challenge = GenerateHandshakeChallenge();
+  enriched_headers.SetHeader(kSecWebSocketKey, handshake_challenge);
+  handshake_data_->handshake_response =
+      GenerateHandshakeResponse(handshake_challenge);
+  return handshake_data_->http_parser
+      ->SendRequest(request_line, headers, response_info, callback);
+}
+
+int WebSocketBasicStream::ReadHandshakeResponse(
+    const CompletionCallback& callback) {
+  // TODO(ricea): Find a justification for this use of base::Unretained.
+  int result = handshake_data_->http_parser->ReadResponseHeaders(base::Bind(
+      &WebSocketBasicStream::HandshakeDone, base::Unretained(this), callback));
+  if (result == OK) {
+    result = ProcessHandshake();
+  }
+  return result;
+}
+
+bool WebSocketBasicStream::ParseRequestHeadersArg::operator<(
+    const ParseRequestHeadersArg& rhs) const {
+  return std::lexicographical_compare(key.begin(),
+                                      key.end(),
+                                      rhs.key.begin(),
+                                      rhs.key.end(),
+                                      CaseInsensitiveLessASCII);
+}
+
+void WebSocketBasicStream::ParseRequestHeaders(
+    const HttpRequestHeaders& headers,
+    ParseRequestHeadersArg args[],
+    size_t count) {
+  ParseRequestHeadersArg* begin = args;
+  ParseRequestHeadersArg* end = args + count;
+  std::sort(begin, end);  // Sort so we can do binary search.
+  HttpRequestHeaders::Iterator it(headers);
+  while (it.GetNext()) {
+    ParseRequestHeadersArg needle = {std::string(it.name()), NULL};
+    ParseRequestHeadersArg* answer = std::lower_bound(begin, end, needle);
+    if (answer != end) {
+      DCHECK(!HttpUtil::IsNonCoalescingHeader(it.name()));
+      const std::string& value = it.value();
+      HttpUtil::ValuesIterator value_it(value.begin(), value.end(), ',');
+      while (value_it.GetNext()) {
+        answer->tokens->push_back(value_it.value());
+      }
+    }
+  }
+}
+
+void WebSocketBasicStream::HandshakeDone(const CompletionCallback& callback,
+                                         int result) {
+  if (result == OK) {
+    result = ProcessHandshake();
+  }
+  callback.Run(result);
+}
+
+bool WebSocketBasicStream::ValidateSingleTokenHeader(
+    const scoped_refptr<HttpResponseHeaders>& headers,
+    const base::StringPiece& name,
+    const std::string& value) {
+  void* state = NULL;
+  std::string token;
+  int tokens = 0;
+  bool has_value = false;
+  while (headers->EnumerateHeader(&state, name, &token)) {
+    if (++tokens > 1) {
+      return false;
+    }
+    has_value = LowerCaseEqualsASCII(value, token.c_str());
+  }
+  return has_value;
+}
+
+bool WebSocketBasicStream::ValidateUpgradeResponseHeader(
+    const scoped_refptr<HttpResponseHeaders>& headers) {
+  return ValidateSingleTokenHeader(headers, kUpgrade, kWebSocketToken);
+}
+
+bool WebSocketBasicStream::ValidateSecWebSocketAcceptResponseHeader(
+    const scoped_refptr<HttpResponseHeaders>& headers) {
+  return ValidateSingleTokenHeader(
+      headers, kSecWebSocketAccept, handshake_data_->handshake_response);
+}
+
+int WebSocketBasicStream::ProcessHandshake() {

[tyoshino (SeeGerritForStatus), 2013/08/01 04:47:52]

consider splitting handshake processing code or starting with incomplete code
e.g. just framing or just handshake leaving the other unimplemented. it would be
easier to review. it's totally fine since they're not live yet.

+  DCHECK(handshake_data_);
+  DCHECK(handshake_data_->http_request_info);
+  DCHECK(handshake_data_->http_response_info);
+  DCHECK(handshake_data_->http_response_info->headers);
+  const scoped_refptr<HttpResponseHeaders>& headers =
+      handshake_data_->http_response_info->headers;
+  if (!StartsWithASCII(headers->GetStatusLine(),
+                       kWebSocketUpgradeOkStatusLineStartsWith,
+                       true)) {
+    // TODO(ricea): Would a more specific error be better?
+    return ERR_INVALID_RESPONSE;
+  }
+  // There must be an exact case-insensitive match for "Upgrade: websocket"
+  // Look at the tokenised Upgrade: header, ensure it has exactly one token and
+  // that token is "websocket"
+  if (!ValidateUpgradeResponseHeader(headers)) {
+    return ERR_INVALID_RESPONSE;
+  }
+  // The Connection header field must contain a an "upgrade" token.
+  if (!headers->HasHeaderValue(HttpRequestHeaders::kConnection, kUpgrade)) {
+    return ERR_INVALID_RESPONSE;
+  }
+  // Sec-WebSocket-Accept contains the correct challenge response.
+  if (!ValidateSecWebSocketAcceptResponseHeader(headers)) {
+    return ERR_INVALID_RESPONSE;
+  }
+
+  handshake_data_.reset();
+  if (http_read_buffer_->offset() == 0) {
+    http_read_buffer_ = NULL;
+  }
+  return OK;
+}
+
+}  // namespace net