13 Commits

Author SHA1 Message Date
icy17
628f39bb90 ws: fix potential NULL pointer dereference 2024-08-12 10:02:49 +02:00
Dmitry Ilyin
00c94beaf0 ws: allow Upgrade in Connection header anywhere
This will make it work for Firefox, which uses "Connection: keep-alive, Upgrade"
Reimplemented our own evutil_ascii_strcasestr function (same as
non-portable strcasestr)
2024-07-27 09:18:10 +03:00
Calin Culianu
15b9b6f019
Apply suggestions from code review
Co-authored-by: Azat Khuzhin <a3at.mail@gmail.com>
2023-10-17 12:45:33 +03:00
Calin Culianu
b828c4ab41
Added 10MiB recv limit for WS frames, also a small nit
- Added WS_MAX_RECV_FRAME_SZ, if a received frame exceeds this limit (10
  MiB), error out. This is a DoS prevention measure.
- Also redid the unmasking code in get_ws_frame(), to avoid assumptions
  about the size of an unsigned int and some casting, and avoid
  memcpy(), just use the mask bytes from the buffer that are already there
  to unmask.
2023-10-16 15:25:12 +03:00
Calin Culianu
7fbbe86ff3
Fix unaligned access + missing frame length
get_ws_frame:
  - had potentially unaligned access; fixed.
  - was not reading the full 8 bytes in the 64-bit case (was using the
    incorrect htons); fixed.
make_ws_frame:
  - wasn't writing the length in the 8-byte case.

Also switched both functions to use size_t rather than int where
appropriate.
2023-10-15 23:50:50 +03:00
DmiTriy Fedchenko
0797e20783 Fixed misaligned address access 2023-09-02 21:57:09 +02:00
Dmitry Ilyin
f39ad1c494
ws: replace evws_send with evws_send_text/evws_send_binary (ABI breakage) (#1500)
Replace evws_send with evws_send_text, and introduce new API -
evws_send_binary, that can be used to send binary frames.

But note, that this commit breaks the ABI compatibility, but it should be OK,
since there was only alpha release with evws_send, and nobody should rely on
this, and I hope nobody does (we decided to go this way to avoid supporting
deprecated API).
2023-08-31 21:38:41 +02:00
Azat Khuzhin
56d380b9b6 ws: ignore case while comparing values of Upgrade/Connection headers
Cc: @widgetii
Fixes: #1373
2022-11-12 18:46:43 +01:00
Leon George
3ec3b469b8
ws: fix compile error on centos 7 - very old compiler (#1359)
* http: fix typo

* ws: fix comile error

On CentOS:

  CC       ws.lo
ws.c: In function 'get_ws_frame':
ws.c:244:3: error: 'for' loop initial declarations are only allowed in C99 mode
   for (int i = 0; i < payload_len; i++) {
   ^
ws.c:244:3: note: use option -std=c99 or -std=gnu99 to compile your code
2022-10-23 14:47:23 +03:00
Dmitry Ilyin
e8f5a61d6d Remove bad copy-paste 2022-10-12 22:15:21 +03:00
Dmitry Ilyin
c2ecb4acb5 Add locks for server WS, fixes #1357 2022-10-12 14:13:44 +03:00
Dmitry Ilyin
53f9c42095 Fix conflict with SHA1 function from openssl 2022-09-14 23:10:55 +03:00
Dmitry Ilyin
e8313084f9
Add minimal WebSocket server implementation for evhttp (#1322)
This adds few functions to use evhttp-based webserver to handle incoming
WebSockets connections. We've tried to use both libevent and libwebsockets in
our application, but found that we need to have different ports at the same
time to handle standard HTTP and WebSockets traffic. This change can help to
stick only with libevent library.

Implementation was inspired by modified Libevent source code in ipush project
[1].

  [1]: https://github.com/sqfasd/ipush/tree/master/deps/libevent-2.0.21-stable

Also, WebSocket-based chat server was added as a sample.
2022-09-12 22:16:56 +03:00