1/* 2 * libwebsockets - small server side websockets and web server implementation 3 * 4 * Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com> 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to 8 * deal in the Software without restriction, including without limitation the 9 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 10 * sell copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 22 * IN THE SOFTWARE. 23 */ 24 25#include "private-lib-core.h" 26 27/* 28 * parsers.c: lws_ws_rx_sm() needs to be roughly kept in 29 * sync with changes here, esp related to ext draining 30 */ 31 32int lws_ws_client_rx_sm(struct lws *wsi, unsigned char c) 33{ 34 int callback_action = LWS_CALLBACK_CLIENT_RECEIVE; 35 struct lws_ext_pm_deflate_rx_ebufs pmdrx; 36 unsigned short close_code; 37 unsigned char *pp; 38 int handled, m, n; 39#if !defined(LWS_WITHOUT_EXTENSIONS) 40 int rx_draining_ext = 0; 41#endif 42 43 pmdrx.eb_in.token = NULL; 44 pmdrx.eb_in.len = 0; 45 pmdrx.eb_out.token = NULL; 46 pmdrx.eb_out.len = 0; 47 48#if !defined(LWS_WITHOUT_EXTENSIONS) 49 if (wsi->ws->rx_draining_ext) { 50 assert(!c); 51 52 lws_remove_wsi_from_draining_ext_list(wsi); 53 rx_draining_ext = 1; 54 lwsl_wsi_debug(wsi, "doing draining flow"); 55 56 goto drain_extension; 57 } 58#endif 59 60 switch (wsi->lws_rx_parse_state) { 61 case LWS_RXPS_NEW: 62 /* control frames (PING) may interrupt checkable sequences */ 63 wsi->ws->defeat_check_utf8 = 0; 64 65 switch (wsi->ws->ietf_spec_revision) { 66 case 13: 67 wsi->ws->opcode = c & 0xf; 68 /* revisit if an extension wants them... */ 69 switch (wsi->ws->opcode) { 70 case LWSWSOPC_TEXT_FRAME: 71 wsi->ws->rsv_first_msg = (c & 0x70); 72#if !defined(LWS_WITHOUT_EXTENSIONS) 73 /* 74 * set the expectation that we will have to 75 * fake up the zlib trailer to the inflator for 76 * this frame 77 */ 78 wsi->ws->pmd_trailer_application = !!(c & 0x40); 79#endif 80 wsi->ws->continuation_possible = 1; 81 wsi->ws->check_utf8 = lws_check_opt( 82 wsi->a.context->options, 83 LWS_SERVER_OPTION_VALIDATE_UTF8); 84 wsi->ws->utf8 = 0; 85 wsi->ws->first_fragment = 1; 86 break; 87 case LWSWSOPC_BINARY_FRAME: 88 wsi->ws->rsv_first_msg = (c & 0x70); 89#if !defined(LWS_WITHOUT_EXTENSIONS) 90 /* 91 * set the expectation that we will have to 92 * fake up the zlib trailer to the inflator for 93 * this frame 94 */ 95 wsi->ws->pmd_trailer_application = !!(c & 0x40); 96#endif 97 wsi->ws->check_utf8 = 0; 98 wsi->ws->continuation_possible = 1; 99 wsi->ws->first_fragment = 1; 100 break; 101 case LWSWSOPC_CONTINUATION: 102 if (!wsi->ws->continuation_possible) { 103 lwsl_wsi_info(wsi, "disordered continuation"); 104 return -1; 105 } 106 wsi->ws->first_fragment = 0; 107 break; 108 case LWSWSOPC_CLOSE: 109 wsi->ws->check_utf8 = 0; 110 wsi->ws->utf8 = 0; 111 break; 112 case 3: 113 case 4: 114 case 5: 115 case 6: 116 case 7: 117 case 0xb: 118 case 0xc: 119 case 0xd: 120 case 0xe: 121 case 0xf: 122 lwsl_wsi_info(wsi, "illegal opcode"); 123 return -1; 124 default: 125 wsi->ws->defeat_check_utf8 = 1; 126 break; 127 } 128 wsi->ws->rsv = (c & 0x70); 129 /* revisit if an extension wants them... */ 130 if ( 131#if !defined(LWS_WITHOUT_EXTENSIONS) 132 !wsi->ws->count_act_ext && 133#endif 134 wsi->ws->rsv) { 135 lwsl_wsi_info(wsi, "illegal rsv bits set"); 136 return -1; 137 } 138 wsi->ws->final = !!((c >> 7) & 1); 139 lwsl_wsi_ext(wsi, " This RX frame Final %d", 140 wsi->ws->final); 141 142 if (wsi->ws->owed_a_fin && 143 (wsi->ws->opcode == LWSWSOPC_TEXT_FRAME || 144 wsi->ws->opcode == LWSWSOPC_BINARY_FRAME)) { 145 lwsl_wsi_info(wsi, "hey you owed us a FIN"); 146 return -1; 147 } 148 if ((!(wsi->ws->opcode & 8)) && wsi->ws->final) { 149 wsi->ws->continuation_possible = 0; 150 wsi->ws->owed_a_fin = 0; 151 } 152 153 if ((wsi->ws->opcode & 8) && !wsi->ws->final) { 154 lwsl_wsi_info(wsi, "control msg can't be fragmented"); 155 return -1; 156 } 157 if (!wsi->ws->final) 158 wsi->ws->owed_a_fin = 1; 159 160 switch (wsi->ws->opcode) { 161 case LWSWSOPC_TEXT_FRAME: 162 case LWSWSOPC_BINARY_FRAME: 163 wsi->ws->frame_is_binary = wsi->ws->opcode == 164 LWSWSOPC_BINARY_FRAME; 165 break; 166 } 167 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN; 168 break; 169 170 default: 171 lwsl_wsi_err(wsi, "unknown spec version %02d", 172 wsi->ws->ietf_spec_revision); 173 break; 174 } 175 break; 176 177 case LWS_RXPS_04_FRAME_HDR_LEN: 178 179 wsi->ws->this_frame_masked = !!(c & 0x80); 180 if (wsi->ws->this_frame_masked) 181 goto server_cannot_mask; 182 183 switch (c & 0x7f) { 184 case 126: 185 /* control frames are not allowed to have big lengths */ 186 if (wsi->ws->opcode & 8) 187 goto illegal_ctl_length; 188 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2; 189 break; 190 case 127: 191 /* control frames are not allowed to have big lengths */ 192 if (wsi->ws->opcode & 8) 193 goto illegal_ctl_length; 194 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8; 195 break; 196 default: 197 wsi->ws->rx_packet_length = c & 0x7f; 198 if (wsi->ws->this_frame_masked) 199 wsi->lws_rx_parse_state = 200 LWS_RXPS_07_COLLECT_FRAME_KEY_1; 201 else { 202 if (wsi->ws->rx_packet_length) { 203 wsi->lws_rx_parse_state = 204 LWS_RXPS_WS_FRAME_PAYLOAD; 205 } else { 206 wsi->lws_rx_parse_state = LWS_RXPS_NEW; 207 goto spill; 208 } 209 } 210 break; 211 } 212 break; 213 214 case LWS_RXPS_04_FRAME_HDR_LEN16_2: 215 wsi->ws->rx_packet_length = (size_t)((unsigned int)c << 8); 216 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1; 217 break; 218 219 case LWS_RXPS_04_FRAME_HDR_LEN16_1: 220 wsi->ws->rx_packet_length |= c; 221 if (wsi->ws->this_frame_masked) 222 wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_1; 223 else { 224 if (wsi->ws->rx_packet_length) 225 wsi->lws_rx_parse_state = 226 LWS_RXPS_WS_FRAME_PAYLOAD; 227 else { 228 wsi->lws_rx_parse_state = LWS_RXPS_NEW; 229 goto spill; 230 } 231 } 232 break; 233 234 case LWS_RXPS_04_FRAME_HDR_LEN64_8: 235 if (c & 0x80) { 236 lwsl_wsi_warn(wsi, "b63 of length must be zero"); 237 /* kill the connection */ 238 return -1; 239 } 240#if defined __LP64__ 241 wsi->ws->rx_packet_length = ((size_t)c) << 56; 242#else 243 wsi->ws->rx_packet_length = 0; 244#endif 245 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7; 246 break; 247 248 case LWS_RXPS_04_FRAME_HDR_LEN64_7: 249#if defined __LP64__ 250 wsi->ws->rx_packet_length |= ((size_t)c) << 48; 251#endif 252 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6; 253 break; 254 255 case LWS_RXPS_04_FRAME_HDR_LEN64_6: 256#if defined __LP64__ 257 wsi->ws->rx_packet_length |= ((size_t)c) << 40; 258#endif 259 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5; 260 break; 261 262 case LWS_RXPS_04_FRAME_HDR_LEN64_5: 263#if defined __LP64__ 264 wsi->ws->rx_packet_length |= ((size_t)c) << 32; 265#endif 266 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4; 267 break; 268 269 case LWS_RXPS_04_FRAME_HDR_LEN64_4: 270 wsi->ws->rx_packet_length |= ((size_t)c) << 24; 271 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3; 272 break; 273 274 case LWS_RXPS_04_FRAME_HDR_LEN64_3: 275 wsi->ws->rx_packet_length |= ((size_t)c) << 16; 276 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2; 277 break; 278 279 case LWS_RXPS_04_FRAME_HDR_LEN64_2: 280 wsi->ws->rx_packet_length |= ((size_t)c) << 8; 281 wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1; 282 break; 283 284 case LWS_RXPS_04_FRAME_HDR_LEN64_1: 285 wsi->ws->rx_packet_length |= (size_t)c; 286 if (wsi->ws->this_frame_masked) 287 wsi->lws_rx_parse_state = 288 LWS_RXPS_07_COLLECT_FRAME_KEY_1; 289 else { 290 if (wsi->ws->rx_packet_length) 291 wsi->lws_rx_parse_state = 292 LWS_RXPS_WS_FRAME_PAYLOAD; 293 else { 294 wsi->lws_rx_parse_state = LWS_RXPS_NEW; 295 goto spill; 296 } 297 } 298 break; 299 300 case LWS_RXPS_07_COLLECT_FRAME_KEY_1: 301 wsi->ws->mask[0] = c; 302 if (c) 303 wsi->ws->all_zero_nonce = 0; 304 wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2; 305 break; 306 307 case LWS_RXPS_07_COLLECT_FRAME_KEY_2: 308 wsi->ws->mask[1] = c; 309 if (c) 310 wsi->ws->all_zero_nonce = 0; 311 wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3; 312 break; 313 314 case LWS_RXPS_07_COLLECT_FRAME_KEY_3: 315 wsi->ws->mask[2] = c; 316 if (c) 317 wsi->ws->all_zero_nonce = 0; 318 wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4; 319 break; 320 321 case LWS_RXPS_07_COLLECT_FRAME_KEY_4: 322 wsi->ws->mask[3] = c; 323 if (c) 324 wsi->ws->all_zero_nonce = 0; 325 326 if (wsi->ws->rx_packet_length) 327 wsi->lws_rx_parse_state = 328 LWS_RXPS_WS_FRAME_PAYLOAD; 329 else { 330 wsi->lws_rx_parse_state = LWS_RXPS_NEW; 331 goto spill; 332 } 333 break; 334 335 case LWS_RXPS_WS_FRAME_PAYLOAD: 336 337 assert(wsi->ws->rx_ubuf); 338#if !defined(LWS_WITHOUT_EXTENSIONS) 339 if (wsi->ws->rx_draining_ext) 340 goto drain_extension; 341#endif 342 if (wsi->ws->this_frame_masked && !wsi->ws->all_zero_nonce) 343 c ^= wsi->ws->mask[(wsi->ws->mask_idx++) & 3]; 344 345 /* 346 * unmask and collect the payload body in 347 * rx_ubuf_head + LWS_PRE 348 */ 349 350 wsi->ws->rx_ubuf[LWS_PRE + (wsi->ws->rx_ubuf_head++)] = c; 351 352 if (--wsi->ws->rx_packet_length == 0) { 353 /* spill because we have the whole frame */ 354 wsi->lws_rx_parse_state = LWS_RXPS_NEW; 355 lwsl_wsi_debug(wsi, "spilling as we have the whole frame"); 356 goto spill; 357 } 358 359 /* 360 * if there's no protocol max frame size given, we are 361 * supposed to default to context->pt_serv_buf_size 362 */ 363 if (!wsi->a.protocol->rx_buffer_size && 364 wsi->ws->rx_ubuf_head != wsi->a.context->pt_serv_buf_size) 365 break; 366 367 if (wsi->a.protocol->rx_buffer_size && 368 wsi->ws->rx_ubuf_head != wsi->a.protocol->rx_buffer_size) 369 break; 370 371 /* spill because we filled our rx buffer */ 372 373 lwsl_wsi_debug(wsi, "spilling as we filled our rx buffer"); 374spill: 375 376 handled = 0; 377 378 /* 379 * is this frame a control packet we should take care of at this 380 * layer? If so service it and hide it from the user callback 381 */ 382 383 switch (wsi->ws->opcode) { 384 case LWSWSOPC_CLOSE: 385 pp = &wsi->ws->rx_ubuf[LWS_PRE]; 386 if (lws_check_opt(wsi->a.context->options, 387 LWS_SERVER_OPTION_VALIDATE_UTF8) && 388 wsi->ws->rx_ubuf_head > 2 && 389 lws_check_utf8(&wsi->ws->utf8, pp + 2, 390 wsi->ws->rx_ubuf_head - 2)) 391 goto utf8_fail; 392 393 /* is this an acknowledgment of our close? */ 394 if (lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) { 395 /* 396 * fine he has told us he is closing too, let's 397 * finish our close 398 */ 399 lwsl_wsi_parser(wsi, "seen server's close ack"); 400 return -1; 401 } 402 403 lwsl_wsi_parser(wsi, "client sees server close len = %d", 404 (int)wsi->ws->rx_ubuf_head); 405 if (wsi->ws->rx_ubuf_head >= 2) { 406 close_code = (unsigned short)((pp[0] << 8) | pp[1]); 407 if (close_code < 1000 || 408 close_code == 1004 || 409 close_code == 1005 || 410 close_code == 1006 || 411 (close_code >= 1016 && close_code < 3000) 412 ) { 413 pp[0] = (LWS_CLOSE_STATUS_PROTOCOL_ERR >> 8) & 0xff; 414 pp[1] = LWS_CLOSE_STATUS_PROTOCOL_ERR & 0xff; 415 } 416 } 417 if (user_callback_handle_rxflow( 418 wsi->a.protocol->callback, wsi, 419 LWS_CALLBACK_WS_PEER_INITIATED_CLOSE, 420 wsi->user_space, pp, 421 wsi->ws->rx_ubuf_head)) 422 return -1; 423 424 memcpy(wsi->ws->ping_payload_buf + LWS_PRE, pp, 425 wsi->ws->rx_ubuf_head); 426 wsi->ws->close_in_ping_buffer_len = 427 (uint8_t)wsi->ws->rx_ubuf_head; 428 429 lwsl_wsi_info(wsi, "scheduling return close as ack"); 430 __lws_change_pollfd(wsi, LWS_POLLIN, 0); 431 lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_SEND, 3); 432 wsi->waiting_to_send_close_frame = 1; 433 wsi->close_needs_ack = 0; 434 lwsi_set_state(wsi, LRS_WAITING_TO_SEND_CLOSE); 435 lws_callback_on_writable(wsi); 436 handled = 1; 437 break; 438 439 case LWSWSOPC_PING: 440 lwsl_wsi_info(wsi, "received %d byte ping, sending pong", 441 (int)wsi->ws->rx_ubuf_head); 442 443 /* he set a close reason on this guy, ignore PING */ 444 if (wsi->ws->close_in_ping_buffer_len) 445 goto ping_drop; 446 447 if (wsi->ws->pong_pending_flag) { 448 /* 449 * there is already a pending pong payload 450 * we should just log and drop 451 */ 452 lwsl_wsi_parser(wsi, "DROP PING since one pending"); 453 goto ping_drop; 454 } 455 456 /* control packets can only be < 128 bytes long */ 457 if (wsi->ws->rx_ubuf_head > 128 - 3) { 458 lwsl_wsi_parser(wsi, "DROP PING payload too large"); 459 goto ping_drop; 460 } 461 462 /* stash the pong payload */ 463 memcpy(wsi->ws->pong_payload_buf + LWS_PRE, 464 &wsi->ws->rx_ubuf[LWS_PRE], 465 wsi->ws->rx_ubuf_head); 466 467 wsi->ws->pong_payload_len = (uint8_t)wsi->ws->rx_ubuf_head; 468 wsi->ws->pong_pending_flag = 1; 469 470 /* get it sent as soon as possible */ 471 lws_callback_on_writable(wsi); 472ping_drop: 473 wsi->ws->rx_ubuf_head = 0; 474 handled = 1; 475 break; 476 477 case LWSWSOPC_PONG: 478 lwsl_wsi_info(wsi, "Received pong"); 479 lwsl_hexdump_wsi_debug(wsi, &wsi->ws->rx_ubuf[LWS_PRE], 480 wsi->ws->rx_ubuf_head); 481 482 lws_validity_confirmed(wsi); 483 /* issue it */ 484 callback_action = LWS_CALLBACK_CLIENT_RECEIVE_PONG; 485 break; 486 487 case LWSWSOPC_CONTINUATION: 488 case LWSWSOPC_TEXT_FRAME: 489 case LWSWSOPC_BINARY_FRAME: 490 break; 491 492 default: 493 /* not handled or failed */ 494 lwsl_wsi_ext(wsi, "Unhandled ext opc 0x%x", wsi->ws->opcode); 495 wsi->ws->rx_ubuf_head = 0; 496 497 return -1; 498 } 499 500 /* 501 * No it's real payload, pass it up to the user callback. 502 * 503 * We have been statefully collecting it in the 504 * LWS_RXPS_WS_FRAME_PAYLOAD clause above. 505 * 506 * It's nicely buffered with the pre-padding taken care of 507 * so it can be sent straight out again using lws_write. 508 * 509 * However, now we have a chunk of it, we want to deal with it 510 * all here. Since this may be input to permessage-deflate and 511 * there are block limits on that for input and output, we may 512 * need to iterate. 513 */ 514 if (handled) 515 goto already_done; 516 517 pmdrx.eb_in.token = &wsi->ws->rx_ubuf[LWS_PRE]; 518 pmdrx.eb_in.len = (int)wsi->ws->rx_ubuf_head; 519 520 /* for the non-pm-deflate case */ 521 522 pmdrx.eb_out = pmdrx.eb_in; 523 524 lwsl_wsi_debug(wsi, "starting disbursal of %d deframed rx", 525 (int)wsi->ws->rx_ubuf_head); 526 527#if !defined(LWS_WITHOUT_EXTENSIONS) 528drain_extension: 529#endif 530 do { 531 532 // lwsl_wsi_notice("pmdrx.eb_in.len: %d", 533 // (int)pmdrx.eb_in.len); 534 535 n = PMDR_DID_NOTHING; 536 537#if !defined(LWS_WITHOUT_EXTENSIONS) 538 lwsl_wsi_ext(wsi, "+++ passing %d %p to ext", 539 pmdrx.eb_in.len, pmdrx.eb_in.token); 540 541 n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, 542 &pmdrx, 0); 543 lwsl_wsi_ext(wsi, "Ext RX returned %d", n); 544 if (n < 0) { 545 wsi->socket_is_permanently_unusable = 1; 546 return -1; 547 } 548 if (n == PMDR_DID_NOTHING) 549 /* ie, not PMDR_NOTHING_WE_SHOULD_DO */ 550 break; 551#endif 552 lwsl_wsi_ext(wsi, "post inflate ebuf in len %d / out len %d", 553 pmdrx.eb_in.len, pmdrx.eb_out.len); 554 555#if !defined(LWS_WITHOUT_EXTENSIONS) 556 if (rx_draining_ext && !pmdrx.eb_out.len) { 557 lwsl_wsi_debug(wsi, " --- ending drain on 0 read result"); 558 goto already_done; 559 } 560 561 if (n == PMDR_HAS_PENDING) { /* 1 means stuff to drain */ 562 /* extension had more... main loop will come back */ 563 lwsl_wsi_ext(wsi, "adding to draining ext list"); 564 lws_add_wsi_to_draining_ext_list(wsi); 565 } else { 566 lwsl_wsi_ext(wsi, "removing from draining ext list"); 567 lws_remove_wsi_from_draining_ext_list(wsi); 568 } 569 rx_draining_ext = wsi->ws->rx_draining_ext; 570#endif 571 572 if (wsi->ws->check_utf8 && !wsi->ws->defeat_check_utf8) { 573 574 if (lws_check_utf8(&wsi->ws->utf8, 575 pmdrx.eb_out.token, 576 (unsigned int)pmdrx.eb_out.len)) { 577 lws_close_reason(wsi, 578 LWS_CLOSE_STATUS_INVALID_PAYLOAD, 579 (uint8_t *)"bad utf8", 8); 580 goto utf8_fail; 581 } 582 583 /* we are ending partway through utf-8 character? */ 584 if (!wsi->ws->rx_packet_length && 585 wsi->ws->final && wsi->ws->utf8 586#if !defined(LWS_WITHOUT_EXTENSIONS) 587 /* if ext not negotiated, going to be UNKNOWN */ 588 && (n == PMDR_EMPTY_FINAL || n == PMDR_UNKNOWN) 589#endif 590 ) { 591 lwsl_wsi_info(wsi, "FINAL utf8 error"); 592 lws_close_reason(wsi, 593 LWS_CLOSE_STATUS_INVALID_PAYLOAD, 594 (uint8_t *)"partial utf8", 12); 595utf8_fail: 596 lwsl_wsi_info(wsi, "utf8 error"); 597 lwsl_hexdump_wsi_info(wsi, pmdrx.eb_out.token, 598 (unsigned int)pmdrx.eb_out.len); 599 600 return -1; 601 } 602 } 603 604 if (pmdrx.eb_out.len < 0 && 605 callback_action != LWS_CALLBACK_CLIENT_RECEIVE_PONG) 606 goto already_done; 607 608 if (!pmdrx.eb_out.token) 609 goto already_done; 610 611 pmdrx.eb_out.token[pmdrx.eb_out.len] = '\0'; 612 613 if (!wsi->a.protocol->callback) 614 goto already_done; 615 616 if (callback_action == LWS_CALLBACK_CLIENT_RECEIVE_PONG) 617 lwsl_wsi_info(wsi, "Client doing pong callback"); 618 619#if !defined(LWS_WITHOUT_EXTENSIONS) 620 if (n == PMDR_HAS_PENDING) 621 /* extension had more... main loop will come back 622 * we want callback to be done with this set, if so, 623 * because lws_is_final() hides it was final until the 624 * last chunk 625 */ 626 lws_add_wsi_to_draining_ext_list(wsi); 627 else 628 lws_remove_wsi_from_draining_ext_list(wsi); 629#endif 630 631 if (lwsi_state(wsi) == LRS_RETURNED_CLOSE || 632 lwsi_state(wsi) == LRS_WAITING_TO_SEND_CLOSE || 633 lwsi_state(wsi) == LRS_AWAITING_CLOSE_ACK) 634 goto already_done; 635 636 /* if pmd not enabled, in == out */ 637 638 if (n == PMDR_DID_NOTHING 639#if !defined(LWS_WITHOUT_EXTENSIONS) 640 || n == PMDR_NOTHING_WE_SHOULD_DO 641 || n == PMDR_UNKNOWN 642#endif 643 ) 644 pmdrx.eb_in.len -= pmdrx.eb_out.len; 645 646 m = wsi->a.protocol->callback(wsi, 647 (enum lws_callback_reasons)callback_action, 648 wsi->user_space, pmdrx.eb_out.token, 649 (unsigned int)pmdrx.eb_out.len); 650 651 wsi->ws->first_fragment = 0; 652 653 lwsl_wsi_debug(wsi, "bulk ws rx: inp used %d, output %d", 654 (int)wsi->ws->rx_ubuf_head, 655 (int)pmdrx.eb_out.len); 656 657 /* if user code wants to close, let caller know */ 658 if (m) 659 return 1; 660 661 } while (pmdrx.eb_in.len 662#if !defined(LWS_WITHOUT_EXTENSIONS) 663 || rx_draining_ext 664#endif 665 ); 666 667already_done: 668 wsi->ws->rx_ubuf_head = 0; 669 break; 670 default: 671 lwsl_wsi_err(wsi, "client rx illegal state"); 672 return 1; 673 } 674 675 return 0; 676 677illegal_ctl_length: 678 lwsl_wsi_warn(wsi, "Control frame asking for extended length is illegal"); 679 680 /* kill the connection */ 681 return -1; 682 683server_cannot_mask: 684 lws_close_reason(wsi, 685 LWS_CLOSE_STATUS_PROTOCOL_ERR, 686 (uint8_t *)"srv mask", 8); 687 688 lwsl_wsi_warn(wsi, "Server must not mask"); 689 690 /* kill the connection */ 691 return -1; 692} 693 694 695