mirror of
https://github.com/eclipse-mosquitto/mosquitto.git
synced 2026-02-06 02:52:07 +08:00
Check accept key with websockets clients.
This commit is contained in:
Roger A. Light
@@ -59,6 +59,9 @@ int http_c__context_init(struct mosquitto *context)
|
||||
if(create_request_key(&key)){
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
if(ws__create_accept_key(key, strlen(key), &context->wsd.accept_key)){
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
|
||||
packet = mosquitto__calloc(1, sizeof(struct mosquitto__packet) + 1024 + WS_PACKET_OFFSET);
|
||||
if(!packet) return MOSQ_ERR_NOMEM;
|
||||
@@ -84,6 +87,7 @@ int http_c__context_init(struct mosquitto *context)
|
||||
|
||||
int http_c__context_cleanup(struct mosquitto *context)
|
||||
{
|
||||
SAFE_FREE(context->wsd.accept_key);
|
||||
mosquitto__FREE(context->http_request);
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
@@ -102,7 +106,6 @@ int http_c__read(struct mosquitto *mosq)
|
||||
struct phr_header http_headers[100];
|
||||
const char *client_key = NULL;
|
||||
size_t client_key_len = 0;
|
||||
char *accept_key;
|
||||
size_t i;
|
||||
bool header_have_upgrade;
|
||||
bool header_have_connection;
|
||||
@@ -221,7 +224,10 @@ int http_c__read(struct mosquitto *mosq)
|
||||
// FIXME - 404
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
/* FIXME - check key */
|
||||
if(strncmp(mosq->wsd.accept_key, client_key, client_key_len)){
|
||||
// FIXME - 50x
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
|
||||
http_c__context_cleanup(mosq);
|
||||
ws__context_init(mosq);
|
||||
|
||||
@@ -247,6 +247,7 @@ struct mosquitto_msg_data{
|
||||
struct ws_data{
|
||||
struct mosquitto__packet *out_packet;
|
||||
char *http_path;
|
||||
char *accept_key;
|
||||
uint64_t payloadlen;
|
||||
ssize_t pos;
|
||||
int http_header_size;
|
||||
|
||||
@@ -91,6 +91,7 @@ UI_METHOD *net__get_ui_method(void);
|
||||
#if defined(WITH_WEBSOCKETS) && WITH_WEBSOCKETS == WS_IS_BUILTIN
|
||||
void ws__context_init(struct mosquitto *mosq);
|
||||
void ws__prepare_packet(struct mosquitto *mosq, struct mosquitto__packet *packet);
|
||||
int ws__create_accept_key(const char *client_key, size_t client_key_len, char **encoded);
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
39
lib/net_ws.c
39
lib/net_ws.c
@@ -22,7 +22,9 @@ Contributors:
|
||||
|
||||
#include <errno.h>
|
||||
#include <stddef.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "base64_mosq.h"
|
||||
#include "mosquitto_internal.h"
|
||||
#include "memory_mosq.h"
|
||||
#include "mqtt_protocol.h"
|
||||
@@ -326,4 +328,41 @@ ssize_t net__read_ws(struct mosquitto *mosq, void *buf, size_t count)
|
||||
return len;
|
||||
}
|
||||
|
||||
int ws__create_accept_key(const char *client_key, size_t client_key_len, char **encoded)
|
||||
{
|
||||
const EVP_MD *digest;
|
||||
EVP_MD_CTX *evp;
|
||||
uint8_t accept_key_hash[EVP_MAX_MD_SIZE];
|
||||
unsigned int accept_key_hash_len;
|
||||
|
||||
digest = EVP_get_digestbyname("sha1");
|
||||
if(!digest){
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
|
||||
evp = EVP_MD_CTX_new();
|
||||
if(EVP_DigestInit_ex(evp, digest, NULL) == 0){
|
||||
EVP_MD_CTX_free(evp);
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
if(EVP_DigestUpdate(evp, client_key, client_key_len) == 0){
|
||||
EVP_MD_CTX_free(evp);
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
if(EVP_DigestUpdate(evp, "258EAFA5-E914-47DA-95CA-C5AB0DC85B11",
|
||||
strlen("258EAFA5-E914-47DA-95CA-C5AB0DC85B11")) == 0){
|
||||
|
||||
EVP_MD_CTX_free(evp);
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
if(EVP_DigestFinal_ex(evp, accept_key_hash, &accept_key_hash_len) == 0){
|
||||
EVP_MD_CTX_free(evp);
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
EVP_MD_CTX_free(evp);
|
||||
|
||||
return base64__encode(accept_key_hash, accept_key_hash_len, encoded);
|
||||
}
|
||||
|
||||
|
||||
#endif
|
||||
|
||||
@@ -55,43 +55,6 @@ int http__context_cleanup(struct mosquitto *context)
|
||||
}
|
||||
|
||||
|
||||
static int create_accept_key(const char *client_key, size_t client_key_len, char **encoded)
|
||||
{
|
||||
const EVP_MD *digest;
|
||||
EVP_MD_CTX *evp;
|
||||
uint8_t accept_key_hash[EVP_MAX_MD_SIZE];
|
||||
unsigned int accept_key_hash_len;
|
||||
|
||||
digest = EVP_get_digestbyname("sha1");
|
||||
if(!digest){
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
|
||||
evp = EVP_MD_CTX_new();
|
||||
if(EVP_DigestInit_ex(evp, digest, NULL) == 0){
|
||||
EVP_MD_CTX_free(evp);
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
if(EVP_DigestUpdate(evp, client_key, client_key_len) == 0){
|
||||
EVP_MD_CTX_free(evp);
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
if(EVP_DigestUpdate(evp, "258EAFA5-E914-47DA-95CA-C5AB0DC85B11",
|
||||
strlen("258EAFA5-E914-47DA-95CA-C5AB0DC85B11")) == 0){
|
||||
|
||||
EVP_MD_CTX_free(evp);
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
if(EVP_DigestFinal_ex(evp, accept_key_hash, &accept_key_hash_len) == 0){
|
||||
EVP_MD_CTX_free(evp);
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
EVP_MD_CTX_free(evp);
|
||||
|
||||
return base64__encode(accept_key_hash, accept_key_hash_len, encoded);
|
||||
}
|
||||
|
||||
|
||||
int http__write(struct mosquitto *mosq)
|
||||
{
|
||||
return packet__write(mosq);
|
||||
@@ -242,7 +205,7 @@ int http__read(struct mosquitto *mosq)
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
|
||||
if(create_accept_key(client_key, client_key_len, &accept_key)){
|
||||
if(ws__create_accept_key(client_key, client_key_len, &accept_key)){
|
||||
return MOSQ_ERR_UNKNOWN;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user