blob: 9e3df3891285d3d116fe0c1cbd471b072bfc095c [file] [log] [blame]
[email protected]adb225d2013-08-30 13:14:431// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "net/websockets/websocket_basic_stream.h"
6
7#include <algorithm>
8#include <limits>
9#include <string>
10#include <vector>
11
12#include "base/basictypes.h"
13#include "base/bind.h"
14#include "base/logging.h"
[email protected]2f5d9f62013-09-26 12:14:2815#include "base/safe_numerics.h"
[email protected]adb225d2013-08-30 13:14:4316#include "net/base/io_buffer.h"
17#include "net/base/net_errors.h"
18#include "net/socket/client_socket_handle.h"
19#include "net/websockets/websocket_errors.h"
20#include "net/websockets/websocket_frame.h"
21#include "net/websockets/websocket_frame_parser.h"
22
23namespace net {
24
25namespace {
26
[email protected]2f5d9f62013-09-26 12:14:2827// This uses type uint64 to match the definition of
28// WebSocketFrameHeader::payload_length in websocket_frame.h.
29const uint64 kMaxControlFramePayload = 125;
30
[email protected]adb225d2013-08-30 13:14:4331// The number of bytes to attempt to read at a time.
32// TODO(ricea): See if there is a better number or algorithm to fulfill our
33// requirements:
34// 1. We would like to use minimal memory on low-bandwidth or idle connections
35// 2. We would like to read as close to line speed as possible on
36// high-bandwidth connections
37// 3. We can't afford to cause jank on the IO thread by copying large buffers
38// around
39// 4. We would like to hit any sweet-spots that might exist in terms of network
40// packet sizes / encryption block sizes / IPC alignment issues, etc.
41const int kReadBufferSize = 32 * 1024;
42
[email protected]9576544a2013-10-11 08:36:3343typedef ScopedVector<WebSocketFrame>::const_iterator WebSocketFrameIterator;
44
45// Returns the total serialized size of |frames|. This function assumes that
46// |frames| will be serialized with mask field. This function forces the
47// masked bit of the frames on.
48int CalculateSerializedSizeAndTurnOnMaskBit(
49 ScopedVector<WebSocketFrame>* frames) {
50 const int kMaximumTotalSize = std::numeric_limits<int>::max();
51
52 int total_size = 0;
[email protected]693ebf32013-10-23 13:47:0153 for (WebSocketFrameIterator it = frames->begin(); it != frames->end(); ++it) {
[email protected]9576544a2013-10-11 08:36:3354 WebSocketFrame* frame = *it;
55 // Force the masked bit on.
56 frame->header.masked = true;
57 // We enforce flow control so the renderer should never be able to force us
58 // to cache anywhere near 2GB of frames.
59 int frame_size = frame->header.payload_length +
60 GetWebSocketFrameHeaderSize(frame->header);
61 CHECK_GE(kMaximumTotalSize - total_size, frame_size)
62 << "Aborting to prevent overflow";
63 total_size += frame_size;
64 }
65 return total_size;
66}
67
[email protected]adb225d2013-08-30 13:14:4368} // namespace
69
70WebSocketBasicStream::WebSocketBasicStream(
[email protected]86602d3f2013-11-06 00:08:2271 scoped_ptr<ClientSocketHandle> connection,
72 const scoped_refptr<GrowableIOBuffer>& http_read_buffer,
73 const std::string& sub_protocol,
74 const std::string& extensions)
[email protected]adb225d2013-08-30 13:14:4375 : read_buffer_(new IOBufferWithSize(kReadBufferSize)),
76 connection_(connection.Pass()),
[email protected]86602d3f2013-11-06 00:08:2277 http_read_buffer_(http_read_buffer),
78 sub_protocol_(sub_protocol),
79 extensions_(extensions),
[email protected]adb225d2013-08-30 13:14:4380 generate_websocket_masking_key_(&GenerateWebSocketMaskingKey) {
81 DCHECK(connection_->is_initialized());
82}
83
84WebSocketBasicStream::~WebSocketBasicStream() { Close(); }
85
[email protected]2f5d9f62013-09-26 12:14:2886int WebSocketBasicStream::ReadFrames(ScopedVector<WebSocketFrame>* frames,
87 const CompletionCallback& callback) {
88 DCHECK(frames->empty());
[email protected]adb225d2013-08-30 13:14:4389 // If there is data left over after parsing the HTTP headers, attempt to parse
90 // it as WebSocket frames.
91 if (http_read_buffer_) {
92 DCHECK_GE(http_read_buffer_->offset(), 0);
93 // We cannot simply copy the data into read_buffer_, as it might be too
94 // large.
95 scoped_refptr<GrowableIOBuffer> buffered_data;
96 buffered_data.swap(http_read_buffer_);
97 DCHECK(http_read_buffer_.get() == NULL);
[email protected]2f5d9f62013-09-26 12:14:2898 ScopedVector<WebSocketFrameChunk> frame_chunks;
[email protected]adb225d2013-08-30 13:14:4399 if (!parser_.Decode(buffered_data->StartOfBuffer(),
100 buffered_data->offset(),
[email protected]2f5d9f62013-09-26 12:14:28101 &frame_chunks))
[email protected]adb225d2013-08-30 13:14:43102 return WebSocketErrorToNetError(parser_.websocket_error());
[email protected]2f5d9f62013-09-26 12:14:28103 if (!frame_chunks.empty()) {
104 int result = ConvertChunksToFrames(&frame_chunks, frames);
105 if (result != ERR_IO_PENDING)
106 return result;
107 }
[email protected]adb225d2013-08-30 13:14:43108 }
109
[email protected]2f5d9f62013-09-26 12:14:28110 // Run until socket stops giving us data or we get some frames.
[email protected]adb225d2013-08-30 13:14:43111 while (true) {
112 // base::Unretained(this) here is safe because net::Socket guarantees not to
113 // call any callbacks after Disconnect(), which we call from the
[email protected]2f5d9f62013-09-26 12:14:28114 // destructor. The caller of ReadFrames() is required to keep |frames|
[email protected]adb225d2013-08-30 13:14:43115 // valid.
[email protected]2f5d9f62013-09-26 12:14:28116 int result = connection_->socket()->Read(
117 read_buffer_.get(),
118 read_buffer_->size(),
119 base::Bind(&WebSocketBasicStream::OnReadComplete,
120 base::Unretained(this),
121 base::Unretained(frames),
122 callback));
[email protected]adb225d2013-08-30 13:14:43123 if (result == ERR_IO_PENDING)
124 return result;
[email protected]2f5d9f62013-09-26 12:14:28125 result = HandleReadResult(result, frames);
[email protected]adb225d2013-08-30 13:14:43126 if (result != ERR_IO_PENDING)
127 return result;
[email protected]2f5d9f62013-09-26 12:14:28128 DCHECK(frames->empty());
[email protected]adb225d2013-08-30 13:14:43129 }
130}
131
[email protected]2f5d9f62013-09-26 12:14:28132int WebSocketBasicStream::WriteFrames(ScopedVector<WebSocketFrame>* frames,
133 const CompletionCallback& callback) {
[email protected]adb225d2013-08-30 13:14:43134 // This function always concatenates all frames into a single buffer.
135 // TODO(ricea): Investigate whether it would be better in some cases to
136 // perform multiple writes with smaller buffers.
137 //
138 // First calculate the size of the buffer we need to allocate.
[email protected]9576544a2013-10-11 08:36:33139 int total_size = CalculateSerializedSizeAndTurnOnMaskBit(frames);
[email protected]adb225d2013-08-30 13:14:43140 scoped_refptr<IOBufferWithSize> combined_buffer(
141 new IOBufferWithSize(total_size));
[email protected]9576544a2013-10-11 08:36:33142
[email protected]adb225d2013-08-30 13:14:43143 char* dest = combined_buffer->data();
144 int remaining_size = total_size;
[email protected]693ebf32013-10-23 13:47:01145 for (WebSocketFrameIterator it = frames->begin(); it != frames->end(); ++it) {
[email protected]2f5d9f62013-09-26 12:14:28146 WebSocketFrame* frame = *it;
[email protected]adb225d2013-08-30 13:14:43147 WebSocketMaskingKey mask = generate_websocket_masking_key_();
[email protected]2f5d9f62013-09-26 12:14:28148 int result =
149 WriteWebSocketFrameHeader(frame->header, &mask, dest, remaining_size);
150 DCHECK_NE(ERR_INVALID_ARGUMENT, result)
[email protected]adb225d2013-08-30 13:14:43151 << "WriteWebSocketFrameHeader() says that " << remaining_size
152 << " is not enough to write the header in. This should not happen.";
153 CHECK_GE(result, 0) << "Potentially security-critical check failed";
154 dest += result;
155 remaining_size -= result;
156
[email protected]2f5d9f62013-09-26 12:14:28157 const char* const frame_data = frame->data->data();
158 const int frame_size = frame->header.payload_length;
[email protected]adb225d2013-08-30 13:14:43159 CHECK_GE(remaining_size, frame_size);
160 std::copy(frame_data, frame_data + frame_size, dest);
161 MaskWebSocketFramePayload(mask, 0, dest, frame_size);
162 dest += frame_size;
163 remaining_size -= frame_size;
164 }
165 DCHECK_EQ(0, remaining_size) << "Buffer size calculation was wrong; "
166 << remaining_size << " bytes left over.";
167 scoped_refptr<DrainableIOBuffer> drainable_buffer(
168 new DrainableIOBuffer(combined_buffer, total_size));
169 return WriteEverything(drainable_buffer, callback);
170}
171
172void WebSocketBasicStream::Close() { connection_->socket()->Disconnect(); }
173
174std::string WebSocketBasicStream::GetSubProtocol() const {
175 return sub_protocol_;
176}
177
178std::string WebSocketBasicStream::GetExtensions() const { return extensions_; }
179
[email protected]adb225d2013-08-30 13:14:43180/*static*/
181scoped_ptr<WebSocketBasicStream>
182WebSocketBasicStream::CreateWebSocketBasicStreamForTesting(
183 scoped_ptr<ClientSocketHandle> connection,
184 const scoped_refptr<GrowableIOBuffer>& http_read_buffer,
185 const std::string& sub_protocol,
186 const std::string& extensions,
187 WebSocketMaskingKeyGeneratorFunction key_generator_function) {
[email protected]86602d3f2013-11-06 00:08:22188 scoped_ptr<WebSocketBasicStream> stream(new WebSocketBasicStream(
189 connection.Pass(), http_read_buffer, sub_protocol, extensions));
[email protected]adb225d2013-08-30 13:14:43190 stream->generate_websocket_masking_key_ = key_generator_function;
191 return stream.Pass();
192}
193
194int WebSocketBasicStream::WriteEverything(
195 const scoped_refptr<DrainableIOBuffer>& buffer,
196 const CompletionCallback& callback) {
197 while (buffer->BytesRemaining() > 0) {
198 // The use of base::Unretained() here is safe because on destruction we
199 // disconnect the socket, preventing any further callbacks.
[email protected]2f5d9f62013-09-26 12:14:28200 int result = connection_->socket()->Write(
201 buffer.get(),
202 buffer->BytesRemaining(),
203 base::Bind(&WebSocketBasicStream::OnWriteComplete,
204 base::Unretained(this),
205 buffer,
206 callback));
[email protected]adb225d2013-08-30 13:14:43207 if (result > 0) {
208 buffer->DidConsume(result);
209 } else {
210 return result;
211 }
212 }
213 return OK;
214}
215
216void WebSocketBasicStream::OnWriteComplete(
217 const scoped_refptr<DrainableIOBuffer>& buffer,
218 const CompletionCallback& callback,
219 int result) {
220 if (result < 0) {
[email protected]2f5d9f62013-09-26 12:14:28221 DCHECK_NE(ERR_IO_PENDING, result);
[email protected]adb225d2013-08-30 13:14:43222 callback.Run(result);
223 return;
224 }
225
[email protected]2f5d9f62013-09-26 12:14:28226 DCHECK_NE(0, result);
[email protected]adb225d2013-08-30 13:14:43227 buffer->DidConsume(result);
228 result = WriteEverything(buffer, callback);
229 if (result != ERR_IO_PENDING)
230 callback.Run(result);
231}
232
233int WebSocketBasicStream::HandleReadResult(
234 int result,
[email protected]2f5d9f62013-09-26 12:14:28235 ScopedVector<WebSocketFrame>* frames) {
[email protected]adb225d2013-08-30 13:14:43236 DCHECK_NE(ERR_IO_PENDING, result);
[email protected]2f5d9f62013-09-26 12:14:28237 DCHECK(frames->empty());
[email protected]adb225d2013-08-30 13:14:43238 if (result < 0)
239 return result;
240 if (result == 0)
241 return ERR_CONNECTION_CLOSED;
[email protected]2f5d9f62013-09-26 12:14:28242 ScopedVector<WebSocketFrameChunk> frame_chunks;
243 if (!parser_.Decode(read_buffer_->data(), result, &frame_chunks))
[email protected]adb225d2013-08-30 13:14:43244 return WebSocketErrorToNetError(parser_.websocket_error());
[email protected]2f5d9f62013-09-26 12:14:28245 if (frame_chunks.empty())
246 return ERR_IO_PENDING;
247 return ConvertChunksToFrames(&frame_chunks, frames);
[email protected]adb225d2013-08-30 13:14:43248}
249
[email protected]2f5d9f62013-09-26 12:14:28250int WebSocketBasicStream::ConvertChunksToFrames(
[email protected]adb225d2013-08-30 13:14:43251 ScopedVector<WebSocketFrameChunk>* frame_chunks,
[email protected]2f5d9f62013-09-26 12:14:28252 ScopedVector<WebSocketFrame>* frames) {
253 for (size_t i = 0; i < frame_chunks->size(); ++i) {
254 scoped_ptr<WebSocketFrame> frame;
255 int result = ConvertChunkToFrame(
256 scoped_ptr<WebSocketFrameChunk>((*frame_chunks)[i]), &frame);
257 (*frame_chunks)[i] = NULL;
258 if (result != OK)
259 return result;
260 if (frame)
261 frames->push_back(frame.release());
262 }
263 // All the elements of |frame_chunks| are now NULL, so there is no point in
264 // calling delete on them all.
265 frame_chunks->weak_clear();
266 if (frames->empty())
267 return ERR_IO_PENDING;
268 return OK;
269}
270
271int WebSocketBasicStream::ConvertChunkToFrame(
272 scoped_ptr<WebSocketFrameChunk> chunk,
273 scoped_ptr<WebSocketFrame>* frame) {
274 DCHECK(frame->get() == NULL);
275 bool is_first_chunk = false;
276 if (chunk->header) {
277 DCHECK(current_frame_header_ == NULL)
278 << "Received the header for a new frame without notification that "
279 << "the previous frame was complete (bug in WebSocketFrameParser?)";
280 is_first_chunk = true;
281 current_frame_header_.swap(chunk->header);
282 }
283 const int chunk_size = chunk->data ? chunk->data->size() : 0;
284 DCHECK(current_frame_header_) << "Unexpected header-less chunk received "
285 << "(final_chunk = " << chunk->final_chunk
286 << ", data size = " << chunk_size
287 << ") (bug in WebSocketFrameParser?)";
288 scoped_refptr<IOBufferWithSize> data_buffer;
289 data_buffer.swap(chunk->data);
290 const bool is_final_chunk = chunk->final_chunk;
291 const WebSocketFrameHeader::OpCode opcode = current_frame_header_->opcode;
292 if (WebSocketFrameHeader::IsKnownControlOpCode(opcode)) {
293 bool protocol_error = false;
294 if (!current_frame_header_->final) {
295 DVLOG(1) << "WebSocket protocol error. Control frame, opcode=" << opcode
296 << " received with FIN bit unset.";
297 protocol_error = true;
298 }
299 if (current_frame_header_->payload_length > kMaxControlFramePayload) {
300 DVLOG(1) << "WebSocket protocol error. Control frame, opcode=" << opcode
301 << ", payload_length=" << current_frame_header_->payload_length
302 << " exceeds maximum payload length for a control message.";
303 protocol_error = true;
304 }
305 if (protocol_error) {
306 current_frame_header_.reset();
307 return ERR_WS_PROTOCOL_ERROR;
308 }
309 if (!is_final_chunk) {
310 DVLOG(2) << "Encountered a split control frame, opcode " << opcode;
311 if (incomplete_control_frame_body_) {
312 DVLOG(3) << "Appending to an existing split control frame.";
313 AddToIncompleteControlFrameBody(data_buffer);
314 } else {
315 DVLOG(3) << "Creating new storage for an incomplete control frame.";
316 incomplete_control_frame_body_ = new GrowableIOBuffer();
317 // This method checks for oversize control frames above, so as long as
318 // the frame parser is working correctly, this won't overflow. If a bug
319 // does cause it to overflow, it will CHECK() in
320 // AddToIncompleteControlFrameBody() without writing outside the buffer.
321 incomplete_control_frame_body_->SetCapacity(kMaxControlFramePayload);
322 AddToIncompleteControlFrameBody(data_buffer);
323 }
324 return OK;
325 }
326 if (incomplete_control_frame_body_) {
327 DVLOG(2) << "Rejoining a split control frame, opcode " << opcode;
328 AddToIncompleteControlFrameBody(data_buffer);
329 const int body_size = incomplete_control_frame_body_->offset();
330 DCHECK_EQ(body_size,
331 static_cast<int>(current_frame_header_->payload_length));
332 scoped_refptr<IOBufferWithSize> body = new IOBufferWithSize(body_size);
333 memcpy(body->data(),
334 incomplete_control_frame_body_->StartOfBuffer(),
335 body_size);
336 incomplete_control_frame_body_ = NULL; // Frame now complete.
337 DCHECK(is_final_chunk);
338 *frame = CreateFrame(is_final_chunk, body);
339 return OK;
340 }
341 }
342
343 // Apply basic sanity checks to the |payload_length| field from the frame
344 // header. A check for exact equality can only be used when the whole frame
345 // arrives in one chunk.
346 DCHECK_GE(current_frame_header_->payload_length,
347 base::checked_numeric_cast<uint64>(chunk_size));
348 DCHECK(!is_first_chunk || !is_final_chunk ||
349 current_frame_header_->payload_length ==
350 base::checked_numeric_cast<uint64>(chunk_size));
351
352 // Convert the chunk to a complete frame.
353 *frame = CreateFrame(is_final_chunk, data_buffer);
354 return OK;
355}
356
357scoped_ptr<WebSocketFrame> WebSocketBasicStream::CreateFrame(
358 bool is_final_chunk,
359 const scoped_refptr<IOBufferWithSize>& data) {
360 scoped_ptr<WebSocketFrame> result_frame;
361 const bool is_final_chunk_in_message =
362 is_final_chunk && current_frame_header_->final;
363 const int data_size = data ? data->size() : 0;
364 const WebSocketFrameHeader::OpCode opcode = current_frame_header_->opcode;
[email protected]e678d4fe2013-10-11 11:27:55365 // Empty frames convey no useful information unless they are the first frame
366 // (containing the type and flags) or have the "final" bit set.
367 if (is_final_chunk_in_message || data_size > 0 ||
368 current_frame_header_->opcode !=
369 WebSocketFrameHeader::kOpCodeContinuation) {
[email protected]2f5d9f62013-09-26 12:14:28370 result_frame.reset(new WebSocketFrame(opcode));
371 result_frame->header.CopyFrom(*current_frame_header_);
372 result_frame->header.final = is_final_chunk_in_message;
373 result_frame->header.payload_length = data_size;
374 result_frame->data = data;
375 // Ensure that opcodes Text and Binary are only used for the first frame in
376 // the message.
377 if (WebSocketFrameHeader::IsKnownDataOpCode(opcode))
378 current_frame_header_->opcode = WebSocketFrameHeader::kOpCodeContinuation;
379 }
380 // Make sure that a frame header is not applied to any chunks that do not
381 // belong to it.
382 if (is_final_chunk)
383 current_frame_header_.reset();
384 return result_frame.Pass();
385}
386
387void WebSocketBasicStream::AddToIncompleteControlFrameBody(
388 const scoped_refptr<IOBufferWithSize>& data_buffer) {
389 if (!data_buffer)
390 return;
391 const int new_offset =
392 incomplete_control_frame_body_->offset() + data_buffer->size();
393 CHECK_GE(incomplete_control_frame_body_->capacity(), new_offset)
394 << "Control frame body larger than frame header indicates; frame parser "
395 "bug?";
396 memcpy(incomplete_control_frame_body_->data(),
397 data_buffer->data(),
398 data_buffer->size());
399 incomplete_control_frame_body_->set_offset(new_offset);
400}
401
402void WebSocketBasicStream::OnReadComplete(ScopedVector<WebSocketFrame>* frames,
403 const CompletionCallback& callback,
404 int result) {
405 result = HandleReadResult(result, frames);
[email protected]adb225d2013-08-30 13:14:43406 if (result == ERR_IO_PENDING)
[email protected]2f5d9f62013-09-26 12:14:28407 result = ReadFrames(frames, callback);
[email protected]adb225d2013-08-30 13:14:43408 if (result != ERR_IO_PENDING)
409 callback.Run(result);
410}
411
412} // namespace net