File: minimal-secure-streams-smd.c

package info (click to toggle)
libwebsockets 4.3.5-2
  • links: PTS
  • area: main
  • in suites: forky, sid
  • size: 31,288 kB
  • sloc: ansic: 194,407; javascript: 1,550; sh: 1,387; cpp: 505; java: 461; perl: 405; xml: 118; makefile: 76; awk: 5
file content (374 lines) | stat: -rw-r--r-- 9,880 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
 
/*
 * lws-minimal-secure-streams-smd
 *
 * Written in 2010-2020 by Andy Green <andy@warmcat.com>
 *
 * This file is made available under the Creative Commons CC0 1.0
 * Universal Public Domain Dedication.
 *
 *
 * This demonstrates a minimal http client using secure streams to access the
 * SMD api.
 */

#include <libwebsockets.h>
#include <string.h>
#include <signal.h>

static int interrupted, bad = 1, count_p1, count_p2, count_tx, expected = 0;
static unsigned int how_many_msg = 100, usec_interval = 1000;
static lws_sorted_usec_list_t sul_timeout;

/*
 * If the -proxy app is fulfilling our connection, then we don't need to have
 * the policy in the client.
 *
 * When we build with LWS_SS_USE_SSPC, the apis hook up to a proxy process over
 * a Unix Domain Socket.  To test that, you need to separately run the
 * ./lws-minimal-secure-streams-proxy test app on the same machine.
 */

#if !defined(LWS_SS_USE_SSPC)
static const char * const default_ss_policy =
	"{"
		"\"schema-version\":1,"
		"\"s\": ["
			"{"
				/*
				 * "captive_portal_detect" describes
				 * what to do in order to check if the path to
				 * the Internet is being interrupted by a
				 * captive portal.  If there's a larger policy
				 * fetched from elsewhere, it should also include
				 * this since it needs to be done at least after
				 * every DHCP acquisition
				 */
				"\"captive_portal_detect\": {"
					"\"endpoint\": \"connectivitycheck.android.com\","
					"\"http_url\": \"generate_204\","
					"\"port\": 80,"
					"\"protocol\": \"h1\","
					"\"http_method\": \"GET\","
					"\"opportunistic\": true,"
					"\"http_expect\": 204,"
					"\"http_fail_redirect\": true"
				"}"
			"}"
		"]"
	"}"
;

#endif

typedef struct myss {
	struct lws_ss_handle 		*ss;
	void				*opaque_data;
	/* ... application specific state ... */
	lws_sorted_usec_list_t		sul;
	char				alternate;
} myss_t;


/* secure streams payload interface */

static lws_ss_state_return_t
myss_rx(void *userobj, const uint8_t *buf, size_t len, int flags)
{
	/*
	 * Call the helper to translate into a real smd message and forward to
	 * this context / process smd participants... except us, since we
	 * definitely already received it
	 */

	if (lws_smd_ss_rx_forward(userobj, buf, len))
		lwsl_warn("%s: forward failed\n", __func__);

	count_p1++;

	return LWSSSSRET_OK;
}

static void
sul_tx_periodic_cb(lws_sorted_usec_list_t *sul)
{
	myss_t *m = lws_container_of(sul, myss_t, sul);

	lwsl_info("%s: requesting TX\n", __func__);
	if (lws_ss_request_tx(m->ss))
		lwsl_info("%s: req failed\n", __func__);
}

static lws_ss_state_return_t
myss_tx(void *userobj, lws_ss_tx_ordinal_t ord, uint8_t *buf, size_t *len,
	int *flags)
{
	myss_t *m = (myss_t *)userobj;

	lwsl_info("%s: sending SS smd\n", __func__);

	/*
	 * The SS RX isn't going to see INTERACTION messages, because its class
	 * filter doesn't accept INTERACTION class messages.  The direct
	 * participant we also set up for the test will see them though.
	 *
	 * Let's alternate between sending NETWORK class smd messages and
	 * INTERACTION so we can test both rx paths
	 */

	m->alternate++;

	if (m->alternate == 4) {
		/*
		 * after a few, let's request a CPD check
		 */

		if (lws_smd_ss_msg_printf(lws_ss_tag(m->ss), buf, len, LWSSMDCL_NETWORK,
					  "{\"trigger\": \"cpdcheck\", "
					   "\"src\":\"SS-test\"}"))
			return LWSSSSRET_TX_DONT_SEND;
	} else
		if (lws_smd_ss_msg_printf(lws_ss_tag(m->ss), buf, len,
					  (m->alternate & 1) ? LWSSMDCL_NETWORK :
							       LWSSMDCL_INTERACTION,
					  (m->alternate & 1) ?
					       "{\"class\":\"NETWORK\",\"x\":%d}" :
					       "{\"class\":\"INTERACTION\",\"x\":%d}",
					       count_tx))
			return LWSSSSRET_TX_DONT_SEND;

	*flags = LWSSS_FLAG_SOM | LWSSS_FLAG_EOM;

	count_tx++;

	lws_sul_schedule(lws_ss_get_context(m->ss), 0, &m->sul,
			 sul_tx_periodic_cb, usec_interval);

	return LWSSSSRET_OK;
}

static lws_ss_state_return_t
myss_state(void *userobj, void *h_src, lws_ss_constate_t state,
	   lws_ss_tx_ordinal_t ack)
{
	myss_t *m = (myss_t *)userobj;

	lwsl_notice("%s: %s: %s (%d), ord 0x%x\n", __func__, lws_ss_tag(m->ss),
		    lws_ss_state_name((int)state), state, (unsigned int)ack);

	if (state == LWSSSCS_DESTROYING) {
		lws_sul_cancel(&m->sul);
		return LWSSSSRET_OK;
	}

	if (state == LWSSSCS_CONNECTED) {
		lwsl_notice("%s: CONNECTED\n", __func__);
		lws_sul_schedule(lws_ss_get_context(m->ss), 0, &m->sul,
				 sul_tx_periodic_cb, 1);
		return LWSSSSRET_OK;
	}

	return LWSSSSRET_OK;
}

static const lws_ss_info_t ssi_lws_smd = {
	.handle_offset		  = offsetof(myss_t, ss),
	.opaque_user_data_offset  = offsetof(myss_t, opaque_data),
	.rx			  = myss_rx,
	.tx			  = myss_tx,
	.state			  = myss_state,
	.user_alloc		  = sizeof(myss_t),
	.streamtype		  = LWS_SMD_STREAMTYPENAME,
	.manual_initial_tx_credit = LWSSMDCL_SYSTEM_STATE |
				    LWSSMDCL_METRICS |
				    LWSSMDCL_NETWORK,
};

/* for comparison, this is a non-SS lws_smd participant */

static int
direct_smd_cb(void *opaque, lws_smd_class_t _class, lws_usec_t timestamp,
	      void *buf, size_t len)
{
	struct lws_context **pctx = (struct lws_context **)opaque;

//	lwsl_notice("%s: class: 0x%x, ts: %llu\n", __func__, _class,
//		  (unsigned long long)timestamp);
//	lwsl_hexdump_notice(buf, len);

	count_p2++;

	if (_class != LWSSMDCL_SYSTEM_STATE)
		return 0;

	if (!lws_json_simple_strcmp(buf, len, "\"state\":", "OPERATIONAL")) {

#if !defined(LWS_SS_USE_SSPC)
		/*
		 * Let's trigger a CPD check, just as a test.  SS can't see it
		 * anyway since it doesn't listen for NETWORK but the direct /
		 * local participant will see it and the result
		 *
		 * This process doesn't run the smd / captive portal action
		 * when it's a client of the SS proxy.  SMD has to be passed
		 * via the SS _lws_smd proxied connection in that case.
		 */
		(void)lws_smd_msg_printf(*pctx, LWSSMDCL_NETWORK,
				   "{\"trigger\": \"cpdcheck\", \"src\":\"direct-test\"}");
#endif

		/*
		 * Create the SS link to lws_smd... notice in ssi_lws_smd
		 * above, we tell this link to use a class filter that excludes
		 * NETWORK messages.
		 */

		if (lws_ss_create(*pctx, 0, &ssi_lws_smd, NULL, NULL, NULL, NULL)) {
			lwsl_err("%s: failed to create secure stream\n",
				 __func__);
			interrupted = 1;
			lws_cancel_service(*pctx);
			return -1;
		}
	}

	return 0;
}


static void
sul_timeout_cb(lws_sorted_usec_list_t *sul)
{
	lwsl_notice("%s: test finishing\n", __func__);
	interrupted = 1;
}


static void
sigint_handler(int sig)
{
	interrupted = 1;
}

extern int smd_ss_multi_test(int argc, const char **argv);

int main(int argc, const char **argv)
{
	struct lws_context_creation_info info;
	struct lws_context *context;
	const char *p;

	signal(SIGINT, sigint_handler);

	memset(&info, 0, sizeof info);

#if defined(LWS_SS_USE_SSPC)
	if (lws_cmdline_option(argc, argv, "--multi"))
		return smd_ss_multi_test(argc, argv);
#endif

	lws_cmdline_option_handle_builtin(argc, argv, &info);

	if ((p = lws_cmdline_option(argc, argv, "--count")))
		how_many_msg = (unsigned int)atol(p);

	if ((p = lws_cmdline_option(argc, argv, "--interval")))
		usec_interval = (unsigned int)atol(p);

	lwsl_user("LWS Secure Streams SMD test client [-d<verb>]: "
		  "%u msgs at %uus interval\n", how_many_msg, usec_interval);

	info.fd_limit_per_thread	= 1 + 6 + 1;
	info.port			= CONTEXT_PORT_NO_LISTEN;
#if !defined(LWS_SS_USE_SSPC)
	info.pss_policies_json		= default_ss_policy;
#else
	info.protocols			= lws_sspc_protocols;
	{
		/* connect to ssproxy via UDS by default, else via
		 * tcp connection to this port */
		if ((p = lws_cmdline_option(argc, argv, "-p")))
			info.ss_proxy_port = (uint16_t)atoi(p);

		/* UDS "proxy.ss.lws" in abstract namespace, else this socket
		 * path; when -p given this can specify the network interface
		 * to bind to */
		if ((p = lws_cmdline_option(argc, argv, "-i")))
			info.ss_proxy_bind = p;

		/* if -p given, -a specifies the proxy address to connect to */
		if ((p = lws_cmdline_option(argc, argv, "-a")))
			info.ss_proxy_address = p;
	}
#endif
	info.options			= LWS_SERVER_OPTION_EXPLICIT_VHOSTS |
					  LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT;

	info.early_smd_cb		= direct_smd_cb;
	info.early_smd_class_filter	= 0xffffffff;
	info.early_smd_opaque		= &context;

	/* create the context */

	context = lws_create_context(&info);
	if (!context) {
		lwsl_err("lws init failed\n");
		return 1;
	}

#if defined(LWS_SS_USE_SSPC)
	if (!lws_create_vhost(context, &info)) {
		lwsl_err("%s: failed to create default vhost\n", __func__);
		goto bail;
	}
#endif

	/* set up the test timeout */

	lws_sul_schedule(context, 0, &sul_timeout, sul_timeout_cb,
			 (how_many_msg * (usec_interval + 50000)) + LWS_US_PER_SEC);

	/* the event loop */

	while (lws_service(context, 0) >= 0 && !interrupted)
		;

	/* compare what happened with what we expect */

#if defined(LWS_SS_USE_SSPC)
	/* if SSPC
	 *
	 *  - the SS _lws_smd link does not enable INTERACTION class, so doesn't
	 *    see these messages (count_p1 is half count_tx)
	 *
	 *  - the direct smd participant sees local state, but it doesn't send
	 *    any local CPD request, since as a client it doesn't do CPD
	 *    directly (count_p2 -= 1 compared to non-SSPC)
	 *
	 *  - one CPD trigger is sent on the proxied SS link (countp1 += 1)
	 */
	if (count_p1 >= 6 && count_p2 >= 11 && count_tx >= 12)
#else
	/* if not SSPC, then we can see direct smd activity */
	if (count_p1 >= 2 && count_p2 >= 15 && count_tx >= 5)
#endif
		bad = 0;

	lwsl_notice("%d %d %d\n", count_p1, count_p2, count_tx);

#if defined(LWS_SS_USE_SSPC)
bail:
#endif
	lws_context_destroy(context);

	if ((p = lws_cmdline_option(argc, argv, "--expected-exit")))
		expected = atoi(p);

	if (bad == expected) {
		lwsl_user("Completed: OK (seen expected %d)\n", expected);
		return 0;
	}

	lwsl_err("Completed: failed: exit %d, expected %d\n", bad, expected);

	return 1;
}