forked from mirrors/gecko-dev
217bbab384
Update testing/mochitest/pywebsocket with the latest version available: pywebsocket3 is python 3 compatible. This keeps the basic structure of the old pywebsocket, but changes the directory name to pywebsocket3 to reflect the project renaming. Differential Revision: https://phabricator.services.mozilla.com/D84455
403 lines
15 KiB
Python
403 lines
15 KiB
Python
# Copyright 2012, Google Inc.
|
|
# All rights reserved.
|
|
#
|
|
# Redistribution and use in source and binary forms, with or without
|
|
# modification, are permitted provided that the following conditions are
|
|
# met:
|
|
#
|
|
# * Redistributions of source code must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
# * Redistributions in binary form must reproduce the above
|
|
# copyright notice, this list of conditions and the following disclaimer
|
|
# in the documentation and/or other materials provided with the
|
|
# distribution.
|
|
# * Neither the name of Google Inc. nor the names of its
|
|
# contributors may be used to endorse or promote products derived from
|
|
# this software without specific prior written permission.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
"""This file provides the opening handshake processor for the WebSocket
|
|
protocol (RFC 6455).
|
|
|
|
Specification:
|
|
http://tools.ietf.org/html/rfc6455
|
|
"""
|
|
|
|
from __future__ import absolute_import
|
|
import base64
|
|
import logging
|
|
import os
|
|
import re
|
|
from hashlib import sha1
|
|
|
|
from mod_pywebsocket import common
|
|
from mod_pywebsocket.extensions import get_extension_processor
|
|
from mod_pywebsocket.handshake._base import check_request_line
|
|
from mod_pywebsocket.handshake._base import format_header
|
|
from mod_pywebsocket.handshake._base import get_mandatory_header
|
|
from mod_pywebsocket.handshake._base import HandshakeException
|
|
from mod_pywebsocket.handshake._base import parse_token_list
|
|
from mod_pywebsocket.handshake._base import validate_mandatory_header
|
|
from mod_pywebsocket.handshake._base import validate_subprotocol
|
|
from mod_pywebsocket.handshake._base import VersionException
|
|
from mod_pywebsocket.stream import Stream
|
|
from mod_pywebsocket.stream import StreamOptions
|
|
from mod_pywebsocket import util
|
|
from six.moves import map
|
|
from six.moves import range
|
|
|
|
# Used to validate the value in the Sec-WebSocket-Key header strictly. RFC 4648
|
|
# disallows non-zero padding, so the character right before == must be any of
|
|
# A, Q, g and w.
|
|
_SEC_WEBSOCKET_KEY_REGEX = re.compile('^[+/0-9A-Za-z]{21}[AQgw]==$')
|
|
|
|
# Defining aliases for values used frequently.
|
|
_VERSION_LATEST = common.VERSION_HYBI_LATEST
|
|
_VERSION_LATEST_STRING = str(_VERSION_LATEST)
|
|
_SUPPORTED_VERSIONS = [
|
|
_VERSION_LATEST,
|
|
]
|
|
|
|
|
|
def compute_accept(key):
|
|
"""Computes value for the Sec-WebSocket-Accept header from value of the
|
|
Sec-WebSocket-Key header.
|
|
"""
|
|
|
|
accept_binary = sha1(key + common.WEBSOCKET_ACCEPT_UUID).digest()
|
|
accept = base64.b64encode(accept_binary)
|
|
|
|
return accept
|
|
|
|
|
|
def compute_accept_from_unicode(unicode_key):
|
|
"""A wrapper function for compute_accept which takes a unicode string as an
|
|
argument, and encodes it to byte string. It then passes it on to
|
|
compute_accept.
|
|
"""
|
|
|
|
key = unicode_key.encode('UTF-8')
|
|
return compute_accept(key)
|
|
|
|
|
|
class Handshaker(object):
|
|
"""Opening handshake processor for the WebSocket protocol (RFC 6455)."""
|
|
def __init__(self, request, dispatcher):
|
|
"""Construct an instance.
|
|
|
|
Args:
|
|
request: mod_python request.
|
|
dispatcher: Dispatcher (dispatch.Dispatcher).
|
|
|
|
Handshaker will add attributes such as ws_resource during handshake.
|
|
"""
|
|
|
|
self._logger = util.get_class_logger(self)
|
|
|
|
self._request = request
|
|
self._dispatcher = dispatcher
|
|
|
|
def _validate_connection_header(self):
|
|
connection = get_mandatory_header(self._request,
|
|
common.CONNECTION_HEADER)
|
|
|
|
try:
|
|
connection_tokens = parse_token_list(connection)
|
|
except HandshakeException as e:
|
|
raise HandshakeException('Failed to parse %s: %s' %
|
|
(common.CONNECTION_HEADER, e))
|
|
|
|
connection_is_valid = False
|
|
for token in connection_tokens:
|
|
if token.lower() == common.UPGRADE_CONNECTION_TYPE.lower():
|
|
connection_is_valid = True
|
|
break
|
|
if not connection_is_valid:
|
|
raise HandshakeException(
|
|
'%s header doesn\'t contain "%s"' %
|
|
(common.CONNECTION_HEADER, common.UPGRADE_CONNECTION_TYPE))
|
|
|
|
def do_handshake(self):
|
|
self._request.ws_close_code = None
|
|
self._request.ws_close_reason = None
|
|
|
|
# Parsing.
|
|
|
|
check_request_line(self._request)
|
|
|
|
validate_mandatory_header(self._request, common.UPGRADE_HEADER,
|
|
common.WEBSOCKET_UPGRADE_TYPE)
|
|
|
|
self._validate_connection_header()
|
|
|
|
self._request.ws_resource = self._request.uri
|
|
|
|
unused_host = get_mandatory_header(self._request, common.HOST_HEADER)
|
|
|
|
self._request.ws_version = self._check_version()
|
|
|
|
try:
|
|
self._get_origin()
|
|
self._set_protocol()
|
|
self._parse_extensions()
|
|
|
|
# Key validation, response generation.
|
|
|
|
key = self._get_key()
|
|
accept = compute_accept(key)
|
|
self._logger.debug('%s: %r (%s)',
|
|
common.SEC_WEBSOCKET_ACCEPT_HEADER, accept,
|
|
util.hexify(base64.b64decode(accept)))
|
|
|
|
self._logger.debug('Protocol version is RFC 6455')
|
|
|
|
# Setup extension processors.
|
|
|
|
processors = []
|
|
if self._request.ws_requested_extensions is not None:
|
|
for extension_request in self._request.ws_requested_extensions:
|
|
processor = get_extension_processor(extension_request)
|
|
# Unknown extension requests are just ignored.
|
|
if processor is not None:
|
|
processors.append(processor)
|
|
self._request.ws_extension_processors = processors
|
|
|
|
# List of extra headers. The extra handshake handler may add header
|
|
# data as name/value pairs to this list and pywebsocket appends
|
|
# them to the WebSocket handshake.
|
|
self._request.extra_headers = []
|
|
|
|
# Extra handshake handler may modify/remove processors.
|
|
self._dispatcher.do_extra_handshake(self._request)
|
|
processors = [
|
|
processor
|
|
for processor in self._request.ws_extension_processors
|
|
if processor is not None
|
|
]
|
|
|
|
# Ask each processor if there are extensions on the request which
|
|
# cannot co-exist. When processor decided other processors cannot
|
|
# co-exist with it, the processor marks them (or itself) as
|
|
# "inactive". The first extension processor has the right to
|
|
# make the final call.
|
|
for processor in reversed(processors):
|
|
if processor.is_active():
|
|
processor.check_consistency_with_other_processors(
|
|
processors)
|
|
processors = [
|
|
processor for processor in processors if processor.is_active()
|
|
]
|
|
|
|
accepted_extensions = []
|
|
|
|
stream_options = StreamOptions()
|
|
|
|
for index, processor in enumerate(processors):
|
|
if not processor.is_active():
|
|
continue
|
|
|
|
extension_response = processor.get_extension_response()
|
|
if extension_response is None:
|
|
# Rejected.
|
|
continue
|
|
|
|
accepted_extensions.append(extension_response)
|
|
|
|
processor.setup_stream_options(stream_options)
|
|
|
|
# Inactivate all of the following compression extensions.
|
|
for j in range(index + 1, len(processors)):
|
|
processors[j].set_active(False)
|
|
|
|
if len(accepted_extensions) > 0:
|
|
self._request.ws_extensions = accepted_extensions
|
|
self._logger.debug(
|
|
'Extensions accepted: %r',
|
|
list(
|
|
map(common.ExtensionParameter.name,
|
|
accepted_extensions)))
|
|
else:
|
|
self._request.ws_extensions = None
|
|
|
|
self._request.ws_stream = self._create_stream(stream_options)
|
|
|
|
if self._request.ws_requested_protocols is not None:
|
|
if self._request.ws_protocol is None:
|
|
raise HandshakeException(
|
|
'do_extra_handshake must choose one subprotocol from '
|
|
'ws_requested_protocols and set it to ws_protocol')
|
|
validate_subprotocol(self._request.ws_protocol)
|
|
|
|
self._logger.debug('Subprotocol accepted: %r',
|
|
self._request.ws_protocol)
|
|
else:
|
|
if self._request.ws_protocol is not None:
|
|
raise HandshakeException(
|
|
'ws_protocol must be None when the client didn\'t '
|
|
'request any subprotocol')
|
|
|
|
self._send_handshake(accept)
|
|
except HandshakeException as e:
|
|
if not e.status:
|
|
# Fallback to 400 bad request by default.
|
|
e.status = common.HTTP_STATUS_BAD_REQUEST
|
|
raise e
|
|
|
|
def _get_origin(self):
|
|
origin_header = common.ORIGIN_HEADER
|
|
origin = self._request.headers_in.get(origin_header)
|
|
if origin is None:
|
|
self._logger.debug('Client request does not have origin header')
|
|
self._request.ws_origin = origin
|
|
|
|
def _check_version(self):
|
|
version = get_mandatory_header(self._request,
|
|
common.SEC_WEBSOCKET_VERSION_HEADER)
|
|
if version == _VERSION_LATEST_STRING:
|
|
return _VERSION_LATEST
|
|
|
|
if version.find(',') >= 0:
|
|
raise HandshakeException(
|
|
'Multiple versions (%r) are not allowed for header %s' %
|
|
(version, common.SEC_WEBSOCKET_VERSION_HEADER),
|
|
status=common.HTTP_STATUS_BAD_REQUEST)
|
|
raise VersionException('Unsupported version %r for header %s' %
|
|
(version, common.SEC_WEBSOCKET_VERSION_HEADER),
|
|
supported_versions=', '.join(
|
|
map(str, _SUPPORTED_VERSIONS)))
|
|
|
|
def _set_protocol(self):
|
|
self._request.ws_protocol = None
|
|
# MOZILLA
|
|
self._request.sts = None
|
|
# /MOZILLA
|
|
|
|
protocol_header = self._request.headers_in.get(
|
|
common.SEC_WEBSOCKET_PROTOCOL_HEADER)
|
|
|
|
if protocol_header is None:
|
|
self._request.ws_requested_protocols = None
|
|
return
|
|
|
|
self._request.ws_requested_protocols = parse_token_list(
|
|
protocol_header)
|
|
self._logger.debug('Subprotocols requested: %r',
|
|
self._request.ws_requested_protocols)
|
|
|
|
def _parse_extensions(self):
|
|
extensions_header = self._request.headers_in.get(
|
|
common.SEC_WEBSOCKET_EXTENSIONS_HEADER)
|
|
if not extensions_header:
|
|
self._request.ws_requested_extensions = None
|
|
return
|
|
|
|
try:
|
|
self._request.ws_requested_extensions = common.parse_extensions(
|
|
extensions_header)
|
|
except common.ExtensionParsingException as e:
|
|
raise HandshakeException(
|
|
'Failed to parse Sec-WebSocket-Extensions header: %r' % e)
|
|
|
|
self._logger.debug(
|
|
'Extensions requested: %r',
|
|
list(
|
|
map(common.ExtensionParameter.name,
|
|
self._request.ws_requested_extensions)))
|
|
|
|
def _validate_key(self, key):
|
|
if key.find(',') >= 0:
|
|
raise HandshakeException('Request has multiple %s header lines or '
|
|
'contains illegal character \',\': %r' %
|
|
(common.SEC_WEBSOCKET_KEY_HEADER, key))
|
|
|
|
# Validate
|
|
key_is_valid = False
|
|
try:
|
|
# Validate key by quick regex match before parsing by base64
|
|
# module. Because base64 module skips invalid characters, we have
|
|
# to do this in advance to make this server strictly reject illegal
|
|
# keys.
|
|
if _SEC_WEBSOCKET_KEY_REGEX.match(key):
|
|
decoded_key = base64.b64decode(key)
|
|
if len(decoded_key) == 16:
|
|
key_is_valid = True
|
|
except TypeError as e:
|
|
pass
|
|
|
|
if not key_is_valid:
|
|
raise HandshakeException('Illegal value for header %s: %r' %
|
|
(common.SEC_WEBSOCKET_KEY_HEADER, key))
|
|
|
|
return decoded_key
|
|
|
|
def _get_key(self):
|
|
key = get_mandatory_header(self._request,
|
|
common.SEC_WEBSOCKET_KEY_HEADER)
|
|
|
|
decoded_key = self._validate_key(key)
|
|
|
|
self._logger.debug('%s: %r (%s)', common.SEC_WEBSOCKET_KEY_HEADER, key,
|
|
util.hexify(decoded_key))
|
|
|
|
return key.encode('UTF-8')
|
|
|
|
def _create_stream(self, stream_options):
|
|
return Stream(self._request, stream_options)
|
|
|
|
def _create_handshake_response(self, accept):
|
|
response = []
|
|
|
|
response.append(u'HTTP/1.1 101 Switching Protocols\r\n')
|
|
|
|
# WebSocket headers
|
|
response.append(
|
|
format_header(common.UPGRADE_HEADER,
|
|
common.WEBSOCKET_UPGRADE_TYPE))
|
|
response.append(
|
|
format_header(common.CONNECTION_HEADER,
|
|
common.UPGRADE_CONNECTION_TYPE))
|
|
response.append(
|
|
format_header(common.SEC_WEBSOCKET_ACCEPT_HEADER,
|
|
accept.decode('UTF-8')))
|
|
if self._request.ws_protocol is not None:
|
|
response.append(
|
|
format_header(common.SEC_WEBSOCKET_PROTOCOL_HEADER,
|
|
self._request.ws_protocol))
|
|
if (self._request.ws_extensions is not None
|
|
and len(self._request.ws_extensions) != 0):
|
|
response.append(
|
|
format_header(
|
|
common.SEC_WEBSOCKET_EXTENSIONS_HEADER,
|
|
common.format_extensions(self._request.ws_extensions)))
|
|
# MOZILLA
|
|
if self._request.sts is not None:
|
|
response.append(format_header("Strict-Transport-Security",
|
|
self._request.sts))
|
|
# /MOZILLA
|
|
|
|
# Headers not specific for WebSocket
|
|
for name, value in self._request.extra_headers:
|
|
response.append(format_header(name, value))
|
|
|
|
response.append(u'\r\n')
|
|
|
|
return u''.join(response)
|
|
|
|
def _send_handshake(self, accept):
|
|
raw_response = self._create_handshake_response(accept)
|
|
self._request.connection.write(raw_response.encode('UTF-8'))
|
|
self._logger.debug('Sent server\'s opening handshake: %r',
|
|
raw_response)
|
|
|
|
|
|
# vi:sts=4 sw=4 et
|