1 /*
2  * libwebsockets - small server side websockets and web server implementation
3  *
4  * Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
5  *
6  * Permission is hereby granted, free of charge, to any person obtaining a copy
7  * of this software and associated documentation files (the "Software"), to
8  * deal in the Software without restriction, including without limitation the
9  * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
10  * sell copies of the Software, and to permit persons to whom the Software is
11  * furnished to do so, subject to the following conditions:
12  *
13  * The above copyright notice and this permission notice shall be included in
14  * all copies or substantial portions of the Software.
15  *
16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
22  * IN THE SOFTWARE.
23  */
24 
25 /*! \defgroup client Client related functions
26  * ##Client releated functions
27  * \ingroup lwsapi
28  *
29  * */
30 ///@{
31 
32 /** enum lws_client_connect_ssl_connection_flags - flags that may be used
33  * with struct lws_client_connect_info ssl_connection member to control if
34  * and how SSL checks apply to the client connection being created
35  */
36 
37 enum lws_client_connect_ssl_connection_flags {
38 	LCCSCF_USE_SSL 				= (1 << 0),
39 	LCCSCF_ALLOW_SELFSIGNED			= (1 << 1),
40 	LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK	= (1 << 2),
41 	LCCSCF_ALLOW_EXPIRED			= (1 << 3),
42 	LCCSCF_ALLOW_INSECURE			= (1 << 4),
43 	LCCSCF_H2_QUIRK_NGHTTP2_END_STREAM	= (1 << 5),
44 	LCCSCF_H2_QUIRK_OVERFLOWS_TXCR		= (1 << 6),
45 	LCCSCF_H2_AUTH_BEARER			= (1 << 7),
46 	LCCSCF_H2_HEXIFY_AUTH_TOKEN		= (1 << 8),
47 	LCCSCF_H2_MANUAL_RXFLOW			= (1 << 9),
48 	LCCSCF_HTTP_MULTIPART_MIME		= (1 << 10),
49 	LCCSCF_HTTP_X_WWW_FORM_URLENCODED	= (1 << 11),
50 	LCCSCF_HTTP_NO_FOLLOW_REDIRECT		= (1 << 12),
51 
52 	LCCSCF_PIPELINE				= (1 << 16),
53 		/**< Serialize / pipeline multiple client connections
54 		 * on a single connection where possible.
55 		 *
56 		 * HTTP/1.0: possible if Keep-Alive: yes sent by server
57 		 * HTTP/1.1: always possible... uses pipelining
58 		 * HTTP/2:   always possible... uses parallel streams
59 		 */
60 	LCCSCF_MUXABLE_STREAM			= (1 << 17),
61 };
62 
63 /** struct lws_client_connect_info - parameters to connect with when using
64  *				    lws_client_connect_via_info() */
65 
66 struct lws_client_connect_info {
67 	struct lws_context *context;
68 	/**< lws context to create connection in */
69 	const char *address;
70 	/**< remote address to connect to */
71 	int port;
72 	/**< remote port to connect to */
73 	int ssl_connection;
74 	/**< 0, or a combination of LCCSCF_ flags */
75 	const char *path;
76 	/**< uri path */
77 	const char *host;
78 	/**< content of host header */
79 	const char *origin;
80 	/**< content of origin header */
81 	const char *protocol;
82 	/**< list of ws protocols we could accept */
83 	int ietf_version_or_minus_one;
84 	/**< deprecated: currently leave at 0 or -1 */
85 	void *userdata;
86 	/**< if non-NULL, use this as wsi user_data instead of malloc it */
87 	const void *client_exts;
88 	/**< UNUSED... provide in info.extensions at context creation time */
89 	const char *method;
90 	/**< if non-NULL, do this http method instead of ws[s] upgrade.
91 	 * use "GET" to be a simple http client connection.  "RAW" gets
92 	 * you a connected socket that lws itself will leave alone once
93 	 * connected. */
94 	struct lws *parent_wsi;
95 	/**< if another wsi is responsible for this connection, give it here.
96 	 * this is used to make sure if the parent closes so do any
97 	 * child connections first. */
98 	const char *uri_replace_from;
99 	/**< if non-NULL, when this string is found in URIs in
100 	 * text/html content-encoding, it's replaced with uri_replace_to */
101 	const char *uri_replace_to;
102 	/**< see uri_replace_from */
103 	struct lws_vhost *vhost;
104 	/**< vhost to bind to (used to determine related SSL_CTX) */
105 	struct lws **pwsi;
106 	/**< if not NULL, store the new wsi here early in the connection
107 	 * process.  Although we return the new wsi, the call to create the
108 	 * client connection does progress the connection somewhat and may
109 	 * meet an error that will result in the connection being scrubbed and
110 	 * NULL returned.  While the wsi exists though, he may process a
111 	 * callback like CLIENT_CONNECTION_ERROR with his wsi: this gives the
112 	 * user callback a way to identify which wsi it is that faced the error
113 	 * even before the new wsi is returned and even if ultimately no wsi
114 	 * is returned.
115 	 */
116 	const char *iface;
117 	/**< NULL to allow routing on any interface, or interface name or IP
118 	 * to bind the socket to */
119 	const char *local_protocol_name;
120 	/**< NULL: .protocol is used both to select the local protocol handler
121 	 *         to bind to and as the list of remote ws protocols we could
122 	 *         accept.
123 	 *   non-NULL: this protocol name is used to bind the connection to
124 	 *             the local protocol handler.  .protocol is used for the
125 	 *             list of remote ws protocols we could accept */
126 	const char *alpn;
127 	/**< NULL: allow lws default ALPN list, from vhost if present or from
128 	 *       list of roles built into lws
129 	 * non-NULL: require one from provided comma-separated list of alpn
130 	 *           tokens
131 	 */
132 
133 	struct lws_sequencer *seq;
134 	/**< NULL, or an lws_seq_t that wants to be given messages about
135 	 * this wsi's lifecycle as it connects, errors or closes.
136 	 */
137 
138 	void *opaque_user_data;
139 	/**< This data has no meaning to lws but is applied to the client wsi
140 	 *   and can be retrieved by user code with lws_get_opaque_user_data().
141 	 *   It's also provided with sequencer messages if the wsi is bound to
142 	 *   an lws_seq_t.
143 	 */
144 
145 	const lws_retry_bo_t *retry_and_idle_policy;
146 	/**< optional retry and idle policy to apply to this connection.
147 	 *   Currently only the idle parts are applied to the connection.
148 	 */
149 
150 	int		manual_initial_tx_credit;
151 	/**< if LCCSCF_H2_MANUAL_REFLOW is set, this becomes the initial tx
152 	 * credit for the stream.
153 	 */
154 
155 	uint8_t		sys_tls_client_cert;
156 	/**< 0 means no client cert.  1+ means apply lws_system client cert 0+
157 	 * to the client connection.
158 	 */
159 
160 #if defined(LWS_ROLE_MQTT)
161 	const lws_mqtt_client_connect_param_t *mqtt_cp;
162 #else
163 	void		*mqtt_cp;
164 #endif
165 
166 	/* Add new things just above here ---^
167 	 * This is part of the ABI, don't needlessly break compatibility
168 	 *
169 	 * The below is to ensure later library versions with new
170 	 * members added above will see 0 (default) even if the app
171 	 * was not built against the newer headers.
172 	 */
173 
174 	void *_unused[4]; /**< dummy */
175 };
176 
177 /**
178  * lws_client_connect_via_info() - Connect to another websocket server
179  * \param ccinfo: pointer to lws_client_connect_info struct
180  *
181  *	This function creates a connection to a remote server using the
182  *	information provided in ccinfo.
183  */
184 LWS_VISIBLE LWS_EXTERN struct lws *
185 lws_client_connect_via_info(const struct lws_client_connect_info *ccinfo);
186 
187 /**
188  * lws_init_vhost_client_ssl() - also enable client SSL on an existing vhost
189  *
190  * \param info: client ssl related info
191  * \param vhost: which vhost to initialize client ssl operations on
192  *
193  * You only need to call this if you plan on using SSL client connections on
194  * the vhost.  For non-SSL client connections, it's not necessary to call this.
195  *
196  * The following members of info are used during the call
197  *
198  *	 - options must have LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT set,
199  *	     otherwise the call does nothing
200  *	 - provided_client_ssl_ctx must be NULL to get a generated client
201  *	     ssl context, otherwise you can pass a prepared one in by setting it
202  *	 - ssl_cipher_list may be NULL or set to the client valid cipher list
203  *	 - ssl_ca_filepath may be NULL or client cert filepath
204  *	 - ssl_cert_filepath may be NULL or client cert filepath
205  *	 - ssl_private_key_filepath may be NULL or client cert private key
206  *
207  * You must create your vhost explicitly if you want to use this, so you have
208  * a pointer to the vhost.  Create the context first with the option flag
209  * LWS_SERVER_OPTION_EXPLICIT_VHOSTS and then call lws_create_vhost() with
210  * the same info struct.
211  */
212 LWS_VISIBLE LWS_EXTERN int
213 lws_init_vhost_client_ssl(const struct lws_context_creation_info *info,
214 			  struct lws_vhost *vhost);
215 /**
216  * lws_http_client_read() - consume waiting received http client data
217  *
218  * \param wsi: client connection
219  * \param buf: pointer to buffer pointer - fill with pointer to your buffer
220  * \param len: pointer to chunk length - fill with max length of buffer
221  *
222  * This is called when the user code is notified client http data has arrived.
223  * The user code may choose to delay calling it to consume the data, for example
224  * waiting until an onward connection is writeable.
225  *
226  * For non-chunked connections, up to len bytes of buf are filled with the
227  * received content.  len is set to the actual amount filled before return.
228  *
229  * For chunked connections, the linear buffer content contains the chunking
230  * headers and it cannot be passed in one lump.  Instead, this function will
231  * call back LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ with in pointing to the
232  * chunk start and len set to the chunk length.  There will be as many calls
233  * as there are chunks or partial chunks in the buffer.
234  */
235 LWS_VISIBLE LWS_EXTERN int
236 lws_http_client_read(struct lws *wsi, char **buf, int *len);
237 
238 /**
239  * lws_http_client_http_response() - get last HTTP response code
240  *
241  * \param wsi: client connection
242  *
243  * Returns the last server response code, eg, 200 for client http connections.
244  *
245  * You should capture this during the LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP
246  * callback, because after that the memory reserved for storing the related
247  * headers is freed and this value is lost.
248  */
249 LWS_VISIBLE LWS_EXTERN unsigned int
250 lws_http_client_http_response(struct lws *wsi);
251 
252 /**
253  * lws_tls_client_vhost_extra_cert_mem() - add more certs to vh client tls ctx
254  *
255  * \param vh: the vhost to give more client certs to
256  * \param der: pointer to der format additional cert
257  * \param der_len: size in bytes of der
258  *
259  * After the vhost is created with one cert for client verification, you
260  * can add additional, eg, intermediate, certs to the client tls context
261  * of the vhost, for use with validating the incoming server cert(s).
262  */
263 LWS_VISIBLE LWS_EXTERN int
264 lws_tls_client_vhost_extra_cert_mem(struct lws_vhost *vh,
265 		const uint8_t *der, size_t der_len);
266 
267 /**
268  * lws_client_http_body_pending() - control if client connection needs to send body
269  *
270  * \param wsi: client connection
271  * \param something_left_to_send: nonzero if need to send more body, 0 (default)
272  * 				if nothing more to send
273  *
274  * If you will send payload data with your HTTP client connection, eg, for POST,
275  * when you set the related http headers in
276  * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER callback you should also call
277  * this API with something_left_to_send nonzero, and call
278  * lws_callback_on_writable(wsi);
279  *
280  * After sending the headers, lws will call your callback with
281  * LWS_CALLBACK_CLIENT_HTTP_WRITEABLE reason when writable.  You can send the
282  * next part of the http body payload, calling lws_callback_on_writable(wsi);
283  * if there is more to come, or lws_client_http_body_pending(wsi, 0); to
284  * let lws know the last part is sent and the connection can move on.
285  */
286 LWS_VISIBLE LWS_EXTERN void
287 lws_client_http_body_pending(struct lws *wsi, int something_left_to_send);
288 
289 /**
290  * lws_client_http_multipart() - issue appropriate multipart header or trailer
291  *
292  * \param wsi: client connection
293  * \param name: multipart header name field, or NULL if end of multipart
294  * \param filename: multipart header filename field, or NULL if none
295  * \param content_type: multipart header content-type part, or NULL if none
296  * \param p: pointer to position in buffer
297  * \param end: end of buffer
298  *
299  * This issues a multipart mime boundary, or terminator if name = NULL.
300  *
301  * Returns 0 if OK or nonzero if couldn't fit in buffer
302  */
303 LWS_VISIBLE LWS_EXTERN int
304 lws_client_http_multipart(struct lws *wsi, const char *name,
305 			  const char *filename, const char *content_type,
306 			  char **p, char *end);
307 
308 /**
309  * lws_http_basic_auth_gen() - helper to encode client basic auth string
310  *
311  * \param user: user name
312  * \param pw: password
313  * \param buf: where to store base64 result
314  * \param len: max usable size of buf
315  *
316  * Encodes a username and password in Basic Auth format for use with the
317  * Authorization header.  On return, buf is filled with something like
318  * "Basic QWxhZGRpbjpPcGVuU2VzYW1l".
319  */
320 LWS_VISIBLE LWS_EXTERN int
321 lws_http_basic_auth_gen(const char *user, const char *pw, char *buf, size_t len);
322 
323 ///@}
324