Update version for v2.3.0-rc0 release
[qemu-kvm.git] / ui / vnc-ws.c
blobd75950d7b1a6bb58f99fc551d7516428e027972f
1 /*
2 * QEMU VNC display driver: Websockets support
4 * Copyright (C) 2010 Joel Martin
5 * Copyright (C) 2012 Tim Hardeck
7 * This is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * This software is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this software; if not, see <http://www.gnu.org/licenses/>.
21 #include "vnc.h"
22 #include "qemu/main-loop.h"
24 #ifdef CONFIG_VNC_TLS
25 #include "qemu/sockets.h"
27 static void vncws_tls_handshake_io(void *opaque);
29 static int vncws_start_tls_handshake(struct VncState *vs)
31 int ret = gnutls_handshake(vs->ws_tls.session);
33 if (ret < 0) {
34 if (!gnutls_error_is_fatal(ret)) {
35 VNC_DEBUG("Handshake interrupted (blocking)\n");
36 if (!gnutls_record_get_direction(vs->ws_tls.session)) {
37 qemu_set_fd_handler(vs->csock, vncws_tls_handshake_io,
38 NULL, vs);
39 } else {
40 qemu_set_fd_handler(vs->csock, NULL, vncws_tls_handshake_io,
41 vs);
43 return 0;
45 VNC_DEBUG("Handshake failed %s\n", gnutls_strerror(ret));
46 vnc_client_error(vs);
47 return -1;
50 VNC_DEBUG("Handshake done, switching to TLS data mode\n");
51 vs->ws_tls.wiremode = VNC_WIREMODE_TLS;
52 qemu_set_fd_handler2(vs->csock, NULL, vncws_handshake_read, NULL, vs);
54 return 0;
57 static void vncws_tls_handshake_io(void *opaque)
59 struct VncState *vs = (struct VncState *)opaque;
61 VNC_DEBUG("Handshake IO continue\n");
62 vncws_start_tls_handshake(vs);
65 void vncws_tls_handshake_peek(void *opaque)
67 VncState *vs = opaque;
68 long ret;
70 if (!vs->ws_tls.session) {
71 char peek[4];
72 ret = qemu_recv(vs->csock, peek, sizeof(peek), MSG_PEEK);
73 if (ret && (strncmp(peek, "\x16", 1) == 0
74 || strncmp(peek, "\x80", 1) == 0)) {
75 VNC_DEBUG("TLS Websocket connection recognized");
76 vnc_tls_client_setup(vs, 1);
77 vncws_start_tls_handshake(vs);
78 } else {
79 vncws_handshake_read(vs);
81 } else {
82 qemu_set_fd_handler2(vs->csock, NULL, vncws_handshake_read, NULL, vs);
85 #endif /* CONFIG_VNC_TLS */
87 void vncws_handshake_read(void *opaque)
89 VncState *vs = opaque;
90 uint8_t *handshake_end;
91 long ret;
92 buffer_reserve(&vs->ws_input, 4096);
93 ret = vnc_client_read_buf(vs, buffer_end(&vs->ws_input), 4096);
95 if (!ret) {
96 if (vs->csock == -1) {
97 vnc_disconnect_finish(vs);
99 return;
101 vs->ws_input.offset += ret;
103 handshake_end = (uint8_t *)g_strstr_len((char *)vs->ws_input.buffer,
104 vs->ws_input.offset, WS_HANDSHAKE_END);
105 if (handshake_end) {
106 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs);
107 vncws_process_handshake(vs, vs->ws_input.buffer, vs->ws_input.offset);
108 buffer_advance(&vs->ws_input, handshake_end - vs->ws_input.buffer +
109 strlen(WS_HANDSHAKE_END));
114 long vnc_client_read_ws(VncState *vs)
116 int ret, err;
117 uint8_t *payload;
118 size_t payload_size, frame_size;
119 VNC_DEBUG("Read websocket %p size %zd offset %zd\n", vs->ws_input.buffer,
120 vs->ws_input.capacity, vs->ws_input.offset);
121 buffer_reserve(&vs->ws_input, 4096);
122 ret = vnc_client_read_buf(vs, buffer_end(&vs->ws_input), 4096);
123 if (!ret) {
124 return 0;
126 vs->ws_input.offset += ret;
128 /* make sure that nothing is left in the ws_input buffer */
129 do {
130 err = vncws_decode_frame(&vs->ws_input, &payload,
131 &payload_size, &frame_size);
132 if (err <= 0) {
133 return err;
136 buffer_reserve(&vs->input, payload_size);
137 buffer_append(&vs->input, payload, payload_size);
139 buffer_advance(&vs->ws_input, frame_size);
140 } while (vs->ws_input.offset > 0);
142 return ret;
145 long vnc_client_write_ws(VncState *vs)
147 long ret;
148 VNC_DEBUG("Write WS: Pending output %p size %zd offset %zd\n",
149 vs->output.buffer, vs->output.capacity, vs->output.offset);
150 vncws_encode_frame(&vs->ws_output, vs->output.buffer, vs->output.offset);
151 buffer_reset(&vs->output);
152 ret = vnc_client_write_buf(vs, vs->ws_output.buffer, vs->ws_output.offset);
153 if (!ret) {
154 return 0;
157 buffer_advance(&vs->ws_output, ret);
159 if (vs->ws_output.offset == 0) {
160 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs);
163 return ret;
166 static char *vncws_extract_handshake_entry(const char *handshake,
167 size_t handshake_len, const char *name)
169 char *begin, *end, *ret = NULL;
170 char *line = g_strdup_printf("%s%s: ", WS_HANDSHAKE_DELIM, name);
171 begin = g_strstr_len(handshake, handshake_len, line);
172 if (begin != NULL) {
173 begin += strlen(line);
174 end = g_strstr_len(begin, handshake_len - (begin - handshake),
175 WS_HANDSHAKE_DELIM);
176 if (end != NULL) {
177 ret = g_strndup(begin, end - begin);
180 g_free(line);
181 return ret;
184 static void vncws_send_handshake_response(VncState *vs, const char* key)
186 char combined_key[WS_CLIENT_KEY_LEN + WS_GUID_LEN + 1];
187 unsigned char hash[SHA1_DIGEST_LEN];
188 size_t hash_size = sizeof(hash);
189 char *accept = NULL, *response = NULL;
190 gnutls_datum_t in;
191 int ret;
193 g_strlcpy(combined_key, key, WS_CLIENT_KEY_LEN + 1);
194 g_strlcat(combined_key, WS_GUID, WS_CLIENT_KEY_LEN + WS_GUID_LEN + 1);
196 /* hash and encode it */
197 in.data = (void *)combined_key;
198 in.size = WS_CLIENT_KEY_LEN + WS_GUID_LEN;
199 ret = gnutls_fingerprint(GNUTLS_DIG_SHA1, &in, hash, &hash_size);
200 if (ret == GNUTLS_E_SUCCESS && hash_size <= SHA1_DIGEST_LEN) {
201 accept = g_base64_encode(hash, hash_size);
203 if (accept == NULL) {
204 VNC_DEBUG("Hashing Websocket combined key failed\n");
205 vnc_client_error(vs);
206 return;
209 response = g_strdup_printf(WS_HANDSHAKE, accept);
210 vnc_client_write_buf(vs, (const uint8_t *)response, strlen(response));
212 g_free(accept);
213 g_free(response);
215 vs->encode_ws = 1;
216 vnc_init_state(vs);
219 void vncws_process_handshake(VncState *vs, uint8_t *line, size_t size)
221 char *protocols = vncws_extract_handshake_entry((const char *)line, size,
222 "Sec-WebSocket-Protocol");
223 char *version = vncws_extract_handshake_entry((const char *)line, size,
224 "Sec-WebSocket-Version");
225 char *key = vncws_extract_handshake_entry((const char *)line, size,
226 "Sec-WebSocket-Key");
228 if (protocols && version && key
229 && g_strrstr(protocols, "binary")
230 && !strcmp(version, WS_SUPPORTED_VERSION)
231 && strlen(key) == WS_CLIENT_KEY_LEN) {
232 vncws_send_handshake_response(vs, key);
233 } else {
234 VNC_DEBUG("Defective Websockets header or unsupported protocol\n");
235 vnc_client_error(vs);
238 g_free(protocols);
239 g_free(version);
240 g_free(key);
243 void vncws_encode_frame(Buffer *output, const void *payload,
244 const size_t payload_size)
246 size_t header_size = 0;
247 unsigned char opcode = WS_OPCODE_BINARY_FRAME;
248 union {
249 char buf[WS_HEAD_MAX_LEN];
250 WsHeader ws;
251 } header;
253 if (!payload_size) {
254 return;
257 header.ws.b0 = 0x80 | (opcode & 0x0f);
258 if (payload_size <= 125) {
259 header.ws.b1 = (uint8_t)payload_size;
260 header_size = 2;
261 } else if (payload_size < 65536) {
262 header.ws.b1 = 0x7e;
263 header.ws.u.s16.l16 = cpu_to_be16((uint16_t)payload_size);
264 header_size = 4;
265 } else {
266 header.ws.b1 = 0x7f;
267 header.ws.u.s64.l64 = cpu_to_be64(payload_size);
268 header_size = 10;
271 buffer_reserve(output, header_size + payload_size);
272 buffer_append(output, header.buf, header_size);
273 buffer_append(output, payload, payload_size);
276 int vncws_decode_frame(Buffer *input, uint8_t **payload,
277 size_t *payload_size, size_t *frame_size)
279 unsigned char opcode = 0, fin = 0, has_mask = 0;
280 size_t header_size = 0;
281 uint32_t *payload32;
282 WsHeader *header = (WsHeader *)input->buffer;
283 WsMask mask;
284 int i;
286 if (input->offset < WS_HEAD_MIN_LEN + 4) {
287 /* header not complete */
288 return 0;
291 fin = (header->b0 & 0x80) >> 7;
292 opcode = header->b0 & 0x0f;
293 has_mask = (header->b1 & 0x80) >> 7;
294 *payload_size = header->b1 & 0x7f;
296 if (opcode == WS_OPCODE_CLOSE) {
297 /* disconnect */
298 return -1;
301 /* Websocket frame sanity check:
302 * * Websocket fragmentation is not supported.
303 * * All websockets frames sent by a client have to be masked.
304 * * Only binary encoding is supported.
306 if (!fin || !has_mask || opcode != WS_OPCODE_BINARY_FRAME) {
307 VNC_DEBUG("Received faulty/unsupported Websocket frame\n");
308 return -2;
311 if (*payload_size < 126) {
312 header_size = 6;
313 mask = header->u.m;
314 } else if (*payload_size == 126 && input->offset >= 8) {
315 *payload_size = be16_to_cpu(header->u.s16.l16);
316 header_size = 8;
317 mask = header->u.s16.m16;
318 } else if (*payload_size == 127 && input->offset >= 14) {
319 *payload_size = be64_to_cpu(header->u.s64.l64);
320 header_size = 14;
321 mask = header->u.s64.m64;
322 } else {
323 /* header not complete */
324 return 0;
327 *frame_size = header_size + *payload_size;
329 if (input->offset < *frame_size) {
330 /* frame not complete */
331 return 0;
334 *payload = input->buffer + header_size;
336 /* unmask frame */
337 /* process 1 frame (32 bit op) */
338 payload32 = (uint32_t *)(*payload);
339 for (i = 0; i < *payload_size / 4; i++) {
340 payload32[i] ^= mask.u;
342 /* process the remaining bytes (if any) */
343 for (i *= 4; i < *payload_size; i++) {
344 (*payload)[i] ^= mask.c[i % 4];
347 return 1;