diff --git a/include/asterisk/http_websocket.h b/include/asterisk/http_websocket.h
new file mode 100644
index 0000000000000000000000000000000000000000..35962c48b63e31ac56082b741d0e049c01acd04d
--- /dev/null
+++ b/include/asterisk/http_websocket.h
@@ -0,0 +1,280 @@
+/*
+ * Asterisk -- An open source telephony toolkit.
+ *
+ * Copyright (C) 2012, Digium, Inc.
+ *
+ * Joshua Colp <jcolp@digium.com>
+ *
+ * See http://www.asterisk.org for more information about
+ * the Asterisk project. Please do not directly contact
+ * any of the maintainers of this project for assistance;
+ * the project provides a web site, mailing lists and IRC
+ * channels for your use.
+ *
+ * This program is free software, distributed under the terms of
+ * the GNU General Public License Version 2. See the LICENSE file
+ * at the top of the source tree.
+ */
+
+#ifndef _ASTERISK_HTTP_WEBSOCKET_H
+#define _ASTERISK_HTTP_WEBSOCKET_H
+
+#include "asterisk/module.h"
+
+/*!
+ * \file http_websocket.h
+ * \brief Support for WebSocket connections within the Asterisk HTTP server.
+ *
+ * \author Joshua Colp <jcolp@digium.com>
+ *
+ */
+
+/*! \brief WebSocket operation codes */
+enum ast_websocket_opcode {
+ AST_WEBSOCKET_OPCODE_TEXT = 0x1, /*!< Text frame */
+ AST_WEBSOCKET_OPCODE_BINARY = 0x2, /*!< Binary frame */
+ AST_WEBSOCKET_OPCODE_PING = 0x9, /*!< Request that the other side respond with a pong */
+ AST_WEBSOCKET_OPCODE_PONG = 0xA, /*!< Response to a ping */
+ AST_WEBSOCKET_OPCODE_CLOSE = 0x8, /*!< Connection is being closed */
+ AST_WEBSOCKET_OPCODE_CONTINUATION = 0x0, /*!< Continuation of a previous frame */
+};
+
+/*!
+ * \brief Opaque structure for WebSocket sessions
+ */
+struct ast_websocket;
+
+/*!
+ * \brief Callback for when a new connection for a sub-protocol is established
+ *
+ * \param session A WebSocket session structure
+ * \param parameters Parameters extracted from the request URI
+ * \param headers Headers included in the request
+ *
+ * \note Once called the ownership of the session is transferred to the sub-protocol handler. It
+ * is responsible for closing and cleaning up.
+ *
+ */
+typedef void (*ast_websocket_callback)(struct ast_websocket *session, struct ast_variable *parameters, struct ast_variable *headers);
+
+/*!
+ * \brief Add a sub-protocol handler to the server
+ *
+ * \param name Name of the sub-protocol to register
+ * \param callback Callback called when a new connection requesting the sub-protocol is established
+ *
+ * \retval 0 success
+ * \retval -1 if sub-protocol handler could not be registered
+ */
+int ast_websocket_add_protocol(const char *name, ast_websocket_callback callback);
+
+/*!
+ * \brief Remove a sub-protocol handler from the server
+ *
+ * \param name Name of the sub-protocol to unregister
+ * \param callback Callback that was previously registered with the sub-protocol
+ *
+ * \retval 0 success
+ * \retval -1 if sub-protocol was not found or if callback did not match
+ */
+int ast_websocket_remove_protocol(const char *name, ast_websocket_callback callback);
+
+/*!
+ * \brief Read a WebSocket frame and handle it
+ *
+ * \param session Pointer to the WebSocket session
+ * \param payload Pointer to a char* which will be populated with a pointer to the payload if present
+ * \param payload_len Pointer to a uint64_t which will be populated with the length of the payload if present
+ * \param opcode Pointer to an enum which will be populated with the opcode of the frame
+ * \param fragmented Pointer to an int which is set to 1 if payload is fragmented and 0 if not
+ *
+ * \retval -1 on error
+ * \retval 0 on success
+ *
+ * \note Once an AST_WEBSOCKET_OPCODE_CLOSE opcode is received the socket will be closed
+ */
+int ast_websocket_read(struct ast_websocket *session, char **payload, uint64_t *payload_len, enum ast_websocket_opcode *opcode, int *fragmented);
+
+/*!
+ * \brief Construct and transmit a WebSocket frame
+ *
+ * \param session Pointer to the WebSocket session
+ * \param opcode WebSocket operation code to place in the frame
+ * \param payload Optional pointer to a payload to add to the frame
+ * \param actual_length Length of the payload (0 if no payload)
+ *
+ * \retval 0 if successfully written
+ * \retval -1 if error occurred
+ */
+int ast_websocket_write(struct ast_websocket *session, enum ast_websocket_opcode opcode, char *payload, uint64_t actual_length);
+
+/*!
+ * \brief Close a WebSocket session by sending a message with the CLOSE opcode and an optional code
+ *
+ * \param session Pointer to the WebSocket session
+ * \param reason Reason code for closing the session as defined in the RFC
+ *
+ * \retval 0 if successfully written
+ * \retval -1 if error occurred
+ */
+int ast_websocket_close(struct ast_websocket *session, uint16_t reason);
+
+/*!
+ * \brief Enable multi-frame reconstruction up to a certain number of bytes
+ *
+ * \param session Pointer to the WebSocket session
+ * \param bytes If a reconstructed payload exceeds the specified number of bytes the payload will be returned
+ * and upon reception of the next multi-frame a new reconstructed payload will begin.
+ */
+void ast_websocket_reconstruct_enable(struct ast_websocket *session, size_t bytes);
+
+/*!
+ * \brief Disable multi-frame reconstruction
+ *
+ * \param session Pointer to the WebSocket session
+ *
+ * \note If reconstruction is disabled each message that is part of a multi-frame message will be sent up to
+ * the user when ast_websocket_read is called.
+ */
+void ast_websocket_reconstruct_disable(struct ast_websocket *session);
+
+/*!
+ * \brief Increase the reference count for a WebSocket session
+ *
+ * \param session Pointer to the WebSocket session
+ */
+void ast_websocket_ref(struct ast_websocket *session);
+
+/*!
+ * \brief Decrease the reference count for a WebSocket session
+ *
+ * \param session Pointer to the WebSocket session
+ */
+void ast_websocket_unref(struct ast_websocket *session);
+
+/*!
+ * \brief Get the file descriptor for a WebSocket session.
+ *
+ * \retval file descriptor
+ *
+ * \note You must *not* directly read from or write to this file descriptor. It should only be used for polling.
+ */
+int ast_websocket_fd(struct ast_websocket *session);
+
+/*!
+ * \brief Get the remote address for a WebSocket connected session.
+ *
+ * \retval ast_sockaddr Remote address
+ */
+struct ast_sockaddr *ast_websocket_remote_address(struct ast_websocket *session);
+
+/*!
+ * \brief Get whether the WebSocket session is using a secure transport or not.
+ *
+ * \retval 0 if unsecure
+ * \retval 1 if secure
+ */
+int ast_websocket_is_secure(struct ast_websocket *session);
+
+#endif /* _ASTERISK_HTTP_WEBSOCKET_H */
+/*
+ * Asterisk -- An open source telephony toolkit.
+ *
+ * Copyright (C) 2012, Digium, Inc.
+ *
+ * Joshua Colp <jcolp@digium.com>
+ *
+ * See http://www.asterisk.org for more information about
+ * the Asterisk project. Please do not directly contact
+ * any of the maintainers of this project for assistance;
+ * the project provides a web site, mailing lists and IRC
+ * channels for your use.
+ *
+ * This program is free software, distributed under the terms of
+ * the GNU General Public License Version 2. See the LICENSE file
+ * at the top of the source tree.
+ */
+
+#ifndef _ASTERISK_HTTP_WEBSOCKET_H
+#define _ASTERISK_HTTP_WEBSOCKET_H
+
+#include "asterisk/module.h"
+
+/*!
+ * \file http_websocket.h
+ * \brief Support for WebSocket connections within the Asterisk HTTP server.
+ *
+ * \author Joshua Colp <jcolp@digium.com>
+ *
+ */
+
+/*! \brief WebSocket operation codes */
+enum ast_websocket_opcode {
+ AST_WEBSOCKET_OPCODE_TEXT = 0x1, /*!< Text frame */
+ AST_WEBSOCKET_OPCODE_BINARY = 0x2, /*!< Binary frame */
+ AST_WEBSOCKET_OPCODE_PING = 0x9, /*!< Request that the other side respond with a pong */
+ AST_WEBSOCKET_OPCODE_PONG = 0xA, /*!< Response to a ping */
+ AST_WEBSOCKET_OPCODE_CLOSE = 0x8, /*!< Connection is being closed */
+ AST_WEBSOCKET_OPCODE_CONTINUATION = 0x0, /*!< Continuation of a previous frame */
+};
+
+/*!
+ * \brief Callback for when a new connection for a sub-protocol is established
+ *
+ * \param f Pointer to the file instance for the session
+ * \param fd File descriptor for the session
+ * \param remote_address The address of the remote party
+ *
+ * \note Once called the ownership of the session is transferred to the sub-protocol handler. It
+ * is responsible for closing and cleaning up.
+ *
+ */
+typedef void (*ast_websocket_callback)(FILE *f, int fd, struct ast_sockaddr *remote_address);
+
+/*!
+ * \brief Add a sub-protocol handler to the server
+ *
+ * \param name Name of the sub-protocol to register
+ * \param callback Callback called when a new connection requesting the sub-protocol is established
+ *
+ * \retval 0 success
+ * \retval -1 if sub-protocol handler could not be registered
+ */
+int ast_websocket_add_protocol(char *name, ast_websocket_callback callback);
+
+/*!
+ * \brief Remove a sub-protocol handler from the server
+ *
+ * \param name Name of the sub-protocol to unregister
+ * \param callback Callback that was previously registered with the sub-protocol
+ *
+ * \retval 0 success
+ * \retval -1 if sub-protocol was not found or if callback did not match
+ */
+int ast_websocket_remove_protocol(char *name, ast_websocket_callback callback);
+
+/*!
+ * \brief Read a WebSocket frame and handle it
+ *
+ * \param f Pointer to the file stream, used to respond to certain frames
+ * \param buf Pointer to the buffer containing the frame
+ * \param buflen Size of the buffer
+ * \param payload_len Pointer to a uint64_t which will be populated with the length of the payload if present
+ * \param opcode Pointer to an int which will be populated with the opcode of the frame
+ *
+ * \retval NULL if no payload is present
+ * \retval non-NULL if payload is present, returned pointer points to beginning of payload
+ */
+char *ast_websocket_read(FILE *f, char *buf, size_t buflen, uint64_t *payload_len, int *opcode);
+
+/*!
+ * \brief Construct and transmit a WebSocket frame
+ *
+ * \param f Pointer to the file stream which the frame will be sent on
+ * \param opcode WebSocket operation code to place in the frame
+ * \param payload Optional pointer to a payload to add to the frame
+ * \param actual_length Length of the payload (0 if no payload)
+ */
+void ast_websocket_write(FILE *f, int op_code, char *payload, uint64_t actual_length);
+
+#endif /* _ASTERISK_HTTP_WEBSOCKET_H */
diff --git a/include/asterisk/utils.h b/include/asterisk/utils.h
index 4ebd3ead83462cecba22e409cd1f040a8655a0d2..a7e01153b4d01796d0db2228c33caa6fac8b0558 100644
--- a/include/asterisk/utils.h
+++ b/include/asterisk/utils.h
@@ -219,6 +219,8 @@ struct hostent *ast_gethostbyname(const char *host, struct ast_hostent *hp);
void ast_md5_hash(char *output, const char *input);
/*! \brief Produces SHA1 hash based on input string */
void ast_sha1_hash(char *output, const char *input);
+/*! \brief Produces SHA1 hash based on input string, stored in uint8_t array */
+void ast_sha1_hash_uint(uint8_t *digest, const char *input);
int ast_base64encode_full(char *dst, const unsigned char *src, int srclen, int max, int linebreaks);
diff --git a/main/utils.c b/main/utils.c
index 379a179959e01ce7f6563b7aae48eca969930ce6..9bdf74f19171ac25e79ea24e449615a06ff1615a 100644
--- a/main/utils.c
+++ b/main/utils.c
@@ -270,6 +270,18 @@ void ast_sha1_hash(char *output, const char *input)
ptr += sprintf(ptr, "%2.2x", Message_Digest[x]);
}
+/*! \brief Produce a 20 byte SHA1 hash of value. */
+void ast_sha1_hash_uint(uint8_t *digest, const char *input)
+{
+ struct SHA1Context sha;
+
+ SHA1Reset(&sha);
+
+ SHA1Input(&sha, (const unsigned char *) input, strlen(input));
+
+ SHA1Result(&sha, digest);
+}
+
/*! \brief decode BASE64 encoded text */
int ast_base64decode(unsigned char *dst, const char *src, int max)
{
diff --git a/res/res_http_websocket.c b/res/res_http_websocket.c
new file mode 100644
index 0000000000000000000000000000000000000000..db98ca7d606f6333f3351b211f8c59bc9689fe27
--- /dev/null
+++ b/res/res_http_websocket.c
@@ -0,0 +1,662 @@
+/*
+ * Asterisk -- An open source telephony toolkit.
+ *
+ * Copyright (C) 2012, Digium, Inc.
+ *
+ * Joshua Colp <jcolp@digium.com>
+ *
+ * See http://www.asterisk.org for more information about
+ * the Asterisk project. Please do not directly contact
+ * any of the maintainers of this project for assistance;
+ * the project provides a web site, mailing lists and IRC
+ * channels for your use.
+ *
+ * This program is free software, distributed under the terms of
+ * the GNU General Public License Version 2. See the LICENSE file
+ * at the top of the source tree.
+ */
+
+/*! \file
+ *
+ * \brief WebSocket support for the Asterisk internal HTTP server
+ *
+ * \author Joshua Colp <jcolp@digium.com>
+ */
+
+/*** MODULEINFO
+ <support_level>extended</support_level>
+ ***/
+
+#include "asterisk.h"
+
+ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
+
+#include "asterisk/module.h"
+#include "asterisk/http.h"
+#include "asterisk/astobj2.h"
+#include "asterisk/strings.h"
+#include "asterisk/file.h"
+#include "asterisk/unaligned.h"
+#include "asterisk/http_websocket.h"
+
+/*! \brief GUID used to compute the accept key, defined in the specifications */
+#define WEBSOCKET_GUID "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
+
+/*! \brief Number of buckets for registered protocols */
+#define MAX_PROTOCOL_BUCKETS 7
+
+/*! \brief Size of the pre-determined buffer for WebSocket frames */
+#define MAXIMUM_FRAME_SIZE 8192
+
+/*! \brief Default reconstruction size for multi-frame payload reconstruction. If exceeded the next frame will start a
+ * payload.
+ */
+#define DEFAULT_RECONSTRUCTION_CEILING 16384
+
+/*! \brief Maximum reconstruction size for multi-frame payload reconstruction. */
+#define MAXIMUM_RECONSTRUCTION_CEILING 16384
+
+/*! \brief Structure definition for session */
+struct ast_websocket {
+ FILE *f; /*!< Pointer to the file instance used for writing and reading */
+ int fd; /*!< File descriptor for the session, only used for polling */
+ struct ast_sockaddr address; /*!< Address of the remote client */
+ enum ast_websocket_opcode opcode; /*!< Cached opcode for multi-frame messages */
+ size_t payload_len; /*!< Length of the payload */
+ char *payload; /*!< Pointer to the payload */
+ size_t reconstruct; /*!< Number of bytes before a reconstructed payload will be returned and a new one started */
+ unsigned int secure:1; /*!< Bit to indicate that the transport is secure */
+ unsigned int closing:1; /*!< Bit to indicate that the session is in the process of being closed */
+};
+
+/*! \brief Structure definition for protocols */
+struct websocket_protocol {
+ char *name; /*!< Name of the protocol */
+ ast_websocket_callback callback; /*!< Callback called when a new session is established */
+};
+
+/*! \brief Container for registered protocols */
+static struct ao2_container *protocols;
+
+/*! \brief Hashing function for protocols */
+static int protocol_hash_fn(const void *obj, const int flags)
+{
+ const struct websocket_protocol *protocol = obj;
+ const char *name = obj;
+
+ return ast_str_case_hash(flags & OBJ_KEY ? name : protocol->name);
+}
+
+/*! \brief Comparison function for protocols */
+static int protocol_cmp_fn(void *obj, void *arg, int flags)
+{
+ const struct websocket_protocol *protocol1 = obj, *protocol2 = arg;
+ const char *protocol = arg;
+
+ return !strcasecmp(protocol1->name, flags & OBJ_KEY ? protocol : protocol2->name) ? CMP_MATCH | CMP_STOP : 0;
+}
+
+/*! \brief Destructor function for protocols */
+static void protocol_destroy_fn(void *obj)
+{
+ struct websocket_protocol *protocol = obj;
+ ast_free(protocol->name);
+}
+
+/*! \brief Destructor function for sessions */
+static void session_destroy_fn(void *obj)
+{
+ struct ast_websocket *session = obj;
+
+ if (session->f) {
+ fclose(session->f);
+ ast_verb(2, "WebSocket connection from '%s' closed\n", ast_sockaddr_stringify(&session->address));
+ }
+
+ ast_free(session->payload);
+}
+
+int ast_websocket_add_protocol(const char *name, ast_websocket_callback callback)
+{
+ struct websocket_protocol *protocol;
+
+ ao2_lock(protocols);
+
+ /* Ensure a second protocol handler is not registered for the same protocol */
+ if ((protocol = ao2_find(protocols, name, OBJ_KEY | OBJ_NOLOCK))) {
+ ao2_ref(protocol, -1);
+ ao2_unlock(protocols);
+ return -1;
+ }
+
+ if (!(protocol = ao2_alloc(sizeof(*protocol), protocol_destroy_fn))) {
+ ao2_unlock(protocols);
+ return -1;
+ }
+
+ if (!(protocol->name = ast_strdup(name))) {
+ ao2_ref(protocol, -1);
+ ao2_unlock(protocols);
+ return -1;
+ }
+
+ protocol->callback = callback;
+
+ ao2_link_flags(protocols, protocol, OBJ_NOLOCK);
+ ao2_unlock(protocols);
+ ao2_ref(protocol, -1);
+
+ ast_verb(2, "WebSocket registered sub-protocol '%s'\n", name);
+
+ return 0;
+}
+
+int ast_websocket_remove_protocol(const char *name, ast_websocket_callback callback)
+{
+ struct websocket_protocol *protocol;
+
+ if (!(protocol = ao2_find(protocols, name, OBJ_KEY))) {
+ return -1;
+ }
+
+ if (protocol->callback != callback) {
+ ao2_ref(protocol, -1);
+ return -1;
+ }
+
+ ao2_unlink(protocols, protocol);
+ ao2_ref(protocol, -1);
+
+ ast_verb(2, "WebSocket unregistered sub-protocol '%s'\n", name);
+
+ return 0;
+}
+
+/*! \brief Close function for websocket session */
+int ast_websocket_close(struct ast_websocket *session, uint16_t reason)
+{
+ char frame[4] = { 0, }; /* The header is 2 bytes and the reason code takes up another 2 bytes */
+
+ frame[0] = AST_WEBSOCKET_OPCODE_CLOSE | 0x80;
+ frame[1] = 2; /* The reason code is always 2 bytes */
+
+ /* If no reason has been specified assume 1000 which is normal closure */
+ put_unaligned_uint16(&frame[2], htons(reason ? reason : 1000));
+
+ session->closing = 1;
+
+ return (fwrite(frame, 1, 4, session->f) == 4) ? 0 : -1;
+}
+
+
+/*! \brief Write function for websocket traffic */
+int ast_websocket_write(struct ast_websocket *session, enum ast_websocket_opcode opcode, char *payload, uint64_t actual_length)
+{
+ size_t header_size = 2; /* The minimum size of a websocket frame is 2 bytes */
+ char *frame;
+ uint64_t length = 0;
+
+ if (actual_length < 126) {
+ length = actual_length;
+ } else if (actual_length < (1 << 16)) {
+ length = 126;
+ /* We need an additional 2 bytes to store the extended length */
+ header_size += 2;
+ } else {
+ length = 127;
+ /* We need an additional 8 bytes to store the really really extended length */
+ header_size += 8;
+ }
+
+ frame = alloca(header_size);
+ memset(frame, 0, sizeof(*frame));
+
+ frame[0] = opcode | 0x80;
+ frame[1] = length;
+
+ /* Use the additional available bytes to store the length */
+ if (length == 126) {
+ put_unaligned_uint16(&frame[2], htons(actual_length));
+ } else if (length == 127) {
+ put_unaligned_uint64(&frame[2], htonl(actual_length));
+ }
+
+ if (fwrite(frame, 1, header_size, session->f) != header_size) {
+ return -1;
+ }
+
+ if (fwrite(payload, 1, actual_length, session->f) != actual_length) {
+ return -1;
+ }
+
+ return 0;
+}
+
+void ast_websocket_reconstruct_enable(struct ast_websocket *session, size_t bytes)
+{
+ session->reconstruct = MIN(bytes, MAXIMUM_RECONSTRUCTION_CEILING);
+}
+
+void ast_websocket_reconstruct_disable(struct ast_websocket *session)
+{
+ session->reconstruct = 0;
+}
+
+void ast_websocket_ref(struct ast_websocket *session)
+{
+ ao2_ref(session, +1);
+}
+
+void ast_websocket_unref(struct ast_websocket *session)
+{
+ ao2_ref(session, -1);
+}
+
+int ast_websocket_fd(struct ast_websocket *session)
+{
+ return session->closing ? -1 : session->fd;
+}
+
+struct ast_sockaddr *ast_websocket_remote_address(struct ast_websocket *session)
+{
+ return &session->address;
+}
+
+int ast_websocket_is_secure(struct ast_websocket *session)
+{
+ return session->secure;
+}
+
+int ast_websocket_read(struct ast_websocket *session, char **payload, uint64_t *payload_len, enum ast_websocket_opcode *opcode, int *fragmented)
+{
+ char buf[MAXIMUM_FRAME_SIZE] = "";
+ size_t frame_size, expected = 2;
+
+ *payload = NULL;
+ *payload_len = 0;
+ *fragmented = 0;
+
+ /* We try to read in 14 bytes, which is the largest possible WebSocket header */
+ if ((frame_size = fread(&buf, 1, 14, session->f)) < 1) {
+ return -1;
+ }
+
+ /* The minimum size for a WebSocket frame is 2 bytes */
+ if (frame_size < expected) {
+ return -1;
+ }
+
+ *opcode = buf[0] & 0xf;
+
+ if (*opcode == AST_WEBSOCKET_OPCODE_TEXT || *opcode == AST_WEBSOCKET_OPCODE_BINARY || *opcode == AST_WEBSOCKET_OPCODE_CONTINUATION ||
+ *opcode == AST_WEBSOCKET_OPCODE_PING || *opcode == AST_WEBSOCKET_OPCODE_PONG) {
+ int fin = (buf[0] >> 7) & 1;
+ int mask_present = (buf[1] >> 7) & 1;
+ char *mask = NULL, *new_payload;
+ size_t remaining;
+
+ if (mask_present) {
+ /* The mask should take up 4 bytes */
+ expected += 4;
+
+ if (frame_size < expected) {
+ /* Per the RFC 1009 means we received a message that was too large for us to process */
+ ast_websocket_close(session, 1009);
+ return 0;
+ }
+ }
+
+ /* Assume no extended length and no masking at the beginning */
+ *payload_len = buf[1] & 0x7f;
+ *payload = &buf[2];
+
+ /* Determine if extended length is being used */
+ if (*payload_len == 126) {
+ /* Use the next 2 bytes to get a uint16_t */
+ expected += 2;
+ *payload += 2;
+
+ if (frame_size < expected) {
+ ast_websocket_close(session, 1009);
+ return 0;
+ }
+
+ *payload_len = ntohs(get_unaligned_uint16(&buf[2]));
+ } else if (*payload_len == 127) {
+ /* Use the next 8 bytes to get a uint64_t */
+ expected += 8;
+ *payload += 8;
+
+ if (frame_size < expected) {
+ ast_websocket_close(session, 1009);
+ return 0;
+ }
+
+ *payload_len = ntohl(get_unaligned_uint64(&buf[2]));
+ }
+
+ /* If masking is present the payload currently points to the mask, so move it over 4 bytes to the actual payload */
+ if (mask_present) {
+ mask = *payload;
+ *payload += 4;
+ }
+
+ /* Determine how much payload we need to read in as we may have already read some in */
+ remaining = *payload_len - (frame_size - expected);
+
+ /* If how much payload they want us to read in exceeds what we are capable of close the session, things
+ * will fail no matter what most likely */
+ if (remaining > (MAXIMUM_FRAME_SIZE - frame_size)) {
+ ast_websocket_close(session, 1009);
+ return 0;
+ }
+
+ new_payload = *payload + (frame_size - expected);
+
+ /* Read in the remaining payload */
+ while (remaining > 0) {
+ size_t payload_read;
+
+ /* Wait for data to come in */
+ if (ast_wait_for_input(session->fd, -1) <= 0) {
+ *opcode = AST_WEBSOCKET_OPCODE_CLOSE;
+ *payload = NULL;
+ session->closing = 1;
+ return 0;
+ }
+
+ /* If some sort of failure occurs notify the caller */
+ if ((payload_read = fread(new_payload, 1, remaining, session->f)) < 1) {
+ return -1;
+ }
+
+ remaining -= payload_read;
+ new_payload += payload_read;
+ }
+
+ /* If a mask is present unmask the payload */
+ if (mask_present) {
+ unsigned int pos;
+ for (pos = 0; pos < *payload_len; pos++) {
+ (*payload)[pos] ^= mask[pos % 4];
+ }
+ }
+
+ if (!(new_payload = ast_realloc(session->payload, session->payload_len + *payload_len))) {
+ *payload_len = 0;
+ ast_websocket_close(session, 1009);
+ return 0;
+ }
+
+ /* Per the RFC for PING we need to send back an opcode with the application data as received */
+ if (*opcode == AST_WEBSOCKET_OPCODE_PING) {
+ ast_websocket_write(session, AST_WEBSOCKET_OPCODE_PONG, *payload, *payload_len);
+ }
+
+ session->payload = new_payload;
+ memcpy(session->payload + session->payload_len, *payload, *payload_len);
+ session->payload_len += *payload_len;
+
+ if (!fin && session->reconstruct && (session->payload_len < session->reconstruct)) {
+ /* If this is not a final message we need to defer returning it until later */
+ if (*opcode != AST_WEBSOCKET_OPCODE_CONTINUATION) {
+ session->opcode = *opcode;
+ }
+ *opcode = AST_WEBSOCKET_OPCODE_CONTINUATION;
+ *payload_len = 0;
+ *payload = NULL;
+ } else {
+ if (*opcode == AST_WEBSOCKET_OPCODE_CONTINUATION) {
+ if (!fin) {
+ /* If this was not actually the final message tell the user it is fragmented so they can deal with it accordingly */
+ *fragmented = 1;
+ } else {
+ /* Final frame in multi-frame so push up the actual opcode */
+ *opcode = session->opcode;
+ }
+ }
+ *payload_len = session->payload_len;
+ *payload = session->payload;
+ session->payload_len = 0;
+ }
+ } else if (*opcode == AST_WEBSOCKET_OPCODE_CLOSE) {
+ char *new_payload;
+
+ *payload_len = buf[1] & 0x7f;
+
+ /* Make the payload available so the user can look at the reason code if they so desire */
+ if ((*payload_len) && (new_payload = ast_realloc(session->payload, *payload_len))) {
+ session->payload = new_payload;
+ memcpy(session->payload, &buf[2], *payload_len);
+ *payload = session->payload;
+ }
+
+ if (!session->closing) {
+ ast_websocket_close(session, 0);
+ }
+
+ fclose(session->f);
+ session->f = NULL;
+ ast_verb(2, "WebSocket connection from '%s' closed\n", ast_sockaddr_stringify(&session->address));
+ } else {
+ /* We received an opcode that we don't understand, the RFC states that 1003 is for a type of data that can't be accepted... opcodes
+ * fit that, I think. */
+ ast_websocket_close(session, 1003);
+ }
+
+ return 0;
+}
+
+/*! \brief Callback that is executed everytime an HTTP request is received by this module */
+static int websocket_callback(struct ast_tcptls_session_instance *ser, const struct ast_http_uri *urih, const char *uri, enum ast_http_method method, struct ast_variable *get_vars, struct ast_variable *headers)
+{
+ struct ast_variable *v;
+ char *upgrade = NULL, *key = NULL, *key1 = NULL, *key2 = NULL, *protos = NULL, *requested_protocols = NULL, *protocol = NULL;
+ int version = 0, flags = 1;
+ struct websocket_protocol *protocol_handler = NULL;
+ struct ast_websocket *session;
+
+ /* Upgrade requests are only permitted on GET methods */
+ if (method != AST_HTTP_GET) {
+ ast_http_error(ser, 501, "Not Implemented", "Attempt to use unimplemented / unsupported method");
+ return -1;
+ }
+
+ /* Get the minimum headers required to satisfy our needs */
+ for (v = headers; v; v = v->next) {
+ if (!strcasecmp(v->name, "Upgrade")) {
+ upgrade = ast_strip(ast_strdupa(v->value));
+ } else if (!strcasecmp(v->name, "Sec-WebSocket-Key")) {
+ key = ast_strip(ast_strdupa(v->value));
+ } else if (!strcasecmp(v->name, "Sec-WebSocket-Key1")) {
+ key1 = ast_strip(ast_strdupa(v->value));
+ } else if (!strcasecmp(v->name, "Sec-WebSocket-Key2")) {
+ key2 = ast_strip(ast_strdupa(v->value));
+ } else if (!strcasecmp(v->name, "Sec-WebSocket-Protocol")) {
+ requested_protocols = ast_strip(ast_strdupa(v->value));
+ protos = ast_strdupa(requested_protocols);
+ } else if (!strcasecmp(v->name, "Sec-WebSocket-Version")) {
+ if (sscanf(v->value, "%30d", &version) != 1) {
+ version = 0;
+ }
+ }
+ }
+
+ /* If this is not a websocket upgrade abort */
+ if (!upgrade || strcasecmp(upgrade, "websocket")) {
+ ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - did not request WebSocket",
+ ast_sockaddr_stringify(&ser->remote_address));
+ ast_http_error(ser, 426, "Upgrade Required", NULL);
+ return -1;
+ } else if (ast_strlen_zero(requested_protocols)) {
+ ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - no protocols requested",
+ ast_sockaddr_stringify(&ser->remote_address));
+ fputs("HTTP/1.1 400 Bad Request\r\n"
+ "Sec-WebSocket-Version: 7, 8, 13\r\n\r\n", ser->f);
+ return -1;
+ } else if (key1 && key2) {
+ /* Specification defined in http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-76 and
+ * http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-00 -- not currently supported*/
+ ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - unsupported version '00/76' chosen",
+ ast_sockaddr_stringify(&ser->remote_address));
+ fputs("HTTP/1.1 400 Bad Request\r\n"
+ "Sec-WebSocket-Version: 7, 8, 13\r\n\r\n", ser->f);
+ return 0;
+ }
+
+ /* Iterate through the requested protocols trying to find one that we have a handler for */
+ while ((protocol = strsep(&requested_protocols, ","))) {
+ if ((protocol_handler = ao2_find(protocols, ast_strip(protocol), OBJ_KEY))) {
+ break;
+ }
+ }
+
+ /* If no protocol handler exists bump this back to the requester */
+ if (!protocol_handler) {
+ ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - no protocols out of '%s' supported\n",
+ ast_sockaddr_stringify(&ser->remote_address), protos);
+ fputs("HTTP/1.1 400 Bad Request\r\n"
+ "Sec-WebSocket-Version: 7, 8, 13\r\n\r\n", ser->f);
+ return 0;
+ }
+
+ /* Determine how to respond depending on the version */
+ if (version == 7 || version == 8 || version == 13) {
+ /* Version 7 defined in specification http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-07 */
+ /* Version 8 defined in specification http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-10 */
+ /* Version 13 defined in specification http://tools.ietf.org/html/rfc6455 */
+ char combined[strlen(key) + strlen(WEBSOCKET_GUID) + 1], base64[64];
+ uint8_t sha[20];
+
+ if (!(session = ao2_alloc(sizeof(*session), session_destroy_fn))) {
+ ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted",
+ ast_sockaddr_stringify(&ser->remote_address));
+ fputs("HTTP/1.1 400 Bad Request\r\n"
+ "Sec-WebSocket-Version: 7, 8, 13\r\n\r\n", ser->f);
+ ao2_ref(protocol_handler, -1);
+ return 0;
+ }
+
+ snprintf(combined, sizeof(combined), "%s%s", key, WEBSOCKET_GUID);
+ ast_sha1_hash_uint(sha, combined);
+ ast_base64encode(base64, (const unsigned char*)sha, 20, sizeof(base64));
+
+ fprintf(ser->f, "HTTP/1.1 101 Switching Protocols\r\n"
+ "Upgrade: %s\r\n"
+ "Connection: Upgrade\r\n"
+ "Sec-WebSocket-Accept: %s\r\n"
+ "Sec-WebSocket-Protocol: %s\r\n\r\n",
+ upgrade,
+ base64,
+ protocol);
+ } else {
+
+ /* Specification defined in http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-75 or completely unknown */
+ ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - unsupported version '%d' chosen",
+ ast_sockaddr_stringify(&ser->remote_address), version ? version : 75);
+ fputs("HTTP/1.1 400 Bad Request\r\n"
+ "Sec-WebSocket-Version: 7, 8, 13\r\n\r\n", ser->f);
+ ao2_ref(protocol_handler, -1);
+ return 0;
+ }
+
+ /* Enable keepalive on all sessions so the underlying user does not have to */
+ if (setsockopt(ser->fd, SOL_SOCKET, SO_KEEPALIVE, &flags, sizeof(flags))) {
+ ast_log(LOG_WARNING, "WebSocket connection from '%s' could not be accepted - failed to enable keepalive",
+ ast_sockaddr_stringify(&ser->remote_address));
+ fputs("HTTP/1.1 400 Bad Request\r\n"
+ "Sec-WebSocket-Version: 7, 8, 13\r\n\r\n", ser->f);
+ ao2_ref(session, -1);
+ ao2_ref(protocol_handler, -1);
+ return 0;
+ }
+
+ ast_verb(2, "WebSocket connection from '%s' for protocol '%s' accepted using version '%d'\n", ast_sockaddr_stringify(&ser->remote_address), protocol, version);
+
+ /* Populate the session with all the needed details */
+ session->f = ser->f;
+ session->fd = ser->fd;
+ ast_sockaddr_copy(&session->address, &ser->remote_address);
+ session->opcode = -1;
+ session->reconstruct = DEFAULT_RECONSTRUCTION_CEILING;
+ session->secure = ser->ssl ? 1 : 0;
+
+ /* Give up ownership of the socket and pass it to the protocol handler */
+ protocol_handler->callback(session, get_vars, headers);
+ ao2_ref(protocol_handler, -1);
+
+ /* By dropping the FILE* from the session it won't get closed when the HTTP server cleans up */
+ ser->f = NULL;
+
+ return 0;
+}
+
+static struct ast_http_uri websocketuri = {
+ .callback = websocket_callback,
+ .description = "Asterisk HTTP WebSocket",
+ .uri = "ws",
+ .has_subtree = 0,
+ .data = NULL,
+ .key = __FILE__,
+};
+
+/*! \brief Simple echo implementation which echoes received text and binary frames */
+static void websocket_echo_callback(struct ast_websocket *session, struct ast_variable *parameters, struct ast_variable *headers)
+{
+ int flags, res;
+
+ if ((flags = fcntl(ast_websocket_fd(session), F_GETFL)) == -1) {
+ goto end;
+ }
+
+ flags |= O_NONBLOCK;
+
+ if (fcntl(ast_websocket_fd(session), F_SETFL, flags) == -1) {
+ goto end;
+ }
+
+ while ((res = ast_wait_for_input(ast_websocket_fd(session), -1)) > 0) {
+ char *payload;
+ uint64_t payload_len;
+ enum ast_websocket_opcode opcode;
+ int fragmented;
+
+ if (ast_websocket_read(session, &payload, &payload_len, &opcode, &fragmented)) {
+ /* We err on the side of caution and terminate the session if any error occurs */
+ break;
+ }
+
+ if (opcode == AST_WEBSOCKET_OPCODE_TEXT || opcode == AST_WEBSOCKET_OPCODE_BINARY) {
+ ast_websocket_write(session, opcode, payload, payload_len);
+ } else if (opcode == AST_WEBSOCKET_OPCODE_CLOSE) {
+ break;
+ }
+ }
+
+end:
+ ast_websocket_unref(session);
+}
+
+static int load_module(void)
+{
+ protocols = ao2_container_alloc(MAX_PROTOCOL_BUCKETS, protocol_hash_fn, protocol_cmp_fn);
+ ast_http_uri_link(&websocketuri);
+ ast_websocket_add_protocol("echo", websocket_echo_callback);
+
+ return 0;
+}
+
+static int unload_module(void)
+{
+ ast_websocket_remove_protocol("echo", websocket_echo_callback);
+ ast_http_uri_unlink(&websocketuri);
+ ao2_ref(protocols, -1);
+
+ return 0;
+}
+
+AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_GLOBAL_SYMBOLS | AST_MODFLAG_LOAD_ORDER, "HTTP WebSocket Support",
+ .load = load_module,
+ .unload = unload_module,
+ .load_pri = AST_MODPRI_CHANNEL_DEPEND,
+ );
diff --git a/res/res_http_websocket.exports.in b/res/res_http_websocket.exports.in
new file mode 100644
index 0000000000000000000000000000000000000000..ceb804011c602efd08c67d48ba814ebcf4e686f0
--- /dev/null
+++ b/res/res_http_websocket.exports.in
@@ -0,0 +1,17 @@
+{
+ global:
+ LINKER_SYMBOL_PREFIXast_websocket_add_protocol;
+ LINKER_SYMBOL_PREFIXast_websocket_remove_protocol;
+ LINKER_SYMBOL_PREFIXast_websocket_read;
+ LINKER_SYMBOL_PREFIXast_websocket_write;
+ LINKER_SYMBOL_PREFIXast_websocket_close;
+ LINKER_SYMBOL_PREFIXast_websocket_reconstruct_enable;
+ LINKER_SYMBOL_PREFIXast_websocket_reconstruct_disable;
+ LINKER_SYMBOL_PREFIXast_websocket_ref;
+ LINKER_SYMBOL_PREFIXast_websocket_unref;
+ LINKER_SYMBOL_PREFIXast_websocket_fd;
+ LINKER_SYMBOL_PREFIXast_websocket_remote_address;
+ LINKER_SYMBOL_PREFIXast_websocket_is_secure;
+ local:
+ *;
+};