client.go 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395
  1. // Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. package websocket
  5. import (
  6. "bytes"
  7. "context"
  8. "crypto/tls"
  9. "errors"
  10. "io"
  11. "io/ioutil"
  12. "net"
  13. "net/http"
  14. "net/http/httptrace"
  15. "net/url"
  16. "strings"
  17. "time"
  18. )
  19. // ErrBadHandshake is returned when the server response to opening handshake is
  20. // invalid.
  21. var ErrBadHandshake = errors.New("websocket: bad handshake")
  22. var errInvalidCompression = errors.New("websocket: invalid compression negotiation")
  23. // NewClient creates a new client connection using the given net connection.
  24. // The URL u specifies the host and request URI. Use requestHeader to specify
  25. // the origin (Origin), subprotocols (Sec-WebSocket-Protocol) and cookies
  26. // (Cookie). Use the response.Header to get the selected subprotocol
  27. // (Sec-WebSocket-Protocol) and cookies (Set-Cookie).
  28. //
  29. // If the WebSocket handshake fails, ErrBadHandshake is returned along with a
  30. // non-nil *http.Response so that callers can handle redirects, authentication,
  31. // etc.
  32. //
  33. // Deprecated: Use Dialer instead.
  34. func NewClient(netConn net.Conn, u *url.URL, requestHeader http.Header, readBufSize, writeBufSize int) (c *Conn, response *http.Response, err error) {
  35. d := Dialer{
  36. ReadBufferSize: readBufSize,
  37. WriteBufferSize: writeBufSize,
  38. NetDial: func(net, addr string) (net.Conn, error) {
  39. return netConn, nil
  40. },
  41. }
  42. return d.Dial(u.String(), requestHeader)
  43. }
  44. // A Dialer contains options for connecting to WebSocket server.
  45. type Dialer struct {
  46. // NetDial specifies the dial function for creating TCP connections. If
  47. // NetDial is nil, net.Dial is used.
  48. NetDial func(network, addr string) (net.Conn, error)
  49. // NetDialContext specifies the dial function for creating TCP connections. If
  50. // NetDialContext is nil, net.DialContext is used.
  51. NetDialContext func(ctx context.Context, network, addr string) (net.Conn, error)
  52. // Proxy specifies a function to return a proxy for a given
  53. // Request. If the function returns a non-nil error, the
  54. // request is aborted with the provided error.
  55. // If Proxy is nil or returns a nil *URL, no proxy is used.
  56. Proxy func(*http.Request) (*url.URL, error)
  57. // TLSClientConfig specifies the TLS configuration to use with tls.Client.
  58. // If nil, the default configuration is used.
  59. TLSClientConfig *tls.Config
  60. // HandshakeTimeout specifies the duration for the handshake to complete.
  61. HandshakeTimeout time.Duration
  62. // ReadBufferSize and WriteBufferSize specify I/O buffer sizes in bytes. If a buffer
  63. // size is zero, then a useful default size is used. The I/O buffer sizes
  64. // do not limit the size of the messages that can be sent or received.
  65. ReadBufferSize, WriteBufferSize int
  66. // WriteBufferPool is a pool of buffers for write operations. If the value
  67. // is not set, then write buffers are allocated to the connection for the
  68. // lifetime of the connection.
  69. //
  70. // A pool is most useful when the application has a modest volume of writes
  71. // across a large number of connections.
  72. //
  73. // Applications should use a single pool for each unique value of
  74. // WriteBufferSize.
  75. WriteBufferPool BufferPool
  76. // Subprotocols specifies the client's requested subprotocols.
  77. Subprotocols []string
  78. // EnableCompression specifies if the client should attempt to negotiate
  79. // per message compression (RFC 7692). Setting this value to true does not
  80. // guarantee that compression will be supported. Currently only "no context
  81. // takeover" modes are supported.
  82. EnableCompression bool
  83. // Jar specifies the cookie jar.
  84. // If Jar is nil, cookies are not sent in requests and ignored
  85. // in responses.
  86. Jar http.CookieJar
  87. }
  88. // Dial creates a new client connection by calling DialContext with a background context.
  89. func (d *Dialer) Dial(urlStr string, requestHeader http.Header) (*Conn, *http.Response, error) {
  90. return d.DialContext(context.Background(), urlStr, requestHeader)
  91. }
  92. var errMalformedURL = errors.New("malformed ws or wss URL")
  93. func hostPortNoPort(u *url.URL) (hostPort, hostNoPort string) {
  94. hostPort = u.Host
  95. hostNoPort = u.Host
  96. if i := strings.LastIndex(u.Host, ":"); i > strings.LastIndex(u.Host, "]") {
  97. hostNoPort = hostNoPort[:i]
  98. } else {
  99. switch u.Scheme {
  100. case "wss":
  101. hostPort += ":443"
  102. case "https":
  103. hostPort += ":443"
  104. default:
  105. hostPort += ":80"
  106. }
  107. }
  108. return hostPort, hostNoPort
  109. }
  110. // DefaultDialer is a dialer with all fields set to the default values.
  111. var DefaultDialer = &Dialer{
  112. Proxy: http.ProxyFromEnvironment,
  113. HandshakeTimeout: 45 * time.Second,
  114. }
  115. // nilDialer is dialer to use when receiver is nil.
  116. var nilDialer = *DefaultDialer
  117. // DialContext creates a new client connection. Use requestHeader to specify the
  118. // origin (Origin), subprotocols (Sec-WebSocket-Protocol) and cookies (Cookie).
  119. // Use the response.Header to get the selected subprotocol
  120. // (Sec-WebSocket-Protocol) and cookies (Set-Cookie).
  121. //
  122. // The context will be used in the request and in the Dialer.
  123. //
  124. // If the WebSocket handshake fails, ErrBadHandshake is returned along with a
  125. // non-nil *http.Response so that callers can handle redirects, authentication,
  126. // etcetera. The response body may not contain the entire response and does not
  127. // need to be closed by the application.
  128. func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader http.Header) (*Conn, *http.Response, error) {
  129. if d == nil {
  130. d = &nilDialer
  131. }
  132. challengeKey, err := generateChallengeKey()
  133. if err != nil {
  134. return nil, nil, err
  135. }
  136. u, err := url.Parse(urlStr)
  137. if err != nil {
  138. return nil, nil, err
  139. }
  140. switch u.Scheme {
  141. case "ws":
  142. u.Scheme = "http"
  143. case "wss":
  144. u.Scheme = "https"
  145. default:
  146. return nil, nil, errMalformedURL
  147. }
  148. if u.User != nil {
  149. // User name and password are not allowed in websocket URIs.
  150. return nil, nil, errMalformedURL
  151. }
  152. req := &http.Request{
  153. Method: "GET",
  154. URL: u,
  155. Proto: "HTTP/1.1",
  156. ProtoMajor: 1,
  157. ProtoMinor: 1,
  158. Header: make(http.Header),
  159. Host: u.Host,
  160. }
  161. req = req.WithContext(ctx)
  162. // Set the cookies present in the cookie jar of the dialer
  163. if d.Jar != nil {
  164. for _, cookie := range d.Jar.Cookies(u) {
  165. req.AddCookie(cookie)
  166. }
  167. }
  168. // Set the request headers using the capitalization for names and values in
  169. // RFC examples. Although the capitalization shouldn't matter, there are
  170. // servers that depend on it. The Header.Set method is not used because the
  171. // method canonicalizes the header names.
  172. req.Header["Upgrade"] = []string{"websocket"}
  173. req.Header["Connection"] = []string{"Upgrade"}
  174. req.Header["Sec-WebSocket-Key"] = []string{challengeKey}
  175. req.Header["Sec-WebSocket-Version"] = []string{"13"}
  176. if len(d.Subprotocols) > 0 {
  177. req.Header["Sec-WebSocket-Protocol"] = []string{strings.Join(d.Subprotocols, ", ")}
  178. }
  179. for k, vs := range requestHeader {
  180. switch {
  181. case k == "Host":
  182. if len(vs) > 0 {
  183. req.Host = vs[0]
  184. }
  185. case k == "Upgrade" ||
  186. k == "Connection" ||
  187. k == "Sec-Websocket-Key" ||
  188. k == "Sec-Websocket-Version" ||
  189. k == "Sec-Websocket-Extensions" ||
  190. (k == "Sec-Websocket-Protocol" && len(d.Subprotocols) > 0):
  191. return nil, nil, errors.New("websocket: duplicate header not allowed: " + k)
  192. case k == "Sec-Websocket-Protocol":
  193. req.Header["Sec-WebSocket-Protocol"] = vs
  194. default:
  195. req.Header[k] = vs
  196. }
  197. }
  198. if d.EnableCompression {
  199. req.Header["Sec-WebSocket-Extensions"] = []string{"permessage-deflate; server_no_context_takeover; client_no_context_takeover"}
  200. }
  201. if d.HandshakeTimeout != 0 {
  202. var cancel func()
  203. ctx, cancel = context.WithTimeout(ctx, d.HandshakeTimeout)
  204. defer cancel()
  205. }
  206. // Get network dial function.
  207. var netDial func(network, add string) (net.Conn, error)
  208. if d.NetDialContext != nil {
  209. netDial = func(network, addr string) (net.Conn, error) {
  210. return d.NetDialContext(ctx, network, addr)
  211. }
  212. } else if d.NetDial != nil {
  213. netDial = d.NetDial
  214. } else {
  215. netDialer := &net.Dialer{}
  216. netDial = func(network, addr string) (net.Conn, error) {
  217. return netDialer.DialContext(ctx, network, addr)
  218. }
  219. }
  220. // If needed, wrap the dial function to set the connection deadline.
  221. if deadline, ok := ctx.Deadline(); ok {
  222. forwardDial := netDial
  223. netDial = func(network, addr string) (net.Conn, error) {
  224. c, err := forwardDial(network, addr)
  225. if err != nil {
  226. return nil, err
  227. }
  228. err = c.SetDeadline(deadline)
  229. if err != nil {
  230. c.Close()
  231. return nil, err
  232. }
  233. return c, nil
  234. }
  235. }
  236. // If needed, wrap the dial function to connect through a proxy.
  237. if d.Proxy != nil {
  238. proxyURL, err := d.Proxy(req)
  239. if err != nil {
  240. return nil, nil, err
  241. }
  242. if proxyURL != nil {
  243. dialer, err := proxy_FromURL(proxyURL, netDialerFunc(netDial))
  244. if err != nil {
  245. return nil, nil, err
  246. }
  247. netDial = dialer.Dial
  248. }
  249. }
  250. hostPort, hostNoPort := hostPortNoPort(u)
  251. trace := httptrace.ContextClientTrace(ctx)
  252. if trace != nil && trace.GetConn != nil {
  253. trace.GetConn(hostPort)
  254. }
  255. netConn, err := netDial("tcp", hostPort)
  256. if trace != nil && trace.GotConn != nil {
  257. trace.GotConn(httptrace.GotConnInfo{
  258. Conn: netConn,
  259. })
  260. }
  261. if err != nil {
  262. return nil, nil, err
  263. }
  264. defer func() {
  265. if netConn != nil {
  266. netConn.Close()
  267. }
  268. }()
  269. if u.Scheme == "https" {
  270. cfg := cloneTLSConfig(d.TLSClientConfig)
  271. if cfg.ServerName == "" {
  272. cfg.ServerName = hostNoPort
  273. }
  274. tlsConn := tls.Client(netConn, cfg)
  275. netConn = tlsConn
  276. var err error
  277. if trace != nil {
  278. err = doHandshakeWithTrace(trace, tlsConn, cfg)
  279. } else {
  280. err = doHandshake(tlsConn, cfg)
  281. }
  282. if err != nil {
  283. return nil, nil, err
  284. }
  285. }
  286. conn := newConn(netConn, false, d.ReadBufferSize, d.WriteBufferSize, d.WriteBufferPool, nil, nil)
  287. if err := req.Write(netConn); err != nil {
  288. return nil, nil, err
  289. }
  290. if trace != nil && trace.GotFirstResponseByte != nil {
  291. if peek, err := conn.br.Peek(1); err == nil && len(peek) == 1 {
  292. trace.GotFirstResponseByte()
  293. }
  294. }
  295. resp, err := http.ReadResponse(conn.br, req)
  296. if err != nil {
  297. return nil, nil, err
  298. }
  299. if d.Jar != nil {
  300. if rc := resp.Cookies(); len(rc) > 0 {
  301. d.Jar.SetCookies(u, rc)
  302. }
  303. }
  304. if resp.StatusCode != 101 ||
  305. !strings.EqualFold(resp.Header.Get("Upgrade"), "websocket") ||
  306. !strings.EqualFold(resp.Header.Get("Connection"), "upgrade") ||
  307. resp.Header.Get("Sec-Websocket-Accept") != computeAcceptKey(challengeKey) {
  308. // Before closing the network connection on return from this
  309. // function, slurp up some of the response to aid application
  310. // debugging.
  311. buf := make([]byte, 1024)
  312. n, _ := io.ReadFull(resp.Body, buf)
  313. resp.Body = ioutil.NopCloser(bytes.NewReader(buf[:n]))
  314. return nil, resp, ErrBadHandshake
  315. }
  316. for _, ext := range parseExtensions(resp.Header) {
  317. if ext[""] != "permessage-deflate" {
  318. continue
  319. }
  320. _, snct := ext["server_no_context_takeover"]
  321. _, cnct := ext["client_no_context_takeover"]
  322. if !snct || !cnct {
  323. return nil, resp, errInvalidCompression
  324. }
  325. conn.newCompressionWriter = compressNoContextTakeover
  326. conn.newDecompressionReader = decompressNoContextTakeover
  327. break
  328. }
  329. resp.Body = ioutil.NopCloser(bytes.NewReader([]byte{}))
  330. conn.subprotocol = resp.Header.Get("Sec-Websocket-Protocol")
  331. netConn.SetDeadline(time.Time{})
  332. netConn = nil // to avoid close in defer.
  333. return conn, resp, nil
  334. }
  335. func doHandshake(tlsConn *tls.Conn, cfg *tls.Config) error {
  336. if err := tlsConn.Handshake(); err != nil {
  337. return err
  338. }
  339. if !cfg.InsecureSkipVerify {
  340. if err := tlsConn.VerifyHostname(cfg.ServerName); err != nil {
  341. return err
  342. }
  343. }
  344. return nil
  345. }