1*1c60b9acSAndroid Build Coastguard Worker /*
2*1c60b9acSAndroid Build Coastguard Worker * libwebsockets - small server side websockets and web server implementation
3*1c60b9acSAndroid Build Coastguard Worker *
4*1c60b9acSAndroid Build Coastguard Worker * Copyright (C) 2019 - 2021 Andy Green <[email protected]>
5*1c60b9acSAndroid Build Coastguard Worker *
6*1c60b9acSAndroid Build Coastguard Worker * Permission is hereby granted, free of charge, to any person obtaining a copy
7*1c60b9acSAndroid Build Coastguard Worker * of this software and associated documentation files (the "Software"), to
8*1c60b9acSAndroid Build Coastguard Worker * deal in the Software without restriction, including without limitation the
9*1c60b9acSAndroid Build Coastguard Worker * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
10*1c60b9acSAndroid Build Coastguard Worker * sell copies of the Software, and to permit persons to whom the Software is
11*1c60b9acSAndroid Build Coastguard Worker * furnished to do so, subject to the following conditions:
12*1c60b9acSAndroid Build Coastguard Worker *
13*1c60b9acSAndroid Build Coastguard Worker * The above copyright notice and this permission notice shall be included in
14*1c60b9acSAndroid Build Coastguard Worker * all copies or substantial portions of the Software.
15*1c60b9acSAndroid Build Coastguard Worker *
16*1c60b9acSAndroid Build Coastguard Worker * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17*1c60b9acSAndroid Build Coastguard Worker * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18*1c60b9acSAndroid Build Coastguard Worker * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19*1c60b9acSAndroid Build Coastguard Worker * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20*1c60b9acSAndroid Build Coastguard Worker * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21*1c60b9acSAndroid Build Coastguard Worker * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
22*1c60b9acSAndroid Build Coastguard Worker * IN THE SOFTWARE.
23*1c60b9acSAndroid Build Coastguard Worker *
24*1c60b9acSAndroid Build Coastguard Worker * This file contains the stuff related to JSON-provided policy, it's not built
25*1c60b9acSAndroid Build Coastguard Worker * if LWS_WITH_SECURE_STREAMS_STATIC_POLICY_ONLY enabled.
26*1c60b9acSAndroid Build Coastguard Worker */
27*1c60b9acSAndroid Build Coastguard Worker
28*1c60b9acSAndroid Build Coastguard Worker #include <private-lib-core.h>
29*1c60b9acSAndroid Build Coastguard Worker
30*1c60b9acSAndroid Build Coastguard Worker static const char * const lejp_tokens_policy[] = {
31*1c60b9acSAndroid Build Coastguard Worker "release",
32*1c60b9acSAndroid Build Coastguard Worker "product",
33*1c60b9acSAndroid Build Coastguard Worker "schema-version",
34*1c60b9acSAndroid Build Coastguard Worker "via-socks5",
35*1c60b9acSAndroid Build Coastguard Worker "retry[].*.backoff",
36*1c60b9acSAndroid Build Coastguard Worker "retry[].*.conceal",
37*1c60b9acSAndroid Build Coastguard Worker "retry[].*.jitterpc",
38*1c60b9acSAndroid Build Coastguard Worker "retry[].*.svalidping",
39*1c60b9acSAndroid Build Coastguard Worker "retry[].*.svalidhup",
40*1c60b9acSAndroid Build Coastguard Worker "retry[].*",
41*1c60b9acSAndroid Build Coastguard Worker "certs[].*",
42*1c60b9acSAndroid Build Coastguard Worker "trust_stores[].name",
43*1c60b9acSAndroid Build Coastguard Worker "trust_stores[].stack",
44*1c60b9acSAndroid Build Coastguard Worker "metrics[].name",
45*1c60b9acSAndroid Build Coastguard Worker "metrics[].us_schedule",
46*1c60b9acSAndroid Build Coastguard Worker "metrics[].us_halflife",
47*1c60b9acSAndroid Build Coastguard Worker "metrics[].min_outlier",
48*1c60b9acSAndroid Build Coastguard Worker "metrics[].report",
49*1c60b9acSAndroid Build Coastguard Worker "s[].*.endpoint",
50*1c60b9acSAndroid Build Coastguard Worker "s[].*.via-socks5",
51*1c60b9acSAndroid Build Coastguard Worker "s[].*.protocol",
52*1c60b9acSAndroid Build Coastguard Worker "s[].*.port",
53*1c60b9acSAndroid Build Coastguard Worker "s[].*.plugins",
54*1c60b9acSAndroid Build Coastguard Worker "s[].*.tls",
55*1c60b9acSAndroid Build Coastguard Worker "s[].*.client_cert",
56*1c60b9acSAndroid Build Coastguard Worker "s[].*.opportunistic",
57*1c60b9acSAndroid Build Coastguard Worker "s[].*.nailed_up",
58*1c60b9acSAndroid Build Coastguard Worker "s[].*.allow_redirects",
59*1c60b9acSAndroid Build Coastguard Worker "s[].*.urgent_tx",
60*1c60b9acSAndroid Build Coastguard Worker "s[].*.urgent_rx",
61*1c60b9acSAndroid Build Coastguard Worker "s[].*.attr_priority",
62*1c60b9acSAndroid Build Coastguard Worker "s[].*.attr_low_latency",
63*1c60b9acSAndroid Build Coastguard Worker "s[].*.attr_high_throughput",
64*1c60b9acSAndroid Build Coastguard Worker "s[].*.attr_high_reliability",
65*1c60b9acSAndroid Build Coastguard Worker "s[].*.attr_low_cost",
66*1c60b9acSAndroid Build Coastguard Worker "s[].*.long_poll",
67*1c60b9acSAndroid Build Coastguard Worker "s[].*.ws_prioritize_reads",
68*1c60b9acSAndroid Build Coastguard Worker "s[].*.retry",
69*1c60b9acSAndroid Build Coastguard Worker "s[].*.timeout_ms",
70*1c60b9acSAndroid Build Coastguard Worker "s[].*.perf",
71*1c60b9acSAndroid Build Coastguard Worker "s[].*.tls_trust_store",
72*1c60b9acSAndroid Build Coastguard Worker "s[].*.proxy_buflen",
73*1c60b9acSAndroid Build Coastguard Worker "s[].*.proxy_buflen_rxflow_on_above",
74*1c60b9acSAndroid Build Coastguard Worker "s[].*.proxy_buflen_rxflow_off_below",
75*1c60b9acSAndroid Build Coastguard Worker "s[].*.client_buflen",
76*1c60b9acSAndroid Build Coastguard Worker "s[].*.client_buflen_rxflow_on_above",
77*1c60b9acSAndroid Build Coastguard Worker "s[].*.client_buflen_rxflow_off_below",
78*1c60b9acSAndroid Build Coastguard Worker "s[].*.metadata",
79*1c60b9acSAndroid Build Coastguard Worker "s[].*.metadata[].*",
80*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_resp_map",
81*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_resp_map[].*",
82*1c60b9acSAndroid Build Coastguard Worker
83*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_auth_header",
84*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_dsn_header",
85*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_fwv_header",
86*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_devtype_header",
87*1c60b9acSAndroid Build Coastguard Worker
88*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_auth_preamble",
89*1c60b9acSAndroid Build Coastguard Worker
90*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_no_content_length",
91*1c60b9acSAndroid Build Coastguard Worker "s[].*.rideshare", /* streamtype name this rides shotgun with */
92*1c60b9acSAndroid Build Coastguard Worker "s[].*.payload_fmt",
93*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_method",
94*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_url",
95*1c60b9acSAndroid Build Coastguard Worker "s[].*.nghttp2_quirk_end_stream",
96*1c60b9acSAndroid Build Coastguard Worker "s[].*.h2q_oflow_txcr",
97*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_multipart_name",
98*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_multipart_filename",
99*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_mime_content_type",
100*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_www_form_urlencoded",
101*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_expect",
102*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_cookies",
103*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_fail_redirect",
104*1c60b9acSAndroid Build Coastguard Worker "s[].*.http_multipart_ss_in",
105*1c60b9acSAndroid Build Coastguard Worker "s[].*.ws_subprotocol",
106*1c60b9acSAndroid Build Coastguard Worker "s[].*.ws_binary",
107*1c60b9acSAndroid Build Coastguard Worker "s[].*.local_sink",
108*1c60b9acSAndroid Build Coastguard Worker "s[].*.server",
109*1c60b9acSAndroid Build Coastguard Worker "s[].*.server_cert",
110*1c60b9acSAndroid Build Coastguard Worker "s[].*.server_key",
111*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_topic",
112*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_subscribe",
113*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_qos",
114*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_keep_alive",
115*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_clean_start",
116*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_will_topic",
117*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_will_message",
118*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_will_qos",
119*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_will_retain",
120*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_birth_topic",
121*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_birth_message",
122*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_birth_qos",
123*1c60b9acSAndroid Build Coastguard Worker "s[].*.mqtt_birth_retain",
124*1c60b9acSAndroid Build Coastguard Worker "s[].*.aws_iot",
125*1c60b9acSAndroid Build Coastguard Worker "s[].*.swake_validity",
126*1c60b9acSAndroid Build Coastguard Worker "s[].*.use_auth",
127*1c60b9acSAndroid Build Coastguard Worker "s[].*.aws_region",
128*1c60b9acSAndroid Build Coastguard Worker "s[].*.aws_service",
129*1c60b9acSAndroid Build Coastguard Worker "s[].*.direct_proto_str",
130*1c60b9acSAndroid Build Coastguard Worker "s[].*",
131*1c60b9acSAndroid Build Coastguard Worker "auth[].name",
132*1c60b9acSAndroid Build Coastguard Worker "auth[].type",
133*1c60b9acSAndroid Build Coastguard Worker "auth[].streamtype",
134*1c60b9acSAndroid Build Coastguard Worker "auth[].blob",
135*1c60b9acSAndroid Build Coastguard Worker "auth[]",
136*1c60b9acSAndroid Build Coastguard Worker };
137*1c60b9acSAndroid Build Coastguard Worker
138*1c60b9acSAndroid Build Coastguard Worker typedef enum {
139*1c60b9acSAndroid Build Coastguard Worker LSSPPT_RELEASE,
140*1c60b9acSAndroid Build Coastguard Worker LSSPPT_PRODUCT,
141*1c60b9acSAndroid Build Coastguard Worker LSSPPT_SCHEMA_VERSION,
142*1c60b9acSAndroid Build Coastguard Worker LSSPPT_VIA_SOCKS5,
143*1c60b9acSAndroid Build Coastguard Worker LSSPPT_BACKOFF,
144*1c60b9acSAndroid Build Coastguard Worker LSSPPT_CONCEAL,
145*1c60b9acSAndroid Build Coastguard Worker LSSPPT_JITTERPC,
146*1c60b9acSAndroid Build Coastguard Worker LSSPPT_VALIDPING_S,
147*1c60b9acSAndroid Build Coastguard Worker LSSPPT_VALIDHUP_S,
148*1c60b9acSAndroid Build Coastguard Worker LSSPPT_RETRY,
149*1c60b9acSAndroid Build Coastguard Worker LSSPPT_CERTS,
150*1c60b9acSAndroid Build Coastguard Worker LSSPPT_TRUST_STORES_NAME,
151*1c60b9acSAndroid Build Coastguard Worker LSSPPT_TRUST_STORES_STACK,
152*1c60b9acSAndroid Build Coastguard Worker LSSPPT_METRICS_NAME,
153*1c60b9acSAndroid Build Coastguard Worker LSSPPT_METRICS_US_SCHEDULE,
154*1c60b9acSAndroid Build Coastguard Worker LSSPPT_METRICS_US_HALFLIFE,
155*1c60b9acSAndroid Build Coastguard Worker LSSPPT_METRICS_MIN_OUTLIER,
156*1c60b9acSAndroid Build Coastguard Worker LSSPPT_METRICS_REPORT,
157*1c60b9acSAndroid Build Coastguard Worker LSSPPT_ENDPOINT,
158*1c60b9acSAndroid Build Coastguard Worker LSSPPT_VH_VIA_SOCKS5,
159*1c60b9acSAndroid Build Coastguard Worker LSSPPT_PROTOCOL,
160*1c60b9acSAndroid Build Coastguard Worker LSSPPT_PORT,
161*1c60b9acSAndroid Build Coastguard Worker LSSPPT_PLUGINS,
162*1c60b9acSAndroid Build Coastguard Worker LSSPPT_TLS,
163*1c60b9acSAndroid Build Coastguard Worker LSSPPT_TLS_CLIENT_CERT,
164*1c60b9acSAndroid Build Coastguard Worker LSSPPT_OPPORTUNISTIC,
165*1c60b9acSAndroid Build Coastguard Worker LSSPPT_NAILED_UP,
166*1c60b9acSAndroid Build Coastguard Worker LSSPPT_ALLOW_REDIRECTS,
167*1c60b9acSAndroid Build Coastguard Worker LSSPPT_URGENT_TX,
168*1c60b9acSAndroid Build Coastguard Worker LSSPPT_URGENT_RX,
169*1c60b9acSAndroid Build Coastguard Worker LSSPPT_ATTR_PRIORITY,
170*1c60b9acSAndroid Build Coastguard Worker LSSPPT_ATTR_LOW_LATENCY,
171*1c60b9acSAndroid Build Coastguard Worker LSSPPT_ATTR_HIGH_THROUGHPUT,
172*1c60b9acSAndroid Build Coastguard Worker LSSPPT_ATTR_HIGH_RELIABILITY,
173*1c60b9acSAndroid Build Coastguard Worker LSSPPT_ATTR_LOW_COST,
174*1c60b9acSAndroid Build Coastguard Worker LSSPPT_LONG_POLL,
175*1c60b9acSAndroid Build Coastguard Worker LSSPPT_PRIORITIZE_READS,
176*1c60b9acSAndroid Build Coastguard Worker LSSPPT_RETRYPTR,
177*1c60b9acSAndroid Build Coastguard Worker LSSPPT_DEFAULT_TIMEOUT_MS,
178*1c60b9acSAndroid Build Coastguard Worker LSSPPT_PERF,
179*1c60b9acSAndroid Build Coastguard Worker LSSPPT_TRUST,
180*1c60b9acSAndroid Build Coastguard Worker LSSPPT_PROXY_BUFLEN,
181*1c60b9acSAndroid Build Coastguard Worker LSSPPT_PROXY_BUFLEN_RXFLOW_ON_ABOVE,
182*1c60b9acSAndroid Build Coastguard Worker LSSPPT_PROXY_BUFLEN_RXFLOW_OFF_BELOW,
183*1c60b9acSAndroid Build Coastguard Worker LSSPPT_CLIENT_BUFLEN,
184*1c60b9acSAndroid Build Coastguard Worker LSSPPT_CLIENT_BUFLEN_RXFLOW_ON_ABOVE,
185*1c60b9acSAndroid Build Coastguard Worker LSSPPT_CLIENT_BUFLEN_RXFLOW_OFF_BELOW,
186*1c60b9acSAndroid Build Coastguard Worker LSSPPT_METADATA,
187*1c60b9acSAndroid Build Coastguard Worker LSSPPT_METADATA_ITEM,
188*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTPRESPMAP,
189*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTPRESPMAP_ITEM,
190*1c60b9acSAndroid Build Coastguard Worker
191*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_AUTH_HEADER,
192*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_DSN_HEADER,
193*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_FWV_HEADER,
194*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_TYPE_HEADER,
195*1c60b9acSAndroid Build Coastguard Worker
196*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_AUTH_PREAMBLE,
197*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_NO_CONTENT_LENGTH,
198*1c60b9acSAndroid Build Coastguard Worker LSSPPT_RIDESHARE,
199*1c60b9acSAndroid Build Coastguard Worker LSSPPT_PAYLOAD_FORMAT,
200*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_METHOD,
201*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_URL,
202*1c60b9acSAndroid Build Coastguard Worker LSSPPT_NGHTTP2_QUIRK_END_STREAM,
203*1c60b9acSAndroid Build Coastguard Worker LSSPPT_H2_QUIRK_OVERFLOWS_TXCR,
204*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_MULTIPART_NAME,
205*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_MULTIPART_FILENAME,
206*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_MULTIPART_CONTENT_TYPE,
207*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_WWW_FORM_URLENCODED,
208*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_EXPECT,
209*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_COOKIES,
210*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_FAIL_REDIRECT,
211*1c60b9acSAndroid Build Coastguard Worker LSSPPT_HTTP_MULTIPART_SS_IN,
212*1c60b9acSAndroid Build Coastguard Worker LSSPPT_WS_SUBPROTOCOL,
213*1c60b9acSAndroid Build Coastguard Worker LSSPPT_WS_BINARY,
214*1c60b9acSAndroid Build Coastguard Worker LSSPPT_LOCAL_SINK,
215*1c60b9acSAndroid Build Coastguard Worker LSSPPT_SERVER,
216*1c60b9acSAndroid Build Coastguard Worker LSSPPT_SERVER_CERT,
217*1c60b9acSAndroid Build Coastguard Worker LSSPPT_SERVER_KEY,
218*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_TOPIC,
219*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_SUBSCRIBE,
220*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_QOS,
221*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_KEEPALIVE,
222*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_CLEAN_START,
223*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_WILL_TOPIC,
224*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_WILL_MESSAGE,
225*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_WILL_QOS,
226*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_WILL_RETAIN,
227*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_BIRTH_TOPIC,
228*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_BIRTH_MESSAGE,
229*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_BIRTH_QOS,
230*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_BIRTH_RETAIN,
231*1c60b9acSAndroid Build Coastguard Worker LSSPPT_MQTT_AWS_IOT,
232*1c60b9acSAndroid Build Coastguard Worker LSSPPT_SWAKE_VALIDITY,
233*1c60b9acSAndroid Build Coastguard Worker LSSPPT_USE_AUTH,
234*1c60b9acSAndroid Build Coastguard Worker LSSPPT_AWS_REGION,
235*1c60b9acSAndroid Build Coastguard Worker LSSPPT_AWS_SERVICE,
236*1c60b9acSAndroid Build Coastguard Worker LSSPPT_DIRECT_PROTO_STR,
237*1c60b9acSAndroid Build Coastguard Worker LSSPPT_STREAMTYPES,
238*1c60b9acSAndroid Build Coastguard Worker LSSPPT_AUTH_NAME,
239*1c60b9acSAndroid Build Coastguard Worker LSSPPT_AUTH_TYPE,
240*1c60b9acSAndroid Build Coastguard Worker LSSPPT_AUTH_STREAMTYPE,
241*1c60b9acSAndroid Build Coastguard Worker LSSPPT_AUTH_BLOB,
242*1c60b9acSAndroid Build Coastguard Worker LSSPPT_AUTH,
243*1c60b9acSAndroid Build Coastguard Worker
244*1c60b9acSAndroid Build Coastguard Worker } policy_token_t;
245*1c60b9acSAndroid Build Coastguard Worker
246*1c60b9acSAndroid Build Coastguard Worker #define POL_AC_INITIAL 2048
247*1c60b9acSAndroid Build Coastguard Worker #define POL_AC_GRAIN 800
248*1c60b9acSAndroid Build Coastguard Worker #define MAX_CERT_TEMP 3072 /* used to discover actual cert size for realloc */
249*1c60b9acSAndroid Build Coastguard Worker
250*1c60b9acSAndroid Build Coastguard Worker static uint16_t sizes[] = {
251*1c60b9acSAndroid Build Coastguard Worker sizeof(backoff_t),
252*1c60b9acSAndroid Build Coastguard Worker sizeof(lws_ss_x509_t),
253*1c60b9acSAndroid Build Coastguard Worker sizeof(lws_ss_trust_store_t),
254*1c60b9acSAndroid Build Coastguard Worker sizeof(lws_ss_policy_t),
255*1c60b9acSAndroid Build Coastguard Worker sizeof(lws_ss_auth_t),
256*1c60b9acSAndroid Build Coastguard Worker sizeof(lws_metric_policy_t),
257*1c60b9acSAndroid Build Coastguard Worker };
258*1c60b9acSAndroid Build Coastguard Worker
259*1c60b9acSAndroid Build Coastguard Worker static const char * const protonames[] = {
260*1c60b9acSAndroid Build Coastguard Worker "h1", /* LWSSSP_H1 */
261*1c60b9acSAndroid Build Coastguard Worker "h2", /* LWSSSP_H2 */
262*1c60b9acSAndroid Build Coastguard Worker "ws", /* LWSSSP_WS */
263*1c60b9acSAndroid Build Coastguard Worker "mqtt", /* LWSSSP_MQTT */
264*1c60b9acSAndroid Build Coastguard Worker "raw", /* LWSSSP_RAW */
265*1c60b9acSAndroid Build Coastguard Worker };
266*1c60b9acSAndroid Build Coastguard Worker
267*1c60b9acSAndroid Build Coastguard Worker static const lws_ss_auth_t *
lws_ss_policy_find_auth_by_name(struct policy_cb_args * a,const char * name,size_t len)268*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_find_auth_by_name(struct policy_cb_args *a,
269*1c60b9acSAndroid Build Coastguard Worker const char *name, size_t len)
270*1c60b9acSAndroid Build Coastguard Worker {
271*1c60b9acSAndroid Build Coastguard Worker const lws_ss_auth_t *auth = a->heads[LTY_AUTH].a;
272*1c60b9acSAndroid Build Coastguard Worker
273*1c60b9acSAndroid Build Coastguard Worker while (auth) {
274*1c60b9acSAndroid Build Coastguard Worker if (auth->name &&
275*1c60b9acSAndroid Build Coastguard Worker len == strlen(auth->name) &&
276*1c60b9acSAndroid Build Coastguard Worker !strncmp(auth->name, name, len))
277*1c60b9acSAndroid Build Coastguard Worker return auth;
278*1c60b9acSAndroid Build Coastguard Worker
279*1c60b9acSAndroid Build Coastguard Worker auth = auth->next;
280*1c60b9acSAndroid Build Coastguard Worker }
281*1c60b9acSAndroid Build Coastguard Worker
282*1c60b9acSAndroid Build Coastguard Worker return NULL;
283*1c60b9acSAndroid Build Coastguard Worker }
284*1c60b9acSAndroid Build Coastguard Worker
285*1c60b9acSAndroid Build Coastguard Worker static int
lws_ss_policy_alloc_helper(struct policy_cb_args * a,int type)286*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_alloc_helper(struct policy_cb_args *a, int type)
287*1c60b9acSAndroid Build Coastguard Worker {
288*1c60b9acSAndroid Build Coastguard Worker /*
289*1c60b9acSAndroid Build Coastguard Worker * We do the pointers always as .b union member, all of the
290*1c60b9acSAndroid Build Coastguard Worker * participating structs begin with .next and .name the same
291*1c60b9acSAndroid Build Coastguard Worker */
292*1c60b9acSAndroid Build Coastguard Worker
293*1c60b9acSAndroid Build Coastguard Worker a->curr[type].b = lwsac_use_zero(&a->ac,
294*1c60b9acSAndroid Build Coastguard Worker sizes[type], POL_AC_GRAIN);
295*1c60b9acSAndroid Build Coastguard Worker if (!a->curr[type].b)
296*1c60b9acSAndroid Build Coastguard Worker return 1;
297*1c60b9acSAndroid Build Coastguard Worker
298*1c60b9acSAndroid Build Coastguard Worker a->curr[type].b->next = a->heads[type].b;
299*1c60b9acSAndroid Build Coastguard Worker a->heads[type].b = a->curr[type].b;
300*1c60b9acSAndroid Build Coastguard Worker
301*1c60b9acSAndroid Build Coastguard Worker return 0;
302*1c60b9acSAndroid Build Coastguard Worker }
303*1c60b9acSAndroid Build Coastguard Worker
304*1c60b9acSAndroid Build Coastguard Worker static signed char
lws_ss_policy_parser_cb(struct lejp_ctx * ctx,char reason)305*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_parser_cb(struct lejp_ctx *ctx, char reason)
306*1c60b9acSAndroid Build Coastguard Worker {
307*1c60b9acSAndroid Build Coastguard Worker struct policy_cb_args *a = (struct policy_cb_args *)ctx->user;
308*1c60b9acSAndroid Build Coastguard Worker #if defined(LWS_WITH_SSPLUGINS)
309*1c60b9acSAndroid Build Coastguard Worker const lws_ss_plugin_t **pin;
310*1c60b9acSAndroid Build Coastguard Worker #endif
311*1c60b9acSAndroid Build Coastguard Worker char **pp, dotstar[32], *q;
312*1c60b9acSAndroid Build Coastguard Worker lws_ss_trust_store_t *ts;
313*1c60b9acSAndroid Build Coastguard Worker lws_ss_metadata_t *pmd;
314*1c60b9acSAndroid Build Coastguard Worker lws_ss_x509_t *x, **py;
315*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_t *p2;
316*1c60b9acSAndroid Build Coastguard Worker lws_retry_bo_t *b;
317*1c60b9acSAndroid Build Coastguard Worker size_t inl, outl;
318*1c60b9acSAndroid Build Coastguard Worker uint8_t *extant;
319*1c60b9acSAndroid Build Coastguard Worker backoff_t *bot;
320*1c60b9acSAndroid Build Coastguard Worker int n = -1;
321*1c60b9acSAndroid Build Coastguard Worker
322*1c60b9acSAndroid Build Coastguard Worker // lwsl_debug("%s: %d %d %s\n", __func__, reason, ctx->path_match - 1,
323*1c60b9acSAndroid Build Coastguard Worker // ctx->path);
324*1c60b9acSAndroid Build Coastguard Worker
325*1c60b9acSAndroid Build Coastguard Worker switch (ctx->path_match - 1) {
326*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_RETRY:
327*1c60b9acSAndroid Build Coastguard Worker n = LTY_BACKOFF;
328*1c60b9acSAndroid Build Coastguard Worker break;
329*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_CERTS:
330*1c60b9acSAndroid Build Coastguard Worker n = LTY_X509;
331*1c60b9acSAndroid Build Coastguard Worker break;
332*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_TRUST_STORES_NAME:
333*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_TRUST_STORES_STACK:
334*1c60b9acSAndroid Build Coastguard Worker n = LTY_TRUSTSTORE;
335*1c60b9acSAndroid Build Coastguard Worker break;
336*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_STREAMTYPES:
337*1c60b9acSAndroid Build Coastguard Worker n = LTY_POLICY;
338*1c60b9acSAndroid Build Coastguard Worker break;
339*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_AUTH:
340*1c60b9acSAndroid Build Coastguard Worker n = LTY_AUTH;
341*1c60b9acSAndroid Build Coastguard Worker break;
342*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METRICS_NAME:
343*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METRICS_US_SCHEDULE:
344*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METRICS_US_HALFLIFE:
345*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METRICS_MIN_OUTLIER:
346*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METRICS_REPORT:
347*1c60b9acSAndroid Build Coastguard Worker n = LTY_METRICS;
348*1c60b9acSAndroid Build Coastguard Worker break;
349*1c60b9acSAndroid Build Coastguard Worker }
350*1c60b9acSAndroid Build Coastguard Worker
351*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_ARRAY_START &&
352*1c60b9acSAndroid Build Coastguard Worker (ctx->path_match - 1 == LSSPPT_PLUGINS ||
353*1c60b9acSAndroid Build Coastguard Worker ctx->path_match - 1 == LSSPPT_METADATA ||
354*1c60b9acSAndroid Build Coastguard Worker ctx->path_match - 1 == LSSPPT_HTTPRESPMAP))
355*1c60b9acSAndroid Build Coastguard Worker a->count = 0;
356*1c60b9acSAndroid Build Coastguard Worker
357*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_OBJECT_START && n == LTY_AUTH) {
358*1c60b9acSAndroid Build Coastguard Worker if (lws_ss_policy_alloc_helper(a, LTY_AUTH))
359*1c60b9acSAndroid Build Coastguard Worker goto oom;
360*1c60b9acSAndroid Build Coastguard Worker return 0;
361*1c60b9acSAndroid Build Coastguard Worker }
362*1c60b9acSAndroid Build Coastguard Worker
363*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_ARRAY_END &&
364*1c60b9acSAndroid Build Coastguard Worker ctx->path_match - 1 == LSSPPT_TRUST_STORES_STACK && !a->count) {
365*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: at least one cert required in trust store\n",
366*1c60b9acSAndroid Build Coastguard Worker __func__);
367*1c60b9acSAndroid Build Coastguard Worker goto oom;
368*1c60b9acSAndroid Build Coastguard Worker }
369*1c60b9acSAndroid Build Coastguard Worker
370*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_ARRAY_END && a->count && a->pending_respmap) {
371*1c60b9acSAndroid Build Coastguard Worker
372*1c60b9acSAndroid Build Coastguard Worker // lwsl_notice("%s: allocating respmap %d\n", __func__, a->count);
373*1c60b9acSAndroid Build Coastguard Worker
374*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.http.respmap = lwsac_use_zero(&a->ac,
375*1c60b9acSAndroid Build Coastguard Worker sizeof(lws_ss_http_respmap_t) * (unsigned int)a->count, POL_AC_GRAIN);
376*1c60b9acSAndroid Build Coastguard Worker
377*1c60b9acSAndroid Build Coastguard Worker if (!a->curr[LTY_POLICY].p->u.http.respmap)
378*1c60b9acSAndroid Build Coastguard Worker goto oom;
379*1c60b9acSAndroid Build Coastguard Worker
380*1c60b9acSAndroid Build Coastguard Worker memcpy((void *)a->curr[LTY_POLICY].p->u.http.respmap,
381*1c60b9acSAndroid Build Coastguard Worker a->respmap, sizeof(lws_ss_http_respmap_t) * (unsigned int)a->count);
382*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.http.count_respmap = (uint8_t)a->count;
383*1c60b9acSAndroid Build Coastguard Worker a->count = 0;
384*1c60b9acSAndroid Build Coastguard Worker a->pending_respmap = 0;
385*1c60b9acSAndroid Build Coastguard Worker
386*1c60b9acSAndroid Build Coastguard Worker return 0;
387*1c60b9acSAndroid Build Coastguard Worker }
388*1c60b9acSAndroid Build Coastguard Worker
389*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_OBJECT_END && a->p) {
390*1c60b9acSAndroid Build Coastguard Worker /*
391*1c60b9acSAndroid Build Coastguard Worker * Allocate a just-the-right-size buf for the cert DER now
392*1c60b9acSAndroid Build Coastguard Worker * we decoded it into the a->p temp buffer and know the exact
393*1c60b9acSAndroid Build Coastguard Worker * size.
394*1c60b9acSAndroid Build Coastguard Worker *
395*1c60b9acSAndroid Build Coastguard Worker * The struct *x is in the lwsac... the ca_der it points to
396*1c60b9acSAndroid Build Coastguard Worker * is individually allocated from the heap
397*1c60b9acSAndroid Build Coastguard Worker */
398*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_X509].x->ca_der = lws_malloc((unsigned int)a->count, "ssx509");
399*1c60b9acSAndroid Build Coastguard Worker if (!a->curr[LTY_X509].x->ca_der)
400*1c60b9acSAndroid Build Coastguard Worker goto oom;
401*1c60b9acSAndroid Build Coastguard Worker memcpy((uint8_t *)a->curr[LTY_X509].x->ca_der, a->p, (unsigned int)a->count);
402*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_X509].x->ca_der_len = (unsigned int)a->count;
403*1c60b9acSAndroid Build Coastguard Worker
404*1c60b9acSAndroid Build Coastguard Worker /*
405*1c60b9acSAndroid Build Coastguard Worker * ... and then we can free the temp buffer
406*1c60b9acSAndroid Build Coastguard Worker */
407*1c60b9acSAndroid Build Coastguard Worker lws_free_set_NULL(a->p);
408*1c60b9acSAndroid Build Coastguard Worker
409*1c60b9acSAndroid Build Coastguard Worker return 0;
410*1c60b9acSAndroid Build Coastguard Worker }
411*1c60b9acSAndroid Build Coastguard Worker
412*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_PAIR_NAME && n != -1 &&
413*1c60b9acSAndroid Build Coastguard Worker (n != LTY_TRUSTSTORE && n != LTY_AUTH && n != LTY_METRICS)) {
414*1c60b9acSAndroid Build Coastguard Worker
415*1c60b9acSAndroid Build Coastguard Worker p2 = NULL;
416*1c60b9acSAndroid Build Coastguard Worker if (n == LTY_POLICY) {
417*1c60b9acSAndroid Build Coastguard Worker /*
418*1c60b9acSAndroid Build Coastguard Worker * We want to allow for the possibility of overlays...
419*1c60b9acSAndroid Build Coastguard Worker * eg, we come later with a JSON snippet that overrides
420*1c60b9acSAndroid Build Coastguard Worker * select streamtype members of a streamtype that was
421*1c60b9acSAndroid Build Coastguard Worker * already defined
422*1c60b9acSAndroid Build Coastguard Worker */
423*1c60b9acSAndroid Build Coastguard Worker p2 = (lws_ss_policy_t *)a->context->pss_policies;
424*1c60b9acSAndroid Build Coastguard Worker
425*1c60b9acSAndroid Build Coastguard Worker while (p2) {
426*1c60b9acSAndroid Build Coastguard Worker if (!strncmp(p2->streamtype,
427*1c60b9acSAndroid Build Coastguard Worker ctx->path + ctx->st[ctx->sp].p,
428*1c60b9acSAndroid Build Coastguard Worker (unsigned int)(ctx->path_match_len -
429*1c60b9acSAndroid Build Coastguard Worker ctx->st[ctx->sp].p))) {
430*1c60b9acSAndroid Build Coastguard Worker lwsl_info("%s: overriding s[] %s\n",
431*1c60b9acSAndroid Build Coastguard Worker __func__, p2->streamtype);
432*1c60b9acSAndroid Build Coastguard Worker break;
433*1c60b9acSAndroid Build Coastguard Worker }
434*1c60b9acSAndroid Build Coastguard Worker
435*1c60b9acSAndroid Build Coastguard Worker p2 = p2->next;
436*1c60b9acSAndroid Build Coastguard Worker }
437*1c60b9acSAndroid Build Coastguard Worker }
438*1c60b9acSAndroid Build Coastguard Worker
439*1c60b9acSAndroid Build Coastguard Worker /*
440*1c60b9acSAndroid Build Coastguard Worker * We do the pointers always as .b union member, all of the
441*1c60b9acSAndroid Build Coastguard Worker * participating structs begin with .next and .name the same
442*1c60b9acSAndroid Build Coastguard Worker */
443*1c60b9acSAndroid Build Coastguard Worker if (p2) /* we may be overriding existing streamtype... */
444*1c60b9acSAndroid Build Coastguard Worker a->curr[n].b = (backoff_t *)p2;
445*1c60b9acSAndroid Build Coastguard Worker else
446*1c60b9acSAndroid Build Coastguard Worker a->curr[n].b = lwsac_use_zero(&a->ac, sizes[n],
447*1c60b9acSAndroid Build Coastguard Worker POL_AC_GRAIN);
448*1c60b9acSAndroid Build Coastguard Worker if (!a->curr[n].b)
449*1c60b9acSAndroid Build Coastguard Worker goto oom;
450*1c60b9acSAndroid Build Coastguard Worker
451*1c60b9acSAndroid Build Coastguard Worker if (n == LTY_X509) {
452*1c60b9acSAndroid Build Coastguard Worker a->p = lws_malloc(MAX_CERT_TEMP, "cert temp");
453*1c60b9acSAndroid Build Coastguard Worker if (!a->p)
454*1c60b9acSAndroid Build Coastguard Worker goto oom;
455*1c60b9acSAndroid Build Coastguard Worker memset(&a->b64, 0, sizeof(a->b64));
456*1c60b9acSAndroid Build Coastguard Worker }
457*1c60b9acSAndroid Build Coastguard Worker
458*1c60b9acSAndroid Build Coastguard Worker a->count = 0;
459*1c60b9acSAndroid Build Coastguard Worker if (!p2) {
460*1c60b9acSAndroid Build Coastguard Worker a->curr[n].b->next = a->heads[n].b;
461*1c60b9acSAndroid Build Coastguard Worker a->heads[n].b = a->curr[n].b;
462*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[n].b->name;
463*1c60b9acSAndroid Build Coastguard Worker
464*1c60b9acSAndroid Build Coastguard Worker goto string1;
465*1c60b9acSAndroid Build Coastguard Worker }
466*1c60b9acSAndroid Build Coastguard Worker
467*1c60b9acSAndroid Build Coastguard Worker return 0; /* overriding */
468*1c60b9acSAndroid Build Coastguard Worker }
469*1c60b9acSAndroid Build Coastguard Worker
470*1c60b9acSAndroid Build Coastguard Worker if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match)
471*1c60b9acSAndroid Build Coastguard Worker return 0;
472*1c60b9acSAndroid Build Coastguard Worker
473*1c60b9acSAndroid Build Coastguard Worker switch (ctx->path_match - 1) {
474*1c60b9acSAndroid Build Coastguard Worker
475*1c60b9acSAndroid Build Coastguard Worker /* strings */
476*1c60b9acSAndroid Build Coastguard Worker
477*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_RELEASE:
478*1c60b9acSAndroid Build Coastguard Worker break;
479*1c60b9acSAndroid Build Coastguard Worker
480*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_PRODUCT:
481*1c60b9acSAndroid Build Coastguard Worker break;
482*1c60b9acSAndroid Build Coastguard Worker
483*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_SCHEMA_VERSION:
484*1c60b9acSAndroid Build Coastguard Worker break;
485*1c60b9acSAndroid Build Coastguard Worker
486*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_VIA_SOCKS5:
487*1c60b9acSAndroid Build Coastguard Worker /* the global / default proxy */
488*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->socks5_proxy;
489*1c60b9acSAndroid Build Coastguard Worker goto string2;
490*1c60b9acSAndroid Build Coastguard Worker
491*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_BACKOFF:
492*1c60b9acSAndroid Build Coastguard Worker b = &a->curr[LTY_BACKOFF].b->r;
493*1c60b9acSAndroid Build Coastguard Worker if (b->retry_ms_table_count == 8) {
494*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: > 8 backoff levels\n", __func__);
495*1c60b9acSAndroid Build Coastguard Worker return 1;
496*1c60b9acSAndroid Build Coastguard Worker }
497*1c60b9acSAndroid Build Coastguard Worker if (!b->retry_ms_table_count) {
498*1c60b9acSAndroid Build Coastguard Worker b->retry_ms_table = (uint32_t *)lwsac_use_zero(&a->ac,
499*1c60b9acSAndroid Build Coastguard Worker sizeof(uint32_t) * 8, POL_AC_GRAIN);
500*1c60b9acSAndroid Build Coastguard Worker if (!b->retry_ms_table)
501*1c60b9acSAndroid Build Coastguard Worker goto oom;
502*1c60b9acSAndroid Build Coastguard Worker }
503*1c60b9acSAndroid Build Coastguard Worker
504*1c60b9acSAndroid Build Coastguard Worker ((uint32_t *)b->retry_ms_table)
505*1c60b9acSAndroid Build Coastguard Worker [b->retry_ms_table_count++] = (uint32_t)atoi(ctx->buf);
506*1c60b9acSAndroid Build Coastguard Worker break;
507*1c60b9acSAndroid Build Coastguard Worker
508*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_CONCEAL:
509*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_BACKOFF].b->r.conceal_count = (uint16_t)atoi(ctx->buf);
510*1c60b9acSAndroid Build Coastguard Worker break;
511*1c60b9acSAndroid Build Coastguard Worker
512*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_JITTERPC:
513*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_BACKOFF].b->r.jitter_percent = (uint8_t)atoi(ctx->buf);
514*1c60b9acSAndroid Build Coastguard Worker break;
515*1c60b9acSAndroid Build Coastguard Worker
516*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_VALIDPING_S:
517*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_BACKOFF].b->r.secs_since_valid_ping = (uint16_t)atoi(ctx->buf);
518*1c60b9acSAndroid Build Coastguard Worker break;
519*1c60b9acSAndroid Build Coastguard Worker
520*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_VALIDHUP_S:
521*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_BACKOFF].b->r.secs_since_valid_hangup = (uint16_t)atoi(ctx->buf);
522*1c60b9acSAndroid Build Coastguard Worker break;
523*1c60b9acSAndroid Build Coastguard Worker
524*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_CERTS:
525*1c60b9acSAndroid Build Coastguard Worker if (a->count + ctx->npos >= MAX_CERT_TEMP) {
526*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: cert too big\n", __func__);
527*1c60b9acSAndroid Build Coastguard Worker goto oom;
528*1c60b9acSAndroid Build Coastguard Worker }
529*1c60b9acSAndroid Build Coastguard Worker inl = ctx->npos;
530*1c60b9acSAndroid Build Coastguard Worker outl = MAX_CERT_TEMP - (unsigned int)a->count;
531*1c60b9acSAndroid Build Coastguard Worker
532*1c60b9acSAndroid Build Coastguard Worker lws_b64_decode_stateful(&a->b64, ctx->buf, &inl,
533*1c60b9acSAndroid Build Coastguard Worker a->p + a->count, &outl,
534*1c60b9acSAndroid Build Coastguard Worker reason == LEJPCB_VAL_STR_END);
535*1c60b9acSAndroid Build Coastguard Worker a->count += (int)outl;
536*1c60b9acSAndroid Build Coastguard Worker if (inl != ctx->npos) {
537*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: b64 decode fail\n", __func__);
538*1c60b9acSAndroid Build Coastguard Worker goto oom;
539*1c60b9acSAndroid Build Coastguard Worker }
540*1c60b9acSAndroid Build Coastguard Worker break;
541*1c60b9acSAndroid Build Coastguard Worker
542*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_TRUST_STORES_NAME:
543*1c60b9acSAndroid Build Coastguard Worker if (lws_ss_policy_alloc_helper(a, LTY_TRUSTSTORE))
544*1c60b9acSAndroid Build Coastguard Worker goto oom;
545*1c60b9acSAndroid Build Coastguard Worker
546*1c60b9acSAndroid Build Coastguard Worker a->count = 0;
547*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_TRUSTSTORE].b->name;
548*1c60b9acSAndroid Build Coastguard Worker
549*1c60b9acSAndroid Build Coastguard Worker goto string2;
550*1c60b9acSAndroid Build Coastguard Worker
551*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_TRUST_STORES_STACK:
552*1c60b9acSAndroid Build Coastguard Worker if (a->count >= (int)LWS_ARRAY_SIZE(
553*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_TRUSTSTORE].t->ssx509)) {
554*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: trust store too big\n", __func__);
555*1c60b9acSAndroid Build Coastguard Worker goto oom;
556*1c60b9acSAndroid Build Coastguard Worker }
557*1c60b9acSAndroid Build Coastguard Worker lwsl_debug("%s: trust stores stack %.*s\n", __func__,
558*1c60b9acSAndroid Build Coastguard Worker ctx->npos, ctx->buf);
559*1c60b9acSAndroid Build Coastguard Worker x = a->heads[LTY_X509].x;
560*1c60b9acSAndroid Build Coastguard Worker while (x) {
561*1c60b9acSAndroid Build Coastguard Worker if (!strncmp(x->vhost_name, ctx->buf, ctx->npos)) {
562*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_TRUSTSTORE].t->ssx509[a->count++] = x;
563*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_TRUSTSTORE].t->count++;
564*1c60b9acSAndroid Build Coastguard Worker
565*1c60b9acSAndroid Build Coastguard Worker return 0;
566*1c60b9acSAndroid Build Coastguard Worker }
567*1c60b9acSAndroid Build Coastguard Worker x = x->next;
568*1c60b9acSAndroid Build Coastguard Worker }
569*1c60b9acSAndroid Build Coastguard Worker lws_strnncpy(dotstar, ctx->buf, ctx->npos, sizeof(dotstar));
570*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: unknown trust store entry %s\n", __func__,
571*1c60b9acSAndroid Build Coastguard Worker dotstar);
572*1c60b9acSAndroid Build Coastguard Worker goto oom;
573*1c60b9acSAndroid Build Coastguard Worker #if defined(LWS_WITH_SYS_METRICS)
574*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METRICS_NAME:
575*1c60b9acSAndroid Build Coastguard Worker if (lws_ss_policy_alloc_helper(a, LTY_METRICS))
576*1c60b9acSAndroid Build Coastguard Worker goto oom;
577*1c60b9acSAndroid Build Coastguard Worker
578*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_METRICS].b->name;
579*1c60b9acSAndroid Build Coastguard Worker
580*1c60b9acSAndroid Build Coastguard Worker goto string2;
581*1c60b9acSAndroid Build Coastguard Worker
582*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METRICS_US_SCHEDULE:
583*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_METRICS].m->us_schedule = (uint64_t)atoll(ctx->buf);
584*1c60b9acSAndroid Build Coastguard Worker break;
585*1c60b9acSAndroid Build Coastguard Worker
586*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METRICS_US_HALFLIFE:
587*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_METRICS].m->us_decay_unit = (uint32_t)atol(ctx->buf);
588*1c60b9acSAndroid Build Coastguard Worker break;
589*1c60b9acSAndroid Build Coastguard Worker
590*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METRICS_MIN_OUTLIER:
591*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_METRICS].m->min_contributors = (uint8_t)atoi(ctx->buf);
592*1c60b9acSAndroid Build Coastguard Worker break;
593*1c60b9acSAndroid Build Coastguard Worker
594*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METRICS_REPORT:
595*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_METRICS].m->report;
596*1c60b9acSAndroid Build Coastguard Worker goto string2;
597*1c60b9acSAndroid Build Coastguard Worker #endif
598*1c60b9acSAndroid Build Coastguard Worker
599*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_SERVER_CERT:
600*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_SERVER_KEY:
601*1c60b9acSAndroid Build Coastguard Worker
602*1c60b9acSAndroid Build Coastguard Worker /* iterate through the certs */
603*1c60b9acSAndroid Build Coastguard Worker
604*1c60b9acSAndroid Build Coastguard Worker py = &a->heads[LTY_X509].x;
605*1c60b9acSAndroid Build Coastguard Worker x = a->heads[LTY_X509].x;
606*1c60b9acSAndroid Build Coastguard Worker while (x) {
607*1c60b9acSAndroid Build Coastguard Worker if (!strncmp(x->vhost_name, ctx->buf, ctx->npos) &&
608*1c60b9acSAndroid Build Coastguard Worker !x->vhost_name[ctx->npos]) {
609*1c60b9acSAndroid Build Coastguard Worker if ((ctx->path_match - 1) == LSSPPT_SERVER_CERT)
610*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->trust.server.cert = x;
611*1c60b9acSAndroid Build Coastguard Worker else
612*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->trust.server.key = x;
613*1c60b9acSAndroid Build Coastguard Worker /*
614*1c60b9acSAndroid Build Coastguard Worker * Certs that are for servers need to stick
615*1c60b9acSAndroid Build Coastguard Worker * around in DER form, so the vhost can be
616*1c60b9acSAndroid Build Coastguard Worker * instantiated when the server is brought up
617*1c60b9acSAndroid Build Coastguard Worker */
618*1c60b9acSAndroid Build Coastguard Worker x->keep = 1;
619*1c60b9acSAndroid Build Coastguard Worker lwsl_notice("%s: server '%s' keep %d %p\n",
620*1c60b9acSAndroid Build Coastguard Worker __func__, x->vhost_name,
621*1c60b9acSAndroid Build Coastguard Worker ctx->path_match - 1, x);
622*1c60b9acSAndroid Build Coastguard Worker
623*1c60b9acSAndroid Build Coastguard Worker /*
624*1c60b9acSAndroid Build Coastguard Worker * Server DER we need to move it to another
625*1c60b9acSAndroid Build Coastguard Worker * list just for destroying it when the context
626*1c60b9acSAndroid Build Coastguard Worker * is destroyed... snip us out of the live
627*1c60b9acSAndroid Build Coastguard Worker * X.509 list
628*1c60b9acSAndroid Build Coastguard Worker */
629*1c60b9acSAndroid Build Coastguard Worker
630*1c60b9acSAndroid Build Coastguard Worker *py = x->next;
631*1c60b9acSAndroid Build Coastguard Worker
632*1c60b9acSAndroid Build Coastguard Worker /*
633*1c60b9acSAndroid Build Coastguard Worker * ... and instead put us on the list of things
634*1c60b9acSAndroid Build Coastguard Worker * to keep hold of for context destruction
635*1c60b9acSAndroid Build Coastguard Worker */
636*1c60b9acSAndroid Build Coastguard Worker
637*1c60b9acSAndroid Build Coastguard Worker x->next = a->context->server_der_list;
638*1c60b9acSAndroid Build Coastguard Worker a->context->server_der_list = x;
639*1c60b9acSAndroid Build Coastguard Worker
640*1c60b9acSAndroid Build Coastguard Worker return 0;
641*1c60b9acSAndroid Build Coastguard Worker }
642*1c60b9acSAndroid Build Coastguard Worker py = &x->next;
643*1c60b9acSAndroid Build Coastguard Worker x = x->next;
644*1c60b9acSAndroid Build Coastguard Worker }
645*1c60b9acSAndroid Build Coastguard Worker lws_strnncpy(dotstar, ctx->buf, ctx->npos, sizeof(dotstar));
646*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: unknown cert / key %s\n", __func__, dotstar);
647*1c60b9acSAndroid Build Coastguard Worker goto oom;
648*1c60b9acSAndroid Build Coastguard Worker
649*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_ENDPOINT:
650*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->endpoint;
651*1c60b9acSAndroid Build Coastguard Worker goto string2;
652*1c60b9acSAndroid Build Coastguard Worker
653*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_VH_VIA_SOCKS5:
654*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->socks5_proxy;
655*1c60b9acSAndroid Build Coastguard Worker goto string2;
656*1c60b9acSAndroid Build Coastguard Worker
657*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_PORT:
658*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->port = (uint16_t)atoi(ctx->buf);
659*1c60b9acSAndroid Build Coastguard Worker break;
660*1c60b9acSAndroid Build Coastguard Worker
661*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_PROXY_BUFLEN:
662*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->proxy_buflen = (uint32_t)atol(ctx->buf);
663*1c60b9acSAndroid Build Coastguard Worker break;
664*1c60b9acSAndroid Build Coastguard Worker
665*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_PROXY_BUFLEN_RXFLOW_ON_ABOVE:
666*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->proxy_buflen_rxflow_on_above =
667*1c60b9acSAndroid Build Coastguard Worker (uint32_t)atol(ctx->buf);
668*1c60b9acSAndroid Build Coastguard Worker break;
669*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_PROXY_BUFLEN_RXFLOW_OFF_BELOW:
670*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->proxy_buflen_rxflow_off_below =
671*1c60b9acSAndroid Build Coastguard Worker (uint32_t)atol(ctx->buf);
672*1c60b9acSAndroid Build Coastguard Worker break;
673*1c60b9acSAndroid Build Coastguard Worker
674*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_CLIENT_BUFLEN:
675*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->client_buflen = (uint32_t)atol(ctx->buf);
676*1c60b9acSAndroid Build Coastguard Worker break;
677*1c60b9acSAndroid Build Coastguard Worker
678*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_CLIENT_BUFLEN_RXFLOW_ON_ABOVE:
679*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->client_buflen_rxflow_on_above =
680*1c60b9acSAndroid Build Coastguard Worker (uint32_t)atol(ctx->buf);
681*1c60b9acSAndroid Build Coastguard Worker break;
682*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_CLIENT_BUFLEN_RXFLOW_OFF_BELOW:
683*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->client_buflen_rxflow_off_below =
684*1c60b9acSAndroid Build Coastguard Worker (uint32_t)atol(ctx->buf);
685*1c60b9acSAndroid Build Coastguard Worker break;
686*1c60b9acSAndroid Build Coastguard Worker
687*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_METHOD:
688*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.http.method;
689*1c60b9acSAndroid Build Coastguard Worker goto string2;
690*1c60b9acSAndroid Build Coastguard Worker
691*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_URL:
692*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.http.url;
693*1c60b9acSAndroid Build Coastguard Worker goto string2;
694*1c60b9acSAndroid Build Coastguard Worker
695*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_RIDESHARE:
696*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->rideshare_streamtype;
697*1c60b9acSAndroid Build Coastguard Worker goto string2;
698*1c60b9acSAndroid Build Coastguard Worker
699*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_PAYLOAD_FORMAT:
700*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->payload_fmt;
701*1c60b9acSAndroid Build Coastguard Worker goto string2;
702*1c60b9acSAndroid Build Coastguard Worker
703*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_PLUGINS:
704*1c60b9acSAndroid Build Coastguard Worker #if defined(LWS_WITH_SSPLUGINS)
705*1c60b9acSAndroid Build Coastguard Worker pin = a->context->pss_plugins;
706*1c60b9acSAndroid Build Coastguard Worker if (a->count ==
707*1c60b9acSAndroid Build Coastguard Worker (int)LWS_ARRAY_SIZE(a->curr[LTY_POLICY].p->plugins)) {
708*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: too many plugins\n", __func__);
709*1c60b9acSAndroid Build Coastguard Worker
710*1c60b9acSAndroid Build Coastguard Worker goto oom;
711*1c60b9acSAndroid Build Coastguard Worker }
712*1c60b9acSAndroid Build Coastguard Worker if (!pin)
713*1c60b9acSAndroid Build Coastguard Worker break;
714*1c60b9acSAndroid Build Coastguard Worker while (*pin) {
715*1c60b9acSAndroid Build Coastguard Worker if (!strncmp((*pin)->name, ctx->buf, ctx->npos)) {
716*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->plugins[a->count++] = *pin;
717*1c60b9acSAndroid Build Coastguard Worker return 0;
718*1c60b9acSAndroid Build Coastguard Worker }
719*1c60b9acSAndroid Build Coastguard Worker pin++;
720*1c60b9acSAndroid Build Coastguard Worker }
721*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: unknown plugin\n", __func__);
722*1c60b9acSAndroid Build Coastguard Worker goto oom;
723*1c60b9acSAndroid Build Coastguard Worker #else
724*1c60b9acSAndroid Build Coastguard Worker break;
725*1c60b9acSAndroid Build Coastguard Worker #endif
726*1c60b9acSAndroid Build Coastguard Worker
727*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_TLS:
728*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
729*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_TLS;
730*1c60b9acSAndroid Build Coastguard Worker break;
731*1c60b9acSAndroid Build Coastguard Worker
732*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_TLS_CLIENT_CERT:
733*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->client_cert = (uint8_t)(atoi(ctx->buf) + 1);
734*1c60b9acSAndroid Build Coastguard Worker break;
735*1c60b9acSAndroid Build Coastguard Worker
736*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_AUTH_BLOB:
737*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_AUTH].a->blob_index = (uint8_t)atoi(ctx->buf);
738*1c60b9acSAndroid Build Coastguard Worker break;
739*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_EXPECT:
740*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.http.resp_expect = (uint16_t)atoi(ctx->buf);
741*1c60b9acSAndroid Build Coastguard Worker break;
742*1c60b9acSAndroid Build Coastguard Worker
743*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_DEFAULT_TIMEOUT_MS:
744*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->timeout_ms = (uint32_t)atoi(ctx->buf);
745*1c60b9acSAndroid Build Coastguard Worker break;
746*1c60b9acSAndroid Build Coastguard Worker
747*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_ATTR_PRIORITY:
748*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->priority = (uint8_t)atoi(ctx->buf);
749*1c60b9acSAndroid Build Coastguard Worker break;
750*1c60b9acSAndroid Build Coastguard Worker
751*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_OPPORTUNISTIC:
752*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
753*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_OPPORTUNISTIC;
754*1c60b9acSAndroid Build Coastguard Worker break;
755*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_NAILED_UP:
756*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
757*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_NAILED_UP;
758*1c60b9acSAndroid Build Coastguard Worker break;
759*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_URGENT_TX:
760*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
761*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_URGENT_TX;
762*1c60b9acSAndroid Build Coastguard Worker break;
763*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_URGENT_RX:
764*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
765*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_URGENT_RX;
766*1c60b9acSAndroid Build Coastguard Worker break;
767*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_LONG_POLL:
768*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
769*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_LONG_POLL;
770*1c60b9acSAndroid Build Coastguard Worker break;
771*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_PRIORITIZE_READS:
772*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
773*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_PRIORITIZE_READS;
774*1c60b9acSAndroid Build Coastguard Worker break;
775*1c60b9acSAndroid Build Coastguard Worker
776*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_WWW_FORM_URLENCODED:
777*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
778*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
779*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_HTTP_X_WWW_FORM_URLENCODED;
780*1c60b9acSAndroid Build Coastguard Worker break;
781*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_SWAKE_VALIDITY:
782*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
783*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
784*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_WAKE_SUSPEND__VALIDITY;
785*1c60b9acSAndroid Build Coastguard Worker break;
786*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_ALLOW_REDIRECTS:
787*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
788*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
789*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_ALLOW_REDIRECTS;
790*1c60b9acSAndroid Build Coastguard Worker break;
791*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_COOKIES:
792*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
793*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
794*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_HTTP_CACHE_COOKIES;
795*1c60b9acSAndroid Build Coastguard Worker break;
796*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_MULTIPART_SS_IN:
797*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
798*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
799*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_HTTP_MULTIPART_IN;
800*1c60b9acSAndroid Build Coastguard Worker return 0;
801*1c60b9acSAndroid Build Coastguard Worker
802*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_ATTR_LOW_LATENCY:
803*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
804*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
805*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_ATTR_LOW_LATENCY;
806*1c60b9acSAndroid Build Coastguard Worker return 0;
807*1c60b9acSAndroid Build Coastguard Worker
808*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_ATTR_HIGH_THROUGHPUT:
809*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
810*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
811*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_ATTR_HIGH_THROUGHPUT;
812*1c60b9acSAndroid Build Coastguard Worker return 0;
813*1c60b9acSAndroid Build Coastguard Worker
814*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_ATTR_HIGH_RELIABILITY:
815*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
816*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
817*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_ATTR_HIGH_RELIABILITY;
818*1c60b9acSAndroid Build Coastguard Worker return 0;
819*1c60b9acSAndroid Build Coastguard Worker
820*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_ATTR_LOW_COST:
821*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
822*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_ATTR_LOW_COST;
823*1c60b9acSAndroid Build Coastguard Worker return 0;
824*1c60b9acSAndroid Build Coastguard Worker
825*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_PERF:
826*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
827*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_PERF;
828*1c60b9acSAndroid Build Coastguard Worker return 0;
829*1c60b9acSAndroid Build Coastguard Worker
830*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_RETRYPTR:
831*1c60b9acSAndroid Build Coastguard Worker bot = a->heads[LTY_BACKOFF].b;
832*1c60b9acSAndroid Build Coastguard Worker while (bot) {
833*1c60b9acSAndroid Build Coastguard Worker if (!strncmp(ctx->buf, bot->name, ctx->npos)) {
834*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->retry_bo = &bot->r;
835*1c60b9acSAndroid Build Coastguard Worker
836*1c60b9acSAndroid Build Coastguard Worker return 0;
837*1c60b9acSAndroid Build Coastguard Worker }
838*1c60b9acSAndroid Build Coastguard Worker bot = bot->next;
839*1c60b9acSAndroid Build Coastguard Worker }
840*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: unknown backoff scheme\n", __func__);
841*1c60b9acSAndroid Build Coastguard Worker
842*1c60b9acSAndroid Build Coastguard Worker return -1;
843*1c60b9acSAndroid Build Coastguard Worker
844*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_TRUST:
845*1c60b9acSAndroid Build Coastguard Worker ts = a->heads[LTY_TRUSTSTORE].t;
846*1c60b9acSAndroid Build Coastguard Worker while (ts) {
847*1c60b9acSAndroid Build Coastguard Worker if (!strncmp(ctx->buf, ts->name, ctx->npos)) {
848*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->trust.store = ts;
849*1c60b9acSAndroid Build Coastguard Worker return 0;
850*1c60b9acSAndroid Build Coastguard Worker }
851*1c60b9acSAndroid Build Coastguard Worker ts = ts->next;
852*1c60b9acSAndroid Build Coastguard Worker }
853*1c60b9acSAndroid Build Coastguard Worker lws_strnncpy(dotstar, ctx->buf, ctx->npos, sizeof(dotstar));
854*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: unknown trust store name %s\n", __func__,
855*1c60b9acSAndroid Build Coastguard Worker dotstar);
856*1c60b9acSAndroid Build Coastguard Worker
857*1c60b9acSAndroid Build Coastguard Worker return -1;
858*1c60b9acSAndroid Build Coastguard Worker
859*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METADATA:
860*1c60b9acSAndroid Build Coastguard Worker break;
861*1c60b9acSAndroid Build Coastguard Worker
862*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_USE_AUTH:
863*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->auth =
864*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_find_auth_by_name(a, ctx->buf, ctx->npos);
865*1c60b9acSAndroid Build Coastguard Worker if (!a->curr[LTY_POLICY].p->auth) {
866*1c60b9acSAndroid Build Coastguard Worker lws_strnncpy(dotstar, ctx->buf, ctx->npos, sizeof(dotstar));
867*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: unknown auth '%s'\n", __func__, dotstar);
868*1c60b9acSAndroid Build Coastguard Worker return -1;
869*1c60b9acSAndroid Build Coastguard Worker }
870*1c60b9acSAndroid Build Coastguard Worker break;
871*1c60b9acSAndroid Build Coastguard Worker
872*1c60b9acSAndroid Build Coastguard Worker
873*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_METADATA_ITEM:
874*1c60b9acSAndroid Build Coastguard Worker pmd = a->curr[LTY_POLICY].p->metadata;
875*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->metadata = lwsac_use_zero(&a->ac,
876*1c60b9acSAndroid Build Coastguard Worker sizeof(lws_ss_metadata_t) + ctx->npos +
877*1c60b9acSAndroid Build Coastguard Worker (unsigned int)(ctx->path_match_len - ctx->st[ctx->sp - 2].p + 1) + 2,
878*1c60b9acSAndroid Build Coastguard Worker POL_AC_GRAIN);
879*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->metadata->next = pmd;
880*1c60b9acSAndroid Build Coastguard Worker
881*1c60b9acSAndroid Build Coastguard Worker q = (char *)a->curr[LTY_POLICY].p->metadata +
882*1c60b9acSAndroid Build Coastguard Worker sizeof(lws_ss_metadata_t);
883*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->metadata->name = q;
884*1c60b9acSAndroid Build Coastguard Worker memcpy(q, ctx->path + ctx->st[ctx->sp - 2].p + 1,
885*1c60b9acSAndroid Build Coastguard Worker (unsigned int)(ctx->path_match_len - ctx->st[ctx->sp - 2].p));
886*1c60b9acSAndroid Build Coastguard Worker
887*1c60b9acSAndroid Build Coastguard Worker q += ctx->path_match_len - ctx->st[ctx->sp - 2].p;
888*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->metadata->value__may_own_heap = q;
889*1c60b9acSAndroid Build Coastguard Worker memcpy(q, ctx->buf, ctx->npos);
890*1c60b9acSAndroid Build Coastguard Worker
891*1c60b9acSAndroid Build Coastguard Worker #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)
892*1c60b9acSAndroid Build Coastguard Worker /*
893*1c60b9acSAndroid Build Coastguard Worker * Check the metadata value part to see if it's a well-known
894*1c60b9acSAndroid Build Coastguard Worker * http header... if so, LWS_HTTP_NO_KNOWN_HEADER (0xff) means
895*1c60b9acSAndroid Build Coastguard Worker * no header string match else it's the well-known header index
896*1c60b9acSAndroid Build Coastguard Worker */
897*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->metadata->value_is_http_token = (uint8_t)
898*1c60b9acSAndroid Build Coastguard Worker lws_http_string_to_known_header(ctx->buf, ctx->npos);
899*1c60b9acSAndroid Build Coastguard Worker #endif
900*1c60b9acSAndroid Build Coastguard Worker
901*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->metadata->length = /* the index in handle->metadata */
902*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->metadata_count++;
903*1c60b9acSAndroid Build Coastguard Worker
904*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->metadata->value_length = ctx->npos;
905*1c60b9acSAndroid Build Coastguard Worker break;
906*1c60b9acSAndroid Build Coastguard Worker
907*1c60b9acSAndroid Build Coastguard Worker #if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)
908*1c60b9acSAndroid Build Coastguard Worker
909*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTPRESPMAP_ITEM:
910*1c60b9acSAndroid Build Coastguard Worker if (a->count >= (int)LWS_ARRAY_SIZE(a->respmap)) {
911*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: respmap too big\n", __func__);
912*1c60b9acSAndroid Build Coastguard Worker return -1;
913*1c60b9acSAndroid Build Coastguard Worker }
914*1c60b9acSAndroid Build Coastguard Worker a->respmap[a->count].resp = (uint16_t)
915*1c60b9acSAndroid Build Coastguard Worker atoi(ctx->path + ctx->st[ctx->sp - 2].p + 1);
916*1c60b9acSAndroid Build Coastguard Worker a->respmap[a->count].state = (uint16_t)atoi(ctx->buf);
917*1c60b9acSAndroid Build Coastguard Worker a->pending_respmap = 1;
918*1c60b9acSAndroid Build Coastguard Worker a->count++;
919*1c60b9acSAndroid Build Coastguard Worker break;
920*1c60b9acSAndroid Build Coastguard Worker
921*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_AUTH_HEADER:
922*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_DSN_HEADER:
923*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_FWV_HEADER:
924*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_TYPE_HEADER:
925*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.http.blob_header[
926*1c60b9acSAndroid Build Coastguard Worker (ctx->path_match - 1) - LSSPPT_HTTP_AUTH_HEADER];
927*1c60b9acSAndroid Build Coastguard Worker goto string2;
928*1c60b9acSAndroid Build Coastguard Worker
929*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_AUTH_PREAMBLE:
930*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.http.auth_preamble;
931*1c60b9acSAndroid Build Coastguard Worker goto string2;
932*1c60b9acSAndroid Build Coastguard Worker
933*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_NO_CONTENT_LENGTH:
934*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
935*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
936*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_HTTP_NO_CONTENT_LENGTH;
937*1c60b9acSAndroid Build Coastguard Worker break;
938*1c60b9acSAndroid Build Coastguard Worker
939*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_NGHTTP2_QUIRK_END_STREAM:
940*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
941*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
942*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_QUIRK_NGHTTP2_END_STREAM;
943*1c60b9acSAndroid Build Coastguard Worker break;
944*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_H2_QUIRK_OVERFLOWS_TXCR:
945*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
946*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
947*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_H2_QUIRK_OVERFLOWS_TXCR;
948*1c60b9acSAndroid Build Coastguard Worker break;
949*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_MULTIPART_NAME:
950*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_HTTP_MULTIPART;
951*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.http.multipart_name;
952*1c60b9acSAndroid Build Coastguard Worker goto string2;
953*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_MULTIPART_FILENAME:
954*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_HTTP_MULTIPART;
955*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.http.multipart_filename;
956*1c60b9acSAndroid Build Coastguard Worker goto string2;
957*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_MULTIPART_CONTENT_TYPE:
958*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_HTTP_MULTIPART;
959*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.http.multipart_content_type;
960*1c60b9acSAndroid Build Coastguard Worker goto string2;
961*1c60b9acSAndroid Build Coastguard Worker
962*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_AUTH_NAME:
963*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_AUTH].a->name;
964*1c60b9acSAndroid Build Coastguard Worker goto string2;
965*1c60b9acSAndroid Build Coastguard Worker
966*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_AUTH_STREAMTYPE:
967*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_AUTH].a->streamtype;
968*1c60b9acSAndroid Build Coastguard Worker goto string2;
969*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_AUTH_TYPE:
970*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_AUTH].a->type;
971*1c60b9acSAndroid Build Coastguard Worker goto string2;
972*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_HTTP_FAIL_REDIRECT:
973*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.http.fail_redirect =
974*1c60b9acSAndroid Build Coastguard Worker reason == LEJPCB_VAL_TRUE;
975*1c60b9acSAndroid Build Coastguard Worker break;
976*1c60b9acSAndroid Build Coastguard Worker #if defined(LWS_WITH_SECURE_STREAMS_AUTH_SIGV4)
977*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_AWS_REGION:
978*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->aws_region;
979*1c60b9acSAndroid Build Coastguard Worker goto string2;
980*1c60b9acSAndroid Build Coastguard Worker
981*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_AWS_SERVICE:
982*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->aws_service;
983*1c60b9acSAndroid Build Coastguard Worker goto string2;
984*1c60b9acSAndroid Build Coastguard Worker #endif
985*1c60b9acSAndroid Build Coastguard Worker
986*1c60b9acSAndroid Build Coastguard Worker #endif
987*1c60b9acSAndroid Build Coastguard Worker
988*1c60b9acSAndroid Build Coastguard Worker #if defined(LWS_ROLE_WS)
989*1c60b9acSAndroid Build Coastguard Worker
990*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_WS_SUBPROTOCOL:
991*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.http.u.ws.subprotocol;
992*1c60b9acSAndroid Build Coastguard Worker goto string2;
993*1c60b9acSAndroid Build Coastguard Worker
994*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_WS_BINARY:
995*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.http.u.ws.binary =
996*1c60b9acSAndroid Build Coastguard Worker reason == LEJPCB_VAL_TRUE;
997*1c60b9acSAndroid Build Coastguard Worker break;
998*1c60b9acSAndroid Build Coastguard Worker #endif
999*1c60b9acSAndroid Build Coastguard Worker
1000*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_LOCAL_SINK:
1001*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
1002*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_LOCAL_SINK;
1003*1c60b9acSAndroid Build Coastguard Worker break;
1004*1c60b9acSAndroid Build Coastguard Worker
1005*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_SERVER:
1006*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
1007*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |= LWSSSPOLF_SERVER;
1008*1c60b9acSAndroid Build Coastguard Worker break;
1009*1c60b9acSAndroid Build Coastguard Worker
1010*1c60b9acSAndroid Build Coastguard Worker #if defined(LWS_ROLE_MQTT)
1011*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_TOPIC:
1012*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.mqtt.topic;
1013*1c60b9acSAndroid Build Coastguard Worker goto string2;
1014*1c60b9acSAndroid Build Coastguard Worker
1015*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_SUBSCRIBE:
1016*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.mqtt.subscribe;
1017*1c60b9acSAndroid Build Coastguard Worker goto string2;
1018*1c60b9acSAndroid Build Coastguard Worker
1019*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_QOS:
1020*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.mqtt.qos = (uint8_t)atoi(ctx->buf);
1021*1c60b9acSAndroid Build Coastguard Worker break;
1022*1c60b9acSAndroid Build Coastguard Worker
1023*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_KEEPALIVE:
1024*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.mqtt.keep_alive = (uint16_t)atoi(ctx->buf);
1025*1c60b9acSAndroid Build Coastguard Worker break;
1026*1c60b9acSAndroid Build Coastguard Worker
1027*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_CLEAN_START:
1028*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.mqtt.clean_start =
1029*1c60b9acSAndroid Build Coastguard Worker reason == LEJPCB_VAL_TRUE;
1030*1c60b9acSAndroid Build Coastguard Worker break;
1031*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_WILL_TOPIC:
1032*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.mqtt.will_topic;
1033*1c60b9acSAndroid Build Coastguard Worker goto string2;
1034*1c60b9acSAndroid Build Coastguard Worker
1035*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_WILL_MESSAGE:
1036*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.mqtt.will_message;
1037*1c60b9acSAndroid Build Coastguard Worker goto string2;
1038*1c60b9acSAndroid Build Coastguard Worker
1039*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_WILL_QOS:
1040*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.mqtt.will_qos = (uint8_t)atoi(ctx->buf);
1041*1c60b9acSAndroid Build Coastguard Worker break;
1042*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_WILL_RETAIN:
1043*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.mqtt.will_retain =
1044*1c60b9acSAndroid Build Coastguard Worker reason == LEJPCB_VAL_TRUE;
1045*1c60b9acSAndroid Build Coastguard Worker break;
1046*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_BIRTH_TOPIC:
1047*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.mqtt.birth_topic;
1048*1c60b9acSAndroid Build Coastguard Worker goto string2;
1049*1c60b9acSAndroid Build Coastguard Worker
1050*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_BIRTH_MESSAGE:
1051*1c60b9acSAndroid Build Coastguard Worker pp = (char **)&a->curr[LTY_POLICY].p->u.mqtt.birth_message;
1052*1c60b9acSAndroid Build Coastguard Worker goto string2;
1053*1c60b9acSAndroid Build Coastguard Worker
1054*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_BIRTH_QOS:
1055*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.mqtt.birth_qos = (uint8_t)atoi(ctx->buf);
1056*1c60b9acSAndroid Build Coastguard Worker break;
1057*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_BIRTH_RETAIN:
1058*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.mqtt.birth_retain =
1059*1c60b9acSAndroid Build Coastguard Worker reason == LEJPCB_VAL_TRUE;
1060*1c60b9acSAndroid Build Coastguard Worker break;
1061*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_MQTT_AWS_IOT:
1062*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
1063*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->u.mqtt.aws_iot =
1064*1c60b9acSAndroid Build Coastguard Worker reason == LEJPCB_VAL_TRUE;
1065*1c60b9acSAndroid Build Coastguard Worker break;
1066*1c60b9acSAndroid Build Coastguard Worker #endif
1067*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_DIRECT_PROTO_STR:
1068*1c60b9acSAndroid Build Coastguard Worker if (reason == LEJPCB_VAL_TRUE)
1069*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->flags |=
1070*1c60b9acSAndroid Build Coastguard Worker LWSSSPOLF_DIRECT_PROTO_STR;
1071*1c60b9acSAndroid Build Coastguard Worker break;
1072*1c60b9acSAndroid Build Coastguard Worker
1073*1c60b9acSAndroid Build Coastguard Worker
1074*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_PROTOCOL:
1075*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->protocol = 0xff;
1076*1c60b9acSAndroid Build Coastguard Worker for (n = 0; n < (int)LWS_ARRAY_SIZE(protonames); n++)
1077*1c60b9acSAndroid Build Coastguard Worker if (strlen(protonames[n]) == ctx->npos &&
1078*1c60b9acSAndroid Build Coastguard Worker !strncmp(ctx->buf, protonames[n], ctx->npos))
1079*1c60b9acSAndroid Build Coastguard Worker a->curr[LTY_POLICY].p->protocol = (uint8_t)n;
1080*1c60b9acSAndroid Build Coastguard Worker
1081*1c60b9acSAndroid Build Coastguard Worker if (a->curr[LTY_POLICY].p->protocol != 0xff)
1082*1c60b9acSAndroid Build Coastguard Worker break;
1083*1c60b9acSAndroid Build Coastguard Worker lws_strnncpy(dotstar, ctx->buf, ctx->npos, sizeof(dotstar));
1084*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: unknown protocol name %s\n", __func__, dotstar);
1085*1c60b9acSAndroid Build Coastguard Worker return -1;
1086*1c60b9acSAndroid Build Coastguard Worker
1087*1c60b9acSAndroid Build Coastguard Worker default:
1088*1c60b9acSAndroid Build Coastguard Worker break;
1089*1c60b9acSAndroid Build Coastguard Worker }
1090*1c60b9acSAndroid Build Coastguard Worker
1091*1c60b9acSAndroid Build Coastguard Worker return 0;
1092*1c60b9acSAndroid Build Coastguard Worker
1093*1c60b9acSAndroid Build Coastguard Worker string2:
1094*1c60b9acSAndroid Build Coastguard Worker /*
1095*1c60b9acSAndroid Build Coastguard Worker * If we can do const string folding, reuse the existing string rather
1096*1c60b9acSAndroid Build Coastguard Worker * than make a new entry
1097*1c60b9acSAndroid Build Coastguard Worker */
1098*1c60b9acSAndroid Build Coastguard Worker extant = lwsac_scan_extant(a->ac, (uint8_t *)ctx->buf, (size_t)ctx->npos, 1);
1099*1c60b9acSAndroid Build Coastguard Worker if (extant) {
1100*1c60b9acSAndroid Build Coastguard Worker *pp = (char *)extant;
1101*1c60b9acSAndroid Build Coastguard Worker
1102*1c60b9acSAndroid Build Coastguard Worker return 0;
1103*1c60b9acSAndroid Build Coastguard Worker }
1104*1c60b9acSAndroid Build Coastguard Worker *pp = lwsac_use_backfill(&a->ac, (size_t)(ctx->npos + 1), POL_AC_GRAIN);
1105*1c60b9acSAndroid Build Coastguard Worker if (!*pp)
1106*1c60b9acSAndroid Build Coastguard Worker goto oom;
1107*1c60b9acSAndroid Build Coastguard Worker memcpy(*pp, ctx->buf, ctx->npos);
1108*1c60b9acSAndroid Build Coastguard Worker (*pp)[ctx->npos] = '\0';
1109*1c60b9acSAndroid Build Coastguard Worker
1110*1c60b9acSAndroid Build Coastguard Worker return 0;
1111*1c60b9acSAndroid Build Coastguard Worker
1112*1c60b9acSAndroid Build Coastguard Worker string1:
1113*1c60b9acSAndroid Build Coastguard Worker n = ctx->st[ctx->sp].p;
1114*1c60b9acSAndroid Build Coastguard Worker *pp = lwsac_use_backfill(&a->ac, (size_t)ctx->path_match_len + (size_t)1 - (size_t)n,
1115*1c60b9acSAndroid Build Coastguard Worker POL_AC_GRAIN);
1116*1c60b9acSAndroid Build Coastguard Worker if (!*pp)
1117*1c60b9acSAndroid Build Coastguard Worker goto oom;
1118*1c60b9acSAndroid Build Coastguard Worker memcpy(*pp, ctx->path + n, ctx->path_match_len - (unsigned int)n);
1119*1c60b9acSAndroid Build Coastguard Worker (*pp)[ctx->path_match_len - n] = '\0';
1120*1c60b9acSAndroid Build Coastguard Worker
1121*1c60b9acSAndroid Build Coastguard Worker return 0;
1122*1c60b9acSAndroid Build Coastguard Worker
1123*1c60b9acSAndroid Build Coastguard Worker oom:
1124*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: OOM\n", __func__);
1125*1c60b9acSAndroid Build Coastguard Worker lws_free_set_NULL(a->p);
1126*1c60b9acSAndroid Build Coastguard Worker lwsac_free(&a->ac);
1127*1c60b9acSAndroid Build Coastguard Worker
1128*1c60b9acSAndroid Build Coastguard Worker return -1;
1129*1c60b9acSAndroid Build Coastguard Worker }
1130*1c60b9acSAndroid Build Coastguard Worker
1131*1c60b9acSAndroid Build Coastguard Worker int
lws_ss_policy_parse_begin(struct lws_context * context,int overlay)1132*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_parse_begin(struct lws_context *context, int overlay)
1133*1c60b9acSAndroid Build Coastguard Worker {
1134*1c60b9acSAndroid Build Coastguard Worker struct policy_cb_args *args;
1135*1c60b9acSAndroid Build Coastguard Worker char *p;
1136*1c60b9acSAndroid Build Coastguard Worker
1137*1c60b9acSAndroid Build Coastguard Worker args = lws_zalloc(sizeof(struct policy_cb_args), __func__);
1138*1c60b9acSAndroid Build Coastguard Worker if (!args) {
1139*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: OOM\n", __func__);
1140*1c60b9acSAndroid Build Coastguard Worker
1141*1c60b9acSAndroid Build Coastguard Worker return 1;
1142*1c60b9acSAndroid Build Coastguard Worker }
1143*1c60b9acSAndroid Build Coastguard Worker if (overlay)
1144*1c60b9acSAndroid Build Coastguard Worker /* continue to use the existing lwsac */
1145*1c60b9acSAndroid Build Coastguard Worker args->ac = context->ac_policy;
1146*1c60b9acSAndroid Build Coastguard Worker else
1147*1c60b9acSAndroid Build Coastguard Worker /* we don't want to see any old policy */
1148*1c60b9acSAndroid Build Coastguard Worker context->pss_policies = NULL;
1149*1c60b9acSAndroid Build Coastguard Worker
1150*1c60b9acSAndroid Build Coastguard Worker context->pol_args = args;
1151*1c60b9acSAndroid Build Coastguard Worker args->context = context;
1152*1c60b9acSAndroid Build Coastguard Worker p = lwsac_use(&args->ac, 1, POL_AC_INITIAL);
1153*1c60b9acSAndroid Build Coastguard Worker if (!p) {
1154*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: OOM\n", __func__);
1155*1c60b9acSAndroid Build Coastguard Worker lws_free_set_NULL(context->pol_args);
1156*1c60b9acSAndroid Build Coastguard Worker
1157*1c60b9acSAndroid Build Coastguard Worker return -1;
1158*1c60b9acSAndroid Build Coastguard Worker }
1159*1c60b9acSAndroid Build Coastguard Worker *p = 0;
1160*1c60b9acSAndroid Build Coastguard Worker lejp_construct(&args->jctx, lws_ss_policy_parser_cb, args,
1161*1c60b9acSAndroid Build Coastguard Worker lejp_tokens_policy, LWS_ARRAY_SIZE(lejp_tokens_policy));
1162*1c60b9acSAndroid Build Coastguard Worker
1163*1c60b9acSAndroid Build Coastguard Worker return 0;
1164*1c60b9acSAndroid Build Coastguard Worker }
1165*1c60b9acSAndroid Build Coastguard Worker
1166*1c60b9acSAndroid Build Coastguard Worker int
lws_ss_policy_parse_abandon(struct lws_context * context)1167*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_parse_abandon(struct lws_context *context)
1168*1c60b9acSAndroid Build Coastguard Worker {
1169*1c60b9acSAndroid Build Coastguard Worker struct policy_cb_args *args = (struct policy_cb_args *)context->pol_args;
1170*1c60b9acSAndroid Build Coastguard Worker lws_ss_x509_t *x;
1171*1c60b9acSAndroid Build Coastguard Worker
1172*1c60b9acSAndroid Build Coastguard Worker x = args->heads[LTY_X509].x;
1173*1c60b9acSAndroid Build Coastguard Worker while (x) {
1174*1c60b9acSAndroid Build Coastguard Worker /*
1175*1c60b9acSAndroid Build Coastguard Worker * Free all the client DER buffers now they have been parsed
1176*1c60b9acSAndroid Build Coastguard Worker * into tls library X.509 objects
1177*1c60b9acSAndroid Build Coastguard Worker */
1178*1c60b9acSAndroid Build Coastguard Worker lws_free((void *)x->ca_der);
1179*1c60b9acSAndroid Build Coastguard Worker x->ca_der = NULL;
1180*1c60b9acSAndroid Build Coastguard Worker
1181*1c60b9acSAndroid Build Coastguard Worker x = x->next;
1182*1c60b9acSAndroid Build Coastguard Worker }
1183*1c60b9acSAndroid Build Coastguard Worker
1184*1c60b9acSAndroid Build Coastguard Worker x = context->server_der_list;
1185*1c60b9acSAndroid Build Coastguard Worker while (x) {
1186*1c60b9acSAndroid Build Coastguard Worker lws_free((void *)x->ca_der);
1187*1c60b9acSAndroid Build Coastguard Worker x->ca_der = NULL;
1188*1c60b9acSAndroid Build Coastguard Worker
1189*1c60b9acSAndroid Build Coastguard Worker x = x->next;
1190*1c60b9acSAndroid Build Coastguard Worker }
1191*1c60b9acSAndroid Build Coastguard Worker
1192*1c60b9acSAndroid Build Coastguard Worker lejp_destruct(&args->jctx);
1193*1c60b9acSAndroid Build Coastguard Worker lwsac_free(&args->ac);
1194*1c60b9acSAndroid Build Coastguard Worker lws_free_set_NULL(context->pol_args);
1195*1c60b9acSAndroid Build Coastguard Worker
1196*1c60b9acSAndroid Build Coastguard Worker context->server_der_list = NULL;
1197*1c60b9acSAndroid Build Coastguard Worker
1198*1c60b9acSAndroid Build Coastguard Worker return 0;
1199*1c60b9acSAndroid Build Coastguard Worker }
1200*1c60b9acSAndroid Build Coastguard Worker
1201*1c60b9acSAndroid Build Coastguard Worker #if !defined(LWS_PLAT_FREERTOS) && !defined(LWS_PLAT_OPTEE)
1202*1c60b9acSAndroid Build Coastguard Worker int
lws_ss_policy_parse_file(struct lws_context * cx,const char * filepath)1203*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_parse_file(struct lws_context *cx, const char *filepath)
1204*1c60b9acSAndroid Build Coastguard Worker {
1205*1c60b9acSAndroid Build Coastguard Worker struct policy_cb_args *args = (struct policy_cb_args *)cx->pol_args;
1206*1c60b9acSAndroid Build Coastguard Worker uint8_t buf[512];
1207*1c60b9acSAndroid Build Coastguard Worker int n, m, fd = lws_open(filepath, LWS_O_RDONLY);
1208*1c60b9acSAndroid Build Coastguard Worker
1209*1c60b9acSAndroid Build Coastguard Worker if (fd < 0)
1210*1c60b9acSAndroid Build Coastguard Worker return LEJP_REJECT_UNKNOWN;
1211*1c60b9acSAndroid Build Coastguard Worker
1212*1c60b9acSAndroid Build Coastguard Worker do {
1213*1c60b9acSAndroid Build Coastguard Worker n = (int)read(fd, buf, sizeof(buf));
1214*1c60b9acSAndroid Build Coastguard Worker if (n < 0) {
1215*1c60b9acSAndroid Build Coastguard Worker m = -1;
1216*1c60b9acSAndroid Build Coastguard Worker goto bail;
1217*1c60b9acSAndroid Build Coastguard Worker }
1218*1c60b9acSAndroid Build Coastguard Worker
1219*1c60b9acSAndroid Build Coastguard Worker m = lejp_parse(&args->jctx, buf, n);
1220*1c60b9acSAndroid Build Coastguard Worker if (m != LEJP_CONTINUE && m < 0) {
1221*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: parse failed line %u: %d: %s\n", __func__,
1222*1c60b9acSAndroid Build Coastguard Worker (unsigned int)args->jctx.line, m,
1223*1c60b9acSAndroid Build Coastguard Worker lejp_error_to_string(m));
1224*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_parse_abandon(cx);
1225*1c60b9acSAndroid Build Coastguard Worker
1226*1c60b9acSAndroid Build Coastguard Worker m = -1;
1227*1c60b9acSAndroid Build Coastguard Worker goto bail;
1228*1c60b9acSAndroid Build Coastguard Worker }
1229*1c60b9acSAndroid Build Coastguard Worker
1230*1c60b9acSAndroid Build Coastguard Worker if (m != LEJP_CONTINUE)
1231*1c60b9acSAndroid Build Coastguard Worker break;
1232*1c60b9acSAndroid Build Coastguard Worker } while (n);
1233*1c60b9acSAndroid Build Coastguard Worker
1234*1c60b9acSAndroid Build Coastguard Worker m = 0;
1235*1c60b9acSAndroid Build Coastguard Worker bail:
1236*1c60b9acSAndroid Build Coastguard Worker close(fd);
1237*1c60b9acSAndroid Build Coastguard Worker
1238*1c60b9acSAndroid Build Coastguard Worker return m;
1239*1c60b9acSAndroid Build Coastguard Worker }
1240*1c60b9acSAndroid Build Coastguard Worker #endif
1241*1c60b9acSAndroid Build Coastguard Worker
1242*1c60b9acSAndroid Build Coastguard Worker int
lws_ss_policy_parse(struct lws_context * context,const uint8_t * buf,size_t len)1243*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_parse(struct lws_context *context, const uint8_t *buf, size_t len)
1244*1c60b9acSAndroid Build Coastguard Worker {
1245*1c60b9acSAndroid Build Coastguard Worker struct policy_cb_args *args = (struct policy_cb_args *)context->pol_args;
1246*1c60b9acSAndroid Build Coastguard Worker int m;
1247*1c60b9acSAndroid Build Coastguard Worker
1248*1c60b9acSAndroid Build Coastguard Worker #if !defined(LWS_PLAT_FREERTOS) && !defined(LWS_PLAT_OPTEE)
1249*1c60b9acSAndroid Build Coastguard Worker if (args->jctx.line < 2 && buf[0] != '{' && !args->parse_data)
1250*1c60b9acSAndroid Build Coastguard Worker return lws_ss_policy_parse_file(context, (const char *)buf);
1251*1c60b9acSAndroid Build Coastguard Worker #endif
1252*1c60b9acSAndroid Build Coastguard Worker
1253*1c60b9acSAndroid Build Coastguard Worker args->parse_data = 1;
1254*1c60b9acSAndroid Build Coastguard Worker m = lejp_parse(&args->jctx, buf, (int)len);
1255*1c60b9acSAndroid Build Coastguard Worker if (m == LEJP_CONTINUE || m >= 0)
1256*1c60b9acSAndroid Build Coastguard Worker return m;
1257*1c60b9acSAndroid Build Coastguard Worker
1258*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: parse failed line %u: %d: %s\n", __func__,
1259*1c60b9acSAndroid Build Coastguard Worker (unsigned int)args->jctx.line, m, lejp_error_to_string(m));
1260*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_parse_abandon(context);
1261*1c60b9acSAndroid Build Coastguard Worker assert(0);
1262*1c60b9acSAndroid Build Coastguard Worker
1263*1c60b9acSAndroid Build Coastguard Worker return m;
1264*1c60b9acSAndroid Build Coastguard Worker }
1265*1c60b9acSAndroid Build Coastguard Worker
1266*1c60b9acSAndroid Build Coastguard Worker int
lws_ss_policy_overlay(struct lws_context * context,const char * overlay)1267*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_overlay(struct lws_context *context, const char *overlay)
1268*1c60b9acSAndroid Build Coastguard Worker {
1269*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_parse_begin(context, 1);
1270*1c60b9acSAndroid Build Coastguard Worker return lws_ss_policy_parse(context, (const uint8_t *)overlay,
1271*1c60b9acSAndroid Build Coastguard Worker strlen(overlay));
1272*1c60b9acSAndroid Build Coastguard Worker }
1273*1c60b9acSAndroid Build Coastguard Worker
1274*1c60b9acSAndroid Build Coastguard Worker const lws_ss_policy_t *
lws_ss_policy_get(struct lws_context * context)1275*1c60b9acSAndroid Build Coastguard Worker lws_ss_policy_get(struct lws_context *context)
1276*1c60b9acSAndroid Build Coastguard Worker {
1277*1c60b9acSAndroid Build Coastguard Worker struct policy_cb_args *args = (struct policy_cb_args *)context->pol_args;
1278*1c60b9acSAndroid Build Coastguard Worker
1279*1c60b9acSAndroid Build Coastguard Worker if (!args)
1280*1c60b9acSAndroid Build Coastguard Worker return NULL;
1281*1c60b9acSAndroid Build Coastguard Worker
1282*1c60b9acSAndroid Build Coastguard Worker return args->heads[LTY_POLICY].p;
1283*1c60b9acSAndroid Build Coastguard Worker }
1284*1c60b9acSAndroid Build Coastguard Worker
1285*1c60b9acSAndroid Build Coastguard Worker const lws_ss_auth_t *
lws_ss_auth_get(struct lws_context * context)1286*1c60b9acSAndroid Build Coastguard Worker lws_ss_auth_get(struct lws_context *context)
1287*1c60b9acSAndroid Build Coastguard Worker {
1288*1c60b9acSAndroid Build Coastguard Worker struct policy_cb_args *args = (struct policy_cb_args *)context->pol_args;
1289*1c60b9acSAndroid Build Coastguard Worker
1290*1c60b9acSAndroid Build Coastguard Worker if (!args)
1291*1c60b9acSAndroid Build Coastguard Worker return NULL;
1292*1c60b9acSAndroid Build Coastguard Worker
1293*1c60b9acSAndroid Build Coastguard Worker return args->heads[LTY_AUTH].a;
1294*1c60b9acSAndroid Build Coastguard Worker }
1295