diff options
| author | Brandon Carpenter <brandon.carpenter@cypherpath.com> | 2017-09-12 08:21:51 -0700 |
|---|---|---|
| committer | Daniel P. Berrange <berrange@redhat.com> | 2017-10-04 13:21:53 +0100 |
| commit | 01af17fc002414ee1ac0800babfb0edc2bef1a7d (patch) | |
| tree | d219970d5598bde0f94398a08e07664d7bb47d70 /io/channel-websock.c | |
| parent | 3a29640e2cbae9d47b89ffaf98ed358920eb6797 (diff) | |
| download | focaccia-qemu-01af17fc002414ee1ac0800babfb0edc2bef1a7d.tar.gz focaccia-qemu-01af17fc002414ee1ac0800babfb0edc2bef1a7d.zip | |
io: Ignore websocket PING and PONG frames
Keep pings and gratuitous pongs generated by web browsers from killing websocket connections. Signed-off-by: Brandon Carpenter <brandon.carpenter@cypherpath.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Diffstat (limited to 'io/channel-websock.c')
| -rw-r--r-- | io/channel-websock.c | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/io/channel-websock.c b/io/channel-websock.c index b19b5d96da..bfe4008d83 100644 --- a/io/channel-websock.c +++ b/io/channel-websock.c @@ -115,6 +115,7 @@ #define QIO_CHANNEL_WEBSOCK_HEADER_FIELD_OPCODE 0x0f #define QIO_CHANNEL_WEBSOCK_HEADER_FIELD_HAS_MASK 0x80 #define QIO_CHANNEL_WEBSOCK_HEADER_FIELD_PAYLOAD_LEN 0x7f +#define QIO_CHANNEL_WEBSOCK_CONTROL_OPCODE_MASK 0x8 typedef struct QIOChannelWebsockHeader QIOChannelWebsockHeader; @@ -659,8 +660,11 @@ static int qio_channel_websock_decode_header(QIOChannelWebsock *ioc, return -1; } } else { - if (opcode != QIO_CHANNEL_WEBSOCK_OPCODE_BINARY_FRAME) { - error_setg(errp, "only binary websocket frames are supported"); + if (opcode != QIO_CHANNEL_WEBSOCK_OPCODE_BINARY_FRAME && + opcode != QIO_CHANNEL_WEBSOCK_OPCODE_PING && + opcode != QIO_CHANNEL_WEBSOCK_OPCODE_PONG) { + error_setg(errp, "unsupported opcode: %#04x; only binary, ping, " + "and pong websocket frames are supported", opcode); return -1; } } @@ -673,6 +677,9 @@ static int qio_channel_websock_decode_header(QIOChannelWebsock *ioc, ioc->payload_remain = payload_len; header_size = QIO_CHANNEL_WEBSOCK_HEADER_LEN_7_BIT; ioc->mask = header->u.m; + } else if (opcode & QIO_CHANNEL_WEBSOCK_CONTROL_OPCODE_MASK) { + error_setg(errp, "websocket control frame is too large"); + return -1; } else if (payload_len == QIO_CHANNEL_WEBSOCK_PAYLOAD_LEN_MAGIC_16_BIT && ioc->encinput.offset >= QIO_CHANNEL_WEBSOCK_HEADER_LEN_16_BIT) { ioc->payload_remain = be16_to_cpu(header->u.s16.l16); @@ -728,9 +735,15 @@ static int qio_channel_websock_decode_payload(QIOChannelWebsock *ioc, } } + /* Drop the payload of ping/pong packets */ + if (ioc->opcode == QIO_CHANNEL_WEBSOCK_OPCODE_BINARY_FRAME) { + if (payload_len) { + buffer_reserve(&ioc->rawinput, payload_len); + buffer_append(&ioc->rawinput, ioc->encinput.buffer, payload_len); + } + } + if (payload_len) { - buffer_reserve(&ioc->rawinput, payload_len); - buffer_append(&ioc->rawinput, ioc->encinput.buffer, payload_len); buffer_advance(&ioc->encinput, payload_len); } return 0; |