WebSocketServer.js 9.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326
  1. /*!
  2. * ws: a node.js websocket client
  3. * Copyright(c) 2011 Einar Otto Stangvik <einaros@gmail.com>
  4. * MIT Licensed
  5. */
  6. 'use strict';
  7. const safeBuffer = require('safe-buffer');
  8. const EventEmitter = require('events');
  9. const crypto = require('crypto');
  10. const Ultron = require('ultron');
  11. const http = require('http');
  12. const url = require('url');
  13. const PerMessageDeflate = require('./PerMessageDeflate');
  14. const Extensions = require('./Extensions');
  15. const constants = require('./Constants');
  16. const WebSocket = require('./WebSocket');
  17. const Buffer = safeBuffer.Buffer;
  18. /**
  19. * Class representing a WebSocket server.
  20. *
  21. * @extends EventEmitter
  22. */
  23. class WebSocketServer extends EventEmitter {
  24. /**
  25. * Create a `WebSocketServer` instance.
  26. *
  27. * @param {Object} options Configuration options
  28. * @param {String} options.host The hostname where to bind the server
  29. * @param {Number} options.port The port where to bind the server
  30. * @param {http.Server} options.server A pre-created HTTP/S server to use
  31. * @param {Function} options.verifyClient An hook to reject connections
  32. * @param {Function} options.handleProtocols An hook to handle protocols
  33. * @param {String} options.path Accept only connections matching this path
  34. * @param {Boolean} options.noServer Enable no server mode
  35. * @param {Boolean} options.clientTracking Specifies whether or not to track clients
  36. * @param {(Boolean|Object)} options.perMessageDeflate Enable/disable permessage-deflate
  37. * @param {Number} options.maxPayload The maximum allowed message size
  38. * @param {Function} callback A listener for the `listening` event
  39. */
  40. constructor (options, callback) {
  41. super();
  42. options = Object.assign({
  43. maxPayload: 100 * 1024 * 1024,
  44. perMessageDeflate: false,
  45. handleProtocols: null,
  46. clientTracking: true,
  47. verifyClient: null,
  48. noServer: false,
  49. backlog: null, // use default (511 as implemented in net.js)
  50. server: null,
  51. host: null,
  52. path: null,
  53. port: null
  54. }, options);
  55. if (options.port == null && !options.server && !options.noServer) {
  56. throw new TypeError('missing or invalid options');
  57. }
  58. if (options.port != null) {
  59. this._server = http.createServer((req, res) => {
  60. const body = http.STATUS_CODES[426];
  61. res.writeHead(426, {
  62. 'Content-Length': body.length,
  63. 'Content-Type': 'text/plain'
  64. });
  65. res.end(body);
  66. });
  67. this._server.listen(options.port, options.host, options.backlog, callback);
  68. } else if (options.server) {
  69. this._server = options.server;
  70. }
  71. if (this._server) {
  72. this._ultron = new Ultron(this._server);
  73. this._ultron.on('listening', () => this.emit('listening'));
  74. this._ultron.on('error', (err) => this.emit('error', err));
  75. this._ultron.on('upgrade', (req, socket, head) => {
  76. this.handleUpgrade(req, socket, head, (client) => {
  77. this.emit('connection', client, req);
  78. });
  79. });
  80. }
  81. if (options.perMessageDeflate === true) options.perMessageDeflate = {};
  82. if (options.clientTracking) this.clients = new Set();
  83. this.options = options;
  84. }
  85. /**
  86. * Close the server.
  87. *
  88. * @param {Function} cb Callback
  89. * @public
  90. */
  91. close (cb) {
  92. //
  93. // Terminate all associated clients.
  94. //
  95. if (this.clients) {
  96. for (const client of this.clients) client.terminate();
  97. }
  98. const server = this._server;
  99. if (server) {
  100. this._ultron.destroy();
  101. this._ultron = this._server = null;
  102. //
  103. // Close the http server if it was internally created.
  104. //
  105. if (this.options.port != null) return server.close(cb);
  106. }
  107. if (cb) cb();
  108. }
  109. /**
  110. * See if a given request should be handled by this server instance.
  111. *
  112. * @param {http.IncomingMessage} req Request object to inspect
  113. * @return {Boolean} `true` if the request is valid, else `false`
  114. * @public
  115. */
  116. shouldHandle (req) {
  117. if (this.options.path && url.parse(req.url).pathname !== this.options.path) {
  118. return false;
  119. }
  120. return true;
  121. }
  122. /**
  123. * Handle a HTTP Upgrade request.
  124. *
  125. * @param {http.IncomingMessage} req The request object
  126. * @param {net.Socket} socket The network socket between the server and client
  127. * @param {Buffer} head The first packet of the upgraded stream
  128. * @param {Function} cb Callback
  129. * @public
  130. */
  131. handleUpgrade (req, socket, head, cb) {
  132. socket.on('error', socketError);
  133. const version = +req.headers['sec-websocket-version'];
  134. const extensions = {};
  135. if (
  136. req.method !== 'GET' || req.headers.upgrade.toLowerCase() !== 'websocket' ||
  137. !req.headers['sec-websocket-key'] || (version !== 8 && version !== 13) ||
  138. !this.shouldHandle(req)
  139. ) {
  140. return abortConnection(socket, 400);
  141. }
  142. if (this.options.perMessageDeflate) {
  143. const perMessageDeflate = new PerMessageDeflate(
  144. this.options.perMessageDeflate,
  145. true,
  146. this.options.maxPayload
  147. );
  148. try {
  149. const offers = Extensions.parse(
  150. req.headers['sec-websocket-extensions']
  151. );
  152. if (offers[PerMessageDeflate.extensionName]) {
  153. perMessageDeflate.accept(offers[PerMessageDeflate.extensionName]);
  154. extensions[PerMessageDeflate.extensionName] = perMessageDeflate;
  155. }
  156. } catch (err) {
  157. return abortConnection(socket, 400);
  158. }
  159. }
  160. var protocol = (req.headers['sec-websocket-protocol'] || '').split(/, */);
  161. //
  162. // Optionally call external protocol selection handler.
  163. //
  164. if (this.options.handleProtocols) {
  165. protocol = this.options.handleProtocols(protocol, req);
  166. if (protocol === false) return abortConnection(socket, 401);
  167. } else {
  168. protocol = protocol[0];
  169. }
  170. //
  171. // Optionally call external client verification handler.
  172. //
  173. if (this.options.verifyClient) {
  174. const info = {
  175. origin: req.headers[`${version === 8 ? 'sec-websocket-origin' : 'origin'}`],
  176. secure: !!(req.connection.authorized || req.connection.encrypted),
  177. req
  178. };
  179. if (this.options.verifyClient.length === 2) {
  180. this.options.verifyClient(info, (verified, code, message) => {
  181. if (!verified) return abortConnection(socket, code || 401, message);
  182. this.completeUpgrade(
  183. protocol,
  184. extensions,
  185. version,
  186. req,
  187. socket,
  188. head,
  189. cb
  190. );
  191. });
  192. return;
  193. }
  194. if (!this.options.verifyClient(info)) return abortConnection(socket, 401);
  195. }
  196. this.completeUpgrade(protocol, extensions, version, req, socket, head, cb);
  197. }
  198. /**
  199. * Upgrade the connection to WebSocket.
  200. *
  201. * @param {String} protocol The chosen subprotocol
  202. * @param {Object} extensions The accepted extensions
  203. * @param {Number} version The WebSocket protocol version
  204. * @param {http.IncomingMessage} req The request object
  205. * @param {net.Socket} socket The network socket between the server and client
  206. * @param {Buffer} head The first packet of the upgraded stream
  207. * @param {Function} cb Callback
  208. * @private
  209. */
  210. completeUpgrade (protocol, extensions, version, req, socket, head, cb) {
  211. //
  212. // Destroy the socket if the client has already sent a FIN packet.
  213. //
  214. if (!socket.readable || !socket.writable) return socket.destroy();
  215. const key = crypto.createHash('sha1')
  216. .update(req.headers['sec-websocket-key'] + constants.GUID, 'binary')
  217. .digest('base64');
  218. const headers = [
  219. 'HTTP/1.1 101 Switching Protocols',
  220. 'Upgrade: websocket',
  221. 'Connection: Upgrade',
  222. `Sec-WebSocket-Accept: ${key}`
  223. ];
  224. if (protocol) headers.push(`Sec-WebSocket-Protocol: ${protocol}`);
  225. if (extensions[PerMessageDeflate.extensionName]) {
  226. const params = extensions[PerMessageDeflate.extensionName].params;
  227. const value = Extensions.format({
  228. [PerMessageDeflate.extensionName]: [params]
  229. });
  230. headers.push(`Sec-WebSocket-Extensions: ${value}`);
  231. }
  232. //
  233. // Allow external modification/inspection of handshake headers.
  234. //
  235. this.emit('headers', headers, req);
  236. socket.write(headers.concat('\r\n').join('\r\n'));
  237. const client = new WebSocket([socket, head], null, {
  238. maxPayload: this.options.maxPayload,
  239. protocolVersion: version,
  240. extensions,
  241. protocol
  242. });
  243. if (this.clients) {
  244. this.clients.add(client);
  245. client.on('close', () => this.clients.delete(client));
  246. }
  247. socket.removeListener('error', socketError);
  248. cb(client);
  249. }
  250. }
  251. module.exports = WebSocketServer;
  252. /**
  253. * Handle premature socket errors.
  254. *
  255. * @private
  256. */
  257. function socketError () {
  258. this.destroy();
  259. }
  260. /**
  261. * Close the connection when preconditions are not fulfilled.
  262. *
  263. * @param {net.Socket} socket The socket of the upgrade request
  264. * @param {Number} code The HTTP response status code
  265. * @param {String} [message] The HTTP response body
  266. * @private
  267. */
  268. function abortConnection (socket, code, message) {
  269. if (socket.writable) {
  270. message = message || http.STATUS_CODES[code];
  271. socket.write(
  272. `HTTP/1.1 ${code} ${http.STATUS_CODES[code]}\r\n` +
  273. 'Connection: close\r\n' +
  274. 'Content-type: text/html\r\n' +
  275. `Content-Length: ${Buffer.byteLength(message)}\r\n` +
  276. '\r\n' +
  277. message
  278. );
  279. }
  280. socket.removeListener('error', socketError);
  281. socket.destroy();
  282. }