tungstenite/protocol/frame/
mod.rs

1//! Utilities to work with raw WebSocket frames.
2
3pub mod coding;
4
5#[allow(clippy::module_inception)]
6mod frame;
7mod mask;
8mod utf8;
9
10pub use self::{
11    frame::{CloseFrame, Frame, FrameHeader},
12    utf8::Utf8Bytes,
13};
14
15use crate::{
16    error::{CapacityError, Error, ProtocolError, Result},
17    protocol::frame::mask::apply_mask,
18    Message,
19};
20use bytes::BytesMut;
21use log::*;
22use std::io::{self, Cursor, Error as IoError, ErrorKind as IoErrorKind, Read, Write};
23
24/// Read buffer size used for `FrameSocket`.
25const READ_BUF_LEN: usize = 128 * 1024;
26
27/// A reader and writer for WebSocket frames.
28#[derive(Debug)]
29pub struct FrameSocket<Stream> {
30    /// The underlying network stream.
31    stream: Stream,
32    /// Codec for reading/writing frames.
33    codec: FrameCodec,
34}
35
36impl<Stream> FrameSocket<Stream> {
37    /// Create a new frame socket.
38    pub fn new(stream: Stream) -> Self {
39        FrameSocket { stream, codec: FrameCodec::new(READ_BUF_LEN) }
40    }
41
42    /// Create a new frame socket from partially read data.
43    pub fn from_partially_read(stream: Stream, part: Vec<u8>) -> Self {
44        FrameSocket { stream, codec: FrameCodec::from_partially_read(part, READ_BUF_LEN) }
45    }
46
47    /// Extract a stream from the socket.
48    pub fn into_inner(self) -> (Stream, BytesMut) {
49        (self.stream, self.codec.in_buffer)
50    }
51
52    /// Returns a shared reference to the inner stream.
53    pub fn get_ref(&self) -> &Stream {
54        &self.stream
55    }
56
57    /// Returns a mutable reference to the inner stream.
58    pub fn get_mut(&mut self) -> &mut Stream {
59        &mut self.stream
60    }
61}
62
63impl<Stream> FrameSocket<Stream>
64where
65    Stream: Read,
66{
67    /// Read a frame from stream.
68    pub fn read(&mut self, max_size: Option<usize>) -> Result<Option<Frame>> {
69        self.codec.read_frame(&mut self.stream, max_size, false, true)
70    }
71}
72
73impl<Stream> FrameSocket<Stream>
74where
75    Stream: Write,
76{
77    /// Writes and immediately flushes a frame.
78    /// Equivalent to calling [`write`](Self::write) then [`flush`](Self::flush).
79    pub fn send(&mut self, frame: Frame) -> Result<()> {
80        self.write(frame)?;
81        self.flush()
82    }
83
84    /// Write a frame to stream.
85    ///
86    /// A subsequent call should be made to [`flush`](Self::flush) to flush writes.
87    ///
88    /// This function guarantees that the frame is queued unless [`Error::WriteBufferFull`]
89    /// is returned.
90    /// In order to handle WouldBlock or Incomplete, call [`flush`](Self::flush) afterwards.
91    pub fn write(&mut self, frame: Frame) -> Result<()> {
92        self.codec.buffer_frame(&mut self.stream, frame)
93    }
94
95    /// Flush writes.
96    pub fn flush(&mut self) -> Result<()> {
97        self.codec.write_out_buffer(&mut self.stream)?;
98        Ok(self.stream.flush()?)
99    }
100}
101
102/// A codec for WebSocket frames.
103#[derive(Debug)]
104pub(super) struct FrameCodec {
105    /// Buffer to read data from the stream.
106    in_buffer: BytesMut,
107    /// Buffer to send packets to the network.
108    out_buffer: Vec<u8>,
109    /// Capacity limit for `out_buffer`.
110    max_out_buffer_len: usize,
111    /// Buffer target length to reach before writing to the stream
112    /// on calls to `buffer_frame`.
113    ///
114    /// Setting this to non-zero will buffer small writes from hitting
115    /// the stream.
116    out_buffer_write_len: usize,
117    /// Header and remaining size of the incoming packet being processed.
118    header: Option<(FrameHeader, u64)>,
119}
120
121impl FrameCodec {
122    /// Create a new frame codec.
123    pub(super) fn new(in_buf_len: usize) -> Self {
124        Self {
125            in_buffer: BytesMut::with_capacity(in_buf_len),
126            out_buffer: <_>::default(),
127            max_out_buffer_len: usize::MAX,
128            out_buffer_write_len: 0,
129            header: None,
130        }
131    }
132
133    /// Create a new frame codec from partially read data.
134    pub(super) fn from_partially_read(part: Vec<u8>, min_in_buf_len: usize) -> Self {
135        let mut in_buffer = BytesMut::from_iter(part);
136        in_buffer.reserve(min_in_buf_len.saturating_sub(in_buffer.len()));
137        Self {
138            in_buffer,
139            out_buffer: <_>::default(),
140            max_out_buffer_len: usize::MAX,
141            out_buffer_write_len: 0,
142            header: None,
143        }
144    }
145
146    /// Sets a maximum size for the out buffer.
147    pub(super) fn set_max_out_buffer_len(&mut self, max: usize) {
148        self.max_out_buffer_len = max;
149    }
150
151    /// Sets [`Self::buffer_frame`] buffer target length to reach before
152    /// writing to the stream.
153    pub(super) fn set_out_buffer_write_len(&mut self, len: usize) {
154        self.out_buffer_write_len = len;
155    }
156
157    /// Read a frame from the provided stream.
158    pub(super) fn read_frame(
159        &mut self,
160        stream: &mut impl Read,
161        max_size: Option<usize>,
162        unmask: bool,
163        accept_unmasked: bool,
164    ) -> Result<Option<Frame>> {
165        let max_size = max_size.unwrap_or_else(usize::max_value);
166
167        let mut payload = loop {
168            {
169                if self.header.is_none() {
170                    let mut cursor = Cursor::new(&mut self.in_buffer);
171                    self.header = FrameHeader::parse(&mut cursor)?;
172                    let advanced = cursor.position();
173                    bytes::Buf::advance(&mut self.in_buffer, advanced as _);
174                }
175
176                if let Some((_, len)) = &self.header {
177                    let len = *len as usize;
178
179                    // Enforce frame size limit early and make sure `length`
180                    // is not too big (fits into `usize`).
181                    if len > max_size {
182                        return Err(Error::Capacity(CapacityError::MessageTooLong {
183                            size: len,
184                            max_size,
185                        }));
186                    }
187
188                    if len <= self.in_buffer.len() {
189                        break self.in_buffer.split_to(len);
190                    }
191                }
192            }
193
194            // Not enough data in buffer.
195            self.in_buffer.reserve(self.header.as_ref().map(|(_, l)| *l as usize).unwrap_or(6));
196            if self.read_in(stream)? == 0 {
197                trace!("no frame received");
198                return Ok(None);
199            }
200        };
201
202        let (mut header, length) = self.header.take().expect("Bug: no frame header");
203        debug_assert_eq!(payload.len() as u64, length);
204
205        if unmask {
206            if let Some(mask) = header.mask.take() {
207                // A server MUST remove masking for data frames received from a client
208                // as described in Section 5.3. (RFC 6455)
209                apply_mask(&mut payload, mask);
210            } else if !accept_unmasked {
211                // The server MUST close the connection upon receiving a
212                // frame that is not masked. (RFC 6455)
213                // The only exception here is if the user explicitly accepts given
214                // stream by setting WebSocketConfig.accept_unmasked_frames to true
215                return Err(Error::Protocol(ProtocolError::UnmaskedFrameFromClient));
216            }
217        }
218
219        let frame = Frame::from_payload(header, payload.freeze());
220        trace!("received frame {frame}");
221        Ok(Some(frame))
222    }
223
224    /// Read into available `in_buffer` capacity.
225    fn read_in(&mut self, stream: &mut impl Read) -> io::Result<usize> {
226        let len = self.in_buffer.len();
227        debug_assert!(self.in_buffer.capacity() > len);
228        self.in_buffer.resize(self.in_buffer.capacity(), 0);
229        let size = stream.read(&mut self.in_buffer[len..]);
230        self.in_buffer.truncate(len + size.as_ref().copied().unwrap_or(0));
231        size
232    }
233
234    /// Writes a frame into the `out_buffer`.
235    /// If the out buffer size is over the `out_buffer_write_len` will also write
236    /// the out buffer into the provided `stream`.
237    ///
238    /// To ensure buffered frames are written call [`Self::write_out_buffer`].
239    ///
240    /// May write to the stream, will **not** flush.
241    pub(super) fn buffer_frame<Stream>(&mut self, stream: &mut Stream, frame: Frame) -> Result<()>
242    where
243        Stream: Write,
244    {
245        if frame.len() + self.out_buffer.len() > self.max_out_buffer_len {
246            return Err(Error::WriteBufferFull(Message::Frame(frame)));
247        }
248
249        trace!("writing frame {frame}");
250
251        self.out_buffer.reserve(frame.len());
252        frame.format_into_buf(&mut self.out_buffer).expect("Bug: can't write to vector");
253
254        if self.out_buffer.len() > self.out_buffer_write_len {
255            self.write_out_buffer(stream)
256        } else {
257            Ok(())
258        }
259    }
260
261    /// Writes the out_buffer to the provided stream.
262    ///
263    /// Does **not** flush.
264    pub(super) fn write_out_buffer<Stream>(&mut self, stream: &mut Stream) -> Result<()>
265    where
266        Stream: Write,
267    {
268        while !self.out_buffer.is_empty() {
269            let len = stream.write(&self.out_buffer)?;
270            if len == 0 {
271                // This is the same as "Connection reset by peer"
272                return Err(IoError::new(
273                    IoErrorKind::ConnectionReset,
274                    "Connection reset while sending",
275                )
276                .into());
277            }
278            self.out_buffer.drain(0..len);
279        }
280
281        Ok(())
282    }
283}
284
285#[cfg(test)]
286mod tests {
287
288    use crate::error::{CapacityError, Error};
289
290    use super::{Frame, FrameSocket};
291
292    use std::io::Cursor;
293
294    #[test]
295    fn read_frames() {
296        env_logger::init();
297
298        let raw = Cursor::new(vec![
299            0x82, 0x07, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x82, 0x03, 0x03, 0x02, 0x01,
300            0x99,
301        ]);
302        let mut sock = FrameSocket::new(raw);
303
304        assert_eq!(
305            sock.read(None).unwrap().unwrap().into_payload(),
306            &[0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07][..]
307        );
308        assert_eq!(sock.read(None).unwrap().unwrap().into_payload(), &[0x03, 0x02, 0x01][..]);
309        assert!(sock.read(None).unwrap().is_none());
310
311        let (_, rest) = sock.into_inner();
312        assert_eq!(rest, vec![0x99]);
313    }
314
315    #[test]
316    fn from_partially_read() {
317        let raw = Cursor::new(vec![0x02, 0x03, 0x04, 0x05, 0x06, 0x07]);
318        let mut sock = FrameSocket::from_partially_read(raw, vec![0x82, 0x07, 0x01]);
319        assert_eq!(
320            sock.read(None).unwrap().unwrap().into_payload(),
321            &[0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07][..]
322        );
323    }
324
325    #[test]
326    fn write_frames() {
327        let mut sock = FrameSocket::new(Vec::new());
328
329        let frame = Frame::ping(vec![0x04, 0x05]);
330        sock.send(frame).unwrap();
331
332        let frame = Frame::pong(vec![0x01]);
333        sock.send(frame).unwrap();
334
335        let (buf, _) = sock.into_inner();
336        assert_eq!(buf, vec![0x89, 0x02, 0x04, 0x05, 0x8a, 0x01, 0x01]);
337    }
338
339    #[test]
340    fn parse_overflow() {
341        let raw = Cursor::new(vec![
342            0x83, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
343        ]);
344        let mut sock = FrameSocket::new(raw);
345        let _ = sock.read(None); // should not crash
346    }
347
348    #[test]
349    fn size_limit_hit() {
350        let raw = Cursor::new(vec![0x82, 0x07, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07]);
351        let mut sock = FrameSocket::new(raw);
352        assert!(matches!(
353            sock.read(Some(5)),
354            Err(Error::Capacity(CapacityError::MessageTooLong { size: 7, max_size: 5 }))
355        ));
356    }
357}