Implement experimental websocket client #2552
Open
+1,138
−551
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Websocket protocol handshake uses HTTP, thus it makes sense to reuse at least some of the abstractions and API style.
This will allow to implement Websocket client that reuses existing code.
Current implementation of websocket connection is specific to the server. Rename to more appropriate name.
Websocket connection handling is mostly not specific to the server and thus can be reused on the client easily.
Previous name was useful when it's used locally in translation unit. The new name is exposed in a header and should be more unique.
https://datatracker.ietf.org/doc/html/rfc6455#section-5.3 requires that the masking key must be unpredictable and derived from a strong source of entropy. This requirement arose due to usage of WebSocket protocol in the browsers, where both server and client payload generation code may be malicious and the only trusted piece is the browser itself. Consequently there was a need to make the bytes on the wire unpredictable for the client code, so that it cannot run attacks against intermediate proxies that do not understand WebSocket. In the case of Seastar there is no security boundary between payload generator and payload serializer in this class, accordingly in terms of security impact it is sufficient to simply use predictable masking key. Zero is chosen because it does not change the payload.
xemul
reviewed
Nov 28, 2024
| #include <seastar/core/when_all.hh> | ||
| #include <seastar/websocket/common.hh> |
There was a problem hiding this comment.
So far only the parser is in there, so it makes sense to name it parser.hh
xemul
reviewed
Nov 28, 2024
include/seastar/websocket/common.hh
Outdated
| /*! | ||
| * \param fd established socket used for communication | ||
| */ | ||
| connection(connected_socket&& fd) |
There was a problem hiding this comment.
Shouldn't it be protected as well?
xemul
reviewed
Nov 28, 2024
| @@ -243,16 +243,19 @@ protected: | |||
|
|
|||
| sstring _subprotocol; | |||
| handler_t _handler; | |||
| bool _is_client; | |||
There was a problem hiding this comment.
It seems that std::optional<uint32_t> _masking_key would fit better here. Constructor and send_key() would need to be updated accordingly
xemul
reviewed
Nov 28, 2024
| @@ -168,6 +172,26 @@ future<> connection::send_data(opcodes opcode, temporary_buffer<char>&& buff) { | |||
| header[1] = uint8_t(buff.size()); | |||
| } | |||
|
|
|||
| temporary_buffer<char> write_buf; | |||
There was a problem hiding this comment.
Unused in this patch. Maybe it's used later, but then it should as well be added "later"
xemul
reviewed
Nov 28, 2024
| @@ -87,7 +87,7 @@ struct frame_header { | |||
| } | |||
There was a problem hiding this comment.
Patch is missing descriptive comment
xemul
reviewed
Nov 28, 2024
| @@ -313,10 +313,10 @@ struct request { | |||
| */ | |||
There was a problem hiding this comment.
What for? Should be in the patch comment
xemul
reviewed
Nov 28, 2024
| @@ -777,6 +777,7 @@ add_library (seastar | |||
| src/util/read_first_line.cc | |||
xemul
reviewed
Nov 28, 2024
| * | ||
| * \param addr -- host address to connect to | ||
| * \param creds -- credentials | ||
| * \param host -- optional host name |
xemul
reviewed
Nov 28, 2024
| @@ -777,6 +777,7 @@ add_library (seastar | |||
| src/util/read_first_line.cc | |||
| src/util/tmp_file.cc | |||
| src/util/short_streams.cc | |||
| src/websocket/client.cc | |||
xemul
reviewed
Nov 28, 2024
| */ | ||
| future<> send_message(temporary_buffer<char> buf, bool flush); | ||
|
|
||
| protected: |
There was a problem hiding this comment.
Why no private? Are there plans to implement more specific connections inherited from this class?
xemul
reviewed
Nov 28, 2024
|
|
||
| auto con = seastar::make_shared<client_connection>(*this, std::move(cs), ws_key, handler); | ||
|
|
||
| auto sub = as ? as->subscribe([con] () noexcept { con->shutdown_input(); }) : std::nullopt; |
There was a problem hiding this comment.
This sub dies immediately after con->perform_handshake() returns, even if its future doesn't resolve immediately (likely it doesn't)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR consists of 2 parts:
It probably makes sense to land the general refactorings in smaller PRs once Websocket client is approved in principle.
One way that the websocket client differs from what is prescribed by RFC 6455 is that the client masking key is not random. The practical reason for that is to avoid needing to pull randomization infrastructure into the Websocket client. This would need additional APIs to control, as it makes sense to turn off randomization in unit tests.
Below is an excerpt from commit description on why this is reasonable solution