2015-04-13 04:09:02 -05:00
|
|
|
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
|
2015-03-04 17:14:04 -06:00
|
|
|
/*
|
|
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
*/
|
|
|
|
|
2017-12-20 07:06:26 -06:00
|
|
|
#include <config.h>
|
loolwsd: include cleanup and organization
A source file (.cpp) must include its own header first.
This insures that the header is self-contained and
doesn't depend on arbitrary (and accidental) includes
before it to compile.
Furthermore, system headers should go next, followed by
C then C++ headers, then libraries (Poco, etc) and, finally,
project headers come last.
This makes sure that headers and included in the same dependency
order to avoid side-effects. For example, Poco should never rely on
anything from our project in the same way that a C header should
never rely on anything in C++, Poco, or project headers.
Also, includes ought to be sorted where possible, to improve
readability and avoid accidental duplicates (of which there
were a few).
Change-Id: I62cc1343e4a091d69195e37ed659dba20cfcb1ef
Reviewed-on: https://gerrit.libreoffice.org/25262
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-05-21 09:23:07 -05:00
|
|
|
|
2017-03-08 10:38:22 -06:00
|
|
|
#include "Session.hpp"
|
|
|
|
|
2015-04-27 07:51:33 -05:00
|
|
|
#include <sys/types.h>
|
2015-04-08 09:22:42 -05:00
|
|
|
#include <ftw.h>
|
2015-04-27 07:51:33 -05:00
|
|
|
#include <utime.h>
|
2015-04-08 09:22:42 -05:00
|
|
|
|
2015-03-17 18:56:15 -05:00
|
|
|
#include <cassert>
|
2015-03-12 09:18:35 -05:00
|
|
|
#include <cstring>
|
2015-03-04 17:14:04 -06:00
|
|
|
#include <fstream>
|
|
|
|
#include <iostream>
|
2015-04-30 07:58:13 -05:00
|
|
|
#include <iterator>
|
2015-04-08 09:22:42 -05:00
|
|
|
#include <map>
|
2015-03-12 09:18:35 -05:00
|
|
|
#include <memory>
|
2015-05-07 08:29:36 -05:00
|
|
|
#include <mutex>
|
2015-04-08 09:22:42 -05:00
|
|
|
#include <set>
|
2015-03-04 17:14:04 -06:00
|
|
|
|
2016-03-07 11:58:26 -06:00
|
|
|
#include <Poco/Exception.h>
|
2015-04-08 09:22:42 -05:00
|
|
|
#include <Poco/Path.h>
|
2015-03-04 17:14:04 -06:00
|
|
|
#include <Poco/String.h>
|
2016-08-30 01:08:07 -05:00
|
|
|
#include <Poco/URI.h>
|
2015-03-04 17:14:04 -06:00
|
|
|
|
2016-01-27 03:05:54 -06:00
|
|
|
#include "Common.hpp"
|
2016-11-24 08:56:06 -06:00
|
|
|
#include "Protocol.hpp"
|
loolwsd: include cleanup and organization
A source file (.cpp) must include its own header first.
This insures that the header is self-contained and
doesn't depend on arbitrary (and accidental) includes
before it to compile.
Furthermore, system headers should go next, followed by
C then C++ headers, then libraries (Poco, etc) and, finally,
project headers come last.
This makes sure that headers and included in the same dependency
order to avoid side-effects. For example, Poco should never rely on
anything from our project in the same way that a C header should
never rely on anything in C++, Poco, or project headers.
Also, includes ought to be sorted where possible, to improve
readability and avoid accidental duplicates (of which there
were a few).
Change-Id: I62cc1343e4a091d69195e37ed659dba20cfcb1ef
Reviewed-on: https://gerrit.libreoffice.org/25262
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-05-21 09:23:07 -05:00
|
|
|
#include "Log.hpp"
|
2017-12-20 07:06:26 -06:00
|
|
|
#include <TileCache.hpp>
|
2015-03-17 18:56:15 -05:00
|
|
|
#include "Util.hpp"
|
2016-12-07 15:32:08 -06:00
|
|
|
#include "Unit.hpp"
|
2015-03-04 17:14:04 -06:00
|
|
|
|
2015-03-26 09:49:07 -05:00
|
|
|
using namespace LOOLProtocol;
|
|
|
|
|
2016-03-07 11:58:26 -06:00
|
|
|
using Poco::Exception;
|
2018-06-10 12:53:39 -05:00
|
|
|
using std::size_t;
|
2015-03-17 18:56:15 -05:00
|
|
|
|
2020-03-06 11:43:46 -06:00
|
|
|
Session::Session(const std::shared_ptr<ProtocolHandlerInterface> &protocol,
|
|
|
|
const std::string& name, const std::string& id, bool readOnly) :
|
|
|
|
MessageHandlerInterface(protocol),
|
2016-08-21 11:56:35 -05:00
|
|
|
_id(id),
|
2016-12-12 19:18:25 -06:00
|
|
|
_name(name),
|
2016-04-09 16:47:23 -05:00
|
|
|
_disconnected(false),
|
2016-04-21 00:14:27 -05:00
|
|
|
_isActive(true),
|
2016-07-21 01:16:43 -05:00
|
|
|
_lastActivityTime(std::chrono::steady_clock::now()),
|
2016-08-21 11:56:35 -05:00
|
|
|
_isCloseFrame(false),
|
2017-03-30 09:59:59 -05:00
|
|
|
_isReadOnly(readOnly),
|
2020-07-27 04:27:00 -05:00
|
|
|
_isAllowChangeComments(false),
|
2016-08-21 11:56:35 -05:00
|
|
|
_docPassword(""),
|
|
|
|
_haveDocPassword(false),
|
2019-08-26 15:23:04 -05:00
|
|
|
_isDocPasswordProtected(false),
|
|
|
|
_watermarkOpacity(0.2)
|
2015-03-04 17:14:04 -06:00
|
|
|
{
|
|
|
|
}
|
|
|
|
|
2016-12-12 18:53:58 -06:00
|
|
|
Session::~Session()
|
2015-03-07 05:23:46 -06:00
|
|
|
{
|
|
|
|
}
|
|
|
|
|
2016-12-12 18:53:58 -06:00
|
|
|
bool Session::sendTextFrame(const char* buffer, const int length)
|
2015-04-20 09:43:31 -05:00
|
|
|
{
|
2020-03-06 11:43:46 -06:00
|
|
|
if (!_protocol)
|
|
|
|
{
|
|
|
|
LOG_TRC("ERR - missing protocol " << getName() << ": Send: [" << getAbbreviatedMessage(buffer, length) << "].");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2017-05-14 21:59:58 -05:00
|
|
|
LOG_TRC(getName() << ": Send: [" << getAbbreviatedMessage(buffer, length) << "].");
|
2020-03-06 11:43:46 -06:00
|
|
|
return _protocol->sendTextMessage(buffer, length) >= length;
|
2015-04-20 09:43:31 -05:00
|
|
|
}
|
|
|
|
|
2016-12-12 18:53:58 -06:00
|
|
|
bool Session::sendBinaryFrame(const char *buffer, int length)
|
2015-04-20 09:43:31 -05:00
|
|
|
{
|
2020-03-06 11:43:46 -06:00
|
|
|
if (!_protocol)
|
|
|
|
{
|
|
|
|
LOG_TRC("ERR - missing protocol " << getName() << ": Send: " << std::to_string(length) << " binary bytes.");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2017-05-14 21:59:58 -05:00
|
|
|
LOG_TRC(getName() << ": Send: " << std::to_string(length) << " binary bytes.");
|
2020-03-06 11:43:46 -06:00
|
|
|
return _protocol->sendBinaryMessage(buffer, length) >= length;
|
2015-04-20 09:43:31 -05:00
|
|
|
}
|
2015-04-13 07:13:38 -05:00
|
|
|
|
2020-02-28 03:50:58 -06:00
|
|
|
void Session::parseDocOptions(const StringVector& tokens, int& part, std::string& timestamp, std::string& doctemplate)
|
2015-11-19 03:30:00 -06:00
|
|
|
{
|
|
|
|
// First token is the "load" command itself.
|
|
|
|
size_t offset = 1;
|
2017-01-19 19:44:39 -06:00
|
|
|
if (tokens.size() > 2 && tokens[1].find("part=") == 0)
|
2015-11-19 03:30:00 -06:00
|
|
|
{
|
|
|
|
getTokenInteger(tokens[1], "part", part);
|
|
|
|
++offset;
|
|
|
|
}
|
|
|
|
|
2017-01-19 19:44:39 -06:00
|
|
|
for (size_t i = offset; i < tokens.size(); ++i)
|
2015-11-19 03:30:00 -06:00
|
|
|
{
|
2018-06-10 12:53:39 -05:00
|
|
|
std::string name;
|
|
|
|
std::string value;
|
|
|
|
if (!LOOLProtocol::parseNameValuePair(tokens[i], name, value))
|
|
|
|
{
|
|
|
|
LOG_WRN("Unexpected doc options token [" << tokens[i] << "]. Skipping.");
|
|
|
|
continue;
|
|
|
|
}
|
2018-01-15 06:21:49 -06:00
|
|
|
|
2018-06-10 12:53:39 -05:00
|
|
|
if (name == "url")
|
|
|
|
{
|
|
|
|
_docURL = value;
|
|
|
|
++offset;
|
|
|
|
}
|
|
|
|
else if (name == "jail")
|
2015-11-19 03:30:00 -06:00
|
|
|
{
|
2018-06-10 12:53:39 -05:00
|
|
|
_jailedFilePath = value;
|
2015-11-19 03:30:00 -06:00
|
|
|
++offset;
|
|
|
|
}
|
2018-06-10 12:53:39 -05:00
|
|
|
else if (name == "xjail")
|
2016-01-06 23:33:54 -06:00
|
|
|
{
|
2018-06-10 12:53:39 -05:00
|
|
|
_jailedFilePathAnonym = value;
|
2016-01-06 23:33:54 -06:00
|
|
|
++offset;
|
|
|
|
}
|
2018-06-10 12:53:39 -05:00
|
|
|
else if (name == "authorid")
|
2016-10-26 09:35:40 -05:00
|
|
|
{
|
2018-06-10 12:53:39 -05:00
|
|
|
Poco::URI::decode(value, _userId);
|
2016-10-26 09:35:40 -05:00
|
|
|
++offset;
|
|
|
|
}
|
2018-06-10 12:53:39 -05:00
|
|
|
else if (name == "xauthorid")
|
2016-08-29 13:08:01 -05:00
|
|
|
{
|
2018-06-10 12:53:39 -05:00
|
|
|
Poco::URI::decode(value, _userIdAnonym);
|
2016-08-29 13:08:01 -05:00
|
|
|
++offset;
|
|
|
|
}
|
2018-06-10 12:53:39 -05:00
|
|
|
else if (name == "author")
|
2017-05-28 11:20:49 -05:00
|
|
|
{
|
2018-06-10 12:53:39 -05:00
|
|
|
Poco::URI::decode(value, _userName);
|
2017-05-28 11:20:49 -05:00
|
|
|
++offset;
|
|
|
|
}
|
2018-06-10 12:53:39 -05:00
|
|
|
else if (name == "xauthor")
|
2017-03-30 09:59:59 -05:00
|
|
|
{
|
2018-06-10 12:53:39 -05:00
|
|
|
Poco::URI::decode(value, _userNameAnonym);
|
2017-03-30 09:59:59 -05:00
|
|
|
++offset;
|
|
|
|
}
|
2018-06-10 12:53:39 -05:00
|
|
|
else if (name == "authorextrainfo")
|
2015-11-19 03:30:00 -06:00
|
|
|
{
|
2018-06-10 12:53:39 -05:00
|
|
|
Poco::URI::decode(value, _userExtraInfo);
|
2015-11-19 03:30:00 -06:00
|
|
|
++offset;
|
|
|
|
}
|
2018-06-10 12:53:39 -05:00
|
|
|
else if (name == "readonly")
|
2016-02-04 11:35:26 -06:00
|
|
|
{
|
2018-06-10 12:53:39 -05:00
|
|
|
_isReadOnly = value != "0";
|
|
|
|
++offset;
|
|
|
|
}
|
|
|
|
else if (name == "password")
|
|
|
|
{
|
|
|
|
_docPassword = value;
|
2016-04-27 19:51:54 -05:00
|
|
|
_haveDocPassword = true;
|
2016-02-04 11:35:26 -06:00
|
|
|
++offset;
|
|
|
|
}
|
2018-06-10 12:53:39 -05:00
|
|
|
else if (name == "lang")
|
|
|
|
{
|
|
|
|
_lang = value;
|
|
|
|
++offset;
|
|
|
|
}
|
|
|
|
else if (name == "watermarkText")
|
2017-03-24 06:34:32 -05:00
|
|
|
{
|
2018-06-10 12:53:39 -05:00
|
|
|
Poco::URI::decode(value, _watermarkText);
|
2017-03-24 06:34:32 -05:00
|
|
|
++offset;
|
|
|
|
}
|
2019-08-26 15:23:04 -05:00
|
|
|
else if (name == "watermarkOpacity")
|
|
|
|
{
|
|
|
|
_watermarkOpacity = std::stod(value);
|
|
|
|
++offset;
|
|
|
|
}
|
2018-06-10 12:53:39 -05:00
|
|
|
else if (name == "timestamp")
|
2017-09-04 08:40:04 -05:00
|
|
|
{
|
2018-06-10 12:53:39 -05:00
|
|
|
timestamp = value;
|
2017-09-04 08:40:04 -05:00
|
|
|
++offset;
|
|
|
|
}
|
2019-05-21 22:33:26 -05:00
|
|
|
else if (name == "template")
|
|
|
|
{
|
|
|
|
doctemplate = value;
|
|
|
|
++offset;
|
|
|
|
}
|
2020-04-20 14:26:21 -05:00
|
|
|
else if (name == "deviceFormFactor")
|
|
|
|
{
|
|
|
|
_deviceFormFactor = value;
|
|
|
|
++offset;
|
|
|
|
}
|
2015-11-19 03:30:00 -06:00
|
|
|
}
|
|
|
|
|
2018-07-10 22:09:27 -05:00
|
|
|
Util::mapAnonymized(_userId, _userIdAnonym);
|
|
|
|
Util::mapAnonymized(_userName, _userNameAnonym);
|
|
|
|
Util::mapAnonymized(_jailedFilePath, _jailedFilePathAnonym);
|
|
|
|
|
2017-01-19 19:44:39 -06:00
|
|
|
if (tokens.size() > offset)
|
2015-11-19 03:30:00 -06:00
|
|
|
{
|
|
|
|
if (getTokenString(tokens[offset], "options", _docOptions))
|
|
|
|
{
|
2017-01-19 19:44:39 -06:00
|
|
|
if (tokens.size() > offset + 1)
|
2020-05-31 13:16:58 -05:00
|
|
|
_docOptions += tokens.cat(' ', offset + 1);
|
2015-11-19 03:30:00 -06:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-12-12 18:53:58 -06:00
|
|
|
void Session::disconnect()
|
2016-01-21 08:26:34 -06:00
|
|
|
{
|
2017-01-15 11:28:52 -06:00
|
|
|
if (!_disconnected)
|
2016-03-07 11:55:00 -06:00
|
|
|
{
|
2017-01-15 11:28:52 -06:00
|
|
|
_disconnected = true;
|
|
|
|
shutdown();
|
2016-01-21 08:26:34 -06:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-03-06 11:43:46 -06:00
|
|
|
void Session::shutdown(bool goingAway, const std::string& statusMessage)
|
2016-10-22 10:34:47 -05:00
|
|
|
{
|
2020-03-06 11:43:46 -06:00
|
|
|
LOG_TRC("Shutting down WS [" << getName() << "] " <<
|
|
|
|
(goingAway ? "going" : "normal") <<
|
|
|
|
" and reason [" << statusMessage << "].");
|
2017-02-04 23:26:55 -06:00
|
|
|
|
2017-02-24 13:52:36 -06:00
|
|
|
// See protocol.txt for this application-level close frame.
|
2020-03-06 11:43:46 -06:00
|
|
|
if (_protocol)
|
|
|
|
{
|
|
|
|
// skip the queue; FIXME: should we flush SessionClient's queue ?
|
|
|
|
std::string closeMsg = "close: " + statusMessage;
|
2020-03-16 04:34:12 -05:00
|
|
|
_protocol->sendTextMessage(closeMsg.c_str(), closeMsg.size());
|
2020-03-06 11:43:46 -06:00
|
|
|
_protocol->shutdown(goingAway, statusMessage);
|
|
|
|
}
|
2016-10-22 10:34:47 -05:00
|
|
|
}
|
|
|
|
|
2020-03-05 12:55:00 -06:00
|
|
|
void Session::handleMessage(const std::vector<char> &data)
|
2015-12-25 12:51:32 -06:00
|
|
|
{
|
|
|
|
try
|
|
|
|
{
|
2016-12-07 15:32:08 -06:00
|
|
|
std::unique_ptr< std::vector<char> > replace;
|
Add an initial libfuzzer based fuzzer
- target ClientSession::_handleInput(), since crashing there would bring
down the whole loolwsd (not just a kit process), and it deals with
input from untrusted users (browsers)
- add a --enable-fuzzers configure switch to build with
-fsanitize=fuzzer (compared to normal sanitizers build, this is the only
special flag needed)
- configuring other sanitizers is not done automatically, either use
--with-sanitizer=... or the environment variables from LODE's sanitizer
config
- run the actual fuzzer like this:
./clientsession_fuzzer -max_len=16384 fuzzer/data/
- note that at least openSUSE Leap 15.1 sadly ships with a clang with
libfuzzer static libs removed from the package, so you need a
self-built clang to run the fuzzer (either manual build or one from
LODE)
- <https://chromium.googlesource.com/chromium/src/testing/libfuzzer/+/refs/heads/master/efficient_fuzzing.md#execution-speed>
suggests that "You should aim for at least 1,000 exec/s from your fuzz
target locally" (i.e. one run should not take more than 1 ms), so try
this minimal approach first. The alternative would be to start from the
existing loolwsd_fuzzer binary, then step by step cut it down to not
fork(), not do any network traffic, etc -- till it's fast enough that
the fuzzer can find interesting input
- the various configurations start to be really complex (the matrix is
just very large), so try to use Util::isFuzzing() for fuzzer-specific
changes (this is what core.git does as well), and only resort to ifdefs
for the Util::isFuzzing() itself
Change-Id: I72dc1193b34c93eacb5d8e39cef42387d42bd72f
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89226
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-02-21 08:52:20 -06:00
|
|
|
if (!Util::isFuzzing() && UnitBase::get().filterSessionInput(this, &data[0], data.size(), replace))
|
2016-12-07 15:32:08 -06:00
|
|
|
{
|
2017-09-16 10:25:54 -05:00
|
|
|
if (!replace || replace->empty())
|
|
|
|
_handleInput(replace->data(), replace->size());
|
2017-02-24 13:52:36 -06:00
|
|
|
return;
|
2016-12-07 15:32:08 -06:00
|
|
|
}
|
2018-09-11 18:30:55 -05:00
|
|
|
|
2017-02-27 20:32:21 -06:00
|
|
|
if (!data.empty())
|
|
|
|
_handleInput(&data[0], data.size());
|
2015-12-25 12:51:32 -06:00
|
|
|
}
|
|
|
|
catch (const Exception& exc)
|
|
|
|
{
|
2016-12-12 18:53:58 -06:00
|
|
|
LOG_ERR("Session::handleInput: Exception while handling [" <<
|
2017-02-24 13:52:36 -06:00
|
|
|
getAbbreviatedMessage(data) <<
|
2016-10-31 20:49:28 -05:00
|
|
|
"] in " << getName() << ": " << exc.displayText() <<
|
2020-05-24 08:10:18 -05:00
|
|
|
(exc.nested() ? " (" + exc.nested()->displayText() + ')' : ""));
|
2015-12-25 12:51:32 -06:00
|
|
|
}
|
|
|
|
catch (const std::exception& exc)
|
|
|
|
{
|
2016-12-12 18:53:58 -06:00
|
|
|
LOG_ERR("Session::handleInput: Exception while handling [" <<
|
2017-02-24 13:52:36 -06:00
|
|
|
getAbbreviatedMessage(data) << "]: " << exc.what());
|
2015-12-25 12:51:32 -06:00
|
|
|
}
|
|
|
|
}
|
2015-12-27 16:23:43 -06:00
|
|
|
|
2017-05-31 21:40:01 -05:00
|
|
|
void Session::getIOStats(uint64_t &sent, uint64_t &recv)
|
|
|
|
{
|
2020-03-19 03:12:33 -05:00
|
|
|
if (!_protocol)
|
|
|
|
{
|
|
|
|
LOG_TRC("ERR - missing protocol " << getName() << ": Get IO stats.");
|
2020-05-25 03:57:29 -05:00
|
|
|
sent = 0; recv = 0;
|
2020-03-19 03:12:33 -05:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-03-06 11:43:46 -06:00
|
|
|
_protocol->getIOStats(sent, recv);
|
2017-05-31 21:40:01 -05:00
|
|
|
}
|
|
|
|
|
2017-04-05 11:59:29 -05:00
|
|
|
void Session::dumpState(std::ostream& os)
|
|
|
|
{
|
2020-03-06 11:43:46 -06:00
|
|
|
os << "\t\tid: " << _id
|
2017-04-05 11:59:29 -05:00
|
|
|
<< "\n\t\tname: " << _name
|
|
|
|
<< "\n\t\tdisconnected: " << _disconnected
|
|
|
|
<< "\n\t\tisActive: " << _isActive
|
|
|
|
<< "\n\t\tisCloseFrame: " << _isCloseFrame
|
|
|
|
<< "\n\t\tisReadOnly: " << _isReadOnly
|
|
|
|
<< "\n\t\tdocURL: " << _docURL
|
|
|
|
<< "\n\t\tjailedFilePath: " << _jailedFilePath
|
|
|
|
<< "\n\t\tdocPwd: " << _docPassword
|
|
|
|
<< "\n\t\thaveDocPwd: " << _haveDocPassword
|
|
|
|
<< "\n\t\tisDocPwdProtected: " << _isDocPasswordProtected
|
|
|
|
<< "\n\t\tDocOptions: " << _docOptions
|
|
|
|
<< "\n\t\tuserId: " << _userId
|
|
|
|
<< "\n\t\tuserName: " << _userName
|
|
|
|
<< "\n\t\tlang: " << _lang
|
2020-05-24 08:10:18 -05:00
|
|
|
<< '\n';
|
2017-04-05 11:59:29 -05:00
|
|
|
}
|
|
|
|
|
2015-03-04 17:14:04 -06:00
|
|
|
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|