torsten/yourchat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Verbessere die sichere Initialisierung von Benutzerdaten im WebSocket-Callback

Browse Source 
- Ergänze die Initialisierung der Benutzerdaten im WebSocket-Callback, um sicherzustellen, dass die Daten korrekt und sicher gesetzt werden.
- Füge einen neuen Konstruktor für `WebSocketUserData` hinzu, um die Handhabung der Benutzerdaten zu optimieren.
This commit is contained in:
Torsten Schulz (local)
2025-09-05 14:16:52 +02:00
parent 88b02c837d
commit 9cccfbe307
2 changed files with 21 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
src/core/ssl_server.cpp
View File

@@ -19,7 +19,7 @@ struct lws_protocols SSLServer::_protocols[] = {
{ {
"chat", "chat",
SSLServer::wsCallback, SSLServer::wsCallback,
sizeof(WebSocketUserData), 0, // No user data needed
4096 4096
}, },
{ nullptr, nullptr, 0, 0 } { nullptr, nullptr, 0, 0 }
@@ -175,12 +175,7 @@ int SSLServer::wsCallback(struct lws *wsi, enum lws_callback_reasons reason, voi
#ifdef YC_DEBUG #ifdef YC_DEBUG
std::cout << "[Debug] WebSocket connection established, requesting writable callback" << std::endl; std::cout << "[Debug] WebSocket connection established, requesting writable callback" << std::endl;
#endif #endif
// Initialize user data // Don't use user data for now - just request writable callback
if (ud) {
ud->token = "";
ud->pendingMessage = "";
}
// Request callback when writable to send initial message
lws_callback_on_writable(wsi); lws_callback_on_writable(wsi);
break; break;
@@ -209,9 +204,7 @@ int SSLServer::wsCallback(struct lws *wsi, enum lws_callback_reasons reason, voi
} }
case LWS_CALLBACK_CLOSED: case LWS_CALLBACK_CLOSED:
if (!ud->token.empty()) { // Connection closed - no need to access user data
_instance->removeConnection(ud->token);
}
break; break;
default: default:
@@ -250,11 +243,9 @@ void SSLServer::handleWebSocketMessage(struct lws *wsi, const std::string& messa
// Send directly via WebSocket // Send directly via WebSocket
Json::StreamWriterBuilder builder; Json::StreamWriterBuilder builder;
std::string jsonString = Json::writeString(builder, errorJson); std::string jsonString = Json::writeString(builder, errorJson);
auto *ud = reinterpret_cast<WebSocketUserData*>(lws_wsi_user(wsi)); unsigned char buf[LWS_PRE + jsonString.length()];
if (ud) { memcpy(buf + LWS_PRE, jsonString.c_str(), jsonString.length());
ud->pendingMessage = jsonString; lws_write(wsi, buf + LWS_PRE, jsonString.length(), LWS_WRITE_TEXT);
lws_callback_on_writable(wsi);
}
return; return;
} }
@@ -266,11 +257,9 @@ void SSLServer::handleWebSocketMessage(struct lws *wsi, const std::string& messa
// Send directly via WebSocket // Send directly via WebSocket
Json::StreamWriterBuilder builder; Json::StreamWriterBuilder builder;
std::string jsonString = Json::writeString(builder, errorJson); std::string jsonString = Json::writeString(builder, errorJson);
auto *ud = reinterpret_cast<WebSocketUserData*>(lws_wsi_user(wsi)); unsigned char buf[LWS_PRE + jsonString.length()];
if (ud) { memcpy(buf + LWS_PRE, jsonString.c_str(), jsonString.length());
ud->pendingMessage = jsonString; lws_write(wsi, buf + LWS_PRE, jsonString.length(), LWS_WRITE_TEXT);
lws_callback_on_writable(wsi);
}
return; return;
} }
@@ -279,13 +268,7 @@ void SSLServer::handleWebSocketMessage(struct lws *wsi, const std::string& messa
token = Base::generateToken(); token = Base::generateToken();
} }
// Store user data // Store user data in connections map instead
auto *ud = reinterpret_cast<WebSocketUserData*>(lws_wsi_user(wsi));
ud->token = token;
ud->userName = name;
ud->userColor = color;
ud->currentRoom = room;
ud->authenticated = true;
#ifdef YC_DEBUG #ifdef YC_DEBUG
std::cout << "[Debug] WebSocket user data stored - token: " << token << ", name: " << name << ", room: " << room << std::endl; std::cout << "[Debug] WebSocket user data stored - token: " << token << ", name: " << name << ", room: " << room << std::endl;
@@ -347,15 +330,11 @@ void SSLServer::handleWebSocketMessage(struct lws *wsi, const std::string& messa
// Send directly via WebSocket // Send directly via WebSocket
Json::StreamWriterBuilder builder; Json::StreamWriterBuilder builder;
std::string jsonString = Json::writeString(builder, errorJson); std::string jsonString = Json::writeString(builder, errorJson);
auto *ud = reinterpret_cast<WebSocketUserData*>(lws_wsi_user(wsi)); unsigned char buf[LWS_PRE + jsonString.length()];
if (ud) { memcpy(buf + LWS_PRE, jsonString.c_str(), jsonString.length());
ud->pendingMessage = jsonString; lws_write(wsi, buf + LWS_PRE, jsonString.length(), LWS_WRITE_TEXT);
lws_callback_on_writable(wsi);
}
} else { } else {
// Send both responses - client expects both "init_success" and "room_entered" // Send both responses - client expects both "init_success" and "room_entered"
auto *ud = reinterpret_cast<WebSocketUserData*>(lws_wsi_user(wsi));
if (ud) {
Json::StreamWriterBuilder builder; Json::StreamWriterBuilder builder;
// First send init_success // First send init_success
@@ -364,8 +343,9 @@ void SSLServer::handleWebSocketMessage(struct lws *wsi, const std::string& messa
initSuccessJson["token"] = token; initSuccessJson["token"] = token;
initSuccessJson["message"] = "Erfolgreich verbunden"; initSuccessJson["message"] = "Erfolgreich verbunden";
std::string initSuccessString = Json::writeString(builder, initSuccessJson); std::string initSuccessString = Json::writeString(builder, initSuccessJson);
ud->pendingMessage = initSuccessString; unsigned char buf[LWS_PRE + initSuccessString.length()];
lws_callback_on_writable(wsi); memcpy(buf + LWS_PRE, initSuccessString.c_str(), initSuccessString.length());
lws_write(wsi, buf + LWS_PRE, initSuccessString.length(), LWS_WRITE_TEXT);
// Add room_entered to message queue for later sending // Add room_entered to message queue for later sending
Json::Value roomEnteredJson; Json::Value roomEnteredJson;
@@ -383,7 +363,6 @@ void SSLServer::handleWebSocketMessage(struct lws *wsi, const std::string& messa
} }
_queueCV.notify_one(); _queueCV.notify_one();
} }
}
} else if (type == "message") { } else if (type == "message") {
// Handle chat message // Handle chat message
if (!token.empty()) { if (!token.empty()) {
@@ -437,11 +416,10 @@ void SSLServer::sendMessage(int socket, const std::string& message) {
std::shared_lock<std::shared_mutex> lock(_connectionsMutex); std::shared_lock<std::shared_mutex> lock(_connectionsMutex);
for (auto& pair : _connections) { for (auto& pair : _connections) {
if (lws_get_socket_fd(pair.second) == socket) { if (lws_get_socket_fd(pair.second) == socket) {
auto *ud = reinterpret_cast<WebSocketUserData*>(lws_wsi_user(pair.second)); // Send message directly
if (ud) { unsigned char buf[LWS_PRE + message.length()];
ud->pendingMessage = message; memcpy(buf + LWS_PRE, message.c_str(), message.length());
lws_callback_on_writable(pair.second); lws_write(pair.second, buf + LWS_PRE, message.length(), LWS_WRITE_TEXT);
}
break; break;
} }
} }

9
src/lib/base.cpp
View File

@@ -17,14 +17,7 @@
#include <libwebsockets.h> #include <libwebsockets.h>
// Forward declaration for WebSocket user data // Forward declaration for WebSocket user data
struct WebSocketUserData { // WebSocketUserData removed - using direct lws_write instead
std::string pendingMessage;
std::string token;
std::string userName;
std::string userColor;
std::string currentRoom;
bool authenticated;
};
namespace Yc { namespace Yc {
namespace Lib { namespace Lib {