From d69cf3b0071eb78926aa59369e7cc449dc10a485 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Wed, 14 Oct 2020 19:02:48 +0200 Subject: net.websocket.frames: Add small test covering xor-masking This is basically a recording of current behavior, to detect changes. --- spec/net_websocket_frames_spec.lua | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/spec/net_websocket_frames_spec.lua b/spec/net_websocket_frames_spec.lua index d4df3a54..9499cee7 100644 --- a/spec/net_websocket_frames_spec.lua +++ b/spec/net_websocket_frames_spec.lua @@ -32,6 +32,17 @@ describe("net.websocket.frames", function () ["RSV2"] = false; ["RSV3"] = false; }; + with_mask = { + ["opcode"] = 0; + ["length"] = 5; + ["data"] = "hello"; + ["key"] = { 32, 0, 32, 0, }; + ["FIN"] = true; + ["MASK"] = true; + ["RSV1"] = false; + ["RSV2"] = false; + ["RSV3"] = false; + }; } describe("build", function () @@ -40,6 +51,7 @@ describe("net.websocket.frames", function () assert.equal("\0\0", build(test_frames.simple_empty)); assert.equal("\0\5hello", build(test_frames.simple_data)); assert.equal("\128\0", build(test_frames.simple_fin)); + assert.equal("\128\133 \0 \0HeLlO", build(test_frames.with_mask)) end); end); @@ -49,6 +61,7 @@ describe("net.websocket.frames", function () assert.same(test_frames.simple_empty, parse("\0\0")); assert.same(test_frames.simple_data, parse("\0\5hello")); assert.same(test_frames.simple_fin, parse("\128\0")); + assert.same(test_frames.with_mask, parse("\128\133 \0 \0HeLlO")); end); end); -- cgit v1.2.3 From fb1808b185a63dc9855f75cd282899d2bbcfe684 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sat, 7 Sep 2019 13:37:47 +0200 Subject: util.strbitop: Library for bitwise operations on strings --- util-src/GNUmakefile | 2 +- util-src/makefile | 2 +- util-src/strbitop.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 93 insertions(+), 2 deletions(-) create mode 100644 util-src/strbitop.c diff --git a/util-src/GNUmakefile b/util-src/GNUmakefile index 054c9201..a8b3529f 100644 --- a/util-src/GNUmakefile +++ b/util-src/GNUmakefile @@ -7,7 +7,7 @@ INSTALL_DATA=install -m644 TARGET?=../util/ ALL=encodings.so hashes.so net.so pposix.so signal.so table.so \ - ringbuffer.so time.so poll.so compat.so + ringbuffer.so time.so poll.so compat.so strbitop.so ifdef RANDOM ALL+=crand.so diff --git a/util-src/makefile b/util-src/makefile index 700633b4..02bad40a 100644 --- a/util-src/makefile +++ b/util-src/makefile @@ -6,7 +6,7 @@ INSTALL_DATA=install -m644 TARGET?=../util/ ALL=encodings.so hashes.so net.so pposix.so signal.so table.so \ - ringbuffer.so time.so poll.so compat.so + ringbuffer.so time.so poll.so compat.so strbitop.so .ifdef $(RANDOM) ALL+=crand.so diff --git a/util-src/strbitop.c b/util-src/strbitop.c new file mode 100644 index 00000000..a26288e5 --- /dev/null +++ b/util-src/strbitop.c @@ -0,0 +1,91 @@ +/* + * This project is MIT licensed. Please see the + * COPYING file in the source package for more information. + * + * Copyright (C) 2016 Kim Alvefur + */ + +#include +#include + +#if (LUA_VERSION_NUM == 501) +#define luaL_setfuncs(L, R, N) luaL_register(L, NULL, R) +#endif + +/* TODO Deduplicate code somehow */ + +int strop_and(lua_State* L) { + luaL_Buffer buf; + size_t a, b, i; + const char* str_a = luaL_checklstring(L, 1, &a); + const char* str_b = luaL_checklstring(L, 2, &b); + + luaL_buffinit(L, &buf); + + if(a == 0 || b == 0) { + lua_settop(L, 1); + return 1; + } + + for(i = 0; i < a; i++) { + luaL_addchar(&buf, str_a[i] & str_b[i % b]); + } + + luaL_pushresult(&buf); + return 1; +} + +int strop_or(lua_State* L) { + luaL_Buffer buf; + size_t a, b, i; + const char* str_a = luaL_checklstring(L, 1, &a); + const char* str_b = luaL_checklstring(L, 2, &b); + + luaL_buffinit(L, &buf); + + if(a == 0 || b == 0) { + lua_settop(L, 1); + return 1; + } + + for(i = 0; i < a; i++) { + luaL_addchar(&buf, str_a[i] | str_b[i % b]); + } + + luaL_pushresult(&buf); + return 1; +} + +int strop_xor(lua_State* L) { + luaL_Buffer buf; + size_t a, b, i; + const char* str_a = luaL_checklstring(L, 1, &a); + const char* str_b = luaL_checklstring(L, 2, &b); + + luaL_buffinit(L, &buf); + + if(a == 0 || b == 0) { + lua_settop(L, 1); + return 1; + } + + for(i = 0; i < a; i++) { + luaL_addchar(&buf, str_a[i] ^ str_b[i % b]); + } + + luaL_pushresult(&buf); + return 1; +} + +LUA_API int luaopen_util_strbitop(lua_State *L) { + luaL_Reg exports[] = { + { "sand", strop_and }, + { "sor", strop_or }, + { "sxor", strop_xor }, + { NULL, NULL } + }; + + lua_newtable(L); + luaL_setfuncs(L, exports, 0); + return 1; +} -- cgit v1.2.3 From 00bad1a9fe73d56a6e48878a48505f2b6f4b8de3 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Wed, 14 Oct 2020 19:41:42 +0200 Subject: net.websocket.frames: Use C string XOR implementation --- net/websocket/frames.lua | 30 +++++++----------------------- spec/net_websocket_frames_spec.lua | 2 +- 2 files changed, 8 insertions(+), 24 deletions(-) diff --git a/net/websocket/frames.lua b/net/websocket/frames.lua index 9cb5f4fe..1d0ac06f 100644 --- a/net/websocket/frames.lua +++ b/net/websocket/frames.lua @@ -13,12 +13,11 @@ local bit = assert(softreq"bit" or softreq"bit32", "No bit module found. See https://prosody.im/doc/depends#bitop"); local band = bit.band; local bor = bit.bor; -local bxor = bit.bxor; local lshift = bit.lshift; local rshift = bit.rshift; -local unpack = table.unpack or unpack; -- luacheck: ignore 113 +local sbit = require "util.strbitop"; +local sxor = sbit.sxor; -local t_concat = table.concat; local s_char= string.char; local s_pack = string.pack; -- luacheck: ignore 143 local s_unpack = string.unpack; -- luacheck: ignore 143 @@ -107,7 +106,7 @@ local function parse_frame_header(frame) end if result.MASK then - result.key = { frame:byte(length_bytes+3, length_bytes+6) }; + result.key = frame:sub(length_bytes+3, length_bytes+6); end return result, header_length; @@ -116,19 +115,7 @@ end -- XORs the string `str` with the array of bytes `key` -- TODO: optimize local function apply_mask(str, key, from, to) - from = from or 1 - if from < 0 then from = #str + from + 1 end -- negative indices - to = to or #str - if to < 0 then to = #str + to + 1 end -- negative indices - local key_len = #key - local counter = 0; - local data = {}; - for i = from, to do - local key_index = counter%key_len + 1; - counter = counter + 1; - data[counter] = s_char(bxor(key[key_index], str:byte(i))); - end - return t_concat(data); + return sxor(str:sub(from or 1, to or -1), key); end local function parse_frame_body(frame, header, pos) @@ -175,15 +162,12 @@ local function build_frame(desc) local key = "" if desc.MASK then - local key_a = desc.key - if key_a then - key = s_char(unpack(key_a, 1, 4)); - else + key = desc.key + if not key then key = random_bytes(4); - key_a = {key:byte(1,4)}; end b2 = bor(b2, 0x80); - data = apply_mask(data, key_a); + data = apply_mask(data, key); end return s_char(b1, b2) .. length_extra .. key .. data diff --git a/spec/net_websocket_frames_spec.lua b/spec/net_websocket_frames_spec.lua index 9499cee7..244afa3b 100644 --- a/spec/net_websocket_frames_spec.lua +++ b/spec/net_websocket_frames_spec.lua @@ -36,7 +36,7 @@ describe("net.websocket.frames", function () ["opcode"] = 0; ["length"] = 5; ["data"] = "hello"; - ["key"] = { 32, 0, 32, 0, }; + ["key"] = " \0 \0"; ["FIN"] = true; ["MASK"] = true; ["RSV1"] = false; -- cgit v1.2.3 From 64856637cee81b916cc240c55657eb13c0763620 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Thu, 15 Oct 2020 14:01:22 +0100 Subject: net.websocket.frames: Add test for empty frame with MASK and key set --- spec/net_websocket_frames_spec.lua | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/spec/net_websocket_frames_spec.lua b/spec/net_websocket_frames_spec.lua index 244afa3b..519be7b9 100644 --- a/spec/net_websocket_frames_spec.lua +++ b/spec/net_websocket_frames_spec.lua @@ -43,6 +43,15 @@ describe("net.websocket.frames", function () ["RSV2"] = false; ["RSV3"] = false; }; + empty_with_mask = { + ["opcode"] = 0; + ["key"] = " \0 \0"; + ["FIN"] = true; + ["MASK"] = true; + ["RSV1"] = false; + ["RSV2"] = false; + ["RSV3"] = false; + }; } describe("build", function () @@ -52,6 +61,7 @@ describe("net.websocket.frames", function () assert.equal("\0\5hello", build(test_frames.simple_data)); assert.equal("\128\0", build(test_frames.simple_fin)); assert.equal("\128\133 \0 \0HeLlO", build(test_frames.with_mask)) + assert.equal("\128\128 \0 \0", build(test_frames.empty_with_mask)) end); end); -- cgit v1.2.3