[asterisk-bugs] [JIRA] (ASTERISK-23099) [patch] WSS: enable ast_websocket_read() function to read the whole available data at first and then wait for any fragmented packets

Matt Jordan (JIRA) noreply at issues.asterisk.org
Tue Mar 4 16:41:49 CST 2014 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-23099?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=216089#comment-216089 ] 

Matt Jordan commented on ASTERISK-23099:
----------------------------------------

Just as a heads up, Moises's patch on ASTERISK-21930 was put up for review here - https://reviewboard.asterisk.org/r/3248/

It currently has a Ship It! - so I'd expect it to get committed reasonably soon. If you have any comments you want to make on it, you may want to make them there soon.

> [patch] WSS: enable ast_websocket_read() function to read the whole available data at first and then wait for any fragmented packets
> ------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: ASTERISK-23099
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-23099
>             Project: Asterisk
>          Issue Type: Improvement
>      Security Level: None
>          Components: Resources/res_http_websocket
>    Affects Versions: 11.5.1
>         Environment: Linux, Chrome
>            Reporter: Thava Iyer
>         Attachments: ast_wss_r404720_v11_5_0.patch
>
>
> Asterisk websocket interface (res/res_http_websocket.c) works well for normal websockets (ws) but fails on secure - websockets (wss). The ast_websocket_read() function, first reads the header (14) bytes using first fread() call and then , for the remaining payload,  in a while loop, it first polls the raw-socket for the date before further reads. In the normal websocket, it is fine. But for the secure-websocket case, the underlying ssl_read() would have read the whole data, in the first fread() call (of course to decrypt ) and emptied the socket-fd. This would make the ast_websocket_read() to wait for data to appear on the socket.
> This patch enables the ast_websocket_read() function to read the whole available data at first and then wait for any fragmented packets. This makes the secure-websocket connection to work properly.
> This has been tested with  Chrome 31.0.1650.63.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list