From cf14306c2b3f82a81f8d56669a71633b4d4b5fce Mon Sep 17 00:00:00 2001 From: marvin-borner@live.com Date: Mon, 16 Apr 2018 21:09:05 +0200 Subject: Main merge to user management system - files are now at /main/public/ --- .../rfc6455/src/Handshake/ClientNegotiator.php | 53 -------- .../rfc6455/src/Handshake/NegotiatorInterface.php | 47 ------- .../rfc6455/src/Handshake/RequestVerifier.php | 140 --------------------- .../rfc6455/src/Handshake/ResponseVerifier.php | 52 -------- .../rfc6455/src/Handshake/ServerNegotiator.php | 136 -------------------- 5 files changed, 428 deletions(-) delete mode 100755 assets/php/vendor/ratchet/rfc6455/src/Handshake/ClientNegotiator.php delete mode 100755 assets/php/vendor/ratchet/rfc6455/src/Handshake/NegotiatorInterface.php delete mode 100755 assets/php/vendor/ratchet/rfc6455/src/Handshake/RequestVerifier.php delete mode 100755 assets/php/vendor/ratchet/rfc6455/src/Handshake/ResponseVerifier.php delete mode 100755 assets/php/vendor/ratchet/rfc6455/src/Handshake/ServerNegotiator.php (limited to 'assets/php/vendor/ratchet/rfc6455/src/Handshake') diff --git a/assets/php/vendor/ratchet/rfc6455/src/Handshake/ClientNegotiator.php b/assets/php/vendor/ratchet/rfc6455/src/Handshake/ClientNegotiator.php deleted file mode 100755 index 70856df..0000000 --- a/assets/php/vendor/ratchet/rfc6455/src/Handshake/ClientNegotiator.php +++ /dev/null @@ -1,53 +0,0 @@ -verifier = new ResponseVerifier; - - $this->defaultHeader = new Request('GET', '', [ - 'Connection' => 'Upgrade' - , 'Upgrade' => 'websocket' - , 'Sec-WebSocket-Version' => $this->getVersion() - , 'User-Agent' => "Ratchet" - ]); - } - - public function generateRequest(UriInterface $uri) { - return $this->defaultHeader->withUri($uri) - ->withHeader("Sec-WebSocket-Key", $this->generateKey()); - } - - public function validateResponse(RequestInterface $request, ResponseInterface $response) { - return $this->verifier->verifyAll($request, $response); - } - - public function generateKey() { - $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwzyz1234567890+/='; - $charRange = strlen($chars) - 1; - $key = ''; - for ($i = 0; $i < 16; $i++) { - $key .= $chars[mt_rand(0, $charRange)]; - } - - return base64_encode($key); - } - - public function getVersion() { - return 13; - } -} diff --git a/assets/php/vendor/ratchet/rfc6455/src/Handshake/NegotiatorInterface.php b/assets/php/vendor/ratchet/rfc6455/src/Handshake/NegotiatorInterface.php deleted file mode 100755 index c152eca..0000000 --- a/assets/php/vendor/ratchet/rfc6455/src/Handshake/NegotiatorInterface.php +++ /dev/null @@ -1,47 +0,0 @@ -verifyMethod($request->getMethod()); - $passes += (int)$this->verifyHTTPVersion($request->getProtocolVersion()); - $passes += (int)$this->verifyRequestURI($request->getUri()->getPath()); - $passes += (int)$this->verifyHost($request->getHeader('Host')); - $passes += (int)$this->verifyUpgradeRequest($request->getHeader('Upgrade')); - $passes += (int)$this->verifyConnection($request->getHeader('Connection')); - $passes += (int)$this->verifyKey($request->getHeader('Sec-WebSocket-Key')); - $passes += (int)$this->verifyVersion($request->getHeader('Sec-WebSocket-Version')); - - return (8 === $passes); - } - - /** - * Test the HTTP method. MUST be "GET" - * @param string - * @return bool - */ - public function verifyMethod($val) { - return ('get' === strtolower($val)); - } - - /** - * Test the HTTP version passed. MUST be 1.1 or greater - * @param string|int - * @return bool - */ - public function verifyHTTPVersion($val) { - return (1.1 <= (double)$val); - } - - /** - * @param string - * @return bool - */ - public function verifyRequestURI($val) { - if ($val[0] !== '/') { - return false; - } - - if (false !== strstr($val, '#')) { - return false; - } - - if (!extension_loaded('mbstring')) { - return true; - } - - return mb_check_encoding($val, 'US-ASCII'); - } - - /** - * @param array $hostHeader - * @return bool - * @todo Once I fix HTTP::getHeaders just verify this isn't NULL or empty...or maybe need to verify it's a valid domain??? Or should it equal $_SERVER['HOST'] ? - */ - public function verifyHost(array $hostHeader) { - return (1 === count($hostHeader)); - } - - /** - * Verify the Upgrade request to WebSockets. - * @param array $upgradeHeader MUST equal "websocket" - * @return bool - */ - public function verifyUpgradeRequest(array $upgradeHeader) { - return (1 === count($upgradeHeader) && 'websocket' === strtolower($upgradeHeader[0])); - } - - /** - * Verify the Connection header - * @param array $connectionHeader MUST include "Upgrade" - * @return bool - */ - public function verifyConnection(array $connectionHeader) { - foreach ($connectionHeader as $l) { - $upgrades = array_filter( - array_map('trim', array_map('strtolower', explode(',', $l))), - function ($x) { - return 'upgrade' === $x; - } - ); - if (count($upgrades) > 0) { - return true; - } - } - return false; - } - - /** - * This function verifies the nonce is valid (64 big encoded, 16 bytes random string) - * @param array $keyHeader - * @return bool - * @todo The spec says we don't need to base64_decode - can I just check if the length is 24 and not decode? - * @todo Check the spec to see what the encoding of the key could be - */ - public function verifyKey(array $keyHeader) { - return (1 === count($keyHeader) && 16 === strlen(base64_decode($keyHeader[0]))); - } - - /** - * Verify the version passed matches this RFC - * @param string|int $versionHeader MUST equal 13|"13" - * @return bool - */ - public function verifyVersion($versionHeader) { - return (1 === count($versionHeader) && static::VERSION === (int)$versionHeader[0]); - } - - /** - * @todo Write logic for this method. See section 4.2.1.8 - */ - public function verifyProtocol($val) { - } - - /** - * @todo Write logic for this method. See section 4.2.1.9 - */ - public function verifyExtensions($val) { - } -} diff --git a/assets/php/vendor/ratchet/rfc6455/src/Handshake/ResponseVerifier.php b/assets/php/vendor/ratchet/rfc6455/src/Handshake/ResponseVerifier.php deleted file mode 100755 index de03f53..0000000 --- a/assets/php/vendor/ratchet/rfc6455/src/Handshake/ResponseVerifier.php +++ /dev/null @@ -1,52 +0,0 @@ -verifyStatus($response->getStatusCode()); - $passes += (int)$this->verifyUpgrade($response->getHeader('Upgrade')); - $passes += (int)$this->verifyConnection($response->getHeader('Connection')); - $passes += (int)$this->verifySecWebSocketAccept( - $response->getHeader('Sec-WebSocket-Accept') - , $request->getHeader('Sec-WebSocket-Key') - ); - $passes += (int)$this->verifySubProtocol( - $request->getHeader('Sec-WebSocket-Protocol') - , $response->getHeader('Sec-WebSocket-Protocol') - ); - - return (5 === $passes); - } - - public function verifyStatus($status) { - return ((int)$status === 101); - } - - public function verifyUpgrade(array $upgrade) { - return (in_array('websocket', array_map('strtolower', $upgrade))); - } - - public function verifyConnection(array $connection) { - return (in_array('upgrade', array_map('strtolower', $connection))); - } - - public function verifySecWebSocketAccept($swa, $key) { - return ( - 1 === count($swa) && - 1 === count($key) && - $swa[0] === $this->sign($key[0]) - ); - } - - public function sign($key) { - return base64_encode(sha1($key . NegotiatorInterface::GUID, true)); - } - - public function verifySubProtocol(array $requestHeader, array $responseHeader) { - return 0 === count($responseHeader) || count(array_intersect($responseHeader, $requestHeader)) > 0; - } -} \ No newline at end of file diff --git a/assets/php/vendor/ratchet/rfc6455/src/Handshake/ServerNegotiator.php b/assets/php/vendor/ratchet/rfc6455/src/Handshake/ServerNegotiator.php deleted file mode 100755 index 5a0073b..0000000 --- a/assets/php/vendor/ratchet/rfc6455/src/Handshake/ServerNegotiator.php +++ /dev/null @@ -1,136 +0,0 @@ -verifier = $requestVerifier; - } - - /** - * {@inheritdoc} - */ - public function isProtocol(RequestInterface $request) { - return $this->verifier->verifyVersion($request->getHeader('Sec-WebSocket-Version')); - } - - /** - * {@inheritdoc} - */ - public function getVersionNumber() { - return RequestVerifier::VERSION; - } - - /** - * {@inheritdoc} - */ - public function handshake(RequestInterface $request) { - if (true !== $this->verifier->verifyMethod($request->getMethod())) { - return new Response(405, ['Allow' => 'GET']); - } - - if (true !== $this->verifier->verifyHTTPVersion($request->getProtocolVersion())) { - return new Response(505); - } - - if (true !== $this->verifier->verifyRequestURI($request->getUri()->getPath())) { - return new Response(400); - } - - if (true !== $this->verifier->verifyHost($request->getHeader('Host'))) { - return new Response(400); - } - - $upgradeSuggestion = [ - 'Connection' => 'Upgrade', - 'Upgrade' => 'websocket', - 'Sec-WebSocket-Version' => $this->getVersionNumber() - ]; - if (count($this->_supportedSubProtocols) > 0) { - $upgradeSuggestion['Sec-WebSocket-Protocol'] = implode(', ', $this->_supportedSubProtocols); - } - if (true !== $this->verifier->verifyUpgradeRequest($request->getHeader('Upgrade'))) { - return new Response(426, $upgradeSuggestion, null, '1.1', 'Upgrade header MUST be provided'); - } - - if (true !== $this->verifier->verifyConnection($request->getHeader('Connection'))) { - return new Response(400, [], null, '1.1', 'Connection Upgrade MUST be requested'); - } - - if (true !== $this->verifier->verifyKey($request->getHeader('Sec-WebSocket-Key'))) { - return new Response(400, [], null, '1.1', 'Invalid Sec-WebSocket-Key'); - } - - if (true !== $this->verifier->verifyVersion($request->getHeader('Sec-WebSocket-Version'))) { - return new Response(426, $upgradeSuggestion); - } - - $headers = []; - $subProtocols = $request->getHeader('Sec-WebSocket-Protocol'); - if (count($subProtocols) > 0 || (count($this->_supportedSubProtocols) > 0 && $this->_strictSubProtocols)) { - $subProtocols = array_map('trim', explode(',', implode(',', $subProtocols))); - - $match = array_reduce($subProtocols, function($accumulator, $protocol) { - return $accumulator ?: (isset($this->_supportedSubProtocols[$protocol]) ? $protocol : null); - }, null); - - if ($this->_strictSubProtocols && null === $match) { - return new Response(426, $upgradeSuggestion, null, '1.1', 'No Sec-WebSocket-Protocols requested supported'); - } - - if (null !== $match) { - $headers['Sec-WebSocket-Protocol'] = $match; - } - } - - return new Response(101, array_merge($headers, [ - 'Upgrade' => 'websocket' - , 'Connection' => 'Upgrade' - , 'Sec-WebSocket-Accept' => $this->sign((string)$request->getHeader('Sec-WebSocket-Key')[0]) - , 'X-Powered-By' => 'Ratchet' - ])); - } - - /** - * Used when doing the handshake to encode the key, verifying client/server are speaking the same language - * @param string $key - * @return string - * @internal - */ - public function sign($key) { - return base64_encode(sha1($key . static::GUID, true)); - } - - /** - * @param array $protocols - */ - function setSupportedSubProtocols(array $protocols) { - $this->_supportedSubProtocols = array_flip($protocols); - } - - /** - * If enabled and support for a subprotocol has been added handshake - * will not upgrade if a match between request and supported subprotocols - * @param boolean $enable - * @todo Consider extending this interface and moving this there. - * The spec does says the server can fail for this reason, but - * it is not a requirement. This is an implementation detail. - */ - function setStrictSubProtocolCheck($enable) { - $this->_strictSubProtocols = (boolean)$enable; - } -} -- cgit v1.2.3