Merge branch 'insp3' into master.

docs/conf/inspircd.conf.example

@@ -193,7 +193,7 @@
     #replace="yes">
 
 
-# Listener accepting HTML5 WebSocket connections.
+# Listener accepting WebSocket connections.
 # Requires the websocket module and SHA-1 hashing support (provided by the sha1
 # module).
 #<bind address="" port="7002" type="clients" hook="websocket">

docs/conf/modules.conf.example

@@ -2379,7 +2379,7 @@
 #<watch maxwatch="32">
 
 #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# WebSocket module: Adds HTML5 WebSocket support.
+# WebSocket module: Adds WebSocket support.
 # Specify hook="websocket" in a <bind> tag to make that port accept
 # WebSocket connections. Compatible with TLS.
 # Requires SHA-1 hash support available in the sha1 module.

src/modules/m_websocket.cpp

@@ -120,6 +120,13 @@ class WebSocketHook final
 		}
 	};
 
+	enum CloseCode
+	{
+		CLOSE_PROTOCOL_ERROR = 1002,
+		CLOSE_POLICY_VIOLATION = 1008,
+		CLOSE_TOO_LARGE = 1009
+	};
+
 	enum OpCode
 	{
 		OP_CONTINUATION = 0x00,
@@ -197,7 +204,7 @@ class WebSocketHook final
 		unsigned char len1 = (unsigned char)cmyrecvq[1];
 		if (!(len1 & WS_MASKBIT))
 		{
-			sock->SetError("WebSocket protocol violation: unmasked client frame");
+			CloseConnection(sock, CLOSE_PROTOCOL_ERROR, "WebSocket protocol violation: unmasked client frame");
 			return -1;
 		}
 
@@ -213,7 +220,7 @@ class WebSocketHook final
 			// allowlarge is false for control frames according to the RFC meaning large pings, etc. are not allowed
 			if (!allowlarge)
 			{
-				sock->SetError("WebSocket protocol violation: large control frame");
+				CloseConnection(sock, CLOSE_PROTOCOL_ERROR, "WebSocket protocol violation: large control frame");
 				return -1;
 			}
 
@@ -228,7 +235,7 @@ class WebSocketHook final
 
 			if (len <= WS_MAX_PAYLOAD_LENGTH_SMALL)
 			{
-				sock->SetError("WebSocket protocol violation: non-minimal length encoding used");
+				CloseConnection(sock, CLOSE_PROTOCOL_ERROR, "WebSocket protocol violation: non-minimal length encoding used");
 				return -1;
 			}
 
@@ -237,7 +244,7 @@ class WebSocketHook final
 		}
 		else if (len1 == WS_PAYLOAD_LENGTH_MAGIC_HUGE)
 		{
-			sock->SetError("WebSocket: Huge frames are not supported");
+			CloseConnection(sock, CLOSE_TOO_LARGE, "WebSocket: Huge frames are not supported");
 			return -1;
 		}
 
@@ -261,7 +268,7 @@ class WebSocketHook final
 	{
 		if (lastpingpong + MINPINGPONGDELAY >= ServerInstance->Time())
 		{
-			sock->SetError("WebSocket: Ping/pong flood");
+			CloseConnection(sock, CLOSE_POLICY_VIOLATION, "WebSocket: Ping/pong flood");
 			return -1;
 		}
 
@@ -332,12 +339,26 @@ class WebSocketHook final
 
 			default:
 			{
-				sock->SetError("WebSocket: Invalid opcode");
+				CloseConnection(sock, CLOSE_PROTOCOL_ERROR, "WebSocket: Invalid opcode");
 				return -1;
 			}
 		}
 	}
 
+	void CloseConnection(StreamSocket* sock, CloseCode closecode, const std::string& reason)
+	{
+		uint16_t netcode = htons(closecode);
+		std::string packedcode;
+		packedcode.push_back(netcode & 0x00FF);
+		packedcode.push_back(netcode >> 8);
+
+		GetSendQ().push_back(PrepareSendQElem(reason.length() + 2, OP_CLOSE));
+		GetSendQ().push_back(packedcode);
+		GetSendQ().push_back(reason);
+		sock->DoWrite();
+		sock->SetError(reason);
+	}
+
 	void FailHandshake(StreamSocket* sock, const char* httpreply, const char* sockerror)
 	{
 		GetSendQ().push_back(StreamSocket::SendQueue::Element(httpreply));

win/conanfile.txt

@@ -1,4 +1,4 @@
-# Last updated: 2022-06-22
+# Last updated: 2022-08-04
 #
 # Modules we can't legally ship: geo_maxmind, ssl_mbedtls, ssl_openssl
 # Modules which don't apply to Windows: regex_posix, sslrehashsignal
@@ -9,12 +9,12 @@ argon2/20190702
 ## libmaxminddb/1.6.0
 libmysqlclient/8.0.29
 libpq/14.2
-## mbedtls/3.1.0
-## openssl/1.1.1o # unable to upgrade yet because of dependency issues
+## mbedtls/3.2.1
+## openssl/1.1.1q # unable to upgrade to v3 yet because of dependency issues
 pcre2/10.40
 rapidjson/cci.20211112
-re2/20220201
-sqlite3/3.38.5
+re2/20220601
+sqlite3/3.39.2
 
 [options]
 argon2:shared=True