Ws should not open the connection if it fails to validate during the handshake

lbyczzz · February 9, 2023, 12:46am

hello,I have a question. Can you help me solve it?
Is opening a ws connection without validation a bit of a drain on server resources?

sanic/app.py:

    async def _websocket_handler(
        self, handler, request, *args, subprotocols=None, **kwargs
    ):
        if self.asgi:
            ws = request.transport.get_websocket_connection()
            await ws.accept(subprotocols)
        else:
            protocol = request.transport.get_protocol()
            ws = await protocol.websocket_handshake(request, subprotocols)

        # schedule the application handler
        # its future is kept in self.websocket_tasks in case it
        # needs to be cancelled due to the server being stopped
        fut = ensure_future(handler(request, ws, *args, **kwargs))
        self.websocket_tasks.add(fut)
        cancelled = False
        try:
            await fut
        except (CancelledError, ConnectionClosed):
            cancelled = True
        except Exception as e:
            self.error_handler.log(request, e)
        finally:
            self.websocket_tasks.remove(fut)
            if cancelled:
                ws.end_connection(1000)
            else:
                await ws.close()

sjsadowski · February 9, 2023, 12:47am

There’s not enough here to answer your question. How is this function called? Is it set up as a route?

lbyczzz · February 9, 2023, 1:27am

Yes, this is the ws routing interface, and ws objects are opened without handshake validation :‘ws = await protocol. websocket_handshake(request, subprotocols)’, Go directly to the handler ‘handler(request, ws, *args, **kwargs)’. Does this process consume server resources? Is it better for ws to return None rather than frequent opening or closing if validation fails on the handshake?

sjsadowski · February 9, 2023, 1:26pm

There’s still not enough information here to answer your question.

If the route never gets called, it won’t consume any resources more than loading the route path into memory when sanic starts, however starting any script, application, or program will consume resources, so it’s still unclear as to what you’re asking.

lbyczzz · February 10, 2023, 3:08am

I mean, the route is called, and ws is opened without authentication. When I verify at the interface layer, ws has been opened. When the user requests a connection to call the route, if the authentication fails during handshake, can’t we directly reject the connection? Why should I open ws every time? What if there is a malicious connection?

sjsadowski · February 10, 2023, 12:01pm

Sanic’s websocket support is wrapped around websockets - if what is needed is supported there, there should be a way to capture it and handle it the way that is desired - however if I recall correctly, the upgrade request is a black box.

It sounds like you need more control than that and you will likely need to write a custom websocket implementation.

ahopkins · February 20, 2023, 9:29pm

Correct, the upgrade and handshake all happen under the hood.

You might need to subclass the websocket protocol if you want to handle that
Alternatively, the next release is likely going to contain some more built-in signals around websocket events. This sounds like the perfect use case for that.