From 23c1bf4fa5b87bd7a6cc04a18d8ac6cc63ea1b07 Mon Sep 17 00:00:00 2001
From: Gary Burd <gary@beagledreams.com>
Date: Sun, 2 Jan 2022 11:16:03 -0800
Subject: [PATCH 1/2] Update autobahn example

- Update instructions to use docker.
- Cleanup config file.
---
 examples/autobahn/README.md                 |  9 +++++--
 examples/autobahn/config/fuzzingclient.json | 29 +++++++++++++++++++++
 examples/autobahn/fuzzingclient.json        | 15 -----------
 3 files changed, 36 insertions(+), 17 deletions(-)
 create mode 100644 examples/autobahn/config/fuzzingclient.json
 delete mode 100644 examples/autobahn/fuzzingclient.json

diff --git a/examples/autobahn/README.md b/examples/autobahn/README.md
index dde8525a..cc954fea 100644
--- a/examples/autobahn/README.md
+++ b/examples/autobahn/README.md
@@ -8,6 +8,11 @@ To test the server, run
 
 and start the client test driver
 
-    wstest -m fuzzingclient -s fuzzingclient.json
+    mkdir -p reports
+    docker run -it --rm \
+        -v ${PWD}/config:/config \
+        -v ${PWD}/reports:/reports \
+        crossbario/autobahn-testsuite \
+        wstest -m fuzzingclient -s /config/fuzzingclient.json
 
-When the client completes, it writes a report to reports/clients/index.html.
+When the client completes, it writes a report to reports/index.html.
diff --git a/examples/autobahn/config/fuzzingclient.json b/examples/autobahn/config/fuzzingclient.json
new file mode 100644
index 00000000..eda4e663
--- /dev/null
+++ b/examples/autobahn/config/fuzzingclient.json
@@ -0,0 +1,29 @@
+{
+  "cases": ["*"],
+  "exclude-cases": [],
+  "exclude-agent-cases": {},
+  "outdir": "/reports",
+  "options": {"failByDrop": false},
+  "servers": [
+    {
+      "agent": "ReadAllWriteMessage",
+      "url": "ws://host.docker.internal:9000/m"
+    },
+    {
+      "agent": "ReadAllWritePreparedMessage",
+      "url": "ws://host.docker.internal:9000/p"
+    },
+    {
+      "agent": "CopyFull",
+      "url": "ws://host.docker.internal:9000/f"
+    },
+    {
+      "agent": "ReadAllWrite",
+      "url": "ws://host.docker.internal:9000/r"
+    },
+    {
+      "agent": "CopyWriterOnly",
+      "url": "ws://host.docker.internal:9000/c"
+    }
+  ]
+}
diff --git a/examples/autobahn/fuzzingclient.json b/examples/autobahn/fuzzingclient.json
deleted file mode 100644
index aa3a0bc0..00000000
--- a/examples/autobahn/fuzzingclient.json
+++ /dev/null
@@ -1,15 +0,0 @@
-
-{
-   "options": {"failByDrop": false},
-   "outdir": "./reports/clients",
-   "servers": [
-        {"agent": "ReadAllWriteMessage", "url": "ws://localhost:9000/m", "options": {"version": 18}},
-        {"agent": "ReadAllWritePreparedMessage", "url": "ws://localhost:9000/p", "options": {"version": 18}},
-        {"agent": "ReadAllWrite", "url": "ws://localhost:9000/r", "options": {"version": 18}},
-        {"agent": "CopyFull", "url": "ws://localhost:9000/f", "options": {"version": 18}},
-        {"agent": "CopyWriterOnly", "url": "ws://localhost:9000/c", "options": {"version": 18}}
-    ],
-   "cases": ["*"],
-   "exclude-cases": [],
-   "exclude-agent-cases": {}
-}

From e4972a877264d90df9d88a68552c4d3c27549f22 Mon Sep 17 00:00:00 2001
From: Gary Burd <gary@beagledreams.com>
Date: Sun, 2 Jan 2022 11:59:10 -0800
Subject: [PATCH 2/2] Improve protocol error messages

To aid debugging protocol errors, report all errors found in the first
two bytes of a message header.
---
 conn.go | 57 ++++++++++++++++++++++++++++++++++++++++-----------------
 1 file changed, 40 insertions(+), 17 deletions(-)

diff --git a/conn.go b/conn.go
index ca46d2f7..2296bf37 100644
--- a/conn.go
+++ b/conn.go
@@ -13,6 +13,7 @@ import (
 	"math/rand"
 	"net"
 	"strconv"
+	"strings"
 	"sync"
 	"time"
 	"unicode/utf8"
@@ -794,47 +795,69 @@ func (c *Conn) advanceFrame() (int, error) {
 	}
 
 	// 2. Read and parse first two bytes of frame header.
+	// To aid debugging, collect and report all errors in the first two bytes
+	// of the header.
+
+	var errors []string
 
 	p, err := c.read(2)
 	if err != nil {
 		return noFrame, err
 	}
 
-	final := p[0]&finalBit != 0
 	frameType := int(p[0] & 0xf)
+	final := p[0]&finalBit != 0
+	rsv1 := p[0]&rsv1Bit != 0
+	rsv2 := p[0]&rsv2Bit != 0
+	rsv3 := p[0]&rsv3Bit != 0
 	mask := p[1]&maskBit != 0
 	c.setReadRemaining(int64(p[1] & 0x7f))
 
 	c.readDecompress = false
-	if c.newDecompressionReader != nil && (p[0]&rsv1Bit) != 0 {
-		c.readDecompress = true
-		p[0] &^= rsv1Bit
+	if rsv1 {
+		if c.newDecompressionReader != nil {
+			c.readDecompress = true
+		} else {
+			errors = append(errors, "RSV1 set")
+		}
 	}
 
-	if rsv := p[0] & (rsv1Bit | rsv2Bit | rsv3Bit); rsv != 0 {
-		return noFrame, c.handleProtocolError("unexpected reserved bits 0x" + strconv.FormatInt(int64(rsv), 16))
+	if rsv2 {
+		errors = append(errors, "RSV2 set")
+	}
+
+	if rsv3 {
+		errors = append(errors, "RSV3 set")
 	}
 
 	switch frameType {
 	case CloseMessage, PingMessage, PongMessage:
 		if c.readRemaining > maxControlFramePayloadSize {
-			return noFrame, c.handleProtocolError("control frame length > 125")
+			errors = append(errors, "len > 125 for control")
 		}
 		if !final {
-			return noFrame, c.handleProtocolError("control frame not final")
+			errors = append(errors, "FIN not set on control")
 		}
 	case TextMessage, BinaryMessage:
 		if !c.readFinal {
-			return noFrame, c.handleProtocolError("message start before final message frame")
+			errors = append(errors, "data before FIN")
 		}
 		c.readFinal = final
 	case continuationFrame:
 		if c.readFinal {
-			return noFrame, c.handleProtocolError("continuation after final message frame")
+			errors = append(errors, "continuation after FIN")
 		}
 		c.readFinal = final
 	default:
-		return noFrame, c.handleProtocolError("unknown opcode " + strconv.Itoa(frameType))
+		errors = append(errors, "bad opcode "+strconv.Itoa(frameType))
+	}
+
+	if mask != c.isServer {
+		errors = append(errors, "bad MASK")
+	}
+
+	if len(errors) > 0 {
+		return noFrame, c.handleProtocolError(strings.Join(errors, ", "))
 	}
 
 	// 3. Read and parse frame length as per
@@ -872,10 +895,6 @@ func (c *Conn) advanceFrame() (int, error) {
 
 	// 4. Handle frame masking.
 
-	if mask != c.isServer {
-		return noFrame, c.handleProtocolError("incorrect mask flag")
-	}
-
 	if mask {
 		c.readMaskPos = 0
 		p, err := c.read(len(c.readMaskKey))
@@ -935,7 +954,7 @@ func (c *Conn) advanceFrame() (int, error) {
 		if len(payload) >= 2 {
 			closeCode = int(binary.BigEndian.Uint16(payload))
 			if !isValidReceivedCloseCode(closeCode) {
-				return noFrame, c.handleProtocolError("invalid close code")
+				return noFrame, c.handleProtocolError("bad close code " + strconv.Itoa(closeCode))
 			}
 			closeText = string(payload[2:])
 			if !utf8.ValidString(closeText) {
@@ -952,7 +971,11 @@ func (c *Conn) advanceFrame() (int, error) {
 }
 
 func (c *Conn) handleProtocolError(message string) error {
-	c.WriteControl(CloseMessage, FormatCloseMessage(CloseProtocolError, message), time.Now().Add(writeWait))
+	data := FormatCloseMessage(CloseProtocolError, message)
+	if len(data) > maxControlFramePayloadSize {
+		data = data[:maxControlFramePayloadSize]
+	}
+	c.WriteControl(CloseMessage, data, time.Now().Add(writeWait))
 	return errors.New("websocket: " + message)
 }