我正在尝试在Windows 7上使用带有Node.js(4.5.0)的cap模块来监听websocket流量。我能够解析/解码正在捕获的有效负载但部分内容当有效载荷超过一定长度时被切断。
我正在使用this example来解码websocket框架(wsDecoded函数),我认为问题是我从cap模块获得的响应是在单个缓冲区中返回整个响应,但是这个示例(以及我看过的其他一些websocket库)似乎希望在有效负载超过一定大小时处理多个帧。
我已尝试从缓冲区中取出缓冲区并将其拆分成较小的碎片,但当我这样做时,有效负载看起来就像随机垃圾。
var Cap = require('cap').Cap;
var decoders = require('cap').decoders;
var PROTOCOL = decoders.PROTOCOL;
var c = new Cap();
var device = Cap.findDevice(LOCAL_IP);
var filter = 'port 8088';
var bufSize = 10 * 1024 * 1024;
var buffer = new Buffer(65535);
var linkType = c.open(device, filter, bufSize, buffer);
c.setMinBytes && c.setMinBytes(0);
c.on('packet', function(nbytes, trunc) {
if (linkType === 'ETHERNET') {
var ret = decoders.Ethernet(buffer);
if (ret.info.type === PROTOCOL.ETHERNET.IPV4) {
ret = decoders.IPV4(buffer, ret.offset);
if (ret.info.protocol === PROTOCOL.IP.TCP) {
var datalen = ret.info.totallen - ret.hdrlen;
ret = decoders.TCP(buffer, ret.offset);
datalen -= ret.hdrlen;
var payload = wsDecoded(buffer, ret.offset, ret.offset + datalen);
console.log(payload.toString());
}
}
}
});
function wsDecoded (data, start, end) {
var message = data.slice(start, end);
var FIN = (message[0] & 0x80);
var RSV1 = (message[0] & 0x40);
var RSV2 = (message[0] & 0x20);
var RSV3 = (message[0] & 0x10);
var Opcode = message[0] & 0x0F;
var mask = (message[1] & 0x80);
var length = (message[1] & 0x7F);
var nextByte = 2;
if (length === 126) {
// length = next 2 bytes
nextByte += 2;
} else if (length === 127){
// length = next 8 bytes
nextByte += 8;
}
var maskingKey = null;
if (mask){
maskingKey = message.slice(nextByte, nextByte + 4);
nextByte += 4;
}
var payload = message.slice(nextByte, nextByte + length);
if (maskingKey){
for (var i = 0; i < payload.length; i++){
payload[i] = payload[i] ^ maskingKey[i % 4];
}
}
return payload;
}
未切断的示例结果:
{"Command":"FoldCards","Table":"Ring Game #02","Type":"R","Ghost":"No"}
截止的示例结果:
{"Command":"Buttons","Table":"Ring Game #02","Type":"R","Button1":"","Button2":"Ready","Button3":"","Preflop":"No","Call":0,"M
使用buffer.toString('binary',ret.offset,datalen)时来自on('packet')回调的有效负载。这非常接近我的需要,但它没有取消屏蔽有效载荷并留下一些随机字符(我认为这是帧的开始和停止但不是100%肯定)
?'{"Command":"TablesSitting","Tables":[]}?'{"Command":"TablesWaiting","Tables":[]}?~☺({"Command":"RingGameLobby","Clear":"Yes","Count":2,"ID":["Ring Game #01","Ring Game #02"],"Game":["NL Hold'em","NL Hold'em"],"GameIndex":[2,2],"Seats":[10,10],"StakesLo":[10,10],"StakesHi":[20,20],"BuyinMin":[400,400],"BuyinMax":[2000,2000],"Players":[0,0],"Waiting":[0,0],"Password":["No","No"]}?~☺{"Command":"TournamentLobby","Clear":"Yes","Count":0,"ID":[],"SnG":[],"Shootout":[],"Game":[],"GameIndex":[],"Buyin":[],"EntryFee":[],"Rebuy":[],"TS":[],"PreReg":[],"Reg":[],"Max":[],"Starts":[],"StartMin":[],"StartTime":[],"Running":[],"Tables":[],"Password":[]}?~ ?{"Command":"Logins","Clear":"Yes","Total":1,"Player":["harrythree"],"Name":[""],"Location":["Greenville"],"Login":["2016-08-27 13:26:45"]}
答案 0 :(得分:0)
由于您没有正确读取payloadLength,因此您收到了截断的消息。 看看:
button.Click+= (o,e) => {
// Perform action on click
};
当消息大小超过125个字节时,您必须通过使用下一个2或8个字节来读取正确的payloadLength,如RFC所示。在您的情况下,您只需跳过这些字节,以便您的长度为&#34;始终&lt; = 127,结果以下行生成截断的有效负载数据:
var length = (message[1] & 0x7F);
var nextByte = 2;
if (length === 126) {
// in this case next 2 bytes store lengths. you have to read ones from the buffer
nextByte += 2;
} else if (length === 127){
// in this case next 8 bytes store lengths. you have to read ones from the buffer
nextByte += 8;
}
我稍微修改了你的代码来调试问题。这是我正在谈论的实现的一个例子:
var payload = message.slice(nextByte, nextByte + length);
^
always <= 127