/*
- * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright Siemens AG 2018-2020
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
#include "http_local.h"
-DEFINE_STACK_OF(CONF_VALUE)
-
#define HTTP_PREFIX "HTTP/"
#define HTTP_VERSION_PATT "1." /* allow 1.x */
#define HTTP_VERSION_STR_LEN 3
struct ossl_http_req_ctx_st {
int state; /* Current I/O state */
- unsigned char *iobuf; /* Line buffer */
- int iobuflen; /* Line buffer length */
+ unsigned char *readbuf; /* Buffer for reading response by line */
+ int readbuflen; /* Buffer length, equals buf_size */
BIO *wbio; /* BIO to send request to */
BIO *rbio; /* BIO to read response from */
BIO *mem; /* Memory BIO response is built into */
- int method_GET; /* HTTP method "GET" or "POST" */
- const char *expected_ct; /* expected Content-Type, or NULL */
+ int method_POST; /* HTTP method is "POST" (else "GET") */
+ char *expected_ct; /* expected Content-Type, or NULL */
int expect_asn1; /* response must be ASN.1-encoded */
+ long len_to_send; /* number of bytes in request still to send */
unsigned long resp_len; /* length of response */
- unsigned long max_resp_len; /* Maximum length of response */
- time_t max_time; /* Maximum end time of the transfer, or 0 */
+ size_t max_resp_len; /* Maximum length of response */
+ int keep_alive; /* Persistent conn. 0=no, 1=prefer, 2=require */
+ time_t max_time; /* Maximum end time of current transfer, or 0 */
+ time_t max_total_time; /* Maximum end time of total transfer, or 0 */
char *redirection_url; /* Location given with HTTP status 301/302 */
};
-#define HTTP_DEFAULT_MAX_LINE_LENGTH (4 * 1024)
-#define HTTP_DEFAULT_MAX_RESP_LEN (100 * 1024)
-
/* HTTP states */
#define OHS_NOREAD 0x1000 /* If set no reading should be performed */
#define OHS_HEADERS 2 /* MIME headers being read */
#define OHS_ASN1_HEADER 3 /* HTTP initial header (tag+length) being read */
#define OHS_CONTENT 4 /* HTTP content octets being read */
-#define OHS_WRITE_INIT (5 | OHS_NOREAD) /* 1st call: ready to start I/O */
+#define OHS_WRITE_INIT (5 | OHS_NOREAD) /* 1st call: ready to start send */
#define OHS_WRITE (6 | OHS_NOREAD) /* Request being sent */
#define OHS_FLUSH (7 | OHS_NOREAD) /* Request being flushed */
#define OHS_DONE (8 | OHS_NOREAD) /* Completed */
#define OHS_HTTP_HEADER (9 | OHS_NOREAD) /* Headers set, w/o final \r\n */
-OSSL_HTTP_REQ_CTX *OSSL_HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio,
- int method_GET, int maxline,
- unsigned long max_resp_len,
- int timeout,
- const char *expected_content_type,
- int expect_asn1)
+OSSL_HTTP_REQ_CTX *OSSL_HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio, int buf_size)
{
OSSL_HTTP_REQ_CTX *rctx;
if (wbio == NULL || rbio == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if ((rctx = OPENSSL_zalloc(sizeof(*rctx))) == NULL)
return NULL;
rctx->state = OHS_ERROR;
- rctx->iobuflen = maxline > 0 ? maxline : HTTP_DEFAULT_MAX_LINE_LENGTH;
- rctx->iobuf = OPENSSL_malloc(rctx->iobuflen);
+ rctx->readbuflen = buf_size > 0 ? buf_size : HTTP_DEFAULT_MAX_LINE_LENGTH;
+ rctx->readbuf = OPENSSL_malloc(rctx->readbuflen);
rctx->wbio = wbio;
rctx->rbio = rbio;
- rctx->mem = BIO_new(BIO_s_mem());
- if (rctx->iobuf == NULL || rctx->mem == NULL) {
- OSSL_HTTP_REQ_CTX_free(rctx);
+ if (rctx->readbuf == NULL) {
+ OPENSSL_free(rctx);
return NULL;
}
- rctx->method_GET = method_GET;
- rctx->expected_ct = expected_content_type;
- rctx->expect_asn1 = expect_asn1;
rctx->resp_len = 0;
- OSSL_HTTP_REQ_CTX_set_max_response_length(rctx, max_resp_len);
- rctx->max_time = timeout > 0 ? time(NULL) + timeout : 0;
+ rctx->max_resp_len = HTTP_DEFAULT_MAX_RESP_LEN;
+ /* everything else is 0, e.g. rctx->len_to_send, or NULL, e.g. rctx->mem */
return rctx;
}
if (rctx == NULL)
return;
BIO_free(rctx->mem); /* this may indirectly call ERR_clear_error() */
- OPENSSL_free(rctx->iobuf);
+ OPENSSL_free(rctx->readbuf);
+ OPENSSL_free(rctx->expected_ct);
OPENSSL_free(rctx);
}
-BIO *OSSL_HTTP_REQ_CTX_get0_mem_bio(OSSL_HTTP_REQ_CTX *rctx)
+BIO *OSSL_HTTP_REQ_CTX_get0_mem_bio(const OSSL_HTTP_REQ_CTX *rctx)
{
if (rctx == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
return rctx->mem;
}
+size_t OSSL_HTTP_REQ_CTX_get_resp_len(const OSSL_HTTP_REQ_CTX *rctx)
+{
+ if (rctx == NULL) {
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ return rctx->resp_len;
+}
+
void OSSL_HTTP_REQ_CTX_set_max_response_length(OSSL_HTTP_REQ_CTX *rctx,
unsigned long len)
{
if (rctx == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
return;
}
- rctx->max_resp_len = len != 0 ? len : HTTP_DEFAULT_MAX_RESP_LEN;
+ rctx->max_resp_len = len != 0 ? (size_t)len : HTTP_DEFAULT_MAX_RESP_LEN;
}
/*
- * Create HTTP header using given op and path (or "/" in case path is NULL).
+ * Create request line using |rctx| and |path| (or "/" in case |path| is NULL).
* Server name (and port) must be given if and only if plain HTTP proxy is used.
*/
-int OSSL_HTTP_REQ_CTX_header(OSSL_HTTP_REQ_CTX *rctx, const char *server,
- const char *port, const char *path)
+int OSSL_HTTP_REQ_CTX_set_request_line(OSSL_HTTP_REQ_CTX *rctx, int method_POST,
+ const char *server, const char *port,
+ const char *path)
{
if (rctx == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
+ BIO_free(rctx->mem);
+ if ((rctx->mem = BIO_new(BIO_s_mem())) == NULL)
+ return 0;
- if (BIO_printf(rctx->mem, "%s ", rctx->method_GET ? "GET" : "POST") <= 0)
+ rctx->method_POST = method_POST != 0;
+ if (BIO_printf(rctx->mem, "%s ", rctx->method_POST ? "POST" : "GET") <= 0)
return 0;
if (server != NULL) { /* HTTP (but not HTTPS) proxy is used */
const char *name, const char *value)
{
if (rctx == NULL || name == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (rctx->mem == NULL) {
+ ERR_raise(ERR_LIB_HTTP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
return 1;
}
-static int OSSL_HTTP_REQ_CTX_content(OSSL_HTTP_REQ_CTX *rctx,
- const char *content_type, BIO *req_mem)
+int OSSL_HTTP_REQ_CTX_set_expected(OSSL_HTTP_REQ_CTX *rctx,
+ const char *content_type, int asn1,
+ int timeout, int keep_alive)
+{
+ if (rctx == NULL) {
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (keep_alive != 0
+ && rctx->state != OHS_ERROR && rctx->state != OHS_HEADERS) {
+ /* Cannot anymore set keep-alive in request header */
+ ERR_raise(ERR_LIB_HTTP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return 0;
+ }
+
+ OPENSSL_free(rctx->expected_ct);
+ rctx->expected_ct = NULL;
+ if (content_type != NULL
+ && (rctx->expected_ct = OPENSSL_strdup(content_type)) == NULL)
+ return 0;
+
+ rctx->expect_asn1 = asn1;
+ if (timeout >= 0)
+ rctx->max_time = timeout > 0 ? time(NULL) + timeout : 0;
+ else
+ rctx->max_time = rctx->max_total_time;
+ rctx->keep_alive = keep_alive;
+ return 1;
+}
+
+static int ossl_http_req_ctx_set_content(OSSL_HTTP_REQ_CTX *rctx,
+ const char *content_type, BIO *req_mem)
{
const unsigned char *req;
long req_len;
if (rctx == NULL || req_mem == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (rctx->mem == NULL || !rctx->method_POST) {
+ ERR_raise(ERR_LIB_HTTP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
&& BIO_write(rctx->mem, req, req_len) == (int)req_len;
}
-BIO *HTTP_asn1_item2bio(const ASN1_ITEM *it, ASN1_VALUE *val)
-{
- BIO *res;
-
- if (it == NULL || val == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
-
- if ((res = BIO_new(BIO_s_mem())) == NULL)
- return NULL;
- if (ASN1_item_i2d_bio(it, res, val) <= 0) {
- BIO_free(res);
- res = NULL;
- }
- return res;
-}
-
-int OSSL_HTTP_REQ_CTX_i2d(OSSL_HTTP_REQ_CTX *rctx, const char *content_type,
- const ASN1_ITEM *it, ASN1_VALUE *req)
+int OSSL_HTTP_REQ_CTX_set1_req(OSSL_HTTP_REQ_CTX *rctx, const char *content_type,
+ const ASN1_ITEM *it, const ASN1_VALUE *req)
{
BIO *mem;
int res;
if (rctx == NULL || it == NULL || req == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
- res = (mem = HTTP_asn1_item2bio(it, req)) != NULL
- && OSSL_HTTP_REQ_CTX_content(rctx, content_type, mem);
+ res = (mem = ASN1_item_i2d_mem_bio(it, req)) != NULL
+ && ossl_http_req_ctx_set_content(rctx, content_type, mem);
BIO_free(mem);
return res;
}
const char *host)
{
int i;
- int add_host = 1;
+ int add_host = host != NULL && *host != '\0';
CONF_VALUE *hdr;
for (i = 0; i < sk_CONF_VALUE_num(headers); i++) {
* If !use_http_proxy then the 'server' and 'port' parameters are ignored.
* If req_mem == NULL then use GET and ignore content_type, else POST.
*/
-OSSL_HTTP_REQ_CTX *HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio, int use_http_proxy,
- const char *server, const char *port,
- const char *path,
- const STACK_OF(CONF_VALUE) *headers,
- const char *content_type, BIO *req_mem,
- int maxline, unsigned long max_resp_len,
- int timeout,
- const char *expected_content_type,
- int expect_asn1)
+static OSSL_HTTP_REQ_CTX
+*ossl_http_req_ctx_new(BIO *wbio, BIO *rbio, int use_http_proxy,
+ const char *server, const char *port,
+ const char *path,
+ const STACK_OF(CONF_VALUE) *headers,
+ const char *content_type, BIO *req_mem,
+ int buf_size, int timeout,
+ const char *expected_ct, int expect_asn1)
{
OSSL_HTTP_REQ_CTX *rctx;
if (use_http_proxy && (server == NULL || port == NULL)) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
/* remaining parameters are checked indirectly by the functions called */
- if ((rctx = OSSL_HTTP_REQ_CTX_new(wbio, rbio, req_mem == NULL, maxline,
- max_resp_len, timeout,
- expected_content_type, expect_asn1))
+ if ((rctx = OSSL_HTTP_REQ_CTX_new(wbio, rbio, buf_size))
== NULL)
return NULL;
-
- if (OSSL_HTTP_REQ_CTX_header(rctx, use_http_proxy ? server : NULL,
- port, path)
+ if (OSSL_HTTP_REQ_CTX_set_request_line(rctx, req_mem != NULL,
+ use_http_proxy ? server : NULL, port,
+ path)
+ && OSSL_HTTP_REQ_CTX_set_expected(rctx, expected_ct, expect_asn1,
+ timeout, 0)
&& OSSL_HTTP_REQ_CTX_add1_headers(rctx, headers, server)
&& (req_mem == NULL
- || OSSL_HTTP_REQ_CTX_content(rctx, content_type, req_mem)))
+ || ossl_http_req_ctx_set_content(rctx, content_type, req_mem)))
return rctx;
OSSL_HTTP_REQ_CTX_free(rctx);
for (code = line; *code != '\0' && !ossl_isspace(*code); code++)
continue;
if (*code == '\0') {
- HTTPerr(0, HTTP_R_RESPONSE_PARSE_ERROR);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_RESPONSE_PARSE_ERROR);
return 0;
}
code++;
if (*code == '\0') {
- HTTPerr(0, HTTP_R_RESPONSE_PARSE_ERROR);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_RESPONSE_PARSE_ERROR);
return 0;
}
continue;
if (*reason == '\0') {
- HTTPerr(0, HTTP_R_RESPONSE_PARSE_ERROR);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_RESPONSE_PARSE_ERROR);
return 0;
}
return retcode;
default:
if (retcode < 400)
- HTTPerr(0, HTTP_R_STATUS_CODE_UNSUPPORTED);
+ retcode = HTTP_R_STATUS_CODE_UNSUPPORTED;
else
- HTTPerr(0, HTTP_R_RECEIVED_ERROR);
+ retcode = HTTP_R_RECEIVED_ERROR;
if (*reason == '\0')
- ERR_add_error_data(2, "Code=", code);
+ ERR_raise_data(ERR_LIB_HTTP, retcode, "Code=%s", code);
else
- ERR_add_error_data(4, "Code=", code, ",Reason=", reason);
+ ERR_raise_data(ERR_LIB_HTTP, retcode,
+ "Code=%s, Reason=%s", code, reason);
return 0;
}
}
static int check_set_resp_len(OSSL_HTTP_REQ_CTX *rctx, unsigned long len)
{
- const char *tag = NULL;
- unsigned long val = 0;
-
- if (len > rctx->max_resp_len) {
- HTTPerr(0, HTTP_R_MAX_RESP_LEN_EXCEEDED);
- tag = ",max=";
- val = rctx->max_resp_len;
- }
- if (rctx->resp_len != 0 && rctx->resp_len != len) {
- HTTPerr(0, HTTP_R_INCONSISTENT_CONTENT_LENGTH);
- tag = ",before=";
- val = rctx->resp_len;
- }
- if (tag != NULL) {
- char len_str[32];
- char str[32];
-
- BIO_snprintf(len_str, sizeof(len_str), "%lu", len);
- BIO_snprintf(str, sizeof(str), "%lu", val);
- ERR_add_error_data(4, "length=", len_str, tag, str);
- return 0;
- }
+ if (len > rctx->max_resp_len)
+ ERR_raise_data(ERR_LIB_HTTP, HTTP_R_MAX_RESP_LEN_EXCEEDED,
+ "length=%lu, max=%lu", len, rctx->max_resp_len);
+ if (rctx->resp_len != 0 && rctx->resp_len != len)
+ ERR_raise_data(ERR_LIB_HTTP, HTTP_R_INCONSISTENT_CONTENT_LENGTH,
+ "ASN.1 length=%lu, Content-Length=%lu",
+ len, rctx->resp_len);
rctx->resp_len = len;
return 1;
}
int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
{
int i;
- long n, n_to_send = 0;
+ long n;
unsigned long resp_len;
const unsigned char *p;
char *key, *value, *line_end = NULL;
if (rctx == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ if (rctx->mem == NULL || rctx->wbio == NULL || rctx->rbio == NULL) {
+ ERR_raise(ERR_LIB_HTTP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
rctx->redirection_url = NULL;
next_io:
if ((rctx->state & OHS_NOREAD) == 0) {
- n = BIO_read(rctx->rbio, rctx->iobuf, rctx->iobuflen);
+ n = BIO_read(rctx->rbio, rctx->readbuf, rctx->readbuflen);
if (n <= 0) {
if (BIO_should_retry(rctx->rbio))
return -1;
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_FAILED_READING_DATA);
return 0;
}
/* Write data to memory BIO */
- if (BIO_write(rctx->mem, rctx->iobuf, n) != n)
+ if (BIO_write(rctx->mem, rctx->readbuf, n) != n)
return 0;
}
/* fall thru */
case OHS_WRITE_INIT:
- n_to_send = BIO_get_mem_data(rctx->mem, NULL);
+ rctx->len_to_send = BIO_get_mem_data(rctx->mem, NULL);
rctx->state = OHS_WRITE;
/* fall thru */
case OHS_WRITE:
- n = BIO_get_mem_data(rctx->mem, &p);
-
- i = BIO_write(rctx->wbio, p + (n - n_to_send), n_to_send);
+ n = BIO_get_mem_data(rctx->mem, &p) - rctx->len_to_send;
+ i = BIO_write(rctx->wbio, p + n, rctx->len_to_send);
if (i <= 0) {
if (BIO_should_retry(rctx->wbio))
return 0;
}
- n_to_send -= i;
+ rctx->len_to_send -= i;
- if (n_to_send > 0)
+ if (rctx->len_to_send > 0)
goto next_io;
rctx->state = OHS_FLUSH;
*/
n = BIO_get_mem_data(rctx->mem, &p);
if (n <= 0 || memchr(p, '\n', n) == 0) {
- if (n >= rctx->iobuflen) {
+ if (n >= rctx->readbuflen) {
rctx->state = OHS_ERROR;
return 0;
}
goto next_io;
}
- n = BIO_gets(rctx->mem, (char *)rctx->iobuf, rctx->iobuflen);
+ n = BIO_gets(rctx->mem, (char *)rctx->readbuf, rctx->readbuflen);
if (n <= 0) {
if (BIO_should_retry(rctx->mem))
}
/* Don't allow excessive lines */
- if (n == rctx->iobuflen) {
- HTTPerr(0, HTTP_R_RESPONSE_LINE_TOO_LONG);
+ if (n == rctx->readbuflen) {
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_RESPONSE_LINE_TOO_LONG);
rctx->state = OHS_ERROR;
return 0;
}
/* First line */
if (rctx->state == OHS_FIRSTLINE) {
- switch (parse_http_line1((char *)rctx->iobuf)) {
+ switch (parse_http_line1((char *)rctx->readbuf)) {
case HTTP_STATUS_CODE_OK:
rctx->state = OHS_HEADERS;
goto next_line;
case HTTP_STATUS_CODE_MOVED_PERMANENTLY:
case HTTP_STATUS_CODE_FOUND: /* i.e., moved temporarily */
- if (rctx->method_GET) {
+ if (!rctx->method_POST) { /* method is GET */
rctx->state = OHS_REDIRECT;
goto next_line;
}
- HTTPerr(0, HTTP_R_REDIRECTION_NOT_ENABLED);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_REDIRECTION_NOT_ENABLED);
/* redirection is not supported/recommended for POST */
/* fall through */
default:
return 0;
}
}
- key = (char *)rctx->iobuf;
+ key = (char *)rctx->readbuf;
value = strchr(key, ':');
if (value != NULL) {
*(value++) = '\0';
if (rctx->expected_ct != NULL
&& strcasecmp(key, "Content-Type") == 0) {
if (strcasecmp(rctx->expected_ct, value) != 0) {
- HTTPerr(0, HTTP_R_UNEXPECTED_CONTENT_TYPE);
- ERR_add_error_data(4, "expected=", rctx->expected_ct,
- ",actual=", value);
+ ERR_raise_data(ERR_LIB_HTTP, HTTP_R_UNEXPECTED_CONTENT_TYPE,
+ "expected=%s, actual=%s",
+ rctx->expected_ct, value);
return 0;
}
+ OPENSSL_free(rctx->expected_ct);
rctx->expected_ct = NULL; /* content-type has been found */
}
if (strcasecmp(key, "Content-Length") == 0) {
resp_len = strtoul(value, &line_end, 10);
if (line_end == value || *line_end != '\0') {
- HTTPerr(0, HTTP_R_ERROR_PARSING_CONTENT_LENGTH);
- ERR_add_error_data(2, "input=", value);
+ ERR_raise_data(ERR_LIB_HTTP,
+ HTTP_R_ERROR_PARSING_CONTENT_LENGTH,
+ "input=%s", value);
return 0;
}
if (!check_set_resp_len(rctx, resp_len))
}
}
- /* Look for blank line: end of headers */
- for (p = rctx->iobuf; *p != '\0'; p++) {
+ /* Look for blank line indicating end of headers */
+ for (p = rctx->readbuf; *p != '\0'; p++) {
if (*p != '\r' && *p != '\n')
break;
}
goto next_line;
if (rctx->expected_ct != NULL) {
- HTTPerr(0, HTTP_R_MISSING_CONTENT_TYPE);
- ERR_add_error_data(2, "expected=", rctx->expected_ct);
+ ERR_raise_data(ERR_LIB_HTTP, HTTP_R_MISSING_CONTENT_TYPE,
+ "expected=%s", rctx->expected_ct);
return 0;
}
if (rctx->state == OHS_REDIRECT) {
/* http status code indicated redirect but there was no Location */
- HTTPerr(0, HTTP_R_MISSING_REDIRECT_LOCATION);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_MISSING_REDIRECT_LOCATION);
return 0;
}
/* Check it is an ASN1 SEQUENCE */
if (*p++ != (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
- HTTPerr(0, HTTP_R_MISSING_ASN1_ENCODING);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_MISSING_ASN1_ENCODING);
return 0;
}
n = *p & 0x7F;
/* Not NDEF or excessive length */
if (n == 0 || (n > 4)) {
- HTTPerr(0, HTTP_R_ERROR_PARSING_ASN1_LENGTH);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_ERROR_PARSING_ASN1_LENGTH);
return 0;
}
p++;
}
}
+int OSSL_HTTP_REQ_CTX_nbio_d2i(OSSL_HTTP_REQ_CTX *rctx,
+ ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ const unsigned char *p;
+ int rv;
+
+ *pval = NULL;
+ if ((rv = OSSL_HTTP_REQ_CTX_nbio(rctx)) != 1)
+ return rv;
+ *pval = ASN1_item_d2i(NULL, &p, BIO_get_mem_data(rctx->mem, &p), it);
+ return *pval != NULL;
+
+}
+
#ifndef OPENSSL_NO_SOCK
/* set up a new connection BIO, to HTTP server or to HTTP(S) proxy if given */
static BIO *HTTP_new_bio(const char *server /* optionally includes ":port" */,
const char *server_port /* explicit server port */,
- const char *proxy /* optionally includes ":port" */)
+ int use_ssl,
+ const char *proxy /* optionally includes ":port" */,
+ const char *proxy_port /* explicit proxy port */)
{
- const char *host = server, *host_end;
- char host_name[100];
+ const char *host = server;
const char *port = server_port;
BIO *cbio;
if (proxy != NULL) {
host = proxy;
- port = NULL;
+ port = proxy_port;
}
- host_end = strchr(host, '/');
- if (host_end != NULL && (size_t)(host_end - host) < sizeof(host_name)) {
- /* chop trailing string starting with '/' */
- strncpy(host_name, host, host_end - host + 1);
- host = host_name;
- }
+ if (port == NULL && strchr(host, ':') == NULL)
+ port = use_ssl ? OSSL_HTTPS_PORT : OSSL_HTTP_PORT;
cbio = BIO_new_connect(host /* optionally includes ":port" */);
if (cbio == NULL)
}
#endif /* OPENSSL_NO_SOCK */
-static ASN1_VALUE *BIO_mem_d2i(BIO *mem, const ASN1_ITEM *it)
+int OSSL_HTTP_is_alive(const OSSL_HTTP_REQ_CTX *rctx)
{
- const unsigned char *p;
- long len = BIO_get_mem_data(mem, &p);
- ASN1_VALUE *resp = ASN1_item_d2i(NULL, &p, len, it);
-
- if (resp == NULL)
- HTTPerr(0, HTTP_R_RESPONSE_PARSE_ERROR);
- return resp;
+ return rctx != NULL && rctx->keep_alive != 0;
}
-static BIO *OSSL_HTTP_REQ_CTX_transfer(OSSL_HTTP_REQ_CTX *rctx)
+BIO *OSSL_HTTP_REQ_CTX_exchange(OSSL_HTTP_REQ_CTX *rctx)
{
- int sending = 1;
int rv;
if (rctx == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (rv != -1)
break;
/* BIO_should_retry was true */
- sending = 0;
/* will not actually wait if rctx->max_time == 0 */
if (BIO_wait(rctx->rbio, rctx->max_time, 100 /* milliseconds */) <= 0)
return NULL;
if (rv == 0) {
if (rctx->redirection_url == NULL) { /* an error occurred */
- if (sending && (rctx->state & OHS_NOREAD) != 0)
- HTTPerr(0, HTTP_R_ERROR_SENDING);
+ if (rctx->len_to_send > 0)
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_ERROR_SENDING);
else
- HTTPerr(0, HTTP_R_ERROR_RECEIVING);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_ERROR_RECEIVING);
}
return NULL;
}
- if (!BIO_up_ref(rctx->mem))
- return NULL;
return rctx->mem;
}
-/* Exchange ASN.1-encoded request and response via HTTP on (non-)blocking BIO */
-ASN1_VALUE *OSSL_HTTP_REQ_CTX_sendreq_d2i(OSSL_HTTP_REQ_CTX *rctx,
- const ASN1_ITEM *it)
-{
- if (rctx == NULL || it == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
- return BIO_mem_d2i(OSSL_HTTP_REQ_CTX_transfer(rctx), it);
-}
-
static int update_timeout(int timeout, time_t start_time)
{
long elapsed_time;
return timeout <= elapsed_time ? -1 : timeout - elapsed_time;
}
+OSSL_HTTP_REQ_CTX *OSSL_HTTP_open(const char *server, const char *port,
+ const char *proxy, const char *no_proxy,
+ int use_ssl, BIO *bio, BIO *rbio,
+ OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
+ int buf_size, int overall_timeout)
+{
+ return NULL; /* TODO(3.0) expand */
+}
+
/*-
* Exchange HTTP request and response with the given server.
* If req_mem == NULL then use GET and ignore content_type, else POST.
* BIO *(*OSSL_HTTP_bio_cb_t) (BIO *bio, void *arg, int conn, int detail);
* The callback may modify the HTTP BIO provided in the bio argument,
* whereby it may make use of any custom defined argument 'arg'.
- * During connection establishment, just after BIO_connect_retry(),
+ * During connection establishment, just after BIO_do_connect_retry(),
* the callback function is invoked with the 'conn' argument being 1
* 'detail' indicating whether a HTTPS (i.e., TLS) connection is requested.
* On disconnect 'conn' is 0 and 'detail' indicates that no error occurred.
* The function should return NULL to indicate failure.
* After disconnect the modified BIO will be deallocated using BIO_free_all().
*/
-BIO *OSSL_HTTP_transfer(const char *server, const char *port, const char *path,
+int OSSL_HTTP_set_request(OSSL_HTTP_REQ_CTX *rctx, const char *path,
+ const STACK_OF(CONF_VALUE) *headers,
+ const char *content_type, BIO *req,
+ const char *expected_content_type, int expect_asn1,
+ size_t max_resp_len, int timeout, int keep_alive)
+{
+ return 0; /* TODO(3.0) expand */
+}
+
+BIO *OSSL_HTTP_exchange(OSSL_HTTP_REQ_CTX *rctx, char **redirection_url)
+{
+ return NULL; /* TODO(3.0) expand */
+}
+
+BIO *OSSL_HTTP_transfer(OSSL_HTTP_REQ_CTX **prctx,
+ const char *server, const char *port, const char *path,
int use_ssl, const char *proxy, const char *no_proxy,
BIO *bio, BIO *rbio,
OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
- const STACK_OF(CONF_VALUE) *headers,
+ int buf_size, const STACK_OF(CONF_VALUE) *headers,
const char *content_type, BIO *req_mem,
- int maxline, unsigned long max_resp_len, int timeout,
const char *expected_ct, int expect_asn1,
- char **redirection_url)
+ size_t max_resp_len, int timeout, int keep_alive)
{
+ char **redirection_url = (char **)prctx; /* TODO(3.0) fix when API approved */
time_t start_time = timeout > 0 ? time(NULL) : 0;
BIO *cbio; /* = bio if present, used as connection BIO if rbio is NULL */
OSSL_HTTP_REQ_CTX *rctx;
*redirection_url = NULL; /* do this beforehand to prevent dbl free */
if (use_ssl && bio_update_fn == NULL) {
- HTTPerr(0, HTTP_R_TLS_NOT_ENABLED);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_TLS_NOT_ENABLED);
return NULL;
}
if (rbio != NULL && (bio == NULL || bio_update_fn != NULL)) {
- HTTPerr(0, ERR_R_PASSED_INVALID_ARGUMENT);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_INVALID_ARGUMENT);
return NULL;
}
cbio = bio;
} else {
#ifndef OPENSSL_NO_SOCK
+ char *proxy_host = NULL, *proxy_port = NULL;
+
if (server == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (*port == '\0')
port = NULL;
if (port == NULL && strchr(server, ':') == NULL)
port = use_ssl ? OSSL_HTTPS_PORT : OSSL_HTTP_PORT;
- proxy = http_adapt_proxy(proxy, no_proxy, server, use_ssl);
- if ((cbio = HTTP_new_bio(server, port, proxy)) == NULL)
+ proxy = ossl_http_adapt_proxy(proxy, no_proxy, server, use_ssl);
+ if (proxy != NULL
+ && !OSSL_HTTP_parse_url(proxy, NULL /* use_ssl */, NULL /* user */,
+ &proxy_host, &proxy_port, NULL /* num */,
+ NULL /* path */, NULL, NULL))
+ return NULL;
+ cbio = HTTP_new_bio(server, port, use_ssl, proxy_host, proxy_port);
+ OPENSSL_free(proxy_host);
+ OPENSSL_free(proxy_port);
+ if (cbio == NULL)
return NULL;
#else
- HTTPerr(0, HTTP_R_SOCK_NOT_SUPPORTED);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_SOCK_NOT_SUPPORTED);
return NULL;
#endif
}
/* remaining parameters are checked indirectly by the functions called */
(void)ERR_set_mark(); /* prepare removing any spurious libssl errors */
- if (rbio == NULL && BIO_connect_retry(cbio, timeout) <= 0)
+ if (rbio == NULL && BIO_do_connect_retry(cbio, timeout, -1) <= 0)
goto end;
/* now timeout is guaranteed to be >= 0 */
}
}
- rctx = HTTP_REQ_CTX_new(cbio, rbio != NULL ? rbio : cbio,
- !use_ssl && proxy != NULL, server, port, path,
- headers, content_type, req_mem, maxline,
- max_resp_len, update_timeout(timeout, start_time),
- expected_ct, expect_asn1);
+ rctx = ossl_http_req_ctx_new(cbio, rbio != NULL ? rbio : cbio,
+ !use_ssl && proxy != NULL, server, port, path,
+ headers, content_type, req_mem, buf_size,
+ update_timeout(timeout, start_time),
+ expected_ct, expect_asn1);
if (rctx == NULL)
goto end;
- resp = OSSL_HTTP_REQ_CTX_transfer(rctx);
+ resp = OSSL_HTTP_REQ_CTX_exchange(rctx);
if (resp == NULL) {
if (rctx->redirection_url != NULL) {
if (redirection_url == NULL)
- HTTPerr(0, HTTP_R_REDIRECTION_NOT_ENABLED);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_REDIRECTION_NOT_ENABLED);
else
/* may be NULL if out of memory: */
*redirection_url = OPENSSL_strdup(rctx->redirection_url);
}
}
}
- OSSL_HTTP_REQ_CTX_free(rctx);
-
/* callback can be used to clean up TLS session */
if (bio_update_fn != NULL
- && (*bio_update_fn)(cbio, arg, 0, resp != NULL) == NULL) {
- BIO_free(resp);
+ && (*bio_update_fn)(cbio, arg, 0, resp != NULL) == NULL)
resp = NULL;
- }
+
+ if (resp != NULL && !BIO_up_ref(resp))
+ resp = NULL;
+ OSSL_HTTP_REQ_CTX_free(rctx);
end:
/*
size_t https_len = strlen(OSSL_HTTPS_NAME":");
if (n_redir >= HTTP_VERSION_MAX_REDIRECTIONS) {
- HTTPerr(0, HTTP_R_TOO_MANY_REDIRECTIONS);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_TOO_MANY_REDIRECTIONS);
return 0;
}
if (*new_url == '/') /* redirection to same server => same protocol */
return 1;
if (strncmp(old_url, OSSL_HTTPS_NAME":", https_len) == 0 &&
strncmp(new_url, OSSL_HTTPS_NAME":", https_len) != 0) {
- HTTPerr(0, HTTP_R_REDIRECTION_FROM_HTTPS_TO_HTTP);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_REDIRECTION_FROM_HTTPS_TO_HTTP);
return 0;
}
return 1;
BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy,
BIO *bio, BIO *rbio,
OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
- const STACK_OF(CONF_VALUE) *headers,
- int maxline, unsigned long max_resp_len, int timeout,
- const char *expected_content_type, int expect_asn1)
+ int buf_size, const STACK_OF(CONF_VALUE) *headers,
+ const char *expected_ct, int expect_asn1,
+ size_t max_resp_len, int timeout)
{
time_t start_time = timeout > 0 ? time(NULL) : 0;
- char *current_url, *redirection_url;
+ char *current_url, *redirection_url = NULL;
int n_redirs = 0;
char *host;
char *port;
BIO *resp = NULL;
if (url == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if ((current_url = OPENSSL_strdup(url)) == NULL)
return NULL;
for (;;) {
- if (!OSSL_HTTP_parse_url(current_url, &host, &port, &path, &use_ssl))
+ if (!OSSL_HTTP_parse_url(current_url, &use_ssl, NULL /* user */, &host,
+ &port, NULL /* port_num */, &path, NULL, NULL))
break;
new_rpath:
- resp = OSSL_HTTP_transfer(host, port, path, use_ssl, proxy, no_proxy,
+ resp = OSSL_HTTP_transfer((OSSL_HTTP_REQ_CTX **)&redirection_url, /* TODO(3.0) fix when API approved */
+ host, port, path, use_ssl, proxy, no_proxy,
bio, rbio,
- bio_update_fn, arg, headers, NULL, NULL,
- maxline, max_resp_len,
- update_timeout(timeout, start_time),
- expected_content_type, expect_asn1,
- &redirection_url);
+ bio_update_fn, arg, buf_size, headers, NULL, NULL,
+ expected_ct, expect_asn1,
+ max_resp_len,
+ update_timeout(timeout, start_time), 0);
OPENSSL_free(path);
if (resp == NULL && redirection_url != NULL) {
if (redirection_ok(++n_redirs, current_url, redirection_url)) {
return resp;
}
-/* Get ASN.1-encoded data via HTTP from server at given URL */
-ASN1_VALUE *OSSL_HTTP_get_asn1(const char *url,
- const char *proxy, const char *no_proxy,
- BIO *bio, BIO *rbio,
- OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
- const STACK_OF(CONF_VALUE) *headers,
- int maxline, unsigned long max_resp_len,
- int timeout, const char *expected_content_type,
- const ASN1_ITEM *it)
+int OSSL_HTTP_close(OSSL_HTTP_REQ_CTX *rctx, int ok)
{
- BIO *mem;
- ASN1_VALUE *resp = NULL;
-
- if (url == NULL || it == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
- if ((mem = OSSL_HTTP_get(url, proxy, no_proxy, bio, rbio, bio_update_fn,
- arg, headers, maxline, max_resp_len, timeout,
- expected_content_type, 1 /* expect_asn1 */))
- != NULL)
- resp = BIO_mem_d2i(mem, it);
- BIO_free(mem);
- return resp;
-}
-
-/* Post ASN.1-encoded request via HTTP to server return ASN.1 response */
-ASN1_VALUE *OSSL_HTTP_post_asn1(const char *server, const char *port,
- const char *path, int use_ssl,
- const char *proxy, const char *no_proxy,
- BIO *bio, BIO *rbio,
- OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
- const STACK_OF(CONF_VALUE) *headers,
- const char *content_type,
- ASN1_VALUE *req, const ASN1_ITEM *req_it,
- int maxline, unsigned long max_resp_len,
- int timeout, const char *expected_ct,
- const ASN1_ITEM *rsp_it)
-{
- BIO *req_mem;
- BIO *res_mem;
- ASN1_VALUE *resp = NULL;
-
- if (req == NULL) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
- /* remaining parameters are checked indirectly */
-
- req_mem = HTTP_asn1_item2bio(req_it, req);
- res_mem = OSSL_HTTP_transfer(server, port, path, use_ssl, proxy, no_proxy,
- bio, rbio,
- bio_update_fn, arg, headers, content_type,
- req_mem /* may be NULL */, maxline,
- max_resp_len, timeout,
- expected_ct, 1 /* expect_asn1 */, NULL);
- BIO_free(req_mem);
- if (res_mem != NULL)
- resp = BIO_mem_d2i(res_mem, rsp_it);
- BIO_free(res_mem);
- return resp;
+ return 0; /* TODO(3.0) expand */
}
/* BASE64 encoder used for encoding basic proxy authentication credentials */
if (bio == NULL || server == NULL
|| (bio_err != NULL && prog == NULL)) {
- HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
+ ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
goto end;
}
if (port == NULL || *port == '\0')
BIO_printf(fbio, "Proxy-Authorization: Basic %s\r\n", proxyauthenc);
OPENSSL_clear_free(proxyauthenc, strlen(proxyauthenc));
}
- proxy_end:
+ proxy_end:
OPENSSL_clear_free(proxyauth, len);
if (proxyauthenc == NULL)
goto end;
/* RFC 7231 4.3.6: any 2xx status code is valid */
if (strncmp(mbuf, HTTP_PREFIX, strlen(HTTP_PREFIX)) != 0) {
- HTTPerr(0, HTTP_R_RESPONSE_PARSE_ERROR);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_RESPONSE_PARSE_ERROR);
BIO_printf(bio_err, "%s: HTTP CONNECT failed, non-HTTP response\n",
prog);
/* Wrong protocol, not even HTTP, so stop reading headers */
}
mbufp = mbuf + strlen(HTTP_PREFIX);
if (strncmp(mbufp, HTTP_VERSION_PATT, strlen(HTTP_VERSION_PATT)) != 0) {
- HTTPerr(0, HTTP_R_RECEIVED_WRONG_HTTP_VERSION);
+ ERR_raise(ERR_LIB_HTTP, HTTP_R_RECEIVED_WRONG_HTTP_VERSION);
BIO_printf(bio_err,
"%s: HTTP CONNECT failed, bad HTTP version %.*s\n",
prog, HTTP_VERSION_STR_LEN, mbufp);
while (read_len > 0 && ossl_isspace(mbuf[read_len - 1]))
read_len--;
mbuf[read_len] = '\0';
- HTTPerr(0, HTTP_R_CONNECT_FAILURE);
- ERR_add_error_data(2, "Reason=", mbufp);
+ ERR_raise_data(ERR_LIB_HTTP, HTTP_R_CONNECT_FAILURE,
+ "Reason=%s", mbufp);
BIO_printf(bio_err, "%s: HTTP CONNECT failed, Reason=%s\n",
prog, mbufp);
goto end;
projects / openssl.git / blobdiff