Context Navigation

source: lib/http_client.c @ 486ddb5

Last change on this file since 486ddb5 was 486ddb5, checked in by Wilmer van der Gaast <wilmer@…>, at 2011-12-19T14:50:58Z
Initial merge of tls_verify patch from AopicieR.
Property mode set to `100644`
File size: 12.4 KB

Rev	Line
[8a9afe4]	1	/********************************************************************\
	2	* BitlBee -- An IRC to other IM-networks gateway *
	3	* *
[03a8f8e]	4	* Copyright 2002-2011 Wilmer van der Gaast and others *
[8a9afe4]	5	\********************************************************************/
	6
[52b3a99]	7	/* HTTP(S) module */
[8a9afe4]	8
	9	/*
	10	This program is free software; you can redistribute it and/or modify
	11	it under the terms of the GNU General Public License as published by
	12	the Free Software Foundation; either version 2 of the License, or
	13	(at your option) any later version.
	14
	15	This program is distributed in the hope that it will be useful,
	16	but WITHOUT ANY WARRANTY; without even the implied warranty of
	17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	18	GNU General Public License for more details.
	19
	20	You should have received a copy of the GNU General Public License with
	21	the Debian GNU/Linux distribution in /usr/share/common-licenses/GPL;
	22	if not, write to the Free Software Foundation, Inc., 59 Temple Place,
	23	Suite 330, Boston, MA 02111-1307 USA
	24	*/
	25
	26	#include <string.h>
[52b3a99]	27	#include <stdio.h>
[8a9afe4]	28
	29	#include "http_client.h"
[52b3a99]	30	#include "url.h"
[e4d6271]	31	#include "sock.h"
[8a9afe4]	32
	33
[ba9edaa]	34	static gboolean http_connected( gpointer data, int source, b_input_condition cond );
[486ddb5]	35	static gboolean http_ssl_connected( gpointer data, int returncode, void *source, b_input_condition cond );
[ba9edaa]	36	static gboolean http_incoming_data( gpointer data, int source, b_input_condition cond );
[516a9c6]	37	static void http_free( struct http_request *req );
[8a9afe4]	38
	39
[516a9c6]	40	struct http_request http_dorequest( char host, int port, int ssl, char *request, http_input_function func, gpointer data )
[8a9afe4]	41	{
	42	struct http_request *req;
	43	int error = 0;
	44
	45	req = g_new0( struct http_request, 1 );
	46
	47	if( ssl )
	48	{
	49	req->ssl = ssl_connect( host, port, http_ssl_connected, req );
	50	if( req->ssl == NULL )
	51	error = 1;
	52	}
	53	else
	54	{
	55	req->fd = proxy_connect( host, port, http_connected, req );
	56	if( req->fd < 0 )
	57	error = 1;
	58	}
	59
	60	if( error )
	61	{
[fb98634]	62	http_free( req );
	63	return NULL;
[8a9afe4]	64	}
	65
[52b3a99]	66	req->func = func;
	67	req->data = data;
[8a9afe4]	68	req->request = g_strdup( request );
	69	req->request_length = strlen( request );
[7885d0f]	70	req->redir_ttl = 3;
[8a9afe4]	71
[3f808ca]	72	if( getenv( "BITLBEE_DEBUG" ) )
	73	printf( "About to send HTTP request:\n%s\n", req->request );
	74
[8a9afe4]	75	return( req );
	76	}
	77
[516a9c6]	78	struct http_request http_dorequest_url( char url_string, http_input_function func, gpointer data )
[0790644]	79	{
	80	url_t *url = g_new0( url_t, 1 );
	81	char *request;
	82	void *ret;
	83
	84	if( !url_set( url, url_string ) )
	85	{
	86	g_free( url );
	87	return NULL;
	88	}
	89
	90	if( url->proto != PROTO_HTTP && url->proto != PROTO_HTTPS )
	91	{
	92	g_free( url );
	93	return NULL;
	94	}
	95
	96	request = g_strdup_printf( "GET %s HTTP/1.0\r\n"
	97	"Host: %s\r\n"
[2423c93]	98	"Connection: close\r\n"
[1b5ab36]	99	"User-Agent: BitlBee " BITLBEE_VERSION " " ARCH "/" CPU "\r\n"
[0790644]	100	"\r\n", url->file, url->host );
	101
	102	ret = http_dorequest( url->host, url->port,
	103	url->proto == PROTO_HTTPS, request, func, data );
	104
	105	g_free( url );
	106	g_free( request );
[266fe2f]	107	return ret;
[0790644]	108	}
	109
[8a9afe4]	110	/* This one is actually pretty simple... Might get more calls if we can't write
	111	the whole request at once. */
[ba9edaa]	112	static gboolean http_connected( gpointer data, int source, b_input_condition cond )
[8a9afe4]	113	{
	114	struct http_request *req = data;
	115	int st;
	116
	117	if( source < 0 )
	118	goto error;
	119
	120	if( req->inpa > 0 )
[ba9edaa]	121	b_event_remove( req->inpa );
[8a9afe4]	122
	123	sock_make_nonblocking( req->fd );
	124
	125	if( req->ssl )
	126	{
	127	st = ssl_write( req->ssl, req->request + req->bytes_written,
	128	req->request_length - req->bytes_written );
	129	if( st < 0 )
	130	{
	131	if( ssl_errno != SSL_AGAIN )
	132	{
	133	ssl_disconnect( req->ssl );
	134	goto error;
	135	}
	136	}
	137	}
	138	else
	139	{
	140	st = write( source, req->request + req->bytes_written,
	141	req->request_length - req->bytes_written );
	142	if( st < 0 )
	143	{
	144	if( !sockerr_again() )
	145	{
[52b3a99]	146	closesocket( req->fd );
[8a9afe4]	147	goto error;
	148	}
	149	}
	150	}
	151
	152	if( st > 0 )
	153	req->bytes_written += st;
	154
	155	if( req->bytes_written < req->request_length )
[ba9edaa]	156	req->inpa = b_input_add( source,
[e046390]	157	req->ssl ? ssl_getdirection( req->ssl ) : B_EV_IO_WRITE,
[ba9edaa]	158	http_connected, req );
[8a9afe4]	159	else
[e046390]	160	req->inpa = b_input_add( source, B_EV_IO_READ, http_incoming_data, req );
[8a9afe4]	161
[ba9edaa]	162	return FALSE;
[8a9afe4]	163
	164	error:
[7deb447]	165	req->status_string = g_strdup( "Error while writing HTTP request" );
	166
[8a9afe4]	167	req->func( req );
[fb98634]	168	http_free( req );
[ba9edaa]	169	return FALSE;
[8a9afe4]	170	}
	171
[486ddb5]	172	static gboolean http_ssl_connected( gpointer data, int returncode, void *source, b_input_condition cond )
[8a9afe4]	173	{
[486ddb5]	174	//The returncode is not used at the moment.
[8a9afe4]	175	struct http_request *req = data;
	176
	177	if( source == NULL )
	178	return http_connected( data, -1, cond );
	179
	180	req->fd = ssl_getfd( source );
	181
	182	return http_connected( data, req->fd, cond );
	183	}
	184
[ba9edaa]	185	static gboolean http_incoming_data( gpointer data, int source, b_input_condition cond )
[8a9afe4]	186	{
	187	struct http_request *req = data;
	188	int evil_server = 0;
	189	char buffer[2048];
	190	char end1, end2;
	191	int st;
	192
	193	if( req->inpa > 0 )
[ba9edaa]	194	b_event_remove( req->inpa );
[8a9afe4]	195
	196	if( req->ssl )
	197	{
	198	st = ssl_read( req->ssl, buffer, sizeof( buffer ) );
	199	if( st < 0 )
	200	{
	201	if( ssl_errno != SSL_AGAIN )
	202	{
[ad8b8a3]	203	/* goto cleanup; */
	204
	205	/* YAY! We have to deal with crappy Microsoft
	206	servers that LOVE to send invalid TLS
	207	packets that abort connections! \o/ */
	208
	209	goto got_reply;
[8a9afe4]	210	}
	211	}
	212	else if( st == 0 )
	213	{
	214	goto got_reply;
	215	}
	216	}
	217	else
	218	{
	219	st = read( req->fd, buffer, sizeof( buffer ) );
	220	if( st < 0 )
	221	{
	222	if( !sockerr_again() )
	223	{
[7deb447]	224	req->status_string = g_strdup( strerror( errno ) );
[8a9afe4]	225	goto cleanup;
	226	}
	227	}
	228	else if( st == 0 )
	229	{
	230	goto got_reply;
	231	}
	232	}
	233
	234	if( st > 0 )
	235	{
	236	req->reply_headers = g_realloc( req->reply_headers, req->bytes_read + st + 1 );
	237	memcpy( req->reply_headers + req->bytes_read, buffer, st );
[52b3a99]	238	req->bytes_read += st;
[8a9afe4]	239	}
	240
	241	/* There will be more! */
[ba9edaa]	242	req->inpa = b_input_add( req->fd,
[e046390]	243	req->ssl ? ssl_getdirection( req->ssl ) : B_EV_IO_READ,
[ba9edaa]	244	http_incoming_data, req );
[8a9afe4]	245
[80acb6d]	246	if( ssl_pending( req->ssl ) )
	247	return http_incoming_data( data, source, cond );
	248	else
	249	return FALSE;
[8a9afe4]	250
	251	got_reply:
[0602496]	252	/* Maybe if the webserver is overloaded, or when there's bad SSL
	253	support... */
	254	if( req->bytes_read == 0 )
[7deb447]	255	{
	256	req->status_string = g_strdup( "Empty HTTP reply" );
[0602496]	257	goto cleanup;
[7deb447]	258	}
[0602496]	259
[8a9afe4]	260	/* Zero termination is very convenient. */
	261	req->reply_headers[req->bytes_read] = 0;
	262
	263	/* Find the separation between headers and body, and keep stupid
	264	webservers in mind. */
	265	end1 = strstr( req->reply_headers, "\r\n\r\n" );
	266	end2 = strstr( req->reply_headers, "\n\n" );
	267
	268	if( end2 && end2 < end1 )
	269	{
[52b3a99]	270	end1 = end2 + 1;
[8a9afe4]	271	evil_server = 1;
	272	}
[0eec386]	273	else if( end1 )
[52b3a99]	274	{
	275	end1 += 2;
	276	}
[0eec386]	277	else
[8a9afe4]	278	{
[7deb447]	279	req->status_string = g_strdup( "Malformed HTTP reply" );
[0eec386]	280	goto cleanup;
[52b3a99]	281	}
	282
[0eec386]	283	*end1 = 0;
	284
[bd31661]	285	if( getenv( "BITLBEE_DEBUG" ) )
[3f808ca]	286	printf( "HTTP response headers:\n%s\n", req->reply_headers );
[bd31661]	287
[0eec386]	288	if( evil_server )
	289	req->reply_body = end1 + 1;
	290	else
	291	req->reply_body = end1 + 2;
	292
[41e5202]	293	req->body_size = req->reply_headers + req->bytes_read - req->reply_body;
[0eec386]	294
[52b3a99]	295	if( ( end1 = strchr( req->reply_headers, ' ' ) ) != NULL )
	296	{
	297	if( sscanf( end1 + 1, "%d", &req->status_code ) != 1 )
[7deb447]	298	{
	299	req->status_string = g_strdup( "Can't parse status code" );
[52b3a99]	300	req->status_code = -1;
[7deb447]	301	}
	302	else
	303	{
	304	char *eol;
	305
	306	if( evil_server )
	307	eol = strchr( end1, '\n' );
	308	else
	309	eol = strchr( end1, '\r' );
	310
	311	req->status_string = g_strndup( end1 + 1, eol - end1 - 1 );
	312
	313	/* Just to be sure... */
	314	if( ( eol = strchr( req->status_string, '\r' ) ) )
	315	*eol = 0;
	316	if( ( eol = strchr( req->status_string, '\n' ) ) )
	317	*eol = 0;
	318	}
[52b3a99]	319	}
	320	else
	321	{
[7deb447]	322	req->status_string = g_strdup( "Can't locate status code" );
[52b3a99]	323	req->status_code = -1;
	324	}
	325
[3f808ca]	326	if( ( ( req->status_code >= 301 && req->status_code <= 303 ) \|\|
	327	req->status_code == 307 ) && req->redir_ttl-- > 0 )
[52b3a99]	328	{
	329	char loc, new_request, *new_host;
	330	int error = 0, new_port, new_proto;
	331
[7deb447]	332	/* We might fill it again, so let's not leak any memory. */
	333	g_free( req->status_string );
	334	req->status_string = NULL;
	335
[52b3a99]	336	loc = strstr( req->reply_headers, "\nLocation: " );
	337	if( loc == NULL ) /* We can't handle this redirect... */
[7deb447]	338	{
	339	req->status_string = g_strdup( "Can't locate Location: header" );
[52b3a99]	340	goto cleanup;
[7deb447]	341	}
[52b3a99]	342
	343	loc += 11;
	344	while( *loc == ' ' )
	345	loc ++;
	346
	347	/* TODO/FIXME: Possibly have to handle relative redirections,
	348	and rewrite Host: headers. Not necessary for now, it's
	349	enough for passport authentication like this. */
	350
	351	if( *loc == '/' )
	352	{
	353	/* Just a different pathname... */
	354
	355	/* Since we don't cache the servername, and since we
	356	don't need this yet anyway, I won't implement it. */
	357
[7deb447]	358	req->status_string = g_strdup( "Can't handle recursive redirects" );
	359
[52b3a99]	360	goto cleanup;
	361	}
[8a9afe4]	362	else
[52b3a99]	363	{
	364	/* A whole URL */
	365	url_t *url;
	366	char *s;
[03a8f8e]	367	const char *new_method;
[52b3a99]	368
	369	s = strstr( loc, "\r\n" );
	370	if( s == NULL )
	371	goto cleanup;
	372
	373	url = g_new0( url_t, 1 );
	374	*s = 0;
	375
	376	if( !url_set( url, loc ) )
	377	{
[7deb447]	378	req->status_string = g_strdup( "Malformed redirect URL" );
[52b3a99]	379	g_free( url );
	380	goto cleanup;
	381	}
	382
[03a8f8e]	383	/* Find all headers and, if necessary, the POST request contents.
	384	Skip the old Host: header though. This crappy code here means
	385	anything using this http_client MUST put the Host: header at
	386	the top. */
[dff732d]	387	if( !( ( s = strstr( req->request, "\r\nHost: " ) ) &&
	388	( s = strstr( s + strlen( "\r\nHost: " ), "\r\n" ) ) ) )
[52b3a99]	389	{
[7deb447]	390	req->status_string = g_strdup( "Error while rebuilding request string" );
[52b3a99]	391	g_free( url );
	392	goto cleanup;
	393	}
	394
[03a8f8e]	395	/* More or less HTTP/1.0 compliant, from my reading of RFC 2616.
	396	Always perform a GET request unless we received a 301. 303 was
	397	meant for this but it's HTTP/1.1-only and we're specifically
[3f808ca]	398	speaking HTTP/1.0. ...
	399
	400	Well except someone at identi.ca's didn't bother reading any
	401	RFCs and just return HTTP/1.1-specific status codes to HTTP/1.0
	402	requests. Fuckers. So here we are, handle 301..303,307. */
	403	if( strncmp( req->request, "GET", 3 ) == 0 )
	404	/* GETs never become POSTs. */
	405	new_method = "GET";
	406	else if( req->status_code == 302 \|\| req->status_code == 303 )
	407	/* 302 de-facto becomes GET, 303 as specified by RFC 2616#10.3.3 */
	408	new_method = "GET";
	409	else
	410	/* 301 de-facto should stay POST, 307 specifally RFC 2616#10.3.8 */
	411	new_method = "POST";
[03a8f8e]	412
	413	/* Okay, this isn't fun! We have to rebuild the request... :-( */
	414	new_request = g_strdup_printf( "%s %s HTTP/1.0\r\nHost: %s%s",
	415	new_method, url->file, url->host, s );
	416
[52b3a99]	417	new_host = g_strdup( url->host );
	418	new_port = url->port;
	419	new_proto = url->proto;
	420
[03a8f8e]	421	/* If we went from POST to GET, truncate the request content. */
	422	if( new_request[0] != req->request[0] && new_request[0] == 'G' &&
	423	( s = strstr( new_request, "\r\n\r\n" ) ) )
	424	s[4] = '\0';
	425
[52b3a99]	426	g_free( url );
	427	}
	428
	429	if( req->ssl )
	430	ssl_disconnect( req->ssl );
	431	else
	432	closesocket( req->fd );
	433
	434	req->fd = -1;
[7deb447]	435	req->ssl = NULL;
[52b3a99]	436
[bd31661]	437	if( getenv( "BITLBEE_DEBUG" ) )
[3f808ca]	438	printf( "New headers for redirected HTTP request:\n%s\n", new_request );
[bd31661]	439
[52b3a99]	440	if( new_proto == PROTO_HTTPS )
	441	{
	442	req->ssl = ssl_connect( new_host, new_port, http_ssl_connected, req );
	443	if( req->ssl == NULL )
	444	error = 1;
	445	}
	446	else
	447	{
	448	req->fd = proxy_connect( new_host, new_port, http_connected, req );
	449	if( req->fd < 0 )
	450	error = 1;
	451	}
[2db811a]	452	g_free( new_host );
[52b3a99]	453
	454	if( error )
	455	{
[7deb447]	456	req->status_string = g_strdup( "Connection problem during redirect" );
[52b3a99]	457	g_free( new_request );
	458	goto cleanup;
	459	}
	460
	461	g_free( req->request );
	462	g_free( req->reply_headers );
	463	req->request = new_request;
	464	req->request_length = strlen( new_request );
	465	req->bytes_read = req->bytes_written = req->inpa = 0;
	466	req->reply_headers = req->reply_body = NULL;
	467
[ba9edaa]	468	return FALSE;
[8a9afe4]	469	}
	470
	471	/* Assume that a closed connection means we're finished, this indeed
	472	breaks with keep-alive connections and faulty connections. */
	473	req->finished = 1;
	474
	475	cleanup:
	476	if( req->ssl )
	477	ssl_disconnect( req->ssl );
	478	else
[52b3a99]	479	closesocket( req->fd );
[8a9afe4]	480
[bd31661]	481	if( getenv( "BITLBEE_DEBUG" ) && req )
[3f808ca]	482	printf( "Finishing HTTP request with status: %s\n",
[bd31661]	483	req->status_string ? req->status_string : "NULL" );
	484
[8a9afe4]	485	req->func( req );
[fb98634]	486	http_free( req );
	487	return FALSE;
	488	}
	489
[516a9c6]	490	static void http_free( struct http_request *req )
[fb98634]	491	{
[8a9afe4]	492	g_free( req->request );
	493	g_free( req->reply_headers );
[7deb447]	494	g_free( req->status_string );
[8a9afe4]	495	g_free( req );
	496	}
[fb98634]	497

Note: See TracBrowser for help on using the repository browser.

Download in other formats: