X-Git-Url: http://git.archive.openwrt.org/?p=project%2Fuclient.git;a=blobdiff_plain;f=uclient-http.c;h=1cc60e3051880303b9622ddacaa6275593463a29;hp=fcf3b9b84a2760f08bc9a771b34b041c80035372;hb=5e0b24f3a921081162706598d1ebea9d403d3187;hpb=c62d6b1e6aabe9db364c3c1d9000048ea7bb1de5 diff --git a/uclient-http.c b/uclient-http.c index fcf3b9b..1cc60e3 100644 --- a/uclient-http.c +++ b/uclient-http.c @@ -1,6 +1,7 @@ #include #include #include +#include #include #include @@ -11,7 +12,12 @@ #include "uclient-utils.h" #include "uclient-backend.h" -static struct ustream_ssl_ctx *ssl_ctx; +enum auth_type { + AUTH_TYPE_UNKNOWN, + AUTH_TYPE_NONE, + AUTH_TYPE_BASIC, + AUTH_TYPE_DIGEST, +}; enum request_type { REQ_GET, @@ -38,6 +44,7 @@ static const char * const request_types[__REQ_MAX] = { struct uclient_http { struct uclient uc; + struct ustream_ssl_ctx *ssl_ctx; struct ustream *us; struct ustream_fd ufd; @@ -45,10 +52,17 @@ struct uclient_http { bool ssl; bool eof; + bool connection_close; enum request_type req_type; enum http_state state; + enum auth_type auth_type; + char *auth_str; + long read_chunked; + long content_length; + + uint32_t nc; struct blob_buf headers; struct blob_buf meta; @@ -81,6 +95,28 @@ static int uclient_do_connect(struct uclient_http *uh, const char *port) return 0; } +static void uclient_http_disconnect(struct uclient_http *uh) +{ + if (!uh->us) + return; + + if (uh->ssl) + ustream_free(&uh->ussl.stream); + ustream_free(&uh->ufd.stream); + close(uh->ufd.fd.fd); + uh->us = NULL; +} + +static void uclient_http_free_url_state(struct uclient *cl) +{ + struct uclient_http *uh = container_of(cl, struct uclient_http, uc); + + uh->auth_type = AUTH_TYPE_UNKNOWN; + free(uh->auth_str); + uh->auth_str = NULL; + uclient_http_disconnect(uh); +} + static void uclient_notify_eof(struct uclient_http *uh) { struct ustream *us = uh->us; @@ -94,17 +130,60 @@ static void uclient_notify_eof(struct uclient_http *uh) } uclient_backend_set_eof(&uh->uc); + + if (uh->connection_close) + uclient_http_disconnect(uh); +} + +static void uclient_http_reset_state(struct uclient_http *uh) +{ + uclient_backend_reset_state(&uh->uc); + uh->read_chunked = -1; + uh->content_length = -1; + uh->eof = false; + uh->connection_close = false; + uh->state = HTTP_STATE_INIT; + + if (uh->auth_type == AUTH_TYPE_UNKNOWN && !uh->uc.url->auth) + uh->auth_type = AUTH_TYPE_NONE; +} + +static void uclient_http_init_request(struct uclient_http *uh) +{ + uclient_http_reset_state(uh); + blob_buf_init(&uh->meta, 0); +} + +static enum auth_type +uclient_http_update_auth_type(struct uclient_http *uh) +{ + if (!uh->auth_str) + return AUTH_TYPE_NONE; + + if (!strncasecmp(uh->auth_str, "basic", 5)) + return AUTH_TYPE_BASIC; + + if (!strncasecmp(uh->auth_str, "digest", 6)) + return AUTH_TYPE_DIGEST; + + return AUTH_TYPE_NONE; } static void uclient_http_process_headers(struct uclient_http *uh) { enum { HTTP_HDR_TRANSFER_ENCODING, + HTTP_HDR_CONNECTION, + HTTP_HDR_CONTENT_LENGTH, + HTTP_HDR_AUTH, __HTTP_HDR_MAX, }; static const struct blobmsg_policy hdr_policy[__HTTP_HDR_MAX] = { #define hdr(_name) { .name = _name, .type = BLOBMSG_TYPE_STRING } [HTTP_HDR_TRANSFER_ENCODING] = hdr("transfer-encoding"), + [HTTP_HDR_CONNECTION] = hdr("connection"), + [HTTP_HDR_CONTENT_LENGTH] = hdr("content-length"), + [HTTP_HDR_AUTH] = hdr("www-authenticate"), #undef hdr }; struct blob_attr *tb[__HTTP_HDR_MAX]; @@ -115,6 +194,305 @@ static void uclient_http_process_headers(struct uclient_http *uh) cur = tb[HTTP_HDR_TRANSFER_ENCODING]; if (cur && strstr(blobmsg_data(cur), "chunked")) uh->read_chunked = 0; + + cur = tb[HTTP_HDR_CONNECTION]; + if (cur && strstr(blobmsg_data(cur), "close")) + uh->connection_close = true; + + cur = tb[HTTP_HDR_CONTENT_LENGTH]; + if (cur) + uh->content_length = strtoul(blobmsg_data(cur), NULL, 10); + + cur = tb[HTTP_HDR_AUTH]; + if (cur) { + free(uh->auth_str); + uh->auth_str = strdup(blobmsg_data(cur)); + } + + uh->auth_type = uclient_http_update_auth_type(uh); +} + +static void +uclient_http_add_auth_basic(struct uclient_http *uh) +{ + struct uclient_url *url = uh->uc.url; + int auth_len = strlen(url->auth); + char *auth_buf; + + if (auth_len > 512) + return; + + auth_buf = alloca(base64_len(auth_len) + 1); + base64_encode(url->auth, auth_len, auth_buf); + ustream_printf(uh->us, "Authorization: Basic %s\r\n", auth_buf); +} + +static char *digest_unquote_sep(char **str) +{ + char *cur = *str + 1; + char *start = cur; + char *out; + + if (**str != '"') + return NULL; + + out = cur; + while (1) { + if (!*cur) + return NULL; + + if (*cur == '"') { + cur++; + break; + } + + if (*cur == '\\') + cur++; + + *(out++) = *(cur++); + } + + if (*cur == ',') + cur++; + + *out = 0; + *str = cur; + + return start; +} + +static bool strmatch(char **str, const char *prefix) +{ + int len = strlen(prefix); + + if (strncmp(*str, prefix, len) != 0 || (*str)[len] != '=') + return false; + + *str += len + 1; + return true; +} + +static void +get_cnonce(char *dest) +{ + uint32_t val = 0; + FILE *f; + + f = fopen("/dev/urandom", "r"); + if (f) { + fread(&val, sizeof(val), 1, f); + fclose(f); + } + + bin_to_hex(dest, &val, sizeof(val)); +} + +static void add_field(char **buf, int *ofs, int *len, const char *name, const char *val) +{ + int available = *len - *ofs; + int required; + const char *next; + char *cur; + + if (*len && !*buf) + return; + + required = strlen(name) + 4 + strlen(val) * 2; + if (required > available) + *len += required - available + 64; + + *buf = realloc(*buf, *len); + if (!*buf) + return; + + cur = *buf + *ofs; + cur += sprintf(cur, ", %s=\"", name); + + while ((next = strchr(val, '"'))) { + if (next > val) { + memcpy(cur, val, next - val); + cur += next - val; + } + + cur += sprintf(cur, "\\\""); + val = next + 1; + } + + cur += sprintf(cur, "%s\"", val); + *ofs = cur - *buf; +} + +static void +uclient_http_add_auth_digest(struct uclient_http *uh) +{ + struct uclient_url *url = uh->uc.url; + const char *realm = NULL, *opaque = NULL; + const char *user, *password; + char *buf, *next; + int len, ofs; + + char cnonce_str[9]; + char nc_str[9]; + char ahash[33]; + char hash[33]; + + struct http_digest_data data = { + .nc = nc_str, + .cnonce = cnonce_str, + .auth_hash = ahash, + }; + + len = strlen(uh->auth_str) + 1; + if (len > 512) + return; + + buf = alloca(len); + strcpy(buf, uh->auth_str); + + /* skip auth type */ + strsep(&buf, " "); + + next = buf; + while (*next) { + const char **dest = NULL; + + while (isspace(*next)) + next++; + + if (strmatch(&next, "realm")) + dest = &realm; + else if (strmatch(&next, "qop")) + dest = &data.qop; + else if (strmatch(&next, "nonce")) + dest = &data.nonce; + else if (strmatch(&next, "opaque")) + dest = &opaque; + else + return; + + *dest = digest_unquote_sep(&next); + } + + if (!realm || !data.qop || !data.nonce) + return; + + sprintf(nc_str, "%08x", uh->nc++); + get_cnonce(cnonce_str); + + data.qop = "auth"; + data.uri = url->location; + data.method = request_types[uh->req_type]; + + password = strchr(url->auth, ':'); + if (password) { + char *user_buf; + + len = password - url->auth; + if (len > 256) + return; + + user_buf = alloca(len + 1); + strncpy(user_buf, url->auth, len); + user_buf[len] = 0; + user = user_buf; + password++; + } else { + user = url->auth; + password = ""; + } + + http_digest_calculate_auth_hash(ahash, user, realm, password); + http_digest_calculate_response(hash, &data); + + buf = NULL; + len = 0; + ofs = 0; + + add_field(&buf, &ofs, &len, "username", user); + add_field(&buf, &ofs, &len, "realm", realm); + add_field(&buf, &ofs, &len, "nonce", data.nonce); + add_field(&buf, &ofs, &len, "uri", data.uri); + add_field(&buf, &ofs, &len, "cnonce", data.cnonce); + add_field(&buf, &ofs, &len, "response", hash); + if (opaque) + add_field(&buf, &ofs, &len, "opaque", opaque); + + ustream_printf(uh->us, "Authorization: Digest nc=%s, qop=%s%s\r\n", data.nc, data.qop, buf); + free(buf); +} + +static void +uclient_http_add_auth_header(struct uclient_http *uh) +{ + if (!uh->uc.url->auth) + return; + + switch (uh->auth_type) { + case AUTH_TYPE_UNKNOWN: + case AUTH_TYPE_NONE: + break; + case AUTH_TYPE_BASIC: + uclient_http_add_auth_basic(uh); + break; + case AUTH_TYPE_DIGEST: + uclient_http_add_auth_digest(uh); + break; + } +} + +static void +uclient_http_send_headers(struct uclient_http *uh) +{ + struct uclient_url *url = uh->uc.url; + struct blob_attr *cur; + enum request_type req_type = uh->req_type; + int rem; + + if (uh->state >= HTTP_STATE_HEADERS_SENT) + return; + + if (uh->auth_type == AUTH_TYPE_UNKNOWN) + req_type = REQ_HEAD; + + ustream_printf(uh->us, + "%s %s HTTP/1.1\r\n" + "Host: %s\r\n", + request_types[req_type], + url->location, url->host); + + blobmsg_for_each_attr(cur, uh->headers.head, rem) + ustream_printf(uh->us, "%s: %s\n", blobmsg_name(cur), (char *) blobmsg_data(cur)); + + if (uh->req_type == REQ_POST) + ustream_printf(uh->us, "Transfer-Encoding: chunked\r\n"); + + uclient_http_add_auth_header(uh); + + ustream_printf(uh->us, "\r\n"); +} + +static void uclient_http_headers_complete(struct uclient_http *uh) +{ + enum auth_type auth_type = uh->auth_type; + + uh->state = HTTP_STATE_RECV_DATA; + uh->uc.meta = uh->meta.head; + uclient_http_process_headers(uh); + + if (auth_type == AUTH_TYPE_UNKNOWN) { + uclient_http_init_request(uh); + uclient_http_send_headers(uh); + uh->state = HTTP_STATE_REQUEST_DONE; + return; + } + + if (uh->uc.cb->header_done) + uh->uc.cb->header_done(&uh->uc); + + if (uh->req_type == REQ_HEAD) { + uh->eof = true; + uclient_notify_eof(uh); + } } static void uclient_parse_http_line(struct uclient_http *uh, char *data) @@ -123,16 +501,25 @@ static void uclient_parse_http_line(struct uclient_http *uh, char *data) char *sep; if (uh->state == HTTP_STATE_REQUEST_DONE) { + char *code; + + /* HTTP/1.1 */ + strsep(&data, " "); + + code = strsep(&data, " "); + if (!code) + goto error; + + uh->uc.status_code = strtoul(code, &sep, 10); + if (sep && *sep) + goto error; + uh->state = HTTP_STATE_RECV_HEADERS; return; } if (!*data) { - uh->state = HTTP_STATE_RECV_DATA; - uh->uc.meta = uh->meta.head; - uclient_http_process_headers(uh); - if (uh->uc.cb->header_done) - uh->uc.cb->header_done(&uh->uc); + uclient_http_headers_complete(uh); return; } @@ -150,6 +537,12 @@ static void uclient_parse_http_line(struct uclient_http *uh, char *data) sep++; blobmsg_add_string(&uh->meta, name, sep); + return; + +error: + uh->uc.status_code = 400; + uh->eof = true; + uclient_notify_eof(uh); } static void __uclient_notify_read(struct uclient_http *uh) @@ -193,7 +586,7 @@ static void __uclient_notify_read(struct uclient_http *uh) len -= cur_len; data = ustream_get_read_buf(uh->us, &len); - } while (uh->state < HTTP_STATE_RECV_DATA); + } while (data && uh->state < HTTP_STATE_RECV_DATA); if (!len) return; @@ -260,42 +653,27 @@ static int uclient_setup_https(struct uclient_http *uh) if (ret) return ret; - if (!ssl_ctx) - ssl_ctx = ustream_ssl_context_new(false); + if (!uh->ssl_ctx) + uh->ssl_ctx = ustream_ssl_context_new(false); us->string_data = true; us->notify_state = uclient_ssl_notify_state; us->notify_read = uclient_ssl_notify_read; - ustream_ssl_init(&uh->ussl, &uh->ufd.stream, ssl_ctx, false); + ustream_ssl_init(&uh->ussl, &uh->ufd.stream, uh->ssl_ctx, false); return 0; } -static void uclient_http_disconnect(struct uclient_http *uh) -{ - uclient_backend_reset_state(&uh->uc); - uh->read_chunked = -1; - uh->eof = false; - - if (!uh->us) - return; - - if (uh->ssl) - ustream_free(&uh->ussl.stream); - ustream_free(&uh->ufd.stream); - close(uh->ufd.fd.fd); - uh->us = NULL; -} - static int uclient_http_connect(struct uclient *cl) { struct uclient_http *uh = container_of(cl, struct uclient_http, uc); - uclient_http_disconnect(uh); - blob_buf_init(&uh->meta, 0); + uclient_http_init_request(uh); + + if (uh->us) + return 0; uh->ssl = cl->url->prefix == PREFIX_HTTPS; - uh->state = HTTP_STATE_INIT; if (uh->ssl) return uclient_setup_https(uh); @@ -317,7 +695,10 @@ static void uclient_http_free(struct uclient *cl) { struct uclient_http *uh = container_of(cl, struct uclient_http, uc); - uclient_http_disconnect(uh); + if (uh->ssl_ctx) + ustream_ssl_context_free(uh->ssl_ctx); + + uclient_http_free_url_state(cl); blob_buf_free(&uh->headers); blob_buf_free(&uh->meta); free(uh); @@ -371,44 +752,6 @@ uclient_http_set_header(struct uclient *cl, const char *name, const char *value) return 0; } -static void -uclient_http_send_headers(struct uclient_http *uh) -{ - struct uclient_url *url = uh->uc.url; - struct blob_attr *cur; - int rem; - - if (uh->state >= HTTP_STATE_HEADERS_SENT) - return; - - ustream_printf(uh->us, - "%s /%s HTTP/1.1\r\n" - "Host: %s\r\n" - "Connection: close\r\n", - request_types[uh->req_type], - url->location, url->host); - - blobmsg_for_each_attr(cur, uh->headers.head, rem) - ustream_printf(uh->us, "%s: %s\n", blobmsg_name(cur), (char *) blobmsg_data(cur)); - - if (url->auth) { - int auth_len = strlen(url->auth); - char *auth_buf; - - if (auth_len > 512) - return; - - auth_buf = alloca(base64_len(auth_len) + 1); - base64_encode(url->auth, auth_len, auth_buf); - ustream_printf(uh->us, "Authorization: Basic %s\r\n", auth_buf); - } - - if (uh->req_type == REQ_POST) - ustream_printf(uh->us, "Transfer-Encoding: chunked\r\n"); - - ustream_printf(uh->us, "\r\n"); -} - static int uclient_http_send_data(struct uclient *cl, char *buf, unsigned int len) { @@ -420,7 +763,8 @@ uclient_http_send_data(struct uclient *cl, char *buf, unsigned int len) uclient_http_send_headers(uh); ustream_printf(uh->us, "%X\r\n", len); - ustream_write(uh->us, buf, len, false); + if (len > 0) + ustream_write(uh->us, buf, len, false); ustream_printf(uh->us, "\r\n"); return len; @@ -447,7 +791,7 @@ uclient_http_read(struct uclient *cl, char *buf, unsigned int len) int read_len = 0; char *data, *data_end; - if (uh->state < HTTP_STATE_RECV_DATA) + if (uh->state < HTTP_STATE_RECV_DATA || !uh->us) return 0; data = ustream_get_read_buf(uh->us, &read_len); @@ -487,6 +831,13 @@ uclient_http_read(struct uclient *cl, char *buf, unsigned int len) len = uh->read_chunked; uh->read_chunked -= len; + } else if (uh->content_length >= 0) { + if (len > uh->content_length) + len = uh->content_length; + + uh->content_length -= len; + if (!uh->content_length) + uh->eof = true; } if (len > 0) { @@ -502,12 +853,51 @@ uclient_http_read(struct uclient *cl, char *buf, unsigned int len) return len; } -const struct uclient_backend uclient_backend_http __hidden = { +bool uclient_http_redirect(struct uclient *cl) +{ + struct uclient_http *uh = container_of(cl, struct uclient_http, uc); + struct blobmsg_policy location = { + .name = "location", + .type = BLOBMSG_TYPE_STRING, + }; + struct uclient_url *url = cl->url; + struct blob_attr *tb; + + if (cl->backend != &uclient_backend_http) + return false; + + switch (cl->status_code) { + case 301: + case 302: + case 307: + break; + default: + return false; + } + + blobmsg_parse(&location, 1, &tb, blob_data(uh->meta.head), blob_len(uh->meta.head)); + if (!tb) + return false; + + url = uclient_get_url(blobmsg_data(tb), url->auth); + if (!url) + return false; + + free(cl->url); + cl->url = url; + uclient_http_connect(cl); + uclient_http_request_done(cl); + + return true; +} + +const struct uclient_backend uclient_backend_http = { .prefix = uclient_http_prefix, .alloc = uclient_http_alloc, .free = uclient_http_free, .connect = uclient_http_connect, + .update_url = uclient_http_free_url_state, .read = uclient_http_read, .write = uclient_http_send_data,