2 * uclient - ustream based protocol client library
4 * Copyright (C) 2014 Felix Fietkau <nbd@openwrt.org>
6 * Permission to use, copy, modify, and/or distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
23 #include <libubox/ustream.h>
24 #include <libubox/ustream-ssl.h>
25 #include <libubox/usock.h>
26 #include <libubox/blobmsg.h>
29 #include "uclient-utils.h"
30 #include "uclient-backend.h"
48 HTTP_STATE_HEADERS_SENT,
49 HTTP_STATE_REQUEST_DONE,
50 HTTP_STATE_RECV_HEADERS,
55 static const char * const request_types[__REQ_MAX] = {
64 struct ustream_ssl_ctx *ssl_ctx;
67 struct ustream_fd ufd;
68 struct ustream_ssl ussl;
70 bool ssl_require_validation;
74 bool connection_close;
75 enum request_type req_type;
76 enum http_state state;
78 enum auth_type auth_type;
86 struct blob_buf headers;
96 static const char * const uclient_http_prefix[] = {
97 [PREFIX_HTTP] = "http://",
98 [PREFIX_HTTPS] = "https://",
102 static int uclient_do_connect(struct uclient_http *uh, const char *port)
106 if (uh->uc.url->port)
107 port = uh->uc.url->port;
109 fd = usock(USOCK_TCP | USOCK_NONBLOCK, uh->uc.url->host, port);
113 ustream_fd_init(&uh->ufd, fd);
117 static void uclient_http_disconnect(struct uclient_http *uh)
123 ustream_free(&uh->ussl.stream);
124 ustream_free(&uh->ufd.stream);
125 close(uh->ufd.fd.fd);
129 static void uclient_http_free_url_state(struct uclient *cl)
131 struct uclient_http *uh = container_of(cl, struct uclient_http, uc);
133 uh->auth_type = AUTH_TYPE_UNKNOWN;
136 uclient_http_disconnect(uh);
139 static void uclient_http_error(struct uclient_http *uh, int code)
141 uh->state = HTTP_STATE_ERROR;
143 ustream_state_change(uh->us);
144 uclient_backend_set_error(&uh->uc, code);
147 static void uclient_notify_eof(struct uclient_http *uh)
149 struct ustream *us = uh->us;
152 if (!us->eof && !us->write_error)
155 if (ustream_pending_data(us, false))
159 uclient_backend_set_eof(&uh->uc);
161 if (uh->connection_close)
162 uclient_http_disconnect(uh);
165 static void uclient_http_reset_state(struct uclient_http *uh)
167 uclient_backend_reset_state(&uh->uc);
168 uh->read_chunked = -1;
169 uh->content_length = -1;
171 uh->connection_close = false;
172 uh->state = HTTP_STATE_INIT;
174 if (uh->auth_type == AUTH_TYPE_UNKNOWN && !uh->uc.url->auth)
175 uh->auth_type = AUTH_TYPE_NONE;
178 static void uclient_http_init_request(struct uclient_http *uh)
180 uclient_http_reset_state(uh);
181 blob_buf_init(&uh->meta, 0);
184 static enum auth_type
185 uclient_http_update_auth_type(struct uclient_http *uh)
188 return AUTH_TYPE_NONE;
190 if (!strncasecmp(uh->auth_str, "basic", 5))
191 return AUTH_TYPE_BASIC;
193 if (!strncasecmp(uh->auth_str, "digest", 6))
194 return AUTH_TYPE_DIGEST;
196 return AUTH_TYPE_NONE;
199 static void uclient_http_process_headers(struct uclient_http *uh)
202 HTTP_HDR_TRANSFER_ENCODING,
204 HTTP_HDR_CONTENT_LENGTH,
208 static const struct blobmsg_policy hdr_policy[__HTTP_HDR_MAX] = {
209 #define hdr(_name) { .name = _name, .type = BLOBMSG_TYPE_STRING }
210 [HTTP_HDR_TRANSFER_ENCODING] = hdr("transfer-encoding"),
211 [HTTP_HDR_CONNECTION] = hdr("connection"),
212 [HTTP_HDR_CONTENT_LENGTH] = hdr("content-length"),
213 [HTTP_HDR_AUTH] = hdr("www-authenticate"),
216 struct blob_attr *tb[__HTTP_HDR_MAX];
217 struct blob_attr *cur;
219 blobmsg_parse(hdr_policy, __HTTP_HDR_MAX, tb, blob_data(uh->meta.head), blob_len(uh->meta.head));
221 cur = tb[HTTP_HDR_TRANSFER_ENCODING];
222 if (cur && strstr(blobmsg_data(cur), "chunked"))
223 uh->read_chunked = 0;
225 cur = tb[HTTP_HDR_CONNECTION];
226 if (cur && strstr(blobmsg_data(cur), "close"))
227 uh->connection_close = true;
229 cur = tb[HTTP_HDR_CONTENT_LENGTH];
231 uh->content_length = strtoul(blobmsg_data(cur), NULL, 10);
233 cur = tb[HTTP_HDR_AUTH];
236 uh->auth_str = strdup(blobmsg_data(cur));
239 uh->auth_type = uclient_http_update_auth_type(uh);
243 uclient_http_add_auth_basic(struct uclient_http *uh)
245 struct uclient_url *url = uh->uc.url;
246 int auth_len = strlen(url->auth);
252 auth_buf = alloca(base64_len(auth_len) + 1);
253 base64_encode(url->auth, auth_len, auth_buf);
254 ustream_printf(uh->us, "Authorization: Basic %s\r\n", auth_buf);
257 static char *digest_unquote_sep(char **str)
259 char *cur = *str + 1;
291 static bool strmatch(char **str, const char *prefix)
293 int len = strlen(prefix);
295 if (strncmp(*str, prefix, len) != 0 || (*str)[len] != '=')
303 get_cnonce(char *dest)
308 f = fopen("/dev/urandom", "r");
310 fread(&val, sizeof(val), 1, f);
314 bin_to_hex(dest, &val, sizeof(val));
317 static void add_field(char **buf, int *ofs, int *len, const char *name, const char *val)
319 int available = *len - *ofs;
327 required = strlen(name) + 4 + strlen(val) * 2;
328 if (required > available)
329 *len += required - available + 64;
331 *buf = realloc(*buf, *len);
336 cur += sprintf(cur, ", %s=\"", name);
338 while ((next = strchr(val, '"'))) {
340 memcpy(cur, val, next - val);
344 cur += sprintf(cur, "\\\"");
348 cur += sprintf(cur, "%s\"", val);
353 uclient_http_add_auth_digest(struct uclient_http *uh)
355 struct uclient_url *url = uh->uc.url;
356 const char *realm = NULL, *opaque = NULL;
357 const char *user, *password;
366 struct http_digest_data data = {
368 .cnonce = cnonce_str,
372 len = strlen(uh->auth_str) + 1;
377 strcpy(buf, uh->auth_str);
384 const char **dest = NULL;
386 while (isspace(*next))
389 if (strmatch(&next, "realm"))
391 else if (strmatch(&next, "qop"))
393 else if (strmatch(&next, "nonce"))
395 else if (strmatch(&next, "opaque"))
400 *dest = digest_unquote_sep(&next);
403 if (!realm || !data.qop || !data.nonce)
406 sprintf(nc_str, "%08x", uh->nc++);
407 get_cnonce(cnonce_str);
410 data.uri = url->location;
411 data.method = request_types[uh->req_type];
413 password = strchr(url->auth, ':');
417 len = password - url->auth;
421 user_buf = alloca(len + 1);
422 strncpy(user_buf, url->auth, len);
431 http_digest_calculate_auth_hash(ahash, user, realm, password);
432 http_digest_calculate_response(hash, &data);
438 add_field(&buf, &ofs, &len, "username", user);
439 add_field(&buf, &ofs, &len, "realm", realm);
440 add_field(&buf, &ofs, &len, "nonce", data.nonce);
441 add_field(&buf, &ofs, &len, "uri", data.uri);
442 add_field(&buf, &ofs, &len, "cnonce", data.cnonce);
443 add_field(&buf, &ofs, &len, "response", hash);
445 add_field(&buf, &ofs, &len, "opaque", opaque);
447 ustream_printf(uh->us, "Authorization: Digest nc=%s, qop=%s%s\r\n", data.nc, data.qop, buf);
452 uclient_http_add_auth_header(struct uclient_http *uh)
454 if (!uh->uc.url->auth)
457 switch (uh->auth_type) {
458 case AUTH_TYPE_UNKNOWN:
461 case AUTH_TYPE_BASIC:
462 uclient_http_add_auth_basic(uh);
464 case AUTH_TYPE_DIGEST:
465 uclient_http_add_auth_digest(uh);
471 uclient_http_send_headers(struct uclient_http *uh)
473 struct uclient_url *url = uh->uc.url;
474 struct blob_attr *cur;
475 enum request_type req_type = uh->req_type;
478 if (uh->state >= HTTP_STATE_HEADERS_SENT)
481 if (uh->auth_type == AUTH_TYPE_UNKNOWN)
484 ustream_printf(uh->us,
487 request_types[req_type],
488 url->location, url->host);
490 blobmsg_for_each_attr(cur, uh->headers.head, rem)
491 ustream_printf(uh->us, "%s: %s\n", blobmsg_name(cur), (char *) blobmsg_data(cur));
493 if (uh->req_type == REQ_POST)
494 ustream_printf(uh->us, "Transfer-Encoding: chunked\r\n");
496 uclient_http_add_auth_header(uh);
498 ustream_printf(uh->us, "\r\n");
501 static void uclient_http_headers_complete(struct uclient_http *uh)
503 enum auth_type auth_type = uh->auth_type;
505 uh->state = HTTP_STATE_RECV_DATA;
506 uh->uc.meta = uh->meta.head;
507 uclient_http_process_headers(uh);
509 if (auth_type == AUTH_TYPE_UNKNOWN) {
510 uclient_http_init_request(uh);
511 uclient_http_send_headers(uh);
512 uh->state = HTTP_STATE_REQUEST_DONE;
516 if (uh->uc.cb->header_done)
517 uh->uc.cb->header_done(&uh->uc);
519 if (uh->req_type == REQ_HEAD) {
521 uclient_notify_eof(uh);
525 static void uclient_parse_http_line(struct uclient_http *uh, char *data)
530 if (uh->state == HTTP_STATE_REQUEST_DONE) {
536 code = strsep(&data, " ");
540 uh->uc.status_code = strtoul(code, &sep, 10);
544 uh->state = HTTP_STATE_RECV_HEADERS;
549 uclient_http_headers_complete(uh);
553 sep = strchr(data, ':');
559 for (name = data; *name; name++)
560 *name = tolower(*name);
563 while (isspace(*sep))
566 blobmsg_add_string(&uh->meta, name, sep);
570 uh->uc.status_code = 400;
572 uclient_notify_eof(uh);
575 static void __uclient_notify_read(struct uclient_http *uh)
577 struct uclient *uc = &uh->uc;
581 if (uh->state < HTTP_STATE_REQUEST_DONE || uh->state == HTTP_STATE_ERROR)
584 data = ustream_get_read_buf(uh->us, &len);
588 if (uh->state < HTTP_STATE_RECV_DATA) {
593 sep = strstr(data, "\r\n");
597 /* Check for multi-line HTTP headers */
602 if (isspace(sep[2]) && sep[2] != '\r') {
610 cur_len = sep + 2 - data;
611 uclient_parse_http_line(uh, data);
612 ustream_consume(uh->us, cur_len);
615 data = ustream_get_read_buf(uh->us, &len);
616 } while (data && uh->state < HTTP_STATE_RECV_DATA);
622 if (uh->state == HTTP_STATE_RECV_DATA && uc->cb->data_read)
623 uc->cb->data_read(uc);
626 static void uclient_notify_read(struct ustream *us, int bytes)
628 struct uclient_http *uh = container_of(us, struct uclient_http, ufd.stream);
630 __uclient_notify_read(uh);
633 static void uclient_notify_state(struct ustream *us)
635 struct uclient_http *uh = container_of(us, struct uclient_http, ufd.stream);
637 uclient_notify_eof(uh);
640 static int uclient_setup_http(struct uclient_http *uh)
642 struct ustream *us = &uh->ufd.stream;
646 us->string_data = true;
647 us->notify_state = uclient_notify_state;
648 us->notify_read = uclient_notify_read;
650 ret = uclient_do_connect(uh, "80");
657 static void uclient_ssl_notify_read(struct ustream *us, int bytes)
659 struct uclient_http *uh = container_of(us, struct uclient_http, ussl.stream);
661 __uclient_notify_read(uh);
664 static void uclient_ssl_notify_state(struct ustream *us)
666 struct uclient_http *uh = container_of(us, struct uclient_http, ussl.stream);
668 uclient_notify_eof(uh);
671 static void uclient_ssl_notify_error(struct ustream_ssl *ssl, int error, const char *str)
673 struct uclient_http *uh = container_of(ssl, struct uclient_http, ussl);
675 uclient_http_error(uh, UCLIENT_ERROR_CONNECT);
678 static void uclient_ssl_notify_verify_error(struct ustream_ssl *ssl, int error, const char *str)
680 struct uclient_http *uh = container_of(ssl, struct uclient_http, ussl);
682 if (!uh->ssl_require_validation)
685 uclient_http_error(uh, UCLIENT_ERROR_SSL_INVALID_CERT);
688 static void uclient_ssl_notify_connected(struct ustream_ssl *ssl)
690 struct uclient_http *uh = container_of(ssl, struct uclient_http, ussl);
692 if (!uh->ssl_require_validation)
695 if (!uh->ussl.valid_cn)
696 uclient_http_error(uh, UCLIENT_ERROR_SSL_CN_MISMATCH);
699 static int uclient_setup_https(struct uclient_http *uh)
701 struct ustream *us = &uh->ussl.stream;
707 ret = uclient_do_connect(uh, "443");
712 uh->ssl_ctx = ustream_ssl_context_new(false);
714 us->string_data = true;
715 us->notify_state = uclient_ssl_notify_state;
716 us->notify_read = uclient_ssl_notify_read;
717 uh->ussl.notify_error = uclient_ssl_notify_error;
718 uh->ussl.notify_verify_error = uclient_ssl_notify_verify_error;
719 uh->ussl.notify_connected = uclient_ssl_notify_connected;
720 ustream_ssl_init(&uh->ussl, &uh->ufd.stream, uh->ssl_ctx, false);
721 ustream_ssl_set_peer_cn(&uh->ussl, uh->uc.url->host);
726 static int uclient_http_connect(struct uclient *cl)
728 struct uclient_http *uh = container_of(cl, struct uclient_http, uc);
731 uclient_http_init_request(uh);
736 uh->ssl = cl->url->prefix == PREFIX_HTTPS;
739 ret = uclient_setup_https(uh);
741 ret = uclient_setup_http(uh);
744 uclient_http_error(uh, UCLIENT_ERROR_CONNECT);
749 static struct uclient *uclient_http_alloc(void)
751 struct uclient_http *uh;
753 uh = calloc_a(sizeof(*uh));
754 blob_buf_init(&uh->headers, 0);
759 static void uclient_http_free_ssl_ctx(struct uclient_http *uh)
761 if (uh->ssl_ctx && !uh->ssl_ctx_ext)
762 ustream_ssl_context_free(uh->ssl_ctx);
764 uh->ssl_ctx_ext = false;
767 static void uclient_http_free(struct uclient *cl)
769 struct uclient_http *uh = container_of(cl, struct uclient_http, uc);
771 uclient_http_free_ssl_ctx(uh);
772 uclient_http_free_url_state(cl);
773 blob_buf_free(&uh->headers);
774 blob_buf_free(&uh->meta);
779 uclient_http_set_request_type(struct uclient *cl, const char *type)
781 struct uclient_http *uh = container_of(cl, struct uclient_http, uc);
784 if (cl->backend != &uclient_backend_http)
787 if (uh->state > HTTP_STATE_INIT)
790 for (i = 0; i < ARRAY_SIZE(request_types); i++) {
791 if (strcmp(request_types[i], type) != 0)
802 uclient_http_reset_headers(struct uclient *cl, const char *name, const char *value)
804 struct uclient_http *uh = container_of(cl, struct uclient_http, uc);
806 blob_buf_init(&uh->headers, 0);
812 uclient_http_set_header(struct uclient *cl, const char *name, const char *value)
814 struct uclient_http *uh = container_of(cl, struct uclient_http, uc);
816 if (cl->backend != &uclient_backend_http)
819 if (uh->state > HTTP_STATE_INIT)
822 blobmsg_add_string(&uh->headers, name, value);
827 uclient_http_send_data(struct uclient *cl, char *buf, unsigned int len)
829 struct uclient_http *uh = container_of(cl, struct uclient_http, uc);
831 if (uh->state >= HTTP_STATE_REQUEST_DONE)
834 uclient_http_send_headers(uh);
836 ustream_printf(uh->us, "%X\r\n", len);
838 ustream_write(uh->us, buf, len, false);
839 ustream_printf(uh->us, "\r\n");
845 uclient_http_request_done(struct uclient *cl)
847 struct uclient_http *uh = container_of(cl, struct uclient_http, uc);
849 if (uh->state >= HTTP_STATE_REQUEST_DONE)
852 uclient_http_send_headers(uh);
853 uh->state = HTTP_STATE_REQUEST_DONE;
859 uclient_http_read(struct uclient *cl, char *buf, unsigned int len)
861 struct uclient_http *uh = container_of(cl, struct uclient_http, uc);
863 char *data, *data_end;
865 if (uh->state < HTTP_STATE_RECV_DATA || !uh->us)
868 data = ustream_get_read_buf(uh->us, &read_len);
869 if (!data || !read_len)
872 data_end = data + read_len;
875 if (uh->read_chunked == 0) {
878 if (data[0] == '\r' && data[1] == '\n') {
883 sep = strstr(data, "\r\n");
888 uh->read_chunked = strtoul(data, NULL, 16);
890 read_len += sep + 2 - data;
893 if (!uh->read_chunked)
897 if (len > data_end - data)
898 len = data_end - data;
900 if (uh->read_chunked >= 0) {
901 if (len > uh->read_chunked)
902 len = uh->read_chunked;
904 uh->read_chunked -= len;
905 } else if (uh->content_length >= 0) {
906 if (len > uh->content_length)
907 len = uh->content_length;
909 uh->content_length -= len;
910 if (!uh->content_length)
916 memcpy(buf, data, len);
920 ustream_consume(uh->us, read_len);
922 uclient_notify_eof(uh);
927 bool uclient_http_redirect(struct uclient *cl)
929 struct uclient_http *uh = container_of(cl, struct uclient_http, uc);
930 struct blobmsg_policy location = {
932 .type = BLOBMSG_TYPE_STRING,
934 struct uclient_url *url = cl->url;
935 struct blob_attr *tb;
937 if (cl->backend != &uclient_backend_http)
940 switch (cl->status_code) {
949 blobmsg_parse(&location, 1, &tb, blob_data(uh->meta.head), blob_len(uh->meta.head));
953 url = uclient_get_url(blobmsg_data(tb), url->auth);
959 uclient_http_connect(cl);
960 uclient_http_request_done(cl);
965 int uclient_http_set_ssl_ctx(struct uclient *cl, struct ustream_ssl_ctx *ctx, bool require_validation)
967 struct uclient_http *uh = container_of(cl, struct uclient_http, uc);
969 if (cl->backend != &uclient_backend_http)
972 uclient_http_free_url_state(cl);
974 uclient_http_free_ssl_ctx(uh);
976 uh->ssl_ctx_ext = !!ctx;
977 uh->ssl_require_validation = !!ctx && require_validation;
982 const struct uclient_backend uclient_backend_http = {
983 .prefix = uclient_http_prefix,
985 .alloc = uclient_http_alloc,
986 .free = uclient_http_free,
987 .connect = uclient_http_connect,
988 .update_url = uclient_http_free_url_state,
990 .read = uclient_http_read,
991 .write = uclient_http_send_data,
992 .request = uclient_http_request_done,