]> git.ipfire.org Git - thirdparty/cups.git/blame - cups/http.c
projects / thirdparty / cups.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Update documentation and dependencies for 1.5b1.
[thirdparty/cups.git] / cups / http.c
CommitLineData
3840d6ba 1/*
c9d3f842 2 * "$Id$"
3840d6ba 3 *
3d94661a 4 * HTTP routines for CUPS.
fd8b1cf8 5 *
9d3a7e46 6 * Copyright 2007-2011 by Apple Inc.
d220c7b8 7 * Copyright 1997-2007 by Easy Software Products, all rights reserved.
fd8b1cf8 8 *
cf94bcb1 9 * This file contains Kerberos support code, copyright 2006 by
10 * Jelmer Vernooij.
11 *
b38fb7fc 12 * These coded instructions, statements, and computer programs are the
4e8d321f 13 * property of Apple Inc. and are protected by Federal copyright
14 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
15 * which should have been included with this file. If this file is
16 * file is missing or damaged, see the license at "http://www.cups.org/".
3840d6ba 17 *
dab1a4d8 18 * This file is subject to the Apple OS-Developed Software exception.
19 *
3840d6ba 20 * Contents:
21 *
b9738d7c 22 * httpAddCredential() - Allocates and adds a single credential to an
23 * array.
24 * _httpBIOMethods() - Get the OpenSSL BIO methods for HTTP
25 * connections.
26 * httpBlocking() - Set blocking/non-blocking behavior on a
27 * connection.
28 * httpCheck() - Check to see if there is a pending response
29 * from the server.
30 * httpClearCookie() - Clear the cookie value(s).
31 * httpClearFields() - Clear HTTP request fields.
32 * httpClose() - Close an HTTP connection.
33 * httpConnect() - Connect to a HTTP server.
34 * httpConnectEncrypt() - Connect to a HTTP server using encryption.
35 * httpCopyCredentials() - Copy the credentials associated with an
36 * encrypted connection.
37 * _httpConvertCredentials() - Convert credentials to the internal format.
38 * _httpCreate() - Create an unconnected HTTP connection.
39 * httpDelete() - Send a DELETE request to the server.
40 * _httpDisconnect() - Disconnect a HTTP connection.
41 * httpEncryption() - Set the required encryption on the link.
42 * httpError() - Get the last error on a connection.
43 * httpFlush() - Flush data from a HTTP connection.
44 * httpFlushWrite() - Flush data in write buffer.
45 * _httpFreeCredentials() - Free internal credentials.
46 * httpFreeCredentials() - Free an array of credentials.
47 * httpGet() - Send a GET request to the server.
48 * httpGetAuthString() - Get the current authorization string.
49 * httpGetBlocking() - Get the blocking/non-block state of a
50 * connection.
51 * httpGetCookie() - Get any cookie data from the response.
52 * httpGetFd() - Get the file descriptor associated with a
53 * connection.
54 * httpGetField() - Get a field value from a request/response.
55 * httpGetLength() - Get the amount of data remaining from the
56 * content-length or transfer-encoding fields.
57 * httpGetLength2() - Get the amount of data remaining from the
58 * content-length or transfer-encoding fields.
59 * httpGetStatus() - Get the status of the last HTTP request.
60 * httpGetSubField() - Get a sub-field value.
61 * httpGetSubField2() - Get a sub-field value.
62 * httpGets() - Get a line of text from a HTTP connection.
63 * httpHead() - Send a HEAD request to the server.
64 * httpInitialize() - Initialize the HTTP interface library and set
65 * the default HTTP proxy (if any).
66 * httpOptions() - Send an OPTIONS request to the server.
67 * _httpPeek() - Peek at data from a HTTP connection.
68 * httpPost() - Send a POST request to the server.
69 * httpPrintf() - Print a formatted string to a HTTP connection.
70 * httpPut() - Send a PUT request to the server.
71 * httpRead() - Read data from a HTTP connection.
72 * httpRead2() - Read data from a HTTP connection.
73 * _httpReadCDSA() - Read function for the CDSA library.
74 * _httpReadGNUTLS() - Read function for the GNU TLS library.
75 * httpReconnect() - Reconnect to a HTTP server.
76 * httpSetAuthString() - Set the current authorization string.
77 * httpSetCredentials() - Set the credentials associated with an
78 * encrypted connection.
79 * httpSetCookie() - Set the cookie value(s).
80 * httpSetExpect() - Set the Expect: header in a request.
81 * httpSetField() - Set the value of an HTTP header.
82 * httpSetLength() - Set the content-length and content-encoding.
a3aff7d2 83 * _httpSetTimeout() - Set read/write timeouts and an optional
84 * callback.
b9738d7c 85 * httpTrace() - Send an TRACE request to the server.
205bf9e8 86 * _httpUpdate() - Update the current HTTP status for incoming
87 * data.
b9738d7c 88 * httpUpdate() - Update the current HTTP state for incoming
89 * data.
90 * _httpWait() - Wait for data available on a connection (no
91 * flush).
92 * httpWait() - Wait for data available on a connection.
93 * httpWrite() - Write data to a HTTP connection.
94 * httpWrite2() - Write data to a HTTP connection.
95 * _httpWriteCDSA() - Write function for the CDSA library.
96 * _httpWriteGNUTLS() - Write function for the GNU TLS library.
97 * http_bio_ctrl() - Control the HTTP connection.
98 * http_bio_free() - Free OpenSSL data.
99 * http_bio_new() - Initialize an OpenSSL BIO structure.
100 * http_bio_puts() - Send a string for OpenSSL.
101 * http_bio_read() - Read data for OpenSSL.
102 * http_bio_write() - Write data for OpenSSL.
103 * http_debug_hex() - Do a hex dump of a buffer.
104 * http_field() - Return the field index for a field name.
105 * http_read_ssl() - Read from a SSL/TLS connection.
106 * http_locking_cb() - Lock/unlock a thread's mutex.
107 * http_send() - Send a request with all fields and the trailing
108 * blank line.
109 * http_set_credentials() - Set the SSL/TLS credentials.
110 * http_setup_ssl() - Set up SSL/TLS support on a connection.
111 * http_shutdown_ssl() - Shut down SSL/TLS on a connection.
112 * http_threadid_cb() - Return the current thread ID.
113 * http_upgrade() - Force upgrade to TLS encryption.
114 * http_write() - Write a buffer to a HTTP connection.
115 * http_write_chunk() - Write a chunked buffer.
116 * http_write_ssl() - Write to a SSL/TLS connection.
3840d6ba 117 */
118
119/*
120 * Include necessary headers...
121 */
122
3d94661a 123#include "cups-private.h"
3b960317 124#include <fcntl.h>
6875feac 125#ifdef WIN32
126# include <tchar.h>
127#else
5356dc5a 128# include <signal.h>
63d94476 129# include <sys/time.h>
130# include <sys/resource.h>
6875feac 131#endif /* WIN32 */
9d4830a3 132#ifdef HAVE_POLL
133# include <sys/poll.h>
134#endif /* HAVE_POLL */
5356dc5a 135
a75c006a 136
42d48bd2 137/*
138 * Some operating systems have done away with the Fxxxx constants for
139 * the fcntl() call; this works around that "feature"...
140 */
141
142#ifndef FNONBLK
143# define FNONBLK O_NONBLOCK
144#endif /* !FNONBLK */
145
992cf15a 146
147/*
3a193f5e 148 * Local functions...
992cf15a 149 */
150
7e66bf84 151#ifdef DEBUG
152static void http_debug_hex(const char *prefix, const char *buffer,
153 int bytes);
154#endif /* DEBUG */
063e1ac7 155static http_field_t http_field(const char *name);
156static int http_send(http_t *http, http_state_t request,
157 const char *uri);
ad4be4c3 158static int http_write(http_t *http, const char *buffer,
159 int length);
160static int http_write_chunk(http_t *http, const char *buffer,
161 int length);
bcf61448 162#ifdef HAVE_SSL
ad4be4c3 163static int http_read_ssl(http_t *http, char *buf, int len);
4fd8e3ef 164# if defined(HAVE_CDSASSL) && defined(HAVE_SECCERTIFICATECOPYDATA)
b9738d7c 165static int http_set_credentials(http_t *http);
4fd8e3ef 166# endif /* HAVE_CDSASSL ** HAVE_SECCERTIFICATECOPYDATA */
bcf61448 167static int http_setup_ssl(http_t *http);
168static void http_shutdown_ssl(http_t *http);
ad4be4c3 169static int http_upgrade(http_t *http);
ad4be4c3 170static int http_write_ssl(http_t *http, const char *buf, int len);
bcf61448 171#endif /* HAVE_SSL */
3840d6ba 172
173
174/*
3a193f5e 175 * Local globals...
3840d6ba 176 */
177
6db7190f 178static const char * const http_fields[] =
3a193f5e 179 {
3a193f5e 180 "Accept-Language",
0542e38e 181 "Accept-Ranges",
3a193f5e 182 "Authorization",
3a193f5e 183 "Connection",
3a193f5e 184 "Content-Encoding",
185 "Content-Language",
186 "Content-Length",
187 "Content-Location",
188 "Content-MD5",
189 "Content-Range",
190 "Content-Type",
0d1f75a3 191 "Content-Version",
3a193f5e 192 "Date",
3a193f5e 193 "Host",
3a193f5e 194 "If-Modified-Since",
3a193f5e 195 "If-Unmodified-since",
0d1f75a3 196 "Keep-Alive",
3a193f5e 197 "Last-Modified",
0d1f75a3 198 "Link",
3a193f5e 199 "Location",
3a193f5e 200 "Range",
201 "Referer",
202 "Retry-After",
3a193f5e 203 "Transfer-Encoding",
204 "Upgrade",
205 "User-Agent",
3a193f5e 206 "WWW-Authenticate"
207 };
3917d198 208#ifdef DEBUG
209static const char * const http_states[] =
210 {
211 "HTTP_WAITING",
212 "HTTP_OPTIONS",
213 "HTTP_GET",
214 "HTTP_GET_SEND",
215 "HTTP_HEAD",
216 "HTTP_POST",
217 "HTTP_POST_RECV",
218 "HTTP_POST_SEND",
219 "HTTP_PUT",
220 "HTTP_PUT_RECV",
221 "HTTP_DELETE",
222 "HTTP_TRACE",
223 "HTTP_CLOSE",
224 "HTTP_STATUS"
225 };
226#endif /* DEBUG */
3840d6ba 227
228
38cf3b08 229#if defined(HAVE_SSL) && defined(HAVE_LIBSSL)
230/*
231 * BIO methods for OpenSSL...
232 */
233
234static int http_bio_write(BIO *h, const char *buf, int num);
235static int http_bio_read(BIO *h, char *buf, int size);
236static int http_bio_puts(BIO *h, const char *str);
237static long http_bio_ctrl(BIO *h, int cmd, long arg1, void *arg2);
238static int http_bio_new(BIO *h);
239static int http_bio_free(BIO *data);
240
241static BIO_METHOD http_bio_methods =
242 {
243 BIO_TYPE_SOCKET,
244 "http",
245 http_bio_write,
246 http_bio_read,
247 http_bio_puts,
248 NULL, /* http_bio_gets, */
249 http_bio_ctrl,
250 http_bio_new,
251 http_bio_free,
252 NULL,
253 };
b9738d7c 254#endif /* HAVE_SSL && HAVE_LIBSSL */
255
256
257/*
258 * 'httpAddCredential()' - Allocates and adds a single credential to an array.
259 *
260 * Use @code cupsArrayNew(NULL, NULL)@ to create a credentials array.
261 *
a1a2e89a 262 * @since CUPS 1.5/Mac OS X 10.7@
b9738d7c 263 */
264
265int /* O - 0 on success, -1 on error */
266httpAddCredential(
267 cups_array_t *credentials, /* I - Credentials array */
268 const void *data, /* I - PEM-encoded X.509 data */
269 size_t datalen) /* I - Length of data */
270{
271 http_credential_t *credential; /* Credential data */
272
273
274 if ((credential = malloc(sizeof(http_credential_t))) != NULL)
275 {
276 credential->datalen = datalen;
277
278 if ((credential->data = malloc(datalen)) != NULL)
279 {
280 memcpy(credential->data, data, datalen);
281 cupsArrayAdd(credentials, credential);
282 return (0);
283 }
284
285 free(credential);
286 }
287
288 return (-1);
289}
38cf3b08 290
291
b9738d7c 292#if defined(HAVE_SSL) && defined(HAVE_LIBSSL)
38cf3b08 293/*
294 * '_httpBIOMethods()' - Get the OpenSSL BIO methods for HTTP connections.
295 */
296
297BIO_METHOD * /* O - BIO methods for OpenSSL */
298_httpBIOMethods(void)
299{
300 return (&http_bio_methods);
301}
302#endif /* HAVE_SSL && HAVE_LIBSSL */
303
304
7fbf7fc4 305/*
306 * 'httpBlocking()' - Set blocking/non-blocking behavior on a connection.
307 */
308
309void
c73f649f 310httpBlocking(http_t *http, /* I - Connection to server */
7fbf7fc4 311 int b) /* I - 1 = blocking, 0 = non-blocking */
312{
313 if (http)
314 http->blocking = b;
315}
316
317
c1918ec5 318/*
319 * 'httpCheck()' - Check to see if there is a pending response from the server.
320 */
321
7fbf7fc4 322int /* O - 0 = no data, 1 = data available */
c73f649f 323httpCheck(http_t *http) /* I - Connection to server */
c1918ec5 324{
2e32fcdb 325 return (httpWait(http, 0));
c1918ec5 326}
327
328
d40085f1 329/*
330 * 'httpClearCookie()' - Clear the cookie value(s).
c94f4aa9 331 *
373b3e5f 332 * @since CUPS 1.1.19/Mac OS X 10.3@
d40085f1 333 */
334
335void
c73f649f 336httpClearCookie(http_t *http) /* I - Connection to server */
d40085f1 337{
338 if (!http)
339 return;
340
341 if (http->cookie)
342 {
343 free(http->cookie);
344 http->cookie = NULL;
345 }
346}
347
348
7fbf7fc4 349/*
350 * 'httpClearFields()' - Clear HTTP request fields.
351 */
352
353void
c73f649f 354httpClearFields(http_t *http) /* I - Connection to server */
7fbf7fc4 355{
356 if (http)
357 {
358 memset(http->fields, 0, sizeof(http->fields));
5e70248a 359 if (http->hostname[0] == '/')
360 httpSetField(http, HTTP_FIELD_HOST, "localhost");
361 else
362 httpSetField(http, HTTP_FIELD_HOST, http->hostname);
d834148f 363
cf94bcb1 364 if (http->field_authorization)
365 {
366 free(http->field_authorization);
367 http->field_authorization = NULL;
368 }
369
d834148f 370 http->expect = (http_status_t)0;
7fbf7fc4 371 }
372}
373
374
50146867 375/*
89813a30 376 * 'httpClose()' - Close an HTTP connection.
50146867 377 */
378
379void
c73f649f 380httpClose(http_t *http) /* I - Connection to server */
50146867 381{
a99d043e 382#ifdef HAVE_GSSAPI
c97b7208 383 OM_uint32 minor_status; /* Minor status code */
a99d043e 384#endif /* HAVE_GSSAPI */
385
386
571af0ea 387 DEBUG_printf(("httpClose(http=%p)", http));
cda1bd04 388
fa7e8544 389 /*
390 * Range check input...
391 */
392
2a0ef17a 393 if (!http)
50146867 394 return;
395
fa7e8544 396 /*
397 * Close any open connection...
398 */
399
400 _httpDisconnect(http);
401
402 /*
403 * Free memory used...
404 */
405
086c584d 406 httpAddrFreeList(http->addrlist);
407
d40085f1 408 if (http->cookie)
409 free(http->cookie);
410
a99d043e 411#ifdef HAVE_GSSAPI
412 if (http->gssctx != GSS_C_NO_CONTEXT)
c97b7208 413 gss_delete_sec_context(&minor_status, &http->gssctx, GSS_C_NO_BUFFER);
a99d043e 414
415 if (http->gssname != GSS_C_NO_NAME)
c97b7208 416 gss_release_name(&minor_status, &http->gssname);
a99d043e 417#endif /* HAVE_GSSAPI */
418
f39a71fd 419#ifdef HAVE_AUTHORIZATION_H
420 if (http->auth_ref)
421 AuthorizationFree(http->auth_ref, kAuthorizationFlagDefaults);
422#endif /* HAVE_AUTHORIZATION_H */
423
cf94bcb1 424 httpClearFields(http);
425
426 if (http->authstring && http->authstring != http->_authstring)
427 free(http->authstring);
428
50146867 429 free(http);
9cba63f2 430}
431
432
3840d6ba 433/*
50146867 434 * 'httpConnect()' - Connect to a HTTP server.
9217ee14 435 *
436 * This function is deprecated - use @link httpConnectEncrypt@ instead.
437 *
438 * @deprecated@
3840d6ba 439 */
440
c6075312 441http_t * /* O - New HTTP connection */
442httpConnect(const char *host, /* I - Host to connect to */
443 int port) /* I - Port number */
b5cb0608 444{
9217ee14 445 return (httpConnectEncrypt(host, port, HTTP_ENCRYPT_IF_REQUESTED));
446}
447
448
449/*
450 * 'httpConnectEncrypt()' - Connect to a HTTP server using encryption.
451 */
452
453http_t * /* O - New HTTP connection */
454httpConnectEncrypt(
455 const char *host, /* I - Host to connect to */
456 int port, /* I - Port number */
457 http_encryption_t encryption) /* I - Type of encryption to use */
458{
459 http_t *http; /* New HTTP connection */
460
b5cb0608 461
571af0ea 462 DEBUG_printf(("httpConnectEncrypt(host=\"%s\", port=%d, encryption=%d)",
9217ee14 463 host, port, encryption));
b5cb0608 464
465 /*
9217ee14 466 * Create the HTTP structure...
b5cb0608 467 */
468
cce0044f 469 if ((http = _httpCreate(host, port, NULL, encryption, AF_UNSPEC)) == NULL)
9217ee14 470 return (NULL);
471
472 /*
473 * Connect to the remote system...
474 */
475
476 if (!httpReconnect(http))
477 return (http);
478
479 /*
480 * Could not connect to any known address - bail out!
481 */
482
483 httpAddrFreeList(http->addrlist);
b5cb0608 484
9217ee14 485 free(http);
486
487 return (NULL);
b5cb0608 488}
489
490
b9738d7c 491/*
492 * 'httpCopyCredentials()' - Copy the credentials associated with an encrypted
493 * connection.
494 *
a1a2e89a 495 * @since CUPS 1.5/Mac OS X 10.7@
b9738d7c 496 */
497
498int /* O - Status of call (0 = success) */
499httpCopyCredentials(
500 http_t *http, /* I - Connection to server */
501 cups_array_t **credentials) /* O - Array of credentials */
502{
503# ifdef HAVE_LIBSSL
504# elif defined(HAVE_GNUTLS)
cc6af6b6 505# elif defined(HAVE_CDSASSL) && defined(HAVE_SECCERTIFICATECOPYDATA)
b9738d7c 506 OSStatus error; /* Error code */
507 CFIndex count; /* Number of credentials */
508 CFArrayRef peerCerts; /* Peer certificates */
509 SecCertificateRef secCert; /* Certificate reference */
510 CFDataRef data; /* Certificate data */
511 int i; /* Looping var */
512# elif defined(HAVE_SSPISSL)
513# endif /* HAVE_LIBSSL */
514
515
516 if (credentials)
517 *credentials = NULL;
518
519 if (!http || !http->tls || !credentials)
520 return (-1);
521
522# ifdef HAVE_LIBSSL
523 return (-1);
524
525# elif defined(HAVE_GNUTLS)
526 return (-1);
527
355b559e 528# elif defined(HAVE_CDSASSL) && defined(HAVE_SECCERTIFICATECOPYDATA)
b9738d7c 529 if (!(error = SSLCopyPeerCertificates(http->tls, &peerCerts)) && peerCerts)
530 {
531 if ((*credentials = cupsArrayNew(NULL, NULL)) != NULL)
532 {
533 for (i = 0, count = CFArrayGetCount(peerCerts); i < count; i++)
534 {
535 secCert = (SecCertificateRef)CFArrayGetValueAtIndex(peerCerts, i);
536 if ((data = SecCertificateCopyData(secCert)))
537 {
538 httpAddCredential(*credentials, CFDataGetBytePtr(data),
539 CFDataGetLength(data));
540 CFRelease(data);
541 }
542 }
543 }
544
545 CFRelease(peerCerts);
546 }
547
548 return (error);
549
550# elif defined(HAVE_SSPISSL)
551 return (-1);
f07e2adf 552
553# else
554 return (-1);
b9738d7c 555# endif /* HAVE_LIBSSL */
556}
557
558
559/*
560 * '_httpConvertCredentials()' - Convert credentials to the internal format.
561 */
562
563http_tls_credentials_t /* O - Internal credentials */
564_httpConvertCredentials(
565 cups_array_t *credentials) /* I - Array of credentials */
566{
567 if (!credentials)
568 return (NULL);
569
570# ifdef HAVE_LIBSSL
571 return (NULL);
572
573# elif defined(HAVE_GNUTLS)
574 return (NULL);
575
cc6af6b6 576# elif defined(HAVE_CDSASSL) && defined(HAVE_SECCERTIFICATECOPYDATA)
b9738d7c 577 CFMutableArrayRef peerCerts; /* Peer credentials reference */
578 SecCertificateRef secCert; /* Certificate reference */
579 CFDataRef data; /* Credential data reference */
580 http_credential_t *credential; /* Credential data */
581
582
583 if ((peerCerts = CFArrayCreateMutable(kCFAllocatorDefault,
584 cupsArrayCount(credentials),
585 &kCFTypeArrayCallBacks)) == NULL)
586 return (NULL);
587
588 for (credential = (http_credential_t *)cupsArrayFirst(credentials);
589 credential;
590 credential = (http_credential_t *)cupsArrayNext(credentials))
591 {
355b559e 592 if ((data = CFDataCreate(kCFAllocatorDefault, credential->data,
b9738d7c 593 credential->datalen)))
594 {
595 if ((secCert = SecCertificateCreateWithData(kCFAllocatorDefault, data))
596 != NULL)
597 {
598 CFArrayAppendValue(peerCerts, secCert);
599 CFRelease(secCert);
600 }
601
602 CFRelease(data);
603 }
604 }
605
606 return (peerCerts);
607
608# elif defined(HAVE_SSPISSL)
609 return (NULL);
610
611# else
612 return (NULL);
613# endif /* HAVE_LIBSSL */
614}
615
616
b5cb0608 617/*
9217ee14 618 * '_httpCreate()' - Create an unconnected HTTP connection.
b5cb0608 619 */
620
9217ee14 621http_t * /* O - HTTP connection */
622_httpCreate(
623 const char *host, /* I - Hostname */
7c298ddc 624 int port, /* I - Port number */
cce0044f 625 http_addrlist_t *addrlist, /* I - Address list or NULL */
16f98e36 626 http_encryption_t encryption, /* I - Encryption to use */
627 int family) /* I - Address family or AF_UNSPEC */
3840d6ba 628{
cce0044f 629 http_t *http; /* New HTTP connection */
630 char service[255]; /* Service name */
50146867 631
632
571af0ea 633 DEBUG_printf(("4_httpCreate(host=\"%s\", port=%d, encryption=%d)",
9217ee14 634 host, port, encryption));
cda1bd04 635
636 if (!host)
db8c0a8c 637 return (NULL);
638
0b83a6c8 639 httpInitialize();
640
50146867 641 /*
642 * Lookup the host...
643 */
644
086c584d 645 sprintf(service, "%d", port);
7e9dc5e9 646
cce0044f 647 if (!addrlist)
648 if ((addrlist = httpAddrGetList(host, family, service)) == NULL)
649 return (NULL);
7e9dc5e9 650
3840d6ba 651 /*
3a193f5e 652 * Allocate memory for the structure...
3840d6ba 653 */
654
18e6d242 655 if ((http = calloc(sizeof(http_t), 1)) == NULL)
656 {
657 httpAddrFreeList(addrlist);
3a193f5e 658 return (NULL);
18e6d242 659 }
3840d6ba 660
9217ee14 661 /*
662 * Initialize the HTTP data...
663 */
664
3a193f5e 665 http->activity = time(NULL);
9217ee14 666 http->addrlist = addrlist;
667 http->blocking = 1;
7e9dc5e9 668 http->fd = -1;
a99d043e 669#ifdef HAVE_GSSAPI
9217ee14 670 http->gssctx = GSS_C_NO_CONTEXT;
671 http->gssname = GSS_C_NO_NAME;
a99d043e 672#endif /* HAVE_GSSAPI */
9217ee14 673 http->version = HTTP_1_1;
a99d043e 674
9217ee14 675 strlcpy(http->hostname, host, sizeof(http->hostname));
b5cb0608 676
c6075312 677 if (port == 443) /* Always use encryption for https */
753453e4 678 http->encryption = HTTP_ENCRYPT_ALWAYS;
679 else
7c298ddc 680 http->encryption = encryption;
b5cb0608 681
a75c006a 682 /*
9217ee14 683 * Return the new structure...
99de6da0 684 */
685
9217ee14 686 return (http);
3a193f5e 687}
3840d6ba 688
3840d6ba 689
ad4be4c3 690/*
691 * 'httpDelete()' - Send a DELETE request to the server.
692 */
693
694int /* O - Status of call (0 = success) */
c73f649f 695httpDelete(http_t *http, /* I - Connection to server */
ad4be4c3 696 const char *uri) /* I - URI to delete */
697{
698 return (http_send(http, HTTP_DELETE, uri));
699}
700
701
fa7e8544 702/*
703 * '_httpDisconnect()' - Disconnect a HTTP connection.
704 */
705
706void
707_httpDisconnect(http_t *http) /* I - Connection to server */
708{
709#ifdef HAVE_SSL
710 if (http->tls)
711 http_shutdown_ssl(http);
712#endif /* HAVE_SSL */
713
714#ifdef WIN32
715 closesocket(http->fd);
716#else
717 close(http->fd);
718#endif /* WIN32 */
719
720 http->fd = -1;
721}
722
723
ad4be4c3 724/*
725 * 'httpEncryption()' - Set the required encryption on the link.
726 */
727
728int /* O - -1 on error, 0 on success */
c73f649f 729httpEncryption(http_t *http, /* I - Connection to server */
ad4be4c3 730 http_encryption_t e) /* I - New encryption preference */
731{
571af0ea 732 DEBUG_printf(("httpEncryption(http=%p, e=%d)", http, e));
ad4be4c3 733
734#ifdef HAVE_SSL
735 if (!http)
736 return (0);
737
738 http->encryption = e;
739
740 if ((http->encryption == HTTP_ENCRYPT_ALWAYS && !http->tls) ||
741 (http->encryption == HTTP_ENCRYPT_NEVER && http->tls))
742 return (httpReconnect(http));
743 else if (http->encryption == HTTP_ENCRYPT_REQUIRED && !http->tls)
2a0ef17a 744 return (http_upgrade(http));
ad4be4c3 745 else
746 return (0);
747#else
748 if (e == HTTP_ENCRYPT_ALWAYS || e == HTTP_ENCRYPT_REQUIRED)
749 return (-1);
750 else
751 return (0);
bcf61448 752#endif /* HAVE_SSL */
ad4be4c3 753}
a75c006a 754
ad4be4c3 755
7fbf7fc4 756/*
757 * 'httpError()' - Get the last error on a connection.
758 */
759
760int /* O - Error code (errno) value */
c73f649f 761httpError(http_t *http) /* I - Connection to server */
7fbf7fc4 762{
763 if (http)
764 return (http->error);
765 else
766 return (EINVAL);
767}
768
769
ad4be4c3 770/*
771 * 'httpFlush()' - Flush data from a HTTP connection.
772 */
773
774void
c73f649f 775httpFlush(http_t *http) /* I - Connection to server */
ad4be4c3 776{
efaca90c 777 char buffer[8192]; /* Junk buffer */
778 int blocking; /* To block or not to block */
779 http_state_t oldstate; /* Old state */
ad4be4c3 780
781
3917d198 782 DEBUG_printf(("httpFlush(http=%p), state=%s", http,
783 http_states[http->state]));
ad4be4c3 784
c139c1d6 785 /*
786 * Temporarily set non-blocking mode so we don't get stuck in httpRead()...
787 */
788
789 blocking = http->blocking;
790 http->blocking = 0;
791
792 /*
793 * Read any data we can...
794 */
795
efaca90c 796 oldstate = http->state;
00a1fad8 797 while (httpRead2(http, buffer, sizeof(buffer)) > 0);
c139c1d6 798
799 /*
800 * Restore blocking and reset the connection if we didn't get all of
801 * the remaining data...
802 */
803
804 http->blocking = blocking;
805
992be331 806 if (http->state == oldstate && http->state != HTTP_WAITING && http->fd >= 0)
c139c1d6 807 {
808 /*
809 * Didn't get the data back, so close the current connection.
810 */
811
812 http->state = HTTP_WAITING;
813
814#ifdef HAVE_SSL
815 if (http->tls)
816 http_shutdown_ssl(http);
817#endif /* HAVE_SSL */
818
819#ifdef WIN32
820 closesocket(http->fd);
821#else
822 close(http->fd);
823#endif /* WIN32 */
824
825 http->fd = -1;
826 }
ad4be4c3 827}
828
829
830/*
831 * 'httpFlushWrite()' - Flush data in write buffer.
c94f4aa9 832 *
373b3e5f 833 * @since CUPS 1.2/Mac OS X 10.5@
ad4be4c3 834 */
835
836int /* O - Bytes written or -1 on error */
c73f649f 837httpFlushWrite(http_t *http) /* I - Connection to server */
ad4be4c3 838{
839 int bytes; /* Bytes written */
840
841
571af0ea 842 DEBUG_printf(("httpFlushWrite(http=%p)", http));
ad4be4c3 843
844 if (!http || !http->wused)
efaca90c 845 {
846 DEBUG_puts(http ? "1httpFlushWrite: Write buffer is empty." :
847 "1httpFlushWrite: No connection.");
ad4be4c3 848 return (0);
efaca90c 849 }
ad4be4c3 850
851 if (http->data_encoding == HTTP_ENCODE_CHUNKED)
852 bytes = http_write_chunk(http, http->wbuffer, http->wused);
853 else
854 bytes = http_write(http, http->wbuffer, http->wused);
855
856 http->wused = 0;
857
c0371c4a 858 DEBUG_printf(("1httpFlushWrite: Returning %d, errno=%d.", bytes, errno));
efaca90c 859
ad4be4c3 860 return (bytes);
861}
862
863
b9738d7c 864/*
865 * '_httpFreeCredentials()' - Free internal credentials.
866 */
867
868void
869_httpFreeCredentials(
870 http_tls_credentials_t credentials) /* I - Internal credentials */
871{
872 if (!credentials)
873 return;
874
875#ifdef HAVE_LIBSSL
876 (void)credentials;
877
878#elif defined(HAVE_GNUTLS)
879 (void)credentials;
880
881#elif defined(HAVE_CDSASSL)
882 CFRelease(credentials);
883
884#elif defined(HAVE_SSPISSL)
885 (void)credentials;
886
887#endif /* HAVE_LIBSSL */
888}
889
890
891/*
892 * 'httpFreeCredentials()' - Free an array of credentials.
893 */
894
895void
896httpFreeCredentials(
897 cups_array_t *credentials) /* I - Array of credentials */
898{
899 http_credential_t *credential; /* Credential */
900
901
902 for (credential = (http_credential_t *)cupsArrayFirst(credentials);
903 credential;
904 credential = (http_credential_t *)cupsArrayNext(credentials))
905 {
906 cupsArrayRemove(credentials, credential);
907 free((void *)credential->data);
908 free(credential);
909 }
910
911 cupsArrayDelete(credentials);
912}
913
914
ad4be4c3 915/*
916 * 'httpGet()' - Send a GET request to the server.
917 */
918
919int /* O - Status of call (0 = success) */
c73f649f 920httpGet(http_t *http, /* I - Connection to server */
ad4be4c3 921 const char *uri) /* I - URI to get */
922{
923 return (http_send(http, HTTP_GET, uri));
924}
925
926
4c695a46 927/*
185977be 928 * 'httpGetAuthString()' - Get the current authorization string.
4c695a46 929 *
185977be 930 * The authorization string is set by cupsDoAuthentication() and
931 * httpSetAuthString(). Use httpGetAuthString() to retrieve the
932 * string to use with httpSetField() for the HTTP_FIELD_AUTHORIZATION
933 * value.
4c695a46 934 *
373b3e5f 935 * @since CUPS 1.3/Mac OS X 10.5@
4c695a46 936 */
937
938char * /* O - Authorization string */
c73f649f 939httpGetAuthString(http_t *http) /* I - Connection to server */
4c695a46 940{
941 if (http)
942 return (http->authstring);
943 else
944 return (NULL);
945}
946
947
7fbf7fc4 948/*
949 * 'httpGetBlocking()' - Get the blocking/non-block state of a connection.
950 *
373b3e5f 951 * @since CUPS 1.2/Mac OS X 10.5@
7fbf7fc4 952 */
953
954int /* O - 1 if blocking, 0 if non-blocking */
c73f649f 955httpGetBlocking(http_t *http) /* I - Connection to server */
7fbf7fc4 956{
957 return (http ? http->blocking : 0);
958}
959
960
961/*
962 * 'httpGetCookie()' - Get any cookie data from the response.
e8929454 963 *
373b3e5f 964 * @since CUPS 1.1.19/Mac OS X 10.3@
7fbf7fc4 965 */
966
967const char * /* O - Cookie data or NULL */
968httpGetCookie(http_t *http) /* I - HTTP connecion */
969{
970 return (http ? http->cookie : NULL);
971}
972
973
974/*
975 * 'httpGetFd()' - Get the file descriptor associated with a connection.
976 *
373b3e5f 977 * @since CUPS 1.2/Mac OS X 10.5@
7fbf7fc4 978 */
979
980int /* O - File descriptor or -1 if none */
c73f649f 981httpGetFd(http_t *http) /* I - Connection to server */
7fbf7fc4 982{
983 return (http ? http->fd : -1);
984}
985
986
987/*
988 * 'httpGetField()' - Get a field value from a request/response.
989 */
990
991const char * /* O - Field value */
c73f649f 992httpGetField(http_t *http, /* I - Connection to server */
7fbf7fc4 993 http_field_t field) /* I - Field to get */
994{
995 if (!http || field <= HTTP_FIELD_UNKNOWN || field >= HTTP_FIELD_MAX)
996 return (NULL);
dbf4ca8b 997 else if (field == HTTP_FIELD_AUTHORIZATION &&
cf94bcb1 998 http->field_authorization)
999 {
1000 /*
1001 * Special case for WWW-Authenticate: as its contents can be
1002 * longer than HTTP_MAX_VALUE...
1003 */
1004
1005 return (http->field_authorization);
1006 }
7fbf7fc4 1007 else
1008 return (http->fields[field]);
1009}
1010
1011
1012/*
1013 * 'httpGetLength()' - Get the amount of data remaining from the
1014 * content-length or transfer-encoding fields.
1015 *
1016 * This function is deprecated and will not return lengths larger than
1017 * 2^31 - 1; use httpGetLength2() instead.
1018 *
1019 * @deprecated@
1020 */
1021
1022int /* O - Content length */
c73f649f 1023httpGetLength(http_t *http) /* I - Connection to server */
7fbf7fc4 1024{
1025 /*
1026 * Get the read content length and return the 32-bit value.
1027 */
1028
1029 if (http)
1030 {
1031 httpGetLength2(http);
1032
1033 return (http->_data_remaining);
1034 }
1035 else
1036 return (-1);
1037}
1038
1039
1040/*
1041 * 'httpGetLength2()' - Get the amount of data remaining from the
1042 * content-length or transfer-encoding fields.
1043 *
1044 * This function returns the complete content length, even for
1045 * content larger than 2^31 - 1.
1046 *
373b3e5f 1047 * @since CUPS 1.2/Mac OS X 10.5@
7fbf7fc4 1048 */
1049
1050off_t /* O - Content length */
c73f649f 1051httpGetLength2(http_t *http) /* I - Connection to server */
7fbf7fc4 1052{
3917d198 1053 DEBUG_printf(("2httpGetLength2(http=%p), state=%s", http,
1054 http_states[http->state]));
7fbf7fc4 1055
1056 if (!http)
1057 return (-1);
1058
1059 if (!strcasecmp(http->fields[HTTP_FIELD_TRANSFER_ENCODING], "chunked"))
1060 {
571af0ea 1061 DEBUG_puts("4httpGetLength2: chunked request!");
7fbf7fc4 1062
1063 http->data_encoding = HTTP_ENCODE_CHUNKED;
1064 http->data_remaining = 0;
1065 }
1066 else
1067 {
1068 http->data_encoding = HTTP_ENCODE_LENGTH;
1069
1070 /*
1071 * The following is a hack for HTTP servers that don't send a
1072 * content-length or transfer-encoding field...
1073 *
1074 * If there is no content-length then the connection must close
1075 * after the transfer is complete...
1076 */
1077
43241ae6 1078 if (!http->fields[HTTP_FIELD_CONTENT_LENGTH][0])
1079 {
1080 /*
1081 * Default content length is 0 for errors and 2^31-1 for other
1082 * successful requests...
1083 */
1084
1085 if (http->status >= HTTP_MULTIPLE_CHOICES)
1086 http->data_remaining = 0;
1087 else
1088 http->data_remaining = 2147483647;
1089 }
7fbf7fc4 1090 else
1091 http->data_remaining = strtoll(http->fields[HTTP_FIELD_CONTENT_LENGTH],
1092 NULL, 10);
1093
571af0ea 1094 DEBUG_printf(("4httpGetLength2: content_length=" CUPS_LLFMT,
7fbf7fc4 1095 CUPS_LLCAST http->data_remaining));
1096 }
1097
1098 if (http->data_remaining <= INT_MAX)
1099 http->_data_remaining = (int)http->data_remaining;
1100 else
1101 http->_data_remaining = INT_MAX;
1102
1103 return (http->data_remaining);
1104}
1105
1106
1107/*
1108 * 'httpGetStatus()' - Get the status of the last HTTP request.
1109 *
373b3e5f 1110 * @since CUPS 1.2/Mac OS X 10.5@
7fbf7fc4 1111 */
1112
1113http_status_t /* O - HTTP status */
c73f649f 1114httpGetStatus(http_t *http) /* I - Connection to server */
7fbf7fc4 1115{
1116 return (http ? http->status : HTTP_ERROR);
1117}
1118
1119
83e740a5 1120/*
1121 * 'httpGetSubField()' - Get a sub-field value.
ff84728d 1122 *
1123 * @deprecated@
83e740a5 1124 */
1125
1126char * /* O - Value or NULL */
c73f649f 1127httpGetSubField(http_t *http, /* I - Connection to server */
83e740a5 1128 http_field_t field, /* I - Field index */
1129 const char *name, /* I - Name of sub-field */
1130 char *value) /* O - Value string */
ff84728d 1131{
1132 return (httpGetSubField2(http, field, name, value, HTTP_MAX_VALUE));
1133}
1134
1135
1136/*
1137 * 'httpGetSubField2()' - Get a sub-field value.
1138 *
373b3e5f 1139 * @since CUPS 1.2/Mac OS X 10.5@
ff84728d 1140 */
1141
1142char * /* O - Value or NULL */
c73f649f 1143httpGetSubField2(http_t *http, /* I - Connection to server */
ff84728d 1144 http_field_t field, /* I - Field index */
1145 const char *name, /* I - Name of sub-field */
1146 char *value, /* O - Value string */
1147 int valuelen) /* I - Size of value buffer */
83e740a5 1148{
1149 const char *fptr; /* Pointer into field */
1150 char temp[HTTP_MAX_VALUE], /* Temporary buffer for name */
ff84728d 1151 *ptr, /* Pointer into string buffer */
1152 *end; /* End of value buffer */
83e740a5 1153
571af0ea 1154 DEBUG_printf(("2httpGetSubField2(http=%p, field=%d, name=\"%s\", value=%p, "
1155 "valuelen=%d)", http, field, name, value, valuelen));
9b4bc2a5 1156
ff84728d 1157 if (!http || !name || !value || valuelen < 2 ||
7fbf7fc4 1158 field <= HTTP_FIELD_UNKNOWN || field >= HTTP_FIELD_MAX)
83e740a5 1159 return (NULL);
1160
ff84728d 1161 end = value + valuelen - 1;
1162
83e740a5 1163 for (fptr = http->fields[field]; *fptr;)
1164 {
1165 /*
1166 * Skip leading whitespace...
1167 */
1168
e00a8345 1169 while (_cups_isspace(*fptr))
83e740a5 1170 fptr ++;
1171
1172 if (*fptr == ',')
1173 {
1174 fptr ++;
1175 continue;
1176 }
1177
1178 /*
1179 * Get the sub-field name...
1180 */
1181
1182 for (ptr = temp;
e00a8345 1183 *fptr && *fptr != '=' && !_cups_isspace(*fptr) &&
ff84728d 1184 ptr < (temp + sizeof(temp) - 1);
83e740a5 1185 *ptr++ = *fptr++);
1186
1187 *ptr = '\0';
1188
571af0ea 1189 DEBUG_printf(("4httpGetSubField2: name=\"%s\"", temp));
9b4bc2a5 1190
83e740a5 1191 /*
1192 * Skip trailing chars up to the '='...
1193 */
1194
e00a8345 1195 while (_cups_isspace(*fptr))
83e740a5 1196 fptr ++;
1197
1198 if (!*fptr)
1199 break;
1200
9b4bc2a5 1201 if (*fptr != '=')
1202 continue;
1203
83e740a5 1204 /*
1205 * Skip = and leading whitespace...
1206 */
1207
1208 fptr ++;
1209
e00a8345 1210 while (_cups_isspace(*fptr))
ad4be4c3 1211 fptr ++;
1212
1213 if (*fptr == '\"')
1214 {
1215 /*
1216 * Read quoted string...
1217 */
1218
1219 for (ptr = value, fptr ++;
ff84728d 1220 *fptr && *fptr != '\"' && ptr < end;
ad4be4c3 1221 *ptr++ = *fptr++);
1222
1223 *ptr = '\0';
1224
1225 while (*fptr && *fptr != '\"')
1226 fptr ++;
1227
1228 if (*fptr)
1229 fptr ++;
1230 }
1231 else
1232 {
1233 /*
1234 * Read unquoted string...
1235 */
1236
1237 for (ptr = value;
e00a8345 1238 *fptr && !_cups_isspace(*fptr) && *fptr != ',' && ptr < end;
ad4be4c3 1239 *ptr++ = *fptr++);
1240
1241 *ptr = '\0';
1242
e00a8345 1243 while (*fptr && !_cups_isspace(*fptr) && *fptr != ',')
ad4be4c3 1244 fptr ++;
1245 }
1246
571af0ea 1247 DEBUG_printf(("4httpGetSubField2: value=\"%s\"", value));
ad4be4c3 1248
1249 /*
1250 * See if this is the one...
1251 */
1252
ff84728d 1253 if (!strcmp(name, temp))
571af0ea 1254 {
1255 DEBUG_printf(("3httpGetSubField2: Returning \"%s\"", value));
ad4be4c3 1256 return (value);
571af0ea 1257 }
ad4be4c3 1258 }
1259
1260 value[0] = '\0';
1261
571af0ea 1262 DEBUG_puts("3httpGetSubField2: Returning NULL");
1263
ad4be4c3 1264 return (NULL);
1265}
1266
1267
ad4be4c3 1268/*
1269 * 'httpGets()' - Get a line of text from a HTTP connection.
1270 */
1271
1272char * /* O - Line or NULL */
1273httpGets(char *line, /* I - Line to read into */
1274 int length, /* I - Max length of buffer */
c73f649f 1275 http_t *http) /* I - Connection to server */
ad4be4c3 1276{
1277 char *lineptr, /* Pointer into line */
af6dfa48 1278 *lineend, /* End of line */
ad4be4c3 1279 *bufptr, /* Pointer into input buffer */
1280 *bufend; /* Pointer to end of buffer */
af6dfa48 1281 int bytes, /* Number of bytes read */
1282 eol; /* End-of-line? */
ad4be4c3 1283
1284
571af0ea 1285 DEBUG_printf(("2httpGets(line=%p, length=%d, http=%p)", line, length, http));
ad4be4c3 1286
1287 if (http == NULL || line == NULL)
1288 return (NULL);
83e740a5 1289
ad4be4c3 1290 /*
af6dfa48 1291 * Read a line from the buffer...
ad4be4c3 1292 */
3eecd6f5 1293
1294 http->error = 0;
1295 lineptr = line;
1296 lineend = line + length - 1;
1297 eol = 0;
af6dfa48 1298
1299 while (lineptr < lineend)
1300 {
1301 /*
1302 * Pre-load the buffer as needed...
1303 */
83e740a5 1304
ad4be4c3 1305#ifdef WIN32
af6dfa48 1306 WSASetLastError(0);
ad4be4c3 1307#else
af6dfa48 1308 errno = 0;
ad4be4c3 1309#endif /* WIN32 */
83e740a5 1310
af6dfa48 1311 while (http->used == 0)
83e740a5 1312 {
1313 /*
ad4be4c3 1314 * No newline; see if there is more data to be read...
83e740a5 1315 */
1316
c0371c4a 1317 if (!_httpWait(http, http->blocking ? 30000 : 10000, 1))
f2dbc7f7 1318 {
571af0ea 1319 DEBUG_puts("3httpGets: Timed out!");
d220c7b8 1320#ifdef WIN32
1321 http->error = WSAETIMEDOUT;
1322#else
f2dbc7f7 1323 http->error = ETIMEDOUT;
d220c7b8 1324#endif /* WIN32 */
ad4be4c3 1325 return (NULL);
f2dbc7f7 1326 }
83e740a5 1327
ad4be4c3 1328#ifdef HAVE_SSL
1329 if (http->tls)
af6dfa48 1330 bytes = http_read_ssl(http, http->buffer + http->used,
1331 HTTP_MAX_BUFFER - http->used);
ad4be4c3 1332 else
1333#endif /* HAVE_SSL */
af6dfa48 1334 bytes = recv(http->fd, http->buffer + http->used,
1335 HTTP_MAX_BUFFER - http->used, 0);
83e740a5 1336
571af0ea 1337 DEBUG_printf(("4httpGets: read %d bytes...", bytes));
83e740a5 1338
ad4be4c3 1339 if (bytes < 0)
1340 {
1341 /*
1342 * Nope, can't get a line this time...
1343 */
9b4bc2a5 1344
ad4be4c3 1345#ifdef WIN32
6875feac 1346 DEBUG_printf(("3httpGets: recv() error %d!", WSAGetLastError()));
1347
a3aff7d2 1348 if (WSAGetLastError() == WSAEINTR)
6875feac 1349 continue;
a3aff7d2 1350 else if (WSAGetLastError() == WSAEWOULDBLOCK)
1351 {
3904b81e 1352 if (http->timeout_cb && (*http->timeout_cb)(http, http->timeout_data))
a3aff7d2 1353 continue;
3904b81e 1354
1355 http->error = WSAGetLastError();
a3aff7d2 1356 }
6875feac 1357 else if (WSAGetLastError() != http->error)
ad4be4c3 1358 {
1359 http->error = WSAGetLastError();
1360 continue;
1361 }
83e740a5 1362
ad4be4c3 1363#else
571af0ea 1364 DEBUG_printf(("3httpGets: recv() error %d!", errno));
83e740a5 1365
a3aff7d2 1366 if (errno == EINTR)
ad4be4c3 1367 continue;
a3aff7d2 1368 else if (errno == EWOULDBLOCK || errno == EAGAIN)
1369 {
3904b81e 1370 if (http->timeout_cb && (*http->timeout_cb)(http, http->timeout_data))
a3aff7d2 1371 continue;
3904b81e 1372 else if (!http->timeout_cb && errno == EAGAIN)
1373 continue;
1374
1375 http->error = errno;
a3aff7d2 1376 }
ad4be4c3 1377 else if (errno != http->error)
1378 {
1379 http->error = errno;
1380 continue;
1381 }
1382#endif /* WIN32 */
83e740a5 1383
ad4be4c3 1384 return (NULL);
1385 }
1386 else if (bytes == 0)
1387 {
1388 http->error = EPIPE;
83e740a5 1389
ad4be4c3 1390 return (NULL);
1391 }
83e740a5 1392
ad4be4c3 1393 /*
af6dfa48 1394 * Yup, update the amount used...
ad4be4c3 1395 */
3a193f5e 1396
ad4be4c3 1397 http->used += bytes;
ad4be4c3 1398 }
3a193f5e 1399
af6dfa48 1400 /*
1401 * Now copy as much of the current line as possible...
1402 */
3a193f5e 1403
af6dfa48 1404 for (bufptr = http->buffer, bufend = http->buffer + http->used;
1405 lineptr < lineend && bufptr < bufend;)
ad4be4c3 1406 {
af6dfa48 1407 if (*bufptr == 0x0a)
1408 {
1409 eol = 1;
1410 bufptr ++;
1411 break;
1412 }
1413 else if (*bufptr == 0x0d)
1414 bufptr ++;
1415 else
1416 *lineptr++ = *bufptr++;
ad4be4c3 1417 }
3a193f5e 1418
d220c7b8 1419 http->used -= (int)(bufptr - http->buffer);
ad4be4c3 1420 if (http->used > 0)
1421 memmove(http->buffer, bufptr, http->used);
3a193f5e 1422
af6dfa48 1423 if (eol)
1424 {
1425 /*
1426 * End of line...
1427 */
1428
1429 http->activity = time(NULL);
1430
1431 *lineptr = '\0';
dbf4ca8b 1432
571af0ea 1433 DEBUG_printf(("3httpGets: Returning \"%s\"", line));
af6dfa48 1434
1435 return (line);
1436 }
ad4be4c3 1437 }
50146867 1438
571af0ea 1439 DEBUG_puts("3httpGets: No new line available!");
ad4be4c3 1440
1441 return (NULL);
3a193f5e 1442}
1443
1444
50146867 1445/*
1446 * 'httpHead()' - Send a HEAD request to the server.
1447 */
1448
1449int /* O - Status of call (0 = success) */
c73f649f 1450httpHead(http_t *http, /* I - Connection to server */
063e1ac7 1451 const char *uri) /* I - URI for head */
3a193f5e 1452{
571af0ea 1453 DEBUG_printf(("httpHead(http=%p, uri=\"%s\")", http, uri));
a8374e1e 1454 return (http_send(http, HTTP_HEAD, uri));
3a193f5e 1455}
1456
1457
50146867 1458/*
ad4be4c3 1459 * 'httpInitialize()' - Initialize the HTTP interface library and set the
1460 * default HTTP proxy (if any).
50146867 1461 */
1462
ad4be4c3 1463void
1464httpInitialize(void)
3a193f5e 1465{
89813a30 1466 static int initialized = 0; /* Have we been called before? */
1467#ifdef WIN32
1468 WSADATA winsockdata; /* WinSock data */
1469#endif /* WIN32 */
ad4be4c3 1470#ifdef HAVE_LIBSSL
89813a30 1471 int i; /* Looping var */
1472 unsigned char data[1024]; /* Seed data */
ad4be4c3 1473#endif /* HAVE_LIBSSL */
3a193f5e 1474
1475
89813a30 1476 _cupsGlobalLock();
1477 if (initialized)
1478 {
1479 _cupsGlobalUnlock();
1480 return;
1481 }
1482
1483#ifdef WIN32
b758adbe 1484 WSAStartup(MAKEWORD(2,2), &winsockdata);
50146867 1485
c139c1d6 1486#elif !defined(SO_NOSIGPIPE)
ad4be4c3 1487 /*
1488 * Ignore SIGPIPE signals...
1489 */
3a193f5e 1490
c139c1d6 1491# ifdef HAVE_SIGSET
1492 sigset(SIGPIPE, SIG_IGN);
89813a30 1493
c139c1d6 1494# elif defined(HAVE_SIGACTION)
1495 struct sigaction action; /* POSIX sigaction data */
1496
1497
ad4be4c3 1498 memset(&action, 0, sizeof(action));
1499 action.sa_handler = SIG_IGN;
1500 sigaction(SIGPIPE, &action, NULL);
89813a30 1501
c139c1d6 1502# else
ad4be4c3 1503 signal(SIGPIPE, SIG_IGN);
c139c1d6 1504# endif /* !SO_NOSIGPIPE */
ad4be4c3 1505#endif /* WIN32 */
3a193f5e 1506
ad4be4c3 1507#ifdef HAVE_GNUTLS
89813a30 1508 /*
1509 * Initialize GNU TLS...
1510 */
1511
ad4be4c3 1512 gnutls_global_init();
0542e38e 1513
89813a30 1514#elif defined(HAVE_LIBSSL)
1515 /*
1516 * Initialize OpenSSL...
1517 */
1518
ad4be4c3 1519 SSL_load_error_strings();
1520 SSL_library_init();
1521
1522 /*
1523 * Using the current time is a dubious random seed, but on some systems
1524 * it is the best we can do (on others, this seed isn't even used...)
1525 */
1526
89813a30 1527 CUPS_SRAND(time(NULL));
ad4be4c3 1528
1529 for (i = 0; i < sizeof(data); i ++)
89813a30 1530 data[i] = CUPS_RAND();
ad4be4c3 1531
1cbe03fe 1532 RAND_seed(data, sizeof(data));
89813a30 1533#endif /* HAVE_GNUTLS */
1534
1535 initialized = 1;
1536 _cupsGlobalUnlock();
3840d6ba 1537}
1538
1539
1540/*
ad4be4c3 1541 * 'httpOptions()' - Send an OPTIONS request to the server.
3840d6ba 1542 */
1543
50146867 1544int /* O - Status of call (0 = success) */
c73f649f 1545httpOptions(http_t *http, /* I - Connection to server */
ad4be4c3 1546 const char *uri) /* I - URI for options */
3840d6ba 1547{
ad4be4c3 1548 return (http_send(http, HTTP_OPTIONS, uri));
3840d6ba 1549}
1550
1551
fa7e8544 1552/*
1553 * '_httpPeek()' - Peek at data from a HTTP connection.
1554 *
1555 * This function copies available data from the given HTTP connection, reading
1556 * a buffer as needed. The data is still available for reading using
1557 * @link httpRead@ or @link httpRead2@.
1558 *
1559 * For non-blocking connections the usual timeouts apply.
1560 */
1561
1562ssize_t /* O - Number of bytes copied */
1563_httpPeek(http_t *http, /* I - Connection to server */
1564 char *buffer, /* I - Buffer for data */
1565 size_t length) /* I - Maximum number of bytes */
1566{
1567 ssize_t bytes; /* Bytes read */
1568 char len[32]; /* Length string */
1569
1570
1571 DEBUG_printf(("_httpPeek(http=%p, buffer=%p, length=" CUPS_LLFMT ")",
1572 http, buffer, CUPS_LLCAST length));
1573
1574 if (http == NULL || buffer == NULL)
1575 return (-1);
1576
1577 http->activity = time(NULL);
1578 http->error = 0;
1579
1580 if (length <= 0)
1581 return (0);
1582
1583 if (http->data_encoding == HTTP_ENCODE_CHUNKED &&
1584 http->data_remaining <= 0)
1585 {
1586 DEBUG_puts("2_httpPeek: Getting chunk length...");
1587
1588 if (httpGets(len, sizeof(len), http) == NULL)
1589 {
1590 DEBUG_puts("1_httpPeek: Could not get length!");
1591 return (0);
1592 }
1593
1594 http->data_remaining = strtoll(len, NULL, 16);
1595 if (http->data_remaining < 0)
1596 {
1597 DEBUG_puts("1_httpPeek: Negative chunk length!");
1598 return (0);
1599 }
1600 }
1601
1602 DEBUG_printf(("2_httpPeek: data_remaining=" CUPS_LLFMT,
1603 CUPS_LLCAST http->data_remaining));
1604
1605 if (http->data_remaining <= 0)
1606 {
1607 /*
1608 * A zero-length chunk ends a transfer; unless we are reading POST
1609 * data, go idle...
1610 */
1611
1612 if (http->data_encoding == HTTP_ENCODE_CHUNKED)
1613 httpGets(len, sizeof(len), http);
1614
1615 if (http->state == HTTP_POST_RECV)
1616 http->state ++;
1617 else
1618 http->state = HTTP_WAITING;
1619
1620 /*
1621 * Prevent future reads for this request...
1622 */
1623
1624 http->data_encoding = HTTP_ENCODE_LENGTH;
1625
1626 return (0);
1627 }
1628 else if (length > (size_t)http->data_remaining)
1629 length = (size_t)http->data_remaining;
1630
1631 if (http->used == 0)
1632 {
1633 /*
1634 * Buffer small reads for better performance...
1635 */
1636
1637 if (!http->blocking && !httpWait(http, 10000))
1638 return (0);
1639
1640 if (http->data_remaining > sizeof(http->buffer))
1641 bytes = sizeof(http->buffer);
1642 else
1643 bytes = http->data_remaining;
1644
1645#ifdef HAVE_SSL
1646 if (http->tls)
1647 bytes = http_read_ssl(http, http->buffer, bytes);
1648 else
1649#endif /* HAVE_SSL */
1650 {
1651 DEBUG_printf(("2_httpPeek: reading %d bytes from socket into buffer...",
1652 (int)bytes));
1653
1654 bytes = recv(http->fd, http->buffer, bytes, 0);
1655
1656 DEBUG_printf(("2_httpPeek: read %d bytes from socket into buffer...",
1657 (int)bytes));
1658 }
1659
1660 if (bytes > 0)
1661 http->used = bytes;
1662 else if (bytes < 0)
1663 {
1664#ifdef WIN32
6875feac 1665 if (WSAGetLastError() != WSAEINTR && WSAGetLastError() != WSAEWOULDBLOCK)
1666 {
1667 http->error = WSAGetLastError();
1668 return (-1);
1669 }
fa7e8544 1670#else
1671 if (errno != EINTR && errno != EAGAIN)
1672 {
1673 http->error = errno;
1674 return (-1);
1675 }
1676#endif /* WIN32 */
1677 }
1678 else
1679 {
1680 http->error = EPIPE;
1681 return (0);
1682 }
1683 }
1684
1685 if (http->used > 0)
1686 {
1687 if (length > (size_t)http->used)
1688 length = (size_t)http->used;
1689
1690 bytes = (ssize_t)length;
1691
1692 DEBUG_printf(("2_httpPeek: grabbing %d bytes from input buffer...",
1693 (int)bytes));
1694
1695 memcpy(buffer, http->buffer, length);
1696 }
1697 else
1698 bytes = 0;
1699
1700 if (bytes < 0)
1701 {
1702#ifdef WIN32
6875feac 1703 if (WSAGetLastError() == WSAEINTR || WSAGetLastError() == WSAEWOULDBLOCK)
1704 bytes = 0;
1705 else
1706 http->error = WSAGetLastError();
fa7e8544 1707#else
1708 if (errno == EINTR || errno == EAGAIN)
1709 bytes = 0;
1710 else
1711 http->error = errno;
1712#endif /* WIN32 */
1713 }
1714 else if (bytes == 0)
1715 {
1716 http->error = EPIPE;
1717 return (0);
1718 }
1719
1720#ifdef DEBUG
1721 http_debug_hex("_httpPeek", buffer, (int)bytes);
1722#endif /* DEBUG */
1723
1724 return (bytes);
1725}
1726
1727
69ee1496 1728/*
ad4be4c3 1729 * 'httpPost()' - Send a POST request to the server.
69ee1496 1730 */
1731
ad4be4c3 1732int /* O - Status of call (0 = success) */
c73f649f 1733httpPost(http_t *http, /* I - Connection to server */
ad4be4c3 1734 const char *uri) /* I - URI for post */
69ee1496 1735{
ad4be4c3 1736 return (http_send(http, HTTP_POST, uri));
69ee1496 1737}
1738
1739
e7bede57 1740/*
ad4be4c3 1741 * 'httpPrintf()' - Print a formatted string to a HTTP connection.
7fbf7fc4 1742 *
1743 * @private@
e7bede57 1744 */
1745
ad4be4c3 1746int /* O - Number of bytes written */
c73f649f 1747httpPrintf(http_t *http, /* I - Connection to server */
ad4be4c3 1748 const char *format, /* I - printf-style format string */
1749 ...) /* I - Additional args as needed */
e7bede57 1750{
ad4be4c3 1751 int bytes; /* Number of bytes to write */
1752 char buf[16384]; /* Buffer for formatted string */
1753 va_list ap; /* Variable argument pointer */
e7bede57 1754
1755
571af0ea 1756 DEBUG_printf(("2httpPrintf(http=%p, format=\"%s\", ...)", http, format));
e7bede57 1757
ad4be4c3 1758 va_start(ap, format);
1759 bytes = vsnprintf(buf, sizeof(buf), format, ap);
1760 va_end(ap);
e7bede57 1761
571af0ea 1762 DEBUG_printf(("3httpPrintf: %s", buf));
e7bede57 1763
f8699659 1764 if (http->data_encoding == HTTP_ENCODE_FIELDS)
1765 return (httpWrite2(http, buf, bytes));
1766 else
ed5ceafb 1767 {
f8699659 1768 if (http->wused)
1769 {
571af0ea 1770 DEBUG_puts("4httpPrintf: flushing existing data...");
ed5ceafb 1771
f8699659 1772 if (httpFlushWrite(http) < 0)
1773 return (-1);
1774 }
e7bede57 1775
f8699659 1776 return (http_write(http, buf, bytes));
1777 }
ad4be4c3 1778}
e7bede57 1779
e7bede57 1780
ad4be4c3 1781/*
1782 * 'httpPut()' - Send a PUT request to the server.
1783 */
e7bede57 1784
ad4be4c3 1785int /* O - Status of call (0 = success) */
c73f649f 1786httpPut(http_t *http, /* I - Connection to server */
ad4be4c3 1787 const char *uri) /* I - URI to put */
1788{
571af0ea 1789 DEBUG_printf(("httpPut(http=%p, uri=\"%s\")", http, uri));
ad4be4c3 1790 return (http_send(http, HTTP_PUT, uri));
e7bede57 1791}
1792
1793
3840d6ba 1794/*
50146867 1795 * 'httpRead()' - Read data from a HTTP connection.
00a1fad8 1796 *
1797 * This function is deprecated. Use the httpRead2() function which can
1798 * read more than 2GB of data.
1799 *
1800 * @deprecated@
3840d6ba 1801 */
1802
50146867 1803int /* O - Number of bytes read */
c73f649f 1804httpRead(http_t *http, /* I - Connection to server */
50146867 1805 char *buffer, /* I - Buffer for data */
1806 int length) /* I - Maximum number of bytes */
3840d6ba 1807{
00a1fad8 1808 return ((int)httpRead2(http, buffer, length));
1809}
1810
1811
1812/*
1813 * 'httpRead2()' - Read data from a HTTP connection.
7fbf7fc4 1814 *
373b3e5f 1815 * @since CUPS 1.2/Mac OS X 10.5@
00a1fad8 1816 */
1817
1818ssize_t /* O - Number of bytes read */
c73f649f 1819httpRead2(http_t *http, /* I - Connection to server */
00a1fad8 1820 char *buffer, /* I - Buffer for data */
1821 size_t length) /* I - Maximum number of bytes */
1822{
1823 ssize_t bytes; /* Bytes read */
50146867 1824 char len[32]; /* Length string */
3840d6ba 1825
1826
571af0ea 1827 DEBUG_printf(("httpRead2(http=%p, buffer=%p, length=" CUPS_LLFMT ")",
788086c8 1828 http, buffer, CUPS_LLCAST length));
4a73831b 1829
50146867 1830 if (http == NULL || buffer == NULL)
1831 return (-1);
3840d6ba 1832
50146867 1833 http->activity = time(NULL);
3eecd6f5 1834 http->error = 0;
3840d6ba 1835
50146867 1836 if (length <= 0)
1837 return (0);
fd8b1cf8 1838
0542e38e 1839 if (http->data_encoding == HTTP_ENCODE_CHUNKED &&
5e879034 1840 http->data_remaining <= 0)
50146867 1841 {
571af0ea 1842 DEBUG_puts("2httpRead2: Getting chunk length...");
5e879034 1843
50146867 1844 if (httpGets(len, sizeof(len), http) == NULL)
5e879034 1845 {
571af0ea 1846 DEBUG_puts("1httpRead2: Could not get length!");
50146867 1847 return (0);
5e879034 1848 }
3840d6ba 1849
1479646d 1850 http->data_remaining = strtoll(len, NULL, 16);
901b295d 1851 if (http->data_remaining < 0)
1852 {
571af0ea 1853 DEBUG_puts("1httpRead2: Negative chunk length!");
901b295d 1854 return (0);
1855 }
50146867 1856 }
3840d6ba 1857
571af0ea 1858 DEBUG_printf(("2httpRead2: data_remaining=" CUPS_LLFMT,
352ab579 1859 CUPS_LLCAST http->data_remaining));
4a73831b 1860
901b295d 1861 if (http->data_remaining <= 0)
3840d6ba 1862 {
50146867 1863 /*
1864 * A zero-length chunk ends a transfer; unless we are reading POST
1865 * data, go idle...
1866 */
f736c0e3 1867
5e879034 1868 if (http->data_encoding == HTTP_ENCODE_CHUNKED)
4355fb2f 1869 httpGets(len, sizeof(len), http);
1870
50146867 1871 if (http->state == HTTP_POST_RECV)
1872 http->state ++;
1873 else
1874 http->state = HTTP_WAITING;
3840d6ba 1875
9b4bc2a5 1876 /*
1877 * Prevent future reads for this request...
1878 */
1879
1880 http->data_encoding = HTTP_ENCODE_LENGTH;
1881
50146867 1882 return (0);
1883 }
d220c7b8 1884 else if (length > (size_t)http->data_remaining)
1885 length = (size_t)http->data_remaining;
50146867 1886
753453e4 1887 if (http->used == 0 && length <= 256)
1888 {
1889 /*
1890 * Buffer small reads for better performance...
1891 */
1892
423f98c0 1893 if (!http->blocking && !httpWait(http, 10000))
e8e7f1b2 1894 return (0);
1895
753453e4 1896 if (http->data_remaining > sizeof(http->buffer))
1897 bytes = sizeof(http->buffer);
1898 else
1899 bytes = http->data_remaining;
1900
bcf61448 1901#ifdef HAVE_SSL
753453e4 1902 if (http->tls)
bcf61448 1903 bytes = http_read_ssl(http, http->buffer, bytes);
753453e4 1904 else
bcf61448 1905#endif /* HAVE_SSL */
753453e4 1906 {
571af0ea 1907 DEBUG_printf(("2httpRead2: reading %d bytes from socket into buffer...",
788086c8 1908 (int)bytes));
753453e4 1909
1910 bytes = recv(http->fd, http->buffer, bytes, 0);
1911
571af0ea 1912 DEBUG_printf(("2httpRead2: read %d bytes from socket into buffer...",
788086c8 1913 (int)bytes));
753453e4 1914 }
1915
1916 if (bytes > 0)
1917 http->used = bytes;
1918 else if (bytes < 0)
1919 {
c3026ddc 1920#ifdef WIN32
a3aff7d2 1921 if (WSAGetLastError() != WSAEINTR)
6875feac 1922 {
1923 http->error = WSAGetLastError();
1924 return (-1);
1925 }
a3aff7d2 1926 else if (WSAGetLastError() == WSAEWOULDBLOCK)
1927 {
1928 if (!http->timeout_cb || !(*http->timeout_cb)(http, http->timeout_data))
1929 {
1930 http->error = WSAEWOULDBLOCK;
1931 return (-1);
1932 }
1933 }
753453e4 1934#else
a3aff7d2 1935 if (errno == EWOULDBLOCK || errno == EAGAIN)
1936 {
3904b81e 1937 if (http->timeout_cb && !(*http->timeout_cb)(http, http->timeout_data))
1938 {
1939 http->error = errno;
1940 return (-1);
1941 }
1942 else if (!http->timeout_cb && errno != EAGAIN)
a3aff7d2 1943 {
1944 http->error = errno;
1945 return (-1);
1946 }
1947 }
1948 else if (errno != EINTR)
bdbaa675 1949 {
1950 http->error = errno;
1951 return (-1);
1952 }
c3026ddc 1953#endif /* WIN32 */
753453e4 1954 }
e8e7f1b2 1955 else
92e48f04 1956 {
1957 http->error = EPIPE;
753453e4 1958 return (0);
92e48f04 1959 }
753453e4 1960 }
1961
0542e38e 1962 if (http->used > 0)
50146867 1963 {
d220c7b8 1964 if (length > (size_t)http->used)
1965 length = (size_t)http->used;
3840d6ba 1966
d220c7b8 1967 bytes = (ssize_t)length;
0542e38e 1968
571af0ea 1969 DEBUG_printf(("2httpRead2: grabbing %d bytes from input buffer...",
788086c8 1970 (int)bytes));
4a73831b 1971
0542e38e 1972 memcpy(buffer, http->buffer, length);
d220c7b8 1973 http->used -= (int)length;
0542e38e 1974
1975 if (http->used > 0)
dfac1292 1976 memmove(http->buffer, http->buffer + length, http->used);
50146867 1977 }
bcf61448 1978#ifdef HAVE_SSL
a75c006a 1979 else if (http->tls)
5cbd6e60 1980 {
423f98c0 1981 if (!http->blocking && !httpWait(http, 10000))
5cbd6e60 1982 return (0);
1983
35e7de17 1984 bytes = (ssize_t)http_read_ssl(http, buffer, (int)length);
5cbd6e60 1985 }
bcf61448 1986#endif /* HAVE_SSL */
0542e38e 1987 else
4a73831b 1988 {
423f98c0 1989 if (!http->blocking && !httpWait(http, 10000))
92e48f04 1990 return (0);
e8e7f1b2 1991
571af0ea 1992 DEBUG_printf(("2httpRead2: reading " CUPS_LLFMT " bytes from socket...",
788086c8 1993 CUPS_LLCAST length));
81566a54 1994
d220c7b8 1995#ifdef WIN32
a3aff7d2 1996 while ((bytes = (ssize_t)recv(http->fd, buffer, (int)length, 0)) < 0)
1997 {
1998 if (WSAGetLastError() == WSAEWOULDBLOCK)
1999 {
2000 if (!http->timeout_cb || !(*http->timeout_cb)(http, http->timeout_data))
2001 break;
2002 }
2003 else if (WSAGetLastError() != WSAEINTR)
6875feac 2004 break;
a3aff7d2 2005 }
d220c7b8 2006#else
81566a54 2007 while ((bytes = recv(http->fd, buffer, length, 0)) < 0)
a3aff7d2 2008 {
2009 if (errno == EWOULDBLOCK || errno == EAGAIN)
2010 {
3904b81e 2011 if (http->timeout_cb && !(*http->timeout_cb)(http, http->timeout_data))
2012 break;
2013 else if (!http->timeout_cb && errno != EAGAIN)
a3aff7d2 2014 break;
2015 }
2016 else if (errno != EINTR)
81566a54 2017 break;
a3aff7d2 2018 }
d220c7b8 2019#endif /* WIN32 */
81566a54 2020
571af0ea 2021 DEBUG_printf(("2httpRead2: read " CUPS_LLFMT " bytes from socket...",
788086c8 2022 CUPS_LLCAST bytes));
4a73831b 2023 }
3840d6ba 2024
0542e38e 2025 if (bytes > 0)
1479646d 2026 {
0542e38e 2027 http->data_remaining -= bytes;
1479646d 2028
2029 if (http->data_remaining <= INT_MAX)
2030 http->_data_remaining = (int)http->data_remaining;
2031 else
2032 http->_data_remaining = INT_MAX;
2033 }
0bf5ae82 2034 else if (bytes < 0)
bdbaa675 2035 {
c3026ddc 2036#ifdef WIN32
a3aff7d2 2037 if (WSAGetLastError() == WSAEINTR)
6875feac 2038 bytes = 0;
2039 else
2040 http->error = WSAGetLastError();
977acbd3 2041#else
3904b81e 2042 if (errno == EINTR || (errno == EAGAIN && !http->timeout_cb))
bdbaa675 2043 bytes = 0;
2044 else
2045 http->error = errno;
c3026ddc 2046#endif /* WIN32 */
bdbaa675 2047 }
e8e7f1b2 2048 else
92e48f04 2049 {
2050 http->error = EPIPE;
e8e7f1b2 2051 return (0);
92e48f04 2052 }
0542e38e 2053
4355fb2f 2054 if (http->data_remaining == 0)
4a73831b 2055 {
5e879034 2056 if (http->data_encoding == HTTP_ENCODE_CHUNKED)
4355fb2f 2057 httpGets(len, sizeof(len), http);
2058
2059 if (http->data_encoding != HTTP_ENCODE_CHUNKED)
2060 {
2061 if (http->state == HTTP_POST_RECV)
2062 http->state ++;
2063 else
2064 http->state = HTTP_WAITING;
2065 }
4a73831b 2066 }
2067
0f33610c 2068#ifdef DEBUG
7e66bf84 2069 http_debug_hex("httpRead2", buffer, (int)bytes);
0f33610c 2070#endif /* DEBUG */
ad4be4c3 2071
2072 return (bytes);
50146867 2073}
2074
2075
fe3f3c8c 2076#if defined(HAVE_SSL) && defined(HAVE_CDSASSL)
2077/*
d774b661 2078 * '_httpReadCDSA()' - Read function for the CDSA library.
fe3f3c8c 2079 */
2080
2081OSStatus /* O - -1 on error, 0 on success */
2082_httpReadCDSA(
2083 SSLConnectionRef connection, /* I - SSL/TLS connection */
2084 void *data, /* I - Data buffer */
2085 size_t *dataLength) /* IO - Number of bytes */
2086{
dea2eff8 2087 OSStatus result; /* Return value */
2088 ssize_t bytes; /* Number of bytes read */
2089 http_t *http; /* HTTP connection */
2090
7e826c4a 2091
dea2eff8 2092 http = (http_t *)connection;
7e826c4a 2093
dea2eff8 2094 if (!http->blocking)
2095 {
2096 /*
2097 * Make sure we have data before we read...
2098 */
2099
da97a504 2100 if (!_httpWait(http, 10000, 0))
dea2eff8 2101 {
2102 http->error = ETIMEDOUT;
2103 return (-1);
2104 }
2105 }
fe3f3c8c 2106
df79d570 2107 do
dea2eff8 2108 {
2109 bytes = recv(http->fd, data, *dataLength, 0);
2110 }
d819e02f 2111 while (bytes == -1 && (errno == EINTR || errno == EAGAIN));
c139c1d6 2112
df79d570 2113 if (bytes == *dataLength)
dea2eff8 2114 {
df79d570 2115 result = 0;
dea2eff8 2116 }
df79d570 2117 else if (bytes > 0)
2118 {
2119 *dataLength = bytes;
2120 result = errSSLWouldBlock;
2121 }
2122 else
2123 {
2124 *dataLength = 0;
c139c1d6 2125
2126 if (bytes == 0)
91679419 2127 result = errSSLClosedGraceful;
df79d570 2128 else if (errno == EAGAIN)
2129 result = errSSLWouldBlock;
df79d570 2130 else
91679419 2131 result = errSSLClosedAbort;
fe3f3c8c 2132 }
df79d570 2133
dea2eff8 2134 return (result);
fe3f3c8c 2135}
2136#endif /* HAVE_SSL && HAVE_CDSASSL */
2137
2138
d774b661 2139#if defined(HAVE_SSL) && defined(HAVE_GNUTLS)
2140/*
2141 * '_httpReadGNUTLS()' - Read function for the GNU TLS library.
2142 */
2143
2144ssize_t /* O - Number of bytes read or -1 on error */
2145_httpReadGNUTLS(
c73f649f 2146 gnutls_transport_ptr ptr, /* I - Connection to server */
d774b661 2147 void *data, /* I - Buffer */
2148 size_t length) /* I - Number of bytes to read */
2149{
2150 http_t *http; /* HTTP connection */
2151
2152
2153 http = (http_t *)ptr;
2154
2155 if (!http->blocking)
2156 {
2157 /*
2158 * Make sure we have data before we read...
2159 */
2160
da97a504 2161 if (!_httpWait(http, 10000, 0))
d774b661 2162 {
2163 http->error = ETIMEDOUT;
2164 return (-1);
2165 }
2166 }
2167
2168 return (recv(http->fd, data, length, 0));
2169}
2170#endif /* HAVE_SSL && HAVE_GNUTLS */
2171
2172
50146867 2173/*
7fbf7fc4 2174 * 'httpReconnect()' - Reconnect to a HTTP server.
50146867 2175 */
2176
ad4be4c3 2177int /* O - 0 on success, non-zero on failure */
c73f649f 2178httpReconnect(http_t *http) /* I - Connection to server */
50146867 2179{
086c584d 2180 http_addrlist_t *addr; /* Connected address */
bb235d9a 2181#ifdef DEBUG
2182 http_addrlist_t *current; /* Current address */
2183 char temp[256]; /* Temporary address string */
2184#endif /* DEBUG */
50146867 2185
2186
571af0ea 2187 DEBUG_printf(("httpReconnect(http=%p)", http));
4a73831b 2188
ad4be4c3 2189 if (!http)
2190 return (-1);
2191
2192#ifdef HAVE_SSL
2193 if (http->tls)
488cffad 2194 {
571af0ea 2195 DEBUG_puts("2httpReconnect: Shutting down SSL/TLS...");
ad4be4c3 2196 http_shutdown_ssl(http);
488cffad 2197 }
ad4be4c3 2198#endif /* HAVE_SSL */
50146867 2199
2200 /*
ad4be4c3 2201 * Close any previously open socket...
50146867 2202 */
2203
ad4be4c3 2204 if (http->fd >= 0)
926aa697 2205 {
571af0ea 2206 DEBUG_printf(("2httpReconnect: Closing socket %d...", http->fd));
488cffad 2207
c3026ddc 2208#ifdef WIN32
ad4be4c3 2209 closesocket(http->fd);
977acbd3 2210#else
ad4be4c3 2211 close(http->fd);
c3026ddc 2212#endif /* WIN32 */
f5174332 2213
926aa697 2214 http->fd = -1;
2215 }
2216
50146867 2217 /*
ad4be4c3 2218 * Connect to the server...
50146867 2219 */
50146867 2220
bb235d9a 2221#ifdef DEBUG
2222 for (current = http->addrlist; current; current = current->next)
571af0ea 2223 DEBUG_printf(("2httpReconnect: Address %s:%d",
bb235d9a 2224 httpAddrString(&(current->addr), temp, sizeof(temp)),
2225 _httpAddrPort(&(current->addr))));
2226#endif /* DEBUG */
2227
086c584d 2228 if ((addr = httpAddrConnect(http->addrlist, &(http->fd))) == NULL)
584886cb 2229 {
086c584d 2230 /*
2231 * Unable to connect...
2232 */
2233
ad4be4c3 2234#ifdef WIN32
2235 http->error = WSAGetLastError();
2236#else
2237 http->error = errno;
2238#endif /* WIN32 */
2239 http->status = HTTP_ERROR;
50146867 2240
571af0ea 2241 DEBUG_printf(("1httpReconnect: httpAddrConnect failed: %s",
488cffad 2242 strerror(http->error)));
2243
ad4be4c3 2244 return (-1);
e7bede57 2245 }
2246
571af0ea 2247 DEBUG_printf(("2httpReconnect: New socket=%d", http->fd));
488cffad 2248
a3aff7d2 2249 if (http->timeout_value.tv_sec > 0)
2250 {
00c238ad 2251#ifdef WIN32
2252 DWORD timeout_value = http->timeout_value.tv_sec * 1000 +
2253 http->timeout_value.tv_usec / 1000;
2254 /* Timeout in milliseconds */
2255
2256 setsockopt(http->fd, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout_value,
2257 sizeof(timeout_value));
2258 setsockopt(http->fd, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout_value,
2259 sizeof(timeout_value));
2260#else
a3aff7d2 2261 setsockopt(http->fd, SOL_SOCKET, SO_RCVTIMEO, &(http->timeout_value),
2262 sizeof(http->timeout_value));
2263 setsockopt(http->fd, SOL_SOCKET, SO_SNDTIMEO, &(http->timeout_value),
2264 sizeof(http->timeout_value));
00c238ad 2265#endif /* WIN32 */
a3aff7d2 2266 }
2267
086c584d 2268 http->hostaddr = &(addr->addr);
2269 http->error = 0;
2270 http->status = HTTP_CONTINUE;
e7bede57 2271
bcf61448 2272#ifdef HAVE_SSL
ad4be4c3 2273 if (http->encryption == HTTP_ENCRYPT_ALWAYS)
2274 {
2275 /*
2276 * Always do encryption via SSL.
2277 */
a75c006a 2278
ad4be4c3 2279 if (http_setup_ssl(http) != 0)
bdbaa675 2280 {
06c2f3d6 2281# ifdef WIN32
ad4be4c3 2282 closesocket(http->fd);
06c2f3d6 2283# else
ad4be4c3 2284 close(http->fd);
06c2f3d6 2285# endif /* WIN32 */
bdbaa675 2286
1118e338 2287 return (-1);
bdbaa675 2288 }
a75c006a 2289 }
ad4be4c3 2290 else if (http->encryption == HTTP_ENCRYPT_REQUIRED)
2291 return (http_upgrade(http));
2292#endif /* HAVE_SSL */
1118e338 2293
571af0ea 2294 DEBUG_printf(("1httpReconnect: Connected to %s:%d...",
bb235d9a 2295 httpAddrString(http->hostaddr, temp, sizeof(temp)),
2296 _httpAddrPort(http->hostaddr)));
2297
ad4be4c3 2298 return (0);
50146867 2299}
2300
2301
185977be 2302/*
2303 * 'httpSetAuthString()' - Set the current authorization string.
2304 *
2305 * This function just stores a copy of the current authorization string in
2306 * the HTTP connection object. You must still call httpSetField() to set
2307 * HTTP_FIELD_AUTHORIZATION prior to issuing a HTTP request using httpGet(),
2308 * httpHead(), httpOptions(), httpPost, or httpPut().
2309 *
373b3e5f 2310 * @since CUPS 1.3/Mac OS X 10.5@
185977be 2311 */
2312
2313void
c73f649f 2314httpSetAuthString(http_t *http, /* I - Connection to server */
185977be 2315 const char *scheme, /* I - Auth scheme (NULL to clear it) */
2316 const char *data) /* I - Auth data (NULL for none) */
2317{
2318 /*
2319 * Range check input...
2320 */
2321
2322 if (!http)
2323 return;
2324
2325 if (http->authstring && http->authstring != http->_authstring)
185977be 2326 free(http->authstring);
cd3af755 2327
2328 http->authstring = http->_authstring;
185977be 2329
2330 if (scheme)
2331 {
2332 /*
2333 * Set the current authorization string...
2334 */
2335
2336 int len = (int)strlen(scheme) + (data ? (int)strlen(data) + 1 : 0) + 1;
09751e0f 2337 char *temp;
185977be 2338
2339 if (len > (int)sizeof(http->_authstring))
09751e0f 2340 {
2341 if ((temp = malloc(len)) == NULL)
2342 len = sizeof(http->_authstring);
2343 else
2344 http->authstring = temp;
2345 }
185977be 2346
2347 if (data)
2348 snprintf(http->authstring, len, "%s %s", scheme, data);
2349 else
2350 strlcpy(http->authstring, scheme, len);
2351 }
2352 else
2353 {
2354 /*
2355 * Clear the current authorization string...
2356 */
2357
2358 http->_authstring[0] = '\0';
2359 }
2360}
2361
2362
b9738d7c 2363/*
2364 * 'httpSetCredentials()' - Set the credentials associated with an encrypted
2365 * connection.
2366 *
a1a2e89a 2367 * @since CUPS 1.5/Mac OS X 10.7@
b9738d7c 2368 */
2369
2370int /* O - Status of call (0 = success) */
2371httpSetCredentials(http_t *http, /* I - Connection to server */
2372 cups_array_t *credentials) /* I - Array of credentials */
2373{
2374 if (!http || cupsArrayCount(credentials) < 1)
2375 return (-1);
2376
2377 _httpFreeCredentials(http->tls_credentials);
2378
2379 http->tls_credentials = _httpConvertCredentials(credentials);
2380
2381 return (http->tls_credentials ? 0 : -1);
2382}
2383
2384
50146867 2385/*
89813a30 2386 * 'httpSetCookie()' - Set the cookie value(s).
c94f4aa9 2387 *
373b3e5f 2388 * @since CUPS 1.1.19/Mac OS X 10.3@
50146867 2389 */
2390
ad4be4c3 2391void
2392httpSetCookie(http_t *http, /* I - Connection */
2393 const char *cookie) /* I - Cookie string */
50146867 2394{
ad4be4c3 2395 if (!http)
2396 return;
50146867 2397
ad4be4c3 2398 if (http->cookie)
2399 free(http->cookie);
50146867 2400
ad4be4c3 2401 if (cookie)
2402 http->cookie = strdup(cookie);
2403 else
2404 http->cookie = NULL;
af175786 2405}
2406
2407
d834148f 2408/*
2409 * 'httpSetExpect()' - Set the Expect: header in a request.
2410 *
2411 * Currently only HTTP_CONTINUE is supported for the "expect" argument.
2412 *
373b3e5f 2413 * @since CUPS 1.2/Mac OS X 10.5@
d834148f 2414 */
2415
2416void
c73f649f 2417httpSetExpect(http_t *http, /* I - Connection to server */
d834148f 2418 http_status_t expect) /* I - HTTP status to expect (HTTP_CONTINUE) */
2419{
2420 if (http)
2421 http->expect = expect;
2422}
2423
2424
af175786 2425/*
ad4be4c3 2426 * 'httpSetField()' - Set the value of an HTTP header.
af175786 2427 */
2428
ad4be4c3 2429void
c73f649f 2430httpSetField(http_t *http, /* I - Connection to server */
ad4be4c3 2431 http_field_t field, /* I - Field index */
2432 const char *value) /* I - Value */
af175786 2433{
ad4be4c3 2434 if (http == NULL ||
2435 field < HTTP_FIELD_ACCEPT_LANGUAGE ||
2436 field > HTTP_FIELD_WWW_AUTHENTICATE ||
2437 value == NULL)
2438 return;
50146867 2439
ad4be4c3 2440 strlcpy(http->fields[field], value, HTTP_MAX_VALUE);
cf94bcb1 2441
cf94bcb1 2442 if (field == HTTP_FIELD_AUTHORIZATION)
2443 {
96f8a53a 2444 /*
2445 * Special case for Authorization: as its contents can be
2446 * longer than HTTP_MAX_VALUE
2447 */
2448
cf94bcb1 2449 if (http->field_authorization)
2450 free(http->field_authorization);
2451
2452 http->field_authorization = strdup(value);
2453 }
96f8a53a 2454 else if (field == HTTP_FIELD_HOST)
2455 {
2456 /*
c1a42538 2457 * Special-case for Host: as we don't want a trailing "." on the hostname and
2458 * need to bracket IPv6 numeric addresses.
96f8a53a 2459 */
2460
794e413e 2461 char *ptr = strchr(value, ':');
2462
2463 if (value[0] != '[' && ptr && strchr(ptr + 1, ':'))
c1a42538 2464 {
2465 /*
2466 * Bracket IPv6 numeric addresses...
2467 *
2468 * This is slightly inefficient (basically copying twice), but is an edge
2469 * case and not worth optimizing...
2470 */
96f8a53a 2471
c1a42538 2472 snprintf(http->fields[HTTP_FIELD_HOST],
2473 sizeof(http->fields[HTTP_FIELD_HOST]), "[%s]", value);
2474 }
2475 else
96f8a53a 2476 {
c1a42538 2477 /*
2478 * Check for a trailing dot on the hostname...
2479 */
2480
41db0920 2481 ptr = http->fields[HTTP_FIELD_HOST];
96f8a53a 2482
c1a42538 2483 if (*ptr)
2484 {
2485 ptr += strlen(ptr) - 1;
2486
2487 if (*ptr == '.')
2488 *ptr = '\0';
2489 }
96f8a53a 2490 }
2491 }
50146867 2492}
2493
2494
1479646d 2495/*
2496 * 'httpSetLength()' - Set the content-length and content-encoding.
c94f4aa9 2497 *
373b3e5f 2498 * @since CUPS 1.2/Mac OS X 10.5@
1479646d 2499 */
2500
2501void
c73f649f 2502httpSetLength(http_t *http, /* I - Connection to server */
b296d7d9 2503 size_t length) /* I - Length (0 for chunked) */
1479646d 2504{
b296d7d9 2505 if (!http)
1479646d 2506 return;
2507
2508 if (!length)
2509 {
2510 strcpy(http->fields[HTTP_FIELD_TRANSFER_ENCODING], "chunked");
2511 http->fields[HTTP_FIELD_CONTENT_LENGTH][0] = '\0';
2512 }
2513 else
2514 {
2515 http->fields[HTTP_FIELD_TRANSFER_ENCODING][0] = '\0';
2516 snprintf(http->fields[HTTP_FIELD_CONTENT_LENGTH], HTTP_MAX_VALUE,
2517 CUPS_LLFMT, CUPS_LLCAST length);
2518 }
2519}
2520
2521
a3aff7d2 2522/*
2523 * '_httpSetTimeout()' - Set read/write timeouts and an optional callback.
2524 *
2525 * The optional timeout callback receives both the HTTP connection and a user
2526 * data pointer and must return 1 to continue or 0 to error out.
2527 */
2528
2529void
2530_httpSetTimeout(
2531 http_t *http, /* I - Connection to server */
2532 double timeout, /* I - Number of seconds for timeout,
2533 must be greater than 0 */
d58762c2 2534 _http_timeout_cb_t cb, /* I - Callback function or NULL */
a3aff7d2 2535 void *user_data) /* I - User data pointer */
2536{
2537 if (!http || timeout <= 0.0)
2538 return;
2539
2540 http->timeout_cb = cb;
2541 http->timeout_data = user_data;
2542 http->timeout_value.tv_sec = (int)timeout;
2543 http->timeout_value.tv_usec = (int)(timeout * 1000000) % 1000000;
2544
2545 if (http->fd >= 0)
2546 {
00c238ad 2547#ifdef WIN32
2548 DWORD timeout_value = http->timeout_value.tv_sec * 1000 +
2549 http->timeout_value.tv_usec / 1000;
2550 /* Timeout in milliseconds */
2551
2552 setsockopt(http->fd, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout_value,
2553 sizeof(timeout_value));
2554 setsockopt(http->fd, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout_value,
2555 sizeof(timeout_value));
2556#else
a3aff7d2 2557 setsockopt(http->fd, SOL_SOCKET, SO_RCVTIMEO, &(http->timeout_value),
2558 sizeof(http->timeout_value));
2559 setsockopt(http->fd, SOL_SOCKET, SO_SNDTIMEO, &(http->timeout_value),
2560 sizeof(http->timeout_value));
00c238ad 2561#endif /* WIN32 */
a3aff7d2 2562 }
2563}
2564
2565
50146867 2566/*
ad4be4c3 2567 * 'httpTrace()' - Send an TRACE request to the server.
50146867 2568 */
2569
ad4be4c3 2570int /* O - Status of call (0 = success) */
c73f649f 2571httpTrace(http_t *http, /* I - Connection to server */
ad4be4c3 2572 const char *uri) /* I - URI for trace */
50146867 2573{
ad4be4c3 2574 return (http_send(http, HTTP_TRACE, uri));
50146867 2575}
2576
2577
2578/*
205bf9e8 2579 * '_httpUpdate()' - Update the current HTTP status for incoming data.
2580 *
2581 * Note: Unlike httpUpdate(), this function does not flush pending write data
2582 * and only retrieves a single status line from the HTTP connection.
50146867 2583 */
2584
205bf9e8 2585int /* O - 1 to continue, 0 to stop */
2586_httpUpdate(http_t *http, /* I - Connection to server */
2587 http_status_t *status) /* O - Current HTTP status */
50146867 2588{
af6dfa48 2589 char line[32768], /* Line from connection... */
a8374e1e 2590 *value; /* Pointer to value on line */
2591 http_field_t field; /* Field index */
205bf9e8 2592 int major, minor; /* HTTP version numbers */
50146867 2593
50146867 2594
205bf9e8 2595 DEBUG_printf(("_httpUpdate(http=%p, status=%p), state=%s", http, status,
3917d198 2596 http_states[http->state]));
4a73831b 2597
e7bede57 2598 /*
205bf9e8 2599 * Grab a single line from the connection...
e7bede57 2600 */
2601
205bf9e8 2602 if (!httpGets(line, sizeof(line), http))
ed5ceafb 2603 {
205bf9e8 2604 *status = HTTP_ERROR;
2605 return (0);
ed5ceafb 2606 }
e7bede57 2607
205bf9e8 2608 DEBUG_printf(("2_httpUpdate: Got \"%s\"", line));
3840d6ba 2609
205bf9e8 2610 if (line[0] == '\0')
fd8b1cf8 2611 {
205bf9e8 2612 /*
2613 * Blank line means the start of the data section (if any). Return
2614 * the result code, too...
2615 *
2616 * If we get status 100 (HTTP_CONTINUE), then we *don't* change states.
2617 * Instead, we just return HTTP_CONTINUE to the caller and keep on
2618 * tryin'...
2619 */
9ae9d67c 2620
205bf9e8 2621 if (http->status == HTTP_CONTINUE)
fd8b1cf8 2622 {
205bf9e8 2623 *status = http->status;
2624 return (0);
2625 }
11b9b0d7 2626
205bf9e8 2627 if (http->status < HTTP_BAD_REQUEST)
2628 http->digest_tries = 0;
cda1bd04 2629
bcf61448 2630#ifdef HAVE_SSL
205bf9e8 2631 if (http->status == HTTP_SWITCHING_PROTOCOLS && !http->tls)
2632 {
2633 if (http_setup_ssl(http) != 0)
a75c006a 2634 {
bcf61448 2635# ifdef WIN32
205bf9e8 2636 closesocket(http->fd);
bcf61448 2637# else
205bf9e8 2638 close(http->fd);
bcf61448 2639# endif /* WIN32 */
a75c006a 2640
205bf9e8 2641 *status = http->status = HTTP_ERROR;
2642 return (0);
a75c006a 2643 }
205bf9e8 2644
2645 *status = HTTP_CONTINUE;
2646 return (0);
2647 }
bcf61448 2648#endif /* HAVE_SSL */
a75c006a 2649
205bf9e8 2650 httpGetLength2(http);
0542e38e 2651
205bf9e8 2652 switch (http->state)
2653 {
2654 case HTTP_GET :
2655 case HTTP_POST :
2656 case HTTP_POST_RECV :
2657 case HTTP_PUT :
2658 http->state ++;
2659 case HTTP_POST_SEND :
2660 case HTTP_HEAD :
2661 break;
a8374e1e 2662
205bf9e8 2663 default :
2664 http->state = HTTP_WAITING;
2665 break;
fd8b1cf8 2666 }
205bf9e8 2667
2668 *status = http->status;
2669 return (0);
2670 }
2671 else if (!strncmp(line, "HTTP/", 5))
2672 {
2673 /*
2674 * Got the beginning of a response...
2675 */
2676
2677 int intstatus; /* Status value as an integer */
2678
2679 if (sscanf(line, "HTTP/%d.%d%d", &major, &minor, &intstatus) != 3)
2680 {
2681 *status = http->status = HTTP_ERROR;
2682 return (0);
2683 }
2684
2685 http->version = (http_version_t)(major * 100 + minor);
2686 *status = http->status = (http_status_t)intstatus;
2687 }
2688 else if ((value = strchr(line, ':')) != NULL)
2689 {
2690 /*
2691 * Got a value...
2692 */
2693
2694 *value++ = '\0';
2695 while (_cups_isspace(*value))
2696 value ++;
2697
2698 /*
2699 * Be tolerants of servers that send unknown attribute fields...
2700 */
2701
2702 if (!strcasecmp(line, "expect"))
fd8b1cf8 2703 {
2704 /*
205bf9e8 2705 * "Expect: 100-continue" or similar...
fd8b1cf8 2706 */
2707
205bf9e8 2708 http->expect = (http_status_t)atoi(value);
fd8b1cf8 2709 }
205bf9e8 2710 else if (!strcasecmp(line, "cookie"))
3840d6ba 2711 {
a8374e1e 2712 /*
205bf9e8 2713 * "Cookie: name=value[; name=value ...]" - replaces previous cookies...
a8374e1e 2714 */
3a193f5e 2715
205bf9e8 2716 httpSetCookie(http, value);
2717 }
2718 else if ((field = http_field(line)) != HTTP_FIELD_UNKNOWN)
2719 httpSetField(http, field, value);
2720#ifdef DEBUG
2721 else
2722 DEBUG_printf(("1_httpUpdate: unknown field %s seen!", line));
2723#endif /* DEBUG */
2724 }
2725 else
2726 {
2727 DEBUG_printf(("1_httpUpdate: Bad response line \"%s\"!", line));
2728 *status = http->status = HTTP_ERROR;
2729 return (0);
2730 }
a8374e1e 2731
205bf9e8 2732 return (1);
2733}
0d1f75a3 2734
d40085f1 2735
205bf9e8 2736/*
2737 * 'httpUpdate()' - Update the current HTTP state for incoming data.
2738 */
d40085f1 2739
205bf9e8 2740http_status_t /* O - HTTP status */
2741httpUpdate(http_t *http) /* I - Connection to server */
2742{
2743 http_status_t status; /* Request status */
2744
2745
2746 DEBUG_printf(("httpUpdate(http=%p), state=%s", http,
2747 http_states[http->state]));
2748
2749 /*
2750 * Flush pending data, if any...
2751 */
2752
2753 if (http->wused)
2754 {
2755 DEBUG_puts("2httpUpdate: flushing buffer...");
2756
2757 if (httpFlushWrite(http) < 0)
a8374e1e 2758 return (HTTP_ERROR);
fd8b1cf8 2759 }
3840d6ba 2760
205bf9e8 2761 /*
2762 * If we haven't issued any commands, then there is nothing to "update"...
2763 */
2764
2765 if (http->state == HTTP_WAITING)
2766 return (HTTP_CONTINUE);
2767
2768 /*
2769 * Grab all of the lines we can from the connection...
2770 */
2771
2772 while (_httpUpdate(http, &status));
2773
4e8f6c6a 2774 /*
2775 * See if there was an error...
2776 */
2777
7e736f7d 2778 if (http->error == EPIPE && http->status > HTTP_CONTINUE)
571af0ea 2779 {
2780 DEBUG_printf(("1httpUpdate: Returning status %d...", http->status));
7e736f7d 2781 return (http->status);
571af0ea 2782 }
7e736f7d 2783
0bf5ae82 2784 if (http->error)
f44afac9 2785 {
571af0ea 2786 DEBUG_printf(("1httpUpdate: socket error %d - %s", http->error,
4cdd993e 2787 strerror(http->error)));
f44afac9 2788 http->status = HTTP_ERROR;
4e8f6c6a 2789 return (HTTP_ERROR);
f44afac9 2790 }
4e8f6c6a 2791
3840d6ba 2792 /*
205bf9e8 2793 * Return the current status...
3840d6ba 2794 */
2795
205bf9e8 2796 return (status);
3840d6ba 2797}
2798
2799
da97a504 2800/*
2801 * '_httpWait()' - Wait for data available on a connection (no flush).
2802 */
2803
2804int /* O - 1 if data is available, 0 otherwise */
2805_httpWait(http_t *http, /* I - Connection to server */
2806 int msec, /* I - Milliseconds to wait */
2807 int usessl) /* I - Use SSL context? */
2808{
2809#ifdef HAVE_POLL
2810 struct pollfd pfd; /* Polled file descriptor */
2811#else
2812 fd_set input_set; /* select() input set */
2813 struct timeval timeout; /* Timeout */
2814#endif /* HAVE_POLL */
2815 int nfds; /* Result from select()/poll() */
2816
2817
571af0ea 2818 DEBUG_printf(("4_httpWait(http=%p, msec=%d, usessl=%d)", http, msec, usessl));
da97a504 2819
2820 if (http->fd < 0)
efaca90c 2821 {
2822 DEBUG_printf(("5_httpWait: Returning 0 since fd=%d", http->fd));
da97a504 2823 return (0);
efaca90c 2824 }
da97a504 2825
2826 /*
2827 * Check the SSL/TLS buffers for data first...
2828 */
2829
2830#ifdef HAVE_SSL
2831 if (http->tls && usessl)
2832 {
2833# ifdef HAVE_LIBSSL
b9738d7c 2834 if (SSL_pending(http->tls))
efaca90c 2835 {
2836 DEBUG_puts("5_httpWait: Return 1 since there is pending SSL data.");
da97a504 2837 return (1);
efaca90c 2838 }
2839
da97a504 2840# elif defined(HAVE_GNUTLS)
b9738d7c 2841 if (gnutls_record_check_pending(http->tls))
efaca90c 2842 {
2843 DEBUG_puts("5_httpWait: Return 1 since there is pending SSL data.");
da97a504 2844 return (1);
efaca90c 2845 }
2846
da97a504 2847# elif defined(HAVE_CDSASSL)
2848 size_t bytes; /* Bytes that are available */
2849
b9738d7c 2850 if (!SSLGetBufferedReadSize(http->tls, &bytes) &&
da97a504 2851 bytes > 0)
efaca90c 2852 {
2853 DEBUG_puts("5_httpWait: Return 1 since there is pending SSL data.");
da97a504 2854 return (1);
efaca90c 2855 }
da97a504 2856# endif /* HAVE_LIBSSL */
2857 }
2858#endif /* HAVE_SSL */
2859
2860 /*
2861 * Then try doing a select() or poll() to poll the socket...
2862 */
2863
2864#ifdef HAVE_POLL
2865 pfd.fd = http->fd;
2866 pfd.events = POLLIN;
2867
d819e02f 2868 while ((nfds = poll(&pfd, 1, msec)) < 0 &&
2869 (errno == EINTR || errno == EAGAIN));
da97a504 2870
2871#else
2872 do
2873 {
2874 FD_ZERO(&input_set);
2875 FD_SET(http->fd, &input_set);
2876
571af0ea 2877 DEBUG_printf(("6_httpWait: msec=%d, http->fd=%d", msec, http->fd));
da97a504 2878
2879 if (msec >= 0)
2880 {
2881 timeout.tv_sec = msec / 1000;
2882 timeout.tv_usec = (msec % 1000) * 1000;
2883
2884 nfds = select(http->fd + 1, &input_set, NULL, NULL, &timeout);
2885 }
2886 else
2887 nfds = select(http->fd + 1, &input_set, NULL, NULL, NULL);
2888
571af0ea 2889 DEBUG_printf(("6_httpWait: select() returned %d...", nfds));
da97a504 2890 }
2891# ifdef WIN32
6875feac 2892 while (nfds < 0 && (WSAGetLastError() == WSAEINTR ||
2893 WSAGetLastError() == WSAEWOULDBLOCK));
da97a504 2894# else
d819e02f 2895 while (nfds < 0 && (errno == EINTR || errno == EAGAIN));
da97a504 2896# endif /* WIN32 */
2897#endif /* HAVE_POLL */
2898
efaca90c 2899 DEBUG_printf(("5_httpWait: returning with nfds=%d, errno=%d...", nfds,
2900 errno));
da97a504 2901
2902 return (nfds > 0);
2903}
2904
2905
3a193f5e 2906/*
ad4be4c3 2907 * 'httpWait()' - Wait for data available on a connection.
c94f4aa9 2908 *
373b3e5f 2909 * @since CUPS 1.1.19/Mac OS X 10.3@
1e88d784 2910 */
2911
ad4be4c3 2912int /* O - 1 if data is available, 0 otherwise */
c73f649f 2913httpWait(http_t *http, /* I - Connection to server */
ad4be4c3 2914 int msec) /* I - Milliseconds to wait */
1e88d784 2915{
edd6ee99 2916 /*
ad4be4c3 2917 * First see if there is data in the buffer...
edd6ee99 2918 */
2919
c0371c4a 2920 DEBUG_printf(("2httpWait(http=%p, msec=%d)", http, msec));
2921
ad4be4c3 2922 if (http == NULL)
2923 return (0);
992cf15a 2924
ad4be4c3 2925 if (http->used)
c0371c4a 2926 {
2927 DEBUG_puts("3httpWait: Returning 1 since there is buffered data ready.");
ad4be4c3 2928 return (1);
c0371c4a 2929 }
3840d6ba 2930
c172c849 2931 /*
2932 * Flush pending data, if any...
2933 */
2934
2935 if (http->wused)
2936 {
c0371c4a 2937 DEBUG_puts("3httpWait: Flushing write buffer.");
2938
c172c849 2939 if (httpFlushWrite(http) < 0)
2940 return (0);
2941 }
2942
3840d6ba 2943 /*
ad4be4c3 2944 * If not, check the SSL/TLS buffers and do a select() on the connection...
3840d6ba 2945 */
2946
da97a504 2947 return (_httpWait(http, msec, 1));
1e88d784 2948}
2949
2950
2951/*
ad4be4c3 2952 * 'httpWrite()' - Write data to a HTTP connection.
00a1fad8 2953 *
2954 * This function is deprecated. Use the httpWrite2() function which can
2955 * write more than 2GB of data.
2956 *
2957 * @deprecated@
1e88d784 2958 */
dbf4ca8b 2959
ad4be4c3 2960int /* O - Number of bytes written */
c73f649f 2961httpWrite(http_t *http, /* I - Connection to server */
ad4be4c3 2962 const char *buffer, /* I - Buffer for data */
2963 int length) /* I - Number of bytes to write */
2964{
00a1fad8 2965 return ((int)httpWrite2(http, buffer, length));
2966}
2967
2968
2969/*
2970 * 'httpWrite2()' - Write data to a HTTP connection.
7fbf7fc4 2971 *
373b3e5f 2972 * @since CUPS 1.2/Mac OS X 10.5@
00a1fad8 2973 */
dbf4ca8b 2974
00a1fad8 2975ssize_t /* O - Number of bytes written */
c73f649f 2976httpWrite2(http_t *http, /* I - Connection to server */
00a1fad8 2977 const char *buffer, /* I - Buffer for data */
2978 size_t length) /* I - Number of bytes to write */
2979{
2980 ssize_t bytes; /* Bytes written */
f736c0e3 2981
f736c0e3 2982
571af0ea 2983 DEBUG_printf(("httpWrite2(http=%p, buffer=%p, length=" CUPS_LLFMT ")", http,
788086c8 2984 buffer, CUPS_LLCAST length));
ed5ceafb 2985
edd6ee99 2986 /*
2987 * Range check input...
2988 */
2989
ad4be4c3 2990 if (http == NULL || buffer == NULL)
2991 return (-1);
edd6ee99 2992
2993 /*
ad4be4c3 2994 * Mark activity on the connection...
edd6ee99 2995 */
2996
ad4be4c3 2997 http->activity = time(NULL);
f736c0e3 2998
ad4be4c3 2999 /*
3000 * Buffer small writes for better performance...
3001 */
f736c0e3 3002
ad4be4c3 3003 if (length > 0)
3004 {
ed5ceafb 3005 if (http->wused && (length + http->wused) > sizeof(http->wbuffer))
3006 {
571af0ea 3007 DEBUG_printf(("2httpWrite2: Flushing buffer (wused=%d, length="
3008 CUPS_LLFMT ")", http->wused, CUPS_LLCAST length));
ed5ceafb 3009
ad4be4c3 3010 httpFlushWrite(http);
ed5ceafb 3011 }
f736c0e3 3012
06f0e915 3013 if ((length + http->wused) <= sizeof(http->wbuffer) &&
3014 length < sizeof(http->wbuffer))
ad4be4c3 3015 {
3016 /*
3017 * Write to buffer...
3018 */
f736c0e3 3019
571af0ea 3020 DEBUG_printf(("2httpWrite2: Copying " CUPS_LLFMT " bytes to wbuffer...",
788086c8 3021 CUPS_LLCAST length));
ed5ceafb 3022
ad4be4c3 3023 memcpy(http->wbuffer + http->wused, buffer, length);
d220c7b8 3024 http->wused += (int)length;
3025 bytes = (ssize_t)length;
ad4be4c3 3026 }
3027 else
9b4bc2a5 3028 {
ad4be4c3 3029 /*
3030 * Otherwise write the data directly...
3031 */
3032
571af0ea 3033 DEBUG_printf(("2httpWrite2: Writing " CUPS_LLFMT " bytes to socket...",
788086c8 3034 CUPS_LLCAST length));
ed5ceafb 3035
ad4be4c3 3036 if (http->data_encoding == HTTP_ENCODE_CHUNKED)
d220c7b8 3037 bytes = (ssize_t)http_write_chunk(http, buffer, (int)length);
ad4be4c3 3038 else
d220c7b8 3039 bytes = (ssize_t)http_write(http, buffer, (int)length);
ed5ceafb 3040
571af0ea 3041 DEBUG_printf(("2httpWrite2: Wrote " CUPS_LLFMT " bytes...",
7e66bf84 3042 CUPS_LLCAST bytes));
9b4bc2a5 3043 }
f736c0e3 3044
ad4be4c3 3045 if (http->data_encoding == HTTP_ENCODE_LENGTH)
3046 http->data_remaining -= bytes;
f736c0e3 3047 }
e6e44566 3048 else
3049 bytes = 0;
f736c0e3 3050
50146867 3051 /*
ad4be4c3 3052 * Handle end-of-request processing...
50146867 3053 */
f736c0e3 3054
ad4be4c3 3055 if ((http->data_encoding == HTTP_ENCODE_CHUNKED && length == 0) ||
3056 (http->data_encoding == HTTP_ENCODE_LENGTH && http->data_remaining == 0))
3057 {
3058 /*
3059 * Finished with the transfer; unless we are sending POST or PUT
3060 * data, go idle...
3061 */
f736c0e3 3062
571af0ea 3063 DEBUG_puts("2httpWrite: changing states...");
f736c0e3 3064
ad4be4c3 3065 if (http->wused)
3066 httpFlushWrite(http);
0542e38e 3067
ad4be4c3 3068 if (http->data_encoding == HTTP_ENCODE_CHUNKED)
3069 {
3070 /*
3071 * Send a 0-length chunk at the end of the request...
3072 */
5e879034 3073
ad4be4c3 3074 http_write(http, "0\r\n\r\n", 5);
5e879034 3075
ad4be4c3 3076 /*
3077 * Reset the data state...
3078 */
0542e38e 3079
ad4be4c3 3080 http->data_encoding = HTTP_ENCODE_LENGTH;
3081 http->data_remaining = 0;
3082 }
0542e38e 3083 }
4a73831b 3084
ad4be4c3 3085 return (bytes);
4a73831b 3086}
3087
3088
ad4be4c3 3089#if defined(HAVE_SSL) && defined(HAVE_CDSASSL)
3090/*
d774b661 3091 * '_httpWriteCDSA()' - Write function for the CDSA library.
ad4be4c3 3092 */
3093
fe3f3c8c 3094OSStatus /* O - -1 on error, 0 on success */
3095_httpWriteCDSA(
ad4be4c3 3096 SSLConnectionRef connection, /* I - SSL/TLS connection */
fe3f3c8c 3097 const void *data, /* I - Data buffer */
ad4be4c3 3098 size_t *dataLength) /* IO - Number of bytes */
3099{
dea2eff8 3100 OSStatus result; /* Return value */
3101 ssize_t bytes; /* Number of bytes read */
3102 http_t *http; /* HTTP connection */
7e826c4a 3103
3104
dea2eff8 3105 http = (http_t *)connection;
ad4be4c3 3106
df79d570 3107 do
dea2eff8 3108 {
3109 bytes = write(http->fd, data, *dataLength);
3110 }
d819e02f 3111 while (bytes == -1 && (errno == EINTR || errno == EAGAIN));
c139c1d6 3112
df79d570 3113 if (bytes == *dataLength)
dea2eff8 3114 {
df79d570 3115 result = 0;
dea2eff8 3116 }
df79d570 3117 else if (bytes >= 0)
3118 {
3119 *dataLength = bytes;
3120 result = errSSLWouldBlock;
3121 }
3122 else
3123 {
3124 *dataLength = 0;
dbf4ca8b 3125
c139c1d6 3126 if (errno == EAGAIN)
df79d570 3127 result = errSSLWouldBlock;
df79d570 3128 else
91679419 3129 result = errSSLClosedAbort;
ad4be4c3 3130 }
df79d570 3131
dea2eff8 3132 return (result);
ad4be4c3 3133}
3134#endif /* HAVE_SSL && HAVE_CDSASSL */
3135
3136
d774b661 3137#if defined(HAVE_SSL) && defined(HAVE_GNUTLS)
3138/*
3139 * '_httpWriteGNUTLS()' - Write function for the GNU TLS library.
3140 */
3141
3142ssize_t /* O - Number of bytes written or -1 on error */
3143_httpWriteGNUTLS(
c73f649f 3144 gnutls_transport_ptr ptr, /* I - Connection to server */
d774b661 3145 const void *data, /* I - Data buffer */
3146 size_t length) /* I - Number of bytes to write */
3147{
3148 return (send(((http_t *)ptr)->fd, data, length, 0));
3149}
3150#endif /* HAVE_SSL && HAVE_GNUTLS */
3151
3152
38cf3b08 3153#if defined(HAVE_SSL) && defined(HAVE_LIBSSL)
3154/*
3155 * 'http_bio_ctrl()' - Control the HTTP connection.
3156 */
3157
3158static long /* O - Result/data */
3159http_bio_ctrl(BIO *h, /* I - BIO data */
3160 int cmd, /* I - Control command */
3161 long arg1, /* I - First argument */
3162 void *arg2) /* I - Second argument */
3163{
3164 switch (cmd)
3165 {
3166 default :
3167 return (0);
3168
3169 case BIO_CTRL_RESET :
3170 h->ptr = NULL;
3171 return (0);
3172
3173 case BIO_C_SET_FILE_PTR :
3174 h->ptr = arg2;
3175 h->init = 1;
3176 return (1);
3177
3178 case BIO_C_GET_FILE_PTR :
3179 if (arg2)
3180 {
3181 *((void **)arg2) = h->ptr;
3182 return (1);
3183 }
3184 else
3185 return (0);
dbf4ca8b 3186
38cf3b08 3187 case BIO_CTRL_DUP :
3188 case BIO_CTRL_FLUSH :
3189 return (1);
3190 }
3191}
3192
3193
3194/*
3195 * 'http_bio_free()' - Free OpenSSL data.
3196 */
3197
3198static int /* O - 1 on success, 0 on failure */
3199http_bio_free(BIO *h) /* I - BIO data */
3200{
3201 if (!h)
3202 return (0);
3203
3204 if (h->shutdown)
3205 {
3206 h->init = 0;
3207 h->flags = 0;
3208 }
3209
3210 return (1);
3211}
3212
3213
3214/*
3215 * 'http_bio_new()' - Initialize an OpenSSL BIO structure.
3216 */
3217
3218static int /* O - 1 on success, 0 on failure */
3219http_bio_new(BIO *h) /* I - BIO data */
3220{
3221 if (!h)
3222 return (0);
3223
3224 h->init = 0;
3225 h->num = 0;
3226 h->ptr = NULL;
3227 h->flags = 0;
3228
3229 return (1);
3230}
3231
3232
3233/*
3234 * 'http_bio_puts()' - Send a string for OpenSSL.
3235 */
3236
3237static int /* O - Bytes written */
3238http_bio_puts(BIO *h, /* I - BIO data */
3239 const char *str) /* I - String to write */
3240{
35e7de17 3241#ifdef WIN32
3242 return (send(((http_t *)h->ptr)->fd, str, (int)strlen(str), 0));
3243#else
38cf3b08 3244 return (send(((http_t *)h->ptr)->fd, str, strlen(str), 0));
35e7de17 3245#endif /* WIN32 */
38cf3b08 3246}
3247
3248
3249/*
3250 * 'http_bio_read()' - Read data for OpenSSL.
3251 */
3252
3253static int /* O - Bytes read */
3254http_bio_read(BIO *h, /* I - BIO data */
3255 char *buf, /* I - Buffer */
3256 int size) /* I - Number of bytes to read */
3257{
3258 http_t *http; /* HTTP connection */
3259
3260
3261 http = (http_t *)h->ptr;
3262
3263 if (!http->blocking)
3264 {
3265 /*
3266 * Make sure we have data before we read...
3267 */
3268
da97a504 3269 if (!_httpWait(http, 10000, 0))
38cf3b08 3270 {
35e7de17 3271#ifdef WIN32
3272 http->error = WSAETIMEDOUT;
3273#else
38cf3b08 3274 http->error = ETIMEDOUT;
35e7de17 3275#endif /* WIN32 */
3276
38cf3b08 3277 return (-1);
3278 }
3279 }
3280
3281 return (recv(http->fd, buf, size, 0));
3282}
3283
3284
3285/*
3286 * 'http_bio_write()' - Write data for OpenSSL.
3287 */
3288
3289static int /* O - Bytes written */
3290http_bio_write(BIO *h, /* I - BIO data */
3291 const char *buf, /* I - Buffer to write */
3292 int num) /* I - Number of bytes to write */
3293{
3294 return (send(((http_t *)h->ptr)->fd, buf, num, 0));
3295}
3296#endif /* HAVE_SSL && HAVE_LIBSSL */
3297
3298
7e66bf84 3299#ifdef DEBUG
3300/*
3301 * 'http_debug_hex()' - Do a hex dump of a buffer.
3302 */
3303
3304static void
3305http_debug_hex(const char *prefix, /* I - Prefix for line */
3306 const char *buffer, /* I - Buffer to dump */
3307 int bytes) /* I - Bytes to dump */
3308{
3309 int i, j, /* Looping vars */
3310 ch; /* Current character */
3311 char line[255], /* Line buffer */
3312 *start, /* Start of line after prefix */
3313 *ptr; /* Pointer into line */
3314
3315
3eecd6f5 3316 if (_cups_debug_fd < 0 || _cups_debug_level < 6)
ba497fff 3317 return;
3318
571af0ea 3319 DEBUG_printf(("6%s: %d bytes:\n", prefix, bytes));
7e66bf84 3320
a28f4935 3321 snprintf(line, sizeof(line), "6%s: ", prefix);
7e66bf84 3322 start = line + strlen(line);
3323
3324 for (i = 0; i < bytes; i += 16)
3325 {
3326 for (j = 0, ptr = start; j < 16 && (i + j) < bytes; j ++, ptr += 2)
3327 sprintf(ptr, "%02X", buffer[i + j] & 255);
3328
3329 while (j < 16)
3330 {
3331 strcpy(ptr, " ");
3332 ptr += 2;
3333 j ++;
3334 }
3335
3336 strcpy(ptr, " ");
3337 ptr += 2;
3338
3339 for (j = 0; j < 16 && (i + j) < bytes; j ++)
3340 {
3341 ch = buffer[i + j] & 255;
3342
3343 if (ch < ' ' || ch >= 127)
3344 ch = '.';
3345
3346 *ptr++ = ch;
3347 }
3348
3349 *ptr = '\0';
3350 DEBUG_puts(line);
3351 }
3352}
3353#endif /* DEBUG */
3354
3355
fe3f3c8c 3356/*
3357 * 'http_field()' - Return the field index for a field name.
3358 */
3359
7e66bf84 3360static http_field_t /* O - Field index */
3361http_field(const char *name) /* I - String name */
fe3f3c8c 3362{
7e66bf84 3363 int i; /* Looping var */
fe3f3c8c 3364
3365
3366 for (i = 0; i < HTTP_FIELD_MAX; i ++)
3367 if (strcasecmp(name, http_fields[i]) == 0)
3368 return ((http_field_t)i);
3369
3370 return (HTTP_FIELD_UNKNOWN);
3371}
3372
3373
ad4be4c3 3374#ifdef HAVE_SSL
3375/*
3376 * 'http_read_ssl()' - Read from a SSL/TLS connection.
3377 */
3378
3379static int /* O - Bytes read */
c73f649f 3380http_read_ssl(http_t *http, /* I - Connection to server */
ad4be4c3 3381 char *buf, /* I - Buffer to store data */
3382 int len) /* I - Length of buffer */
3383{
3384# if defined(HAVE_LIBSSL)
3385 return (SSL_read((SSL *)(http->tls), buf, len));
3386
3387# elif defined(HAVE_GNUTLS)
dbf4ca8b 3388 ssize_t result; /* Return value */
3389
3390
b9738d7c 3391 result = gnutls_record_recv(http->tls, buf, len);
dbf4ca8b 3392
3393 if (result < 0 && !errno)
3394 {
3395 /*
3396 * Convert GNU TLS error to errno value...
3397 */
3398
3399 switch (result)
3400 {
3401 case GNUTLS_E_INTERRUPTED :
3402 errno = EINTR;
3403 break;
3404
3405 case GNUTLS_E_AGAIN :
3406 errno = EAGAIN;
3407 break;
3408
3409 default :
3410 errno = EPIPE;
3411 break;
3412 }
3413
3414 result = -1;
3415 }
3416
3417 return ((int)result);
ad4be4c3 3418
3419# elif defined(HAVE_CDSASSL)
c139c1d6 3420 int result; /* Return value */
ad4be4c3 3421 OSStatus error; /* Error info */
3422 size_t processed; /* Number of bytes processed */
3423
3424
b9738d7c 3425 error = SSLRead(http->tls, buf, len, &processed);
ad4be4c3 3426
c139c1d6 3427 switch (error)
ad4be4c3 3428 {
c139c1d6 3429 case 0 :
3430 result = (int)processed;
3431 break;
aa74279d 3432
c139c1d6 3433 case errSSLWouldBlock :
df79d570 3434 if (processed)
3435 result = (int)processed;
3436 else
3437 {
3438 result = -1;
3439 errno = EINTR;
3440 }
c139c1d6 3441 break;
aa74279d 3442
3443 case errSSLClosedGraceful :
c139c1d6 3444 default :
aa74279d 3445 if (processed)
3446 result = (int)processed;
3447 else
3448 {
3449 result = -1;
3450 errno = EPIPE;
3451 }
c139c1d6 3452 break;
ad4be4c3 3453 }
c139c1d6 3454
3455 return (result);
6875feac 3456# elif defined(HAVE_SSPISSL)
3457 return _sspiRead((_sspi_struct_t*) http->tls, buf, len);
ad4be4c3 3458# endif /* HAVE_LIBSSL */
3459}
3460#endif /* HAVE_SSL */
3461
3462
a8374e1e 3463/*
3464 * 'http_send()' - Send a request with all fields and the trailing blank line.
3465 */
3466
3467static int /* O - 0 on success, non-zero on error */
c73f649f 3468http_send(http_t *http, /* I - Connection to server */
a8374e1e 3469 http_state_t request, /* I - Request code */
063e1ac7 3470 const char *uri) /* I - URI */
a8374e1e 3471{
3472 int i; /* Looping var */
96fa6605 3473 char buf[1024]; /* Encoded URI buffer */
6db7190f 3474 static const char * const codes[] =
3475 { /* Request code strings */
a8374e1e 3476 NULL,
3477 "OPTIONS",
3478 "GET",
3479 NULL,
3480 "HEAD",
3481 "POST",
3482 NULL,
3483 NULL,
3484 "PUT",
3485 NULL,
3486 "DELETE",
3487 "TRACE",
3488 "CLOSE"
3489 };
a8374e1e 3490
3491
571af0ea 3492 DEBUG_printf(("7http_send(http=%p, request=HTTP_%s, uri=\"%s\")",
9b4bc2a5 3493 http, codes[request], uri));
3494
a8374e1e 3495 if (http == NULL || uri == NULL)
3496 return (-1);
3497
284d227b 3498 /*
3499 * Set the User-Agent field if it isn't already...
3500 */
3501
3502 if (!http->fields[HTTP_FIELD_USER_AGENT][0])
3503 httpSetField(http, HTTP_FIELD_USER_AGENT, CUPS_MINIMAL);
3504
a8374e1e 3505 /*
3506 * Encode the URI as needed...
3507 */
3508
96fa6605 3509 _httpEncodeURI(buf, uri, sizeof(buf));
a8374e1e 3510
f44afac9 3511 /*
3512 * See if we had an error the last time around; if so, reconnect...
3513 */
3514
3515 if (http->status == HTTP_ERROR || http->status >= HTTP_BAD_REQUEST)
c139c1d6 3516 if (httpReconnect(http))
3517 return (-1);
f44afac9 3518
f8699659 3519 /*
3520 * Flush any written data that is pending...
3521 */
3522
3523 if (http->wused)
bbe15e3f 3524 {
3525 if (httpFlushWrite(http) < 0)
3526 if (httpReconnect(http))
3527 return (-1);
3528 }
f8699659 3529
a8374e1e 3530 /*
3531 * Send the request header...
3532 */
3533
f8699659 3534 http->state = request;
3535 http->data_encoding = HTTP_ENCODE_FIELDS;
3536
ad4be4c3 3537 if (request == HTTP_POST || request == HTTP_PUT)
3538 http->state ++;
3539
3540 http->status = HTTP_CONTINUE;
3541
3542#ifdef HAVE_SSL
3543 if (http->encryption == HTTP_ENCRYPT_REQUIRED && !http->tls)
3544 {
3545 httpSetField(http, HTTP_FIELD_CONNECTION, "Upgrade");
3546 httpSetField(http, HTTP_FIELD_UPGRADE, "TLS/1.0,SSL/2.0,SSL/3.0");
3547 }
3548#endif /* HAVE_SSL */
3549
3550 if (httpPrintf(http, "%s %s HTTP/1.1\r\n", codes[request], buf) < 1)
3551 {
3552 http->status = HTTP_ERROR;
3553 return (-1);
3554 }
3555
3556 for (i = 0; i < HTTP_FIELD_MAX; i ++)
3557 if (http->fields[i][0] != '\0')
3558 {
571af0ea 3559 DEBUG_printf(("9http_send: %s: %s", http_fields[i],
7e66bf84 3560 httpGetField(http, i)));
ad4be4c3 3561
dbf4ca8b 3562 if (httpPrintf(http, "%s: %s\r\n", http_fields[i],
cf94bcb1 3563 httpGetField(http, i)) < 1)
ad4be4c3 3564 {
3565 http->status = HTTP_ERROR;
3566 return (-1);
3567 }
3568 }
3569
f98b3a0d 3570 if (http->cookie)
3571 if (httpPrintf(http, "Cookie: $Version=0; %s\r\n", http->cookie) < 1)
3572 {
3573 http->status = HTTP_ERROR;
3574 return (-1);
3575 }
3576
d834148f 3577 if (http->expect == HTTP_CONTINUE &&
3578 (http->state == HTTP_POST_RECV || http->state == HTTP_PUT_RECV))
3579 if (httpPrintf(http, "Expect: 100-continue\r\n") < 1)
3580 {
3581 http->status = HTTP_ERROR;
3582 return (-1);
3583 }
3584
ad4be4c3 3585 if (httpPrintf(http, "\r\n") < 1)
3586 {
3587 http->status = HTTP_ERROR;
3588 return (-1);
3589 }
3590
bbe15e3f 3591 if (httpFlushWrite(http) < 0)
3592 return (-1);
3593
1479646d 3594 httpGetLength2(http);
ad4be4c3 3595 httpClearFields(http);
3596
a99d043e 3597 /*
f39a71fd 3598 * The Kerberos and AuthRef authentication strings can only be used once...
a99d043e 3599 */
3600
dbf4ca8b 3601 if (http->field_authorization && http->authstring &&
3602 (!strncmp(http->authstring, "Negotiate", 9) ||
f39a71fd 3603 !strncmp(http->authstring, "AuthRef", 7)))
a99d043e 3604 {
3605 http->_authstring[0] = '\0';
3606
3607 if (http->authstring != http->_authstring)
3608 free(http->authstring);
dbf4ca8b 3609
a99d043e 3610 http->authstring = http->_authstring;
3611 }
3612
ad4be4c3 3613 return (0);
3614}
3615
3616
3617#ifdef HAVE_SSL
f07e2adf 3618# if defined(HAVE_CDSASSL) && defined(HAVE_SECCERTIFICATECOPYDATA)
b9738d7c 3619/*
3620 * 'http_set_credentials()' - Set the SSL/TLS credentials.
3621 */
3622
3623static int /* O - Status of connection */
3624http_set_credentials(http_t *http) /* I - Connection to server */
3625{
3626 _cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
b9738d7c 3627 OSStatus error = 0; /* Error code */
3628 http_tls_credentials_t credentials = NULL;
3629 /* TLS credentials */
b9738d7c 3630
3631
3632 DEBUG_printf(("7http_set_credentials(%p)", http));
3633
b9738d7c 3634 /*
3635 * Prefer connection specific credentials...
3636 */
3637
3638 if ((credentials = http->tls_credentials) == NULL)
3639 credentials = cg->tls_credentials;
3640
a2373c52 3641# if HAVE_SECPOLICYCREATESSL
b9738d7c 3642 /*
3643 * Otherwise root around in the user's keychain to see if one can be found...
3644 */
3645
3646 if (!credentials)
3647 {
3648 CFDictionaryRef query; /* Query dictionary */
a2373c52 3649 CFTypeRef matches = NULL; /* Matching credentials */
b9738d7c 3650 CFArrayRef dn_array = NULL;/* Distinguished names array */
3651 CFTypeRef keys[] = { kSecClass,
3652 kSecMatchLimit,
3653 kSecReturnRef };
3654 /* Keys for dictionary */
3655 CFTypeRef values[] = { kSecClassCertificate,
3656 kSecMatchLimitOne,
3657 kCFBooleanTrue };
3658 /* Values for dictionary */
3659
3660 /*
3661 * Get the names associated with the server.
3662 */
3663
a2373c52 3664 if ((error = SSLCopyDistinguishedNames(http->tls, &dn_array)) != noErr)
3665 {
3666 DEBUG_printf(("4http_set_credentials: SSLCopyDistinguishedNames, error=%d",
3667 (int)error));
3668 return (error);
3669 }
b9738d7c 3670
3671 /*
3672 * Create a query which will return all identities that can sign and match
3673 * the passed in policy.
3674 */
3675
3676 query = CFDictionaryCreate(NULL,
3677 (const void**)(&keys[0]),
3678 (const void**)(&values[0]),
3679 sizeof(keys) / sizeof(keys[0]),
3680 &kCFTypeDictionaryKeyCallBacks,
3681 &kCFTypeDictionaryValueCallBacks);
a2373c52 3682 if (query)
3683 {
3684 error = SecItemCopyMatching(query, &matches);
3685 DEBUG_printf(("4http_set_credentials: SecItemCopyMatching, error=%d",
3686 (int)error));
3687 CFRelease(query);
3688 }
b9738d7c 3689
a2373c52 3690 if (matches)
3691 CFRelease(matches);
b9738d7c 3692
3693 if (dn_array)
3694 CFRelease(dn_array);
3695 }
a2373c52 3696# endif /* HAVE_SECPOLICYCREATESSL */
b9738d7c 3697
3698 if (credentials)
a2373c52 3699 {
b9738d7c 3700 error = SSLSetCertificate(http->tls, credentials);
a2373c52 3701 DEBUG_printf(("4http_set_credentials: SSLSetCertificate, error=%d",
3702 (int)error));
3703 }
806a35d7 3704 else
3705 DEBUG_puts("4http_set_credentials: No credentials to set.");
b9738d7c 3706
3707 return (error);
b9738d7c 3708}
f07e2adf 3709# endif /* HAVE_CDSASSL && HAVE_SECCERTIFICATECOPYDATA */
b9738d7c 3710
3711
ad4be4c3 3712/*
3713 * 'http_setup_ssl()' - Set up SSL/TLS support on a connection.
3714 */
3715
3716static int /* O - Status of connection */
c73f649f 3717http_setup_ssl(http_t *http) /* I - Connection to server */
ad4be4c3 3718{
b9738d7c 3719 _cups_globals_t *cg = _cupsGlobals();
3720 /* Pointer to library globals */
3721 int any_root; /* Allow any root */
3722
ad4be4c3 3723# ifdef HAVE_LIBSSL
2b080971 3724 SSL_CTX *context; /* Context for encryption */
38cf3b08 3725 BIO *bio; /* BIO data */
ad4be4c3 3726# elif defined(HAVE_GNUTLS)
ad4be4c3 3727 gnutls_certificate_client_credentials *credentials;
2b080971 3728 /* TLS credentials */
ad4be4c3 3729# elif defined(HAVE_CDSASSL)
2b080971 3730 OSStatus error; /* Error code */
a2373c52 3731 const char *message = NULL; /* Error message */
3fc66cc0 3732 char *hostname; /* Hostname */
cc6af6b6 3733# ifdef HAVE_SECCERTIFICATECOPYDATA
b9738d7c 3734 cups_array_t *credentials; /* Credentials array */
b9738d7c 3735 cups_array_t *names; /* CUPS distinguished names */
3736 CFArrayRef dn_array; /* CF distinguished names array */
3737 CFIndex count; /* Number of credentials */
3738 CFDataRef data; /* Certificate data */
3739 int i; /* Looping var */
3740 http_credential_t
3741 *credential; /* Credential data */
cc6af6b6 3742# endif /* HAVE_SECCERTIFICATECOPYDATA */
6875feac 3743# elif defined(HAVE_SSPISSL)
3744 TCHAR username[256]; /* Username returned from GetUserName() */
3745 TCHAR commonName[256]; /* Common name for certificate */
3746 DWORD dwSize; /* 32 bit size */
ad4be4c3 3747# endif /* HAVE_LIBSSL */
3748
3749
571af0ea 3750 DEBUG_printf(("7http_setup_ssl(http=%p)", http));
ad4be4c3 3751
b9738d7c 3752 /*
a2373c52 3753 * Always allow self-signed certificates for the local loopback address...
b9738d7c 3754 */
3755
806a35d7 3756 if (httpAddrLocalhost(http->hostaddr))
b9738d7c 3757 any_root = 1;
806a35d7 3758 else
3759 any_root = cg->any_root;
b9738d7c 3760
ad4be4c3 3761# ifdef HAVE_LIBSSL
3762 context = SSL_CTX_new(SSLv23_client_method());
3763
3764 SSL_CTX_set_options(context, SSL_OP_NO_SSLv2); /* Only use SSLv3 or TLS */
3765
38cf3b08 3766 bio = BIO_new(_httpBIOMethods());
3767 BIO_ctrl(bio, BIO_C_SET_FILE_PTR, 0, (char *)http);
d774b661 3768
b9738d7c 3769 http->tls = SSL_new(context);
3770 SSL_set_bio(http->tls_credentials, bio, bio);
d774b661 3771
b9738d7c 3772 if (SSL_connect(http->tls) != 1)
ad4be4c3 3773 {
3774# ifdef DEBUG
3775 unsigned long error; /* Error code */
3776
3777 while ((error = ERR_get_error()) != 0)
571af0ea 3778 DEBUG_printf(("8http_setup_ssl: %s", ERR_error_string(error, NULL)));
ad4be4c3 3779# endif /* DEBUG */
3780
3781 SSL_CTX_free(context);
b9738d7c 3782 SSL_free(http->tls);
3783 http->tls = NULL;
ad4be4c3 3784
3785# ifdef WIN32
3786 http->error = WSAGetLastError();
3787# else
3788 http->error = errno;
3789# endif /* WIN32 */
3790 http->status = HTTP_ERROR;
3791
3792 return (HTTP_ERROR);
3793 }
5356dc5a 3794
ad4be4c3 3795# elif defined(HAVE_GNUTLS)
ad4be4c3 3796 credentials = (gnutls_certificate_client_credentials *)
3797 malloc(sizeof(gnutls_certificate_client_credentials));
3798 if (credentials == NULL)
a8374e1e 3799 {
ad4be4c3 3800 http->error = errno;
f44afac9 3801 http->status = HTTP_ERROR;
ad4be4c3 3802
f44afac9 3803 return (-1);
a8374e1e 3804 }
3805
ad4be4c3 3806 gnutls_certificate_allocate_credentials(credentials);
4a73831b 3807
b9738d7c 3808 gnutls_init(&http->tls, GNUTLS_CLIENT);
3809 gnutls_set_default_priority(http->tls);
3810 gnutls_credentials_set(http->tls, GNUTLS_CRD_CERTIFICATE, *credentials);
3811 gnutls_transport_set_ptr(http->tls, (gnutls_transport_ptr)http);
3812 gnutls_transport_set_pull_function(http->tls, _httpReadGNUTLS);
3813 gnutls_transport_set_push_function(http->tls, _httpWriteGNUTLS);
a8374e1e 3814
b9738d7c 3815 if ((gnutls_handshake(http->tls)) != GNUTLS_E_SUCCESS)
f44afac9 3816 {
ad4be4c3 3817 http->error = errno;
f44afac9 3818 http->status = HTTP_ERROR;
ad4be4c3 3819
b9738d7c 3820 gnutls_deinit(http->tls);
c999b11c 3821 gnutls_certificate_free_credentials(*credentials);
3822 free(credentials);
b9738d7c 3823 http->tls = NULL;
c999b11c 3824
a8374e1e 3825 return (-1);
f44afac9 3826 }
a8374e1e 3827
b9738d7c 3828 http->tls_credentials = credentials;
a8374e1e 3829
ad4be4c3 3830# elif defined(HAVE_CDSASSL)
b9738d7c 3831 if ((error = SSLNewContext(false, &http->tls)))
7e826c4a 3832 {
2b080971 3833 http->error = error;
3834 http->status = HTTP_ERROR;
7e826c4a 3835
2b080971 3836 return (-1);
7e826c4a 3837 }
33b8a82d 3838
b9738d7c 3839 error = SSLSetConnection(http->tls, http);
a2373c52 3840 DEBUG_printf(("4http_setup_ssl: SSLSetConnection, error=%d", (int)error));
2b080971 3841
b9738d7c 3842 if (!error)
a2373c52 3843 {
b9738d7c 3844 error = SSLSetIOFuncs(http->tls, _httpReadCDSA, _httpWriteCDSA);
a2373c52 3845 DEBUG_printf(("4http_setup_ssl: SSLSetIOFuncs, error=%d", (int)error));
3846 }
2b080971 3847
3848 if (!error)
a2373c52 3849 {
b9738d7c 3850 error = SSLSetProtocolVersionEnabled(http->tls, kSSLProtocol2, false);
a2373c52 3851 DEBUG_printf(("4http_setup_ssl: SSLSetProtocolVersionEnabled, error=%d",
3852 (int)error));
3853 }
2b080971 3854
ad4be4c3 3855 if (!error)
a2373c52 3856 {
b9738d7c 3857 error = SSLSetAllowsAnyRoot(http->tls, any_root);
05f5358c 3858 DEBUG_printf(("4http_setup_ssl: SSLSetAllowsAnyRoot(%d), error=%d",
3859 any_root, (int)error));
a2373c52 3860 }
33b8a82d 3861
ad4be4c3 3862 if (!error)
a2373c52 3863 {
b9738d7c 3864 error = SSLSetAllowsExpiredCerts(http->tls, cg->expired_certs);
05f5358c 3865 DEBUG_printf(("4http_setup_ssl: SSLSetAllowsExpiredCerts(%d), error=%d",
3866 cg->expired_certs, (int)error));
a2373c52 3867 }
9b4bc2a5 3868
91679419 3869 if (!error)
a2373c52 3870 {
b9738d7c 3871 error = SSLSetAllowsExpiredRoots(http->tls, cg->expired_root);
05f5358c 3872 DEBUG_printf(("4http_setup_ssl: SSLSetAllowsExpiredRoots(%d), error=%d",
3873 cg->expired_root, (int)error));
a2373c52 3874 }
91679419 3875
355b559e 3876# ifdef HAVE_SECCERTIFICATECOPYDATA
ad4be4c3 3877 if (!error)
df79d570 3878 {
b9738d7c 3879 if (cg->client_cert_cb)
a2373c52 3880 {
b9738d7c 3881 error = SSLSetSessionOption(http->tls,
3882 kSSLSessionOptionBreakOnCertRequested, true);
a2373c52 3883 DEBUG_printf(("4http_setup_ssl: kSSLSessionOptionBreakOnCertRequested, "
3884 "error=%d", (int)error));
3885 }
b9738d7c 3886 else
a2373c52 3887 {
b9738d7c 3888 error = http_set_credentials(http);
a2373c52 3889 DEBUG_printf(("4http_setup_ssl: http_set_credentials, error=%d",
3890 (int)error));
3891 }
b9738d7c 3892 }
3893
3894 /*
3895 * If there's a server certificate callback installed let it evaluate the
3896 * certificate(s) during the handshake...
3897 */
3898
3899 if (!error && cg->server_cert_cb != NULL)
3900 {
3901 error = SSLSetEnableCertVerify(http->tls, false);
a2373c52 3902 DEBUG_printf(("4http_setup_ssl: SSLSetEnableCertVerify, error=%d",
3903 (int)error));
b9738d7c 3904
3905 if (!error)
a2373c52 3906 {
b9738d7c 3907 error = SSLSetSessionOption(http->tls,
3908 kSSLSessionOptionBreakOnServerAuth, true);
a2373c52 3909 DEBUG_printf(("4http_setup_ssl: kSSLSessionOptionBreakOnServerAuth, "
3910 "error=%d", (int)error));
3911 }
b9738d7c 3912 }
355b559e 3913# endif /* HAVE_SECCERTIFICATECOPYDATA */
b9738d7c 3914
3915 if (!error)
3916 {
3917 hostname = httpAddrLocalhost(http->hostaddr) ? "localhost" : http->hostname;
3918 error = SSLSetPeerDomainName(http->tls, hostname, strlen(hostname));
a2373c52 3919
3920 DEBUG_printf(("4http_setup_ssl: SSLSetPeerDomainName, error=%d",
3921 (int)error));
b9738d7c 3922 }
3923
3924 if (!error)
3925 {
3926 int done = 0; /* Are we done yet? */
3927
3928 while (!error && !done)
3929 {
3930 error = SSLHandshake(http->tls);
3931
3932 DEBUG_printf(("4_httpWait: SSLHandshake returned %d.", (int)error));
3933
3934 switch (error)
3935 {
3936 case noErr :
3937 done = 1;
3938 break;
3939
3940 case errSSLWouldBlock :
3941 usleep(1000);
3942 break;
3943
355b559e 3944# ifdef HAVE_SECCERTIFICATECOPYDATA
b9738d7c 3945 case errSSLServerAuthCompleted :
3946 error = 0;
3947 if (cg->server_cert_cb)
3948 {
3949 error = httpCopyCredentials(http, &credentials);
3950 if (!error)
3951 {
3952 error = (cg->server_cert_cb)(http, http->tls, credentials,
3953 cg->server_cert_data);
3954 httpFreeCredentials(credentials);
3955 }
3956
3957 DEBUG_printf(("4_httpWait: Server certificate callback returned "
3958 "%d.", (int)error));
3959 }
3960 break;
3961
3962 case errSSLClientCertRequested :
3963 error = 0;
3964
3965 if (cg->client_cert_cb)
3966 {
3967 names = NULL;
355b559e 3968 if (!(error = SSLCopyDistinguishedNames(http->tls, &dn_array)) &&
b9738d7c 3969 dn_array)
3970 {
3971 if ((names = cupsArrayNew(NULL, NULL)) != NULL)
3972 {
3973 for (i = 0, count = CFArrayGetCount(dn_array); i < count; i++)
3974 {
3975 data = (CFDataRef)CFArrayGetValueAtIndex(dn_array, i);
3976
3977 if ((credential = malloc(sizeof(*credential))))
3978 {
3979 credential->datalen = CFDataGetLength(data);
3980 if ((credential->data = malloc(credential->datalen)))
3981 {
355b559e 3982 memcpy((void *)credential->data, CFDataGetBytePtr(data),
b9738d7c 3983 credential->datalen);
3984 cupsArrayAdd(names, credential);
3985 }
3986 }
3987 }
3988 }
3989
3990 CFRelease(dn_array);
3991 }
3992
3993 if (!error)
3994 {
355b559e 3995 error = (cg->client_cert_cb)(http, http->tls, names,
b9738d7c 3996 cg->client_cert_data);
3997
3998 DEBUG_printf(("4_httpWait: Client certificate callback "
3999 "returned %d.", (int)error));
4000 }
4001
4002 httpFreeCredentials(names);
4003 }
4004 break;
355b559e 4005# endif /* HAVE_SECCERTIFICATECOPYDATA */
b9738d7c 4006
4007 case errSSLUnknownRootCert :
bafc9832 4008 message = _("Unable to establish a secure connection to host "
4009 "(untrusted certificate).");
4010 break;
4011
b9738d7c 4012 case errSSLNoRootCert :
4013 message = _("Unable to establish a secure connection to host "
bafc9832 4014 "(self-signed certificate).");
b9738d7c 4015 break;
4016
4017 case errSSLCertExpired :
4018 message = _("Unable to establish a secure connection to host "
4019 "(expired certificate).");
4020 break;
4021
4022 case errSSLCertNotYetValid :
4023 message = _("Unable to establish a secure connection to host "
4024 "(certificate not yet valid).");
4025 break;
4026
4027 case errSSLHostNameMismatch :
4028 message = _("Unable to establish a secure connection to host "
4029 "(host name mismatch).");
4030 break;
4031
4032 case errSSLXCertChainInvalid :
4033 message = _("Unable to establish a secure connection to host "
4034 "(certificate chain invalid).");
4035 break;
4036
bafc9832 4037 case errSSLConnectionRefused :
4038 message = _("Unable to establish a secure connection to host "
4039 "(peer dropped connection before responding).");
4040 break;
4041
b9738d7c 4042 default :
4043 break;
4044 }
4045 }
df79d570 4046 }
33b8a82d 4047
2b080971 4048 if (error)
33b8a82d 4049 {
ad4be4c3 4050 http->error = error;
4051 http->status = HTTP_ERROR;
b9738d7c 4052 errno = ECONNREFUSED;
4053
4054 SSLDisposeContext(http->tls);
4055 http->tls = NULL;
33b8a82d 4056
b9738d7c 4057 /*
4058 * If an error string wasn't set by the callbacks use a generic one...
4059 */
ad4be4c3 4060
b9738d7c 4061 if (!message)
a2373c52 4062#ifdef HAVE_CSSMERRORSTRING
4063 message = cssmErrorString(error);
4064#else
b9738d7c 4065 message = _("Unable to establish a secure connection to host.");
a2373c52 4066#endif /* HAVE_CSSMERRORSTRING */
b9738d7c 4067
bafc9832 4068 _cupsSetError(IPP_PKI_ERROR, message, 1);
ad4be4c3 4069
6875feac 4070 return (-1);
4071 }
b9738d7c 4072
6875feac 4073# elif defined(HAVE_SSPISSL)
b9738d7c 4074 http->tls = _sspiAlloc();
6875feac 4075
b9738d7c 4076 if (!http->tls)
6875feac 4077 return (-1);
4078
b9738d7c 4079 http->tls->sock = http->fd;
4080 dwSize = sizeof(username) / sizeof(TCHAR);
6875feac 4081 GetUserName(username, &dwSize);
4082 _sntprintf_s(commonName, sizeof(commonName) / sizeof(TCHAR),
4083 sizeof(commonName) / sizeof(TCHAR), TEXT("CN=%s"), username);
4084
b9738d7c 4085 if (!_sspiGetCredentials(http->tls_credentials, L"ClientContainer",
4086 commonName, FALSE))
6875feac 4087 {
b9738d7c 4088 _sspiFree(http->tls_credentials);
4089 http->tls_credentials = NULL;
6875feac 4090 return (-1);
4091 }
4092
b9738d7c 4093 _sspiSetAllowsAnyRoot(http->tls_credentials, TRUE);
4094 _sspiSetAllowsExpiredCerts(http->tls_credentials, TRUE);
6875feac 4095
b9738d7c 4096 if (!_sspiConnect(http->tls_credentials, http->hostname))
6875feac 4097 {
b9738d7c 4098 _sspiFree(http->tls_credentials);
4099 http->tls_credentials = NULL;
ad4be4c3 4100 return (-1);
33b8a82d 4101 }
ad4be4c3 4102# endif /* HAVE_CDSASSL */
4103
ad4be4c3 4104 return (0);
4105}
33b8a82d 4106#endif /* HAVE_SSL */
4107
33b8a82d 4108
ad4be4c3 4109#ifdef HAVE_SSL
4110/*
4111 * 'http_shutdown_ssl()' - Shut down SSL/TLS on a connection.
4112 */
33b8a82d 4113
ad4be4c3 4114static void
c73f649f 4115http_shutdown_ssl(http_t *http) /* I - Connection to server */
ad4be4c3 4116{
4117# ifdef HAVE_LIBSSL
2b080971 4118 SSL_CTX *context; /* Context for encryption */
33b8a82d 4119
b9738d7c 4120 context = SSL_get_SSL_CTX(http->tls_credentials);
7250da12 4121
b9738d7c 4122 SSL_shutdown(http->tls_credentials);
ad4be4c3 4123 SSL_CTX_free(context);
b9738d7c 4124 SSL_free(http->tls_credentials);
33b8a82d 4125
ad4be4c3 4126# elif defined(HAVE_GNUTLS)
ad4be4c3 4127 gnutls_certificate_client_credentials *credentials;
2b080971 4128 /* TLS credentials */
33b8a82d 4129
b9738d7c 4130 credentials = (gnutls_certificate_client_credentials *)(http->tls_credentials);
33b8a82d 4131
b9738d7c 4132 gnutls_bye(http->tls, GNUTLS_SHUT_RDWR);
4133 gnutls_deinit(http->tls);
ad4be4c3 4134 gnutls_certificate_free_credentials(*credentials);
4135 free(credentials);
33b8a82d 4136
ad4be4c3 4137# elif defined(HAVE_CDSASSL)
b9738d7c 4138 while (SSLClose(http->tls) == errSSLWouldBlock)
df79d570 4139 usleep(1000);
4140
b9738d7c 4141 SSLDisposeContext(http->tls);
2b080971 4142
b9738d7c 4143 if (http->tls_credentials)
4144 CFRelease(http->tls_credentials);
2b080971 4145
6875feac 4146# elif defined(HAVE_SSPISSL)
b9738d7c 4147 _sspiFree(http->tls_credentials);
ad4be4c3 4148# endif /* HAVE_LIBSSL */
33b8a82d 4149
a2373c52 4150 http->tls = NULL;
4151 http->tls_credentials = NULL;
33b8a82d 4152}
ad4be4c3 4153#endif /* HAVE_SSL */
33b8a82d 4154
4155
bcf61448 4156#ifdef HAVE_SSL
2a0ef17a 4157/*
4158 * 'http_upgrade()' - Force upgrade to TLS encryption.
4159 */
4160
2b080971 4161static int /* O - Status of connection */
c73f649f 4162http_upgrade(http_t *http) /* I - Connection to server */
2a0ef17a 4163{
2b080971 4164 int ret; /* Return value */
4165 http_t myhttp; /* Local copy of HTTP data */
1c6682dd 4166
2a0ef17a 4167
571af0ea 4168 DEBUG_printf(("7http_upgrade(%p)", http));
1c6682dd 4169
75fba6fa 4170 /*
4171 * Flush the connection to make sure any previous "Upgrade" message
4172 * has been read.
4173 */
4174
4175 httpFlush(http);
4176
1c6682dd 4177 /*
4178 * Copy the HTTP data to a local variable so we can do the OPTIONS
4179 * request without interfering with the existing request data...
4180 */
4181
4182 memcpy(&myhttp, http, sizeof(myhttp));
2a0ef17a 4183
4184 /*
4185 * Send an OPTIONS request to the server, requiring SSL or TLS
4186 * encryption on the link...
4187 */
4188
06c2f3d6 4189 http->field_authorization = NULL; /* Don't free the auth string */
4190
0cf3735d 4191 httpClearFields(http);
4192 httpSetField(http, HTTP_FIELD_CONNECTION, "upgrade");
b9738d7c 4193 httpSetField(http, HTTP_FIELD_UPGRADE, "TLS/1.2, TLS/1.1, TLS/1.0, SSL/3.0");
1c6682dd 4194
0cf3735d 4195 if ((ret = httpOptions(http, "*")) == 0)
1c6682dd 4196 {
4197 /*
4198 * Wait for the secure connection...
4199 */
4200
0cf3735d 4201 while (httpUpdate(http) == HTTP_CONTINUE);
1c6682dd 4202 }
4203
2a0ef17a 4204 /*
0cf3735d 4205 * Restore the HTTP request data...
2a0ef17a 4206 */
4207
0cf3735d 4208 memcpy(http->fields, myhttp.fields, sizeof(http->fields));
06c2f3d6 4209 http->data_encoding = myhttp.data_encoding;
4210 http->data_remaining = myhttp.data_remaining;
4211 http->_data_remaining = myhttp._data_remaining;
4212 http->expect = myhttp.expect;
4213 http->field_authorization = myhttp.field_authorization;
7349b9e6 4214 http->digest_tries = myhttp.digest_tries;
1c6682dd 4215
4216 /*
4217 * See if we actually went secure...
4218 */
4219
4220 if (!http->tls)
2a0ef17a 4221 {
1c6682dd 4222 /*
4223 * Server does not support HTTP upgrade...
4224 */
2a0ef17a 4225
571af0ea 4226 DEBUG_puts("8http_upgrade: Server does not support HTTP upgrade!");
2a0ef17a 4227
dcfcaeac 4228# ifdef WIN32
2a0ef17a 4229 closesocket(http->fd);
dcfcaeac 4230# else
2a0ef17a 4231 close(http->fd);
dcfcaeac 4232# endif
2a0ef17a 4233
1c6682dd 4234 http->fd = -1;
4235
2a0ef17a 4236 return (-1);
4237 }
1c6682dd 4238 else
4239 return (ret);
2a0ef17a 4240}
ad4be4c3 4241#endif /* HAVE_SSL */
2a0ef17a 4242
4243
ad4be4c3 4244/*
4245 * 'http_write()' - Write a buffer to a HTTP connection.
4246 */
dbf4ca8b 4247
d12c5b68 4248static int /* O - Number of bytes written */
c73f649f 4249http_write(http_t *http, /* I - Connection to server */
3eecd6f5 4250 const char *buffer, /* I - Buffer for data */
4251 int length) /* I - Number of bytes to write */
ad4be4c3 4252{
4253 int tbytes, /* Total bytes sent */
4254 bytes; /* Bytes sent */
bcf61448 4255
bcf61448 4256
efaca90c 4257 DEBUG_printf(("2http_write(http=%p, buffer=%p, length=%d)", http, buffer,
4258 length));
3eecd6f5 4259 http->error = 0;
4260 tbytes = 0;
dcfcaeac 4261
ad4be4c3 4262 while (length > 0)
4263 {
4264#ifdef HAVE_SSL
4265 if (http->tls)
4266 bytes = http_write_ssl(http, buffer, length);
4267 else
4268#endif /* HAVE_SSL */
4269 bytes = send(http->fd, buffer, length, 0);
dcfcaeac 4270
ad4be4c3 4271 if (bytes < 0)
4272 {
4273#ifdef WIN32
a3aff7d2 4274 if (WSAGetLastError() == WSAEINTR)
6875feac 4275 continue;
a3aff7d2 4276 else if (WSAGetLastError() == WSAEWOULDBLOCK)
4277 {
3904b81e 4278 if (http->timeout_cb && (*http->timeout_cb)(http, http->timeout_data))
a3aff7d2 4279 continue;
3904b81e 4280
4281 http->error = WSAGetLastError();
a3aff7d2 4282 }
4283 else if (WSAGetLastError() != http->error &&
4284 WSAGetLastError() != WSAECONNRESET)
ad4be4c3 4285 {
4286 http->error = WSAGetLastError();
4287 continue;
4288 }
a3aff7d2 4289
3904b81e 4290#else
a3aff7d2 4291 if (errno == EINTR)
ad4be4c3 4292 continue;
a3aff7d2 4293 else if (errno == EWOULDBLOCK || errno == EAGAIN)
4294 {
3904b81e 4295 if (http->timeout_cb && (*http->timeout_cb)(http, http->timeout_data))
a3aff7d2 4296 continue;
3904b81e 4297 else if (!http->timeout_cb && errno == EAGAIN)
4298 continue;
4299
4300 http->error = errno;
a3aff7d2 4301 }
ad4be4c3 4302 else if (errno != http->error && errno != ECONNRESET)
4303 {
4304 http->error = errno;
4305 continue;
4306 }
4307#endif /* WIN32 */
dcfcaeac 4308
efaca90c 4309 DEBUG_printf(("3http_write: error writing data (%s).",
4310 strerror(http->error)));
dcfcaeac 4311
ad4be4c3 4312 return (-1);
4313 }
dcfcaeac 4314
ad4be4c3 4315 buffer += bytes;
4316 tbytes += bytes;
4317 length -= bytes;
4318 }
dcfcaeac 4319
ad4be4c3 4320#ifdef DEBUG
7e66bf84 4321 http_debug_hex("http_write", buffer - tbytes, tbytes);
ad4be4c3 4322#endif /* DEBUG */
bcf61448 4323
efaca90c 4324 DEBUG_printf(("3http_write: Returning %d.", tbytes));
4325
ad4be4c3 4326 return (tbytes);
bcf61448 4327}
4328
4329
bcf61448 4330/*
ad4be4c3 4331 * 'http_write_chunk()' - Write a chunked buffer.
bcf61448 4332 */
4333
d12c5b68 4334static int /* O - Number bytes written */
c73f649f 4335http_write_chunk(http_t *http, /* I - Connection to server */
ad4be4c3 4336 const char *buffer, /* I - Buffer to write */
4337 int length) /* I - Length of buffer */
bcf61448 4338{
ad4be4c3 4339 char header[255]; /* Chunk header */
4340 int bytes; /* Bytes written */
dcfcaeac 4341
3eecd6f5 4342
571af0ea 4343 DEBUG_printf(("7http_write_chunk(http=%p, buffer=%p, length=%d)",
ad4be4c3 4344 http, buffer, length));
dcfcaeac 4345
ad4be4c3 4346 /*
4347 * Write the chunk header, data, and trailer.
4348 */
dcfcaeac 4349
ad4be4c3 4350 sprintf(header, "%x\r\n", length);
d220c7b8 4351 if (http_write(http, header, (int)strlen(header)) < 0)
ed5ceafb 4352 {
571af0ea 4353 DEBUG_puts("8http_write_chunk: http_write of length failed!");
ad4be4c3 4354 return (-1);
ed5ceafb 4355 }
dcfcaeac 4356
ad4be4c3 4357 if ((bytes = http_write(http, buffer, length)) < 0)
ed5ceafb 4358 {
571af0ea 4359 DEBUG_puts("8http_write_chunk: http_write of buffer failed!");
ad4be4c3 4360 return (-1);
ed5ceafb 4361 }
dcfcaeac 4362
ad4be4c3 4363 if (http_write(http, "\r\n", 2) < 0)
ed5ceafb 4364 {
571af0ea 4365 DEBUG_puts("8http_write_chunk: http_write of CR LF failed!");
dcfcaeac 4366 return (-1);
ed5ceafb 4367 }
ad4be4c3 4368
4369 return (bytes);
bcf61448 4370}
4371
4372
ad4be4c3 4373#ifdef HAVE_SSL
bcf61448 4374/*
4375 * 'http_write_ssl()' - Write to a SSL/TLS connection.
4376 */
4377
4378static int /* O - Bytes written */
c73f649f 4379http_write_ssl(http_t *http, /* I - Connection to server */
bcf61448 4380 const char *buf, /* I - Buffer holding data */
4381 int len) /* I - Length of buffer */
4382{
efaca90c 4383 ssize_t result; /* Return value */
4384
4385
4386 DEBUG_printf(("2http_write_ssl(http=%p, buf=%p, len=%d)", http, buf, len));
4387
dcfcaeac 4388# if defined(HAVE_LIBSSL)
efaca90c 4389 result = SSL_write((SSL *)(http->tls), buf, len);
dcfcaeac 4390
4391# elif defined(HAVE_GNUTLS)
b9738d7c 4392 result = gnutls_record_send(http->tls, buf, len);
dbf4ca8b 4393
4394 if (result < 0 && !errno)
4395 {
4396 /*
4397 * Convert GNU TLS error to errno value...
4398 */
4399
4400 switch (result)
4401 {
4402 case GNUTLS_E_INTERRUPTED :
4403 errno = EINTR;
4404 break;
4405
4406 case GNUTLS_E_AGAIN :
4407 errno = EAGAIN;
4408 break;
4409
4410 default :
4411 errno = EPIPE;
4412 break;
4413 }
4414
4415 result = -1;
4416 }
4417
dcfcaeac 4418# elif defined(HAVE_CDSASSL)
4419 OSStatus error; /* Error info */
4420 size_t processed; /* Number of bytes processed */
4421
4422
b9738d7c 4423 error = SSLWrite(http->tls, buf, len, &processed);
dcfcaeac 4424
c139c1d6 4425 switch (error)
dcfcaeac 4426 {
c139c1d6 4427 case 0 :
4428 result = (int)processed;
4429 break;
aa74279d 4430
c139c1d6 4431 case errSSLWouldBlock :
df79d570 4432 if (processed)
4433 result = (int)processed;
4434 else
4435 {
4436 result = -1;
dbf4ca8b 4437 errno = EINTR;
df79d570 4438 }
c139c1d6 4439 break;
aa74279d 4440
4441 case errSSLClosedGraceful :
c139c1d6 4442 default :
aa74279d 4443 if (processed)
4444 result = (int)processed;
4445 else
4446 {
4447 result = -1;
4448 errno = EPIPE;
4449 }
c139c1d6 4450 break;
dcfcaeac 4451 }
6875feac 4452# elif defined(HAVE_SSPISSL)
aa74279d 4453 return _sspiWrite((_sspi_struct_t *)http->tls, (void *)buf, len);
dcfcaeac 4454# endif /* HAVE_LIBSSL */
efaca90c 4455
4456 DEBUG_printf(("3http_write_ssl: Returning %d.", (int)result));
4457
4458 return ((int)result);
dcfcaeac 4459}
bcf61448 4460#endif /* HAVE_SSL */
4461
dcfcaeac 4462
bcf61448 4463/*
c9d3f842 4464 * End of "$Id$".
3840d6ba 4465 */
Unnamed repository; edit this file 'description' to name the repository.