X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fcups.git;a=blobdiff_plain;f=cups%2Fhttp.c;h=b3abbe73e0d02e9951599dfc3a5bcd72a5053692;hp=bb3a7c3cf293635df246ba52d0b0137f81489dc4;hb=8072030b3c862315c367c73663b27f0427325919;hpb=72d05bc91250ab334249205727cc41625d793ae7 diff --git a/cups/http.c b/cups/http.c index bb3a7c3cf..b3abbe73e 100644 --- a/cups/http.c +++ b/cups/http.c @@ -1,9 +1,7 @@ /* - * "$Id$" - * * HTTP routines for CUPS. * - * Copyright 2007-2013 by Apple Inc. + * Copyright 2007-2015 by Apple Inc. * Copyright 1997-2007 by Easy Software Products, all rights reserved. * * This file contains Kerberos support code, copyright 2006 by @@ -68,20 +66,7 @@ static void http_set_timeout(int fd, double timeout); static void http_set_wait(http_t *http); #ifdef HAVE_SSL -static size_t http_tls_pending(http_t *http); -static int http_tls_read(http_t *http, char *buf, int len); -static int http_tls_set_credentials(http_t *http); -static int http_tls_start(http_t *http); -static void http_tls_stop(http_t *http); static int http_tls_upgrade(http_t *http); -static int http_tls_write(http_t *http, const char *buf, int len); -# ifdef HAVE_GNUTLS -# include "tls-gnutls.c" -# elif defined(HAVE_CDSASSL) -# include "tls-darwin.c" -# else -# include "tls-sspi.c" -# endif /* HAVE_GNUTLS */ #endif /* HAVE_SSL */ @@ -128,7 +113,7 @@ static const char * const http_fields[] = * 'httpAcceptConnection()' - Accept a new HTTP client connection from the * specified listening socket. * - * @since CUPS 1.7/OS X 10.9@ + * @since CUPS 1.7/macOS 10.9@ */ http_t * /* O - HTTP connection or @code NULL@ */ @@ -218,7 +203,7 @@ httpAcceptConnection(int fd, /* I - Listen socket file descriptor */ * * Use @code cupsArrayNew(NULL, NULL)@ to create a credentials array. * - * @since CUPS 1.5/OS X 10.7@ + * @since CUPS 1.5/macOS 10.7@ */ int /* O - 0 on success, -1 on error */ @@ -278,7 +263,7 @@ httpCheck(http_t *http) /* I - HTTP connection */ /* * 'httpClearCookie()' - Clear the cookie value(s). * - * @since CUPS 1.1.19/OS X 10.3@ + * @since CUPS 1.1.19/macOS 10.3@ */ void @@ -302,7 +287,7 @@ httpClearCookie(http_t *http) /* I - HTTP connection */ void httpClearFields(http_t *http) /* I - HTTP connection */ { - DEBUG_printf(("httpClearFields(http=%p)", http)); + DEBUG_printf(("httpClearFields(http=%p)", (void *)http)); if (http) { @@ -357,7 +342,7 @@ httpClose(http_t *http) /* I - HTTP connection */ #endif /* HAVE_GSSAPI */ - DEBUG_printf(("httpClose(http=%p)", http)); + DEBUG_printf(("httpClose(http=%p)", (void *)http)); /* * Range check input... @@ -406,7 +391,7 @@ httpClose(http_t *http) /* I - HTTP connection */ /* * 'httpCompareCredentials()' - Compare two sets of X.509 credentials. * - * @since CUPS 2.0@ + * @since CUPS 2.0/OS 10.10@ */ int /* O - 1 if they match, 0 if they do not */ @@ -447,7 +432,7 @@ httpConnect(const char *host, /* I - Host to connect to */ /* * 'httpConnect2()' - Connect to a HTTP server. * - * @since CUPS 1.7/OS X 10.9@ + * @since CUPS 1.7/macOS 10.9@ */ http_t * /* O - New HTTP connection */ @@ -464,9 +449,7 @@ httpConnect2( http_t *http; /* New HTTP connection */ - DEBUG_printf(("httpConnect2(host=\"%s\", port=%d, addrlist=%p, family=%d, " - "encryption=%d, blocking=%d, msec=%d, cancel=%p)", host, port, - addrlist, family, encryption, blocking, msec, cancel)); + DEBUG_printf(("httpConnect2(host=\"%s\", port=%d, addrlist=%p, family=%d, encryption=%d, blocking=%d, msec=%d, cancel=%p)", host, port, (void *)addrlist, family, encryption, blocking, msec, (void *)cancel)); /* * Create the HTTP structure... @@ -537,7 +520,7 @@ _httpDisconnect(http_t *http) /* I - HTTP connection */ { #ifdef HAVE_SSL if (http->tls) - http_tls_stop(http); + _httpTLSStop(http); #endif /* HAVE_SSL */ httpAddrClose(NULL, http->fd); @@ -554,7 +537,7 @@ int /* O - -1 on error, 0 on success */ httpEncryption(http_t *http, /* I - HTTP connection */ http_encryption_t e) /* I - New encryption preference */ { - DEBUG_printf(("httpEncryption(http=%p, e=%d)", http, e)); + DEBUG_printf(("httpEncryption(http=%p, e=%d)", (void *)http, e)); #ifdef HAVE_SSL if (!http) @@ -579,7 +562,7 @@ httpEncryption(http_t *http, /* I - HTTP connection */ http->encryption = e; if (e != HTTP_ENCRYPTION_IF_REQUESTED && !http->tls) - return (http_tls_start(http)); + return (_httpTLSStart(http)); else return (0); } @@ -637,8 +620,7 @@ httpFlush(http_t *http) /* I - HTTP connection */ http_state_t oldstate; /* Old state */ - DEBUG_printf(("httpFlush(http=%p), state=%s", http, - httpStateString(http->state))); + DEBUG_printf(("httpFlush(http=%p), state=%s", (void *)http, httpStateString(http->state))); /* * Nothing to do if we are in the "waiting" state... @@ -686,7 +668,7 @@ httpFlush(http_t *http) /* I - HTTP connection */ #ifdef HAVE_SSL if (http->tls) - http_tls_stop(http); + _httpTLSStop(http); #endif /* HAVE_SSL */ httpAddrClose(NULL, http->fd); @@ -699,17 +681,16 @@ httpFlush(http_t *http) /* I - HTTP connection */ /* * 'httpFlushWrite()' - Flush data in write buffer. * - * @since CUPS 1.2/OS X 10.5@ + * @since CUPS 1.2/macOS 10.5@ */ int /* O - Bytes written or -1 on error */ httpFlushWrite(http_t *http) /* I - HTTP connection */ { - int bytes; /* Bytes written */ + ssize_t bytes; /* Bytes written */ - DEBUG_printf(("httpFlushWrite(http=%p) data_encoding=%d", http, - http ? http->data_encoding : -1)); + DEBUG_printf(("httpFlushWrite(http=%p) data_encoding=%d", (void *)http, http ? http->data_encoding : 100)); if (!http || !http->wused) { @@ -719,15 +700,15 @@ httpFlushWrite(http_t *http) /* I - HTTP connection */ } if (http->data_encoding == HTTP_ENCODING_CHUNKED) - bytes = http_write_chunk(http, http->wbuffer, http->wused); + bytes = http_write_chunk(http, http->wbuffer, (size_t)http->wused); else - bytes = http_write(http, http->wbuffer, http->wused); + bytes = http_write(http, http->wbuffer, (size_t)http->wused); http->wused = 0; - DEBUG_printf(("1httpFlushWrite: Returning %d, errno=%d.", bytes, errno)); + DEBUG_printf(("1httpFlushWrite: Returning %d, errno=%d.", (int)bytes, errno)); - return (bytes); + return ((int)bytes); } @@ -772,7 +753,7 @@ httpGet(http_t *http, /* I - HTTP connection */ * * The return value is the UNIX time of the last read or write. * - * @since CUPS 2.0@ + * @since CUPS 2.0/OS 10.10@ */ time_t /* O - Time of last read or write */ @@ -790,7 +771,7 @@ httpGetActivity(http_t *http) /* I - HTTP connection */ * string to use with httpSetField() for the HTTP_FIELD_AUTHORIZATION * value. * - * @since CUPS 1.3/OS X 10.5@ + * @since CUPS 1.3/macOS 10.5@ */ char * /* O - Authorization string */ @@ -806,7 +787,7 @@ httpGetAuthString(http_t *http) /* I - HTTP connection */ /* * 'httpGetBlocking()' - Get the blocking/non-block state of a connection. * - * @since CUPS 1.2/OS X 10.5@ + * @since CUPS 1.2/macOS 10.5@ */ int /* O - 1 if blocking, 0 if non-blocking */ @@ -825,7 +806,7 @@ httpGetBlocking(http_t *http) /* I - HTTP connection */ * client. The value returned can be use in subsequent requests (for clients) * or in the response (for servers) in order to compress the content stream. * - * @since CUPS 1.7/OS X 10.9@ + * @since CUPS 1.7/macOS 10.9@ */ const char * /* O - Content-Coding value or @@ -907,11 +888,11 @@ httpGetContentEncoding(http_t *http) /* I - HTTP connection */ /* * 'httpGetCookie()' - Get any cookie data from the response. * - * @since CUPS 1.1.19/OS X 10.3@ + * @since CUPS 1.1.19/macOS 10.3@ */ const char * /* O - Cookie data or NULL */ -httpGetCookie(http_t *http) /* I - HTTP connecion */ +httpGetCookie(http_t *http) /* I - HTTP connection */ { return (http ? http->cookie : NULL); } @@ -924,7 +905,7 @@ httpGetCookie(http_t *http) /* I - HTTP connecion */ * @link httpIsEncrypted@ function to determine whether a TLS session has * been established. * - * @since CUPS 2.0@ + * @since CUPS 2.0/OS 10.10@ */ http_encryption_t /* O - Current encryption mode */ @@ -940,7 +921,7 @@ httpGetEncryption(http_t *http) /* I - HTTP connection */ * Returns @code HTTP_STATUS_NONE@ if there is no Expect header, otherwise * returns the expected HTTP status code, typically @code HTTP_STATUS_CONTINUE@. * - * @since CUPS 1.7/OS X 10.9@ + * @since CUPS 1.7/macOS 10.9@ */ http_status_t /* O - Expect: status, if any */ @@ -956,7 +937,7 @@ httpGetExpect(http_t *http) /* I - HTTP connection */ /* * 'httpGetFd()' - Get the file descriptor associated with a connection. * - * @since CUPS 1.2/OS X 10.5@ + * @since CUPS 1.2/macOS 10.5@ */ int /* O - File descriptor or -1 if none */ @@ -1008,7 +989,7 @@ httpGetField(http_t *http, /* I - HTTP connection */ /* * 'httpGetKeepAlive()' - Get the current Keep-Alive state of the connection. * - * @since CUPS 2.0@ + * @since CUPS 2.0/OS 10.10@ */ http_keepalive_t /* O - Keep-Alive state */ @@ -1053,7 +1034,7 @@ httpGetLength(http_t *http) /* I - HTTP connection */ * This function returns the complete content length, even for * content larger than 2^31 - 1. * - * @since CUPS 1.2/OS X 10.5@ + * @since CUPS 1.2/macOS 10.5@ */ off_t /* O - Content length */ @@ -1062,8 +1043,7 @@ httpGetLength2(http_t *http) /* I - HTTP connection */ off_t remaining; /* Remaining length */ - DEBUG_printf(("2httpGetLength2(http=%p), state=%s", http, - httpStateString(http->state))); + DEBUG_printf(("2httpGetLength2(http=%p), state=%s", (void *)http, httpStateString(http->state))); if (!http) return (-1); @@ -1117,20 +1097,20 @@ httpGetLength2(http_t *http) /* I - HTTP connection */ /* * 'httpGetPending()' - Get the number of bytes that are buffered for writing. * - * @since CUPS 2.0@ + * @since CUPS 2.0/OS 10.10@ */ size_t /* O - Number of bytes buffered */ httpGetPending(http_t *http) /* I - HTTP connection */ { - return (http ? http->wused : 0); + return (http ? (size_t)http->wused : 0); } /* * 'httpGetReady()' - Get the number of bytes that can be read without blocking. * - * @since CUPS 2.0@ + * @since CUPS 2.0/OS 10.10@ */ size_t /* O - Number of bytes available */ @@ -1139,10 +1119,10 @@ httpGetReady(http_t *http) /* I - HTTP connection */ if (!http) return (0); else if (http->used > 0) - return (http->used); + return ((size_t)http->used); #ifdef HAVE_SSL else if (http->tls) - return (http_tls_pending(http)); + return (_httpTLSPending(http)); #endif /* HAVE_SSL */ return (0); @@ -1156,13 +1136,13 @@ httpGetReady(http_t *http) /* I - HTTP connection */ * The @link httpIsChunked@ function can be used to determine whether the * message body is chunked or fixed-length. * - * @since CUPS 2.0@ + * @since CUPS 2.0/OS 10.10@ */ size_t /* O - Remaining bytes */ httpGetRemaining(http_t *http) /* I - HTTP connection */ { - return (http ? http->data_remaining : 0); + return (http ? (size_t)http->data_remaining : 0); } @@ -1175,15 +1155,15 @@ httpGets(char *line, /* I - Line to read into */ int length, /* I - Max length of buffer */ http_t *http) /* I - HTTP connection */ { - char *lineptr, /* Pointer into line */ - *lineend, /* End of line */ - *bufptr, /* Pointer into input buffer */ - *bufend; /* Pointer to end of buffer */ - int bytes, /* Number of bytes read */ - eol; /* End-of-line? */ + char *lineptr, /* Pointer into line */ + *lineend, /* End of line */ + *bufptr, /* Pointer into input buffer */ + *bufend; /* Pointer to end of buffer */ + ssize_t bytes; /* Number of bytes read */ + int eol; /* End-of-line? */ - DEBUG_printf(("2httpGets(line=%p, length=%d, http=%p)", line, length, http)); + DEBUG_printf(("2httpGets(line=%p, length=%d, http=%p)", (void *)line, length, (void *)http)); if (!http || !line || length <= 1) return (NULL); @@ -1229,10 +1209,9 @@ httpGets(char *line, /* I - Line to read into */ return (NULL); } - bytes = http_read(http, http->buffer + http->used, - HTTP_MAX_BUFFER - http->used); + bytes = http_read(http, http->buffer + http->used, (size_t)(HTTP_MAX_BUFFER - http->used)); - DEBUG_printf(("4httpGets: read %d bytes.", bytes)); + DEBUG_printf(("4httpGets: read " CUPS_LLFMT " bytes.", CUPS_LLCAST bytes)); if (bytes < 0) { @@ -1292,7 +1271,7 @@ httpGets(char *line, /* I - Line to read into */ * Yup, update the amount used... */ - http->used += bytes; + http->used += (int)bytes; } /* @@ -1316,7 +1295,7 @@ httpGets(char *line, /* I - Line to read into */ http->used -= (int)(bufptr - http->buffer); if (http->used > 0) - memmove(http->buffer, bufptr, http->used); + memmove(http->buffer, bufptr, (size_t)http->used); if (eol) { @@ -1354,7 +1333,7 @@ httpGetState(http_t *http) /* I - HTTP connection */ /* * 'httpGetStatus()' - Get the status of the last HTTP request. * - * @since CUPS 1.2/OS X 10.5@ + * @since CUPS 1.2/macOS 10.5@ */ http_status_t /* O - HTTP status */ @@ -1383,7 +1362,7 @@ httpGetSubField(http_t *http, /* I - HTTP connection */ /* * 'httpGetSubField2()' - Get a sub-field value. * - * @since CUPS 1.2/OS X 10.5@ + * @since CUPS 1.2/macOS 10.5@ */ char * /* O - Value or NULL */ @@ -1398,8 +1377,7 @@ httpGetSubField2(http_t *http, /* I - HTTP connection */ *ptr, /* Pointer into string buffer */ *end; /* End of value buffer */ - DEBUG_printf(("2httpGetSubField2(http=%p, field=%d, name=\"%s\", value=%p, " - "valuelen=%d)", http, field, name, value, valuelen)); + DEBUG_printf(("2httpGetSubField2(http=%p, field=%d, name=\"%s\", value=%p, valuelen=%d)", (void *)http, field, name, (void *)value, valuelen)); if (!http || !name || !value || valuelen < 2 || field <= HTTP_FIELD_UNKNOWN || field >= HTTP_FIELD_MAX) @@ -1531,7 +1509,7 @@ int /* O - Status of call (0 = success) */ httpHead(http_t *http, /* I - HTTP connection */ const char *uri) /* I - URI for head */ { - DEBUG_printf(("httpHead(http=%p, uri=\"%s\")", http, uri)); + DEBUG_printf(("httpHead(http=%p, uri=\"%s\")", (void *)http, uri)); return (http_send(http, HTTP_STATE_HEAD, uri)); } @@ -1582,7 +1560,7 @@ httpInitialize(void) #endif /* WIN32 */ # ifdef HAVE_SSL - http_tls_initialize(); + _httpTLSInitialize(); # endif /* HAVE_SSL */ initialized = 1; @@ -1596,7 +1574,7 @@ httpInitialize(void) * This function returns non-zero if the message body is composed of * variable-length chunks. * - * @since CUPS 2.0@ + * @since CUPS 2.0/OS 10.10@ */ int /* O - 1 if chunked, 0 if not */ @@ -1611,7 +1589,7 @@ httpIsChunked(http_t *http) /* I - HTTP connection */ * * This function returns non-zero if the connection is currently encrypted. * - * @since CUPS 2.0@ + * @since CUPS 2.0/OS 10.10@ */ int /* O - 1 if encrypted, 0 if not */ @@ -1642,7 +1620,7 @@ httpOptions(http_t *http, /* I - HTTP connection */ * * For non-blocking connections the usual timeouts apply. * - * @since CUPS 1.7/OS X 10.9@ + * @since CUPS 1.7/macOS 10.9@ */ ssize_t /* O - Number of bytes copied */ @@ -1654,8 +1632,7 @@ httpPeek(http_t *http, /* I - HTTP connection */ char len[32]; /* Length string */ - DEBUG_printf(("httpPeek(http=%p, buffer=%p, length=" CUPS_LLFMT ")", - http, buffer, CUPS_LLCAST length)); + DEBUG_printf(("httpPeek(http=%p, buffer=%p, length=" CUPS_LLFMT ")", (void *)http, (void *)buffer, CUPS_LLCAST length)); if (http == NULL || buffer == NULL) return (-1); @@ -1707,7 +1684,7 @@ httpPeek(http_t *http, /* I - HTTP connection */ */ #ifdef HAVE_LIBZ - if (http->coding) + if (http->coding >= _HTTP_CODING_GUNZIP) http_content_coding_finish(http); #endif /* HAVE_LIBZ */ @@ -1735,7 +1712,8 @@ httpPeek(http_t *http, /* I - HTTP connection */ #ifdef HAVE_LIBZ if (http->used == 0 && - (http->coding == _HTTP_CODING_IDENTITY || http->stream.avail_in == 0)) + (http->coding == _HTTP_CODING_IDENTITY || + (http->coding >= _HTTP_CODING_GUNZIP && http->stream.avail_in == 0))) #else if (http->used == 0) #endif /* HAVE_LIBZ */ @@ -1757,13 +1735,13 @@ httpPeek(http_t *http, /* I - HTTP connection */ } } - if (http->data_remaining > sizeof(http->buffer)) + if ((size_t)http->data_remaining > sizeof(http->buffer)) buflen = sizeof(http->buffer); else - buflen = http->data_remaining; + buflen = (ssize_t)http->data_remaining; DEBUG_printf(("2httpPeek: Reading %d bytes into buffer.", (int)buflen)); - bytes = http_read(http, http->buffer, buflen); + bytes = http_read(http, http->buffer, (size_t)buflen); DEBUG_printf(("2httpPeek: Read " CUPS_LLFMT " bytes into buffer.", CUPS_LLCAST bytes)); @@ -1773,12 +1751,12 @@ httpPeek(http_t *http, /* I - HTTP connection */ http_debug_hex("httpPeek", http->buffer, (int)bytes); #endif /* DEBUG */ - http->used = bytes; + http->used = (int)bytes; } } #ifdef HAVE_LIBZ - if (http->coding) + if (http->coding >= _HTTP_CODING_GUNZIP) { # ifdef HAVE_INFLATECOPY int zerr; /* Decompressor error */ @@ -1790,27 +1768,27 @@ httpPeek(http_t *http, /* I - HTTP connection */ /* Number of bytes to copy */ if (http->stream.avail_in > 0 && - http->stream.next_in > http->dbuffer) - memmove(http->dbuffer, http->stream.next_in, http->stream.avail_in); + http->stream.next_in > http->sbuffer) + memmove(http->sbuffer, http->stream.next_in, http->stream.avail_in); - http->stream.next_in = http->dbuffer; + http->stream.next_in = http->sbuffer; - if (buflen > http->data_remaining) - buflen = http->data_remaining; + if (buflen > (size_t)http->data_remaining) + buflen = (size_t)http->data_remaining; - if (buflen > http->used) - buflen = http->used; + if (buflen > (size_t)http->used) + buflen = (size_t)http->used; DEBUG_printf(("1httpPeek: Copying %d more bytes of data into " "decompression buffer.", (int)buflen)); - memcpy(http->dbuffer + http->stream.avail_in, http->buffer, buflen); + memcpy(http->sbuffer + http->stream.avail_in, http->buffer, buflen); http->stream.avail_in += buflen; - http->used -= buflen; - http->data_remaining -= buflen; + http->used -= (int)buflen; + http->data_remaining -= (off_t)buflen; if (http->used > 0) - memmove(http->buffer, http->buffer + buflen, http->used); + memmove(http->buffer, http->buffer + buflen, (size_t)http->used); } DEBUG_printf(("2httpPeek: length=%d, avail_in=%d", (int)length, @@ -1824,7 +1802,7 @@ httpPeek(http_t *http, /* I - HTTP connection */ } stream.next_out = (Bytef *)buffer; - stream.avail_out = length; + stream.avail_out = (uInt)length; zerr = inflate(&stream, Z_SYNC_FLUSH); inflateEnd(&stream); @@ -1833,15 +1811,14 @@ httpPeek(http_t *http, /* I - HTTP connection */ { DEBUG_printf(("2httpPeek: zerr=%d", zerr)); #ifdef DEBUG - http_debug_hex("2httpPeek", (char *)http->dbuffer, - http->stream.avail_in); + http_debug_hex("2httpPeek", (char *)http->sbuffer, (int)http->stream.avail_in); #endif /* DEBUG */ http->error = EIO; return (-1); } - bytes = length - http->stream.avail_out; + bytes = (ssize_t)(length - http->stream.avail_out); # else DEBUG_puts("2httpPeek: No inflateCopy on this platform, httpPeek does not " @@ -1913,21 +1890,21 @@ httpPrintf(http_t *http, /* I - HTTP connection */ const char *format, /* I - printf-style format string */ ...) /* I - Additional args as needed */ { - int bytes; /* Number of bytes to write */ + ssize_t bytes; /* Number of bytes to write */ char buf[16384]; /* Buffer for formatted string */ va_list ap; /* Variable argument pointer */ - DEBUG_printf(("2httpPrintf(http=%p, format=\"%s\", ...)", http, format)); + DEBUG_printf(("2httpPrintf(http=%p, format=\"%s\", ...)", (void *)http, format)); va_start(ap, format); bytes = vsnprintf(buf, sizeof(buf), format, ap); va_end(ap); - DEBUG_printf(("3httpPrintf: (%d bytes) %s", bytes, buf)); + DEBUG_printf(("3httpPrintf: (" CUPS_LLFMT " bytes) %s", CUPS_LLCAST bytes, buf)); if (http->data_encoding == HTTP_ENCODING_FIELDS) - return (httpWrite2(http, buf, bytes)); + return ((int)httpWrite2(http, buf, (size_t)bytes)); else { if (http->wused) @@ -1938,7 +1915,7 @@ httpPrintf(http_t *http, /* I - HTTP connection */ return (-1); } - return (http_write(http, buf, bytes)); + return ((int)http_write(http, buf, (size_t)bytes)); } } @@ -1951,7 +1928,7 @@ int /* O - Status of call (0 = success) */ httpPut(http_t *http, /* I - HTTP connection */ const char *uri) /* I - URI to put */ { - DEBUG_printf(("httpPut(http=%p, uri=\"%s\")", http, uri)); + DEBUG_printf(("httpPut(http=%p, uri=\"%s\")", (void *)http, uri)); return (http_send(http, HTTP_STATE_PUT, uri)); } @@ -1970,14 +1947,14 @@ httpRead(http_t *http, /* I - HTTP connection */ char *buffer, /* I - Buffer for data */ int length) /* I - Maximum number of bytes */ { - return ((int)httpRead2(http, buffer, length)); + return ((int)httpRead2(http, buffer, (size_t)length)); } /* * 'httpRead2()' - Read data from a HTTP connection. * - * @since CUPS 1.2/OS X 10.5@ + * @since CUPS 1.2/macOS 10.5@ */ ssize_t /* O - Number of bytes read */ @@ -1989,16 +1966,9 @@ httpRead2(http_t *http, /* I - HTTP connection */ #ifdef HAVE_LIBZ - DEBUG_printf(("httpRead2(http=%p, buffer=%p, length=" CUPS_LLFMT - ") coding=%d data_encoding=%d data_remaining=" CUPS_LLFMT, - http, buffer, CUPS_LLCAST length, - http->coding, - http->data_encoding, CUPS_LLCAST http->data_remaining)); + DEBUG_printf(("httpRead2(http=%p, buffer=%p, length=" CUPS_LLFMT ") coding=%d data_encoding=%d data_remaining=" CUPS_LLFMT, (void *)http, (void *)buffer, CUPS_LLCAST length, http->coding, http->data_encoding, CUPS_LLCAST http->data_remaining)); #else - DEBUG_printf(("httpRead2(http=%p, buffer=%p, length=" CUPS_LLFMT - ") data_encoding=%d data_remaining=" CUPS_LLFMT, - http, buffer, CUPS_LLCAST length, - http->data_encoding, CUPS_LLCAST http->data_remaining)); + DEBUG_printf(("httpRead2(http=%p, buffer=%p, length=" CUPS_LLFMT ") data_encoding=%d data_remaining=" CUPS_LLFMT, (void *)http, (void *)buffer, CUPS_LLCAST length, http->data_encoding, CUPS_LLCAST http->data_remaining)); #endif /* HAVE_LIBZ */ if (http == NULL || buffer == NULL) @@ -2011,7 +1981,7 @@ httpRead2(http_t *http, /* I - HTTP connection */ return (0); #ifdef HAVE_LIBZ - if (http->coding) + if (http->coding >= _HTTP_CODING_GUNZIP) { do { @@ -2023,21 +1993,20 @@ httpRead2(http_t *http, /* I - HTTP connection */ (int)http->stream.avail_in, (int)length)); http->stream.next_out = (Bytef *)buffer; - http->stream.avail_out = length; + http->stream.avail_out = (uInt)length; if ((zerr = inflate(&(http->stream), Z_SYNC_FLUSH)) < Z_OK) { DEBUG_printf(("2httpRead2: zerr=%d", zerr)); #ifdef DEBUG - http_debug_hex("2httpRead2", (char *)http->dbuffer, - http->stream.avail_in); + http_debug_hex("2httpRead2", (char *)http->sbuffer, (int)http->stream.avail_in); #endif /* DEBUG */ http->error = EIO; return (-1); } - bytes = length - http->stream.avail_out; + bytes = (ssize_t)(length - http->stream.avail_out); DEBUG_printf(("2httpRead2: avail_in=%d, avail_out=%d, bytes=%d", http->stream.avail_in, http->stream.avail_out, @@ -2048,16 +2017,16 @@ httpRead2(http_t *http, /* I - HTTP connection */ if (bytes == 0) { - ssize_t buflen = HTTP_MAX_BUFFER - http->stream.avail_in; + ssize_t buflen = HTTP_MAX_BUFFER - (ssize_t)http->stream.avail_in; /* Additional bytes for buffer */ if (buflen > 0) { if (http->stream.avail_in > 0 && - http->stream.next_in > http->dbuffer) - memmove(http->dbuffer, http->stream.next_in, http->stream.avail_in); + http->stream.next_in > http->sbuffer) + memmove(http->sbuffer, http->stream.next_in, http->stream.avail_in); - http->stream.next_in = http->dbuffer; + http->stream.next_in = http->sbuffer; DEBUG_printf(("1httpRead2: Reading up to %d more bytes of data into " "decompression buffer.", (int)buflen)); @@ -2065,16 +2034,12 @@ httpRead2(http_t *http, /* I - HTTP connection */ if (http->data_remaining > 0) { if (buflen > http->data_remaining) - buflen = http->data_remaining; + buflen = (ssize_t)http->data_remaining; - bytes = http_read_buffered(http, - (char *)http->dbuffer + - http->stream.avail_in, buflen); + bytes = http_read_buffered(http, (char *)http->sbuffer + http->stream.avail_in, (size_t)buflen); } else if (http->data_encoding == HTTP_ENCODING_CHUNKED) - bytes = http_read_chunk(http, - (char *)http->dbuffer + - http->stream.avail_in, buflen); + bytes = http_read_chunk(http, (char *)http->sbuffer + http->stream.avail_in, (size_t)buflen); else bytes = 0; @@ -2087,7 +2052,7 @@ httpRead2(http_t *http, /* I - HTTP connection */ "decompression buffer.", CUPS_LLCAST bytes)); http->data_remaining -= bytes; - http->stream.avail_in += bytes; + http->stream.avail_in += (uInt)bytes; if (http->data_remaining <= 0 && http->data_encoding == HTTP_ENCODING_CHUNKED) @@ -2165,14 +2130,15 @@ httpRead2(http_t *http, /* I - HTTP connection */ if ( #ifdef HAVE_LIBZ - (http->coding == _HTTP_CODING_IDENTITY || http->stream.avail_in == 0) && + (http->coding == _HTTP_CODING_IDENTITY || + (http->coding >= _HTTP_CODING_GUNZIP && http->stream.avail_in == 0)) && #endif /* HAVE_LIBZ */ ((http->data_remaining <= 0 && http->data_encoding == HTTP_ENCODING_LENGTH) || (http->data_encoding == HTTP_ENCODING_CHUNKED && bytes == 0))) { #ifdef HAVE_LIBZ - if (http->coding) + if (http->coding >= _HTTP_CODING_GUNZIP) http_content_coding_finish(http); #endif /* HAVE_LIBZ */ @@ -2195,7 +2161,7 @@ httpRead2(http_t *http, /* I - HTTP connection */ /* * 'httpReadRequest()' - Read a HTTP request from a connection. * - * @since CUPS 1.7/OS X 10.9@ + * @since CUPS 1.7/macOS 10.9@ */ http_state_t /* O - New state of connection */ @@ -2213,8 +2179,7 @@ httpReadRequest(http_t *http, /* I - HTTP connection */ * Range check input... */ - DEBUG_printf(("httpReadRequest(http=%p, uri=%p, urilen=" CUPS_LLFMT ")", - http, uri, CUPS_LLCAST urilen)); + DEBUG_printf(("httpReadRequest(http=%p, uri=%p, urilen=" CUPS_LLFMT ")", (void *)http, (void *)uri, CUPS_LLCAST urilen)); if (uri) *uri = '\0'; @@ -2367,7 +2332,7 @@ httpReadRequest(http_t *http, /* I - HTTP connection */ int /* O - 0 on success, non-zero on failure */ httpReconnect(http_t *http) /* I - HTTP connection */ { - DEBUG_printf(("httpReconnect(http=%p)", http)); + DEBUG_printf(("httpReconnect(http=%p)", (void *)http)); return (httpReconnect2(http, 30000, NULL)); } @@ -2390,8 +2355,7 @@ httpReconnect2(http_t *http, /* I - HTTP connection */ #endif /* DEBUG */ - DEBUG_printf(("httpReconnect2(http=%p, msec=%d, cancel=%p)", http, msec, - cancel)); + DEBUG_printf(("httpReconnect2(http=%p, msec=%d, cancel=%p)", (void *)http, msec, (void *)cancel)); if (!http) { @@ -2403,7 +2367,7 @@ httpReconnect2(http_t *http, /* I - HTTP connection */ if (http->tls) { DEBUG_puts("2httpReconnect2: Shutting down SSL/TLS..."); - http_tls_stop(http); + _httpTLSStop(http); } #endif /* HAVE_SSL */ @@ -2446,8 +2410,7 @@ httpReconnect2(http_t *http, /* I - HTTP connection */ httpAddrPort(&(current->addr)))); #endif /* DEBUG */ - if ((addr = httpAddrConnect2(http->addrlist, &(http->fd), msec, - cancel)) == NULL) + if ((addr = httpAddrConnect2(http->addrlist, &(http->fd), msec, cancel)) == NULL) { /* * Unable to connect... @@ -2481,7 +2444,7 @@ httpReconnect2(http_t *http, /* I - HTTP connection */ * Always do encryption via SSL. */ - if (http_tls_start(http) != 0) + if (_httpTLSStart(http) != 0) { httpAddrClose(NULL, http->fd); @@ -2508,7 +2471,7 @@ httpReconnect2(http_t *http, /* I - HTTP connection */ * HTTP_FIELD_AUTHORIZATION prior to issuing a HTTP request using httpGet(), * httpHead(), httpOptions(), httpPost, or httpPut(). * - * @since CUPS 1.3/OS X 10.5@ + * @since CUPS 1.3/macOS 10.5@ */ void @@ -2534,10 +2497,10 @@ httpSetAuthString(http_t *http, /* I - HTTP connection */ * Set the current authorization string... */ - int len = (int)strlen(scheme) + (data ? (int)strlen(data) + 1 : 0) + 1; + size_t len = strlen(scheme) + (data ? strlen(data) + 1 : 0) + 1; char *temp; - if (len > (int)sizeof(http->_authstring)) + if (len > sizeof(http->_authstring)) { if ((temp = malloc(len)) == NULL) len = sizeof(http->_authstring); @@ -2565,7 +2528,7 @@ httpSetAuthString(http_t *http, /* I - HTTP connection */ * 'httpSetCredentials()' - Set the credentials associated with an encrypted * connection. * - * @since CUPS 1.5/OS X 10.7@ + * @since CUPS 1.5/macOS 10.7@ */ int /* O - Status of call (0 = success) */ @@ -2575,9 +2538,11 @@ httpSetCredentials(http_t *http, /* I - HTTP connection */ if (!http || cupsArrayCount(credentials) < 1) return (-1); +#ifdef HAVE_SSL _httpFreeCredentials(http->tls_credentials); http->tls_credentials = _httpCreateCredentials(credentials); +#endif /* HAVE_SSL */ return (http->tls_credentials ? 0 : -1); } @@ -2586,7 +2551,7 @@ httpSetCredentials(http_t *http, /* I - HTTP connection */ /* * 'httpSetCookie()' - Set the cookie value(s). * - * @since CUPS 1.1.19/OS X 10.3@ + * @since CUPS 1.1.19/macOS 10.3@ */ void @@ -2612,7 +2577,7 @@ httpSetCookie(http_t *http, /* I - Connection */ * Currently only @code HTTP_FIELD_ACCEPT_ENCODING@, @code HTTP_FIELD_SERVER@, * and @code HTTP_FIELD_USER_AGENT@ can be set. * - * @since CUPS 1.7/OS X 10.9@ + * @since CUPS 1.7/macOS 10.9@ */ void @@ -2620,8 +2585,7 @@ httpSetDefaultField(http_t *http, /* I - HTTP connection */ http_field_t field, /* I - Field index */ const char *value)/* I - Value */ { - DEBUG_printf(("httpSetDefaultField(http=%p, field=%d(%s), value=\"%s\")", - http, field, http_fields[field], value)); + DEBUG_printf(("httpSetDefaultField(http=%p, field=%d(%s), value=\"%s\")", (void *)http, field, http_fields[field], value)); if (!http) return; @@ -2662,7 +2626,7 @@ httpSetDefaultField(http_t *http, /* I - HTTP connection */ * Currently only @code HTTP_STATUS_CONTINUE@ is supported for the "expect" * argument. * - * @since CUPS 1.2/OS X 10.5@ + * @since CUPS 1.2/macOS 10.5@ */ void @@ -2670,7 +2634,7 @@ httpSetExpect(http_t *http, /* I - HTTP connection */ http_status_t expect) /* I - HTTP status to expect (@code HTTP_STATUS_CONTINUE@) */ { - DEBUG_printf(("httpSetExpect(http=%p, expect=%d)", http, expect)); + DEBUG_printf(("httpSetExpect(http=%p, expect=%d)", (void *)http, expect)); if (http) http->expect = expect; @@ -2686,8 +2650,7 @@ httpSetField(http_t *http, /* I - HTTP connection */ http_field_t field, /* I - Field index */ const char *value) /* I - Value */ { - DEBUG_printf(("httpSetField(http=%p, field=%d(%s), value=\"%s\")", http, - field, http_fields[field], value)); + DEBUG_printf(("httpSetField(http=%p, field=%d(%s), value=\"%s\")", (void *)http, field, http_fields[field], value)); if (http == NULL || field < HTTP_FIELD_ACCEPT_LANGUAGE || @@ -2718,6 +2681,19 @@ httpSetField(http_t *http, /* I - HTTP connection */ http->server = _cupsStrAlloc(value); break; + case HTTP_FIELD_WWW_AUTHENTICATE : + /* CUPS STR #4503 - don't override WWW-Authenticate for unknown auth schemes */ + if (http->fields[HTTP_FIELD_WWW_AUTHENTICATE][0] && + _cups_strncasecmp(value, "Basic ", 6) && + _cups_strncasecmp(value, "Digest ", 7) && + _cups_strncasecmp(value, "Negotiate ", 10)) + { + DEBUG_printf(("1httpSetField: Ignoring unknown auth scheme in \"%s\".", value)); + return; + } + + /* Fall through to copy */ + default : strlcpy(http->fields[field], value, HTTP_MAX_VALUE); break; @@ -2787,7 +2763,7 @@ httpSetField(http_t *http, /* I - HTTP connection */ /* * 'httpSetKeepAlive()' - Set the current Keep-Alive state of a connection. * - * @since CUPS 2.0@ + * @since CUPS 2.0/OS 10.10@ */ void @@ -2803,15 +2779,14 @@ httpSetKeepAlive( /* * 'httpSetLength()' - Set the content-length and content-encoding. * - * @since CUPS 1.2/OS X 10.5@ + * @since CUPS 1.2/macOS 10.5@ */ void httpSetLength(http_t *http, /* I - HTTP connection */ size_t length) /* I - Length (0 for chunked) */ { - DEBUG_printf(("httpSetLength(http=%p, length=" CUPS_LLFMT ")", http, - CUPS_LLCAST length)); + DEBUG_printf(("httpSetLength(http=%p, length=" CUPS_LLFMT ")", (void *)http, CUPS_LLCAST length)); if (!http) return; @@ -2837,7 +2812,7 @@ httpSetLength(http_t *http, /* I - HTTP connection */ * The optional timeout callback receives both the HTTP connection and a user * data pointer and must return 1 to continue or 0 to error (time) out. * - * @since CUPS 1.5/OS X 10.7@ + * @since CUPS 1.5/macOS 10.7@ */ void @@ -2865,7 +2840,7 @@ httpSetTimeout( /* * 'httpShutdown()' - Shutdown one side of an HTTP connection. * - * @since CUPS 2.0@ + * @since CUPS 2.0/OS 10.10@ */ void @@ -2874,10 +2849,16 @@ httpShutdown(http_t *http) /* I - HTTP connection */ if (!http || http->fd < 0) return; +#ifdef HAVE_SSL if (http->tls) - http_tls_stop(http); + _httpTLSStop(http); +#endif /* HAVE_SSL */ +#ifdef WIN32 + shutdown(http->fd, SD_RECEIVE); /* Microsoft-ism... */ +#else shutdown(http->fd, SHUT_RD); +#endif /* WIN32 */ } @@ -2910,8 +2891,7 @@ _httpUpdate(http_t *http, /* I - HTTP connection */ int major, minor; /* HTTP version numbers */ - DEBUG_printf(("_httpUpdate(http=%p, status=%p), state=%s", http, status, - httpStateString(http->state))); + DEBUG_printf(("_httpUpdate(http=%p, status=%p), state=%s", (void *)http, (void *)status, httpStateString(http->state))); /* * Grab a single line from the connection... @@ -2948,7 +2928,7 @@ _httpUpdate(http_t *http, /* I - HTTP connection */ #ifdef HAVE_SSL if (http->status == HTTP_STATUS_SWITCHING_PROTOCOLS && !http->tls) { - if (http_tls_start(http) != 0) + if (_httpTLSStart(http) != 0) { httpAddrClose(NULL, http->fd); @@ -3000,7 +2980,7 @@ _httpUpdate(http_t *http, /* I - HTTP connection */ *status = http->status; return (0); } - else if (!strncmp(line, "HTTP/", 5)) + else if (!strncmp(line, "HTTP/", 5) && http->mode == _HTTP_MODE_CLIENT) { /* * Got the beginning of a response... @@ -3080,8 +3060,7 @@ httpUpdate(http_t *http) /* I - HTTP connection */ http_status_t status; /* Request status */ - DEBUG_printf(("httpUpdate(http=%p), state=%s", http, - httpStateString(http->state))); + DEBUG_printf(("httpUpdate(http=%p), state=%s", (void *)http, httpStateString(http->state))); /* * Flush pending data, if any... @@ -3152,7 +3131,7 @@ _httpWait(http_t *http, /* I - HTTP connection */ int nfds; /* Result from select()/poll() */ - DEBUG_printf(("4_httpWait(http=%p, msec=%d, usessl=%d)", http, msec, usessl)); + DEBUG_printf(("4_httpWait(http=%p, msec=%d, usessl=%d)", (void *)http, msec, usessl)); if (http->fd < 0) { @@ -3165,7 +3144,7 @@ _httpWait(http_t *http, /* I - HTTP connection */ */ #ifdef HAVE_SSL - if (http->tls && http_tls_pending(http)) + if (http->tls && _httpTLSPending(http)) { DEBUG_puts("5_httpWait: Return 1 since there is pending TLS data."); return (1); @@ -3224,7 +3203,7 @@ _httpWait(http_t *http, /* I - HTTP connection */ /* * 'httpWait()' - Wait for data available on a connection. * - * @since CUPS 1.1.19/OS X 10.3@ + * @since CUPS 1.1.19/macOS 10.3@ */ int /* O - 1 if data is available, 0 otherwise */ @@ -3235,7 +3214,7 @@ httpWait(http_t *http, /* I - HTTP connection */ * First see if there is data in the buffer... */ - DEBUG_printf(("2httpWait(http=%p, msec=%d)", http, msec)); + DEBUG_printf(("2httpWait(http=%p, msec=%d)", (void *)http, msec)); if (http == NULL) return (0); @@ -3288,14 +3267,14 @@ httpWrite(http_t *http, /* I - HTTP connection */ const char *buffer, /* I - Buffer for data */ int length) /* I - Number of bytes to write */ { - return ((int)httpWrite2(http, buffer, length)); + return ((int)httpWrite2(http, buffer, (size_t)length)); } /* * 'httpWrite2()' - Write data to a HTTP connection. * - * @since CUPS 1.2/OS X 10.5@ + * @since CUPS 1.2/macOS 10.5@ */ ssize_t /* O - Number of bytes written */ @@ -3306,8 +3285,7 @@ httpWrite2(http_t *http, /* I - HTTP connection */ ssize_t bytes; /* Bytes written */ - DEBUG_printf(("httpWrite2(http=%p, buffer=%p, length=" CUPS_LLFMT ")", http, - buffer, CUPS_LLCAST length)); + DEBUG_printf(("httpWrite2(http=%p, buffer=%p, length=" CUPS_LLFMT ")", (void *)http, (void *)buffer, CUPS_LLCAST length)); /* * Range check input... @@ -3330,7 +3308,7 @@ httpWrite2(http_t *http, /* I - HTTP connection */ */ #ifdef HAVE_LIBZ - if (http->coding) + if (http->coding == _HTTP_CODING_GZIP || http->coding == _HTTP_CODING_DEFLATE) { DEBUG_printf(("1httpWrite2: http->coding=%d", http->coding)); @@ -3341,37 +3319,48 @@ httpWrite2(http_t *http, /* I - HTTP connection */ } else { + size_t slen; /* Bytes to write */ + ssize_t sret; /* Bytes written */ + http->stream.next_in = (Bytef *)buffer; - http->stream.avail_in = length; - http->stream.next_out = (Bytef *)http->wbuffer + http->wused; - http->stream.avail_out = sizeof(http->wbuffer) - http->wused; + http->stream.avail_in = (uInt)length; while (deflate(&(http->stream), Z_NO_FLUSH) == Z_OK) { - http->wused = sizeof(http->wbuffer) - http->stream.avail_out; + DEBUG_printf(("1httpWrite2: avail_out=%d", http->stream.avail_out)); - if (http->stream.avail_out == 0) - { - if (httpFlushWrite(http) < 0) - { - DEBUG_puts("1httpWrite2: Unable to flush, returning -1."); - return (-1); - } + if (http->stream.avail_out > 0) + continue; - http->stream.next_out = (Bytef *)http->wbuffer; - http->stream.avail_out = sizeof(http->wbuffer); + slen = _HTTP_MAX_SBUFFER - http->stream.avail_out; + + DEBUG_printf(("1httpWrite2: Writing intermediate chunk, len=%d", (int)slen)); + + if (slen > 0 && http->data_encoding == HTTP_ENCODING_CHUNKED) + sret = http_write_chunk(http, (char *)http->sbuffer, slen); + else if (slen > 0) + sret = http_write(http, (char *)http->sbuffer, slen); + else + sret = 0; + + if (sret < 0) + { + DEBUG_puts("1httpWrite2: Unable to write, returning -1."); + return (-1); } + + http->stream.next_out = (Bytef *)http->sbuffer; + http->stream.avail_out = (uInt)_HTTP_MAX_SBUFFER; } - http->wused = sizeof(http->wbuffer) - http->stream.avail_out; - bytes = length; + bytes = (ssize_t)length; } } else #endif /* HAVE_LIBZ */ if (length > 0) { - if (http->wused && (length + http->wused) > sizeof(http->wbuffer)) + if (http->wused && (length + (size_t)http->wused) > sizeof(http->wbuffer)) { DEBUG_printf(("2httpWrite2: Flushing buffer (wused=%d, length=" CUPS_LLFMT ")", http->wused, CUPS_LLCAST length)); @@ -3379,8 +3368,7 @@ httpWrite2(http_t *http, /* I - HTTP connection */ httpFlushWrite(http); } - if ((length + http->wused) <= sizeof(http->wbuffer) && - length < sizeof(http->wbuffer)) + if ((length + (size_t)http->wused) <= sizeof(http->wbuffer) && length < sizeof(http->wbuffer)) { /* * Write to buffer... @@ -3403,9 +3391,9 @@ httpWrite2(http_t *http, /* I - HTTP connection */ CUPS_LLCAST length)); if (http->data_encoding == HTTP_ENCODING_CHUNKED) - bytes = (ssize_t)http_write_chunk(http, buffer, (int)length); + bytes = (ssize_t)http_write_chunk(http, buffer, length); else - bytes = (ssize_t)http_write(http, buffer, (int)length); + bytes = (ssize_t)http_write(http, buffer, length); DEBUG_printf(("2httpWrite2: Wrote " CUPS_LLFMT " bytes...", CUPS_LLCAST bytes)); @@ -3430,7 +3418,7 @@ httpWrite2(http_t *http, /* I - HTTP connection */ */ #ifdef HAVE_LIBZ - if (http->coding) + if (http->coding == _HTTP_CODING_GZIP || http->coding == _HTTP_CODING_DEFLATE) http_content_coding_finish(http); #endif /* HAVE_LIBZ */ @@ -3477,7 +3465,7 @@ httpWrite2(http_t *http, /* I - HTTP connection */ /* * 'httpWriteResponse()' - Write a HTTP response to a client connection. * - * @since CUPS 1.7/OS X 10.9@ + * @since CUPS 1.7/macOS 10.9@ */ int /* O - 0 on success, -1 on error */ @@ -3492,7 +3480,7 @@ httpWriteResponse(http_t *http, /* I - HTTP connection */ * Range check input... */ - DEBUG_printf(("httpWriteResponse(http=%p, status=%d)", http, status)); + DEBUG_printf(("httpWriteResponse(http=%p, status=%d)", (void *)http, status)); if (!http || status < HTTP_STATUS_CONTINUE) { @@ -3597,13 +3585,31 @@ httpWriteResponse(http_t *http, /* I - HTTP connection */ if (http->cookie) { - if (httpPrintf(http, "Set-Cookie: %s path=/ httponly%s\r\n", - http->cookie, http->tls ? " secure" : "") < 1) + if (strchr(http->cookie, ';')) + { + if (httpPrintf(http, "Set-Cookie: %s\r\n", http->cookie) < 1) + { + http->status = HTTP_STATUS_ERROR; + return (-1); + } + } + else if (httpPrintf(http, "Set-Cookie: %s; path=/; httponly;%s\r\n", http->cookie, http->tls ? " secure;" : "") < 1) { http->status = HTTP_STATUS_ERROR; return (-1); } } + + /* + * "Click-jacking" defense (STR #4492)... + */ + + if (httpPrintf(http, "X-Frame-Options: DENY\r\n" + "Content-Security-Policy: frame-ancestors 'none'\r\n") < 1) + { + http->status = HTTP_STATUS_ERROR; + return (-1); + } } if (httpWrite2(http, "\r\n", 2) < 2) @@ -3686,9 +3692,13 @@ static void http_content_coding_finish( http_t *http) /* I - HTTP connection */ { - int zerr; /* Compression status */ - Byte dummy[1]; /* Dummy read buffer */ + int zerr; /* Compression status */ + Byte dummy[1]; /* Dummy read buffer */ + size_t bytes; /* Number of bytes to write */ + + DEBUG_printf(("http_content_coding_finish(http=%p)", (void *)http)); + DEBUG_printf(("1http_content_coding_finishing: http->coding=%d", http->coding)); switch (http->coding) { @@ -3699,19 +3709,29 @@ http_content_coding_finish( do { - http->stream.next_out = (Bytef *)http->wbuffer + http->wused; - http->stream.avail_out = sizeof(http->wbuffer) - http->wused; + zerr = deflate(&(http->stream), Z_FINISH); + bytes = _HTTP_MAX_SBUFFER - http->stream.avail_out; - zerr = deflate(&(http->stream), Z_FINISH); + if (bytes > 0) + { + DEBUG_printf(("1http_content_coding_finish: Writing trailing chunk, len=%d", (int)bytes)); - http->wused = sizeof(http->wbuffer) - http->stream.avail_out; - if (http->wused == sizeof(http->wbuffer)) - httpFlushWrite(http); - } + if (http->data_encoding == HTTP_ENCODING_CHUNKED) + http_write_chunk(http, (char *)http->sbuffer, bytes); + else + http_write(http, (char *)http->sbuffer, bytes); + } + + http->stream.next_out = (Bytef *)http->sbuffer; + http->stream.avail_out = (uInt)_HTTP_MAX_SBUFFER; + } while (zerr == Z_OK); deflateEnd(&(http->stream)); + free(http->sbuffer); + http->sbuffer = NULL; + if (http->wused) httpFlushWrite(http); break; @@ -3719,8 +3739,8 @@ http_content_coding_finish( case _HTTP_CODING_INFLATE : case _HTTP_CODING_GUNZIP : inflateEnd(&(http->stream)); - free(http->dbuffer); - http->dbuffer = NULL; + free(http->sbuffer); + http->sbuffer = NULL; break; default : @@ -3744,8 +3764,7 @@ http_content_coding_start( _http_coding_t coding; /* Content coding value */ - DEBUG_printf(("http_content_coding_start(http=%p, value=\"%s\")", http, - value)); + DEBUG_printf(("http_content_coding_start(http=%p, value=\"%s\")", (void *)http, value)); if (http->coding != _HTTP_CODING_IDENTITY) { @@ -3800,6 +3819,13 @@ http_content_coding_start( if (http->wused) httpFlushWrite(http); + if ((http->sbuffer = malloc(_HTTP_MAX_SBUFFER)) == NULL) + { + http->status = HTTP_STATUS_ERROR; + http->error = errno; + return; + } + /* * Window size for compression is 11 bits - optimal based on PWG Raster * sample files on pwg.org. -11 is raw deflate, 27 is gzip, per ZLIB @@ -3815,11 +3841,14 @@ http_content_coding_start( http->error = zerr == Z_MEM_ERROR ? ENOMEM : EINVAL; return; } + + http->stream.next_out = (Bytef *)http->sbuffer; + http->stream.avail_out = (uInt)_HTTP_MAX_SBUFFER; break; case _HTTP_CODING_INFLATE : case _HTTP_CODING_GUNZIP : - if ((http->dbuffer = malloc(HTTP_MAX_BUFFER)) == NULL) + if ((http->sbuffer = malloc(_HTTP_MAX_SBUFFER)) == NULL) { http->status = HTTP_STATUS_ERROR; http->error = errno; @@ -3835,15 +3864,15 @@ http_content_coding_start( coding == _HTTP_CODING_INFLATE ? -15 : 31)) < Z_OK) { - free(http->dbuffer); - http->dbuffer = NULL; + free(http->sbuffer); + http->sbuffer = NULL; http->status = HTTP_STATUS_ERROR; http->error = zerr == Z_MEM_ERROR ? ENOMEM : EINVAL; return; } http->stream.avail_in = 0; - http->stream.next_in = http->dbuffer; + http->stream.next_in = http->sbuffer; break; default : @@ -3877,9 +3906,7 @@ http_create( http_addrlist_t *myaddrlist = NULL; /* My address list */ - DEBUG_printf(("4http_create(host=\"%s\", port=%d, addrlist=%p, family=%d, " - "encryption=%d, blocking=%d, mode=%d)", host, port, addrlist, - family, encryption, blocking, mode)); + DEBUG_printf(("4http_create(host=\"%s\", port=%d, addrlist=%p, family=%d, encryption=%d, blocking=%d, mode=%d)", host, port, (void *)addrlist, family, encryption, blocking, mode)); if (!host && mode == _HTTP_MODE_CLIENT) return (NULL); @@ -3977,7 +4004,7 @@ http_debug_hex(const char *prefix, /* I - Prefix for line */ for (i = 0; i < bytes; i += 16) { for (j = 0, ptr = start; j < 16 && (i + j) < bytes; j ++, ptr += 2) - sprintf(ptr, "%02X", buffer[i + j] & 255); + snprintf(ptr, 3, "%02X", buffer[i + j] & 255); while (j < 16) { @@ -3996,7 +4023,7 @@ http_debug_hex(const char *prefix, /* I - Prefix for line */ if (ch < ' ' || ch >= 127) ch = '.'; - *ptr++ = ch; + *ptr++ = (char)ch; } *ptr = '\0'; @@ -4021,8 +4048,7 @@ http_read(http_t *http, /* I - HTTP connection */ ssize_t bytes; /* Bytes read */ - DEBUG_printf(("http_read(http=%p, buffer=%p, length=" CUPS_LLFMT ")", http, - buffer, CUPS_LLCAST length)); + DEBUG_printf(("http_read(http=%p, buffer=%p, length=" CUPS_LLFMT ")", (void *)http, (void *)buffer, CUPS_LLCAST length)); if (!http->blocking) { @@ -4042,7 +4068,7 @@ http_read(http_t *http, /* I - HTTP connection */ { #ifdef HAVE_SSL if (http->tls) - bytes = http_tls_read(http, buffer, length); + bytes = _httpTLSRead(http, buffer, (int)length); else #endif /* HAVE_SSL */ bytes = recv(http->fd, buffer, length, 0); @@ -4135,25 +4161,23 @@ http_read_buffered(http_t *http, /* I - HTTP connection */ ssize_t bytes; /* Bytes read */ - DEBUG_printf(("http_read_buffered(http=%p, buffer=%p, length=" CUPS_LLFMT - ") used=%d", - http, buffer, CUPS_LLCAST length, http->used)); + DEBUG_printf(("http_read_buffered(http=%p, buffer=%p, length=" CUPS_LLFMT ") used=%d", (void *)http, (void *)buffer, CUPS_LLCAST length, http->used)); if (http->used > 0) { if (length > (size_t)http->used) - bytes = (size_t)http->used; + bytes = (ssize_t)http->used; else - bytes = length; + bytes = (ssize_t)length; DEBUG_printf(("2http_read: Grabbing %d bytes from input buffer.", (int)bytes)); - memcpy(buffer, http->buffer, bytes); + memcpy(buffer, http->buffer, (size_t)bytes); http->used -= (int)bytes; if (http->used > 0) - memmove(http->buffer, http->buffer + bytes, http->used); + memmove(http->buffer, http->buffer + bytes, (size_t)http->used); } else bytes = http_read(http, buffer, length); @@ -4174,8 +4198,7 @@ http_read_chunk(http_t *http, /* I - HTTP connection */ char *buffer, /* I - Buffer */ size_t length) /* I - Maximum bytes to read */ { - DEBUG_printf(("http_read_chunk(http=%p, buffer=%p, length=" CUPS_LLFMT ")", - http, buffer, CUPS_LLCAST length)); + DEBUG_printf(("http_read_chunk(http=%p, buffer=%p, length=" CUPS_LLFMT ")", (void *)http, (void *)buffer, CUPS_LLCAST length)); if (http->data_remaining <= 0) { @@ -4263,8 +4286,7 @@ http_send(http_t *http, /* I - HTTP connection */ }; - DEBUG_printf(("4http_send(http=%p, request=HTTP_%s, uri=\"%s\")", - http, codes[request], uri)); + DEBUG_printf(("4http_send(http=%p, request=HTTP_%s, uri=\"%s\")", (void *)http, codes[request], uri)); if (http == NULL || uri == NULL) return (-1); @@ -4428,8 +4450,7 @@ http_set_length(http_t *http) /* I - Connection */ off_t remaining; /* Remainder */ - DEBUG_printf(("http_set_length(http=%p) mode=%d state=%s", http, http->mode, - httpStateString(http->state))); + DEBUG_printf(("http_set_length(http=%p) mode=%d state=%s", (void *)http, http->mode, httpStateString(http->state))); if ((remaining = httpGetLength2(http)) >= 0) { @@ -4462,7 +4483,7 @@ http_set_length(http_t *http) /* I - Connection */ http->data_remaining = remaining; if (remaining <= INT_MAX) - http->_data_remaining = remaining; + http->_data_remaining = (int)remaining; else http->_data_remaining = INT_MAX; } @@ -4528,7 +4549,7 @@ http_tls_upgrade(http_t *http) /* I - HTTP connection */ http_t myhttp; /* Local copy of HTTP data */ - DEBUG_printf(("7http_tls_upgrade(%p)", http)); + DEBUG_printf(("7http_tls_upgrade(%p)", (void *)http)); /* * Flush the connection to make sure any previous "Upgrade" message @@ -4590,6 +4611,7 @@ http_tls_upgrade(http_t *http) /* I - HTTP connection */ DEBUG_puts("8http_tls_upgrade: Server does not support HTTP upgrade!"); + _cupsSetError(IPP_STATUS_ERROR_CUPS_PKI, _("Encryption is not supported."), 1); httpAddrClose(NULL, http->fd); http->fd = -1; @@ -4615,8 +4637,7 @@ http_write(http_t *http, /* I - HTTP connection */ bytes; /* Bytes sent */ - DEBUG_printf(("2http_write(http=%p, buffer=%p, length=" CUPS_LLFMT ")", http, - buffer, CUPS_LLCAST length)); + DEBUG_printf(("2http_write(http=%p, buffer=%p, length=" CUPS_LLFMT ")", (void *)http, (void *)buffer, CUPS_LLCAST length)); http->error = 0; tbytes = 0; @@ -4683,7 +4704,7 @@ http_write(http_t *http, /* I - HTTP connection */ #ifdef HAVE_SSL if (http->tls) - bytes = http_tls_write(http, buffer, length); + bytes = _httpTLSWrite(http, buffer, (int)length); else #endif /* HAVE_SSL */ bytes = send(http->fd, buffer, length, 0); @@ -4737,11 +4758,11 @@ http_write(http_t *http, /* I - HTTP connection */ buffer += bytes; tbytes += bytes; - length -= bytes; + length -= (size_t)bytes; } #ifdef DEBUG - http_debug_hex("http_write", buffer - tbytes, tbytes); + http_debug_hex("http_write", buffer - tbytes, (int)tbytes); #endif /* DEBUG */ DEBUG_printf(("3http_write: Returning " CUPS_LLFMT ".", CUPS_LLCAST tbytes)); @@ -4763,8 +4784,7 @@ http_write_chunk(http_t *http, /* I - HTTP connection */ ssize_t bytes; /* Bytes written */ - DEBUG_printf(("7http_write_chunk(http=%p, buffer=%p, length=" CUPS_LLFMT ")", - http, buffer, CUPS_LLCAST length)); + DEBUG_printf(("7http_write_chunk(http=%p, buffer=%p, length=" CUPS_LLFMT ")", (void *)http, (void *)buffer, CUPS_LLCAST length)); /* * Write the chunk header, data, and trailer. @@ -4791,8 +4811,3 @@ http_write_chunk(http_t *http, /* I - HTTP connection */ return (bytes); } - - -/* - * End of "$Id$". - */