2012-04-14 22:19:31 +04:00
|
|
|
/**
|
2012-10-09 07:02:04 +04:00
|
|
|
* FreeRDP: A Remote Desktop Protocol Implementation
|
2012-04-14 22:19:31 +04:00
|
|
|
* Hypertext Transfer Protocol (HTTP)
|
|
|
|
*
|
|
|
|
* Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
2022-02-16 13:20:38 +03:00
|
|
|
#include <freerdp/config.h>
|
2012-08-15 01:09:01 +04:00
|
|
|
|
2017-11-14 18:10:52 +03:00
|
|
|
#include <errno.h>
|
|
|
|
|
2012-09-09 02:47:28 +04:00
|
|
|
#include <winpr/crt.h>
|
2012-11-14 03:57:46 +04:00
|
|
|
#include <winpr/print.h>
|
2012-12-14 05:23:37 +04:00
|
|
|
#include <winpr/stream.h>
|
2013-05-07 00:57:39 +04:00
|
|
|
#include <winpr/string.h>
|
2012-09-09 02:47:28 +04:00
|
|
|
|
2015-02-03 02:50:26 +03:00
|
|
|
#include <freerdp/log.h>
|
2023-02-03 13:53:49 +03:00
|
|
|
#include <freerdp/crypto/crypto.h>
|
2015-02-03 02:50:26 +03:00
|
|
|
|
2021-01-25 18:20:18 +03:00
|
|
|
/* websocket need sha1 for Sec-Websocket-Accept */
|
|
|
|
#include <winpr/crypto.h>
|
|
|
|
|
2023-01-10 16:47:16 +03:00
|
|
|
#ifdef FREERDP_HAVE_VALGRIND_MEMCHECK_H
|
2014-05-21 19:32:14 +04:00
|
|
|
#include <valgrind/memcheck.h>
|
|
|
|
#endif
|
|
|
|
|
2012-04-14 22:19:31 +04:00
|
|
|
#include "http.h"
|
|
|
|
|
2015-02-03 02:50:26 +03:00
|
|
|
#define TAG FREERDP_TAG("core.gateway.http")
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
#define RESPONSE_SIZE_LIMIT 64 * 1024 * 1024
|
|
|
|
|
2021-01-25 18:20:18 +03:00
|
|
|
#define WEBSOCKET_MAGIC_GUID "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
|
|
|
|
|
2022-02-14 16:59:22 +03:00
|
|
|
struct s_http_context
|
2018-09-27 16:04:41 +03:00
|
|
|
{
|
|
|
|
char* Method;
|
|
|
|
char* URI;
|
|
|
|
char* UserAgent;
|
2023-06-26 20:24:58 +03:00
|
|
|
char* X_MS_UserAgent;
|
2018-09-27 16:04:41 +03:00
|
|
|
char* Host;
|
|
|
|
char* Accept;
|
|
|
|
char* CacheControl;
|
|
|
|
char* Connection;
|
|
|
|
char* Pragma;
|
|
|
|
char* RdgConnectionId;
|
|
|
|
char* RdgAuthScheme;
|
2021-01-25 18:20:18 +03:00
|
|
|
BOOL websocketUpgrade;
|
2022-08-31 15:28:13 +03:00
|
|
|
char* SecWebsocketKey;
|
2023-06-26 20:24:58 +03:00
|
|
|
wListDictionary* cookies;
|
2018-09-27 16:04:41 +03:00
|
|
|
};
|
|
|
|
|
2022-02-14 16:59:22 +03:00
|
|
|
struct s_http_request
|
2018-09-27 16:04:41 +03:00
|
|
|
{
|
|
|
|
char* Method;
|
|
|
|
char* URI;
|
|
|
|
char* AuthScheme;
|
|
|
|
char* AuthParam;
|
|
|
|
char* Authorization;
|
|
|
|
size_t ContentLength;
|
2023-06-26 20:24:58 +03:00
|
|
|
char* ContentType;
|
2021-01-25 10:39:30 +03:00
|
|
|
TRANSFER_ENCODING TransferEncoding;
|
2018-09-27 16:04:41 +03:00
|
|
|
};
|
|
|
|
|
2022-02-14 16:59:22 +03:00
|
|
|
struct s_http_response
|
2018-09-27 16:04:41 +03:00
|
|
|
{
|
|
|
|
size_t count;
|
|
|
|
char** lines;
|
|
|
|
|
|
|
|
long StatusCode;
|
|
|
|
const char* ReasonPhrase;
|
|
|
|
|
|
|
|
size_t ContentLength;
|
|
|
|
const char* ContentType;
|
2021-01-25 10:39:30 +03:00
|
|
|
TRANSFER_ENCODING TransferEncoding;
|
2021-01-25 18:20:18 +03:00
|
|
|
const char* SecWebsocketVersion;
|
|
|
|
const char* SecWebsocketAccept;
|
2018-09-27 16:04:41 +03:00
|
|
|
|
|
|
|
size_t BodyLength;
|
|
|
|
BYTE* BodyContent;
|
|
|
|
|
|
|
|
wListDictionary* Authenticates;
|
2023-06-26 20:24:58 +03:00
|
|
|
wListDictionary* SetCookie;
|
2018-09-27 16:04:41 +03:00
|
|
|
wStream* data;
|
|
|
|
};
|
|
|
|
|
2018-10-18 10:09:30 +03:00
|
|
|
static char* string_strnstr(char* str1, const char* str2, size_t slen)
|
2015-02-03 01:16:32 +03:00
|
|
|
{
|
|
|
|
char c, sc;
|
|
|
|
size_t len;
|
|
|
|
|
|
|
|
if ((c = *str2++) != '\0')
|
|
|
|
{
|
2019-10-29 12:18:09 +03:00
|
|
|
len = strnlen(str2, slen + 1);
|
2015-02-03 01:16:32 +03:00
|
|
|
|
|
|
|
do
|
|
|
|
{
|
|
|
|
do
|
|
|
|
{
|
|
|
|
if (slen-- < 1 || (sc = *str1++) == '\0')
|
|
|
|
return NULL;
|
2019-11-06 17:24:51 +03:00
|
|
|
} while (sc != c);
|
2015-02-03 01:16:32 +03:00
|
|
|
|
|
|
|
if (len > slen)
|
|
|
|
return NULL;
|
2019-11-06 17:24:51 +03:00
|
|
|
} while (strncmp(str1, str2, len) != 0);
|
2015-02-03 01:16:32 +03:00
|
|
|
|
|
|
|
str1--;
|
|
|
|
}
|
|
|
|
|
2018-10-18 10:09:30 +03:00
|
|
|
return str1;
|
2015-02-03 01:16:32 +03:00
|
|
|
}
|
|
|
|
|
2018-10-18 10:09:30 +03:00
|
|
|
static BOOL strings_equals_nocase(const void* obj1, const void* obj2)
|
2015-02-03 01:16:32 +03:00
|
|
|
{
|
|
|
|
if (!obj1 || !obj2)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return _stricmp(obj1, obj2) == 0;
|
|
|
|
}
|
|
|
|
|
2023-06-27 18:17:32 +03:00
|
|
|
static void* copy_string(const void* ptr)
|
|
|
|
{
|
|
|
|
const char* str = ptr;
|
|
|
|
if (!str)
|
|
|
|
return NULL;
|
|
|
|
return _strdup(ptr);
|
|
|
|
}
|
|
|
|
|
2018-01-15 14:43:37 +03:00
|
|
|
HttpContext* http_context_new(void)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2023-06-26 20:24:58 +03:00
|
|
|
HttpContext* context = (HttpContext*)calloc(1, sizeof(HttpContext));
|
2023-06-27 20:53:49 +03:00
|
|
|
if (!context)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
context->cookies = ListDictionary_New(FALSE);
|
|
|
|
if (!context->cookies)
|
|
|
|
goto fail;
|
|
|
|
|
|
|
|
wObject* key = ListDictionary_KeyObject(context->cookies);
|
|
|
|
wObject* value = ListDictionary_ValueObject(context->cookies);
|
|
|
|
if (!key || !value)
|
|
|
|
goto fail;
|
|
|
|
|
|
|
|
key->fnObjectFree = free;
|
|
|
|
key->fnObjectNew = copy_string;
|
|
|
|
value->fnObjectFree = free;
|
|
|
|
value->fnObjectNew = copy_string;
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
return context;
|
2023-06-27 20:53:49 +03:00
|
|
|
|
|
|
|
fail:
|
|
|
|
http_context_free(context);
|
|
|
|
return NULL;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_context_set_method(HttpContext* context, const char* Method)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!context || !Method)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(context->Method);
|
|
|
|
context->Method = _strdup(Method);
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!context->Method)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return TRUE;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
BOOL http_request_set_content_type(HttpRequest* request, const char* ContentType)
|
|
|
|
{
|
|
|
|
if (!request || !ContentType)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
free(request->ContentType);
|
|
|
|
request->ContentType = _strdup(ContentType);
|
|
|
|
|
|
|
|
if (!request->ContentType)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
const char* http_context_get_uri(HttpContext* context)
|
|
|
|
{
|
|
|
|
if (!context)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
return context->URI;
|
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_context_set_uri(HttpContext* context, const char* URI)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!context || !URI)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(context->URI);
|
|
|
|
context->URI = _strdup(URI);
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!context->URI)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return TRUE;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_context_set_user_agent(HttpContext* context, const char* UserAgent)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!context || !UserAgent)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(context->UserAgent);
|
|
|
|
context->UserAgent = _strdup(UserAgent);
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!context->UserAgent)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return TRUE;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
BOOL http_context_set_x_ms_user_agent(HttpContext* context, const char* X_MS_UserAgent)
|
|
|
|
{
|
|
|
|
if (!context || !X_MS_UserAgent)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
free(context->X_MS_UserAgent);
|
|
|
|
context->X_MS_UserAgent = _strdup(X_MS_UserAgent);
|
|
|
|
|
|
|
|
if (!context->X_MS_UserAgent)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_context_set_host(HttpContext* context, const char* Host)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!context || !Host)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(context->Host);
|
|
|
|
context->Host = _strdup(Host);
|
|
|
|
|
|
|
|
if (!context->Host)
|
|
|
|
return FALSE;
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
return TRUE;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_context_set_accept(HttpContext* context, const char* Accept)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!context || !Accept)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(context->Accept);
|
|
|
|
context->Accept = _strdup(Accept);
|
|
|
|
|
|
|
|
if (!context->Accept)
|
|
|
|
return FALSE;
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
return TRUE;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_context_set_cache_control(HttpContext* context, const char* CacheControl)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!context || !CacheControl)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(context->CacheControl);
|
|
|
|
context->CacheControl = _strdup(CacheControl);
|
|
|
|
|
|
|
|
if (!context->CacheControl)
|
|
|
|
return FALSE;
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
return TRUE;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_context_set_connection(HttpContext* context, const char* Connection)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!context || !Connection)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(context->Connection);
|
|
|
|
context->Connection = _strdup(Connection);
|
|
|
|
|
|
|
|
if (!context->Connection)
|
|
|
|
return FALSE;
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
return TRUE;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_context_set_pragma(HttpContext* context, const char* Pragma)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!context || !Pragma)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(context->Pragma);
|
|
|
|
context->Pragma = _strdup(Pragma);
|
|
|
|
|
|
|
|
if (!context->Pragma)
|
|
|
|
return FALSE;
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
return TRUE;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2015-03-17 21:54:16 +03:00
|
|
|
BOOL http_context_set_rdg_connection_id(HttpContext* context, const char* RdgConnectionId)
|
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!context || !RdgConnectionId)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-03-17 21:54:16 +03:00
|
|
|
free(context->RdgConnectionId);
|
|
|
|
context->RdgConnectionId = _strdup(RdgConnectionId);
|
|
|
|
|
|
|
|
if (!context->RdgConnectionId)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2021-01-25 18:20:18 +03:00
|
|
|
BOOL http_context_enable_websocket_upgrade(HttpContext* context, BOOL enable)
|
|
|
|
{
|
|
|
|
if (!context)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
if (enable)
|
2022-08-31 15:28:13 +03:00
|
|
|
{
|
|
|
|
BYTE key[16];
|
|
|
|
if (winpr_RAND(key, sizeof(key)) != 0)
|
|
|
|
return FALSE;
|
|
|
|
|
2023-07-05 09:57:17 +03:00
|
|
|
free(context->SecWebsocketKey);
|
2022-08-31 15:28:13 +03:00
|
|
|
context->SecWebsocketKey = crypto_base64_encode(key, sizeof(key));
|
|
|
|
if (!context->SecWebsocketKey)
|
|
|
|
return FALSE;
|
|
|
|
}
|
2022-07-07 11:39:29 +03:00
|
|
|
|
2021-01-25 18:20:18 +03:00
|
|
|
context->websocketUpgrade = enable;
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
BOOL http_context_is_websocket_upgrade_enabled(HttpContext* context)
|
|
|
|
{
|
|
|
|
return context->websocketUpgrade;
|
|
|
|
}
|
|
|
|
|
2018-02-13 18:40:23 +03:00
|
|
|
BOOL http_context_set_rdg_auth_scheme(HttpContext* context, const char* RdgAuthScheme)
|
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!context || !RdgAuthScheme)
|
|
|
|
return FALSE;
|
|
|
|
|
2018-02-13 18:40:23 +03:00
|
|
|
free(context->RdgAuthScheme);
|
|
|
|
context->RdgAuthScheme = _strdup(RdgAuthScheme);
|
|
|
|
return context->RdgAuthScheme != NULL;
|
|
|
|
}
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
BOOL http_context_set_cookie(HttpContext* context, const char* CookieName, const char* CookieValue)
|
|
|
|
{
|
|
|
|
if (!context || !CookieName || !CookieValue)
|
|
|
|
return FALSE;
|
|
|
|
if (ListDictionary_Contains(context->cookies, CookieName))
|
|
|
|
{
|
2023-06-27 18:12:36 +03:00
|
|
|
if (!ListDictionary_SetItemValue(context->cookies, CookieName, CookieValue))
|
2023-06-26 20:24:58 +03:00
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2023-06-27 18:12:36 +03:00
|
|
|
if (!ListDictionary_Add(context->cookies, CookieName, CookieValue))
|
2023-06-26 20:24:58 +03:00
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
void http_context_free(HttpContext* context)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2015-02-02 04:47:43 +03:00
|
|
|
if (context)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2022-08-31 15:28:13 +03:00
|
|
|
free(context->SecWebsocketKey);
|
2015-02-02 04:47:43 +03:00
|
|
|
free(context->UserAgent);
|
2023-06-26 20:24:58 +03:00
|
|
|
free(context->X_MS_UserAgent);
|
2015-02-02 04:47:43 +03:00
|
|
|
free(context->Host);
|
|
|
|
free(context->URI);
|
|
|
|
free(context->Accept);
|
|
|
|
free(context->Method);
|
|
|
|
free(context->CacheControl);
|
|
|
|
free(context->Connection);
|
|
|
|
free(context->Pragma);
|
2015-03-17 21:54:16 +03:00
|
|
|
free(context->RdgConnectionId);
|
2018-02-13 18:40:23 +03:00
|
|
|
free(context->RdgAuthScheme);
|
2023-06-26 20:24:58 +03:00
|
|
|
ListDictionary_Free(context->cookies);
|
2015-02-02 04:47:43 +03:00
|
|
|
free(context);
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_request_set_method(HttpRequest* request, const char* Method)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!request || !Method)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(request->Method);
|
|
|
|
request->Method = _strdup(Method);
|
|
|
|
|
|
|
|
if (!request->Method)
|
|
|
|
return FALSE;
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
return TRUE;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_request_set_uri(HttpRequest* request, const char* URI)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!request || !URI)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(request->URI);
|
|
|
|
request->URI = _strdup(URI);
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!request->URI)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return TRUE;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_request_set_auth_scheme(HttpRequest* request, const char* AuthScheme)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!request || !AuthScheme)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(request->AuthScheme);
|
|
|
|
request->AuthScheme = _strdup(AuthScheme);
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!request->AuthScheme)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return TRUE;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
BOOL http_request_set_auth_param(HttpRequest* request, const char* AuthParam)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!request || !AuthParam)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(request->AuthParam);
|
|
|
|
request->AuthParam = _strdup(AuthParam);
|
2012-05-06 08:53:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!request->AuthParam)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return TRUE;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
|
|
|
|
2021-01-25 10:39:30 +03:00
|
|
|
BOOL http_request_set_transfer_encoding(HttpRequest* request, TRANSFER_ENCODING TransferEncoding)
|
2015-03-17 21:54:16 +03:00
|
|
|
{
|
2021-01-25 10:39:30 +03:00
|
|
|
if (!request || TransferEncoding == TransferEncodingUnknown)
|
2018-09-27 16:04:41 +03:00
|
|
|
return FALSE;
|
|
|
|
|
2021-01-25 10:39:30 +03:00
|
|
|
request->TransferEncoding = TransferEncoding;
|
2015-03-17 21:54:16 +03:00
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
static BOOL http_encode_print(wStream* s, const char* fmt, ...)
|
2012-09-11 23:10:37 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
char* str;
|
|
|
|
va_list ap;
|
2018-10-18 10:09:30 +03:00
|
|
|
int length, used;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!s || !fmt)
|
|
|
|
return FALSE;
|
2012-09-11 23:10:37 +04:00
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
va_start(ap, fmt);
|
|
|
|
length = vsnprintf(NULL, 0, fmt, ap) + 1;
|
|
|
|
va_end(ap);
|
2012-09-11 23:10:37 +04:00
|
|
|
|
2018-10-18 10:09:30 +03:00
|
|
|
if (!Stream_EnsureRemainingCapacity(s, (size_t)length))
|
2018-09-27 16:04:41 +03:00
|
|
|
return FALSE;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2018-09-27 17:05:14 +03:00
|
|
|
str = (char*)Stream_Pointer(s);
|
2018-09-27 16:04:41 +03:00
|
|
|
va_start(ap, fmt);
|
2018-10-18 10:09:30 +03:00
|
|
|
used = vsnprintf(str, (size_t)length, fmt, ap);
|
2018-09-27 16:04:41 +03:00
|
|
|
va_end(ap);
|
|
|
|
|
|
|
|
/* Strip the trailing '\0' from the string. */
|
|
|
|
if ((used + 1) != length)
|
|
|
|
return FALSE;
|
2012-09-11 23:10:37 +04:00
|
|
|
|
2018-10-18 10:09:30 +03:00
|
|
|
Stream_Seek(s, (size_t)used);
|
2018-09-27 16:04:41 +03:00
|
|
|
return TRUE;
|
2012-09-11 23:10:37 +04:00
|
|
|
}
|
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
static BOOL http_encode_body_line(wStream* s, const char* param, const char* value)
|
2012-09-11 23:10:37 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!s || !param || !value)
|
|
|
|
return FALSE;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
return http_encode_print(s, "%s: %s\r\n", param, value);
|
|
|
|
}
|
2012-09-11 23:10:37 +04:00
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
static BOOL http_encode_content_length_line(wStream* s, size_t ContentLength)
|
|
|
|
{
|
2019-11-06 17:24:51 +03:00
|
|
|
return http_encode_print(s, "Content-Length: %" PRIdz "\r\n", ContentLength);
|
2012-09-11 23:10:37 +04:00
|
|
|
}
|
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
static BOOL http_encode_header_line(wStream* s, const char* Method, const char* URI)
|
2012-09-11 23:10:37 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!s || !Method || !URI)
|
|
|
|
return FALSE;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
return http_encode_print(s, "%s %s HTTP/1.1\r\n", Method, URI);
|
|
|
|
}
|
|
|
|
|
|
|
|
static BOOL http_encode_authorization_line(wStream* s, const char* AuthScheme,
|
2019-11-06 17:24:51 +03:00
|
|
|
const char* AuthParam)
|
2018-09-27 16:04:41 +03:00
|
|
|
{
|
|
|
|
if (!s || !AuthScheme || !AuthParam)
|
|
|
|
return FALSE;
|
2012-09-11 23:10:37 +04:00
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
return http_encode_print(s, "Authorization: %s %s\r\n", AuthScheme, AuthParam);
|
2012-09-11 23:10:37 +04:00
|
|
|
}
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
static BOOL http_encode_cookie_line(wStream* s, wListDictionary* cookies)
|
|
|
|
{
|
2023-06-27 18:12:36 +03:00
|
|
|
ULONG_PTR* keys = NULL;
|
|
|
|
BOOL status = TRUE;
|
2023-06-26 20:24:58 +03:00
|
|
|
|
|
|
|
if (!s && !cookies)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
ListDictionary_Lock(cookies);
|
2023-06-27 18:12:36 +03:00
|
|
|
const size_t count = ListDictionary_GetKeys(cookies, &keys);
|
2023-06-26 20:24:58 +03:00
|
|
|
|
|
|
|
if (count == 0)
|
2023-06-27 18:12:36 +03:00
|
|
|
goto unlock;
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
status = http_encode_print(s, "Cookie: ");
|
|
|
|
if (!status)
|
2023-06-27 18:12:36 +03:00
|
|
|
goto unlock;
|
2023-06-26 20:24:58 +03:00
|
|
|
|
2023-06-27 18:12:36 +03:00
|
|
|
for (size_t x = 0; status && x < count; x++)
|
2023-06-26 20:24:58 +03:00
|
|
|
{
|
|
|
|
char* cur = (char*)ListDictionary_GetItemValue(cookies, (void*)keys[x]);
|
|
|
|
if (!cur)
|
|
|
|
{
|
|
|
|
status = FALSE;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (x > 0)
|
|
|
|
{
|
|
|
|
status = http_encode_print(s, "; ");
|
|
|
|
if (!status)
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
status = http_encode_print(s, "%s=%s", (char*)keys[x], cur);
|
|
|
|
}
|
|
|
|
|
2023-06-28 11:18:23 +03:00
|
|
|
status = http_encode_print(s, "\r\n");
|
2023-06-27 18:12:36 +03:00
|
|
|
unlock:
|
2023-06-26 20:24:58 +03:00
|
|
|
free(keys);
|
|
|
|
ListDictionary_Unlock(cookies);
|
|
|
|
return status;
|
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
wStream* http_request_write(HttpContext* context, HttpRequest* request)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2015-02-02 04:47:43 +03:00
|
|
|
wStream* s;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!context || !request)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
s = Stream_New(NULL, 1024);
|
|
|
|
|
|
|
|
if (!s)
|
2014-04-09 17:00:38 +04:00
|
|
|
return NULL;
|
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!http_encode_header_line(s, request->Method, request->URI) ||
|
|
|
|
!http_encode_body_line(s, "Cache-Control", context->CacheControl) ||
|
|
|
|
!http_encode_body_line(s, "Pragma", context->Pragma) ||
|
|
|
|
!http_encode_body_line(s, "Accept", context->Accept) ||
|
|
|
|
!http_encode_body_line(s, "User-Agent", context->UserAgent) ||
|
|
|
|
!http_encode_body_line(s, "Host", context->Host))
|
|
|
|
goto fail;
|
2014-04-09 17:00:38 +04:00
|
|
|
|
2021-01-25 18:20:18 +03:00
|
|
|
if (!context->websocketUpgrade)
|
|
|
|
{
|
|
|
|
if (!http_encode_body_line(s, "Connection", context->Connection))
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
if (!http_encode_body_line(s, "Connection", "Upgrade") ||
|
|
|
|
!http_encode_body_line(s, "Upgrade", "websocket") ||
|
|
|
|
!http_encode_body_line(s, "Sec-Websocket-Version", "13") ||
|
2022-08-31 15:28:13 +03:00
|
|
|
!http_encode_body_line(s, "Sec-Websocket-Key", context->SecWebsocketKey))
|
2021-01-25 18:20:18 +03:00
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
2015-03-17 21:54:16 +03:00
|
|
|
if (context->RdgConnectionId)
|
2018-09-27 16:04:41 +03:00
|
|
|
{
|
|
|
|
if (!http_encode_body_line(s, "RDG-Connection-Id", context->RdgConnectionId))
|
|
|
|
goto fail;
|
|
|
|
}
|
2015-03-17 21:54:16 +03:00
|
|
|
|
2018-02-13 18:40:23 +03:00
|
|
|
if (context->RdgAuthScheme)
|
2018-09-27 16:04:41 +03:00
|
|
|
{
|
|
|
|
if (!http_encode_body_line(s, "RDG-Auth-Scheme", context->RdgAuthScheme))
|
|
|
|
goto fail;
|
|
|
|
}
|
2015-03-17 21:54:16 +03:00
|
|
|
|
2021-01-25 10:39:30 +03:00
|
|
|
if (request->TransferEncoding != TransferEncodingIdentity)
|
2018-04-05 05:08:20 +03:00
|
|
|
{
|
2021-01-25 10:39:30 +03:00
|
|
|
if (request->TransferEncoding == TransferEncodingChunked)
|
|
|
|
{
|
|
|
|
if (!http_encode_body_line(s, "Transfer-Encoding", "chunked"))
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
else
|
2018-09-27 16:04:41 +03:00
|
|
|
goto fail;
|
2018-04-05 05:08:20 +03:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!http_encode_content_length_line(s, request->ContentLength))
|
|
|
|
goto fail;
|
2018-04-05 05:08:20 +03:00
|
|
|
}
|
2015-03-17 21:54:16 +03:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (request->Authorization)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!http_encode_body_line(s, "Authorization", request->Authorization))
|
|
|
|
goto fail;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
2015-02-02 04:47:43 +03:00
|
|
|
else if (request->AuthScheme && request->AuthParam)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!http_encode_authorization_line(s, request->AuthScheme, request->AuthParam))
|
|
|
|
goto fail;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
if (context->cookies)
|
|
|
|
{
|
|
|
|
if (!http_encode_cookie_line(s, context->cookies))
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (request->ContentType)
|
|
|
|
{
|
|
|
|
if (!http_encode_body_line(s, "Content-Type", request->ContentType))
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (context->X_MS_UserAgent)
|
|
|
|
{
|
|
|
|
if (!http_encode_body_line(s, "X-MS-User-Agent", context->X_MS_UserAgent))
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
2023-04-04 15:35:40 +03:00
|
|
|
if (!http_encode_print(s, "\r\n"))
|
|
|
|
goto fail;
|
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
Stream_SealLength(s);
|
2012-04-14 22:19:31 +04:00
|
|
|
return s;
|
2018-09-27 16:04:41 +03:00
|
|
|
fail:
|
|
|
|
Stream_Free(s, TRUE);
|
2014-04-09 17:00:38 +04:00
|
|
|
return NULL;
|
|
|
|
}
|
2012-04-14 22:19:31 +04:00
|
|
|
|
2018-01-15 14:43:37 +03:00
|
|
|
HttpRequest* http_request_new(void)
|
2014-04-09 17:00:38 +04:00
|
|
|
{
|
2021-01-25 10:39:30 +03:00
|
|
|
HttpRequest* request = (HttpRequest*)calloc(1, sizeof(HttpRequest));
|
|
|
|
if (!request)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
request->TransferEncoding = TransferEncodingIdentity;
|
|
|
|
return request;
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
void http_request_free(HttpRequest* request)
|
2012-04-14 22:19:31 +04:00
|
|
|
{
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!request)
|
2014-04-09 17:00:38 +04:00
|
|
|
return;
|
|
|
|
|
2015-05-11 10:07:39 +03:00
|
|
|
free(request->AuthParam);
|
|
|
|
free(request->AuthScheme);
|
|
|
|
free(request->Authorization);
|
2023-06-26 20:24:58 +03:00
|
|
|
free(request->ContentType);
|
2015-02-02 04:47:43 +03:00
|
|
|
free(request->Method);
|
|
|
|
free(request->URI);
|
|
|
|
free(request);
|
2012-04-14 22:19:31 +04:00
|
|
|
}
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2018-12-06 12:07:15 +03:00
|
|
|
static BOOL http_response_parse_header_status_line(HttpResponse* response, const char* status_line)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2018-12-06 12:07:15 +03:00
|
|
|
BOOL rc = FALSE;
|
2014-11-17 02:00:09 +03:00
|
|
|
char* separator = NULL;
|
2014-08-18 21:34:47 +04:00
|
|
|
char* status_code;
|
|
|
|
char* reason_phrase;
|
2014-11-17 02:00:09 +03:00
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!response)
|
2018-12-06 12:07:15 +03:00
|
|
|
goto fail;
|
2018-09-27 16:04:41 +03:00
|
|
|
|
2014-11-17 02:00:09 +03:00
|
|
|
if (status_line)
|
|
|
|
separator = strchr(status_line, ' ');
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2013-05-07 00:57:39 +04:00
|
|
|
if (!separator)
|
2018-12-06 12:07:15 +03:00
|
|
|
goto fail;
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2014-08-18 19:22:43 +04:00
|
|
|
status_code = separator + 1;
|
2012-04-17 00:21:46 +04:00
|
|
|
separator = strchr(status_code, ' ');
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2013-05-07 00:57:39 +04:00
|
|
|
if (!separator)
|
2018-12-06 12:07:15 +03:00
|
|
|
goto fail;
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2014-08-18 19:22:43 +04:00
|
|
|
reason_phrase = separator + 1;
|
2012-04-17 00:21:46 +04:00
|
|
|
*separator = '\0';
|
2017-11-14 18:10:52 +03:00
|
|
|
errno = 0;
|
|
|
|
{
|
|
|
|
long val = strtol(status_code, NULL, 0);
|
|
|
|
|
|
|
|
if ((errno != 0) || (val < 0) || (val > INT16_MAX))
|
2018-12-06 12:07:15 +03:00
|
|
|
goto fail;
|
2017-11-14 18:10:52 +03:00
|
|
|
|
|
|
|
response->StatusCode = strtol(status_code, NULL, 0);
|
|
|
|
}
|
2018-01-15 18:50:01 +03:00
|
|
|
response->ReasonPhrase = reason_phrase;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!response->ReasonPhrase)
|
2018-12-06 12:07:15 +03:00
|
|
|
goto fail;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2012-04-17 00:21:46 +04:00
|
|
|
*separator = ' ';
|
2018-12-06 12:07:15 +03:00
|
|
|
rc = TRUE;
|
|
|
|
fail:
|
|
|
|
|
|
|
|
if (!rc)
|
|
|
|
WLog_ERR(TAG, "http_response_parse_header_status_line failed [%s]", status_line);
|
|
|
|
|
|
|
|
return rc;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
static BOOL http_response_parse_header_field(HttpResponse* response, const char* name,
|
2019-11-06 17:24:51 +03:00
|
|
|
const char* value)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2014-12-11 19:25:34 +03:00
|
|
|
BOOL status = TRUE;
|
2018-09-27 16:04:41 +03:00
|
|
|
if (!response || !name)
|
|
|
|
return FALSE;
|
|
|
|
|
2013-05-07 00:57:39 +04:00
|
|
|
if (_stricmp(name, "Content-Length") == 0)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2018-01-15 18:50:01 +03:00
|
|
|
unsigned long long val;
|
2017-11-14 18:10:52 +03:00
|
|
|
errno = 0;
|
2018-01-16 10:15:34 +03:00
|
|
|
val = _strtoui64(value, NULL, 0);
|
2017-11-14 18:10:52 +03:00
|
|
|
|
2018-04-04 11:45:32 +03:00
|
|
|
if ((errno != 0) || (val > INT32_MAX))
|
2017-11-14 18:10:52 +03:00
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
response->ContentLength = val;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
2015-02-03 01:16:32 +03:00
|
|
|
else if (_stricmp(name, "Content-Type") == 0)
|
|
|
|
{
|
2018-01-15 18:50:01 +03:00
|
|
|
response->ContentType = value;
|
2015-02-03 01:16:32 +03:00
|
|
|
|
|
|
|
if (!response->ContentType)
|
|
|
|
return FALSE;
|
|
|
|
}
|
2021-01-25 10:39:30 +03:00
|
|
|
else if (_stricmp(name, "Transfer-Encoding") == 0)
|
|
|
|
{
|
|
|
|
if (_stricmp(value, "identity") == 0)
|
|
|
|
response->TransferEncoding = TransferEncodingIdentity;
|
|
|
|
else if (_stricmp(value, "chunked") == 0)
|
|
|
|
response->TransferEncoding = TransferEncodingChunked;
|
|
|
|
else
|
|
|
|
response->TransferEncoding = TransferEncodingUnknown;
|
|
|
|
}
|
2021-01-25 18:20:18 +03:00
|
|
|
else if (_stricmp(name, "Sec-WebSocket-Version") == 0)
|
|
|
|
{
|
|
|
|
response->SecWebsocketVersion = value;
|
|
|
|
|
|
|
|
if (!response->SecWebsocketVersion)
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
else if (_stricmp(name, "Sec-WebSocket-Accept") == 0)
|
|
|
|
{
|
|
|
|
response->SecWebsocketAccept = value;
|
|
|
|
|
|
|
|
if (!response->SecWebsocketAccept)
|
|
|
|
return FALSE;
|
|
|
|
}
|
2014-04-19 01:08:34 +04:00
|
|
|
else if (_stricmp(name, "WWW-Authenticate") == 0)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2014-12-11 19:25:34 +03:00
|
|
|
char* separator = NULL;
|
2018-01-15 18:50:01 +03:00
|
|
|
const char* authScheme = NULL;
|
2018-10-18 10:09:30 +03:00
|
|
|
char* authValue = NULL;
|
2012-04-17 00:21:46 +04:00
|
|
|
separator = strchr(value, ' ');
|
|
|
|
|
2014-12-11 19:25:34 +03:00
|
|
|
if (separator)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2014-04-19 01:08:34 +04:00
|
|
|
/* WWW-Authenticate: Basic realm=""
|
|
|
|
* WWW-Authenticate: NTLM base64token
|
|
|
|
* WWW-Authenticate: Digest realm="testrealm@host.com", qop="auth, auth-int",
|
|
|
|
* nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
|
|
|
|
* opaque="5ccc069c403ebaf9f0171e9517f40e41"
|
|
|
|
*/
|
2012-04-17 00:21:46 +04:00
|
|
|
*separator = '\0';
|
2018-01-15 18:50:01 +03:00
|
|
|
authScheme = value;
|
|
|
|
authValue = separator + 1;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2014-04-19 01:08:34 +04:00
|
|
|
if (!authScheme || !authValue)
|
2014-04-09 17:00:38 +04:00
|
|
|
return FALSE;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
2014-04-19 01:08:34 +04:00
|
|
|
else
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2018-01-15 18:50:01 +03:00
|
|
|
authScheme = value;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2014-04-19 01:08:34 +04:00
|
|
|
if (!authScheme)
|
|
|
|
return FALSE;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2023-06-27 17:35:14 +03:00
|
|
|
authValue = NULL;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
status = ListDictionary_Add(response->Authenticates, authScheme, authValue);
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
2023-06-26 20:24:58 +03:00
|
|
|
else if (_stricmp(name, "Set-Cookie") == 0)
|
|
|
|
{
|
|
|
|
char* separator = NULL;
|
|
|
|
const char* CookieName = NULL;
|
|
|
|
char* CookieValue = NULL;
|
|
|
|
separator = strchr(value, '=');
|
|
|
|
|
|
|
|
if (separator)
|
|
|
|
{
|
|
|
|
/* Set-Cookie: name=value
|
|
|
|
* Set-Cookie: name=value; Attribute=value
|
|
|
|
* Set-Cookie: name="value with spaces"; Attribute=value
|
|
|
|
*/
|
|
|
|
*separator = '\0';
|
|
|
|
CookieName = value;
|
|
|
|
CookieValue = separator + 1;
|
|
|
|
if (*CookieValue == '"')
|
|
|
|
{
|
|
|
|
char* p = CookieValue;
|
|
|
|
while (*p != '"' && *p != '\0')
|
|
|
|
{
|
|
|
|
p++;
|
|
|
|
if (*p == '\\')
|
|
|
|
p++;
|
|
|
|
}
|
|
|
|
*p = '\0';
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
char* p = CookieValue;
|
|
|
|
while (*p != ';' && *p != '\0' && *p != ' ')
|
|
|
|
{
|
|
|
|
p++;
|
|
|
|
}
|
|
|
|
*p = '\0';
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!CookieName || !CookieValue)
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
status = ListDictionary_Add(response->SetCookie, CookieName, CookieValue);
|
|
|
|
}
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2014-12-11 19:25:34 +03:00
|
|
|
return status;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
|
|
|
|
2018-01-15 14:43:37 +03:00
|
|
|
static BOOL http_response_parse_header(HttpResponse* response)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2018-12-06 12:07:15 +03:00
|
|
|
BOOL rc = FALSE;
|
2015-02-03 01:16:32 +03:00
|
|
|
char c;
|
2018-01-15 18:50:01 +03:00
|
|
|
size_t count;
|
2014-08-18 21:34:47 +04:00
|
|
|
char* line;
|
|
|
|
char* name;
|
|
|
|
char* value;
|
|
|
|
char* colon_pos;
|
|
|
|
char* end_of_header;
|
2013-05-07 00:57:39 +04:00
|
|
|
char end_of_header_char;
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!response)
|
2018-12-06 12:07:15 +03:00
|
|
|
goto fail;
|
2013-08-29 17:30:22 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!response->lines)
|
2018-12-06 12:07:15 +03:00
|
|
|
goto fail;
|
2013-08-29 17:30:22 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!http_response_parse_header_status_line(response, response->lines[0]))
|
2018-12-06 12:07:15 +03:00
|
|
|
goto fail;
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
for (count = 1; count < response->count; count++)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2015-02-02 04:47:43 +03:00
|
|
|
line = response->lines[count];
|
2017-11-14 18:10:52 +03:00
|
|
|
|
2013-05-07 00:57:39 +04:00
|
|
|
/**
|
|
|
|
* name end_of_header
|
|
|
|
* | |
|
|
|
|
* v v
|
|
|
|
* <header name> : <header value>
|
|
|
|
* ^ ^
|
|
|
|
* | |
|
|
|
|
* colon_pos value
|
|
|
|
*/
|
2014-11-17 02:00:09 +03:00
|
|
|
if (line)
|
|
|
|
colon_pos = strchr(line, ':');
|
|
|
|
else
|
|
|
|
colon_pos = NULL;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2013-05-07 00:57:39 +04:00
|
|
|
if ((colon_pos == NULL) || (colon_pos == line))
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
/* retrieve the position just after header name */
|
2014-08-18 19:22:43 +04:00
|
|
|
for (end_of_header = colon_pos; end_of_header != line; end_of_header--)
|
2013-05-07 00:57:39 +04:00
|
|
|
{
|
|
|
|
c = end_of_header[-1];
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2013-05-07 00:57:39 +04:00
|
|
|
if (c != ' ' && c != '\t' && c != ':')
|
|
|
|
break;
|
|
|
|
}
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2013-05-07 00:57:39 +04:00
|
|
|
if (end_of_header == line)
|
2018-12-06 12:07:15 +03:00
|
|
|
goto fail;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2013-05-07 00:57:39 +04:00
|
|
|
end_of_header_char = *end_of_header;
|
|
|
|
*end_of_header = '\0';
|
2012-04-17 00:21:46 +04:00
|
|
|
name = line;
|
2013-05-07 00:57:39 +04:00
|
|
|
|
|
|
|
/* eat space and tabs before header value */
|
|
|
|
for (value = colon_pos + 1; *value; value++)
|
|
|
|
{
|
|
|
|
if ((*value != ' ') && (*value != '\t'))
|
|
|
|
break;
|
|
|
|
}
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!http_response_parse_header_field(response, name, value))
|
2018-12-06 12:07:15 +03:00
|
|
|
goto fail;
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2013-05-07 00:57:39 +04:00
|
|
|
*end_of_header = end_of_header_char;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2018-12-06 12:07:15 +03:00
|
|
|
rc = TRUE;
|
|
|
|
fail:
|
|
|
|
|
|
|
|
if (!rc)
|
2023-01-23 14:03:18 +03:00
|
|
|
WLog_ERR(TAG, "parsing failed");
|
2018-12-06 12:07:15 +03:00
|
|
|
|
|
|
|
return rc;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
|
|
|
|
2018-09-27 16:04:41 +03:00
|
|
|
BOOL http_response_print(HttpResponse* response)
|
2012-04-22 00:18:07 +04:00
|
|
|
{
|
2018-09-27 16:04:41 +03:00
|
|
|
size_t i;
|
|
|
|
|
|
|
|
if (!response)
|
|
|
|
return FALSE;
|
2012-04-22 00:18:07 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
for (i = 0; i < response->count; i++)
|
|
|
|
WLog_ERR(TAG, "%s", response->lines[i]);
|
2018-09-27 16:04:41 +03:00
|
|
|
|
|
|
|
return TRUE;
|
2012-04-22 00:18:07 +04:00
|
|
|
}
|
|
|
|
|
2018-10-19 12:39:22 +03:00
|
|
|
static BOOL http_use_content_length(const char* cur)
|
|
|
|
{
|
|
|
|
size_t pos = 0;
|
|
|
|
|
|
|
|
if (!cur)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
if (_strnicmp(cur, "application/rpc", 15) == 0)
|
|
|
|
pos = 15;
|
|
|
|
else if (_strnicmp(cur, "text/plain", 10) == 0)
|
|
|
|
pos = 10;
|
|
|
|
else if (_strnicmp(cur, "text/html", 9) == 0)
|
|
|
|
pos = 9;
|
2023-06-26 20:24:58 +03:00
|
|
|
else if (_strnicmp(cur, "application/json", 16) == 0)
|
|
|
|
pos = 16;
|
2018-10-19 12:39:22 +03:00
|
|
|
|
|
|
|
if (pos > 0)
|
|
|
|
{
|
|
|
|
char end = cur[pos];
|
|
|
|
|
|
|
|
switch (end)
|
|
|
|
{
|
|
|
|
case ' ':
|
|
|
|
case ';':
|
|
|
|
case '\0':
|
|
|
|
case '\r':
|
|
|
|
case '\n':
|
|
|
|
return TRUE;
|
|
|
|
|
|
|
|
default:
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
2018-12-14 15:15:37 +03:00
|
|
|
static int print_bio_error(const char* str, size_t len, void* bp)
|
|
|
|
{
|
|
|
|
WINPR_UNUSED(len);
|
|
|
|
WINPR_UNUSED(bp);
|
|
|
|
WLog_ERR(TAG, "%s", str);
|
|
|
|
return len;
|
|
|
|
}
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
int http_chuncked_read(BIO* bio, BYTE* pBuffer, size_t size,
|
|
|
|
http_encoding_chunked_context* encodingContext)
|
|
|
|
{
|
|
|
|
int status;
|
|
|
|
int effectiveDataLen = 0;
|
|
|
|
WINPR_ASSERT(bio);
|
|
|
|
WINPR_ASSERT(pBuffer);
|
|
|
|
WINPR_ASSERT(encodingContext != NULL);
|
|
|
|
while (TRUE)
|
|
|
|
{
|
|
|
|
switch (encodingContext->state)
|
|
|
|
{
|
|
|
|
case ChunkStateData:
|
|
|
|
{
|
|
|
|
ERR_clear_error();
|
|
|
|
status = BIO_read(
|
|
|
|
bio, pBuffer,
|
|
|
|
(size > encodingContext->nextOffset ? encodingContext->nextOffset : size));
|
|
|
|
if (status <= 0)
|
|
|
|
return (effectiveDataLen > 0 ? effectiveDataLen : status);
|
|
|
|
|
|
|
|
encodingContext->nextOffset -= status;
|
|
|
|
if (encodingContext->nextOffset == 0)
|
|
|
|
{
|
|
|
|
encodingContext->state = ChunkStateFooter;
|
|
|
|
encodingContext->headerFooterPos = 0;
|
|
|
|
}
|
|
|
|
effectiveDataLen += status;
|
|
|
|
|
|
|
|
if ((size_t)status == size)
|
|
|
|
return effectiveDataLen;
|
|
|
|
|
|
|
|
pBuffer += status;
|
|
|
|
size -= status;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case ChunkStateFooter:
|
|
|
|
{
|
2023-06-27 20:53:49 +03:00
|
|
|
char _dummy[2] = { 0 };
|
2023-06-26 20:24:58 +03:00
|
|
|
WINPR_ASSERT(encodingContext->nextOffset == 0);
|
|
|
|
WINPR_ASSERT(encodingContext->headerFooterPos < 2);
|
|
|
|
ERR_clear_error();
|
|
|
|
status = BIO_read(bio, _dummy, 2 - encodingContext->headerFooterPos);
|
|
|
|
if (status >= 0)
|
|
|
|
{
|
|
|
|
encodingContext->headerFooterPos += status;
|
|
|
|
if (encodingContext->headerFooterPos == 2)
|
|
|
|
{
|
|
|
|
encodingContext->state = ChunkStateLenghHeader;
|
|
|
|
encodingContext->headerFooterPos = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
return (effectiveDataLen > 0 ? effectiveDataLen : status);
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case ChunkStateLenghHeader:
|
|
|
|
{
|
|
|
|
BOOL _haveNewLine = FALSE;
|
|
|
|
char* dst = &encodingContext->lenBuffer[encodingContext->headerFooterPos];
|
|
|
|
WINPR_ASSERT(encodingContext->nextOffset == 0);
|
|
|
|
while (encodingContext->headerFooterPos < 10 && !_haveNewLine)
|
|
|
|
{
|
|
|
|
ERR_clear_error();
|
|
|
|
status = BIO_read(bio, dst, 1);
|
|
|
|
if (status >= 0)
|
|
|
|
{
|
|
|
|
if (*dst == '\n')
|
|
|
|
_haveNewLine = TRUE;
|
|
|
|
encodingContext->headerFooterPos += status;
|
|
|
|
dst += status;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
return (effectiveDataLen > 0 ? effectiveDataLen : status);
|
|
|
|
}
|
|
|
|
*dst = '\0';
|
|
|
|
/* strtoul is tricky, error are reported via errno, we also need
|
|
|
|
* to ensure the result does not overflow */
|
|
|
|
errno = 0;
|
|
|
|
size_t tmp = strtoul(encodingContext->lenBuffer, NULL, 16);
|
|
|
|
if ((errno != 0) || (tmp > SIZE_MAX))
|
|
|
|
{
|
|
|
|
/* denote end of stream if something bad happens */
|
|
|
|
encodingContext->nextOffset = 0;
|
|
|
|
encodingContext->state = ChunkStateEnd;
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
encodingContext->nextOffset = tmp;
|
|
|
|
encodingContext->state = ChunkStateData;
|
|
|
|
|
|
|
|
if (encodingContext->nextOffset == 0)
|
|
|
|
{ /* end of stream */
|
|
|
|
WLog_DBG(TAG, "chunked encoding end of stream received");
|
|
|
|
encodingContext->headerFooterPos = 0;
|
|
|
|
encodingContext->state = ChunkStateEnd;
|
|
|
|
return (effectiveDataLen > 0 ? effectiveDataLen : 0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
/* invalid state / ChunkStateEnd */
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-11-12 17:40:10 +03:00
|
|
|
HttpResponse* http_response_recv(rdpTls* tls, BOOL readContentLength)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2017-12-11 12:25:21 +03:00
|
|
|
size_t position;
|
2018-02-14 12:14:33 +03:00
|
|
|
size_t bodyLength = 0;
|
2022-02-01 10:08:04 +03:00
|
|
|
size_t payloadOffset = 0;
|
|
|
|
HttpResponse* response = http_response_new();
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!response)
|
2018-01-15 18:50:01 +03:00
|
|
|
return NULL;
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
response->ContentLength = 0;
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2018-10-19 12:59:28 +03:00
|
|
|
while (payloadOffset == 0)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2018-10-19 12:59:28 +03:00
|
|
|
size_t s;
|
|
|
|
char* end;
|
|
|
|
/* Read until we encounter \r\n\r\n */
|
2022-07-01 06:30:21 +03:00
|
|
|
ERR_clear_error();
|
2018-10-19 13:52:14 +03:00
|
|
|
int status = BIO_read(tls->bio, Stream_Pointer(response->data), 1);
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
if (status <= 0)
|
|
|
|
{
|
|
|
|
if (!BIO_should_retry(tls->bio))
|
2018-12-06 12:07:15 +03:00
|
|
|
{
|
2023-01-23 14:03:18 +03:00
|
|
|
WLog_ERR(TAG, "Retries exceeded");
|
2018-12-14 15:15:37 +03:00
|
|
|
ERR_print_errors_cb(print_bio_error, NULL);
|
2018-01-15 18:50:01 +03:00
|
|
|
goto out_error;
|
2018-12-06 12:07:15 +03:00
|
|
|
}
|
2014-04-09 17:00:38 +04:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
USleep(100);
|
|
|
|
continue;
|
|
|
|
}
|
2014-04-09 17:00:38 +04:00
|
|
|
|
2023-01-10 16:47:16 +03:00
|
|
|
#ifdef FREERDP_HAVE_VALGRIND_MEMCHECK_H
|
2018-02-14 12:15:51 +03:00
|
|
|
VALGRIND_MAKE_MEM_DEFINED(Stream_Pointer(response->data), status);
|
2014-05-21 19:32:14 +04:00
|
|
|
#endif
|
2018-09-27 17:05:14 +03:00
|
|
|
Stream_Seek(response->data, (size_t)status);
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2018-10-19 12:59:28 +03:00
|
|
|
if (!Stream_EnsureRemainingCapacity(response->data, 1024))
|
|
|
|
goto out_error;
|
2013-05-07 00:57:39 +04:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
position = Stream_GetPosition(response->data);
|
2015-02-03 01:16:32 +03:00
|
|
|
|
2018-10-19 12:59:28 +03:00
|
|
|
if (position < 4)
|
|
|
|
continue;
|
|
|
|
else if (position > RESPONSE_SIZE_LIMIT)
|
2018-01-15 18:50:01 +03:00
|
|
|
{
|
2019-11-06 17:24:51 +03:00
|
|
|
WLog_ERR(TAG, "Request header too large! (%" PRIdz " bytes) Aborting!", bodyLength);
|
2018-01-15 18:50:01 +03:00
|
|
|
goto out_error;
|
2015-02-03 01:16:32 +03:00
|
|
|
}
|
2015-02-02 02:50:21 +03:00
|
|
|
|
2018-10-19 12:59:28 +03:00
|
|
|
/* Always check at most the lase 8 bytes for occurance of the desired
|
|
|
|
* sequence of \r\n\r\n */
|
|
|
|
s = (position > 8) ? 8 : position;
|
|
|
|
end = (char*)Stream_Pointer(response->data) - s;
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2018-10-19 12:59:28 +03:00
|
|
|
if (string_strnstr(end, "\r\n\r\n", s) != NULL)
|
|
|
|
payloadOffset = Stream_GetPosition(response->data);
|
2018-01-15 18:50:01 +03:00
|
|
|
}
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
if (payloadOffset)
|
|
|
|
{
|
|
|
|
size_t count = 0;
|
2018-06-06 17:43:09 +03:00
|
|
|
char* buffer = (char*)Stream_Buffer(response->data);
|
2019-11-06 17:24:51 +03:00
|
|
|
char* line = (char*)Stream_Buffer(response->data);
|
2020-05-18 11:35:52 +03:00
|
|
|
char* context = NULL;
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2018-10-18 10:09:30 +03:00
|
|
|
while ((line = string_strnstr(line, "\r\n", payloadOffset - (line - buffer) - 2UL)))
|
2018-01-15 18:50:01 +03:00
|
|
|
{
|
|
|
|
line += 2;
|
|
|
|
count++;
|
|
|
|
}
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
response->count = count;
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
if (count)
|
|
|
|
{
|
2019-11-06 17:24:51 +03:00
|
|
|
response->lines = (char**)calloc(response->count, sizeof(char*));
|
2015-02-03 01:16:32 +03:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
if (!response->lines)
|
2015-02-03 01:16:32 +03:00
|
|
|
goto out_error;
|
2018-01-15 18:50:01 +03:00
|
|
|
}
|
2015-02-03 01:16:32 +03:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
buffer[payloadOffset - 1] = '\0';
|
|
|
|
buffer[payloadOffset - 2] = '\0';
|
|
|
|
count = 0;
|
2020-05-18 11:35:52 +03:00
|
|
|
line = strtok_s(buffer, "\r\n", &context);
|
2014-04-09 17:00:38 +04:00
|
|
|
|
2018-10-24 15:36:12 +03:00
|
|
|
while (line && (response->count > count))
|
2018-01-15 18:50:01 +03:00
|
|
|
{
|
|
|
|
response->lines[count] = line;
|
2020-05-18 11:35:52 +03:00
|
|
|
line = strtok_s(NULL, "\r\n", &context);
|
2018-01-15 18:50:01 +03:00
|
|
|
count++;
|
|
|
|
}
|
2015-02-03 01:16:32 +03:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
if (!http_response_parse_header(response))
|
|
|
|
goto out_error;
|
2015-02-03 01:16:32 +03:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
response->BodyLength = Stream_GetPosition(response->data) - payloadOffset;
|
2023-06-26 20:24:58 +03:00
|
|
|
WINPR_ASSERT(response->BodyLength == 0);
|
2018-11-12 17:40:10 +03:00
|
|
|
bodyLength = response->BodyLength; /* expected body length */
|
|
|
|
|
|
|
|
if (readContentLength)
|
2018-01-15 18:50:01 +03:00
|
|
|
{
|
2018-10-19 12:39:22 +03:00
|
|
|
const char* cur = response->ContentType;
|
2016-11-13 05:26:01 +03:00
|
|
|
|
2018-10-19 12:39:22 +03:00
|
|
|
while (cur != NULL)
|
|
|
|
{
|
|
|
|
if (http_use_content_length(cur))
|
|
|
|
{
|
2018-11-12 17:40:10 +03:00
|
|
|
if (response->ContentLength < RESPONSE_SIZE_LIMIT)
|
|
|
|
bodyLength = response->ContentLength;
|
|
|
|
|
2018-10-19 12:39:22 +03:00
|
|
|
break;
|
|
|
|
}
|
2023-06-26 20:24:58 +03:00
|
|
|
else
|
|
|
|
readContentLength = FALSE; /* prevent chunked read */
|
2018-10-19 12:39:22 +03:00
|
|
|
|
|
|
|
cur = strchr(cur, ';');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
if (bodyLength > RESPONSE_SIZE_LIMIT)
|
|
|
|
{
|
2019-11-06 17:24:51 +03:00
|
|
|
WLog_ERR(TAG, "Expected request body too large! (%" PRIdz " bytes) Aborting!",
|
|
|
|
bodyLength);
|
2018-01-15 18:50:01 +03:00
|
|
|
goto out_error;
|
|
|
|
}
|
2016-11-13 05:26:01 +03:00
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
/* Fetch remaining body! */
|
2023-06-26 20:24:58 +03:00
|
|
|
if ((response->TransferEncoding == TransferEncodingChunked) && readContentLength)
|
2018-01-15 18:50:01 +03:00
|
|
|
{
|
2023-06-26 20:24:58 +03:00
|
|
|
http_encoding_chunked_context ctx = { 0 };
|
|
|
|
ctx.state = ChunkStateLenghHeader;
|
|
|
|
ctx.nextOffset = 0;
|
|
|
|
ctx.headerFooterPos = 0;
|
|
|
|
int full_len = 0;
|
|
|
|
do
|
|
|
|
{
|
2023-06-29 17:28:49 +03:00
|
|
|
if (!Stream_EnsureRemainingCapacity(response->data, 2048))
|
|
|
|
goto out_error;
|
|
|
|
|
|
|
|
int status = http_chuncked_read(tls->bio, Stream_Pointer(response->data),
|
|
|
|
Stream_GetRemainingCapacity(response->data), &ctx);
|
2023-06-26 20:24:58 +03:00
|
|
|
if (status <= 0)
|
|
|
|
{
|
|
|
|
if (!BIO_should_retry(tls->bio))
|
|
|
|
{
|
|
|
|
WLog_ERR(TAG, "Retries exceeded");
|
|
|
|
ERR_print_errors_cb(print_bio_error, NULL);
|
|
|
|
goto out_error;
|
|
|
|
}
|
|
|
|
|
|
|
|
USleep(100);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
Stream_Seek(response->data, (size_t)status);
|
|
|
|
full_len += status;
|
|
|
|
}
|
|
|
|
} while (ctx.state != ChunkStateEnd);
|
|
|
|
response->BodyLength = full_len;
|
|
|
|
if (response->BodyLength > 0)
|
|
|
|
response->BodyContent = &(Stream_Buffer(response->data))[payloadOffset];
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
while (response->BodyLength < bodyLength)
|
2016-11-13 05:26:01 +03:00
|
|
|
{
|
2023-06-26 20:24:58 +03:00
|
|
|
int status;
|
|
|
|
|
|
|
|
if (!Stream_EnsureRemainingCapacity(response->data,
|
|
|
|
bodyLength - response->BodyLength))
|
2016-11-13 05:26:01 +03:00
|
|
|
goto out_error;
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
ERR_clear_error();
|
|
|
|
status = BIO_read(tls->bio, Stream_Pointer(response->data),
|
|
|
|
bodyLength - response->BodyLength);
|
2016-11-13 05:26:01 +03:00
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
if (status <= 0)
|
|
|
|
{
|
|
|
|
if (!BIO_should_retry(tls->bio))
|
|
|
|
{
|
|
|
|
WLog_ERR(TAG, "Retries exceeded");
|
|
|
|
ERR_print_errors_cb(print_bio_error, NULL);
|
|
|
|
goto out_error;
|
|
|
|
}
|
|
|
|
|
|
|
|
USleep(100);
|
|
|
|
continue;
|
|
|
|
}
|
2018-01-15 18:50:01 +03:00
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
Stream_Seek(response->data, (size_t)status);
|
|
|
|
response->BodyLength += (unsigned long)status;
|
|
|
|
|
|
|
|
if (response->BodyLength > RESPONSE_SIZE_LIMIT)
|
|
|
|
{
|
|
|
|
WLog_ERR(TAG, "Request body too large! (%" PRIdz " bytes) Aborting!",
|
|
|
|
response->BodyLength);
|
|
|
|
goto out_error;
|
|
|
|
}
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
2012-04-19 19:29:53 +04:00
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
if (response->BodyLength > 0)
|
|
|
|
response->BodyContent = &(Stream_Buffer(response->data))[payloadOffset];
|
2017-11-14 18:10:52 +03:00
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
if (bodyLength != response->BodyLength)
|
|
|
|
{
|
|
|
|
WLog_WARN(TAG, "%s unexpected body length: actual: %" PRIuz ", expected: %" PRIuz,
|
|
|
|
response->ContentType, response->BodyLength, bodyLength);
|
2018-10-18 17:58:53 +03:00
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
if (bodyLength > 0)
|
|
|
|
response->BodyLength = MIN(bodyLength, response->BodyLength);
|
|
|
|
}
|
2012-04-19 19:29:53 +04:00
|
|
|
}
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
2023-06-26 20:24:58 +03:00
|
|
|
Stream_SealLength(response->data);
|
2012-04-17 00:21:46 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
return response;
|
2014-04-09 17:00:38 +04:00
|
|
|
out_error:
|
2015-02-02 04:47:43 +03:00
|
|
|
http_response_free(response);
|
2014-04-09 17:00:38 +04:00
|
|
|
return NULL;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
const BYTE* http_response_get_body(HttpResponse* response)
|
|
|
|
{
|
|
|
|
if (!response)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
return response->BodyContent;
|
|
|
|
}
|
|
|
|
|
2023-06-27 20:53:49 +03:00
|
|
|
static BOOL set_compare(wListDictionary* dict)
|
|
|
|
{
|
|
|
|
WINPR_ASSERT(dict);
|
|
|
|
wObject* key = ListDictionary_KeyObject(dict);
|
|
|
|
wObject* value = ListDictionary_KeyObject(dict);
|
|
|
|
if (!key || !value)
|
|
|
|
return FALSE;
|
|
|
|
key->fnObjectEquals = strings_equals_nocase;
|
|
|
|
value->fnObjectEquals = strings_equals_nocase;
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2018-01-15 14:43:37 +03:00
|
|
|
HttpResponse* http_response_new(void)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2019-11-06 17:24:51 +03:00
|
|
|
HttpResponse* response = (HttpResponse*)calloc(1, sizeof(HttpResponse));
|
2014-08-18 19:22:43 +04:00
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!response)
|
2014-04-19 01:08:34 +04:00
|
|
|
return NULL;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
response->Authenticates = ListDictionary_New(FALSE);
|
2017-11-14 18:10:52 +03:00
|
|
|
|
2015-05-18 12:28:00 +03:00
|
|
|
if (!response->Authenticates)
|
2018-01-15 18:50:01 +03:00
|
|
|
goto fail;
|
|
|
|
|
2023-06-27 20:53:49 +03:00
|
|
|
if (!set_compare(response->Authenticates))
|
|
|
|
goto fail;
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
response->SetCookie = ListDictionary_New(FALSE);
|
|
|
|
|
|
|
|
if (!response->SetCookie)
|
|
|
|
goto fail;
|
|
|
|
|
2023-06-27 20:53:49 +03:00
|
|
|
if (!set_compare(response->SetCookie))
|
|
|
|
goto fail;
|
|
|
|
|
2018-01-15 18:50:01 +03:00
|
|
|
response->data = Stream_New(NULL, 2048);
|
|
|
|
|
|
|
|
if (!response->data)
|
|
|
|
goto fail;
|
2014-12-11 19:25:34 +03:00
|
|
|
|
2021-01-25 10:39:30 +03:00
|
|
|
response->TransferEncoding = TransferEncodingIdentity;
|
2015-02-02 04:47:43 +03:00
|
|
|
return response;
|
2018-01-15 18:50:01 +03:00
|
|
|
fail:
|
|
|
|
http_response_free(response);
|
|
|
|
return NULL;
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
void http_response_free(HttpResponse* response)
|
2012-04-17 00:21:46 +04:00
|
|
|
{
|
2015-02-02 04:47:43 +03:00
|
|
|
if (!response)
|
2014-04-19 01:08:34 +04:00
|
|
|
return;
|
|
|
|
|
2015-02-02 04:47:43 +03:00
|
|
|
free(response->lines);
|
|
|
|
ListDictionary_Free(response->Authenticates);
|
2023-06-26 20:24:58 +03:00
|
|
|
ListDictionary_Free(response->SetCookie);
|
2018-01-15 18:50:01 +03:00
|
|
|
Stream_Free(response->data, TRUE);
|
2015-02-02 04:47:43 +03:00
|
|
|
free(response);
|
2012-04-17 00:21:46 +04:00
|
|
|
}
|
2018-09-27 16:04:41 +03:00
|
|
|
|
|
|
|
const char* http_request_get_uri(HttpRequest* request)
|
|
|
|
{
|
|
|
|
if (!request)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
return request->URI;
|
|
|
|
}
|
|
|
|
|
|
|
|
SSIZE_T http_request_get_content_length(HttpRequest* request)
|
|
|
|
{
|
|
|
|
if (!request)
|
|
|
|
return -1;
|
|
|
|
|
2018-09-27 17:05:14 +03:00
|
|
|
return (SSIZE_T)request->ContentLength;
|
2018-09-27 16:04:41 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
BOOL http_request_set_content_length(HttpRequest* request, size_t length)
|
|
|
|
{
|
|
|
|
if (!request)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
request->ContentLength = length;
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
long http_response_get_status_code(HttpResponse* response)
|
|
|
|
{
|
|
|
|
if (!response)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
return response->StatusCode;
|
|
|
|
}
|
|
|
|
|
|
|
|
SSIZE_T http_response_get_body_length(HttpResponse* response)
|
|
|
|
{
|
|
|
|
if (!response)
|
|
|
|
return -1;
|
|
|
|
|
2018-09-27 17:05:14 +03:00
|
|
|
return (SSIZE_T)response->BodyLength;
|
2018-09-27 16:04:41 +03:00
|
|
|
}
|
|
|
|
|
2021-01-25 10:39:30 +03:00
|
|
|
const char* http_response_get_auth_token(HttpResponse* response, const char* method)
|
2018-09-27 16:04:41 +03:00
|
|
|
{
|
2021-01-25 10:39:30 +03:00
|
|
|
if (!response || !method)
|
2018-09-27 16:04:41 +03:00
|
|
|
return NULL;
|
|
|
|
|
2021-01-25 10:39:30 +03:00
|
|
|
if (!ListDictionary_Contains(response->Authenticates, method))
|
2018-09-27 16:04:41 +03:00
|
|
|
return NULL;
|
|
|
|
|
2021-01-25 10:39:30 +03:00
|
|
|
return ListDictionary_GetItemValue(response->Authenticates, method);
|
|
|
|
}
|
|
|
|
|
2023-06-26 20:24:58 +03:00
|
|
|
const char* http_response_get_setcookie(HttpResponse* response, const char* cookie)
|
|
|
|
{
|
|
|
|
if (!response || !cookie)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
if (!ListDictionary_Contains(response->SetCookie, cookie))
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
return ListDictionary_GetItemValue(response->SetCookie, cookie);
|
|
|
|
}
|
|
|
|
|
2021-01-25 10:39:30 +03:00
|
|
|
TRANSFER_ENCODING http_response_get_transfer_encoding(HttpResponse* response)
|
|
|
|
{
|
|
|
|
if (!response)
|
|
|
|
return TransferEncodingUnknown;
|
|
|
|
|
|
|
|
return response->TransferEncoding;
|
2018-09-27 16:04:41 +03:00
|
|
|
}
|
2021-01-25 18:20:18 +03:00
|
|
|
|
|
|
|
BOOL http_response_is_websocket(HttpContext* http, HttpResponse* response)
|
|
|
|
{
|
|
|
|
BOOL isWebsocket = FALSE;
|
|
|
|
WINPR_DIGEST_CTX* sha1 = NULL;
|
|
|
|
char* base64accept = NULL;
|
|
|
|
BYTE sha1_digest[WINPR_SHA1_DIGEST_LENGTH];
|
|
|
|
|
|
|
|
if (!http || !response)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
if (!http->websocketUpgrade || response->StatusCode != HTTP_STATUS_SWITCH_PROTOCOLS)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
if (response->SecWebsocketVersion && _stricmp(response->SecWebsocketVersion, "13") != 0)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
if (!response->SecWebsocketAccept)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
/* now check if Sec-Websocket-Accept is correct */
|
|
|
|
|
|
|
|
sha1 = winpr_Digest_New();
|
|
|
|
if (!sha1)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (!winpr_Digest_Init(sha1, WINPR_MD_SHA1))
|
|
|
|
goto out;
|
|
|
|
|
2022-08-31 15:28:13 +03:00
|
|
|
if (!winpr_Digest_Update(sha1, (BYTE*)http->SecWebsocketKey, strlen(http->SecWebsocketKey)))
|
2021-01-25 18:20:18 +03:00
|
|
|
goto out;
|
|
|
|
if (!winpr_Digest_Update(sha1, (const BYTE*)WEBSOCKET_MAGIC_GUID, strlen(WEBSOCKET_MAGIC_GUID)))
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (!winpr_Digest_Final(sha1, sha1_digest, sizeof(sha1_digest)))
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
base64accept = crypto_base64_encode(sha1_digest, WINPR_SHA1_DIGEST_LENGTH);
|
|
|
|
if (!base64accept)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (_stricmp(response->SecWebsocketAccept, base64accept) != 0)
|
|
|
|
{
|
|
|
|
WLog_WARN(TAG, "Webserver gave Websocket Upgrade response but sanity check failed");
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
isWebsocket = TRUE;
|
|
|
|
out:
|
|
|
|
winpr_Digest_Free(sha1);
|
|
|
|
free(base64accept);
|
|
|
|
return isWebsocket;
|
|
|
|
}
|
2023-04-06 09:57:34 +03:00
|
|
|
|
|
|
|
const char* http_status_string(long status)
|
|
|
|
{
|
|
|
|
switch (status)
|
|
|
|
{
|
|
|
|
case HTTP_STATUS_CONTINUE:
|
|
|
|
return "HTTP_STATUS_CONTINUE";
|
|
|
|
case HTTP_STATUS_SWITCH_PROTOCOLS:
|
|
|
|
return "HTTP_STATUS_SWITCH_PROTOCOLS";
|
|
|
|
case HTTP_STATUS_OK:
|
|
|
|
return "HTTP_STATUS_OK";
|
|
|
|
case HTTP_STATUS_CREATED:
|
|
|
|
return "HTTP_STATUS_CREATED";
|
|
|
|
case HTTP_STATUS_ACCEPTED:
|
|
|
|
return "HTTP_STATUS_ACCEPTED";
|
|
|
|
case HTTP_STATUS_PARTIAL:
|
|
|
|
return "HTTP_STATUS_PARTIAL";
|
|
|
|
case HTTP_STATUS_NO_CONTENT:
|
|
|
|
return "HTTP_STATUS_NO_CONTENT";
|
|
|
|
case HTTP_STATUS_RESET_CONTENT:
|
|
|
|
return "HTTP_STATUS_RESET_CONTENT";
|
|
|
|
case HTTP_STATUS_PARTIAL_CONTENT:
|
|
|
|
return "HTTP_STATUS_PARTIAL_CONTENT";
|
|
|
|
case HTTP_STATUS_WEBDAV_MULTI_STATUS:
|
|
|
|
return "HTTP_STATUS_WEBDAV_MULTI_STATUS";
|
|
|
|
case HTTP_STATUS_AMBIGUOUS:
|
|
|
|
return "HTTP_STATUS_AMBIGUOUS";
|
|
|
|
case HTTP_STATUS_MOVED:
|
|
|
|
return "HTTP_STATUS_MOVED";
|
|
|
|
case HTTP_STATUS_REDIRECT:
|
|
|
|
return "HTTP_STATUS_REDIRECT";
|
|
|
|
case HTTP_STATUS_REDIRECT_METHOD:
|
|
|
|
return "HTTP_STATUS_REDIRECT_METHOD";
|
|
|
|
case HTTP_STATUS_NOT_MODIFIED:
|
|
|
|
return "HTTP_STATUS_NOT_MODIFIED";
|
|
|
|
case HTTP_STATUS_USE_PROXY:
|
|
|
|
return "HTTP_STATUS_USE_PROXY";
|
|
|
|
case HTTP_STATUS_REDIRECT_KEEP_VERB:
|
|
|
|
return "HTTP_STATUS_REDIRECT_KEEP_VERB";
|
|
|
|
case HTTP_STATUS_BAD_REQUEST:
|
|
|
|
return "HTTP_STATUS_BAD_REQUEST";
|
|
|
|
case HTTP_STATUS_DENIED:
|
|
|
|
return "HTTP_STATUS_DENIED";
|
|
|
|
case HTTP_STATUS_PAYMENT_REQ:
|
|
|
|
return "HTTP_STATUS_PAYMENT_REQ";
|
|
|
|
case HTTP_STATUS_FORBIDDEN:
|
|
|
|
return "HTTP_STATUS_FORBIDDEN";
|
|
|
|
case HTTP_STATUS_NOT_FOUND:
|
|
|
|
return "HTTP_STATUS_NOT_FOUND";
|
|
|
|
case HTTP_STATUS_BAD_METHOD:
|
|
|
|
return "HTTP_STATUS_BAD_METHOD";
|
|
|
|
case HTTP_STATUS_NONE_ACCEPTABLE:
|
|
|
|
return "HTTP_STATUS_NONE_ACCEPTABLE";
|
|
|
|
case HTTP_STATUS_PROXY_AUTH_REQ:
|
|
|
|
return "HTTP_STATUS_PROXY_AUTH_REQ";
|
|
|
|
case HTTP_STATUS_REQUEST_TIMEOUT:
|
|
|
|
return "HTTP_STATUS_REQUEST_TIMEOUT";
|
|
|
|
case HTTP_STATUS_CONFLICT:
|
|
|
|
return "HTTP_STATUS_CONFLICT";
|
|
|
|
case HTTP_STATUS_GONE:
|
|
|
|
return "HTTP_STATUS_GONE";
|
|
|
|
case HTTP_STATUS_LENGTH_REQUIRED:
|
|
|
|
return "HTTP_STATUS_LENGTH_REQUIRED";
|
|
|
|
case HTTP_STATUS_PRECOND_FAILED:
|
|
|
|
return "HTTP_STATUS_PRECOND_FAILED";
|
|
|
|
case HTTP_STATUS_REQUEST_TOO_LARGE:
|
|
|
|
return "HTTP_STATUS_REQUEST_TOO_LARGE";
|
|
|
|
case HTTP_STATUS_URI_TOO_LONG:
|
|
|
|
return "HTTP_STATUS_URI_TOO_LONG";
|
|
|
|
case HTTP_STATUS_UNSUPPORTED_MEDIA:
|
|
|
|
return "HTTP_STATUS_UNSUPPORTED_MEDIA";
|
|
|
|
case HTTP_STATUS_RETRY_WITH:
|
|
|
|
return "HTTP_STATUS_RETRY_WITH";
|
|
|
|
case HTTP_STATUS_SERVER_ERROR:
|
|
|
|
return "HTTP_STATUS_SERVER_ERROR";
|
|
|
|
case HTTP_STATUS_NOT_SUPPORTED:
|
|
|
|
return "HTTP_STATUS_NOT_SUPPORTED";
|
|
|
|
case HTTP_STATUS_BAD_GATEWAY:
|
|
|
|
return "HTTP_STATUS_BAD_GATEWAY";
|
|
|
|
case HTTP_STATUS_SERVICE_UNAVAIL:
|
|
|
|
return "HTTP_STATUS_SERVICE_UNAVAIL";
|
|
|
|
case HTTP_STATUS_GATEWAY_TIMEOUT:
|
|
|
|
return "HTTP_STATUS_GATEWAY_TIMEOUT";
|
|
|
|
case HTTP_STATUS_VERSION_NOT_SUP:
|
|
|
|
return "HTTP_STATUS_VERSION_NOT_SUP";
|
|
|
|
default:
|
|
|
|
return "HTTP_STATUS_UNKNOWN";
|
|
|
|
}
|
|
|
|
}
|
2023-04-06 09:59:45 +03:00
|
|
|
|
|
|
|
char* http_status_string_format(long status, char* buffer, size_t size)
|
|
|
|
{
|
|
|
|
const char* code = http_status_string(status);
|
|
|
|
_snprintf(buffer, size, "%s [%ld]", code, status);
|
|
|
|
return buffer;
|
|
|
|
}
|