2012-05-29 13:31:11 +00:00
|
|
|
// Ryzom - MMORPG Framework <http://dev.ryzom.com/projects/ryzom/>
|
|
|
|
// Copyright (C) 2010 Winch Gate Property Limited
|
|
|
|
//
|
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU Affero General Public License as
|
|
|
|
// published by the Free Software Foundation, either version 3 of the
|
|
|
|
// License, or (at your option) any later version.
|
|
|
|
//
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
#include "stdpch.h"
|
|
|
|
#include "http_client_curl.h"
|
|
|
|
|
2016-02-20 18:25:31 +00:00
|
|
|
#include <curl/curl.h>
|
|
|
|
|
|
|
|
#include <openssl/ssl.h>
|
2016-04-18 11:39:48 +00:00
|
|
|
#include <openssl/err.h>
|
2016-02-20 18:25:31 +00:00
|
|
|
|
2012-05-29 13:31:11 +00:00
|
|
|
using namespace NLMISC;
|
|
|
|
using namespace NLNET;
|
|
|
|
using namespace std;
|
|
|
|
|
|
|
|
#define _Curl (CURL *)_CurlStruct
|
|
|
|
|
|
|
|
|
|
|
|
// Ugly CURL callback
|
|
|
|
size_t CCurlHttpClient::writeDataFromCurl(void *buffer, size_t size, size_t nmemb, void *pHttpClient)
|
|
|
|
{
|
|
|
|
CCurlHttpClient * httpClient = static_cast<CCurlHttpClient*>(pHttpClient);
|
|
|
|
httpClient->pushReceivedData((uint8*)buffer, (uint)(size*nmemb));
|
|
|
|
return size*nmemb;
|
|
|
|
}
|
|
|
|
|
|
|
|
// ***************************************************************************
|
|
|
|
bool CCurlHttpClient::connect(const std::string &/* server */)
|
|
|
|
{
|
|
|
|
curl_version_info_data *vdata = curl_version_info(CURLVERSION_NOW);
|
|
|
|
nldebug("Libcurl v%s", vdata->version);
|
|
|
|
if ((vdata->features & CURL_VERSION_SSL) == 0)
|
|
|
|
nlwarning("SSL not supported");
|
|
|
|
|
|
|
|
curl_global_init(CURL_GLOBAL_ALL);
|
|
|
|
_CurlStruct = curl_easy_init();
|
|
|
|
if(_Curl == NULL)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
// ***************************************************************************
|
|
|
|
bool CCurlHttpClient::authenticate(const std::string &user, const std::string &password)
|
|
|
|
{
|
|
|
|
_Auth = user + ":" + password;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2012-09-11 18:26:36 +00:00
|
|
|
const char *CAFilename = "ssl_ca_cert.pem"; // this is the certificate "Thawte Server CA"
|
2012-05-29 13:31:11 +00:00
|
|
|
|
2016-03-01 12:45:45 +00:00
|
|
|
// ***************************************************************************
|
2016-04-18 11:40:02 +00:00
|
|
|
static CURLcode sslctx_function(CURL * /* curl */, void *sslctx, void * /* parm */)
|
2016-02-20 18:25:31 +00:00
|
|
|
{
|
2016-03-01 12:45:45 +00:00
|
|
|
// look for certificate in search paths
|
2016-02-20 18:25:31 +00:00
|
|
|
string path = CPath::lookup(CAFilename);
|
2016-04-18 11:40:13 +00:00
|
|
|
nlinfo("Cert path '%s'", path.c_str());
|
2016-02-20 18:25:31 +00:00
|
|
|
|
2016-03-01 12:45:45 +00:00
|
|
|
if (path.empty())
|
|
|
|
{
|
|
|
|
nlwarning("Unable to find %s", CAFilename);
|
|
|
|
return CURLE_SSL_CACERT;
|
|
|
|
}
|
|
|
|
|
2016-02-20 18:25:31 +00:00
|
|
|
CIFile file;
|
|
|
|
|
2016-03-01 12:45:45 +00:00
|
|
|
// open certificate
|
|
|
|
if (!file.open(path))
|
2016-02-20 18:25:31 +00:00
|
|
|
{
|
2016-03-01 12:45:45 +00:00
|
|
|
nlwarning("Unable to open %s", path.c_str());
|
2016-02-20 18:25:31 +00:00
|
|
|
return CURLE_SSL_CACERT;
|
|
|
|
}
|
|
|
|
|
|
|
|
CURLcode res = CURLE_OK;
|
|
|
|
|
2016-03-01 12:45:45 +00:00
|
|
|
// load certificate content into memory
|
2016-02-20 18:25:31 +00:00
|
|
|
std::vector<uint8> buffer(file.getFileSize());
|
|
|
|
file.serialBuffer(&buffer[0], file.getFileSize());
|
|
|
|
|
|
|
|
// get a BIO
|
|
|
|
BIO *bio = BIO_new_mem_buf(&buffer[0], file.getFileSize());
|
2016-04-18 11:39:48 +00:00
|
|
|
|
|
|
|
char errorBuffer[1024];
|
2016-02-20 18:25:31 +00:00
|
|
|
|
|
|
|
if (bio)
|
|
|
|
{
|
2016-03-01 12:45:45 +00:00
|
|
|
// get a pointer to the X509 certificate store (which may be empty!)
|
|
|
|
X509_STORE *store = SSL_CTX_get_cert_store((SSL_CTX *)sslctx);
|
|
|
|
|
2016-02-20 18:25:31 +00:00
|
|
|
// use it to read the PEM formatted certificate from memory into an X509
|
|
|
|
// structure that SSL can use
|
2016-03-01 12:45:45 +00:00
|
|
|
STACK_OF(X509_INFO) *info = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL);
|
2016-02-20 18:25:31 +00:00
|
|
|
|
2016-03-01 12:45:45 +00:00
|
|
|
if (info)
|
2016-02-20 18:25:31 +00:00
|
|
|
{
|
2016-03-01 12:45:45 +00:00
|
|
|
// iterate over all entries from the PEM file, add them to the x509_store one by one
|
|
|
|
for (sint i = 0; i < sk_X509_INFO_num(info); ++i)
|
2016-02-20 18:25:31 +00:00
|
|
|
{
|
2016-03-01 12:45:45 +00:00
|
|
|
X509_INFO *itmp = sk_X509_INFO_value(info, i);
|
|
|
|
|
2016-05-08 11:33:38 +00:00
|
|
|
if (itmp && itmp->x509)
|
2016-03-01 12:45:45 +00:00
|
|
|
{
|
|
|
|
// add our certificate to this store
|
|
|
|
if (X509_STORE_add_cert(store, itmp->x509) == 0)
|
|
|
|
{
|
2016-04-18 11:39:48 +00:00
|
|
|
uint errCode = ERR_get_error();
|
|
|
|
|
|
|
|
// ignore already in hash table errors
|
|
|
|
if (ERR_GET_LIB(errCode) != ERR_LIB_X509 || ERR_GET_REASON(errCode) != X509_R_CERT_ALREADY_IN_HASH_TABLE)
|
|
|
|
{
|
|
|
|
ERR_error_string_n(errCode, errorBuffer, 1024);
|
|
|
|
nlwarning("Error adding certificate %s: %s", itmp->x509->name, errorBuffer);
|
|
|
|
res = CURLE_SSL_CACERT;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
nlinfo("Added certificate %s", itmp->x509->name);
|
2016-03-01 12:45:45 +00:00
|
|
|
}
|
|
|
|
}
|
2016-02-20 18:25:31 +00:00
|
|
|
}
|
|
|
|
|
2016-03-01 12:45:45 +00:00
|
|
|
// cleanup
|
|
|
|
sk_X509_INFO_pop_free(info, X509_INFO_free);
|
2016-02-20 18:25:31 +00:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2016-03-05 11:42:32 +00:00
|
|
|
nlwarning("Unable to read PEM info");
|
2016-02-20 18:25:31 +00:00
|
|
|
res = CURLE_SSL_CACERT;
|
|
|
|
}
|
|
|
|
|
|
|
|
// decrease reference counts
|
|
|
|
BIO_free(bio);
|
|
|
|
}
|
2016-03-01 12:45:45 +00:00
|
|
|
else
|
|
|
|
{
|
|
|
|
nlwarning("Unable to allocate BIO buffer for certificates");
|
|
|
|
res = CURLE_SSL_CACERT;
|
|
|
|
}
|
2016-02-20 18:25:31 +00:00
|
|
|
|
|
|
|
// all set to go
|
2016-03-01 12:45:45 +00:00
|
|
|
return res;
|
2016-02-20 18:25:31 +00:00
|
|
|
}
|
|
|
|
|
2012-05-29 13:31:11 +00:00
|
|
|
// ***************************************************************************
|
|
|
|
bool CCurlHttpClient::verifyServer(bool verify)
|
|
|
|
{
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYHOST, verify ? 2 : 0);
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYPEER, verify ? 1 : 0);
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_SSLCERTTYPE, "PEM");
|
2016-02-20 18:25:31 +00:00
|
|
|
// would allow to provide the CA in memory instead of using CURLOPT_CAINFO, but needs to include and link OpenSSL
|
2016-04-12 13:42:43 +00:00
|
|
|
if (curl_easy_setopt(_Curl, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function) != CURLE_OK)
|
2016-03-01 12:45:45 +00:00
|
|
|
{
|
|
|
|
nlwarning("Unable to support CURLOPT_SSL_CTX_FUNCTION, curl not compiled with OpenSSL ?");
|
|
|
|
}
|
2016-02-20 18:25:31 +00:00
|
|
|
// don't use that anymore, because CA can't be loaded from BNP and doesn't support UTF-8 under Windows
|
|
|
|
// curl_easy_setopt(_Curl, CURLOPT_CAINFO, path.c_str());
|
2012-05-29 13:31:11 +00:00
|
|
|
curl_easy_setopt(_Curl, CURLOPT_CAPATH, NULL);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
// ***************************************************************************
|
|
|
|
bool CCurlHttpClient::sendRequest(const std::string& methodWB, const std::string &url, const std::string &cookieName, const std::string &cookieValue, const std::string& postParams, bool verbose)
|
|
|
|
{
|
|
|
|
if (verbose)
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_VERBOSE, 1);
|
|
|
|
|
|
|
|
// Set URL
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_URL, url.c_str());
|
|
|
|
|
|
|
|
// Authentication
|
|
|
|
if (!_Auth.empty())
|
|
|
|
{
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // TODO: CURLAUTH_ANY
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_USERPWD, _Auth.c_str());
|
|
|
|
}
|
|
|
|
|
|
|
|
// Set POST params
|
2016-05-08 11:33:21 +00:00
|
|
|
if ((methodWB == "POST") && (!postParams.empty()))
|
2012-05-29 13:31:11 +00:00
|
|
|
{
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_POSTFIELDS, postParams.c_str());
|
|
|
|
}
|
|
|
|
// Cookie
|
|
|
|
if (!cookieName.empty())
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_COOKIE, string(cookieName+"="+cookieValue).c_str());
|
|
|
|
|
|
|
|
// Include the header in the response
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_HEADER, 1);
|
|
|
|
|
|
|
|
// Register the receive callback
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_WRITEFUNCTION, CCurlHttpClient::writeDataFromCurl);
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_WRITEDATA, this);
|
|
|
|
|
|
|
|
char errorbuf [CURL_ERROR_SIZE+1];
|
|
|
|
curl_easy_setopt(_Curl, CURLOPT_ERRORBUFFER, errorbuf);
|
|
|
|
|
|
|
|
// Send
|
|
|
|
CURLcode res = curl_easy_perform(_Curl);
|
|
|
|
if (res != 0)
|
|
|
|
{
|
|
|
|
if (verbose)
|
|
|
|
nlwarning(errorbuf);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get result
|
|
|
|
long r;
|
|
|
|
curl_easy_getinfo(_Curl, CURLINFO_RESPONSE_CODE, &r);
|
|
|
|
if (verbose)
|
|
|
|
{
|
2016-03-01 12:45:45 +00:00
|
|
|
nldebug("%u", (uint)r);
|
2012-05-29 13:31:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
void CCurlHttpClient::pushReceivedData(uint8 *buffer, uint size)
|
|
|
|
{
|
|
|
|
_ReceiveBuffer.insert(_ReceiveBuffer.end(), buffer, buffer+size);
|
|
|
|
}
|
|
|
|
|
|
|
|
// ***************************************************************************
|
|
|
|
bool CCurlHttpClient::sendGet(const string &url, const string& params, bool verbose)
|
|
|
|
{
|
2016-05-08 11:33:21 +00:00
|
|
|
return sendRequest("GET", url + (params.empty() ? "" : ("?" + params)), string(), string(), string(), verbose);
|
2012-05-29 13:31:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// ***************************************************************************
|
|
|
|
bool CCurlHttpClient::sendGetWithCookie(const string &url, const string &name, const string &value, const string& params, bool verbose)
|
|
|
|
{
|
2016-05-08 11:33:21 +00:00
|
|
|
return sendRequest("GET", url + (params.empty() ? "" : ("?" + params)), name, value, string(), verbose);
|
2012-05-29 13:31:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// ***************************************************************************
|
|
|
|
bool CCurlHttpClient::sendPost(const string &url, const string& params, bool verbose)
|
|
|
|
{
|
2016-05-08 11:33:21 +00:00
|
|
|
return sendRequest("POST", url, string(), string(), params, verbose);
|
2012-05-29 13:31:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// ***************************************************************************
|
|
|
|
bool CCurlHttpClient::sendPostWithCookie(const string &url, const string &name, const string &value, const string& params, bool verbose)
|
|
|
|
{
|
2016-05-08 11:33:21 +00:00
|
|
|
return sendRequest("POST", url, name, value, params, verbose);
|
2012-05-29 13:31:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// ***************************************************************************
|
|
|
|
bool CCurlHttpClient::receive(string &res, bool verbose)
|
|
|
|
{
|
|
|
|
if (verbose)
|
|
|
|
{
|
2016-05-12 17:52:20 +00:00
|
|
|
nldebug("Receiving %u bytes", (uint)_ReceiveBuffer.size());
|
2012-05-29 13:31:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
res.clear();
|
2016-05-12 17:52:20 +00:00
|
|
|
if (!_ReceiveBuffer.empty())
|
2012-05-29 13:31:11 +00:00
|
|
|
res.assign((const char*)&(*(_ReceiveBuffer.begin())), _ReceiveBuffer.size());
|
|
|
|
_ReceiveBuffer.clear();
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
// ***************************************************************************
|
|
|
|
void CCurlHttpClient::disconnect()
|
|
|
|
{
|
|
|
|
curl_easy_cleanup(_Curl);
|
|
|
|
curl_global_cleanup();
|
|
|
|
}
|
|
|
|
|
|
|
|
CCurlHttpClient CurlHttpClient;
|
|
|
|
|
|
|
|
|
|
|
|
|