khanat-opennel-code/code/ryzom/client/src/http_client_curl.cpp
kervala 8acaa65e04 Fixed: Compilation with OpenSSL 1.1.0
--HG--
branch : develop
2017-10-01 15:17:10 +02:00

308 lines
8.9 KiB
C++

// Ryzom - MMORPG Framework <http://dev.ryzom.com/projects/ryzom/>
// Copyright (C) 2010 Winch Gate Property Limited
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
// published by the Free Software Foundation, either version 3 of the
// License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
#include "stdpch.h"
#include "http_client_curl.h"
#include <curl/curl.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
using namespace NLMISC;
using namespace NLNET;
using namespace std;
#ifdef DEBUG_NEW
#define new DEBUG_NEW
#endif
#define _Curl (CURL *)_CurlStruct
// Ugly CURL callback
size_t CCurlHttpClient::writeDataFromCurl(void *buffer, size_t size, size_t nmemb, void *pHttpClient)
{
CCurlHttpClient * httpClient = static_cast<CCurlHttpClient*>(pHttpClient);
httpClient->pushReceivedData((uint8*)buffer, (uint)(size*nmemb));
return size*nmemb;
}
// ***************************************************************************
bool CCurlHttpClient::connect(const std::string &/* server */)
{
curl_version_info_data *vdata = curl_version_info(CURLVERSION_NOW);
nldebug("Libcurl v%s", vdata->version);
if ((vdata->features & CURL_VERSION_SSL) == 0)
nlwarning("SSL not supported");
curl_global_init(CURL_GLOBAL_ALL);
_CurlStruct = curl_easy_init();
if(_Curl == NULL)
return false;
return true;
}
// ***************************************************************************
bool CCurlHttpClient::authenticate(const std::string &user, const std::string &password)
{
_Auth = user + ":" + password;
return true;
}
const char *CAFilename = "ssl_ca_cert.pem"; // this is the certificate "Thawte Server CA"
// ***************************************************************************
static CURLcode sslctx_function(CURL * /* curl */, void *sslctx, void * /* parm */)
{
// look for certificate in search paths
string path = CPath::lookup(CAFilename);
nlinfo("Cert path '%s'", path.c_str());
if (path.empty())
{
nlwarning("Unable to find %s", CAFilename);
return CURLE_SSL_CACERT;
}
CIFile file;
// open certificate
if (!file.open(path))
{
nlwarning("Unable to open %s", path.c_str());
return CURLE_SSL_CACERT;
}
CURLcode res = CURLE_OK;
// load certificate content into memory
std::vector<uint8> buffer(file.getFileSize());
file.serialBuffer(&buffer[0], file.getFileSize());
// get a BIO
BIO *bio = BIO_new_mem_buf(&buffer[0], file.getFileSize());
char errorBuffer[1024];
if (bio)
{
// get a pointer to the X509 certificate store (which may be empty!)
X509_STORE *store = SSL_CTX_get_cert_store((SSL_CTX *)sslctx);
// use it to read the PEM formatted certificate from memory into an X509
// structure that SSL can use
STACK_OF(X509_INFO) *info = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL);
if (info)
{
// iterate over all entries from the PEM file, add them to the x509_store one by one
for (sint i = 0; i < sk_X509_INFO_num(info); ++i)
{
X509_INFO *itmp = sk_X509_INFO_value(info, i);
if (itmp && itmp->x509)
{
X509_NAME *subject = X509_get_subject_name(itmp->x509);
std::string name;
unsigned char *tmp = NULL;
// construct a multiline string with name
for (int i = 0, ilen = X509_NAME_entry_count(subject); i < ilen; ++i)
{
X509_NAME_ENTRY *e = X509_NAME_get_entry(subject, i);
ASN1_STRING *d = X509_NAME_ENTRY_get_data(e);
if (ASN1_STRING_to_UTF8(&tmp, d) > 0)
{
name += NLMISC::toString("%s\n", tmp);
OPENSSL_free(tmp);
}
}
// add our certificate to this store
if (X509_STORE_add_cert(store, itmp->x509) == 0)
{
uint errCode = ERR_get_error();
// ignore already in hash table errors
if (ERR_GET_LIB(errCode) != ERR_LIB_X509 || ERR_GET_REASON(errCode) != X509_R_CERT_ALREADY_IN_HASH_TABLE)
{
ERR_error_string_n(errCode, errorBuffer, 1024);
nlwarning("Error adding certificate %s: %s", name.c_str(), errorBuffer);
res = CURLE_SSL_CACERT;
}
}
else
{
nlinfo("Added certificate %s", name.c_str());
}
}
}
// cleanup
sk_X509_INFO_pop_free(info, X509_INFO_free);
}
else
{
nlwarning("Unable to read PEM info");
res = CURLE_SSL_CACERT;
}
// decrease reference counts
BIO_free(bio);
}
else
{
nlwarning("Unable to allocate BIO buffer for certificates");
res = CURLE_SSL_CACERT;
}
// all set to go
return res;
}
// ***************************************************************************
bool CCurlHttpClient::verifyServer(bool verify)
{
curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYHOST, verify ? 2 : 0);
curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYPEER, verify ? 1 : 0);
curl_easy_setopt(_Curl, CURLOPT_SSLCERTTYPE, "PEM");
// would allow to provide the CA in memory instead of using CURLOPT_CAINFO, but needs to include and link OpenSSL
if (curl_easy_setopt(_Curl, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function) != CURLE_OK)
{
nlwarning("Unable to support CURLOPT_SSL_CTX_FUNCTION, curl not compiled with OpenSSL ?");
}
// set both CURLOPT_CAINFO and CURLOPT_CAPATH to NULL to be sure we won't use default values (these files can be missing and generate errors)
curl_easy_setopt(_Curl, CURLOPT_CAINFO, NULL);
curl_easy_setopt(_Curl, CURLOPT_CAPATH, NULL);
return true;
}
// ***************************************************************************
bool CCurlHttpClient::sendRequest(const std::string& methodWB, const std::string &url, const std::string &cookieName, const std::string &cookieValue, const std::string& postParams, bool verbose)
{
if (verbose)
curl_easy_setopt(_Curl, CURLOPT_VERBOSE, 1);
// Set URL
curl_easy_setopt(_Curl, CURLOPT_URL, url.c_str());
// Authentication
if (!_Auth.empty())
{
curl_easy_setopt(_Curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // TODO: CURLAUTH_ANY
curl_easy_setopt(_Curl, CURLOPT_USERPWD, _Auth.c_str());
}
// Set POST params
if ((methodWB == "POST") && (!postParams.empty()))
{
curl_easy_setopt(_Curl, CURLOPT_POSTFIELDS, postParams.c_str());
}
// Cookie
if (!cookieName.empty())
curl_easy_setopt(_Curl, CURLOPT_COOKIE, string(cookieName+"="+cookieValue).c_str());
// Include the header in the response
curl_easy_setopt(_Curl, CURLOPT_HEADER, 1);
// Register the receive callback
curl_easy_setopt(_Curl, CURLOPT_WRITEFUNCTION, CCurlHttpClient::writeDataFromCurl);
curl_easy_setopt(_Curl, CURLOPT_WRITEDATA, this);
char errorbuf [CURL_ERROR_SIZE+1];
curl_easy_setopt(_Curl, CURLOPT_ERRORBUFFER, errorbuf);
// Send
CURLcode res = curl_easy_perform(_Curl);
if (res != 0)
{
if (verbose)
nlwarning(errorbuf);
return false;
}
// Get result
long r;
curl_easy_getinfo(_Curl, CURLINFO_RESPONSE_CODE, &r);
if (verbose)
{
nldebug("%u", (uint)r);
}
return true;
}
void CCurlHttpClient::pushReceivedData(uint8 *buffer, uint size)
{
_ReceiveBuffer.insert(_ReceiveBuffer.end(), buffer, buffer+size);
}
// ***************************************************************************
bool CCurlHttpClient::sendGet(const string &url, const string& params, bool verbose)
{
return sendRequest("GET", url + (params.empty() ? "" : ("?" + params)), string(), string(), string(), verbose);
}
// ***************************************************************************
bool CCurlHttpClient::sendGetWithCookie(const string &url, const string &name, const string &value, const string& params, bool verbose)
{
return sendRequest("GET", url + (params.empty() ? "" : ("?" + params)), name, value, string(), verbose);
}
// ***************************************************************************
bool CCurlHttpClient::sendPost(const string &url, const string& params, bool verbose)
{
return sendRequest("POST", url, string(), string(), params, verbose);
}
// ***************************************************************************
bool CCurlHttpClient::sendPostWithCookie(const string &url, const string &name, const string &value, const string& params, bool verbose)
{
return sendRequest("POST", url, name, value, params, verbose);
}
// ***************************************************************************
bool CCurlHttpClient::receive(string &res, bool verbose)
{
if (verbose)
{
nldebug("Receiving %u bytes", (uint)_ReceiveBuffer.size());
}
res.clear();
if (!_ReceiveBuffer.empty())
res.assign((const char*)&(*(_ReceiveBuffer.begin())), _ReceiveBuffer.size());
_ReceiveBuffer.clear();
return true;
}
// ***************************************************************************
void CCurlHttpClient::disconnect()
{
curl_easy_cleanup(_Curl);
curl_global_cleanup();
}
CCurlHttpClient CurlHttpClient;