2 Unix SMB/CIFS implementation.
6 Copyright (C) 2013 Samuel Cabrero <samuelcabrero@kernevil.me>
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "lib/util/tevent_ntstatus.h"
25 #include "http_internal.h"
26 #include "util/tevent_werror.h"
27 #include "lib/util/dlinklist.h"
32 * Determines if a response should have a body.
33 * @return 1 if the response MUST have a body; 0 if the response MUST NOT have
34 * a body. Returns -1 on error.
36 static int http_response_needs_body(struct http_request *req)
38 struct http_header *h = NULL;
42 for (h = req->headers; h != NULL; h = h->next) {
48 cmp = strcasecmp(h->key, "Content-Length");
53 n = sscanf(h->value, "%llu%c", &v, &c);
58 req->remaining_content_length = v;
70 struct http_read_response_state {
71 enum http_parser_state parser_state;
72 size_t max_headers_size;
73 uint64_t max_content_length;
75 struct http_request *response;
79 * Parses the HTTP headers
81 static enum http_read_status http_parse_headers(struct http_read_response_state *state)
83 enum http_read_status status = HTTP_ALL_DATA_READ;
92 if (!state || !state->response) {
93 DEBUG(0, ("%s: Invalid Parameter\n", __func__));
94 return HTTP_DATA_CORRUPTED;
97 if (state->buffer.length > state->max_headers_size) {
98 DEBUG(0, ("%s: Headers too long: %zi, maximum length is %zi\n", __func__,
99 state->buffer.length, state->max_headers_size));
100 return HTTP_DATA_TOO_LONG;
103 line = talloc_strndup(state, (char *)state->buffer.data, state->buffer.length);
105 DEBUG(0, ("%s: Memory error\n", __func__));
106 return HTTP_DATA_CORRUPTED;
109 ptr = strstr(line, "\r\n");
112 return HTTP_MORE_DATA_EXPECTED;
115 state->response->headers_size += state->buffer.length;
117 if (strncmp(line, "\r\n", 2) == 0) {
118 DEBUG(11,("%s: All headers read\n", __func__));
120 ret = http_response_needs_body(state->response);
123 if (state->response->remaining_content_length <= state->max_content_length) {
124 DEBUG(11, ("%s: Start of read body\n", __func__));
125 state->parser_state = HTTP_READING_BODY;
130 DEBUG(11, ("%s: Skipping body for code %d\n", __func__,
131 state->response->response_code));
132 state->parser_state = HTTP_READING_DONE;
135 DEBUG(0, ("%s_: Error in http_response_needs_body\n", __func__));
137 return HTTP_DATA_CORRUPTED;
142 return HTTP_ALL_DATA_READ;
145 n = sscanf(line, "%m[^:]: %m[^\r\n]\r\n", &key, &value);
147 DEBUG(0, ("%s: Error parsing header '%s'\n", __func__, line));
148 status = HTTP_DATA_CORRUPTED;
152 if (http_add_header(state->response, &state->response->headers, key, value) == -1) {
153 DEBUG(0, ("%s: Error adding header\n", __func__));
154 status = HTTP_DATA_CORRUPTED;
166 * Parses the first line of a HTTP response
168 static bool http_parse_response_line(struct http_read_response_state *state)
181 DEBUG(0, ("%s: Input parameter is NULL\n", __func__));
185 line = talloc_strndup(state, (char*)state->buffer.data, state->buffer.length);
187 DEBUG(0, ("%s: Memory error\n", __func__));
191 n = sscanf(line, "%m[^/]/%c.%c %d %m[^\r\n]\r\n",
192 &protocol, &major, &minor, &code, &msg);
194 DEBUG(11, ("%s: Header parsed(%i): protocol->%s, major->%c, minor->%c, "
195 "code->%d, message->%s\n", __func__, n, protocol, major, minor,
199 DEBUG(0, ("%s: Error parsing header\n", __func__));
205 DEBUG(0, ("%s: Bad HTTP major number '%c'\n", __func__, major));
211 DEBUG(0, ("%s: Bad response code '%d'\n", __func__, code));
217 DEBUG(0, ("%s: Error parsing HTTP data\n", __func__));
222 state->response->major = major;
223 state->response->minor = minor;
224 state->response->response_code = code;
225 state->response->response_code_line = talloc_strndup(state->response,
236 * Parses header lines from a request or a response into the specified
237 * request object given a buffer.
240 * HTTP_DATA_CORRUPTED on error
241 * HTTP_MORE_DATA_EXPECTED when we need to read more headers
242 * HTTP_DATA_TOO_LONG on error
243 * HTTP_ALL_DATA_READ when all headers have been read
245 static enum http_read_status http_parse_firstline(struct http_read_response_state *state)
247 enum http_read_status status = HTTP_ALL_DATA_READ;
253 DEBUG(0, ("%s: Invalid Parameter\n", __func__));
254 return HTTP_DATA_CORRUPTED;
257 if (state->buffer.length > state->max_headers_size) {
258 DEBUG(0, ("%s: Headers too long: %zi, maximum length is %zi\n", __func__,
259 state->buffer.length, state->max_headers_size));
260 return HTTP_DATA_TOO_LONG;
263 line = talloc_strndup(state, (char *)state->buffer.data, state->buffer.length);
265 DEBUG(0, ("%s: Not enough memory\n", __func__));
266 return HTTP_DATA_CORRUPTED;
269 ptr = strstr(line, "\r\n");
272 return HTTP_MORE_DATA_EXPECTED;
275 state->response->headers_size = state->buffer.length;
276 if (!http_parse_response_line(state)) {
277 status = HTTP_DATA_CORRUPTED;
280 /* Next state, read HTTP headers */
281 state->parser_state = HTTP_READING_HEADERS;
287 static enum http_read_status http_read_body(struct http_read_response_state *state)
289 struct http_request *resp = state->response;
291 if (state->buffer.length < resp->remaining_content_length) {
292 return HTTP_MORE_DATA_EXPECTED;
295 resp->body = state->buffer;
296 state->buffer = data_blob_null;
297 talloc_steal(resp, resp->body.data);
298 resp->remaining_content_length = 0;
300 state->parser_state = HTTP_READING_DONE;
301 return HTTP_ALL_DATA_READ;
304 static enum http_read_status http_read_trailer(struct http_read_response_state *state)
306 enum http_read_status status = HTTP_DATA_CORRUPTED;
311 static enum http_read_status http_parse_buffer(struct http_read_response_state *state)
314 DEBUG(0, ("%s: Invalid parameter\n", __func__));
315 return HTTP_DATA_CORRUPTED;
318 switch (state->parser_state) {
319 case HTTP_READING_FIRSTLINE:
320 return http_parse_firstline(state);
321 case HTTP_READING_HEADERS:
322 return http_parse_headers(state);
323 case HTTP_READING_BODY:
324 return http_read_body(state);
326 case HTTP_READING_TRAILER:
327 return http_read_trailer(state);
329 case HTTP_READING_DONE:
331 return HTTP_ALL_DATA_READ;
333 DEBUG(0, ("%s: Illegal parser state %d\n", __func__,
334 state->parser_state));
337 return HTTP_DATA_CORRUPTED;
340 static int http_header_is_valid_value(const char *value)
342 const char *p = NULL;
346 DEBUG(0, ("%s: Invalid parameter\n", __func__));
351 while ((p = strpbrk(p, "\r\n")) != NULL) {
352 /* Expect only one new line */
353 p += strspn(p, "\r\n");
354 /* Expect a space or tab for continuation */
355 if (*p != ' ' && *p != '\t')
361 static int http_add_header_internal(TALLOC_CTX *mem_ctx,
362 struct http_header **headers,
363 const char *key, const char *value,
366 struct http_header *tail = NULL;
367 struct http_header *h = NULL;
370 if (!headers || !key || !value) {
371 DEBUG(0, ("Invalid parameter\n"));
378 for (h = *headers; h != NULL; h = h->next) {
379 if (strcasecmp(key, h->key) == 0) {
385 /* Replace header value */
387 talloc_free(h->value);
389 h->value = talloc_strdup(h, value);
390 DEBUG(11, ("%s: Replaced HTTP header: key '%s', value '%s'\n",
391 __func__, h->key, h->value));
397 h = talloc(mem_ctx, struct http_header);
398 h->key = talloc_strdup(h, key);
399 h->value = talloc_strdup(h, value);
400 DLIST_ADD_END(*headers, h);
401 tail = DLIST_TAIL(*headers);
403 DEBUG(0, ("%s: Error adding header\n", __func__));
406 DEBUG(11, ("%s: Added HTTP header: key '%s', value '%s'\n",
407 __func__, h->key, h->value));
411 int http_add_header(TALLOC_CTX *mem_ctx,
412 struct http_header **headers,
413 const char *key, const char *value)
415 if (strchr(key, '\r') != NULL || strchr(key, '\n') != NULL) {
416 DEBUG(0, ("%s: Dropping illegal header key\n", __func__));
420 if (!http_header_is_valid_value(value)) {
421 DEBUG(0, ("%s: Dropping illegal header value\n", __func__));
425 return (http_add_header_internal(mem_ctx, headers, key, value, false));
428 int http_replace_header(TALLOC_CTX *mem_ctx,
429 struct http_header **headers,
430 const char *key, const char *value)
432 if (strchr(key, '\r') != NULL || strchr(key, '\n') != NULL) {
433 DEBUG(0, ("%s: Dropping illegal header key\n", __func__));
437 if (!http_header_is_valid_value(value)) {
438 DEBUG(0, ("%s: Dropping illegal header value\n", __func__));
442 return (http_add_header_internal(mem_ctx, headers, key, value, true));
446 * Remove a header from the headers list.
448 * Returns 0, if the header was successfully removed.
449 * Returns -1, if the header could not be found.
451 int http_remove_header(struct http_header **headers, const char *key)
453 struct http_header *header;
456 if (!headers || !key) {
457 DEBUG(0, ("%s: Invalid parameter\n", __func__));
461 for(header = *headers; header != NULL; header = header->next) {
462 if (strcmp(key, header->key) == 0) {
463 DLIST_REMOVE(*headers, header);
470 static int http_read_response_next_vector(struct tstream_context *stream,
473 struct iovec **_vector,
476 struct http_read_response_state *state;
477 struct iovec *vector;
480 if (!stream || !private_data || !_vector || !_count) {
481 DEBUG(0, ("%s: Invalid Parameter\n", __func__));
485 state = talloc_get_type_abort(private_data, struct http_read_response_state);
486 vector = talloc_array(mem_ctx, struct iovec, 1);
488 DEBUG(0, ("%s: No more memory\n", __func__));
492 if (state->buffer.data == NULL) {
493 /* Allocate buffer */
494 state->buffer.data = talloc_zero_array(state, uint8_t, 1);
495 if (!state->buffer.data) {
496 DEBUG(0, ("%s: No more memory\n", __func__));
499 state->buffer.length = 1;
501 /* Return now, nothing to parse yet */
502 vector[0].iov_base = (void *)(state->buffer.data);
503 vector[0].iov_len = 1;
509 switch (http_parse_buffer(state)) {
510 case HTTP_ALL_DATA_READ:
511 if (state->parser_state == HTTP_READING_DONE) {
512 /* Full request or response parsed */
516 /* Free current buffer and allocate new one */
517 TALLOC_FREE(state->buffer.data);
518 state->buffer.data = talloc_zero_array(state, uint8_t, 1);
519 if (!state->buffer.data) {
522 state->buffer.length = 1;
524 vector[0].iov_base = (void *)(state->buffer.data);
525 vector[0].iov_len = 1;
530 case HTTP_MORE_DATA_EXPECTED: {
533 if (state->parser_state == HTTP_READING_BODY) {
534 struct http_request *resp = state->response;
535 toread = resp->remaining_content_length -
536 state->buffer.length;
539 total = toread + state->buffer.length;
541 if (total < state->buffer.length) {
542 DBG_ERR("adding %zu to buf len %zu "
545 state->buffer.length);
550 * test if content-length message exceeds the
551 * specified max_content_length
552 * Note: This check wont be hit at the moment
553 * due to an existing check in parse_headers
554 * which will skip the body. Check is here
555 * for completeness and to cater for future
558 if (state->parser_state == HTTP_READING_BODY) {
559 if (total > state->max_content_length) {
560 DBG_ERR("content size %zu exceeds "
561 "max content len %zu\n",
563 state->max_content_length);
569 talloc_realloc(state, state->buffer.data,
571 state->buffer.length + toread);
572 if (!state->buffer.data) {
575 state->buffer.length += toread;
576 vector[0].iov_base = (void *)(state->buffer.data +
577 state->buffer.length - toread);
578 vector[0].iov_len = toread;
583 case HTTP_DATA_CORRUPTED:
584 case HTTP_REQUEST_CANCELED:
585 case HTTP_DATA_TOO_LONG:
589 DEBUG(0, ("%s: Unexpected status\n", __func__));
597 * Reads a HTTP response
599 static void http_read_response_done(struct tevent_req *);
600 struct tevent_req *http_read_response_send(TALLOC_CTX *mem_ctx,
601 struct tevent_context *ev,
602 struct http_conn *http_conn,
603 size_t max_content_length)
605 struct tevent_req *req;
606 struct tevent_req *subreq;
607 struct http_read_response_state *state;
609 DEBUG(11, ("%s: Reading HTTP response\n", __func__));
612 if (ev == NULL || http_conn == NULL) {
613 DEBUG(0, ("%s: Invalid parameter\n", __func__));
617 req = tevent_req_create(mem_ctx, &state, struct http_read_response_state);
622 state->max_headers_size = HTTP_MAX_HEADER_SIZE;
623 state->max_content_length = (uint64_t)max_content_length;
624 state->parser_state = HTTP_READING_FIRSTLINE;
625 state->response = talloc_zero(state, struct http_request);
626 if (tevent_req_nomem(state->response, req)) {
627 return tevent_req_post(req, ev);
630 subreq = tstream_readv_pdu_send(state, ev, http_conn->tstreams.active,
631 http_read_response_next_vector,
633 if (tevent_req_nomem(subreq,req)) {
634 return tevent_req_post(req, ev);
636 tevent_req_set_callback(subreq, http_read_response_done, req);
641 static void http_read_response_done(struct tevent_req *subreq)
644 struct tevent_req *req;
649 DEBUG(0, ("%s: Invalid parameter\n", __func__));
653 req = tevent_req_callback_data(subreq, struct tevent_req);
655 ret = tstream_readv_pdu_recv(subreq, &sys_errno);
656 DEBUG(11, ("%s: HTTP response read (%d bytes)\n", __func__, ret));
659 status = map_nt_error_from_unix_common(sys_errno);
660 DEBUG(0, ("%s: Failed to read HTTP response: %s\n",
661 __func__, nt_errstr(status)));
662 tevent_req_nterror(req, status);
666 tevent_req_done(req);
669 NTSTATUS http_read_response_recv(struct tevent_req *req,
671 struct http_request **response)
674 struct http_read_response_state *state;
676 if (!mem_ctx || !response || !req) {
677 DEBUG(0, ("%s: Invalid parameter\n", __func__));
678 return NT_STATUS_INVALID_PARAMETER;
680 if (tevent_req_is_nterror(req, &status)) {
681 tevent_req_received(req);
685 state = tevent_req_data(req, struct http_read_response_state);
686 *response = state->response;
687 talloc_steal(mem_ctx, state->response);
689 tevent_req_received(req);
694 static const char *http_method_str(enum http_cmd_type type)
702 case HTTP_REQ_RPC_IN_DATA:
703 method = "RPC_IN_DATA";
705 case HTTP_REQ_RPC_OUT_DATA:
706 method = "RPC_OUT_DATA";
716 static NTSTATUS http_push_request_line(TALLOC_CTX *mem_ctx,
718 const struct http_request *req)
724 if (!buffer || !req) {
725 DEBUG(0, ("%s: Invalid parameter\n", __func__));
726 return NT_STATUS_INVALID_PARAMETER;
729 method = http_method_str(req->type);
730 if (method == NULL) {
731 return NT_STATUS_INVALID_PARAMETER;
734 str = talloc_asprintf(mem_ctx, "%s %s HTTP/%c.%c\r\n", method,
735 req->uri, req->major, req->minor);
737 return NT_STATUS_NO_MEMORY;
739 if (!data_blob_append(mem_ctx, buffer, str, strlen(str))) {
741 return NT_STATUS_NO_MEMORY;
748 static NTSTATUS http_push_headers(TALLOC_CTX *mem_ctx,
750 struct http_request *req)
752 struct http_header *header = NULL;
753 char *header_str = NULL;
758 DEBUG(0, ("%s: Invalid parameter\n", __func__));
759 return NT_STATUS_INVALID_PARAMETER;
762 for (header = req->headers; header != NULL; header = header->next) {
763 header_str = talloc_asprintf(mem_ctx, "%s: %s\r\n",
764 header->key, header->value);
765 if (header_str == NULL) {
766 return NT_STATUS_NO_MEMORY;
769 len = strlen(header_str);
770 if (!data_blob_append(mem_ctx, blob, header_str, len)) {
771 talloc_free(header_str);
772 return NT_STATUS_NO_MEMORY;
774 talloc_free(header_str);
777 if (!data_blob_append(mem_ctx, blob, "\r\n",2)) {
778 return NT_STATUS_NO_MEMORY;
785 static NTSTATUS http_push_body(TALLOC_CTX *mem_ctx,
787 struct http_request *req)
791 DEBUG(0, ("%s: Invalid parameter\n", __func__));
792 return NT_STATUS_INVALID_PARAMETER;
795 if (req->body.length) {
796 if (!data_blob_append(mem_ctx, blob, req->body.data,
798 return NT_STATUS_NO_MEMORY;
805 struct http_send_request_state {
806 struct tevent_context *ev;
807 struct loadparm_context *lp_ctx;
808 struct cli_credentials *credentials;
809 struct http_request *request;
817 * Sends and HTTP request
819 static void http_send_request_done(struct tevent_req *);
820 struct tevent_req *http_send_request_send(TALLOC_CTX *mem_ctx,
821 struct tevent_context *ev,
822 struct http_conn *http_conn,
823 struct http_request *request)
825 struct tevent_req *req;
826 struct tevent_req *subreq;
827 struct http_send_request_state *state = NULL;
830 DEBUG(11, ("%s: Sending HTTP request\n", __func__));
833 if (ev == NULL || request == NULL || http_conn == NULL) {
834 DEBUG(0, ("%s: Invalid parameter\n", __func__));
838 req = tevent_req_create(mem_ctx, &state, struct http_send_request_state);
844 state->request = request;
846 /* Push the request line */
847 status = http_push_request_line(state, &state->buffer, state->request);
848 if (!NT_STATUS_IS_OK(status)) {
849 tevent_req_nterror(req, status);
850 return tevent_req_post(req, ev);
853 /* Push the headers */
854 status = http_push_headers(mem_ctx, &state->buffer, request);
855 if (!NT_STATUS_IS_OK(status)) {
856 tevent_req_nterror(req, status);
857 return tevent_req_post(req, ev);
861 status = http_push_body(mem_ctx, &state->buffer, request);
862 if (!NT_STATUS_IS_OK(status)) {
863 tevent_req_nterror(req, status);
864 return tevent_req_post(req, ev);
867 state->iov.iov_base = (char *) state->buffer.data;
868 state->iov.iov_len = state->buffer.length;
869 subreq = tstream_writev_queue_send(state,
871 http_conn->tstreams.active,
872 http_conn->send_queue,
874 if (tevent_req_nomem(subreq, req)) {
875 return tevent_req_post(req, ev);
877 tevent_req_set_callback(subreq, http_send_request_done, req);
882 static void http_send_request_done(struct tevent_req *subreq)
885 struct tevent_req *req;
886 struct http_send_request_state *state;
888 req = tevent_req_callback_data(subreq, struct tevent_req);
889 state = tevent_req_data(req, struct http_send_request_state);
891 state->nwritten = tstream_writev_queue_recv(subreq, &state->sys_errno);
893 if (state->nwritten == -1 && state->sys_errno != 0) {
894 status = map_nt_error_from_unix_common(state->sys_errno);
895 DEBUG(0, ("%s: Failed to send HTTP request: %s\n",
896 __func__, nt_errstr(status)));
897 tevent_req_nterror(req, status);
901 tevent_req_done(req);
904 NTSTATUS http_send_request_recv(struct tevent_req *req)
909 DEBUG(0, ("%s: Invalid parameter\n", __func__));
910 return NT_STATUS_INVALID_PARAMETER;
913 if (tevent_req_is_nterror(req, &status)) {
914 tevent_req_received(req);
918 tevent_req_received(req);