2 * @file sipe-http-request.c
6 * Copyright (C) 2013 SIPE Project <http://sipe.sourceforge.net/>
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 * SIPE HTTP request layer implementation
26 * - request handling: creation, parameters, deletion, cancelling
27 * - session handling: creation, closing
28 * - client authorization handling
29 * - connection request queue handling
30 * - compile HTTP header contents and hand-off to transport layer
31 * - process HTTP response and hand-off to user callback
44 #include "sipe-backend.h"
45 #include "sipe-core.h"
46 #include "sipe-core-private.h"
47 #include "sipe-http.h"
49 #define _SIPE_HTTP_PRIVATE_IF_REQUEST
50 #include "sipe-http-request.h"
51 #define _SIPE_HTTP_PRIVATE_IF_TRANSPORT
52 #include "sipe-http-transport.h"
54 struct sipe_http_session
{
55 gchar
*cookie
; /* extremely simplistic cookie jar :-) */
58 struct sipe_http_request
{
59 struct sipe_http_connection_public
*connection
;
61 struct sipe_http_session
*session
;
65 gchar
*body
; /* NULL for GET */
66 gchar
*content_type
; /* NULL if body == NULL */
69 const gchar
*domain
; /* not copied */
70 const gchar
*user
; /* not copied */
71 const gchar
*password
; /* not copied */
73 sipe_http_response_callback
*cb
;
79 #define SIPE_HTTP_REQUEST_FLAG_FIRST 0x00000001
80 #define SIPE_HTTP_REQUEST_FLAG_REDIRECT 0x00000002
81 #define SIPE_HTTP_REQUEST_FLAG_AUTHDATA 0x00000004
82 #define SIPE_HTTP_REQUEST_FLAG_HANDSHAKE 0x00000008
84 static void sipe_http_request_free(struct sipe_core_private
*sipe_private
,
85 struct sipe_http_request
*req
,
89 /* Callback: aborted/failed/cancelled */
90 (*req
->cb
)(sipe_private
,
98 g_free(req
->content_type
);
99 g_free(req
->authorization
);
103 static void sipe_http_request_send(struct sipe_http_connection_public
*conn_public
)
105 struct sipe_http_request
*req
= conn_public
->pending_requests
->data
;
107 gchar
*content
= NULL
;
108 gchar
*cookie
= NULL
;
111 content
= g_strdup_printf("Content-Length: %" G_GSIZE_FORMAT
"\r\n"
112 "Content-Type: %s\r\n",
116 if (req
->session
&& req
->session
->cookie
)
117 cookie
= g_strdup_printf("Cookie: %s\r\n", req
->session
->cookie
);
119 header
= g_strdup_printf("%s /%s HTTP/1.1\r\n"
121 "User-Agent: Sipe/" PACKAGE_VERSION
"\r\n"
123 content
? "POST" : "GET",
126 conn_public
->cached_authorization
? conn_public
->cached_authorization
:
127 req
->authorization
? req
->authorization
: "",
128 req
->headers
? req
->headers
: "",
129 cookie
? cookie
: "",
130 content
? content
: "");
134 /* only use authorization once */
135 g_free(req
->authorization
);
136 req
->authorization
= NULL
;
138 sipe_http_transport_send(conn_public
,
144 gboolean
sipe_http_request_pending(struct sipe_http_connection_public
*conn_public
)
146 return(conn_public
->pending_requests
!= NULL
);
149 void sipe_http_request_next(struct sipe_http_connection_public
*conn_public
)
151 sipe_http_request_send(conn_public
);
154 static void sipe_http_request_enqueue(struct sipe_core_private
*sipe_private
,
155 struct sipe_http_request
*req
,
156 const struct sipe_http_parsed_uri
*parsed_uri
)
158 struct sipe_http_connection_public
*conn_public
;
160 req
->path
= g_strdup(parsed_uri
->path
);
161 req
->connection
= conn_public
= sipe_http_transport_new(sipe_private
,
165 if (!sipe_http_request_pending(conn_public
))
166 req
->flags
|= SIPE_HTTP_REQUEST_FLAG_FIRST
;
168 conn_public
->pending_requests
= g_slist_append(conn_public
->pending_requests
,
172 static void sipe_http_request_drop_context(struct sipe_http_connection_public
*conn_public
)
174 g_free(conn_public
->cached_authorization
);
175 conn_public
->cached_authorization
= NULL
;
176 sip_sec_destroy_context(conn_public
->context
);
177 conn_public
->context
= NULL
;
180 static void sipe_http_request_finalize_negotiate(struct sipe_http_request
*req
,
183 #if defined(HAVE_GSSAPI_GSSAPI_H) || defined(HAVE_SSPI)
185 * Negotiate can send a final package in the successful response.
186 * We need to forward this to the context or otherwise it will
187 * never reach the ready state.
189 struct sipe_http_connection_public
*conn_public
= req
->connection
;
191 if (sip_sec_context_type(conn_public
->context
) == SIPE_AUTHENTICATION_TYPE_NEGOTIATE
) {
192 const gchar
*header
= sipmsg_find_auth_header(msg
, "Negotiate");
195 gchar
**parts
= g_strsplit(header
, " ", 0);
196 gchar
*spn
= g_strdup_printf("HTTP/%s", conn_public
->host
);
199 SIPE_DEBUG_INFO("sipe_http_request_finalize_negotiate: init context target '%s' token '%s'",
200 spn
, parts
[1] ? parts
[1] : "<NULL>");
202 if (sip_sec_init_context_step(conn_public
->context
,
209 SIPE_DEBUG_INFO_NOFORMAT("sipe_http_request_finalize_negotiate: security context init step failed, throwing away context");
210 sipe_http_request_drop_context(conn_public
);
218 (void) req
; /* keep compiler happy */
219 (void) msg
; /* keep compiler happy */
224 /* TRUE indicates failure */
225 static gboolean
sipe_http_request_response_redirection(struct sipe_core_private
*sipe_private
,
226 struct sipe_http_request
*req
,
229 const gchar
*location
= sipmsg_find_header(msg
, "Location");
230 gboolean failed
= TRUE
;
232 sipe_http_request_finalize_negotiate(req
, msg
);
235 struct sipe_http_parsed_uri
*parsed_uri
= sipe_http_parse_uri(location
);
238 /* remove request from old connection */
239 struct sipe_http_connection_public
*conn_public
= req
->connection
;
240 conn_public
->pending_requests
= g_slist_remove(conn_public
->pending_requests
,
243 /* free old request data */
245 req
->flags
&= ~( SIPE_HTTP_REQUEST_FLAG_FIRST
|
246 SIPE_HTTP_REQUEST_FLAG_HANDSHAKE
);
248 /* resubmit request on other connection */
249 sipe_http_request_enqueue(sipe_private
, req
, parsed_uri
);
252 sipe_http_parsed_uri_free(parsed_uri
);
254 SIPE_DEBUG_INFO("sipe_http_request_response_redirection: invalid redirection to '%s'",
257 SIPE_DEBUG_INFO_NOFORMAT("sipe_http_request_response_redirection: no URL found?!?");
262 /* TRUE indicates failure */
263 static gboolean
sipe_http_request_response_unauthorized(struct sipe_core_private
*sipe_private
,
264 struct sipe_http_request
*req
,
267 struct sipe_http_connection_public
*conn_public
= req
->connection
;
268 const gchar
*header
= NULL
;
270 gboolean failed
= TRUE
;
273 * There are some buggy HTTP servers out there that add superfluous
274 * WWW-Authenticate: headers during the authentication handshake.
275 * Look only for the header of the active security context.
277 if (conn_public
->context
) {
278 const gchar
*name
= sip_sec_context_name(conn_public
->context
);
280 header
= sipmsg_find_auth_header(msg
, name
);
281 type
= sip_sec_context_type(conn_public
->context
);
284 SIPE_DEBUG_INFO("sipe_http_request_response_unauthorized: expected authentication scheme %s not found",
289 if (conn_public
->cached_authorization
) {
291 * The "Basic" scheme doesn't have any state.
293 * If we enter here then we have already tried "Basic"
294 * authentication once for this request and it was
295 * rejected by the server. As all future requests will
296 * also be rejected, we need to abort here in order to
297 * prevent an endless request/401/request/... loop.
299 SIPE_DEBUG_INFO("sipe_http_request_response_unauthorized: Basic authentication has failed for host '%s', please check user name and password!",
305 #if defined(HAVE_GSSAPI_GSSAPI_H) || defined(HAVE_SSPI)
306 #define DEBUG_STRING ", NTLM and Negotiate"
307 /* Use "Negotiate" unless the user requested "NTLM" */
308 if (sipe_private
->authentication_type
!= SIPE_AUTHENTICATION_TYPE_NTLM
)
309 header
= sipmsg_find_auth_header(msg
, "Negotiate");
311 type
= SIPE_AUTHENTICATION_TYPE_NEGOTIATE
;
314 #define DEBUG_STRING " and NTLM"
315 (void) sipe_private
; /* keep compiler happy */
318 header
= sipmsg_find_auth_header(msg
, "NTLM");
319 type
= SIPE_AUTHENTICATION_TYPE_NTLM
;
322 /* only fall back to "Basic" after everything else fails */
324 header
= sipmsg_find_auth_header(msg
, "Basic");
325 type
= SIPE_AUTHENTICATION_TYPE_BASIC
;
330 if (!conn_public
->context
) {
331 gboolean valid
= req
->flags
& SIPE_HTTP_REQUEST_FLAG_AUTHDATA
;
332 conn_public
->context
= sip_sec_create_context(type
,
333 !valid
, /* Single Sign-On flag */
334 TRUE
, /* connection-based for HTTP */
335 valid
? req
->domain
: NULL
,
336 valid
? req
->user
: NULL
,
337 valid
? req
->password
: NULL
);
340 if (conn_public
->context
) {
341 gchar
**parts
= g_strsplit(header
, " ", 0);
342 gchar
*spn
= g_strdup_printf("HTTP/%s", conn_public
->host
);
344 const gchar
*token_in
= parts
[1];
346 SIPE_DEBUG_INFO("sipe_http_request_response_unauthorized: init context target '%s' token '%s'",
347 spn
, token_in
? token_in
: "<NULL>");
350 * If we receive a NULL token during the handshake
351 * then the authentication scheme has failed.
353 if ((req
->flags
& SIPE_HTTP_REQUEST_FLAG_HANDSHAKE
) &&
355 SIPE_DEBUG_INFO_NOFORMAT("sipe_http_request_response_unauthorized: authentication failed, throwing away context");
356 sipe_http_request_drop_context(conn_public
);
358 } else if (sip_sec_init_context_step(conn_public
->context
,
364 /* handshake has started */
365 req
->flags
|= SIPE_HTTP_REQUEST_FLAG_HANDSHAKE
;
367 /* generate authorization header */
368 req
->authorization
= g_strdup_printf("Authorization: %s %s\r\n",
369 sip_sec_context_name(conn_public
->context
),
370 token_out
? token_out
: "");
374 * authorization never changes for Basic
375 * authentication scheme, so we can keep it.
377 if (type
== SIPE_AUTHENTICATION_TYPE_BASIC
) {
378 g_free(conn_public
->cached_authorization
);
379 conn_public
->cached_authorization
= g_strdup(req
->authorization
);
383 * Keep the request in the queue. As it is at
384 * the head it will be pulled automatically
385 * by the transport layer after returning.
390 SIPE_DEBUG_INFO_NOFORMAT("sipe_http_request_response_unauthorized: security context init step failed, throwing away context");
391 sipe_http_request_drop_context(conn_public
);
397 SIPE_DEBUG_INFO_NOFORMAT("sipe_http_request_response_unauthorized: security context creation failed");
399 SIPE_DEBUG_INFO_NOFORMAT("sipe_http_request_response_unauthorized: only Basic" DEBUG_STRING
" authentication schemes are supported");
404 static void sipe_http_request_response_callback(struct sipe_core_private
*sipe_private
,
405 struct sipe_http_request
*req
,
410 sipe_http_request_finalize_negotiate(req
, msg
);
412 /* Set-Cookie: RMID=732423sdfs73242; expires=Fri, 31-Dec-2010 23:59:59 GMT; path=/; domain=.example.net */
414 ((hdr
= sipmsg_find_header(msg
, "Set-Cookie")) != NULL
)) {
415 gchar
**parts
, **current
;
419 g_free(req
->session
->cookie
);
420 req
->session
->cookie
= NULL
;
422 current
= parts
= g_strsplit(hdr
, ";", 0);
423 while ((part
= *current
++) != NULL
) {
424 /* strip these parts from cookie */
425 if (!(strstr(part
, "path=") ||
426 strstr(part
, "domain=") ||
427 strstr(part
, "expires=") ||
428 strstr(part
, "secure"))) {
431 g_strconcat(new, ";", part
, NULL
) :
439 req
->session
->cookie
= new;
440 SIPE_DEBUG_INFO("sipe_http_request_response_callback: cookie: %s", new);
444 /* Callback: success */
445 (*req
->cb
)(sipe_private
,
451 /* remove completed request */
452 sipe_http_request_cancel(req
);
455 void sipe_http_request_response(struct sipe_http_connection_public
*conn_public
,
458 struct sipe_core_private
*sipe_private
= conn_public
->sipe_private
;
459 struct sipe_http_request
*req
= conn_public
->pending_requests
->data
;
462 if ((req
->flags
& SIPE_HTTP_REQUEST_FLAG_REDIRECT
) &&
463 (msg
->response
>= SIPE_HTTP_STATUS_REDIRECTION
) &&
464 (msg
->response
< SIPE_HTTP_STATUS_CLIENT_ERROR
)) {
465 failed
= sipe_http_request_response_redirection(sipe_private
,
469 } else if (msg
->response
== SIPE_HTTP_STATUS_CLIENT_UNAUTHORIZED
) {
470 failed
= sipe_http_request_response_unauthorized(sipe_private
,
475 /* On some errors throw away the security context */
476 if (((msg
->response
== SIPE_HTTP_STATUS_CLIENT_FORBIDDEN
) ||
477 (msg
->response
== SIPE_HTTP_STATUS_CLIENT_PROXY_AUTH
) ||
478 (msg
->response
>= SIPE_HTTP_STATUS_SERVER_ERROR
)) &&
479 conn_public
->context
) {
480 SIPE_DEBUG_INFO("sipe_http_request_response: response was %d, throwing away security context",
482 sipe_http_request_drop_context(conn_public
);
485 /* All other cases are passed on to the user */
486 sipe_http_request_response_callback(sipe_private
, req
, msg
);
488 /* req is no longer valid */
493 /* Callback: request failed */
494 (*req
->cb
)(sipe_private
,
495 SIPE_HTTP_STATUS_FAILED
,
500 /* remove failed request */
501 sipe_http_request_cancel(req
);
505 void sipe_http_request_shutdown(struct sipe_http_connection_public
*conn_public
,
508 if (conn_public
->pending_requests
) {
509 GSList
*entry
= conn_public
->pending_requests
;
511 sipe_http_request_free(conn_public
->sipe_private
,
514 SIPE_HTTP_STATUS_ABORTED
:
515 SIPE_HTTP_STATUS_FAILED
);
518 g_slist_free(conn_public
->pending_requests
);
519 conn_public
->pending_requests
= NULL
;
522 if (conn_public
->context
) {
523 g_free(conn_public
->cached_authorization
);
524 conn_public
->cached_authorization
= NULL
;
525 sip_sec_destroy_context(conn_public
->context
);
526 conn_public
->context
= NULL
;
530 struct sipe_http_request
*sipe_http_request_new(struct sipe_core_private
*sipe_private
,
531 const struct sipe_http_parsed_uri
*parsed_uri
,
532 const gchar
*headers
,
534 const gchar
*content_type
,
535 sipe_http_response_callback
*callback
,
536 gpointer callback_data
)
538 struct sipe_http_request
*req
;
541 if (sipe_http_shutting_down(sipe_private
)) {
542 SIPE_DEBUG_ERROR("sipe_http_request_new: new HTTP request during shutdown: THIS SHOULD NOT HAPPEN! Debugging information:\n"
551 headers
? headers
: "<NONE>",
552 body
? body
: "<EMPTY>");
556 req
= g_new0(struct sipe_http_request
, 1);
559 req
->cb_data
= callback_data
;
561 req
->headers
= g_strdup(headers
);
563 req
->body
= g_strdup(body
);
564 req
->content_type
= g_strdup(content_type
);
567 /* default authentication */
568 if (!SIPE_CORE_PRIVATE_FLAG_IS(SSO
))
569 sipe_http_request_authentication(req
,
570 sipe_private
->authdomain
,
571 sipe_private
->authuser
,
572 sipe_private
->password
);
574 sipe_http_request_enqueue(sipe_private
, req
, parsed_uri
);
579 void sipe_http_request_ready(struct sipe_http_request
*request
)
581 struct sipe_http_connection_public
*conn_public
= request
->connection
;
583 /* pass first request on already opened connection through directly */
584 if ((request
->flags
& SIPE_HTTP_REQUEST_FLAG_FIRST
) &&
585 conn_public
->connected
)
586 sipe_http_request_send(conn_public
);
589 struct sipe_http_session
*sipe_http_session_start(void)
591 return(g_new0(struct sipe_http_session
, 1));
594 void sipe_http_session_close(struct sipe_http_session
*session
)
597 g_free(session
->cookie
);
602 void sipe_http_request_cancel(struct sipe_http_request
*request
)
604 struct sipe_http_connection_public
*conn_public
= request
->connection
;
605 conn_public
->pending_requests
= g_slist_remove(conn_public
->pending_requests
,
608 /* cancelled by requester, don't use callback */
611 sipe_http_request_free(conn_public
->sipe_private
,
613 SIPE_HTTP_STATUS_CANCELLED
);
616 void sipe_http_request_session(struct sipe_http_request
*request
,
617 struct sipe_http_session
*session
)
619 request
->session
= session
;
622 void sipe_http_request_allow_redirect(struct sipe_http_request
*request
)
624 request
->flags
|= SIPE_HTTP_REQUEST_FLAG_REDIRECT
;
627 void sipe_http_request_authentication(struct sipe_http_request
*request
,
630 const gchar
*password
)
632 request
->flags
|= SIPE_HTTP_REQUEST_FLAG_AUTHDATA
;
633 request
->domain
= domain
;
634 request
->user
= user
;
635 request
->password
= password
;