search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix CA path setting really
[libisds.git] / src / soap.c
blob782e8cc16ca8cfaca3691cf9d5da6fc4c46cfb0a
1 #define _XOPEN_SOURCE 500 /* strdup from string.h */
2 #include "isds_priv.h"
3 #include "soap.h"
4 #include "utils.h"
5 #include <stdlib.h>
6 #include <string.h>
7
8 /* Private structure for write_body() call back */
9 struct soap_body {
10 void *data;
11 size_t length;
12 };
13
14
15 /* Close connection to server and destroy CURL handle associated
16 * with @context */
17 _hidden isds_error close_connection(struct isds_ctx *context) {
18 if (!context) return IE_INVALID_CONTEXT;
19
20 if (context->curl) {
21 curl_easy_cleanup(context->curl);
22 context->curl = NULL;
23 isds_log(ILF_HTTP, ILL_DEBUG, _("Connection to server %s closed\n"),
24 context->url);
25 return IE_SUCCESS;
26 } else {
27 return IE_CONNECTION_CLOSED;
28 }
29 }
30
31
32 /* CURL call back function called when chunk of HTTP reponse body is available.
33 * @buffer points to new data
34 * @size * @nmemb is length of the chunk in bytes. Zero means empty body.
35 * @userp is private structure.
36 * Must reuturn the length of the chunk, otherwise CURL will signal
37 * CURL_WRITE_ERROR. */
38 static size_t write_body(void *buffer, size_t size, size_t nmemb, void *userp) {
39 struct soap_body *body = (struct soap_body *) userp;
40 void *new_data;
41
42 /* FIXME: Check for (size * nmemb + body->lengt) !> SIZE_T_MAX.
43 * Precompute the product then. */
44
45 if (!body) return 0; /* This should never happen */
46 if (0 == (size * nmemb)) return 0; /* Empty body */
47
48 new_data = realloc(body->data, body->length + size * nmemb);
49 if (!new_data) return 0;
50
51 memcpy(new_data + body->length, buffer, size * nmemb);
52
53 body->data = new_data;
54 body->length += size * nmemb;
55
56 return (size * nmemb);
57 }
58
59
60 /* CURL progress callback proxy to rearrange arguments.
61 * @curl_data is session context */
62 static int progress_proxy(void *curl_data, double download_total,
63 double download_current, double upload_total, double upload_current) {
64 struct isds_ctx *context = (struct isds_ctx *) curl_data;
65 int abort = 0;
66
67 if (context && context->progress_callback) {
68 abort = context->progress_callback(
69 upload_total, upload_current,
70 download_total, download_current,
71 context->progress_callback_data);
72 if (abort) {
73 isds_log(ILF_HTTP, ILL_INFO,
74 _("Application aborted HTTP transfer"));
75 }
76 }
77
78 return abort;
79 }
80
81
82 /* Do HTTP request.
83 * @context holds the base URL,
84 * @url is a (CGI) file of SOAP URL,
85 * @request is body for POST request
86 * @request_length is length of @request in bytes
87 * @reponse is automatically reallocated() buffer to fit HTTP response with
88 * @response_length (does not need to match allocatef memory exactly). You must
89 * free() the @response.
90 * @mime_type is automatically allocated MIME type send by server (*NULL if not
91 * sent). Set NULL if you don't care.
92 * @charset is charset of the body signaled by server. The same constrains
93 * like on @mime_type apply.
94 * @http_code is final HTTP code returned by server. This can be 200, 401, 500
95 * or any other one. Pass NULL if you don't interrest.
96 * In case of error, the response memory, MIME type, charset and lenght will be
97 * deallocated and zerod automatically. Thus be sure they are preallocated or
98 * they points to NULL.
99 * Be ware that successful return value does not mean the HTTP request has
100 * been accepted by the server. You must cosult @http_code. OTOH, failure
101 * return value means the request could not been sent (e.g. SSL error).
102 * Side effect: message buffer */
103 static isds_error http(struct isds_ctx *context, const char *url,
104 const void *request, const size_t request_length,
105 void **response, size_t *response_length,
106 char **mime_type, char **charset, long *http_code) {
107
108 CURLcode curl_err;
109 isds_error err = IE_SUCCESS;
110 struct soap_body body;
111 char *content_type;
112 struct curl_slist *headers = NULL;
113
114
115 if (!context) return IE_INVALID_CONTEXT;
116 if (!url) return IE_INVAL;
117 if (request_length > 0 && !request) return IE_INVAL;
118 if (!response || !response_length) return IE_INVAL;
119
120 /* Set the body here to allow deallocatation in leave block */
121 body.data = *response;
122 body.length = 0;
123
124 /* Set Request-URI */
125 curl_err = curl_easy_setopt(context->curl, CURLOPT_URL, url);
126
127 /* Set TLS options */
128 if (!curl_err && context->tls_verify_server) {
129 if (!*context->tls_verify_server)
130 isds_log(ILF_SEC, ILL_WARNING,
131 _("Disabling server identity verification. "
132 "That was your decision.\n"));
133 curl_err = curl_easy_setopt(context->curl, CURLOPT_SSL_VERIFYPEER,
134 (*context->tls_verify_server)? 1L : 0L);
135 if (!curl_err) {
136 curl_err = curl_easy_setopt(context->curl, CURLOPT_SSL_VERIFYHOST,
137 (*context->tls_verify_server)? 2L : 0L);
138 }
139 }
140 if (!curl_err && context->tls_ca_file) {
141 isds_log(ILF_SEC, ILL_INFO,
142 _("CA certificates will be searched in `%s' file since now\n"),
143 context->tls_ca_file);
144 curl_err = curl_easy_setopt(context->curl, CURLOPT_CAINFO,
145 context->tls_ca_file);
146 }
147 if (!curl_err && context->tls_ca_dir) {
148 isds_log(ILF_SEC, ILL_INFO,
149 _("CA certificates will be searched in `%s' directory "
150 "since now\n"), context->tls_ca_dir);
151 curl_err = curl_easy_setopt(context->curl, CURLOPT_CAPATH,
152 context->tls_ca_dir);
153 }
154
155
156 /* Set credentials */
157 #if HAVE_DECL_CURLOPT_USERNAME /* Since curl-7.19.1 */
158 if (!curl_err && context->username) {
159 curl_err = curl_easy_setopt(context->curl, CURLOPT_USERNAME,
160 context->username);
161 }
162 if (!curl_err && context->password) {
163 curl_err = curl_easy_setopt(context->curl, CURLOPT_PASSWORD,
164 context->password);
165 }
166 #else
167 if (!curl_err && (context->username || context->password)) {
168 char *userpwd = astrcat3(context->username, ":", context->password);
169 if (!userpwd) {
170 isds_log_message(context, _("Could not pass credentials to CURL"));
171 err = IE_NOMEM;
172 goto leave;
173 }
174 curl_err = curl_easy_setopt(context->curl, CURLOPT_USERPWD, userpwd);
175 free(userpwd);
176 }
177 #endif /* not HAVE_DECL_CURLOPT_USERNAME */
178
179 /* Set PKI credentials */
180 if (!curl_err && (context->pki_credentials)) {
181 if (context->pki_credentials->engine) {
182 /* Select SSL engine */
183 isds_log(ILF_SEC, ILL_INFO,
184 _("Cryptograhic engine `%s' will be used for "
185 "key or certificate\n"),
186 context->pki_credentials->engine);
187 curl_err = curl_easy_setopt(context->curl, CURLOPT_SSLENGINE,
188 context->pki_credentials->engine);
189 }
190
191 if (!curl_err) {
192 /* Select certificate format */
193 #if HAVE_DECL_CURLOPT_SSLCERTTYPE /* since curl-7.9.3 */
194 if (context->pki_credentials->certificate_format ==
195 PKI_FORMAT_ENG) {
196 /* XXX: It's valid to have certificate in engine without name.
197 * Engines can select certificate according private key and
198 * vice versa. */
199 if (context->pki_credentials->certificate)
200 isds_log(ILF_SEC, ILL_INFO, _("Client `%s' certificate "
201 "will be read from `%s' engine\n"),
202 context->pki_credentials->certificate,
203 context->pki_credentials->engine);
204 else
205 isds_log(ILF_SEC, ILL_INFO, _("Client certificate "
206 "will be read from `%s' engine\n"),
207 context->pki_credentials->engine);
208 curl_err = curl_easy_setopt(context->curl, CURLOPT_SSLCERTTYPE,
209 "ENG");
210 } else if (context->pki_credentials->certificate) {
211 isds_log(ILF_SEC, ILL_INFO, _("Client %s certificate "
212 "will be read from `%s' file\n"),
213 (context->pki_credentials->certificate_format ==
214 PKI_FORMAT_DER) ? _("DER") : _("PEM"),
215 context->pki_credentials->certificate);
216 curl_err = curl_easy_setopt(context->curl, CURLOPT_SSLCERTTYPE,
217 (context->pki_credentials->certificate_format ==
218 PKI_FORMAT_DER) ? "DER" : "PEM");
219 }
220 #else
221 if ((context->pki_credentials->certificate_format ==
222 PKI_FORMAT_ENG ||
223 context->pki_credentials->certificate))
224 isds_log(ILF_SEC, ILL_WARNING,
225 _("Your curl library cannot distinguish certifcate "
226 "formats. Make sure your cryptographic library\n"
227 "understands your certificate file by default, "
228 "or upgrade curl.\n"));
229 #endif /* not HAVE_DECL_CURLOPT_SSLCERTTYPE */
230 }
231
232 if (!curl_err && context->pki_credentials->certificate) {
233 /* Select certificate */
234 if (!curl_err)
235 curl_err = curl_easy_setopt(context->curl, CURLOPT_SSLCERT,
236 context->pki_credentials->certificate);
237 }
238
239 if (!curl_err) {
240 /* Select key format */
241 if (context->pki_credentials->key_format == PKI_FORMAT_ENG) {
242 if (context->pki_credentials->key)
243 isds_log(ILF_SEC, ILL_INFO, _("Client private key `%s' "
244 "from `%s' engine will be used\n"),
245 context->pki_credentials->key,
246 context->pki_credentials->engine);
247 else
248 isds_log(ILF_SEC, ILL_INFO, _("Client private key "
249 "from `%s' engine will be used\n"),
250 context->pki_credentials->engine);
251 curl_err = curl_easy_setopt(context->curl, CURLOPT_SSLKEYTYPE,
252 "ENG");
253 } else if (context->pki_credentials->key) {
254 isds_log(ILF_SEC, ILL_INFO, _("Client %s private key will be "
255 "read from `%s' file\n"),
256 (context->pki_credentials->key_format ==
257 PKI_FORMAT_DER) ? _("DER") : _("PEM"),
258 context->pki_credentials->key);
259 curl_err = curl_easy_setopt(context->curl, CURLOPT_SSLKEYTYPE,
260 (context->pki_credentials->key_format ==
261 PKI_FORMAT_DER) ? "DER" : "PEM");
262 }
263
264 if (!curl_err)
265 /* Select key */
266 curl_err = curl_easy_setopt(context->curl, CURLOPT_SSLKEY,
267 context->pki_credentials->key);
268
269 if (!curl_err) {
270 /* Pass key passphrase */
271 #if HAVE_DECL_CURLOPT_KEYPASSWD /* since curl-7.16.5 */
272 curl_err = curl_easy_setopt(context->curl,
273 CURLOPT_KEYPASSWD,
274 context->pki_credentials->passphrase);
275 #elif HAVE_DECL_CURLOPT_SSLKEYPASSWD /* up to curl-7.16.4 */
276 curl_err = curl_easy_setopt(context->curl,
277 CURLOPT_SSLKEYPASSWD,
278 context->pki_credentials->passphrase);
279 #else /* up to curl-7.9.2 */
280 curl_err = curl_easy_setopt(context->curl,
281 CURLOPT_SSLCERTPASSWD,
282 context->pki_credentials->passphrase);
283 #endif
284 }
285 }
286 }
287
288 /* Set timeout */
289 if (!curl_err) {
290 curl_err = curl_easy_setopt(context->curl, CURLOPT_NOSIGNAL, 1);
291 }
292 if (!curl_err && context->timeout) {
293 #if HAVE_DECL_CURLOPT_TIMEOUT_MS /* Since curl-7.16.2 */
294 curl_err = curl_easy_setopt(context->curl, CURLOPT_TIMEOUT_MS,
295 context->timeout);
296 #else
297 curl_err = curl_easy_setopt(context->curl, CURLOPT_TIMEOUT,
298 context->timeout / 1000);
299 #endif /* not HAVE_DECL_CURLOPT_TIMEOUT_MS */
300 }
301
302 /* Register callback */
303 if (context->progress_callback) {
304 if (!curl_err) {
305 curl_err = curl_easy_setopt(context->curl, CURLOPT_NOPROGRESS, 0);
306 }
307 if (!curl_err) {
308 curl_err = curl_easy_setopt(context->curl,
309 CURLOPT_PROGRESSFUNCTION, progress_proxy);
310 }
311 if (!curl_err) {
312 curl_err = curl_easy_setopt(context->curl, CURLOPT_PROGRESSDATA,
313 context);
314 }
315 }
316
317 /* Set other CURL features */
318 if (!curl_err) {
319 curl_err = curl_easy_setopt(context->curl, CURLOPT_FAILONERROR, 0);
320 }
321 if (!curl_err) {
322 curl_err = curl_easy_setopt(context->curl, CURLOPT_FOLLOWLOCATION, 1);
323 }
324 if (!curl_err) {
325 /* TODO: Make the redirect depth configurable */
326 curl_err = curl_easy_setopt(context->curl, CURLOPT_MAXREDIRS, 8);
327 }
328 if (!curl_err) {
329 curl_err = curl_easy_setopt(context->curl,
330 CURLOPT_UNRESTRICTED_AUTH, 1);
331 }
332 if (!curl_err) {
333 curl_err = curl_easy_setopt(context->curl, CURLOPT_COOKIEFILE, "");
334 }
335
336 /* Set get-response function */
337 if (!curl_err) {
338 curl_err = curl_easy_setopt(context->curl, CURLOPT_WRITEFUNCTION,
339 write_body);
340 }
341 if (!curl_err) {
342 curl_err = curl_easy_setopt(context->curl, CURLOPT_WRITEDATA, &body);
343 }
344
345 /* Set MIME types and headers requires by SOAP 1.1.
346 * SOAP 1.1 requires text/xml, SOAP 1.2 requires application/soap+xml */
347 if (!curl_err) {
348 headers = curl_slist_append(headers,
349 "Accept: application/soap+xml,application/xml,text/xml");
350 if (!headers) {
351 err = IE_NOMEM;
352 goto leave;
353 }
354 headers = curl_slist_append(headers, "Content-Type: text/xml");
355 if (!headers) {
356 err = IE_NOMEM;
357 goto leave;
358 }
359 headers = curl_slist_append(headers, "SOAPAction: ");
360 if (!headers) {
361 err = IE_NOMEM;
362 goto leave;
363 }
364 curl_err = curl_easy_setopt(context->curl, CURLOPT_HTTPHEADER, headers);
365 }
366 if (!curl_err) {
367 /* Set user agent identification */
368 /* TODO: Present library version, curl etc. in User-Agent */
369 curl_err = curl_easy_setopt(context->curl, CURLOPT_USERAGENT, "libisds");
370 }
371
372 /* Set POST request body */
373 if (!curl_err) {
374 curl_err = curl_easy_setopt(context->curl, CURLOPT_POST, 1);
375 }
376 if (!curl_err) {
377 curl_err = curl_easy_setopt(context->curl, CURLOPT_POSTFIELDS, request);
378 }
379 if (!curl_err) {
380 curl_err = curl_easy_setopt(context->curl, CURLOPT_POSTFIELDSIZE,
381 request_length);
382 }
383
384 /* Check for errors so far */
385 if (curl_err) {
386 isds_log_message(context, curl_easy_strerror(curl_err));
387 err = IE_NETWORK;
388 goto leave;
389 }
390
391 isds_log(ILF_HTTP, ILL_DEBUG, _("Sending POST request to %s\n"), url);
392 isds_log(ILF_HTTP, ILL_DEBUG,
393 _("POST body length: %zu, content follows:\n"), request_length);
394 isds_log(ILF_HTTP, ILL_DEBUG, "%.*s\n", request_length, request);
395 isds_log(ILF_HTTP, ILL_DEBUG, _("End of POST body\n"));
396 if ((log_facilities & ILF_HTTP) && (log_level >= ILL_DEBUG) ) {
397 curl_easy_setopt(context->curl, CURLOPT_VERBOSE, 1);
398 }
399
400
401 /* Do the request */
402 curl_err = curl_easy_perform(context->curl);
403
404 /* Wipe credentials out of the handler */
405 #if HAVE_DECL_CURLOPT_USERNAME /* Since curl-7.19.1 */
406 if (context->username) {
407 curl_easy_setopt(context->curl, CURLOPT_USERNAME, NULL);
408 }
409 if (context->password) {
410 curl_easy_setopt(context->curl, CURLOPT_PASSWORD, NULL);
411 }
412 #else
413 if (context->username || context->password) {
414 curl_easy_setopt(context->curl, CURLOPT_USERPWD, NULL);
415 }
416 #endif /* not HAVE_DECL_CURLOPT_USERNAME */
417
418 if (!curl_err)
419 curl_err = curl_easy_getinfo(context->curl, CURLINFO_CONTENT_TYPE,
420 &content_type);
421
422 if (curl_err) {
423 /* TODO: CURL is not internationalized yet. Collect CURL messages for
424 * I18N. */
425 isds_printf_message(context,
426 _("%s: %s"), url, _(curl_easy_strerror(curl_err)));
427 if (curl_err == CURLE_ABORTED_BY_CALLBACK)
428 err = IE_ABORTED;
429 else
430 err = IE_NETWORK;
431 goto leave;
432 }
433
434 isds_log(ILF_HTTP, ILL_DEBUG, _("Final response to %s received\n"), url);
435 isds_log(ILF_HTTP, ILL_DEBUG,
436 _("Response body length: %zu, content follows:\n"),
437 body.length);
438 isds_log(ILF_HTTP, ILL_DEBUG, "%.*s\n", body.length, body.data);
439 isds_log(ILF_HTTP, ILL_DEBUG, _("End of response body\n"));
440
441
442 /* Extract MIME type and charset */
443 if (content_type) {
444 char *sep;
445 size_t offset;
446
447 sep = strchr(content_type, ';');
448 if (sep) offset = (size_t) (sep - content_type);
449 else offset = strlen(content_type);
450
451 if (mime_type) {
452 *mime_type = malloc(offset + 1);
453 if (!*mime_type) {
454 err = IE_NOMEM;
455 goto leave;
456 }
457 memcpy(*mime_type, content_type, offset);
458 (*mime_type)[offset] = '\0';
459 }
460
461 if (charset) {
462 if (!sep) {
463 *charset = NULL;
464 } else {
465 sep = strstr(sep, "charset=");
466 if (!sep) {
467 *charset = NULL;
468 } else {
469 *charset = strdup(sep + 8);
470 if (!*charset) {
471 err = IE_NOMEM;
472 goto leave;
473 }
474 }
475 }
476 }
477 }
478
479 /* Get HTTP response code */
480 if (http_code) {
481 curl_err = curl_easy_getinfo(context->curl,
482 CURLINFO_RESPONSE_CODE, http_code);
483 if (curl_err) {
484 err = IE_ERROR;
485 goto leave;
486 }
487 }
488
489 leave:
490 curl_slist_free_all(headers);
491
492 if (err) {
493 free(body.data);
494 body.data = NULL;
495 body.length = 0;
496
497 if (mime_type) {
498 free(*mime_type);
499 *mime_type = NULL;
500 }
501 if (charset) {
502 free(*charset);
503 *charset = NULL;
504 }
505
506 if (err != IE_ABORTED) close_connection(context);
507 }
508
509 *response = body.data;
510 *response_length = body.length;
511
512 return err;
513 }
514
515
516 /* Do SOAP request.
517 * @context holds the base URL,
518 * @file is a (CGI) file of SOAP URL,
519 * @request is XML node set with SOAP request body.
520 * @file must be NULL, @request should be NULL rather than empty, if they should
521 * not be signaled in the SOAP request.
522 * @reponse is automatically allocated() node set with SOAP response body.
523 * You must xmlFreeNodeList() it. This is literal body, empty (NULL), one node
524 * or more nodes can be returned.
525 * @raw_response is automatically allocated bitstream with response body. Use
526 * NULL if you don't care
527 * @raw_response_length is size of @raw_response in bytes
528 * In case of error the response will be deallocated automatically.
529 * Side effect: message buffer */
530 _hidden isds_error soap(struct isds_ctx *context, const char *file,
531 const xmlNodePtr request, xmlNodePtr *response,
532 void **raw_response, size_t *raw_response_length) {
533
534 isds_error err = IE_SUCCESS;
535 char *url = NULL;
536 char *mime_type = NULL;
537 long http_code = 0;
538 xmlBufferPtr http_request = NULL;
539 xmlSaveCtxtPtr save_ctx = NULL;
540 xmlDocPtr request_soap_doc = NULL;
541 xmlNodePtr request_soap_envelope = NULL, request_soap_body = NULL;
542 xmlNsPtr soap_ns = NULL;
543 void *http_response = NULL;
544 size_t response_length = 0;
545 xmlDocPtr response_soap_doc = NULL;
546 xmlNodePtr response_root = NULL;
547 xmlXPathContextPtr xpath_ctx = NULL;
548 xmlXPathObjectPtr response_soap_headers = NULL, response_soap_body = NULL,
549 response_soap_fault = NULL;
550
551
552 if (!context) return IE_INVALID_CONTEXT;
553 if (!response) return IE_INVAL;
554 if (!raw_response_length && raw_response) return IE_INVAL;
555
556 xmlFreeNodeList(*response);
557 *response = NULL;
558 if (raw_response) *raw_response = NULL;
559
560 url = astrcat(context->url, file);
561 if (!url) return IE_NOMEM;
562
563 /* Build SOAP request envelope */
564 request_soap_doc = xmlNewDoc(BAD_CAST "1.0");
565 if (!request_soap_doc) {
566 isds_log_message(context, _("Could not build SOAP request document"));
567 err = IE_ERROR;
568 goto leave;
569 }
570 request_soap_envelope = xmlNewNode(NULL, BAD_CAST "Envelope");
571 if (!request_soap_envelope) {
572 isds_log_message(context, _("Could not build SOAP request envelope"));
573 err = IE_ERROR;
574 goto leave;
575 }
576 xmlDocSetRootElement(request_soap_doc, request_soap_envelope);
577 /* Only this way we get namespace definition as @xmlns:soap,
578 * otherwise we get namespace prefix without definition */
579 soap_ns = xmlNewNs(request_soap_envelope, BAD_CAST SOAP_NS, NULL);
580 if(!soap_ns) {
581 isds_log_message(context, _("Could not create SOAP name space"));
582 err = IE_ERROR;
583 goto leave;
584 }
585 xmlSetNs(request_soap_envelope, soap_ns);
586 request_soap_body = xmlNewChild(request_soap_envelope, NULL,
587 BAD_CAST "Body", NULL);
588 if (!request_soap_body) {
589 isds_log_message(context,
590 _("Could not add Body to SOAP request envelope"));
591 err = IE_ERROR;
592 goto leave;
593 }
594
595 /* Append request XML node set to SOAP body if request is not empty */
596 /* XXX: Copy of request must be used, otherwise xmlFreeDoc(request_soap_doc)
597 * would destroy this outer structure. */
598 if (request) {
599 xmlNodePtr request_copy = xmlCopyNodeList(request);
600 if (!request_copy) {
601 isds_log_message(context,
602 _("Could not copy request content"));
603 err = IE_ERROR;
604 goto leave;
605 }
606 if (!xmlAddChildList(request_soap_body, request_copy)) {
607 xmlFreeNodeList(request_copy);
608 isds_log_message(context,
609 _("Could not add request content to SOAP "
610 "request envelope"));
611 err = IE_ERROR;
612 goto leave;
613 }
614 }
615
616
617 /* Serialize the SOAP request into HTTP request body */
618 http_request = xmlBufferCreate();
619 if (!http_request) {
620 isds_log_message(context,
621 _("Could not create xmlBuffer for HTTP request body"));
622 err = IE_ERROR;
623 goto leave;
624 }
625 /* Last argument 1 means format the XML tree. This is pretty but it breaks
626 * digital signatures probably because ISDS abandoned XMLDSig */
627 save_ctx = xmlSaveToBuffer(http_request, "UTF-8", 1);
628 if (!save_ctx) {
629 isds_log_message(context,
630 _("Could not create XML serializer"));
631 err = IE_ERROR;
632 goto leave;
633 }
634 /* XXX: According LibXML documentation, this function does not return
635 * meaningfull value yet */
636 xmlSaveDoc(save_ctx, request_soap_doc);
637 if (-1 == xmlSaveFlush(save_ctx)) {
638 isds_log_message(context,
639 _("Could not serialize SOAP request to HTTP request bddy"));
640 err = IE_ERROR;
641 goto leave;
642 }
643
644 isds_log(ILF_SOAP, ILL_DEBUG,
645 _("SOAP request to sent to %s:\n%.*s\nEnd of SOAP request\n"),
646 url, http_request->use, http_request->content);
647
648 err = http(context, url, http_request->content, http_request->use,
649 &http_response, &response_length,
650 &mime_type, NULL, &http_code);
651
652 /* TODO: HTTP binding for SOAP prescribes non-200 HTTP return codes
653 * to be processes too. */
654
655 if (err) {
656 goto leave;
657 }
658
659 /* Check for HTTP return code */
660 isds_log(ILF_SOAP, ILL_DEBUG, _("Server returned %ld HTTP code\n"),
661 http_code);
662 switch (http_code) {
663 /* XXX: We must see which code is used for not permitted ISDS
664 * operation like downloading message without proper user
665 * permissions. In that cat we should keep connection opened. */
666 case 401:
667 err = IE_NOT_LOGGED_IN;
668 isds_log_message(context, _("Authentication failed"));
669 goto leave;
670 break;
671 case 404:
672 err = IE_HTTP;
673 isds_printf_message(context,
674 _("Code 404: Document (%s) not found on server"), url);
675 goto leave;
676 break;
677 /* 500 should return standard SOAP message */
678 }
679
680 /* Check for Content-Type: text/xml.
681 * Do it after HTTP code check because 401 Unauthorized returns HTML web
682 * page for browsers. */
683 if (mime_type && strcmp(mime_type, "text/xml")
684 && strcmp(mime_type, "application/soap+xml")
685 && strcmp(mime_type, "application/xml")) {
686 char *mime_type_locale = utf82locale(mime_type);
687 isds_printf_message(context,
688 _("%s: bad MIME type sent by server: %s"), url,
689 mime_type_locale);
690 free(mime_type_locale);
691 err = IE_SOAP;
692 goto leave;
693 }
694
695 /* TODO: Convert returned body into XML default encoding */
696
697 /* Parse the HTTP body as XML */
698 response_soap_doc = xmlParseMemory(http_response, response_length);
699 if (!response_soap_doc) {
700 err = IE_XML;
701 goto leave;
702 }
703
704 xpath_ctx = xmlXPathNewContext(response_soap_doc);
705 if (!xpath_ctx) {
706 err = IE_ERROR;
707 goto leave;
708 }
709
710 if (register_namespaces(xpath_ctx, MESSAGE_NS_UNSIGNED)) {
711 err = IE_ERROR;
712 goto leave;
713 }
714
715 isds_log(ILF_SOAP, ILL_DEBUG,
716 _("SOAP response received:\n%.*s\nEnd of SOAP response\n"),
717 response_length, http_response);
718
719
720 /* Check for SOAP version */
721 response_root = xmlDocGetRootElement(response_soap_doc);
722 if (!response_root) {
723 isds_log_message(context, "SOAP response has no root element");
724 err = IE_SOAP;
725 goto leave;
726 }
727 if (xmlStrcmp(response_root->name, BAD_CAST "Envelope") ||
728 xmlStrcmp(response_root->ns->href, BAD_CAST SOAP_NS)) {
729 isds_log_message(context, "SOAP response is not SOAP 1.1 document");
730 err = IE_SOAP;
731 goto leave;
732 }
733
734 /* Check for SOAP Headers */
735 response_soap_headers = xmlXPathEvalExpression(
736 BAD_CAST "/soap:Envelope/soap:Header/"
737 "*[@soap:mustUnderstand/text() = true()]", xpath_ctx);
738 if (!response_soap_headers) {
739 err = IE_ERROR;
740 goto leave;
741 }
742 if (!xmlXPathNodeSetIsEmpty(response_soap_headers->nodesetval)) {
743 isds_log_message(context,
744 _("SOAP response requires unsupported feature"));
745 /* TODO: log the headers
746 * xmlChar *fragment = NULL;
747 * fragment = xmlXPathCastNodeSetToSting(response_soap_headers->nodesetval);*/
748 err = IE_NOTSUP;
749 goto leave;
750 }
751
752 /* Get SOAP Body */
753 response_soap_body = xmlXPathEvalExpression(
754 BAD_CAST "/soap:Envelope/soap:Body", xpath_ctx);
755 if (!response_soap_body) {
756 err = IE_ERROR;
757 goto leave;
758 }
759 if (xmlXPathNodeSetIsEmpty(response_soap_body->nodesetval)) {
760 isds_log_message(context,
761 _("SOAP response does not contain SOAP Body element"));
762 err = IE_SOAP;
763 goto leave;
764 }
765 if (response_soap_body->nodesetval->nodeNr > 1) {
766 isds_log_message(context,
767 _("SOAP response has more than one Body element"));
768 err = IE_SOAP;
769 goto leave;
770 }
771
772 /* Check for SOAP Fault */
773 response_soap_fault = xmlXPathEvalExpression(
774 BAD_CAST "/soap:Envelope/soap:Body/soap:Fault", xpath_ctx);
775 if (!response_soap_fault) {
776 err = IE_ERROR;
777 goto leave;
778 }
779 if (!xmlXPathNodeSetIsEmpty(response_soap_fault->nodesetval)) {
780 /* TODO: log the faultcode and faultstring */
781 isds_log_message(context, _("SOAP response signals Fault"));
782 err = IE_SOAP;
783 goto leave;
784 }
785
786
787 /* Extract XML Tree with ISDS response from SOAP envelope and return it.
788 * XXX: response_soap_body is Body, we need children which may not exist
789 * (i.e. empty Body). */
790 /* TODO: Destroy SOAP response but Body childern. This is more memory
791 * friendly than copying (potentialy) fat body */
792 if (response_soap_body->nodesetval->nodeTab[0]->children) {
793 *response = xmlDocCopyNodeList(response_soap_doc,
794 response_soap_body->nodesetval->nodeTab[0]->children);
795 if (!*response) {
796 err = IE_NOMEM;
797 goto leave;
798 }
799 } else *response = NULL;
800
801 /* Save raw response */
802 if (raw_response) {
803 *raw_response = http_response;
804 *raw_response_length = response_length;
805 http_response = NULL;
806 }
807
808
809 leave:
810 if (err) {
811 xmlFreeNodeList(*response);
812 *response = NULL;
813 }
814
815 xmlXPathFreeObject(response_soap_fault);
816 xmlXPathFreeObject(response_soap_body);
817 xmlXPathFreeObject(response_soap_headers);
818 xmlXPathFreeContext(xpath_ctx);
819 xmlFreeDoc(response_soap_doc);
820 free(mime_type);
821 free(http_response);
822 xmlSaveClose(save_ctx);
823 xmlBufferFree(http_request);
824 xmlFreeDoc(request_soap_doc); /* recursive, frees request_body, soap_ns*/
825 free(url);
826
827 return err;
828 }
829
830
831 /* LibXML functions:
832 *
833 * void xmlInitParser(void)
834 * Initialization function for the XML parser. This is not reentrant. Call
835 * once before processing in case of use in multithreaded programs.
836 *
837 * int xmlInitParserCtxt(xmlParserCtxtPtr ctxt)
838 * Initialize a parser context
839 *
840 * xmlDocPtr xmlCtxtReadDoc(xmlParserCtxtPtr ctxt, const xmlChar * cur,
841 * const * char URL, const char * encoding, int options);
842 * Parse in-memory NULL-terminated document @cur.
843 *
844 * xmlDocPtr xmlParseMemory(const char * buffer, int size)
845 * Parse an XML in-memory block and build a tree.
846 *
847 * xmlParserCtxtPtr xmlCreateMemoryParserCtxt(const char * buffer, int
848 * size);
849 * Create a parser context for an XML in-memory document.
850 *
851 * xmlParserCtxtPtr xmlCreateDocParserCtxt(const xmlChar * cur)
852 * Creates a parser context for an XML in-memory document.
853 *
854 * xmlDocPtr xmlCtxtReadMemory(xmlParserCtxtPtr ctxt,
855 * const char * buffer, int size, const char * URL, const char * encoding,
856 * int options)
857 * Parse an XML in-memory document and build a tree. This reuses the existing
858 * @ctxt parser context.
859
860 * void xmlCleanupParser(void)
861 * Cleanup function for the XML library. It tries to reclaim all parsing
862 * related glob document related memory. Calling this function should not
863 * prevent reusing the libr finished using the library or XML document built
864 * with it.
865 *
866 * void xmlClearParserCtxt(xmlParserCtxtPtr ctxt)
867 * Clear (release owned resources) and reinitialize a parser context.
868 *
869 * void xmlCtxtReset(xmlParserCtxtPtr ctxt)
870 * Reset a parser context
871 *
872 * void xmlFreeParserCtxt(xmlParserCtxtPtr ctxt)
873 * Free all the memory used by a parser context. However the parsed document
874 * in ctxt->myDoc is not freed.
875 *
876 * void xmlFreeDoc(xmlDocPtr cur)
877 * Free up all the structures used by a document, tree included.
878 */
Client library for ISDS