diff --git a/src/modules/http_async_client/async_http.c b/src/modules/http_async_client/async_http.c index 000659cd295..045b640d588 100644 --- a/src/modules/http_async_client/async_http.c +++ b/src/modules/http_async_client/async_http.c @@ -273,25 +273,43 @@ void notification_socket_cb(int fd, short event, void *arg) } query_params.method = aq->query_params.method; - if (aq->query_params.tls_client_cert.s && aq->query_params.tls_client_cert.len > 0) { - if (shm_str_dup(&query_params.tls_client_cert, &(aq->query_params.tls_client_cert)) < 0) { + if (aq->query_params.tls_client_cert) { + len = strlen(aq->query_params.tls_client_cert); + query_params.tls_client_cert = shm_malloc(len+1); + + if(query_params.tls_client_cert == NULL) { LM_ERR("Error allocating query_params.tls_client_cert\n"); goto done; } + + strncpy(query_params.tls_client_cert, aq->query_params.tls_client_cert, len); + query_params.tls_client_cert[len] = '\0'; } - if (aq->query_params.tls_client_key.s && aq->query_params.tls_client_key.len > 0) { - if (shm_str_dup(&query_params.tls_client_key, &(aq->query_params.tls_client_key)) < 0) { + if (aq->query_params.tls_client_key) { + len = strlen(aq->query_params.tls_client_key); + query_params.tls_client_key = shm_malloc(len+1); + + if(query_params.tls_client_key == NULL) { LM_ERR("Error allocating query_params.tls_client_key\n"); goto done; } + + strncpy(query_params.tls_client_key, aq->query_params.tls_client_key, len); + query_params.tls_client_key[len] = '\0'; } - if (aq->query_params.tls_ca_path.s && aq->query_params.tls_ca_path.len > 0) { - if (shm_str_dup(&query_params.tls_ca_path, &(aq->query_params.tls_ca_path)) < 0) { + if (aq->query_params.tls_ca_path) { + len = strlen(aq->query_params.tls_ca_path); + query_params.tls_ca_path = shm_malloc(len+1); + + if(query_params.tls_ca_path == NULL) { LM_ERR("Error allocating query_params.tls_ca_path\n"); goto done; } + + strncpy(query_params.tls_ca_path, aq->query_params.tls_ca_path, len); + query_params.tls_ca_path[len] = '\0'; } if (aq->query_params.body.s && aq->query_params.body.len > 0) { @@ -335,20 +353,17 @@ void notification_socket_cb(int fd, short event, void *arg) } done: - if (query_params.tls_client_cert.s && query_params.tls_client_cert.len > 0) { - shm_free(query_params.tls_client_cert.s); - query_params.tls_client_cert.s = NULL; - query_params.tls_client_cert.len = 0; + if (query_params.tls_client_cert) { + shm_free(query_params.tls_client_cert); + query_params.tls_client_cert = NULL; } - if (query_params.tls_client_key.s && query_params.tls_client_key.len > 0) { - shm_free(query_params.tls_client_key.s); - query_params.tls_client_key.s = NULL; - query_params.tls_client_key.len = 0; + if (query_params.tls_client_key) { + shm_free(query_params.tls_client_key); + query_params.tls_client_key = NULL; } - if (query_params.tls_ca_path.s && query_params.tls_ca_path.len > 0) { - shm_free(query_params.tls_ca_path.s); - query_params.tls_ca_path.s = NULL; - query_params.tls_ca_path.len = 0; + if (query_params.tls_ca_path) { + shm_free(query_params.tls_ca_path); + query_params.tls_ca_path = NULL; } if (query_params.body.s && query_params.body.len > 0) { shm_free(query_params.body.s); @@ -441,31 +456,46 @@ int async_send_query(sip_msg_t *msg, str *query, cfg_action_t *act) snprintf(q_id, MAX_ID_LEN+1, "%u-%u", (unsigned int)getpid(), q_idx); strncpy(aq->id, q_id, strlen(q_id)); - aq->query_params.tls_client_cert.s = NULL; - aq->query_params.tls_client_cert.len = 0; - if (ah_params.tls_client_cert.s && ah_params.tls_client_cert.len > 0) { - if (shm_str_dup(&aq->query_params.tls_client_cert, &(ah_params.tls_client_cert)) < 0) { + aq->query_params.tls_client_cert = NULL; + if (ah_params.tls_client_cert) { + len = strlen(ah_params.tls_client_cert); + aq->query_params.tls_client_cert = shm_malloc(len+1); + + if(aq->query_params.tls_client_cert == NULL) { LM_ERR("Error allocating aq->query_params.tls_client_cert\n"); goto error; } + + strncpy(aq->query_params.tls_client_cert, ah_params.tls_client_cert, len); + aq->query_params.tls_client_cert[len] = '\0'; } - aq->query_params.tls_client_key.s = NULL; - aq->query_params.tls_client_key.len = 0; - if (ah_params.tls_client_key.s && ah_params.tls_client_key.len > 0) { - if (shm_str_dup(&aq->query_params.tls_client_key, &(ah_params.tls_client_key)) < 0) { + aq->query_params.tls_client_key = NULL; + if (ah_params.tls_client_key) { + len = strlen(ah_params.tls_client_key); + aq->query_params.tls_client_key = shm_malloc(len+1); + + if(aq->query_params.tls_client_key == NULL) { LM_ERR("Error allocating aq->query_params.tls_client_key\n"); goto error; } + + strncpy(aq->query_params.tls_client_key, ah_params.tls_client_key, len); + aq->query_params.tls_client_key[len] = '\0'; } - aq->query_params.tls_ca_path.s = NULL; - aq->query_params.tls_ca_path.len = 0; - if (ah_params.tls_ca_path.s && ah_params.tls_ca_path.len > 0) { - if (shm_str_dup(&aq->query_params.tls_ca_path, &(ah_params.tls_ca_path)) < 0) { + aq->query_params.tls_ca_path = NULL; + if (ah_params.tls_ca_path) { + len = strlen(ah_params.tls_ca_path); + aq->query_params.tls_ca_path = shm_malloc(len+1); + + if(aq->query_params.tls_ca_path == NULL) { LM_ERR("Error allocating aq->query_params.tls_ca_path\n"); goto error; } + + strncpy(aq->query_params.tls_ca_path, ah_params.tls_ca_path, len); + aq->query_params.tls_ca_path[len] = '\0'; } aq->query_params.body.s = NULL; @@ -555,6 +585,7 @@ void init_query_params(struct query_params *p) { } void set_query_params(struct query_params *p) { + int len; p->headers.len = 0; p->headers.t = NULL; p->tls_verify_host = tls_verify_host; @@ -564,40 +595,55 @@ void set_query_params(struct query_params *p) { p->method = AH_METH_DEFAULT; p->authmethod = default_authmethod; - if (p->tls_client_cert.s && p->tls_client_cert.len > 0) { - shm_free(p->tls_client_cert.s); - p->tls_client_cert.s = NULL; - p->tls_client_cert.len = 0; + if (p->tls_client_cert) { + shm_free(p->tls_client_cert); + p->tls_client_cert = NULL; } - if (tls_client_cert.s && tls_client_cert.len > 0) { - if (shm_str_dup(&p->tls_client_cert, &tls_client_cert) < 0) { + if (tls_client_cert) { + len = strlen(tls_client_cert); + p->tls_client_cert = shm_malloc(len+1); + + if (p->tls_client_cert == NULL) { LM_ERR("Error allocating tls_client_cert\n"); return; } + + strncpy(p->tls_client_cert, tls_client_cert, len); + p->tls_client_cert[len] = '\0'; } - if (p->tls_client_key.s && p->tls_client_key.len > 0) { - shm_free(p->tls_client_key.s); - p->tls_client_key.s = NULL; - p->tls_client_key.len = 0; + if (p->tls_client_key) { + shm_free(p->tls_client_key); + p->tls_client_key = NULL; } - if (tls_client_key.s && tls_client_key.len > 0) { - if (shm_str_dup(&p->tls_client_key, &tls_client_key) < 0) { + if (tls_client_key) { + len = strlen(tls_client_key); + p->tls_client_key = shm_malloc(len+1); + + if (p->tls_client_key == NULL) { LM_ERR("Error allocating tls_client_key\n"); return; } + + strncpy(p->tls_client_key, tls_client_key, len); + p->tls_client_key[len] = '\0'; } - if (p->tls_ca_path.s && p->tls_ca_path.len > 0) { - shm_free(p->tls_ca_path.s); - p->tls_ca_path.s = NULL; - p->tls_ca_path.len = 0; + if (p->tls_ca_path) { + shm_free(p->tls_ca_path); + p->tls_ca_path = NULL; } - if (tls_ca_path.s && tls_ca_path.len > 0) { - if (shm_str_dup(&p->tls_ca_path, &tls_ca_path) < 0) { + if (tls_ca_path) { + len = strlen(tls_ca_path); + p->tls_ca_path = shm_malloc(len+1); + + if (p->tls_ca_path == NULL) { LM_ERR("Error allocating tls_ca_path\n"); return; } + + strncpy(p->tls_ca_path, tls_ca_path, len); + p->tls_ca_path[len] = '\0'; } if (p->body.s && p->body.len > 0) { diff --git a/src/modules/http_async_client/async_http.h b/src/modules/http_async_client/async_http.h index c29fa5dd242..d215ae5f726 100644 --- a/src/modules/http_async_client/async_http.h +++ b/src/modules/http_async_client/async_http.h @@ -55,9 +55,9 @@ extern str ah_error; extern int tls_verify_host; extern int tls_verify_peer; -extern str tls_client_cert; -extern str tls_client_key; -extern str tls_ca_path; +extern char* tls_client_cert; +extern char* tls_client_key; +extern char* tls_ca_path; extern unsigned int default_authmethod; @@ -89,9 +89,9 @@ struct query_params { unsigned int timeout; struct header_list headers; - str tls_client_cert; - str tls_client_key; - str tls_ca_path; + char* tls_client_cert; + char* tls_client_key; + char* tls_ca_path; str body; unsigned int authmethod; @@ -143,22 +143,19 @@ static inline void free_async_query(async_query_t *aq) shm_free(aq->query_params.headers.t); } - if (aq->query_params.tls_client_cert.s && aq->query_params.tls_client_cert.len > 0) { - shm_free(aq->query_params.tls_client_cert.s); - aq->query_params.tls_client_cert.s = NULL; - aq->query_params.tls_client_cert.len = 0; + if (aq->query_params.tls_client_cert) { + shm_free(aq->query_params.tls_client_cert); + aq->query_params.tls_client_cert = NULL; } - if (aq->query_params.tls_client_key.s && aq->query_params.tls_client_key.len > 0) { - shm_free(aq->query_params.tls_client_key.s); - aq->query_params.tls_client_key.s = NULL; - aq->query_params.tls_client_key.len = 0; + if (aq->query_params.tls_client_key) { + shm_free(aq->query_params.tls_client_key); + aq->query_params.tls_client_key = NULL; } - if (aq->query_params.tls_ca_path.s && aq->query_params.tls_ca_path.len > 0) { - shm_free(aq->query_params.tls_ca_path.s); - aq->query_params.tls_ca_path.s = NULL; - aq->query_params.tls_ca_path.len = 0; + if (aq->query_params.tls_ca_path) { + shm_free(aq->query_params.tls_ca_path); + aq->query_params.tls_ca_path = NULL; } if (aq->query_params.body.s && aq->query_params.body.len > 0) { diff --git a/src/modules/http_async_client/hm_hash.h b/src/modules/http_async_client/hm_hash.h index 528bdd77b1f..a6ad061fc64 100644 --- a/src/modules/http_async_client/hm_hash.h +++ b/src/modules/http_async_client/hm_hash.h @@ -70,9 +70,9 @@ typedef struct hm_params { int tls_verify_peer; struct curl_slist* headers; int method; - str tls_client_cert; - str tls_client_key; - str tls_ca_path; + char* tls_client_cert; + char* tls_client_key; + char* tls_ca_path; str body; unsigned int authmethod; diff --git a/src/modules/http_async_client/http_async_client_mod.c b/src/modules/http_async_client/http_async_client_mod.c index ed52110d04a..4012da24bed 100644 --- a/src/modules/http_async_client/http_async_client_mod.c +++ b/src/modules/http_async_client/http_async_client_mod.c @@ -70,9 +70,9 @@ int tls_version = 0; // Use default SSL version in HTTPS requests (see curl/curl int tls_verify_host = 1; // By default verify host in HTTPS requests int tls_verify_peer = 1; // By default verify peer in HTTPS requests int curl_verbose = 0; -str tls_client_cert = STR_STATIC_INIT(""); // client SSL certificate path, defaults to NULL -str tls_client_key = STR_STATIC_INIT(""); // client SSL certificate key path, defaults to NULL -str tls_ca_path = STR_STATIC_INIT(""); // certificate authority dir path, defaults to NULL +char* tls_client_cert = ""; // client SSL certificate path, defaults to NULL +char* tls_client_key = ""; // client SSL certificate key path, defaults to NULL +char* tls_ca_path = ""; // certificate authority dir path, defaults to NULL static char *memory_manager = "shm"; extern int curl_memory_manager; unsigned int default_authmethod = CURLAUTH_BASIC | CURLAUTH_DIGEST; @@ -138,9 +138,9 @@ static param_export_t params[]={ {"tls_verify_host", INT_PARAM, &tls_verify_host}, {"tls_verify_peer", INT_PARAM, &tls_verify_peer}, {"curl_verbose", INT_PARAM, &curl_verbose}, - {"tls_client_cert", PARAM_STR, &tls_client_cert}, - {"tls_client_key", PARAM_STR, &tls_client_key}, - {"tls_ca_path", PARAM_STR, &tls_ca_path}, + {"tls_client_cert", PARAM_STRING, &tls_client_cert}, + {"tls_client_key", PARAM_STRING, &tls_client_key}, + {"tls_ca_path", PARAM_STRING, &tls_ca_path}, {"memory_manager", PARAM_STRING, &memory_manager}, {"authmethod", PARAM_INT, &default_authmethod }, {0, 0, 0} @@ -679,9 +679,7 @@ static int ah_set_req(struct sip_msg* msg, pv_param_t *param, LM_ERR("invalid value type for $http_req(tls_ca_path)\n"); return -1; } - set_query_param(&ah_params.tls_ca_path, tval->rs); - } else { - set_query_param(&ah_params.tls_ca_path, tls_ca_path); + set_query_cparam(&ah_params.tls_ca_path, tval->rs); } break; case E_HRN_TLS_CLIENT_KEY: @@ -690,9 +688,7 @@ static int ah_set_req(struct sip_msg* msg, pv_param_t *param, LM_ERR("invalid value type for $http_req(tls_client_key)\n"); return -1; } - set_query_param(&ah_params.tls_client_key, tval->rs); - } else { - set_query_param(&ah_params.tls_client_key, tls_client_key); + set_query_cparam(&ah_params.tls_client_key, tval->rs); } break; case E_HRN_TLS_CLIENT_CERT: @@ -701,9 +697,7 @@ static int ah_set_req(struct sip_msg* msg, pv_param_t *param, LM_ERR("invalid value type for $http_req(tls_client_cert)\n"); return -1; } - set_query_param(&ah_params.tls_client_cert, tval->rs); - } else { - set_query_param(&ah_params.tls_client_cert, tls_client_cert); + set_query_cparam(&ah_params.tls_client_cert, tval->rs); } break; case E_HRN_SUSPEND: diff --git a/src/modules/http_async_client/http_multi.c b/src/modules/http_async_client/http_multi.c index c0c3e4ebb3e..1dd4b1302ee 100644 --- a/src/modules/http_async_client/http_multi.c +++ b/src/modules/http_async_client/http_multi.c @@ -477,16 +477,16 @@ int new_request(str *query, http_m_params_t *query_params, http_multi_cbe_t cb, curl_easy_setopt(cell->easy, CURLOPT_SSL_VERIFYHOST, cell->params.tls_verify_host?2:0); curl_easy_setopt(cell->easy, CURLOPT_SSLVERSION, tls_version); - if (cell->params.tls_client_cert.s && cell->params.tls_client_cert.len > 0) { - curl_easy_setopt(cell->easy, CURLOPT_SSLCERT, cell->params.tls_client_cert.s); + if (cell->params.tls_client_cert) { + curl_easy_setopt(cell->easy, CURLOPT_SSLCERT, cell->params.tls_client_cert); } - if (cell->params.tls_client_key.s && cell->params.tls_client_key.len > 0) { - curl_easy_setopt(cell->easy, CURLOPT_SSLKEY, cell->params.tls_client_key.s); + if (cell->params.tls_client_key) { + curl_easy_setopt(cell->easy, CURLOPT_SSLKEY, cell->params.tls_client_key); } - if (cell->params.tls_ca_path.s && cell->params.tls_ca_path.len > 0) { - curl_easy_setopt(cell->easy, CURLOPT_CAPATH, cell->params.tls_ca_path.s); + if (cell->params.tls_ca_path) { + curl_easy_setopt(cell->easy, CURLOPT_CAPATH, cell->params.tls_ca_path); } curl_easy_setopt(cell->easy, CURLOPT_HEADER, 1);