Skip to content

Commit

Permalink
http_async_client: null terminated CURLOPT_
Browse files Browse the repository at this point in the history
  • Loading branch information
@giavac
giavac committed Nov 4, 2017
1 parent 0956257 commit 574a11d
Show file tree
Hide file tree
Showing 5 changed files with 127 additions and 90 deletions.
142 changes: 94 additions & 48 deletions src/modules/http_async_client/async_http.c
View file
Expand Up @@ -273,25 +273,43 @@ void notification_socket_cb(int fd, short event, void *arg)
}
query_params.method = aq->query_params.method;

if (aq->query_params.tls_client_cert.s && aq->query_params.tls_client_cert.len > 0) {
if (shm_str_dup(&query_params.tls_client_cert, &(aq->query_params.tls_client_cert)) < 0) {
if (aq->query_params.tls_client_cert) {
len = strlen(aq->query_params.tls_client_cert);
query_params.tls_client_cert = shm_malloc(len+1);

if(query_params.tls_client_cert == NULL) {
LM_ERR("Error allocating query_params.tls_client_cert\n");
goto done;
}

strncpy(query_params.tls_client_cert, aq->query_params.tls_client_cert, len);
query_params.tls_client_cert[len] = '\0';
}

if (aq->query_params.tls_client_key.s && aq->query_params.tls_client_key.len > 0) {
if (shm_str_dup(&query_params.tls_client_key, &(aq->query_params.tls_client_key)) < 0) {
if (aq->query_params.tls_client_key) {
len = strlen(aq->query_params.tls_client_key);
query_params.tls_client_key = shm_malloc(len+1);

if(query_params.tls_client_key == NULL) {
LM_ERR("Error allocating query_params.tls_client_key\n");
goto done;
}

strncpy(query_params.tls_client_key, aq->query_params.tls_client_key, len);
query_params.tls_client_key[len] = '\0';
}

if (aq->query_params.tls_ca_path.s && aq->query_params.tls_ca_path.len > 0) {
if (shm_str_dup(&query_params.tls_ca_path, &(aq->query_params.tls_ca_path)) < 0) {
if (aq->query_params.tls_ca_path) {
len = strlen(aq->query_params.tls_ca_path);
query_params.tls_ca_path = shm_malloc(len+1);

if(query_params.tls_ca_path == NULL) {
LM_ERR("Error allocating query_params.tls_ca_path\n");
goto done;
}

strncpy(query_params.tls_ca_path, aq->query_params.tls_ca_path, len);
query_params.tls_ca_path[len] = '\0';
}

if (aq->query_params.body.s && aq->query_params.body.len > 0) {
Expand Down Expand Up @@ -335,20 +353,17 @@ void notification_socket_cb(int fd, short event, void *arg)
}

done:
if (query_params.tls_client_cert.s && query_params.tls_client_cert.len > 0) {
shm_free(query_params.tls_client_cert.s);
query_params.tls_client_cert.s = NULL;
query_params.tls_client_cert.len = 0;
if (query_params.tls_client_cert) {
shm_free(query_params.tls_client_cert);
query_params.tls_client_cert = NULL;
}
if (query_params.tls_client_key.s && query_params.tls_client_key.len > 0) {
shm_free(query_params.tls_client_key.s);
query_params.tls_client_key.s = NULL;
query_params.tls_client_key.len = 0;
if (query_params.tls_client_key) {
shm_free(query_params.tls_client_key);
query_params.tls_client_key = NULL;
}
if (query_params.tls_ca_path.s && query_params.tls_ca_path.len > 0) {
shm_free(query_params.tls_ca_path.s);
query_params.tls_ca_path.s = NULL;
query_params.tls_ca_path.len = 0;
if (query_params.tls_ca_path) {
shm_free(query_params.tls_ca_path);
query_params.tls_ca_path = NULL;
}
if (query_params.body.s && query_params.body.len > 0) {
shm_free(query_params.body.s);
Expand Down Expand Up @@ -441,31 +456,46 @@ int async_send_query(sip_msg_t *msg, str *query, cfg_action_t *act)
snprintf(q_id, MAX_ID_LEN+1, "%u-%u", (unsigned int)getpid(), q_idx);
strncpy(aq->id, q_id, strlen(q_id));

aq->query_params.tls_client_cert.s = NULL;
aq->query_params.tls_client_cert.len = 0;
if (ah_params.tls_client_cert.s && ah_params.tls_client_cert.len > 0) {
if (shm_str_dup(&aq->query_params.tls_client_cert, &(ah_params.tls_client_cert)) < 0) {
aq->query_params.tls_client_cert = NULL;
if (ah_params.tls_client_cert) {
len = strlen(ah_params.tls_client_cert);
aq->query_params.tls_client_cert = shm_malloc(len+1);

if(aq->query_params.tls_client_cert == NULL) {
LM_ERR("Error allocating aq->query_params.tls_client_cert\n");
goto error;
}

strncpy(aq->query_params.tls_client_cert, ah_params.tls_client_cert, len);
aq->query_params.tls_client_cert[len] = '\0';
}

aq->query_params.tls_client_key.s = NULL;
aq->query_params.tls_client_key.len = 0;
if (ah_params.tls_client_key.s && ah_params.tls_client_key.len > 0) {
if (shm_str_dup(&aq->query_params.tls_client_key, &(ah_params.tls_client_key)) < 0) {
aq->query_params.tls_client_key = NULL;
if (ah_params.tls_client_key) {
len = strlen(ah_params.tls_client_key);
aq->query_params.tls_client_key = shm_malloc(len+1);

if(aq->query_params.tls_client_key == NULL) {
LM_ERR("Error allocating aq->query_params.tls_client_key\n");
goto error;
}

strncpy(aq->query_params.tls_client_key, ah_params.tls_client_key, len);
aq->query_params.tls_client_key[len] = '\0';
}

aq->query_params.tls_ca_path.s = NULL;
aq->query_params.tls_ca_path.len = 0;
if (ah_params.tls_ca_path.s && ah_params.tls_ca_path.len > 0) {
if (shm_str_dup(&aq->query_params.tls_ca_path, &(ah_params.tls_ca_path)) < 0) {
aq->query_params.tls_ca_path = NULL;
if (ah_params.tls_ca_path) {
len = strlen(ah_params.tls_ca_path);
aq->query_params.tls_ca_path = shm_malloc(len+1);

if(aq->query_params.tls_ca_path == NULL) {
LM_ERR("Error allocating aq->query_params.tls_ca_path\n");
goto error;
}

strncpy(aq->query_params.tls_ca_path, ah_params.tls_ca_path, len);
aq->query_params.tls_ca_path[len] = '\0';
}

aq->query_params.body.s = NULL;
Expand Down Expand Up @@ -555,6 +585,7 @@ void init_query_params(struct query_params *p) {
}

void set_query_params(struct query_params *p) {
int len;
p->headers.len = 0;
p->headers.t = NULL;
p->tls_verify_host = tls_verify_host;
Expand All @@ -564,40 +595,55 @@ void set_query_params(struct query_params *p) {
p->method = AH_METH_DEFAULT;
p->authmethod = default_authmethod;

if (p->tls_client_cert.s && p->tls_client_cert.len > 0) {
shm_free(p->tls_client_cert.s);
p->tls_client_cert.s = NULL;
p->tls_client_cert.len = 0;
if (p->tls_client_cert) {
shm_free(p->tls_client_cert);
p->tls_client_cert = NULL;
}
if (tls_client_cert.s && tls_client_cert.len > 0) {
if (shm_str_dup(&p->tls_client_cert, &tls_client_cert) < 0) {
if (tls_client_cert) {
len = strlen(tls_client_cert);
p->tls_client_cert = shm_malloc(len+1);

if (p->tls_client_cert == NULL) {
LM_ERR("Error allocating tls_client_cert\n");
return;
}

strncpy(p->tls_client_cert, tls_client_cert, len);
p->tls_client_cert[len] = '\0';
}

if (p->tls_client_key.s && p->tls_client_key.len > 0) {
shm_free(p->tls_client_key.s);
p->tls_client_key.s = NULL;
p->tls_client_key.len = 0;
if (p->tls_client_key) {
shm_free(p->tls_client_key);
p->tls_client_key = NULL;
}
if (tls_client_key.s && tls_client_key.len > 0) {
if (shm_str_dup(&p->tls_client_key, &tls_client_key) < 0) {
if (tls_client_key) {
len = strlen(tls_client_key);
p->tls_client_key = shm_malloc(len+1);

if (p->tls_client_key == NULL) {
LM_ERR("Error allocating tls_client_key\n");
return;
}

strncpy(p->tls_client_key, tls_client_key, len);
p->tls_client_key[len] = '\0';
}

if (p->tls_ca_path.s && p->tls_ca_path.len > 0) {
shm_free(p->tls_ca_path.s);
p->tls_ca_path.s = NULL;
p->tls_ca_path.len = 0;
if (p->tls_ca_path) {
shm_free(p->tls_ca_path);
p->tls_ca_path = NULL;
}
if (tls_ca_path.s && tls_ca_path.len > 0) {
if (shm_str_dup(&p->tls_ca_path, &tls_ca_path) < 0) {
if (tls_ca_path) {
len = strlen(tls_ca_path);
p->tls_ca_path = shm_malloc(len+1);

if (p->tls_ca_path == NULL) {
LM_ERR("Error allocating tls_ca_path\n");
return;
}

strncpy(p->tls_ca_path, tls_ca_path, len);
p->tls_ca_path[len] = '\0';
}

if (p->body.s && p->body.len > 0) {
Expand Down
33 changes: 15 additions & 18 deletions src/modules/http_async_client/async_http.h
View file
Expand Up @@ -55,9 +55,9 @@ extern str ah_error;

extern int tls_verify_host;
extern int tls_verify_peer;
extern str tls_client_cert;
extern str tls_client_key;
extern str tls_ca_path;
extern char* tls_client_cert;
extern char* tls_client_key;
extern char* tls_ca_path;

extern unsigned int default_authmethod;

Expand Down Expand Up @@ -89,9 +89,9 @@ struct query_params {

unsigned int timeout;
struct header_list headers;
str tls_client_cert;
str tls_client_key;
str tls_ca_path;
char* tls_client_cert;
char* tls_client_key;
char* tls_ca_path;
str body;

unsigned int authmethod;
Expand Down Expand Up @@ -143,22 +143,19 @@ static inline void free_async_query(async_query_t *aq)
shm_free(aq->query_params.headers.t);
}

if (aq->query_params.tls_client_cert.s && aq->query_params.tls_client_cert.len > 0) {
shm_free(aq->query_params.tls_client_cert.s);
aq->query_params.tls_client_cert.s = NULL;
aq->query_params.tls_client_cert.len = 0;
if (aq->query_params.tls_client_cert) {
shm_free(aq->query_params.tls_client_cert);
aq->query_params.tls_client_cert = NULL;
}

if (aq->query_params.tls_client_key.s && aq->query_params.tls_client_key.len > 0) {
shm_free(aq->query_params.tls_client_key.s);
aq->query_params.tls_client_key.s = NULL;
aq->query_params.tls_client_key.len = 0;
if (aq->query_params.tls_client_key) {
shm_free(aq->query_params.tls_client_key);
aq->query_params.tls_client_key = NULL;
}

if (aq->query_params.tls_ca_path.s && aq->query_params.tls_ca_path.len > 0) {
shm_free(aq->query_params.tls_ca_path.s);
aq->query_params.tls_ca_path.s = NULL;
aq->query_params.tls_ca_path.len = 0;
if (aq->query_params.tls_ca_path) {
shm_free(aq->query_params.tls_ca_path);
aq->query_params.tls_ca_path = NULL;
}

if (aq->query_params.body.s && aq->query_params.body.len > 0) {
Expand Down
6 changes: 3 additions & 3 deletions src/modules/http_async_client/hm_hash.h
View file
Expand Up @@ -70,9 +70,9 @@ typedef struct hm_params {
int tls_verify_peer;
struct curl_slist* headers;
int method;
str tls_client_cert;
str tls_client_key;
str tls_ca_path;
char* tls_client_cert;
char* tls_client_key;
char* tls_ca_path;
str body;

unsigned int authmethod;
Expand Down
24 changes: 9 additions & 15 deletions src/modules/http_async_client/http_async_client_mod.c
View file
Expand Up @@ -70,9 +70,9 @@ int tls_version = 0; // Use default SSL version in HTTPS requests (see curl/curl
int tls_verify_host = 1; // By default verify host in HTTPS requests
int tls_verify_peer = 1; // By default verify peer in HTTPS requests
int curl_verbose = 0;
str tls_client_cert = STR_STATIC_INIT(""); // client SSL certificate path, defaults to NULL
str tls_client_key = STR_STATIC_INIT(""); // client SSL certificate key path, defaults to NULL
str tls_ca_path = STR_STATIC_INIT(""); // certificate authority dir path, defaults to NULL
char* tls_client_cert = ""; // client SSL certificate path, defaults to NULL
char* tls_client_key = ""; // client SSL certificate key path, defaults to NULL
char* tls_ca_path = ""; // certificate authority dir path, defaults to NULL
static char *memory_manager = "shm";
extern int curl_memory_manager;
unsigned int default_authmethod = CURLAUTH_BASIC | CURLAUTH_DIGEST;
Expand Down Expand Up @@ -138,9 +138,9 @@ static param_export_t params[]={
{"tls_verify_host", INT_PARAM, &tls_verify_host},
{"tls_verify_peer", INT_PARAM, &tls_verify_peer},
{"curl_verbose", INT_PARAM, &curl_verbose},
{"tls_client_cert", PARAM_STR, &tls_client_cert},
{"tls_client_key", PARAM_STR, &tls_client_key},
{"tls_ca_path", PARAM_STR, &tls_ca_path},
{"tls_client_cert", PARAM_STRING, &tls_client_cert},
{"tls_client_key", PARAM_STRING, &tls_client_key},
{"tls_ca_path", PARAM_STRING, &tls_ca_path},
{"memory_manager", PARAM_STRING, &memory_manager},
{"authmethod", PARAM_INT, &default_authmethod },
{0, 0, 0}
Expand Down Expand Up @@ -679,9 +679,7 @@ static int ah_set_req(struct sip_msg* msg, pv_param_t *param,
LM_ERR("invalid value type for $http_req(tls_ca_path)\n");
return -1;
}
set_query_param(&ah_params.tls_ca_path, tval->rs);
} else {
set_query_param(&ah_params.tls_ca_path, tls_ca_path);
set_query_cparam(&ah_params.tls_ca_path, tval->rs);
}
break;
case E_HRN_TLS_CLIENT_KEY:
Expand All @@ -690,9 +688,7 @@ static int ah_set_req(struct sip_msg* msg, pv_param_t *param,
LM_ERR("invalid value type for $http_req(tls_client_key)\n");
return -1;
}
set_query_param(&ah_params.tls_client_key, tval->rs);
} else {
set_query_param(&ah_params.tls_client_key, tls_client_key);
set_query_cparam(&ah_params.tls_client_key, tval->rs);
}
break;
case E_HRN_TLS_CLIENT_CERT:
Expand All @@ -701,9 +697,7 @@ static int ah_set_req(struct sip_msg* msg, pv_param_t *param,
LM_ERR("invalid value type for $http_req(tls_client_cert)\n");
return -1;
}
set_query_param(&ah_params.tls_client_cert, tval->rs);
} else {
set_query_param(&ah_params.tls_client_cert, tls_client_cert);
set_query_cparam(&ah_params.tls_client_cert, tval->rs);
}
break;
case E_HRN_SUSPEND:
Expand Down
12 changes: 6 additions & 6 deletions src/modules/http_async_client/http_multi.c
View file
Expand Up @@ -477,16 +477,16 @@ int new_request(str *query, http_m_params_t *query_params, http_multi_cbe_t cb,
curl_easy_setopt(cell->easy, CURLOPT_SSL_VERIFYHOST, cell->params.tls_verify_host?2:0);
curl_easy_setopt(cell->easy, CURLOPT_SSLVERSION, tls_version);

if (cell->params.tls_client_cert.s && cell->params.tls_client_cert.len > 0) {
curl_easy_setopt(cell->easy, CURLOPT_SSLCERT, cell->params.tls_client_cert.s);
if (cell->params.tls_client_cert) {
curl_easy_setopt(cell->easy, CURLOPT_SSLCERT, cell->params.tls_client_cert);
}

if (cell->params.tls_client_key.s && cell->params.tls_client_key.len > 0) {
curl_easy_setopt(cell->easy, CURLOPT_SSLKEY, cell->params.tls_client_key.s);
if (cell->params.tls_client_key) {
curl_easy_setopt(cell->easy, CURLOPT_SSLKEY, cell->params.tls_client_key);
}

if (cell->params.tls_ca_path.s && cell->params.tls_ca_path.len > 0) {
curl_easy_setopt(cell->easy, CURLOPT_CAPATH, cell->params.tls_ca_path.s);
if (cell->params.tls_ca_path) {
curl_easy_setopt(cell->easy, CURLOPT_CAPATH, cell->params.tls_ca_path);
}

curl_easy_setopt(cell->easy, CURLOPT_HEADER, 1);
Expand Down

1 comment on commit 574a11d

@grumvalski
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks fine, thanks!

Please sign in to comment.