Botan 3.10.0
Crypto and TLS for C&
http_util.cpp
Go to the documentation of this file.
1/*
2* Sketchy HTTP client
3* (C) 2013,2016 Jack Lloyd
4* 2017 René Korthaus, Rohde & Schwarz Cybersecurity
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#include <botan/internal/http_util.h>
10
11#include <botan/mem_ops.h>
12#include <botan/internal/fmt.h>
13#include <botan/internal/mem_utils.h>
14#include <botan/internal/parsing.h>
15#include <botan/internal/socket.h>
16#include <iomanip>
17#include <sstream>
18
19namespace Botan::HTTP {
20
21namespace {
22
23/*
24* Connect to a host, write some bytes, then read until the server
25* closes the socket.
26*/
27std::string http_transact(std::string_view hostname,
28 std::string_view service,
29 std::string_view message,
30 std::chrono::milliseconds timeout) {
31 std::unique_ptr<OS::Socket> socket;
32
33 const std::chrono::system_clock::time_point start_time = std::chrono::system_clock::now();
34
35 try {
36 socket = OS::open_socket(hostname, service, timeout);
37 if(!socket) {
38 throw Not_Implemented("No socket support enabled in build");
39 }
40 } catch(std::exception& e) {
41 throw HTTP_Error(fmt("HTTP connection to {} failed: {}", hostname, e.what()));
42 }
43
44 // Blocks until entire message has been written
45 socket->write(as_span_of_bytes(message));
46
47 if(std::chrono::system_clock::now() - start_time > timeout) {
48 throw HTTP_Error("Timeout during writing message body");
49 }
50
51 std::ostringstream oss;
52 std::vector<uint8_t> buf(DefaultBufferSize);
53 while(true) {
54 const size_t got = socket->read(buf.data(), buf.size());
55 if(got == 0) { // EOF
56 break;
57 }
58
59 if(std::chrono::system_clock::now() - start_time > timeout) {
60 throw HTTP_Error("Timeout while reading message body");
61 }
62
63 oss.write(cast_uint8_ptr_to_char(buf.data()), static_cast<std::streamsize>(got));
64 }
65
66 return oss.str();
67}
68
69bool needs_url_encoding(char c) {
70 if(c >= 'A' && c <= 'Z') {
71 return false;
72 }
73 if(c >= 'a' && c <= 'z') {
74 return false;
75 }
76 if(c >= '0' && c <= '9') {
77 return false;
78 }
79 if(c == '-' || c == '_' || c == '.' || c == '~') {
80 return false;
81 }
82 return true;
83}
84
85} // namespace
86
87std::string url_encode(std::string_view in) {
88 std::ostringstream out;
89
90 for(auto c : in) {
91 if(needs_url_encoding(c)) {
92 out << '%' << std::uppercase << std::hex << std::setfill('0') << std::setw(2) << static_cast<int>(c);
93 out << std::dec << std::nouppercase; // reset flags
94 } else {
95 out << c;
96 }
97 }
98
99 return out.str();
100}
101
102std::ostream& operator<<(std::ostream& o, const Response& resp) {
103 o << "HTTP " << resp.status_code() << " " << resp.status_message() << "\n";
104 for(const auto& h : resp.headers()) {
105 o << "Header '" << h.first << "' = '" << h.second << "'\n";
106 }
107 o << "Body " << std::to_string(resp.body().size()) << " bytes:\n";
108 o.write(cast_uint8_ptr_to_char(resp.body().data()), resp.body().size());
109 return o;
110}
111
112Response http_sync(const http_exch_fn& http_transact,
113 std::string_view verb,
114 std::string_view url,
115 std::string_view content_type,
116 const std::vector<uint8_t>& body,
117 size_t allowable_redirects) {
118 if(url.empty()) {
119 throw HTTP_Error("URL empty");
120 }
121
122 const auto protocol_host_sep = url.find("://");
123 if(protocol_host_sep == std::string::npos) {
124 throw HTTP_Error(fmt("Invalid URL '{}'", url));
125 }
126
127 const auto host_loc_sep = url.find('/', protocol_host_sep + 3);
128
129 std::string hostname;
130 std::string loc;
131 std::string service;
132
133 if(host_loc_sep == std::string::npos) {
134 hostname = url.substr(protocol_host_sep + 3);
135 loc = "/";
136 } else {
137 hostname = url.substr(protocol_host_sep + 3, host_loc_sep - protocol_host_sep - 3);
138 loc = url.substr(host_loc_sep);
139 }
140
141 const auto port_sep = hostname.find(':');
142 if(port_sep == std::string::npos) {
143 service = "http";
144 // hostname not modified
145 } else {
146 service = hostname.substr(port_sep + 1, std::string::npos);
147 hostname = hostname.substr(0, port_sep);
148 }
149
150 std::ostringstream outbuf;
151
152 outbuf << verb << " " << loc << " HTTP/1.0\r\n";
153 outbuf << "Host: " << hostname << "\r\n";
154
155 if(verb == "GET") {
156 outbuf << "Accept: */*\r\n";
157 outbuf << "Cache-Control: no-cache\r\n";
158 } else if(verb == "POST") {
159 outbuf << "Content-Length: " << body.size() << "\r\n";
160 }
161
162 if(!content_type.empty()) {
163 outbuf << "Content-Type: " << content_type << "\r\n";
164 }
165 outbuf << "Connection: close\r\n\r\n";
166 outbuf.write(cast_uint8_ptr_to_char(body.data()), body.size());
167
168 std::istringstream io(http_transact(hostname, service, outbuf.str()));
169
170 std::string line1;
171 std::getline(io, line1);
172 if(!io || line1.empty()) {
173 throw HTTP_Error("No response");
174 }
175
176 std::stringstream response_stream(line1);
177 std::string http_version;
178 unsigned int status_code = 0;
179 std::string status_message;
180
181 response_stream >> http_version >> status_code;
182
183 std::getline(response_stream, status_message);
184
185 if(!response_stream || !http_version.starts_with("HTTP/")) {
186 throw HTTP_Error("Not an HTTP response");
187 }
188
189 std::map<std::string, std::string> headers;
190 std::string header_line;
191 while(std::getline(io, header_line) && header_line != "\r") {
192 auto sep = header_line.find(": ");
193 if(sep == std::string::npos || sep > header_line.size() - 2) {
194 throw HTTP_Error(fmt("Invalid HTTP header '{}'", header_line));
195 }
196 const std::string key = header_line.substr(0, sep);
197
198 if(sep + 2 < header_line.size() - 1) {
199 const std::string val = header_line.substr(sep + 2, (header_line.size() - 1) - (sep + 2));
200 headers[key] = val;
201 }
202 }
203
204 if(status_code == 301 && headers.contains("Location")) {
205 if(allowable_redirects == 0) {
206 throw HTTP_Error("HTTP redirection count exceeded");
207 }
208 return GET_sync(headers["Location"], allowable_redirects - 1);
209 }
210
211 std::vector<uint8_t> resp_body;
212 std::vector<uint8_t> buf(4096);
213 while(io.good()) {
214 io.read(cast_uint8_ptr_to_char(buf.data()), buf.size());
215 const size_t got = static_cast<size_t>(io.gcount());
216 resp_body.insert(resp_body.end(), buf.data(), &buf[got]);
217 }
218
219 auto cl_hdr = headers.find("Content-Length");
220 if(cl_hdr != headers.end()) {
221 const std::string header_size = cl_hdr->second;
222 if(resp_body.size() != to_u32bit(header_size)) {
223 throw HTTP_Error(fmt("Content-Length disagreement, header says {} got {}", header_size, resp_body.size()));
224 }
225 }
226
227 return Response(status_code, status_message, resp_body, headers);
228}
229
230Response http_sync(std::string_view verb,
231 std::string_view url,
232 std::string_view content_type,
233 const std::vector<uint8_t>& body,
234 size_t allowable_redirects,
235 std::chrono::milliseconds timeout) {
236 auto transact_with_timeout = [timeout](
237 std::string_view hostname, std::string_view service, std::string_view message) {
238 return http_transact(hostname, service, message, timeout);
239 };
240
241 return http_sync(transact_with_timeout, verb, url, content_type, body, allowable_redirects);
242}
243
244Response GET_sync(std::string_view url, size_t allowable_redirects, std::chrono::milliseconds timeout) {
245 return http_sync("GET", url, "", std::vector<uint8_t>(), allowable_redirects, timeout);
246}
247
248Response POST_sync(std::string_view url,
249 std::string_view content_type,
250 const std::vector<uint8_t>& body,
251 size_t allowable_redirects,
252 std::chrono::milliseconds timeout) {
253 return http_sync("POST", url, content_type, body, allowable_redirects, timeout);
254}
255
256} // namespace Botan::HTTP
Botan::HTTP::HTTP_Error
Definition http_util.h:24
Botan::HTTP::Response::body
const std::vector< uint8_t > & body() const
Definition http_util.h:43
Botan::HTTP::Response::headers
const std::map< std::string, std::string > & headers() const
Definition http_util.h:45
Botan::HTTP::Response::status_code
unsigned int status_code() const
Definition http_util.h:41
Botan::HTTP::Response::status_message
std::string status_message() const
Definition http_util.h:47
Botan::Not_Implemented
Definition exceptn.h:334
Botan::HTTP::http_exch_fn
std::function< std::string(std::string_view, std::string_view, std::string_view)> http_exch_fn
Definition http_util.h:64
Botan::HTTP::POST_sync
Response POST_sync(std::string_view url, std::string_view content_type, const std::vector< uint8_t > &body, size_t allowable_redirects, std::chrono::milliseconds timeout)
Definition http_util.cpp:248
Botan::HTTP::http_sync
Response http_sync(const http_exch_fn &http_transact, std::string_view verb, std::string_view url, std::string_view content_type, const std::vector< uint8_t > &body, size_t allowable_redirects)
Definition http_util.cpp:112
Botan::HTTP::url_encode
std::string url_encode(std::string_view in)
Definition http_util.cpp:87
Botan::HTTP::GET_sync
Response GET_sync(std::string_view url, size_t allowable_redirects, std::chrono::milliseconds timeout)
Definition http_util.cpp:244
Botan::HTTP::operator<<
std::ostream & operator<<(std::ostream &o, const Response &resp)
Definition http_util.cpp:102
Botan::OS::open_socket
std::unique_ptr< Socket > BOTAN_TEST_API open_socket(std::string_view hostname, std::string_view service, std::chrono::milliseconds timeout)
Definition socket.cpp:353
Botan::to_u32bit
uint32_t to_u32bit(std::string_view str_view)
Definition parsing.cpp:32
Botan::as_span_of_bytes
std::span< const uint8_t > as_span_of_bytes(const char *s, size_t len)
Definition mem_utils.h:28
Botan::fmt
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53
Botan::cast_uint8_ptr_to_char
const char * cast_uint8_ptr_to_char(const uint8_t *b)
Definition mem_ops.h:282
Botan::DefaultBufferSize
constexpr size_t DefaultBufferSize
Definition types.h:137
Generated by doxygen 1.15.0