Botan 3.4.0
Crypto and TLS for C&
http_util.cpp
Go to the documentation of this file.
1/*
2* Sketchy HTTP client
3* (C) 2013,2016 Jack Lloyd
4* 2017 René Korthaus, Rohde & Schwarz Cybersecurity
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#include <botan/internal/http_util.h>
10
11#include <botan/hex.h>
12#include <botan/mem_ops.h>
13#include <botan/internal/fmt.h>
14#include <botan/internal/os_utils.h>
15#include <botan/internal/parsing.h>
16#include <botan/internal/socket.h>
17#include <botan/internal/stl_util.h>
18#include <sstream>
19
20namespace Botan::HTTP {
21
22namespace {
23
24/*
25* Connect to a host, write some bytes, then read until the server
26* closes the socket.
27*/
28std::string http_transact(std::string_view hostname,
29 std::string_view service,
30 std::string_view message,
31 std::chrono::milliseconds timeout) {
32 std::unique_ptr<OS::Socket> socket;
33
34 const std::chrono::system_clock::time_point start_time = std::chrono::system_clock::now();
35
36 try {
37 socket = OS::open_socket(hostname, service, timeout);
38 if(!socket) {
39 throw Not_Implemented("No socket support enabled in build");
40 }
41 } catch(std::exception& e) {
42 throw HTTP_Error(fmt("HTTP connection to {} failed: {}", hostname, e.what()));
43 }
44
45 // Blocks until entire message has been written
46 socket->write(cast_char_ptr_to_uint8(message.data()), message.size());
47
48 if(std::chrono::system_clock::now() - start_time > timeout) {
49 throw HTTP_Error("Timeout during writing message body");
50 }
51
52 std::ostringstream oss;
53 std::vector<uint8_t> buf(BOTAN_DEFAULT_BUFFER_SIZE);
54 while(true) {
55 const size_t got = socket->read(buf.data(), buf.size());
56 if(got == 0) { // EOF
57 break;
58 }
59
60 if(std::chrono::system_clock::now() - start_time > timeout) {
61 throw HTTP_Error("Timeout while reading message body");
62 }
63
64 oss.write(cast_uint8_ptr_to_char(buf.data()), static_cast<std::streamsize>(got));
65 }
66
67 return oss.str();
68}
69
70bool needs_url_encoding(char c) {
71 if(c >= 'A' && c <= 'Z') {
72 return false;
73 }
74 if(c >= 'a' && c <= 'z') {
75 return false;
76 }
77 if(c >= '0' && c <= '9') {
78 return false;
79 }
80 if(c == '-' || c == '_' || c == '.' || c == '~') {
81 return false;
82 }
83 return true;
84}
85
86} // namespace
87
88std::string url_encode(std::string_view in) {
89 std::ostringstream out;
90
91 for(auto c : in) {
92 if(needs_url_encoding(c)) {
93 out << '%' << hex_encode(cast_char_ptr_to_uint8(&c), 1);
94 } else {
95 out << c;
96 }
97 }
98
99 return out.str();
100}
101
102std::ostream& operator<<(std::ostream& o, const Response& resp) {
103 o << "HTTP " << resp.status_code() << " " << resp.status_message() << "\n";
104 for(const auto& h : resp.headers()) {
105 o << "Header '" << h.first << "' = '" << h.second << "'\n";
106 }
107 o << "Body " << std::to_string(resp.body().size()) << " bytes:\n";
108 o.write(cast_uint8_ptr_to_char(resp.body().data()), resp.body().size());
109 return o;
110}
111
112Response http_sync(const http_exch_fn& http_transact,
113 std::string_view verb,
114 std::string_view url,
115 std::string_view content_type,
116 const std::vector<uint8_t>& body,
117 size_t allowable_redirects) {
118 if(url.empty()) {
119 throw HTTP_Error("URL empty");
120 }
121
122 const auto protocol_host_sep = url.find("://");
123 if(protocol_host_sep == std::string::npos) {
124 throw HTTP_Error(fmt("Invalid URL '{}'", url));
125 }
126
127 const auto host_loc_sep = url.find('/', protocol_host_sep + 3);
128
129 std::string hostname, loc, service;
130
131 if(host_loc_sep == std::string::npos) {
132 hostname = url.substr(protocol_host_sep + 3, std::string::npos);
133 loc = "/";
134 } else {
135 hostname = url.substr(protocol_host_sep + 3, host_loc_sep - protocol_host_sep - 3);
136 loc = url.substr(host_loc_sep, std::string::npos);
137 }
138
139 const auto port_sep = hostname.find(':');
140 if(port_sep == std::string::npos) {
141 service = "http";
142 // hostname not modified
143 } else {
144 service = hostname.substr(port_sep + 1, std::string::npos);
145 hostname = hostname.substr(0, port_sep);
146 }
147
148 std::ostringstream outbuf;
149
150 outbuf << verb << " " << loc << " HTTP/1.0\r\n";
151 outbuf << "Host: " << hostname << "\r\n";
152
153 if(verb == "GET") {
154 outbuf << "Accept: */*\r\n";
155 outbuf << "Cache-Control: no-cache\r\n";
156 } else if(verb == "POST") {
157 outbuf << "Content-Length: " << body.size() << "\r\n";
158 }
159
160 if(!content_type.empty()) {
161 outbuf << "Content-Type: " << content_type << "\r\n";
162 }
163 outbuf << "Connection: close\r\n\r\n";
164 outbuf.write(cast_uint8_ptr_to_char(body.data()), body.size());
165
166 std::istringstream io(http_transact(hostname, service, outbuf.str()));
167
168 std::string line1;
169 std::getline(io, line1);
170 if(!io || line1.empty()) {
171 throw HTTP_Error("No response");
172 }
173
174 std::stringstream response_stream(line1);
175 std::string http_version;
176 unsigned int status_code;
177 std::string status_message;
178
179 response_stream >> http_version >> status_code;
180
181 std::getline(response_stream, status_message);
182
183 if(!response_stream || http_version.substr(0, 5) != "HTTP/") {
184 throw HTTP_Error("Not an HTTP response");
185 }
186
187 std::map<std::string, std::string> headers;
188 std::string header_line;
189 while(std::getline(io, header_line) && header_line != "\r") {
190 auto sep = header_line.find(": ");
191 if(sep == std::string::npos || sep > header_line.size() - 2) {
192 throw HTTP_Error(fmt("Invalid HTTP header '{}'", header_line));
193 }
194 const std::string key = header_line.substr(0, sep);
195
196 if(sep + 2 < header_line.size() - 1) {
197 const std::string val = header_line.substr(sep + 2, (header_line.size() - 1) - (sep + 2));
198 headers[key] = val;
199 }
200 }
201
202 if(status_code == 301 && headers.contains("Location")) {
203 if(allowable_redirects == 0) {
204 throw HTTP_Error("HTTP redirection count exceeded");
205 }
206 return GET_sync(headers["Location"], allowable_redirects - 1);
207 }
208
209 std::vector<uint8_t> resp_body;
210 std::vector<uint8_t> buf(4096);
211 while(io.good()) {
212 io.read(cast_uint8_ptr_to_char(buf.data()), buf.size());
213 const size_t got = static_cast<size_t>(io.gcount());
214 resp_body.insert(resp_body.end(), buf.data(), &buf[got]);
215 }
216
217 const std::string header_size = search_map(headers, std::string("Content-Length"));
218
219 if(!header_size.empty()) {
220 if(resp_body.size() != to_u32bit(header_size)) {
221 throw HTTP_Error(fmt("Content-Length disagreement, header says {} got {}", header_size, resp_body.size()));
222 }
223 }
224
225 return Response(status_code, status_message, resp_body, headers);
226}
227
228Response http_sync(std::string_view verb,
229 std::string_view url,
230 std::string_view content_type,
231 const std::vector<uint8_t>& body,
232 size_t allowable_redirects,
233 std::chrono::milliseconds timeout) {
234 auto transact_with_timeout = [timeout](
235 std::string_view hostname, std::string_view service, std::string_view message) {
236 return http_transact(hostname, service, message, timeout);
237 };
238
239 return http_sync(transact_with_timeout, verb, url, content_type, body, allowable_redirects);
240}
241
242Response GET_sync(std::string_view url, size_t allowable_redirects, std::chrono::milliseconds timeout) {
243 return http_sync("GET", url, "", std::vector<uint8_t>(), allowable_redirects, timeout);
244}
245
246Response POST_sync(std::string_view url,
247 std::string_view content_type,
248 const std::vector<uint8_t>& body,
249 size_t allowable_redirects,
250 std::chrono::milliseconds timeout) {
251 return http_sync("POST", url, content_type, body, allowable_redirects, timeout);
252}
253
254} // namespace Botan::HTTP
Botan::HTTP::HTTP_Error
Definition http_util.h:24
Botan::HTTP::Response::body
const std::vector< uint8_t > & body() const
Definition http_util.h:43
Botan::HTTP::Response::headers
const std::map< std::string, std::string > & headers() const
Definition http_util.h:45
Botan::HTTP::Response::status_code
unsigned int status_code() const
Definition http_util.h:41
Botan::HTTP::Response::status_message
std::string status_message() const
Definition http_util.h:47
Botan::Not_Implemented
Definition exceptn.h:334
BOTAN_DEFAULT_BUFFER_SIZE
#define BOTAN_DEFAULT_BUFFER_SIZE
Definition build.h:391
Botan::HTTP::http_exch_fn
std::function< std::string(std::string_view, std::string_view, std::string_view)> http_exch_fn
Definition http_util.h:64
Botan::HTTP::POST_sync
Response POST_sync(std::string_view url, std::string_view content_type, const std::vector< uint8_t > &body, size_t allowable_redirects, std::chrono::milliseconds timeout)
Definition http_util.cpp:246
Botan::HTTP::http_sync
Response http_sync(const http_exch_fn &http_transact, std::string_view verb, std::string_view url, std::string_view content_type, const std::vector< uint8_t > &body, size_t allowable_redirects)
Definition http_util.cpp:112
Botan::HTTP::url_encode
std::string url_encode(std::string_view in)
Definition http_util.cpp:88
Botan::HTTP::GET_sync
Response GET_sync(std::string_view url, size_t allowable_redirects, std::chrono::milliseconds timeout)
Definition http_util.cpp:242
Botan::HTTP::operator<<
std::ostream & operator<<(std::ostream &o, const Response &resp)
Definition http_util.cpp:102
Botan::OS::open_socket
std::unique_ptr< Socket > BOTAN_TEST_API open_socket(std::string_view hostname, std::string_view service, std::chrono::milliseconds timeout)
Definition socket.cpp:349
Botan::to_u32bit
uint32_t to_u32bit(std::string_view str_view)
Definition parsing.cpp:32
Botan::fmt
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53
Botan::search_map
V search_map(const std::map< K, V > &mapping, const K &key, const V &null_result=V())
Definition stl_util.h:89
Botan::hex_encode
void hex_encode(char output[], const uint8_t input[], size_t input_length, bool uppercase)
Definition hex.cpp:33
Botan::cast_uint8_ptr_to_char
const char * cast_uint8_ptr_to_char(const uint8_t *b)
Definition mem_ops.h:279
Botan::cast_char_ptr_to_uint8
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition mem_ops.h:275
Generated by doxygen 1.10.0