Botan  2.19.1
Crypto and TLS for C++11
http_util.cpp
Go to the documentation of this file.
1 /*
2 * Sketchy HTTP client
3 * (C) 2013,2016 Jack Lloyd
4 * 2017 RenĂ© Korthaus, Rohde & Schwarz Cybersecurity
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #include <botan/http_util.h>
10 #include <botan/parsing.h>
11 #include <botan/hex.h>
12 #include <botan/internal/os_utils.h>
13 #include <botan/internal/socket.h>
14 #include <botan/internal/stl_util.h>
15 #include <sstream>
16 
17 namespace Botan {
18 
19 namespace HTTP {
20 
21 namespace {
22 
23 /*
24 * Connect to a host, write some bytes, then read until the server
25 * closes the socket.
26 */
27 std::string http_transact(const std::string& hostname,
28  const std::string& service,
29  const std::string& message,
30  std::chrono::milliseconds timeout)
31  {
32  std::unique_ptr<OS::Socket> socket;
33 
34  const std::chrono::system_clock::time_point start_time = std::chrono::system_clock::now();
35 
36  try
37  {
38  socket = OS::open_socket(hostname, service, timeout);
39  if(!socket)
40  throw Not_Implemented("No socket support enabled in build");
41  }
42  catch(std::exception& e)
43  {
44  throw HTTP_Error("HTTP connection to " + hostname + " failed: " + e.what());
45  }
46 
47  // Blocks until entire message has been written
48  socket->write(cast_char_ptr_to_uint8(message.data()),
49  message.size());
50 
51  if(std::chrono::system_clock::now() - start_time > timeout)
52  throw HTTP_Error("Timeout during writing message body");
53 
54  std::ostringstream oss;
55  std::vector<uint8_t> buf(BOTAN_DEFAULT_BUFFER_SIZE);
56  while(true)
57  {
58  const size_t got = socket->read(buf.data(), buf.size());
59  if(got == 0) // EOF
60  break;
61 
62  if(std::chrono::system_clock::now() - start_time > timeout)
63  throw HTTP_Error("Timeout while reading message body");
64 
65  oss.write(cast_uint8_ptr_to_char(buf.data()),
66  static_cast<std::streamsize>(got));
67  }
68 
69  return oss.str();
70  }
71 
72 }
73 
74 std::string url_encode(const std::string& in)
75  {
76  std::ostringstream out;
77 
78  for(auto c : in)
79  {
80  if(c >= 'A' && c <= 'Z')
81  out << c;
82  else if(c >= 'a' && c <= 'z')
83  out << c;
84  else if(c >= '0' && c <= '9')
85  out << c;
86  else if(c == '-' || c == '_' || c == '.' || c == '~')
87  out << c;
88  else
89  out << '%' << hex_encode(cast_char_ptr_to_uint8(&c), 1);
90  }
91 
92  return out.str();
93  }
94 
95 std::ostream& operator<<(std::ostream& o, const Response& resp)
96  {
97  o << "HTTP " << resp.status_code() << " " << resp.status_message() << "\n";
98  for(auto h : resp.headers())
99  o << "Header '" << h.first << "' = '" << h.second << "'\n";
100  o << "Body " << std::to_string(resp.body().size()) << " bytes:\n";
101  o.write(cast_uint8_ptr_to_char(resp.body().data()), resp.body().size());
102  return o;
103  }
104 
106  const std::string& verb,
107  const std::string& url,
108  const std::string& content_type,
109  const std::vector<uint8_t>& body,
110  size_t allowable_redirects)
111  {
112  if(url.empty())
113  throw HTTP_Error("URL empty");
114 
115  const auto protocol_host_sep = url.find("://");
116  if(protocol_host_sep == std::string::npos)
117  throw HTTP_Error("Invalid URL '" + url + "'");
118 
119  const auto host_loc_sep = url.find('/', protocol_host_sep + 3);
120 
121  std::string hostname, loc, service;
122 
123  if(host_loc_sep == std::string::npos)
124  {
125  hostname = url.substr(protocol_host_sep + 3, std::string::npos);
126  loc = "/";
127  }
128  else
129  {
130  hostname = url.substr(protocol_host_sep + 3, host_loc_sep-protocol_host_sep-3);
131  loc = url.substr(host_loc_sep, std::string::npos);
132  }
133 
134  const auto port_sep = hostname.find(":");
135  if(port_sep == std::string::npos)
136  {
137  service = "http";
138  // hostname not modified
139  }
140  else
141  {
142  service = hostname.substr(port_sep + 1, std::string::npos);
143  hostname = hostname.substr(0, port_sep);
144  }
145 
146  std::ostringstream outbuf;
147 
148  outbuf << verb << " " << loc << " HTTP/1.0\r\n";
149  outbuf << "Host: " << hostname << "\r\n";
150 
151  if(verb == "GET")
152  {
153  outbuf << "Accept: */*\r\n";
154  outbuf << "Cache-Control: no-cache\r\n";
155  }
156  else if(verb == "POST")
157  outbuf << "Content-Length: " << body.size() << "\r\n";
158 
159  if(!content_type.empty())
160  outbuf << "Content-Type: " << content_type << "\r\n";
161  outbuf << "Connection: close\r\n\r\n";
162  outbuf.write(cast_uint8_ptr_to_char(body.data()), body.size());
163 
164  std::istringstream io(http_transact(hostname, service, outbuf.str()));
165 
166  std::string line1;
167  std::getline(io, line1);
168  if(!io || line1.empty())
169  throw HTTP_Error("No response");
170 
171  std::stringstream response_stream(line1);
172  std::string http_version;
173  unsigned int status_code;
174  std::string status_message;
175 
176  response_stream >> http_version >> status_code;
177 
178  std::getline(response_stream, status_message);
179 
180  if(!response_stream || http_version.substr(0,5) != "HTTP/")
181  throw HTTP_Error("Not an HTTP response");
182 
183  std::map<std::string, std::string> headers;
184  std::string header_line;
185  while (std::getline(io, header_line) && header_line != "\r")
186  {
187  auto sep = header_line.find(": ");
188  if(sep == std::string::npos || sep > header_line.size() - 2)
189  throw HTTP_Error("Invalid HTTP header " + header_line);
190  const std::string key = header_line.substr(0, sep);
191 
192  if(sep + 2 < header_line.size() - 1)
193  {
194  const std::string val = header_line.substr(sep + 2, (header_line.size() - 1) - (sep + 2));
195  headers[key] = val;
196  }
197  }
198 
199  if(status_code == 301 && headers.count("Location"))
200  {
201  if(allowable_redirects == 0)
202  throw HTTP_Error("HTTP redirection count exceeded");
203  return GET_sync(headers["Location"], allowable_redirects - 1);
204  }
205 
206  std::vector<uint8_t> resp_body;
207  std::vector<uint8_t> buf(4096);
208  while(io.good())
209  {
210  io.read(cast_uint8_ptr_to_char(buf.data()), buf.size());
211  const size_t got = static_cast<size_t>(io.gcount());
212  resp_body.insert(resp_body.end(), buf.data(), &buf[got]);
213  }
214 
215  const std::string header_size = search_map(headers, std::string("Content-Length"));
216 
217  if(!header_size.empty())
218  {
219  if(resp_body.size() != to_u32bit(header_size))
220  throw HTTP_Error("Content-Length disagreement, header says " +
221  header_size + " got " + std::to_string(resp_body.size()));
222  }
223 
224  return Response(status_code, status_message, resp_body, headers);
225  }
226 
227 Response http_sync(const std::string& verb,
228  const std::string& url,
229  const std::string& content_type,
230  const std::vector<uint8_t>& body,
231  size_t allowable_redirects,
232  std::chrono::milliseconds timeout)
233  {
234  auto transact_with_timeout =
235  [timeout](const std::string& hostname, const std::string& service, const std::string& message)
236  {
237  return http_transact(hostname, service, message, timeout);
238  };
239 
240  return http_sync(
241  transact_with_timeout,
242  verb,
243  url,
244  content_type,
245  body,
246  allowable_redirects);
247  }
248 
249 Response GET_sync(const std::string& url,
250  size_t allowable_redirects,
251  std::chrono::milliseconds timeout)
252  {
253  return http_sync("GET", url, "", std::vector<uint8_t>(), allowable_redirects, timeout);
254  }
255 
256 Response POST_sync(const std::string& url,
257  const std::string& content_type,
258  const std::vector<uint8_t>& body,
259  size_t allowable_redirects,
260  std::chrono::milliseconds timeout)
261  {
262  return http_sync("POST", url, content_type, body, allowable_redirects, timeout);
263  }
264 
265 }
266 
267 }
void hex_encode(char output[], const uint8_t input[], size_t input_length, bool uppercase)
Definition: hex.cpp:31
V search_map(const std::map< K, V > &mapping, const K &key, const V &null_result=V())
Definition: stl_util.h:52
std::string status_message() const
Definition: http_util.h:58
const std::vector< uint8_t > & body() const
Definition: http_util.h:54
Response GET_sync(const std::string &url, size_t allowable_redirects, std::chrono::milliseconds timeout)
Definition: http_util.cpp:249
std::ostream & operator<<(std::ostream &o, const Response &resp)
Definition: http_util.cpp:95
Response POST_sync(const std::string &url, const std::string &content_type, const std::vector< uint8_t > &body, size_t allowable_redirects, std::chrono::milliseconds timeout)
Definition: http_util.cpp:256
std::unique_ptr< Socket > BOTAN_TEST_API open_socket(const std::string &hostname, const std::string &service, std::chrono::milliseconds timeout)
Definition: socket.cpp:352
const uint8_t * cast_char_ptr_to_uint8(const char *s)
Definition: mem_ops.h:190
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:213
uint32_t to_u32bit(const std::string &str)
Definition: parsing.cpp:35
Definition: alg_id.cpp:13
const std::map< std::string, std::string > & headers() const
Definition: http_util.h:56
unsigned int status_code() const
Definition: http_util.h:52
const char * cast_uint8_ptr_to_char(const uint8_t *b)
Definition: mem_ops.h:195
Response http_sync(http_exch_fn http_transact, const std::string &verb, const std::string &url, const std::string &content_type, const std::vector< uint8_t > &body, size_t allowable_redirects)
Definition: http_util.cpp:105
std::string url_encode(const std::string &in)
Definition: http_util.cpp:74
std::function< std::string(const std::string &, const std::string &, const std::string &)> http_exch_fn
Definition: http_util.h:75