File: auth_http.c

package info (click to toggle)
kamailio 4.2.0-2%2Bdeb8u3
  • links: PTS, VCS
  • area: main
  • in suites: jessie
  • size: 56,276 kB
  • sloc: ansic: 552,836; xml: 166,484; sh: 8,659; makefile: 7,676; sql: 6,235; perl: 3,487; yacc: 3,428; python: 1,457; cpp: 1,219; php: 1,047; java: 449; pascal: 194; cs: 40; awk: 27
file content (110 lines) | stat: -rw-r--r-- 2,776 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
/*
 * $Id$
 *
 * Copyright (c) 2007 iptelorg GmbH
 *
 * This file is part of SIP-router, a free SIP server.
 *
 * SIP-router is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version
 *
 * SIP-router is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */

/*!
 * \file
 * \brief SIP-router auth-identity :: HTTP
 * \ingroup auth-identity
 * Module: \ref auth-identity
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <curl/curl.h>
#include <curl/easy.h>
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/x509.h>
#include <openssl/bio.h>


#include "../../mem/mem.h"
#include "../../data_lump.h"

#include "auth_identity.h"

size_t curlmem_cb(void *ptr, size_t size, size_t nmemb, void *data)
{
	size_t irealsize = size * nmemb;

	/* too big certificate */
	if (((str*)data)->len + irealsize >= CERTIFICATE_LENGTH)
		return 0;

	memcpy(&(((str*)data)->s[((str*)data)->len]), ptr, irealsize);
	((str*)data)->len+=irealsize;

	return irealsize;
}

int download_cer(str *suri, CURL *hcurl)
{
	CURLcode iRes;
	long lerr=200;
	char snulled[CERTIFICATE_URL_LENGTH], *snulledptr=NULL;
	int iRet=0;

	if (suri->len < sizeof(snulled)) {
		memcpy(snulled, suri->s, suri->len);
		snulled[suri->len]=0;
	} else {
		/* +1 for the terminating \0 byte */
		if (!(snulledptr=pkg_malloc(suri->len + 1))) {
			LOG(L_ERR, "AUTH_IDENTITY:download_cer: Not enough memory error\n");
			return -1;
		}
		memcpy(snulledptr, suri->s, suri->len);
		snulledptr[suri->len]=0;
	}

	do {
		if ((iRes=curl_easy_setopt(hcurl,
								   CURLOPT_URL,
								   snulledptr ? snulledptr : snulled))!=0) {
			LOG(L_ERR,
				"AUTH_IDENTITY:download_cer: Unable to set the url of certificate: %s\n",
				curl_easy_strerror(iRes));
			iRet=-2;
			break;
		}

		if ((iRes=curl_easy_perform(hcurl))!=0) {
			LOG(L_ERR,
				"AUTH_IDENTITY:download_cer: Error while downloading certificate '%s'\n",
				curl_easy_strerror(iRes));
			iRet=-3;
			break;
		}

		curl_easy_getinfo(hcurl,CURLINFO_RESPONSE_CODE,&lerr);
		if (lerr/100 != 2) {
			LOG(L_ERR, "AUTH_IDENTITY:download_cer: Bad HTTP response: %ld\n", lerr );
			iRet=-4;
		}
	} while (0);

	if (snulledptr)
		pkg_free(snulledptr);

	return iRet;
}