#if HAVE_CRT
#define _CRTDBG_MAP_ALLOC
#include <stdlib.h>
#include <crtdbg.h>
#endif //HAVE_CRT
/*
* Copyright (C) 2020, University of the Basque Country (UPV/EHU)
* Contact for licensing options: <licensing-mcpttclient(at)mcopenplatform(dot)com>
*
* The original file was part of Open Source Doubango Framework
* Copyright (C) 2010-2011 Mamadou Diop.
* Copyright (C) 2012 Doubango Telecom <http://doubango.org>
*
* This file is part of Open Source Doubango Framework.
*
* DOUBANGO is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* DOUBANGO is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with DOUBANGO.
*
*/
/**@file thttp_session.c
* @brief HTTP/HTTPS session.
*
* @author Mamadou Diop <diopmamadou(at)doubango[dot]org>
*
*/
#include "tinyhttp/thttp_session.h"
#include "thttp.h"
#include "tinyhttp/thttp_action.h"
#include "tinyhttp/headers/thttp_header_Dummy.h"
#include "tinyhttp/headers/thttp_header_WWW_Authenticate.h"
#include "tsk_debug.h"
/**@defgroup thttp_session_group HTTP Session
*/
int thttp_session_signal(thttp_session_t *self, thttp_action_type_t atype);
/**Sets parameters.
*/
int __thttp_session_set(thttp_session_t *self, va_list* app)
{
thttp_session_param_type_t curr;
if(!self){
return -1;
}
while((curr=va_arg(*app, thttp_session_param_type_t)) != httpp_null){
switch(curr){
case httpp_option:
{ /* (thttp_session_option_t)ID_ENUM, (const char*)VALUE_STR */
thttp_session_option_t id = va_arg(*app, thttp_session_option_t);
const char* value = va_arg(*app, const char *);
tsk_options_add_option(&self->options, id, value);
break;
}
case httpp_header:
{ /* (const char*)NAME_STR, (const char*)VALUE_STR */
const char* name = va_arg(*app, const char *);
const char* value = va_arg(*app, const char *);
if(value == ((const char*)-1)){ /* UNSET */
tsk_params_remove_param(self->headers, name);
}
else{ /* SET */
tsk_params_add_param(&self->headers, name, value);
}
break;
}
case httpp_cred:
{ /* (const char*)USERNAME_STR, (const char*)PASSWORD_STR */
tsk_strupdate(&self->cred.usename, va_arg(*app, const char *));
tsk_strupdate(&self->cred.password, va_arg(*app, const char *));
break;
}
case httpp_userdata:
{ /* (const void*)USERDATA_PTR */
self->userdata = va_arg(*app, const void *);
break;
}
default:
{ /* va_list will be unsafe => exit */
TSK_DEBUG_ERROR("NOT SUPPORTED.");
goto bail;
}
} /* sxitch */
} /* while */
return 0;
bail:
return -2;
}
/**@ingroup thttp_session_group
* Creates new session.
* @param stack The HTTP/HTTPS @a stack to use. The @a stack shall be created using @ref thttp_stack_create.
* @param ... Any @b THTTP_SESSION_SET_*() macros. MUST ends with @ref THTTP_SESSION_SET_NULL().
* @retval A pointer to the newly created session.
* A session is a well-defined object.
*
* @code
thttp_session_handle_t * session = thttp_session_create(stack,
// session-level parameters
THTTP_SESSION_SET_PARAM("timeout", "6000"),
// session-level headers
THTTP_SESSION_SET_HEADER("Pragma", "No-Cache"),
THTTP_SESSION_SET_HEADER("Connection", "Keep-Alive"),
THTTP_SESSION_SET_HEADER("User-Agent", "organization 1.0"),
THTTP_SESSION_SET_NULL());
* @endcode
*
* @sa @ref thttp_session_set
*/
thttp_session_handle_t* thttp_session_create(const thttp_stack_handle_t* stack, ...)
{
thttp_session_handle_t* ret = tsk_null;
if((ret = tsk_object_new(thttp_session_def_t, stack))){
va_list ap;
va_start(ap, stack);
if(__thttp_session_set(ret, &ap)){
TSK_OBJECT_SAFE_FREE(ret);
}
va_end(ap);
}
else{
TSK_DEBUG_ERROR("failed to create new HTTP/HTTPS session.");
}
return ret;
}
/**@ingroup thttp_session_group
* Updates the session parameters.
* @param self The session to update. The session shall be created using @ref thttp_session_create().
* @param ... Any @b THTTP_SESSION_SET_*() macros. MUST ends with @ref THTTP_SESSION_SET_NULL().
* @retval Zero if succeed and non zero error code otherwise.
*
* @code
int ret = thttp_session_set(session,
// session-level parameters
THTTP_SESSION_SET_OPTION(THTTP_SESSION_OPTION_TIMEOUT, "6000"),
// session-level headers
THTTP_SESSION_SET_HEADER("Pragma", "No-Cache"),
THTTP_SESSION_SET_HEADER("Connection", "Keep-Alive"),
THTTP_SESSION_SET_HEADER("User-Agent", "organization 1.0"),
THTTP_SESSION_SET_NULL());
* @endcode
*
* @sa @ref thttp_session_create
*/
int thttp_session_set(thttp_session_handle_t *self, ...)
{
if(self){
int ret;
va_list ap;
thttp_session_t *session = self;
if(session->id == THTTP_SESSION_INVALID_ID){
TSK_DEBUG_ERROR("Using invalid session.");
return -2;
}
va_start(ap, self);
ret = __thttp_session_set(session, &ap);
va_end(ap);
return ret;
}
return -1;
}
/**@ingroup thttp_session_group
* Gets the session id.
* @param self The session for which to get the id.
* @retval The id of the session.
*/
thttp_session_id_t thttp_session_get_id(const thttp_session_handle_t *self)
{
const thttp_session_t *session = self;
if(session){
return session->id;
}
return THTTP_SESSION_INVALID_ID;
}
/**@ingroup thttp_session_group
* Gets the user context (user/application data).
* @param self A pointer to the session from which to get the context.
* @retval A pointer to the context. Previously defined by using @ref THTTP_SESSION_SET_USERDATA() macro.
* @sa @ref THTTP_SESSION_SET_USERDATA()
*/
const void* thttp_session_get_userdata(const thttp_session_handle_t *self)
{
if(self){
return ((const thttp_session_t*)self)->userdata;
}
return tsk_null;
}
int thttp_session_closefd(thttp_session_handle_t *_self)
{
int ret = 0;
thttp_session_t* self = _self;
if(self->fd != TNET_INVALID_FD){
if((ret = tnet_transport_remove_socket(self->stack->transport, &self->fd))){
ret = tnet_sockfd_close(&self->fd);
}
}
return ret;
}
/** Updates authentications headers.
*/
int thttp_session_update_challenges(thttp_session_t *self, const thttp_response_t* response, tsk_bool_t answered)
{
int ret = 0;
tsk_size_t i;
tsk_list_item_t *item;
thttp_challenge_t *challenge;
const thttp_header_WWW_Authenticate_t *WWW_Authenticate;
const thttp_header_Proxy_Authenticate_t *Proxy_Authenticate;
tsk_safeobj_lock(self);
/* RFC 2617 - Digest Operation
* (A) The client response to a WWW-Authenticate challenge for a protection
space starts an authentication session with that protection space.
The authentication session lasts until the client receives another
WWW-Authenticate challenge from any server in the protection space.
(B) The server may return a 401 response with a new nonce value, causing the client
to retry the request; by specifying stale=TRUE with this response,
the server tells the client to retry with the new nonce, but without
prompting for a new username and password.
*/
/* RFC 2617 - 1.2 Access Authentication Framework
The realm directive (case-insensitive) is required for all authentication schemes that issue a challenge.
*/
/* FIXME: As we perform the same task ==> Use only one loop.
*/
for(i =0; (WWW_Authenticate = (const thttp_header_WWW_Authenticate_t*)thttp_message_get_headerAt(response, thttp_htype_WWW_Authenticate, i)); i++)
{
tsk_bool_t isnew = tsk_true;
tsk_list_foreach(item, self->challenges)
{
challenge = item->data;
if(challenge->isproxy){
continue;
}
if(tsk_striequals(challenge->realm, WWW_Authenticate->realm) && (WWW_Authenticate->stale || !answered)){
/*== (B) ==*/
if((ret = thttp_challenge_update(challenge,
WWW_Authenticate->scheme,
WWW_Authenticate->realm,
WWW_Authenticate->nonce,
WWW_Authenticate->opaque,
WWW_Authenticate->algorithm,
WWW_Authenticate->qop))){
return ret;
}
else{
isnew = tsk_false;
continue;
}
}
else{
ret = -1;
goto bail;
}
}
if(isnew){
if((challenge = thttp_challenge_create(tsk_false, /* Not proxy */
WWW_Authenticate->scheme,
WWW_Authenticate->realm,
WWW_Authenticate->nonce,
WWW_Authenticate->opaque,
WWW_Authenticate->algorithm,
WWW_Authenticate->qop))){
tsk_list_push_back_data(self->challenges, (void**)&challenge);
}
else{
ret = -1;
goto bail;
}
}
}
for(i=0; (Proxy_Authenticate = (const thttp_header_Proxy_Authenticate_t*)thttp_message_get_headerAt(response, thttp_htype_Proxy_Authenticate, i)); i++)
{
tsk_bool_t isnew = tsk_true;
tsk_list_foreach(item, self->challenges){
challenge = item->data;
if(!challenge->isproxy){
continue;
}
if(tsk_striequals(challenge->realm, Proxy_Authenticate->realm) && (Proxy_Authenticate->stale || !answered)){
/*== (B) ==*/
if((ret = thttp_challenge_update(challenge,
Proxy_Authenticate->scheme,
Proxy_Authenticate->realm,
Proxy_Authenticate->nonce,
Proxy_Authenticate->opaque,
Proxy_Authenticate->algorithm,
Proxy_Authenticate->qop)))
{
goto bail;
}
else{
isnew = tsk_false;
continue;
}
}
else{
ret = -1;
goto bail;
}
}
if(isnew){
if((challenge = thttp_challenge_create(tsk_true, /* Proxy */
Proxy_Authenticate->scheme,
Proxy_Authenticate->realm,
Proxy_Authenticate->nonce,
Proxy_Authenticate->opaque,
Proxy_Authenticate->algorithm,
Proxy_Authenticate->qop)))
{
tsk_list_push_back_data(self->challenges, (void**)&challenge);
}
else{
ret = -1;
goto bail;
}
}
}
bail:
tsk_safeobj_unlock(self);
return ret;
}
/* internal function */
int thttp_session_signal(thttp_session_t *self, thttp_action_type_t atype)
{
tsk_list_item_t *item;
if(!self){
TSK_DEBUG_ERROR("Invalid parameter");
return -1;
}
tsk_safeobj_lock(self);
again:
tsk_list_foreach(item, self->dialogs){
item = tsk_object_ref(item);
thttp_dialog_fsm_act((thttp_dialog_t*)item->data, atype, tsk_null, tsk_null);
/* As the above action could terminate the dialog (which means change the content of self->dialogs)
* => list becomes unsafe */
if(!(item = tsk_object_unref(item))){
goto again;
}
}
switch(atype){
case thttp_thttp_atype_closed:
self->fd = TNET_INVALID_FD;
break;
default:
break;
}
tsk_safeobj_unlock(self);
return 0;
}
/** Signals to all dialogs that the connection have been closed. */
int thttp_session_signal_closed(thttp_session_t *self)
{
return thttp_session_signal(self, thttp_thttp_atype_closed);
}
/** Signals to all dialogss that we got an error */
int thttp_session_signal_error(thttp_session_t *self)
{
return thttp_session_signal(self, thttp_atype_error);
}
/** Retrieves a session by fd */
thttp_session_t* thttp_session_get_by_fd(thttp_sessions_L_t* sessions, tnet_fd_t fd)
{
thttp_session_t* ret = tsk_null;
const tsk_list_item_t *item;
if(!sessions){
goto bail;
}
tsk_list_foreach(item, sessions){
if(((thttp_session_t*)item->data)->fd == fd){
ret = tsk_object_ref(item->data);
goto bail;
}
}
bail:
return ret;
}
//========================================================
// HTTP SESSION object definition
//
static tsk_object_t* _thttp_session_create(tsk_object_t * self, va_list * app)
{
thttp_session_t *session = self;
static thttp_session_id_t unique_id = THTTP_SESSION_INVALID_ID;
if(session){
tsk_safeobj_init(session);
session->stack = va_arg(*app, const thttp_stack_handle_t*);
session->options = tsk_list_create();
session->headers = tsk_list_create();
session->challenges = tsk_list_create();
session->dialogs = tsk_list_create();
session->fd = TNET_INVALID_FD;
session->id = THTTP_SESSION_INVALID_ID;
/* add the session to the stack */
if(session->stack){
session->id = ++unique_id;
tsk_list_push_back_data(session->stack->sessions, (void**)&session);
}
}
return self;
}
static tsk_object_t* thttp_session_destroy(tsk_object_t * self)
{
thttp_session_t *session = self;
if(session){
TSK_DEBUG_INFO("*** HTTP/HTTPS Session destroyed ***");
/* remove from the stack */
if(session->stack){
tsk_list_remove_item_by_data(session->stack->sessions, session);
}
TSK_OBJECT_SAFE_FREE(session->options);
TSK_OBJECT_SAFE_FREE(session->headers);
TSK_OBJECT_SAFE_FREE(session->challenges);
TSK_OBJECT_SAFE_FREE(session->dialogs);
// cred
TSK_FREE(session->cred.usename);
TSK_FREE(session->cred.password);
// fd
if(session->fd != TNET_INVALID_FD){
if(tnet_transport_remove_socket(session->stack->transport, &session->fd)){
tnet_sockfd_close(&session->fd);
}
}
tsk_safeobj_deinit(session);
}
return self;
}
static int thttp_session_cmp(const tsk_object_t *_session1, const tsk_object_t *_session2)
{
const thttp_session_t *session1 = _session1;
const thttp_session_t *session2 = _session2;
if(session1 && session2){
return (int)(session1->id-session2->id);
}
return -1;
}
static const tsk_object_def_t thttp_session_def_s =
{
sizeof(thttp_session_t),
_thttp_session_create,
thttp_session_destroy,
thttp_session_cmp,
};
const tsk_object_def_t *thttp_session_def_t = &thttp_session_def_s;