11631334564

Committed 01 Nov 2024 02:54PM UTC coverage: 91.031% (-0.04%) from 91.072%

Build # 11631334564

Build Type

Pull #4422

github

Committed by

web-flow

Commit Message

Merge c66020351 into bd045b1a0

Pull Request Pull Request #4422: Chore: Centralize some Repository Config

Run Details

90350 of 99252 relevant lines covered (91.03%)

9489034.7 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

36.89

/src/lib/utils/http_util/http_util.cpp

/*
* Sketchy HTTP client
* (C) 2013,2016 Jack Lloyd
*     2017 René Korthaus, Rohde & Schwarz Cybersecurity
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include <botan/internal/http_util.h>

#include <botan/hex.h>
#include <botan/mem_ops.h>
#include <botan/internal/fmt.h>
#include <botan/internal/os_utils.h>
#include <botan/internal/parsing.h>
#include <botan/internal/socket.h>
#include <botan/internal/stl_util.h>
#include <sstream>

namespace Botan::HTTP {

namespace {

/*
* Connect to a host, write some bytes, then read until the server
* closes the socket.
*/
std::string http_transact(std::string_view hostname,
                          std::string_view service,
                          std::string_view message,
                          std::chrono::milliseconds timeout) {
   std::unique_ptr<OS::Socket> socket;

   const std::chrono::system_clock::time_point start_time = std::chrono::system_clock::now();

   try {
      socket = OS::open_socket(hostname, service, timeout);
      if(!socket) {
         throw Not_Implemented("No socket support enabled in build");
      }
   } catch(std::exception& e) {
      throw HTTP_Error(fmt("HTTP connection to {} failed: {}", hostname, e.what()));
   }

   // Blocks until entire message has been written
   socket->write(cast_char_ptr_to_uint8(message.data()), message.size());

   if(std::chrono::system_clock::now() - start_time > timeout) {
      throw HTTP_Error("Timeout during writing message body");
   }

   std::ostringstream oss;
   std::vector<uint8_t> buf(BOTAN_DEFAULT_BUFFER_SIZE);
   while(true) {
      const size_t got = socket->read(buf.data(), buf.size());
      if(got == 0) {  // EOF
         break;
      }

      if(std::chrono::system_clock::now() - start_time > timeout) {
         throw HTTP_Error("Timeout while reading message body");
      }

      oss.write(cast_uint8_ptr_to_char(buf.data()), static_cast<std::streamsize>(got));
   }

   return oss.str();
}

bool needs_url_encoding(char c) {
   if(c >= 'A' && c <= 'Z') {
      return false;
   }
   if(c >= 'a' && c <= 'z') {
      return false;
   }
   if(c >= '0' && c <= '9') {
      return false;
   }
   if(c == '-' || c == '_' || c == '.' || c == '~') {
      return false;
   }
   return true;
}

}  // namespace

std::string url_encode(std::string_view in) {
   std::ostringstream out;

   for(auto c : in) {
      if(needs_url_encoding(c)) {
         out << '%' << hex_encode(cast_char_ptr_to_uint8(&c), 1);
      } else {
         out << c;
      }
   }

   return out.str();
}

std::ostream& operator<<(std::ostream& o, const Response& resp) {
   o << "HTTP " << resp.status_code() << " " << resp.status_message() << "\n";
   for(const auto& h : resp.headers()) {
      o << "Header '" << h.first << "' = '" << h.second << "'\n";
   }
   o << "Body " << std::to_string(resp.body().size()) << " bytes:\n";
   o.write(cast_uint8_ptr_to_char(resp.body().data()), resp.body().size());
   return o;
}

Response http_sync(const http_exch_fn& http_transact,
                   std::string_view verb,
                   std::string_view url,
                   std::string_view content_type,
                   const std::vector<uint8_t>& body,
                   size_t allowable_redirects) {
   if(url.empty()) {
      throw HTTP_Error("URL empty");
   }

   const auto protocol_host_sep = url.find("://");
   if(protocol_host_sep == std::string::npos) {
      throw HTTP_Error(fmt("Invalid URL '{}'", url));
   }

   const auto host_loc_sep = url.find('/', protocol_host_sep + 3);

   std::string hostname, loc, service;

   if(host_loc_sep == std::string::npos) {
      hostname = url.substr(protocol_host_sep + 3, std::string::npos);
      loc = "/";
   } else {
      hostname = url.substr(protocol_host_sep + 3, host_loc_sep - protocol_host_sep - 3);
      loc = url.substr(host_loc_sep, std::string::npos);
   }

   const auto port_sep = hostname.find(':');
   if(port_sep == std::string::npos) {
      service = "http";
      // hostname not modified
   } else {
      service = hostname.substr(port_sep + 1, std::string::npos);
      hostname = hostname.substr(0, port_sep);
   }

   std::ostringstream outbuf;

   outbuf << verb << " " << loc << " HTTP/1.0\r\n";
   outbuf << "Host: " << hostname << "\r\n";

   if(verb == "GET") {
      outbuf << "Accept: */*\r\n";
      outbuf << "Cache-Control: no-cache\r\n";
   } else if(verb == "POST") {
      outbuf << "Content-Length: " << body.size() << "\r\n";
   }

   if(!content_type.empty()) {
      outbuf << "Content-Type: " << content_type << "\r\n";
   }
   outbuf << "Connection: close\r\n\r\n";
   outbuf.write(cast_uint8_ptr_to_char(body.data()), body.size());

   std::istringstream io(http_transact(hostname, service, outbuf.str()));

   std::string line1;
   std::getline(io, line1);
   if(!io || line1.empty()) {
      throw HTTP_Error("No response");
   }

   std::stringstream response_stream(line1);
   std::string http_version;
   unsigned int status_code;
   std::string status_message;

   response_stream >> http_version >> status_code;

   std::getline(response_stream, status_message);

   if(!response_stream || http_version.substr(0, 5) != "HTTP/") {
      throw HTTP_Error("Not an HTTP response");
   }

   std::map<std::string, std::string> headers;
   std::string header_line;
   while(std::getline(io, header_line) && header_line != "\r") {
      auto sep = header_line.find(": ");
      if(sep == std::string::npos || sep > header_line.size() - 2) {
         throw HTTP_Error(fmt("Invalid HTTP header '{}'", header_line));
      }
      const std::string key = header_line.substr(0, sep);

      if(sep + 2 < header_line.size() - 1) {
         const std::string val = header_line.substr(sep + 2, (header_line.size() - 1) - (sep + 2));
         headers[key] = val;
      }
   }

   if(status_code == 301 && headers.contains("Location")) {
      if(allowable_redirects == 0) {
         throw HTTP_Error("HTTP redirection count exceeded");
      }
      return GET_sync(headers["Location"], allowable_redirects - 1);
   }

   std::vector<uint8_t> resp_body;
   std::vector<uint8_t> buf(4096);
   while(io.good()) {
      io.read(cast_uint8_ptr_to_char(buf.data()), buf.size());
      const size_t got = static_cast<size_t>(io.gcount());
      resp_body.insert(resp_body.end(), buf.data(), &buf[got]);
   }

   auto cl_hdr = headers.find("Content-Length");
   if(cl_hdr != headers.end()) {
      const std::string header_size = cl_hdr->second;
      if(resp_body.size() != to_u32bit(header_size)) {
         throw HTTP_Error(fmt("Content-Length disagreement, header says {} got {}", header_size, resp_body.size()));
      }
   }

   return Response(status_code, status_message, resp_body, headers);
}

Response http_sync(std::string_view verb,
                   std::string_view url,
                   std::string_view content_type,
                   const std::vector<uint8_t>& body,
                   size_t allowable_redirects,
                   std::chrono::milliseconds timeout) {
   auto transact_with_timeout = [timeout](
                                   std::string_view hostname, std::string_view service, std::string_view message) {
      return http_transact(hostname, service, message, timeout);
   };

   return http_sync(transact_with_timeout, verb, url, content_type, body, allowable_redirects);
}

Response GET_sync(std::string_view url, size_t allowable_redirects, std::chrono::milliseconds timeout) {
   return http_sync("GET", url, "", std::vector<uint8_t>(), allowable_redirects, timeout);
}

Response POST_sync(std::string_view url,
                   std::string_view content_type,
                   const std::vector<uint8_t>& body,
                   size_t allowable_redirects,
                   std::chrono::milliseconds timeout) {
   return http_sync("POST", url, content_type, body, allowable_redirects, timeout);
}

}  // namespace Botan::HTTP

1	/*
2	* Sketchy HTTP client
3	* (C) 2013,2016 Jack Lloyd
4	* 2017 René Korthaus, Rohde & Schwarz Cybersecurity
5	*
6	* Botan is released under the Simplified BSD License (see license.txt)
7	*/
8
9	#include <botan/internal/http_util.h>
10
11	#include <botan/hex.h>
12	#include <botan/mem_ops.h>
13	#include <botan/internal/fmt.h>
14	#include <botan/internal/os_utils.h>
15	#include <botan/internal/parsing.h>
16	#include <botan/internal/socket.h>
17	#include <botan/internal/stl_util.h>
18	#include <sstream>
19
20	namespace Botan::HTTP {
21
22	namespace {
23
24	/*
25	* Connect to a host, write some bytes, then read until the server
26	* closes the socket.
27	*/
28	std::string http_transact(std::string_view hostname,	1✔
29	std::string_view service,
30	std::string_view message,
31	std::chrono::milliseconds timeout) {
32	std::unique_ptr<OS::Socket> socket;	1✔
33
34	const std::chrono::system_clock::time_point start_time = std::chrono::system_clock::now();	1✔
35
36	try {	1✔
37	socket = OS::open_socket(hostname, service, timeout);	1✔
38	if(!socket) {	1✔
39	throw Not_Implemented("No socket support enabled in build");	×
40	}
41	} catch(std::exception& e) {	×
42	throw HTTP_Error(fmt("HTTP connection to {} failed: {}", hostname, e.what()));	×
43	}	×
44
45	// Blocks until entire message has been written
46	socket->write(cast_char_ptr_to_uint8(message.data()), message.size());	1✔
47
48	if(std::chrono::system_clock::now() - start_time > timeout) {	1✔
49	throw HTTP_Error("Timeout during writing message body");	×
50	}
51
52	std::ostringstream oss;	1✔
53	std::vector<uint8_t> buf(BOTAN_DEFAULT_BUFFER_SIZE);	1✔
54	while(true) {	1✔
55	const size_t got = socket->read(buf.data(), buf.size());	1✔
56	if(got == 0) { // EOF	×
57	break;
58	}
59
60	if(std::chrono::system_clock::now() - start_time > timeout) {	×
61	throw HTTP_Error("Timeout while reading message body");	×
62	}
63
64	oss.write(cast_uint8_ptr_to_char(buf.data()), static_cast<std::streamsize>(got));	×
65	}
66
67	return oss.str();	×
68	}	2✔
69
70	bool needs_url_encoding(char c) {	×
71	if(c >= 'A' && c <= 'Z') {	×
72	return false;
73	}
74	if(c >= 'a' && c <= 'z') {
75	return false;
76	}
77	if(c >= '0' && c <= '9') {
78	return false;
79	}
80	if(c == '-' \|\| c == '_' \|\| c == '.' \|\| c == '~') {
81	return false;
82	}
83	return true;
84	}
85
86	} // namespace
87
88	std::string url_encode(std::string_view in) {	×
89	std::ostringstream out;	×
90
91	for(auto c : in) {	×
92	if(needs_url_encoding(c)) {	×
93	out << '%' << hex_encode(cast_char_ptr_to_uint8(&c), 1);	×
94	} else {
95	out << c;	×
96	}
97	}
98
99	return out.str();	×
100	}	×
101
102	std::ostream& operator<<(std::ostream& o, const Response& resp) {	×
103	o << "HTTP " << resp.status_code() << " " << resp.status_message() << "\n";	×
104	for(const auto& h : resp.headers()) {	×
105	o << "Header '" << h.first << "' = '" << h.second << "'\n";	×
106	}
107	o << "Body " << std::to_string(resp.body().size()) << " bytes:\n";	×
108	o.write(cast_uint8_ptr_to_char(resp.body().data()), resp.body().size());	×
109	return o;	×
110	}
111
112	Response http_sync(const http_exch_fn& http_transact,	1✔
113	std::string_view verb,
114	std::string_view url,
115	std::string_view content_type,
116	const std::vector<uint8_t>& body,
117	size_t allowable_redirects) {
118	if(url.empty()) {	1✔
119	throw HTTP_Error("URL empty");	×
120	}
121
122	const auto protocol_host_sep = url.find("://");	1✔
123	if(protocol_host_sep == std::string::npos) {	1✔
124	throw HTTP_Error(fmt("Invalid URL '{}'", url));	×
125	}
126
127	const auto host_loc_sep = url.find('/', protocol_host_sep + 3);	1✔
128
129	std::string hostname, loc, service;	1✔
130
131	if(host_loc_sep == std::string::npos) {	1✔
132	hostname = url.substr(protocol_host_sep + 3, std::string::npos);	1✔
133	loc = "/";	1✔
134	} else {
135	hostname = url.substr(protocol_host_sep + 3, host_loc_sep - protocol_host_sep - 3);	×
136	loc = url.substr(host_loc_sep, std::string::npos);	×
137	}
138
139	const auto port_sep = hostname.find(':');	1✔
140	if(port_sep == std::string::npos) {	1✔
141	service = "http";	1✔
142	// hostname not modified
143	} else {
144	service = hostname.substr(port_sep + 1, std::string::npos);	×
145	hostname = hostname.substr(0, port_sep);	1✔
146	}
147
148	std::ostringstream outbuf;	1✔
149
150	outbuf << verb << " " << loc << " HTTP/1.0\r\n";	1✔
151	outbuf << "Host: " << hostname << "\r\n";	1✔
152
153	if(verb == "GET") {	1✔
154	outbuf << "Accept: /\r\n";	×
155	outbuf << "Cache-Control: no-cache\r\n";	×
156	} else if(verb == "POST") {	1✔
157	outbuf << "Content-Length: " << body.size() << "\r\n";	1✔
158	}
159
160	if(!content_type.empty()) {	1✔
161	outbuf << "Content-Type: " << content_type << "\r\n";	1✔
162	}
163	outbuf << "Connection: close\r\n\r\n";	1✔
164	outbuf.write(cast_uint8_ptr_to_char(body.data()), body.size());	1✔
165
166	std::istringstream io(http_transact(hostname, service, outbuf.str()));	2✔
167
168	std::string line1;	×
169	std::getline(io, line1);	×
170	if(!io \|\| line1.empty()) {	×
171	throw HTTP_Error("No response");	×
172	}
173
174	std::stringstream response_stream(line1);	×
175	std::string http_version;	×
176	unsigned int status_code;	×
177	std::string status_message;	×
178
179	response_stream >> http_version >> status_code;	×
180
181	std::getline(response_stream, status_message);	×
182
183	if(!response_stream \|\| http_version.substr(0, 5) != "HTTP/") {	×
184	throw HTTP_Error("Not an HTTP response");	×
185	}
186
187	std::map<std::string, std::string> headers;	×
188	std::string header_line;	×
189	while(std::getline(io, header_line) && header_line != "\r") {	×
190	auto sep = header_line.find(": ");	×
191	if(sep == std::string::npos \|\| sep > header_line.size() - 2) {	×
192	throw HTTP_Error(fmt("Invalid HTTP header '{}'", header_line));	×
193	}
194	const std::string key = header_line.substr(0, sep);	×
195
196	if(sep + 2 < header_line.size() - 1) {	×
197	const std::string val = header_line.substr(sep + 2, (header_line.size() - 1) - (sep + 2));	×
198	headers[key] = val;	×
199	}	×
200	}	×
201
202	if(status_code == 301 && headers.contains("Location")) {	×
203	if(allowable_redirects == 0) {	×
204	throw HTTP_Error("HTTP redirection count exceeded");	×
205	}
206	return GET_sync(headers["Location"], allowable_redirects - 1);	×
207	}
208
209	std::vector<uint8_t> resp_body;	×
210	std::vector<uint8_t> buf(4096);	×
211	while(io.good()) {	×
212	io.read(cast_uint8_ptr_to_char(buf.data()), buf.size());	×
213	const size_t got = static_cast<size_t>(io.gcount());	×
214	resp_body.insert(resp_body.end(), buf.data(), &buf[got]);	×
215	}
216
217	auto cl_hdr = headers.find("Content-Length");	×
218	if(cl_hdr != headers.end()) {	×
219	const std::string header_size = cl_hdr->second;	×
220	if(resp_body.size() != to_u32bit(header_size)) {	×
221	throw HTTP_Error(fmt("Content-Length disagreement, header says {} got {}", header_size, resp_body.size()));	×
222	}
223	}	×
224
225	return Response(status_code, status_message, resp_body, headers);	×
226	}	3✔
227
228	Response http_sync(std::string_view verb,	1✔
229	std::string_view url,
230	std::string_view content_type,
231	const std::vector<uint8_t>& body,
232	size_t allowable_redirects,
233	std::chrono::milliseconds timeout) {
234	auto transact_with_timeout = [timeout](	2✔
235	std::string_view hostname, std::string_view service, std::string_view message) {
236	return http_transact(hostname, service, message, timeout);	1✔
237	};	1✔
238
239	return http_sync(transact_with_timeout, verb, url, content_type, body, allowable_redirects);	1✔
240	}
241
242	Response GET_sync(std::string_view url, size_t allowable_redirects, std::chrono::milliseconds timeout) {	×
243	return http_sync("GET", url, "", std::vector<uint8_t>(), allowable_redirects, timeout);	×
244	}
245
246	Response POST_sync(std::string_view url,	1✔
247	std::string_view content_type,
248	const std::vector<uint8_t>& body,
249	size_t allowable_redirects,
250	std::chrono::milliseconds timeout) {
251	return http_sync("POST", url, content_type, body, allowable_redirects, timeout);	1✔
252	}
253
254	} // namespace Botan::HTTP

randombit / botan / 11631334564

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous