search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Patrick Welche <prlw1@cam.ac.uk>
[netbsd-mini2440.git] / crypto / dist / heimdal / appl / test / http_client.c
blobc64584fbd1efbf9b121c3e23841a02193ae961b3
1 /*
2 * Copyright (c) 2003 - 2005 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "test_locl.h"
35 #include <gssapi.h>
36 #include "gss_common.h"
37 #include <base64.h>
38
39 __RCSID("$Heimdal: http_client.c 14861 2005-04-20 10:38:37Z lha $"
40 "$NetBSD$");
41
42 /*
43 * A simplistic client implementing draft-brezak-spnego-http-04.txt
44 */
45
46 static int
47 do_connect (const char *hostname, const char *port)
48 {
49 struct addrinfo *ai, *a;
50 struct addrinfo hints;
51 int error;
52 int s = -1;
53
54 memset (&hints, 0, sizeof(hints));
55 hints.ai_family = PF_UNSPEC;
56 hints.ai_socktype = SOCK_STREAM;
57 hints.ai_protocol = 0;
58
59 error = getaddrinfo (hostname, port, &hints, &ai);
60 if (error)
61 errx (1, "getaddrinfo(%s): %s", hostname, gai_strerror(error));
62
63 for (a = ai; a != NULL; a = a->ai_next) {
64 s = socket (a->ai_family, a->ai_socktype, a->ai_protocol);
65 if (s < 0)
66 continue;
67 if (connect (s, a->ai_addr, a->ai_addrlen) < 0) {
68 warn ("connect(%s)", hostname);
69 close (s);
70 continue;
71 }
72 break;
73 }
74 freeaddrinfo (ai);
75 if (a == NULL)
76 errx (1, "failed to contact %s", hostname);
77
78 return s;
79 }
80
81 static void
82 fdprintf(int s, const char *fmt, ...)
83 {
84 size_t len;
85 ssize_t ret;
86 va_list ap;
87 char *str, *buf;
88
89 va_start(ap, fmt);
90 vasprintf(&str, fmt, ap);
91 va_end(ap);
92
93 if (str == NULL)
94 errx(1, "vasprintf");
95
96 buf = str;
97 len = strlen(buf);
98 while (len) {
99 ret = write(s, buf, len);
100 if (ret == 0)
101 err(1, "connection closed");
102 else if (ret < 0)
103 err(1, "error");
104 len -= ret;
105 buf += ret;
106 }
107 free(str);
108 }
109
110 static int help_flag;
111 static int version_flag;
112 static int verbose_flag;
113 static int mutual_flag = 1;
114 static int delegate_flag;
115 static char *port_str = "http";
116 static char *gss_service = "HTTP";
117
118 static struct getargs http_args[] = {
119 { "verbose", 'v', arg_flag, &verbose_flag, "verbose logging", },
120 { "port", 'p', arg_string, &port_str, "port to connect to", "port" },
121 { "delegate", 0, arg_flag, &delegate_flag, "gssapi delegate credential" },
122 { "gss-service", 's', arg_string, &gss_service, "gssapi service to use",
123 "service" },
124 { "mech", 'm', arg_string, &mech, "gssapi mech to use", "mech" },
125 { "mutual", 0, arg_negative_flag, &mutual_flag, "no gssapi mutual auth" },
126 { "help", 'h', arg_flag, &help_flag },
127 { "version", 0, arg_flag, &version_flag }
128 };
129
130 static int num_http_args = sizeof(http_args) / sizeof(http_args[0]);
131
132 static void
133 usage(int code)
134 {
135 arg_printusage(http_args, num_http_args, NULL, "host [page]");
136 exit(code);
137 }
138
139 /*
140 *
141 */
142
143 struct http_req {
144 char *response;
145 char **headers;
146 int num_headers;
147 void *body;
148 size_t body_size;
149 };
150
151
152 static void
153 http_req_zero(struct http_req *req)
154 {
155 req->response = NULL;
156 req->headers = NULL;
157 req->num_headers = 0;
158 req->body = NULL;
159 req->body_size = 0;
160 }
161
162 static void
163 http_req_free(struct http_req *req)
164 {
165 int i;
166
167 free(req->response);
168 for (i = 0; i < req->num_headers; i++)
169 free(req->headers[i]);
170 free(req->headers);
171 free(req->body);
172 http_req_zero(req);
173 }
174
175 static const char *
176 http_find_header(struct http_req *req, const char *header)
177 {
178 int i, len = strlen(header);
179
180 for (i = 0; i < req->num_headers; i++) {
181 if (strncasecmp(header, req->headers[i], len) == 0) {
182 return req->headers[i] + len + 1;
183 }
184 }
185 return NULL;
186 }
187
188
189 static int
190 http_query(const char *host, const char *page,
191 char **headers, int num_headers, struct http_req *req)
192 {
193 enum { RESPONSE, HEADER, BODY } state;
194 ssize_t ret;
195 char in_buf[1024], *in_ptr = in_buf;
196 size_t in_len = 0;
197 int s, i;
198
199 http_req_zero(req);
200
201 s = do_connect(host, port_str);
202 if (s < 0)
203 errx(1, "connection failed");
204
205 fdprintf(s, "GET %s HTTP/1.0\r\n", page);
206 for (i = 0; i < num_headers; i++)
207 fdprintf(s, "%s\r\n", headers[i]);
208 fdprintf(s, "Host: %s\r\n\r\n", host);
209
210 state = RESPONSE;
211
212 while (1) {
213 ret = read (s, in_ptr, sizeof(in_buf) - in_len - 1);
214 if (ret == 0)
215 break;
216 else if (ret < 0)
217 err (1, "read: %lu", (unsigned long)ret);
218
219 in_buf[ret + in_len] = '\0';
220
221 if (state == HEADER || state == RESPONSE) {
222 char *p;
223
224 in_len += ret;
225 in_ptr += ret;
226
227 while (1) {
228 p = strstr(in_buf, "\r\n");
229
230 if (p == NULL) {
231 break;
232 } else if (p == in_buf) {
233 memmove(in_buf, in_buf + 2, sizeof(in_buf) - 2);
234 state = BODY;
235 in_len -= 2;
236 in_ptr -= 2;
237 break;
238 } else if (state == RESPONSE) {
239 req->response = strndup(in_buf, p - in_buf);
240 state = HEADER;
241 } else {
242 req->headers = realloc(req->headers,
243 (req->num_headers + 1) * sizeof(req->headers[0]));
244 req->headers[req->num_headers] = strndup(in_buf, p - in_buf);
245 if (req->headers[req->num_headers] == NULL)
246 errx(1, "strdup");
247 req->num_headers++;
248 }
249 memmove(in_buf, p + 2, sizeof(in_buf) - (p - in_buf) - 2);
250 in_len -= (p - in_buf) + 2;
251 in_ptr -= (p - in_buf) + 2;
252 }
253 }
254
255 if (state == BODY) {
256
257 req->body = erealloc(req->body, req->body_size + ret + 1);
258
259 memcpy((char *)req->body + req->body_size, in_buf, ret);
260 req->body_size += ret;
261 ((char *)req->body)[req->body_size] = '\0';
262
263 in_ptr = in_buf;
264 in_len = 0;
265 } else
266 abort();
267 }
268
269 if (verbose_flag) {
270 int i;
271 printf("response: %s\n", req->response);
272 for (i = 0; i < req->num_headers; i++)
273 printf("header[%d] %s\n", i, req->headers[i]);
274 printf("body: %.*s\n", (int)req->body_size, (char *)req->body);
275 }
276
277 close(s);
278 return 0;
279 }
280
281
282 int
283 main(int argc, char **argv)
284 {
285 struct http_req req;
286 const char *host, *page;
287 int i, done, print_body, gssapi_done, gssapi_started;
288 char *headers[10]; /* XXX */
289 int num_headers;
290 gss_ctx_id_t context_hdl = GSS_C_NO_CONTEXT;
291 gss_name_t server = GSS_C_NO_NAME;
292 int optind = 0;
293 gss_OID mech_oid;
294 OM_uint32 flags;
295
296 setprogname(argv[0]);
297
298 if(getarg(http_args, num_http_args, argc, argv, &optind))
299 usage(1);
300
301 if (help_flag)
302 usage (0);
303
304 if(version_flag) {
305 print_version(NULL);
306 exit(0);
307 }
308
309 argc -= optind;
310 argv += optind;
311
312 mech_oid = select_mech(mech);
313
314 if (argc != 1 && argc != 2)
315 errx(1, "usage: %s host [page]", getprogname());
316 host = argv[0];
317 if (argc == 2)
318 page = argv[1];
319 else
320 page = "/";
321
322 flags = 0;
323 if (delegate_flag)
324 flags |= GSS_C_DELEG_FLAG;
325 if (mutual_flag)
326 flags |= GSS_C_MUTUAL_FLAG;
327
328 done = 0;
329 num_headers = 0;
330 gssapi_done = 1;
331 gssapi_started = 0;
332 do {
333 print_body = 0;
334
335 http_query(host, page, headers, num_headers, &req);
336 for (i = 0 ; i < num_headers; i++)
337 free(headers[i]);
338 num_headers = 0;
339
340 if (strstr(req.response, " 200 ") != NULL) {
341 print_body = 1;
342 done = 1;
343 } else if (strstr(req.response, " 401 ") != NULL) {
344 if (http_find_header(&req, "WWW-Authenticate:") == NULL)
345 errx(1, "Got %s but missed `WWW-Authenticate'", req.response);
346 gssapi_done = 0;
347 }
348
349 if (!gssapi_done) {
350 const char *h = http_find_header(&req, "WWW-Authenticate:");
351 if (h == NULL)
352 errx(1, "Got %s but missed `WWW-Authenticate'", req.response);
353
354 if (strncasecmp(h, "Negotiate", 9) == 0) {
355 OM_uint32 maj_stat, min_stat;
356 gss_buffer_desc input_token, output_token;
357
358 if (verbose_flag)
359 printf("Negotiate found\n");
360
361 if (server == GSS_C_NO_NAME) {
362 char *name;
363 asprintf(&name, "%s@%s", gss_service, host);
364 input_token.length = strlen(name);
365 input_token.value = name;
366
367 maj_stat = gss_import_name(&min_stat,
368 &input_token,
369 GSS_C_NT_HOSTBASED_SERVICE,
370 &server);
371 if (GSS_ERROR(maj_stat))
372 gss_err (1, min_stat, "gss_inport_name");
373 free(name);
374 input_token.length = 0;
375 input_token.value = NULL;
376 }
377
378 i = 9;
379 while(h[i] && isspace((unsigned char)h[i]))
380 i++;
381 if (h[i] != '\0') {
382 int len = strlen(&h[i]);
383 if (len == 0)
384 errx(1, "invalid Negotiate token");
385 input_token.value = emalloc(len);
386 len = base64_decode(&h[i], input_token.value);
387 if (len < 0)
388 errx(1, "invalid base64 Negotiate token %s", &h[i]);
389 input_token.length = len;
390 } else {
391 if (gssapi_started)
392 errx(1, "Negotiate already started");
393 gssapi_started = 1;
394
395 input_token.length = 0;
396 input_token.value = NULL;
397 }
398
399 maj_stat =
400 gss_init_sec_context(&min_stat,
401 GSS_C_NO_CREDENTIAL,
402 &context_hdl,
403 server,
404 mech_oid,
405 flags,
406 0,
407 GSS_C_NO_CHANNEL_BINDINGS,
408 &input_token,
409 NULL,
410 &output_token,
411 NULL,
412 NULL);
413 if (GSS_ERROR(maj_stat))
414 gss_err (1, min_stat, "gss_init_sec_context");
415 else if (maj_stat & GSS_S_CONTINUE_NEEDED)
416 gssapi_done = 0;
417 else {
418 gss_name_t targ_name, src_name;
419 gss_buffer_desc name_buffer;
420 gss_OID mech_type;
421
422 gssapi_done = 1;
423
424 printf("Negotiate done: %s\n", mech);
425
426 maj_stat = gss_inquire_context(&min_stat,
427 context_hdl,
428 &src_name,
429 &targ_name,
430 NULL,
431 &mech_type,
432 NULL,
433 NULL,
434 NULL);
435 if (GSS_ERROR(maj_stat))
436 gss_err (1, min_stat, "gss_inquire_context");
437
438 maj_stat = gss_display_name(&min_stat,
439 src_name,
440 &name_buffer,
441 NULL);
442 if (GSS_ERROR(maj_stat))
443 gss_err (1, min_stat, "gss_display_name");
444
445 printf("Source: %.*s\n",
446 (int)name_buffer.length,
447 (char *)name_buffer.value);
448
449 gss_release_buffer(&min_stat, &name_buffer);
450
451 maj_stat = gss_display_name(&min_stat,
452 targ_name,
453 &name_buffer,
454 NULL);
455 if (GSS_ERROR(maj_stat))
456 gss_err (1, min_stat, "gss_display_name");
457
458 printf("Target: %.*s\n",
459 (int)name_buffer.length,
460 (char *)name_buffer.value);
461
462 gss_release_name(&min_stat, &targ_name);
463 gss_release_buffer(&min_stat, &name_buffer);
464 }
465
466 if (output_token.length) {
467 char *neg_token;
468
469 base64_encode(output_token.value,
470 output_token.length,
471 &neg_token);
472
473 asprintf(&headers[0], "Authorization: Negotiate %s",
474 neg_token);
475
476 num_headers = 1;
477 free(neg_token);
478 gss_release_buffer(&min_stat, &output_token);
479 }
480 if (input_token.length)
481 free(input_token.value);
482
483 } else
484 done = 1;
485 } else
486 done = 1;
487
488 if (verbose_flag) {
489 printf("%s\n\n", req.response);
490
491 for (i = 0; i < req.num_headers; i++)
492 printf("%s\n", req.headers[i]);
493 printf("\n");
494 }
495 if (print_body || verbose_flag)
496 printf("%.*s\n", (int)req.body_size, (char *)req.body);
497
498 http_req_free(&req);
499 } while (!done);
500
501 if (gssapi_done == 0)
502 errx(1, "gssapi not done but http dance done");
503
504 return 0;
505 }
NetBSD on the FriendlyARM MINI2440