2 * Copyright (C) 1999, 2001, 2002, 2003, 2004, 2006, 2009, 2010,
3 * 2011 Free Software Foundation, Inc.
4 * Copyright (C) 2014 Werner Koch
6 * This file is part of GnuPG.
8 * This file is free software; you can redistribute it and/or modify
9 * it under the terms of either
11 * - the GNU Lesser General Public License as published by the Free
12 * Software Foundation; either version 3 of the License, or (at
13 * your option) any later version.
17 * - the GNU General Public License as published by the Free
18 * Software Foundation; either version 2 of the License, or (at
19 * your option) any later version.
21 * or both in parallel, as here.
23 * This file is distributed in the hope that it will be useful,
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 * GNU General Public License for more details.
28 * You should have received a copy of the GNU General Public License
29 * along with this program; if not, see <https://www.gnu.org/licenses/>.
36 #include <sys/types.h>
41 #include "../common/util.h"
42 #include "../common/logging.h"
43 #include "dns-stuff.h"
50 # include <gnutls/gnutls.h> /* For init, logging, and deinit. */
51 #endif /*HTTP_USE_GNUTLS*/
60 /* read_dh_params (const char *fname) */
62 /* gpg_error_t err; */
68 /* gnutls_datum_t datum; */
70 /* fp = fopen (fname, "rb"); */
73 /* err = gpg_error_from_syserror (); */
74 /* log_fatal ("can't open '%s': %s\n", fname, gpg_strerror (err)); */
77 /* if (fstat (fileno(fp), &st)) */
79 /* err = gpg_error_from_syserror (); */
80 /* log_fatal ("can't stat '%s': %s\n", fname, gpg_strerror (err)); */
83 /* buflen = st.st_size; */
84 /* buf = xmalloc (buflen+1); */
85 /* if (fread (buf, buflen, 1, fp) != 1) */
87 /* err = gpg_error_from_syserror (); */
88 /* log_fatal ("error reading '%s': %s\n", fname, gpg_strerror (err)); */
92 /* datum.size = buflen; */
93 /* datum.data = buf; */
95 /* rc = gnutls_dh_params_import_pkcs3 (dh_params, &datum, GNUTLS_X509_FMT_PEM); */
97 /* log_fatal ("gnutls_dh_param_import failed: %s\n", gnutls_strerror (rc)); */
106 verify_callback (http_t hd, http_session_t session, int reserved)
110 return no_verify? 0 : http_verify_server_credentials (session);
116 my_gnutls_log (int level, const char *text)
118 fprintf (stderr, "gnutls:L%d: %s", level, text);
124 my_http_tls_verify_cb (void *opaque,
126 http_session_t session,
127 unsigned int http_flags,
133 ksba_cert_t hostcert = NULL;
140 /* Get the peer's certs from ntbtls. */
142 (cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++)
146 log_info ("Received host certificate\n");
152 log_info ("Received additional certificate\n");
153 ksba_cert_release (cert);
158 err = gpg_error (GPG_ERR_MISSING_CERT);
165 ksba_cert_release (hostcert);
166 log_info ("my_http_tls_verify_cb returns: %s\n", gpg_strerror (err));
169 #endif /*HTTP_USE_NTBTLS*/
173 /* Prepend FNAME with the srcdir environment variable's value and
174 return an allocated filename. */
176 prepend_srcdir (const char *fname)
178 static const char *srcdir;
181 if (!srcdir && !(srcdir = getenv ("srcdir")))
184 result = xmalloc (strlen (srcdir) + 1 + strlen (fname) + 1);
185 strcpy (result, srcdir);
186 strcat (result, "/");
187 strcat (result, fname);
193 main (int argc, char **argv)
197 int rc; parsed_uri_t uri;
201 unsigned int my_http_flags = 0;
205 const char *cafile = NULL;
206 http_session_t session = NULL;
207 unsigned int timeout = 0;
210 log_set_prefix (PGM, GPGRT_LOG_WITH_PREFIX | GPGRT_LOG_WITH_PID);
213 while (argc && last_argc != argc )
216 if (!strcmp (*argv, "--"))
221 else if (!strcmp (*argv, "--help"))
223 fputs ("usage: " PGM " URL\n"
225 " --verbose print timings etc.\n"
226 " --debug flyswatter\n"
227 " --tls-debug N use TLS debug level N\n"
228 " --cacert FNAME expect CA certificate in file FNAME\n"
229 " --timeout MS timeout for connect in MS\n"
230 " --no-verify do not verify the certificate\n"
231 " --force-tls use HTTP_FLAG_FORCE_TLS\n"
232 " --force-tor use HTTP_FLAG_FORCE_TOR\n"
233 " --no-out do not print the content\n"
234 " --no-crl do not consuilt a CRL\n",
238 else if (!strcmp (*argv, "--verbose"))
243 else if (!strcmp (*argv, "--debug"))
249 else if (!strcmp (*argv, "--tls-debug"))
254 tls_dbg = atoi (*argv);
258 else if (!strcmp (*argv, "--cacert"))
267 else if (!strcmp (*argv, "--timeout"))
272 timeout = strtoul (*argv, NULL, 10);
276 else if (!strcmp (*argv, "--no-verify"))
281 else if (!strcmp (*argv, "--force-tls"))
283 my_http_flags |= HTTP_FLAG_FORCE_TLS;
286 else if (!strcmp (*argv, "--force-tor"))
288 my_http_flags |= HTTP_FLAG_FORCE_TOR;
291 else if (!strcmp (*argv, "--no-out"))
296 else if (!strcmp (*argv, "--no-crl"))
301 else if (!strncmp (*argv, "--", 2))
303 fprintf (stderr, PGM ": unknown option '%s'\n", *argv);
309 fprintf (stderr, PGM ": no or too many URLS given\n");
314 cafile = prepend_srcdir ("tls-ca.pem");
317 my_http_flags |= HTTP_FLAG_LOG_RESP;
319 if (verbose || debug)
320 http_set_verbose (verbose, debug);
322 /* http.c makes use of the assuan socket wrapper. */
325 if ((my_http_flags & HTTP_FLAG_FORCE_TOR))
327 enable_dns_tormode (1);
328 if (assuan_sock_set_flag (ASSUAN_INVALID_FD, "tor-mode", 1))
330 log_error ("error enabling Tor mode: %s\n", strerror (errno));
331 log_info ("(is your Libassuan recent enough?)\n");
336 log_info ("new session.\n");
337 err = http_session_new (&session, NULL,
338 ((no_crl? HTTP_FLAG_NO_CRL : 0)
339 | HTTP_FLAG_TRUST_DEF),
340 my_http_tls_verify_cb, NULL);
342 log_error ("http_session_new failed: %s\n", gpg_strerror (err));
343 ntbtls_set_debug (tls_dbg, NULL, NULL);
345 #elif HTTP_USE_GNUTLS
347 rc = gnutls_global_init ();
349 log_error ("gnutls_global_init failed: %s\n", gnutls_strerror (rc));
351 http_register_tls_callback (verify_callback);
352 http_register_tls_ca (cafile);
354 err = http_session_new (&session, NULL,
355 ((no_crl? HTTP_FLAG_NO_CRL : 0)
356 | HTTP_FLAG_TRUST_DEF),
359 log_error ("http_session_new failed: %s\n", gpg_strerror (err));
361 /* rc = gnutls_dh_params_init(&dh_params); */
363 /* log_error ("gnutls_dh_params_init failed: %s\n", gnutls_strerror (rc)); */
364 /* read_dh_params ("dh_param.pem"); */
366 /* rc = gnutls_certificate_set_x509_trust_file */
367 /* (certcred, "ca.pem", GNUTLS_X509_FMT_PEM); */
369 /* log_error ("gnutls_certificate_set_x509_trust_file failed: %s\n", */
370 /* gnutls_strerror (rc)); */
372 /* gnutls_certificate_set_dh_params (certcred, dh_params); */
374 gnutls_global_set_log_function (my_gnutls_log);
376 gnutls_global_set_log_level (tls_dbg);
382 #endif /*HTTP_USE_GNUTLS*/
384 rc = http_parse_uri (&uri, *argv, HTTP_PARSE_NO_SCHEME_CHECK);
387 log_error ("'%s': %s\n", *argv, gpg_strerror (rc));
391 printf ("Scheme: %s\n", uri->scheme);
393 printf ("Value : %s\n", uri->path);
396 printf ("Auth : %s\n", uri->auth? uri->auth:"[none]");
397 printf ("Host : %s (off=%hu)\n", uri->host, uri->off_host);
398 printf ("Port : %u\n", uri->port);
399 printf ("Path : %s (off=%hu)\n", uri->path, uri->off_path);
400 for (r = uri->params; r; r = r->next)
402 printf ("Params: %s", r->name);
405 printf ("=%s", r->value);
406 if (strlen (r->value) != r->valuelen)
407 printf (" [real length=%d]", (int) r->valuelen);
411 for (r = uri->query; r; r = r->next)
413 printf ("Query : %s", r->name);
416 printf ("=%s", r->value);
417 if (strlen (r->value) != r->valuelen)
418 printf (" [real length=%d]", (int) r->valuelen);
422 printf ("Flags :%s%s%s%s%s\n",
423 uri->is_http? " http":"",
424 uri->is_ldap? " ldap":"",
425 uri->opaque? " opaque":"",
426 uri->v6lit? " v6lit":"",
427 uri->onion? " onion":"");
428 printf ("TLS : %s\n",
430 (my_http_flags&HTTP_FLAG_FORCE_TLS)? "forced" : "no");
431 printf ("Tor : %s\n",
432 (my_http_flags&HTTP_FLAG_FORCE_TOR)? "yes" : "no");
436 http_release_parsed_uri (uri);
440 http_session_set_timeout (session, timeout);
442 rc = http_open_document (NULL, &hd, *argv, NULL, my_http_flags,
443 NULL, session, NULL, NULL);
446 log_error ("can't get '%s': %s\n", *argv, gpg_strerror (rc));
449 log_info ("open_http_document succeeded; status=%u\n",
450 http_get_status_code (hd));
456 names = http_get_header_names (hd);
458 log_fatal ("http_get_header_names failed: %s\n",
459 gpg_strerror (gpg_error_from_syserror ()));
460 for (i = 0; names[i]; i++)
461 printf ("HDR: %s: %s\n", names[i], http_get_header (hd, names[i]));
466 switch (http_get_status_code (hd))
474 unsigned long count = 0;
475 while ((c = es_getc (http_get_read_ptr (hd))) != EOF)
481 log_info ("Received bytes: %lu\n", count);
487 log_info ("Redirected to: %s\n", http_get_header (hd, "Location"));
492 http_session_release (session);
493 #ifdef HTTP_USE_GNUTLS
494 gnutls_global_deinit ();
495 #endif /*HTTP_USE_GNUTLS*/