1 /*****************************************************************************
2 * http.c: HTTP input module
3 *****************************************************************************
4 * Copyright (C) 2001-2005 the VideoLAN team
7 * Authors: Laurent Aimar <fenrir@via.ecp.fr>
8 * Christophe Massiot <massiot@via.ecp.fr>
9 * RĂ©mi Denis-Courmont <rem # videolan.org>
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
24 *****************************************************************************/
26 /*****************************************************************************
28 *****************************************************************************/
36 #include <vlc_access.h>
38 #include <vlc_interface.h>
40 #include <vlc_network.h>
43 #include <vlc_strings.h>
44 #include <vlc_input.h>
51 /*****************************************************************************
53 *****************************************************************************/
54 static int Open ( vlc_object_t * );
55 static void Close( vlc_object_t * );
57 #define PROXY_TEXT N_("HTTP proxy")
58 #define PROXY_LONGTEXT N_( \
59 "HTTP proxy to be used It must be of the form " \
60 "http://[user[:pass]@]myproxy.mydomain:myport/ ; " \
61 "if empty, the http_proxy environment variable will be tried." )
63 #define CACHING_TEXT N_("Caching value in ms")
64 #define CACHING_LONGTEXT N_( \
65 "Caching value for HTTP streams. This " \
66 "value should be set in milliseconds." )
68 #define AGENT_TEXT N_("HTTP user agent")
69 #define AGENT_LONGTEXT N_("User agent that will be " \
70 "used for the connection.")
72 #define RECONNECT_TEXT N_("Auto re-connect")
73 #define RECONNECT_LONGTEXT N_( \
74 "Automatically try to reconnect to the stream in case of a sudden " \
77 #define CONTINUOUS_TEXT N_("Continuous stream")
78 #define CONTINUOUS_LONGTEXT N_("Read a file that is " \
79 "being constantly updated (for example, a JPG file on a server). " \
80 "You should not globally enable this option as it will break all other " \
81 "types of HTTP streams." )
83 #define FORWARD_COOKIES_TEXT N_("Forward Cookies")
84 #define FORWARD_COOKIES_LONGTEXT N_("Forward Cookies Across http redirections ")
87 set_description( _("HTTP input") );
88 set_capability( "access2", 0 );
89 set_shortname( _( "HTTP(S)" ) );
90 set_category( CAT_INPUT );
91 set_subcategory( SUBCAT_INPUT_ACCESS );
93 add_string( "http-proxy", NULL, NULL, PROXY_TEXT, PROXY_LONGTEXT,
95 add_integer( "http-caching", 4 * DEFAULT_PTS_DELAY / 1000, NULL,
96 CACHING_TEXT, CACHING_LONGTEXT, true );
97 add_string( "http-user-agent", COPYRIGHT_MESSAGE , NULL, AGENT_TEXT,
98 AGENT_LONGTEXT, true );
99 add_bool( "http-reconnect", 0, NULL, RECONNECT_TEXT,
100 RECONNECT_LONGTEXT, true );
101 add_bool( "http-continuous", 0, NULL, CONTINUOUS_TEXT,
102 CONTINUOUS_LONGTEXT, true );
103 add_bool( "http-forward-cookies", 0, NULL, FORWARD_COOKIES_TEXT,
104 FORWARD_COOKIES_LONGTEXT, true );
105 add_obsolete_string("http-user");
106 add_obsolete_string("http-pwd");
107 add_shortcut( "http" );
108 add_shortcut( "https" );
109 add_shortcut( "unsv" );
110 add_shortcut( "itpc" ); /* iTunes Podcast */
111 set_callbacks( Open, Close );
114 /*****************************************************************************
116 *****************************************************************************/
118 /* RFC 2617: Basic and Digest Access Authentification */
119 typedef struct http_auth_t
130 char *psz_HA1; /* stored H(A1) value if algorithm = "MD5-sess" */
136 tls_session_t *p_tls;
141 char *psz_user_agent;
147 http_auth_t proxy_auth;
151 const char *psz_protocol;
184 vlc_array_t * cookies;
188 static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies );
191 static ssize_t Read( access_t *, uint8_t *, size_t );
192 static ssize_t ReadCompressed( access_t *, uint8_t *, size_t );
193 static int Seek( access_t *, int64_t );
194 static int Control( access_t *, int, va_list );
197 static int Connect( access_t *, int64_t );
198 static int Request( access_t *p_access, int64_t i_tell );
199 static void Disconnect( access_t * );
201 /* Small Cookie utilities. Cookies support is partial. */
202 static char * cookie_get_content( const char * cookie );
203 static char * cookie_get_domain( const char * cookie );
204 static char * cookie_get_name( const char * cookie );
205 static void cookie_append( vlc_array_t * cookies, char * cookie );
208 static void AuthParseHeader( access_t *p_access, const char *psz_header,
209 http_auth_t *p_auth );
210 static void AuthReply( access_t *p_acces, const char *psz_prefix,
211 vlc_url_t *p_url, http_auth_t *p_auth );
212 static int AuthCheckReply( access_t *p_access, const char *psz_header,
213 vlc_url_t *p_url, http_auth_t *p_auth );
214 static void AuthReset( http_auth_t *p_auth );
216 /*****************************************************************************
218 *****************************************************************************/
219 static int Open( vlc_object_t *p_this )
221 return OpenWithCookies( p_this, NULL );
224 static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies )
226 access_t *p_access = (access_t*)p_this;
229 /* Only forward an store cookies if the corresponding option is activated */
230 bool b_forward_cookies = var_CreateGetBool( p_access, "http-forward-cookies" );
231 vlc_array_t * saved_cookies = b_forward_cookies ? (cookies ?: vlc_array_new()) : NULL;
233 /* Set up p_access */
234 STANDARD_READ_ACCESS_INIT;
236 p_access->pf_read = ReadCompressed;
239 p_sys->b_proxy = false;
240 p_sys->i_version = 1;
241 p_sys->b_seekable = true;
242 p_sys->psz_mime = NULL;
243 p_sys->psz_pragma = NULL;
244 p_sys->b_mms = false;
245 p_sys->b_icecast = false;
246 p_sys->psz_location = NULL;
247 p_sys->psz_user_agent = NULL;
248 p_sys->b_pace_control = true;
249 p_sys->b_ssl = false;
251 p_sys->b_compressed = false;
252 /* 15 is the max windowBits, +32 to enable optional gzip decoding */
253 if( inflateInit2( &p_sys->inflate.stream, 32+15 ) != Z_OK )
254 msg_Warn( p_access, "Error during zlib initialisation: %s",
255 p_sys->inflate.stream.msg );
256 if( zlibCompileFlags() & (1<<17) )
257 msg_Warn( p_access, "Your zlib was compiled without gzip support." );
258 p_sys->inflate.p_buffer = NULL;
262 p_sys->i_icy_meta = 0;
263 p_sys->psz_icy_name = NULL;
264 p_sys->psz_icy_genre = NULL;
265 p_sys->psz_icy_title = NULL;
266 p_sys->i_remaining = 0;
268 p_sys->cookies = saved_cookies;
270 /* Parse URI - remove spaces */
271 p = psz = strdup( p_access->psz_path );
272 while( (p = strchr( p, ' ' )) != NULL )
274 vlc_UrlParse( &p_sys->url, psz, 0 );
277 if( p_sys->url.psz_host == NULL || *p_sys->url.psz_host == '\0' )
279 msg_Warn( p_access, "invalid host" );
282 if( !strncmp( p_access->psz_access, "https", 5 ) )
286 if( p_sys->url.i_port <= 0 )
287 p_sys->url.i_port = 443;
291 if( p_sys->url.i_port <= 0 )
292 p_sys->url.i_port = 80;
296 p_sys->psz_user_agent = var_CreateGetString( p_access, "http-user-agent" );
299 psz = var_CreateGetString( p_access, "http-proxy" );
302 p_sys->b_proxy = true;
303 vlc_UrlParse( &p_sys->proxy, psz, 0 );
308 char *psz_proxy = getenv( "http_proxy" );
309 if( psz_proxy && *psz_proxy )
311 p_sys->b_proxy = true;
312 vlc_UrlParse( &p_sys->proxy, psz_proxy, 0 );
320 if( p_sys->proxy.psz_host == NULL || *p_sys->proxy.psz_host == '\0' )
322 msg_Warn( p_access, "invalid proxy host" );
325 if( p_sys->proxy.i_port <= 0 )
327 p_sys->proxy.i_port = 80;
331 msg_Dbg( p_access, "http: server='%s' port=%d file='%s",
332 p_sys->url.psz_host, p_sys->url.i_port, p_sys->url.psz_path );
335 msg_Dbg( p_access, " proxy %s:%d", p_sys->proxy.psz_host,
336 p_sys->proxy.i_port );
338 if( p_sys->url.psz_username && *p_sys->url.psz_username )
340 msg_Dbg( p_access, " user='%s', pwd='%s'",
341 p_sys->url.psz_username, p_sys->url.psz_password );
344 p_sys->b_reconnect = var_CreateGetBool( p_access, "http-reconnect" );
345 p_sys->b_continuous = var_CreateGetBool( p_access, "http-continuous" );
349 switch( Connect( p_access, 0 ) )
355 /* Retry with http 1.0 */
356 msg_Dbg( p_access, "switching to HTTP version 1.0" );
357 p_sys->i_version = 0;
358 p_sys->b_seekable = false;
360 if( p_access->b_die || Connect( p_access, 0 ) )
368 msg_Err( p_access, "You should not be here" );
373 if( p_sys->i_code == 401 )
375 char *psz_login = NULL; char *psz_password = NULL;
379 if( p_sys->url.psz_username && p_sys->url.psz_password &&
380 p_sys->auth.psz_nonce && p_sys->auth.i_nonce == 0 )
384 snprintf( psz_msg, 250,
385 _("Please enter a valid login name and a password for realm %s."),
386 p_sys->auth.psz_realm );
387 msg_Dbg( p_access, "authentication failed for realm %s",
388 p_sys->auth.psz_realm );
389 i_ret = intf_UserLoginPassword( p_access, _("HTTP authentication"),
390 psz_msg, &psz_login, &psz_password );
391 if( i_ret == DIALOG_OK_YES )
393 msg_Dbg( p_access, "retrying with user=%s, pwd=%s",
394 psz_login, psz_password );
395 if( psz_login ) p_sys->url.psz_username = strdup( psz_login );
396 if( psz_password ) p_sys->url.psz_password = strdup( psz_password );
398 free( psz_password );
404 free( psz_password );
409 if( ( p_sys->i_code == 301 || p_sys->i_code == 302 ||
410 p_sys->i_code == 303 || p_sys->i_code == 307 ) &&
411 p_sys->psz_location && *p_sys->psz_location )
413 msg_Dbg( p_access, "redirection to %s", p_sys->psz_location );
415 /* Do not accept redirection outside of HTTP works */
416 if( strncmp( p_sys->psz_location, "http", 4 )
417 || ( ( p_sys->psz_location[4] != ':' ) /* HTTP */
418 && strncmp( p_sys->psz_location + 4, "s:", 2 ) /* HTTP/SSL */ ) )
420 msg_Err( p_access, "insecure redirection ignored" );
423 free( p_access->psz_path );
424 p_access->psz_path = strdup( p_sys->psz_location );
425 /* Clean up current Open() run */
426 vlc_UrlClean( &p_sys->url );
427 AuthReset( &p_sys->auth );
428 vlc_UrlClean( &p_sys->proxy );
429 AuthReset( &p_sys->proxy_auth );
430 free( p_sys->psz_mime );
431 free( p_sys->psz_pragma );
432 free( p_sys->psz_location );
433 free( p_sys->psz_user_agent );
435 Disconnect( p_access );
436 cookies = p_sys->cookies;
439 /* Do new Open() run with new data */
440 return OpenWithCookies( p_this, cookies );
445 msg_Dbg( p_access, "this is actually a live mms server, BAIL" );
449 if( !strcmp( p_sys->psz_protocol, "ICY" ) || p_sys->b_icecast )
451 if( p_sys->psz_mime && strcasecmp( p_sys->psz_mime, "application/ogg" ) )
453 if( !strcasecmp( p_sys->psz_mime, "video/nsv" ) ||
454 !strcasecmp( p_sys->psz_mime, "video/nsa" ) )
455 p_access->psz_demux = strdup( "nsv" );
456 else if( !strcasecmp( p_sys->psz_mime, "audio/aac" ) ||
457 !strcasecmp( p_sys->psz_mime, "audio/aacp" ) )
458 p_access->psz_demux = strdup( "m4a" );
459 else if( !strcasecmp( p_sys->psz_mime, "audio/mpeg" ) )
460 p_access->psz_demux = strdup( "mp3" );
462 msg_Info( p_access, "Raw-audio server found, %s demuxer selected",
463 p_access->psz_demux );
465 #if 0 /* Doesn't work really well because of the pre-buffering in
466 * shoutcast servers (the buffer content will be sent as fast as
468 p_sys->b_pace_control = false;
471 else if( !p_sys->psz_mime )
474 p_access->psz_demux = strdup( "mp3" );
476 /* else probably Ogg Vorbis */
478 else if( !strcasecmp( p_access->psz_access, "unsv" ) &&
480 !strcasecmp( p_sys->psz_mime, "misc/ultravox" ) )
482 /* Grrrr! detect ultravox server and force NSV demuxer */
483 p_access->psz_demux = strdup( "nsv" );
485 else if( !strcmp( p_access->psz_access, "itpc" ) )
487 p_access->psz_demux = strdup( "podcast" );
489 else if( p_sys->psz_mime &&
490 !strncasecmp( p_sys->psz_mime, "application/xspf+xml", 20 ) &&
491 ( memchr( " ;\t", p_sys->psz_mime[20], 4 ) != NULL ) )
492 p_access->psz_demux = strdup( "xspf-open" );
494 if( p_sys->b_reconnect ) msg_Dbg( p_access, "auto re-connect enabled" );
497 var_Create( p_access, "http-caching", VLC_VAR_INTEGER |VLC_VAR_DOINHERIT );
502 vlc_UrlClean( &p_sys->url );
503 vlc_UrlClean( &p_sys->proxy );
504 free( p_sys->psz_mime );
505 free( p_sys->psz_pragma );
506 free( p_sys->psz_location );
507 free( p_sys->psz_user_agent );
509 Disconnect( p_access );
514 /*****************************************************************************
516 *****************************************************************************/
517 static void Close( vlc_object_t *p_this )
519 access_t *p_access = (access_t*)p_this;
520 access_sys_t *p_sys = p_access->p_sys;
522 vlc_UrlClean( &p_sys->url );
523 AuthReset( &p_sys->auth );
524 vlc_UrlClean( &p_sys->proxy );
525 AuthReset( &p_sys->proxy_auth );
527 free( p_sys->psz_mime );
528 free( p_sys->psz_pragma );
529 free( p_sys->psz_location );
531 free( p_sys->psz_icy_name );
532 free( p_sys->psz_icy_genre );
533 free( p_sys->psz_icy_title );
535 free( p_sys->psz_user_agent );
537 Disconnect( p_access );
542 for( i = 0; i < vlc_array_count( p_sys->cookies ); i++ )
543 free(vlc_array_item_at_index( p_sys->cookies, i ));
544 vlc_array_destroy( p_sys->cookies );
548 inflateEnd( &p_sys->inflate.stream );
549 free( p_sys->inflate.p_buffer );
555 /*****************************************************************************
556 * Read: Read up to i_len bytes from the http connection and place in
557 * p_buffer. Return the actual number of bytes read
558 *****************************************************************************/
559 static int ReadICYMeta( access_t *p_access );
560 static ssize_t Read( access_t *p_access, uint8_t *p_buffer, size_t i_len )
562 access_sys_t *p_sys = p_access->p_sys;
567 p_access->info.b_eof = true;
571 if( p_access->info.i_size > 0 &&
572 i_len + p_access->info.i_pos > p_access->info.i_size )
574 if( ( i_len = p_access->info.i_size - p_access->info.i_pos ) == 0 )
576 p_access->info.b_eof = true;
581 if( p_sys->b_chunked )
583 if( p_sys->i_chunk < 0 )
585 p_access->info.b_eof = true;
589 if( p_sys->i_chunk <= 0 )
591 char *psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, p_sys->p_vs );
592 /* read the chunk header */
595 /* fatal error - end of file */
596 msg_Dbg( p_access, "failed reading chunk-header line" );
599 p_sys->i_chunk = strtoll( psz, NULL, 16 );
602 if( p_sys->i_chunk <= 0 ) /* eof */
605 p_access->info.b_eof = true;
610 if( i_len > p_sys->i_chunk )
612 i_len = p_sys->i_chunk;
616 if( p_sys->b_continuous && (ssize_t)i_len > p_sys->i_remaining )
618 /* Only ask for the remaining length */
619 int i_new_len = p_sys->i_remaining;
622 Request( p_access, 0 );
623 i_read = Read( p_access, p_buffer, i_len );
629 if( p_sys->i_icy_meta > 0 && p_access->info.i_pos > 0 )
631 int64_t i_next = p_sys->i_icy_meta -
632 p_access->info.i_pos % p_sys->i_icy_meta;
634 if( i_next == p_sys->i_icy_meta )
636 if( ReadICYMeta( p_access ) )
638 p_access->info.b_eof = true;
646 i_read = net_Read( p_access, p_sys->fd, p_sys->p_vs, p_buffer, i_len, false );
650 p_access->info.i_pos += i_read;
652 if( p_sys->b_chunked )
654 p_sys->i_chunk -= i_read;
655 if( p_sys->i_chunk <= 0 )
657 /* read the empty line */
658 char *psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, p_sys->p_vs );
663 else if( i_read == 0 )
666 * I very much doubt that this will work.
667 * If i_read == 0, the connection *IS* dead, so the only
668 * sensible thing to do is Disconnect() and then retry.
669 * Otherwise, I got recv() completely wrong. -- Courmisch
671 if( p_sys->b_continuous )
673 Request( p_access, 0 );
674 p_sys->b_continuous = false;
675 i_read = Read( p_access, p_buffer, i_len );
676 p_sys->b_continuous = true;
678 Disconnect( p_access );
679 if( p_sys->b_reconnect )
681 msg_Dbg( p_access, "got disconnected, trying to reconnect" );
682 if( Connect( p_access, p_access->info.i_pos ) )
684 msg_Dbg( p_access, "reconnection failed" );
688 p_sys->b_reconnect = false;
689 i_read = Read( p_access, p_buffer, i_len );
690 p_sys->b_reconnect = true;
694 if( i_read == 0 ) p_access->info.b_eof = true;
697 if( p_sys->b_continuous )
699 p_sys->i_remaining -= i_read;
705 static int ReadICYMeta( access_t *p_access )
707 access_sys_t *p_sys = p_access->p_sys;
713 /* Read meta data length */
714 i_read = net_Read( p_access, p_sys->fd, p_sys->p_vs, &buffer, 1,
721 i_read = buffer << 4;
722 /* msg_Dbg( p_access, "ICY meta size=%u", i_read); */
724 psz_meta = malloc( i_read + 1 );
725 if( net_Read( p_access, p_sys->fd, p_sys->p_vs,
726 (uint8_t *)psz_meta, i_read, true ) != i_read )
729 psz_meta[i_read] = '\0'; /* Just in case */
731 /* msg_Dbg( p_access, "icy-meta=%s", psz_meta ); */
733 /* Now parse the meta */
734 /* Look for StreamTitle= */
735 p = strcasestr( (char *)psz_meta, "StreamTitle=" );
738 p += strlen( "StreamTitle=" );
739 if( *p == '\'' || *p == '"' )
741 char closing[] = { p[0], ';', '\0' };
742 char *psz = strstr( &p[1], closing );
744 psz = strchr( &p[1], ';' );
746 if( psz ) *psz = '\0';
750 char *psz = strchr( &p[1], ';' );
751 if( psz ) *psz = '\0';
754 if( !p_sys->psz_icy_title ||
755 strcmp( p_sys->psz_icy_title, &p[1] ) )
757 free( p_sys->psz_icy_title );
758 p_sys->psz_icy_title = strdup( &p[1] );
759 p_access->info.i_update |= INPUT_UPDATE_META;
761 msg_Dbg( p_access, "New Title=%s", p_sys->psz_icy_title );
770 static ssize_t ReadCompressed( access_t *p_access, uint8_t *p_buffer,
773 access_sys_t *p_sys = p_access->p_sys;
775 if( p_sys->b_compressed )
779 if( !p_sys->inflate.p_buffer )
780 p_sys->inflate.p_buffer = malloc( 256 * 1024 );
782 if( p_sys->inflate.stream.avail_in == 0 )
784 ssize_t i_read = Read( p_access, p_sys->inflate.p_buffer + p_sys->inflate.stream.avail_in, 256 * 1024 );
785 if( i_read <= 0 ) return i_read;
786 p_sys->inflate.stream.next_in = p_sys->inflate.p_buffer;
787 p_sys->inflate.stream.avail_in = i_read;
790 p_sys->inflate.stream.avail_out = i_len;
791 p_sys->inflate.stream.next_out = p_buffer;
793 i_ret = inflate( &p_sys->inflate.stream, Z_SYNC_FLUSH );
794 msg_Warn( p_access, "inflate return value: %d, %s", i_ret, p_sys->inflate.stream.msg );
796 return i_len - p_sys->inflate.stream.avail_out;
800 return Read( p_access, p_buffer, i_len );
805 /*****************************************************************************
806 * Seek: close and re-open a connection at the right place
807 *****************************************************************************/
808 static int Seek( access_t *p_access, int64_t i_pos )
810 msg_Dbg( p_access, "trying to seek to "I64Fd, i_pos );
812 Disconnect( p_access );
814 if( Connect( p_access, i_pos ) )
816 msg_Err( p_access, "seek failed" );
817 p_access->info.b_eof = true;
823 /*****************************************************************************
825 *****************************************************************************/
826 static int Control( access_t *p_access, int i_query, va_list args )
828 access_sys_t *p_sys = p_access->p_sys;
837 case ACCESS_CAN_SEEK:
838 pb_bool = (bool*)va_arg( args, bool* );
839 *pb_bool = p_sys->b_seekable;
841 case ACCESS_CAN_FASTSEEK:
842 pb_bool = (bool*)va_arg( args, bool* );
845 case ACCESS_CAN_PAUSE:
846 case ACCESS_CAN_CONTROL_PACE:
847 pb_bool = (bool*)va_arg( args, bool* );
849 #if 0 /* Disable for now until we have a clock synchro algo
850 * which works with something else than MPEG over UDP */
851 *pb_bool = p_sys->b_pace_control;
858 pi_int = (int*)va_arg( args, int * );
862 case ACCESS_GET_PTS_DELAY:
863 pi_64 = (int64_t*)va_arg( args, int64_t * );
864 *pi_64 = (int64_t)var_GetInteger( p_access, "http-caching" ) * 1000;
868 case ACCESS_SET_PAUSE_STATE:
871 case ACCESS_GET_META:
872 p_meta = (vlc_meta_t*)va_arg( args, vlc_meta_t* );
874 if( p_sys->psz_icy_name )
875 vlc_meta_Set( p_meta, vlc_meta_Title, p_sys->psz_icy_name );
876 if( p_sys->psz_icy_genre )
877 vlc_meta_Set( p_meta, vlc_meta_Genre, p_sys->psz_icy_genre );
878 if( p_sys->psz_icy_title )
879 vlc_meta_Set( p_meta, vlc_meta_NowPlaying, p_sys->psz_icy_title );
882 case ACCESS_GET_CONTENT_TYPE:
883 *va_arg( args, char ** ) =
884 p_sys->psz_mime ? strdup( p_sys->psz_mime ) : NULL;
887 case ACCESS_GET_TITLE_INFO:
888 case ACCESS_SET_TITLE:
889 case ACCESS_SET_SEEKPOINT:
890 case ACCESS_SET_PRIVATE_ID_STATE:
894 msg_Warn( p_access, "unimplemented query in control" );
901 /*****************************************************************************
903 *****************************************************************************/
904 static int Connect( access_t *p_access, int64_t i_tell )
906 access_sys_t *p_sys = p_access->p_sys;
907 vlc_url_t srv = p_sys->b_proxy ? p_sys->proxy : p_sys->url;
910 free( p_sys->psz_location );
911 free( p_sys->psz_mime );
912 free( p_sys->psz_pragma );
914 free( p_sys->psz_icy_genre );
915 free( p_sys->psz_icy_name );
916 free( p_sys->psz_icy_title );
919 p_sys->psz_location = NULL;
920 p_sys->psz_mime = NULL;
921 p_sys->psz_pragma = NULL;
922 p_sys->b_mms = false;
923 p_sys->b_chunked = false;
925 p_sys->i_icy_meta = 0;
926 p_sys->psz_icy_name = NULL;
927 p_sys->psz_icy_genre = NULL;
928 p_sys->psz_icy_title = NULL;
930 p_access->info.i_size = 0;
931 p_access->info.i_pos = i_tell;
932 p_access->info.b_eof = false;
935 /* Open connection */
936 p_sys->fd = net_ConnectTCP( p_access, srv.psz_host, srv.i_port );
937 if( p_sys->fd == -1 )
939 msg_Err( p_access, "cannot connect to %s:%d", srv.psz_host, srv.i_port );
943 /* Initialize TLS/SSL session */
944 if( p_sys->b_ssl == true )
946 /* CONNECT to establish TLS tunnel through HTTP proxy */
950 unsigned i_status = 0;
952 if( p_sys->i_version == 0 )
954 /* CONNECT is not in HTTP/1.0 */
955 Disconnect( p_access );
959 net_Printf( VLC_OBJECT(p_access), p_sys->fd, NULL,
960 "CONNECT %s:%d HTTP/1.%d\r\nHost: %s:%d\r\n\r\n",
961 p_sys->url.psz_host, p_sys->url.i_port,
963 p_sys->url.psz_host, p_sys->url.i_port);
965 psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, NULL );
968 msg_Err( p_access, "cannot establish HTTP/TLS tunnel" );
969 Disconnect( p_access );
973 sscanf( psz, "HTTP/%*u.%*u %3u", &i_status );
976 if( ( i_status / 100 ) != 2 )
978 msg_Err( p_access, "HTTP/TLS tunnel through proxy denied" );
979 Disconnect( p_access );
985 psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, NULL );
988 msg_Err( p_access, "HTTP proxy connection failed" );
989 Disconnect( p_access );
998 if( p_access->b_die || p_access->b_error )
1000 Disconnect( p_access );
1007 /* TLS/SSL handshake */
1008 p_sys->p_tls = tls_ClientCreate( VLC_OBJECT(p_access), p_sys->fd,
1010 if( p_sys->p_tls == NULL )
1012 msg_Err( p_access, "cannot establish HTTP/TLS session" );
1013 Disconnect( p_access );
1016 p_sys->p_vs = &p_sys->p_tls->sock;
1019 return Request( p_access, i_tell ) ? -2 : 0;
1023 static int Request( access_t *p_access, int64_t i_tell )
1025 access_sys_t *p_sys = p_access->p_sys;
1027 v_socket_t *pvs = p_sys->p_vs;
1029 if( p_sys->b_proxy )
1031 if( p_sys->url.psz_path )
1033 net_Printf( VLC_OBJECT(p_access), p_sys->fd, NULL,
1034 "GET http://%s:%d%s HTTP/1.%d\r\n",
1035 p_sys->url.psz_host, p_sys->url.i_port,
1036 p_sys->url.psz_path, p_sys->i_version );
1040 net_Printf( VLC_OBJECT(p_access), p_sys->fd, NULL,
1041 "GET http://%s:%d/ HTTP/1.%d\r\n",
1042 p_sys->url.psz_host, p_sys->url.i_port,
1048 const char *psz_path = p_sys->url.psz_path;
1049 if( !psz_path || !*psz_path )
1053 if( p_sys->url.i_port != (pvs ? 443 : 80) )
1055 net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs,
1056 "GET %s HTTP/1.%d\r\nHost: %s:%d\r\n",
1057 psz_path, p_sys->i_version, p_sys->url.psz_host,
1058 p_sys->url.i_port );
1062 net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs,
1063 "GET %s HTTP/1.%d\r\nHost: %s\r\n",
1064 psz_path, p_sys->i_version, p_sys->url.psz_host );
1068 net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, "User-Agent: %s\r\n",
1069 p_sys->psz_user_agent );
1071 if( p_sys->i_version == 1 )
1073 net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs,
1074 "Range: bytes="I64Fd"-\r\n", i_tell );
1078 if( p_sys->cookies )
1081 for( i = 0; i < vlc_array_count( p_sys->cookies ); i++ )
1083 const char * cookie = vlc_array_item_at_index( p_sys->cookies, i );
1084 char * psz_cookie_content = cookie_get_content( cookie );
1085 char * psz_cookie_domain = cookie_get_domain( cookie );
1087 assert( psz_cookie_content );
1089 /* FIXME: This is clearly not conforming to the rfc */
1090 bool is_in_right_domain = (!psz_cookie_domain || strstr( p_sys->url.psz_host, psz_cookie_domain ));
1092 if( is_in_right_domain )
1094 msg_Dbg( p_access, "Sending Cookie %s", psz_cookie_content );
1095 if( net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, "Cookie: %s\r\n", psz_cookie_content ) < 0 )
1096 msg_Err( p_access, "failed to send Cookie" );
1098 free( psz_cookie_content );
1099 free( psz_cookie_domain );
1103 /* Authentication */
1104 if( p_sys->url.psz_username || p_sys->url.psz_password )
1105 AuthReply( p_access, "", &p_sys->url, &p_sys->auth );
1107 /* Proxy Authentication */
1108 if( p_sys->proxy.psz_username || p_sys->proxy.psz_password )
1109 AuthReply( p_access, "Proxy-", &p_sys->proxy, &p_sys->proxy_auth );
1111 /* ICY meta data request */
1112 net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, "Icy-MetaData: 1\r\n" );
1115 if( p_sys->b_continuous )
1117 net_Printf( VLC_OBJECT( p_access ), p_sys->fd, pvs,
1118 "Connection: Keep-Alive\r\n" );
1120 else if( p_sys->i_version == 1 )
1122 net_Printf( VLC_OBJECT( p_access ), p_sys->fd, pvs,
1123 "Connection: Close\r\n");
1126 if( net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, "\r\n" ) < 0 )
1128 msg_Err( p_access, "failed to send request" );
1129 Disconnect( p_access );
1130 return VLC_EGENERIC;
1134 if( ( psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, pvs ) ) == NULL )
1136 msg_Err( p_access, "failed to read answer" );
1139 if( !strncmp( psz, "HTTP/1.", 7 ) )
1141 p_sys->psz_protocol = "HTTP";
1142 p_sys->i_code = atoi( &psz[9] );
1144 else if( !strncmp( psz, "ICY", 3 ) )
1146 p_sys->psz_protocol = "ICY";
1147 p_sys->i_code = atoi( &psz[4] );
1148 p_sys->b_reconnect = true;
1152 msg_Err( p_access, "invalid HTTP reply '%s'", psz );
1156 msg_Dbg( p_access, "protocol '%s' answer code %d",
1157 p_sys->psz_protocol, p_sys->i_code );
1158 if( !strcmp( p_sys->psz_protocol, "ICY" ) )
1160 p_sys->b_seekable = false;
1162 if( p_sys->i_code != 206 && p_sys->i_code != 401 )
1164 p_sys->b_seekable = false;
1166 /* Authentication error - We'll have to display the dialog */
1167 if( p_sys->i_code == 401 )
1171 /* Other fatal error */
1172 else if( p_sys->i_code >= 400 )
1174 msg_Err( p_access, "error: %s", psz );
1182 char *psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, pvs );
1187 msg_Err( p_access, "failed to read answer" );
1191 if( p_access->b_die || p_access->b_error )
1197 /* msg_Dbg( p_input, "Line=%s", psz ); */
1204 if( ( p = strchr( psz, ':' ) ) == NULL )
1206 msg_Err( p_access, "malformed header line: %s", psz );
1211 while( *p == ' ' ) p++;
1213 if( !strcasecmp( psz, "Content-Length" ) )
1215 if( p_sys->b_continuous )
1217 p_access->info.i_size = -1;
1218 msg_Dbg( p_access, "this frame size=%lld", atoll(p ) );
1219 p_sys->i_remaining = atoll( p );
1223 p_access->info.i_size = i_tell + atoll( p );
1224 msg_Dbg( p_access, "stream size="I64Fd, p_access->info.i_size );
1227 else if( !strcasecmp( psz, "Location" ) )
1231 /* This does not follow RFC 2068, but yet if the url is not absolute,
1232 * handle it as everyone does. */
1235 const char *psz_http_ext = p_sys->b_ssl ? "s" : "" ;
1237 if( p_sys->url.i_port == ( p_sys->b_ssl ? 443 : 80 ) )
1239 if( asprintf(&psz_new_loc, "http%s://%s%s", psz_http_ext,
1240 p_sys->url.psz_host, p) < 0 )
1245 if( asprintf(&psz_new_loc, "http%s://%s:%d%s", psz_http_ext,
1246 p_sys->url.psz_host, p_sys->url.i_port, p) < 0 )
1252 psz_new_loc = strdup( p );
1255 free( p_sys->psz_location );
1256 p_sys->psz_location = psz_new_loc;
1258 else if( !strcasecmp( psz, "Content-Type" ) )
1260 free( p_sys->psz_mime );
1261 p_sys->psz_mime = strdup( p );
1262 msg_Dbg( p_access, "Content-Type: %s", p_sys->psz_mime );
1264 else if( !strcasecmp( psz, "Content-Encoding" ) )
1266 msg_Dbg( p_access, "Content-Encoding: %s", p );
1267 if( strcasecmp( p, "identity" ) )
1269 p_sys->b_compressed = true;
1271 msg_Warn( p_access, "Compressed content not supported. Rebuild with zlib support." );
1274 else if( !strcasecmp( psz, "Pragma" ) )
1276 if( !strcasecmp( psz, "Pragma: features" ) )
1277 p_sys->b_mms = true;
1278 free( p_sys->psz_pragma );
1279 p_sys->psz_pragma = strdup( p );
1280 msg_Dbg( p_access, "Pragma: %s", p_sys->psz_pragma );
1282 else if( !strcasecmp( psz, "Server" ) )
1284 msg_Dbg( p_access, "Server: %s", p );
1285 if( !strncasecmp( p, "Icecast", 7 ) ||
1286 !strncasecmp( p, "Nanocaster", 10 ) )
1288 /* Remember if this is Icecast
1289 * we need to force demux in this case without breaking
1292 /* Let live 365 streams (nanocaster) piggyback on the icecast
1293 * routine. They look very similar */
1295 p_sys->b_reconnect = true;
1296 p_sys->b_pace_control = false;
1297 p_sys->b_icecast = true;
1300 else if( !strcasecmp( psz, "Transfer-Encoding" ) )
1302 msg_Dbg( p_access, "Transfer-Encoding: %s", p );
1303 if( !strncasecmp( p, "chunked", 7 ) )
1305 p_sys->b_chunked = true;
1308 else if( !strcasecmp( psz, "Icy-MetaInt" ) )
1310 msg_Dbg( p_access, "Icy-MetaInt: %s", p );
1311 p_sys->i_icy_meta = atoi( p );
1312 if( p_sys->i_icy_meta < 0 )
1313 p_sys->i_icy_meta = 0;
1315 msg_Warn( p_access, "ICY metaint=%d", p_sys->i_icy_meta );
1317 else if( !strcasecmp( psz, "Icy-Name" ) )
1319 free( p_sys->psz_icy_name );
1320 p_sys->psz_icy_name = strdup( p );
1321 msg_Dbg( p_access, "Icy-Name: %s", p_sys->psz_icy_name );
1323 p_sys->b_icecast = true; /* be on the safeside. set it here as well. */
1324 p_sys->b_reconnect = true;
1325 p_sys->b_pace_control = false;
1327 else if( !strcasecmp( psz, "Icy-Genre" ) )
1329 free( p_sys->psz_icy_genre );
1330 p_sys->psz_icy_genre = strdup( p );
1331 msg_Dbg( p_access, "Icy-Genre: %s", p_sys->psz_icy_genre );
1333 else if( !strncasecmp( psz, "Icy-Notice", 10 ) )
1335 msg_Dbg( p_access, "Icy-Notice: %s", p );
1337 else if( !strncasecmp( psz, "icy-", 4 ) ||
1338 !strncasecmp( psz, "ice-", 4 ) ||
1339 !strncasecmp( psz, "x-audiocast", 11 ) )
1341 msg_Dbg( p_access, "Meta-Info: %s: %s", psz, p );
1343 else if( !strcasecmp( psz, "Set-Cookie" ) )
1345 if( p_sys->cookies )
1347 msg_Dbg( p_access, "Accepting Cookie: %s", p );
1348 cookie_append( p_sys->cookies, strdup(p) );
1351 msg_Dbg( p_access, "We have a Cookie we won't remember: %s", p );
1353 else if( !strcasecmp( psz, "www-authenticate" ) )
1355 msg_Dbg( p_access, "Authentication header: %s", p );
1356 AuthParseHeader( p_access, p, &p_sys->auth );
1358 else if( !strcasecmp( psz, "proxy-authenticate" ) )
1360 msg_Dbg( p_access, "Proxy authentication header: %s", p );
1361 AuthParseHeader( p_access, p, &p_sys->proxy_auth );
1363 else if( !strcasecmp( psz, "authentication-info" ) )
1365 msg_Dbg( p_access, "Authentication Info header: %s", p );
1366 if( AuthCheckReply( p_access, p, &p_sys->url, &p_sys->auth ) )
1369 else if( !strcasecmp( psz, "proxy-authentication-info" ) )
1371 msg_Dbg( p_access, "Proxy Authentication Info header: %s", p );
1372 if( AuthCheckReply( p_access, p, &p_sys->proxy, &p_sys->proxy_auth ) )
1381 Disconnect( p_access );
1382 return VLC_EGENERIC;
1385 /*****************************************************************************
1387 *****************************************************************************/
1388 static void Disconnect( access_t *p_access )
1390 access_sys_t *p_sys = p_access->p_sys;
1392 if( p_sys->p_tls != NULL)
1394 tls_ClientDelete( p_sys->p_tls );
1395 p_sys->p_tls = NULL;
1398 if( p_sys->fd != -1)
1400 net_Close(p_sys->fd);
1406 /*****************************************************************************
1407 * Cookies (FIXME: we may want to rewrite that using a nice structure to hold
1408 * them) (FIXME: only support the "domain=" param)
1409 *****************************************************************************/
1411 /* Get the NAME=VALUE part of the Cookie */
1412 static char * cookie_get_content( const char * cookie )
1414 char * ret = strdup( cookie );
1415 if( !ret ) return NULL;
1417 /* Look for a ';' */
1418 while( *str && *str != ';' ) str++;
1419 /* Replace it by a end-char */
1420 if( *str == ';' ) *str = 0;
1424 /* Get the domain where the cookie is stored */
1425 static char * cookie_get_domain( const char * cookie )
1427 const char * str = cookie;
1428 static const char domain[] = "domain=";
1431 /* Look for a ';' */
1434 if( !strncmp( str, domain, sizeof(domain) - 1 /* minus \0 */ ) )
1436 str += sizeof(domain) - 1 /* minus \0 */;
1437 char * ret = strdup( str );
1438 /* Now remove the next ';' if present */
1439 char * ret_iter = ret;
1440 while( *ret_iter && *ret_iter != ';' ) ret_iter++;
1441 if( *ret_iter == ';' )
1445 /* Go to next ';' field */
1446 while( *str && *str != ';' ) str++;
1447 if( *str == ';' ) str++;
1449 while( *str && *str == ' ' ) str++;
1454 /* Get NAME in the NAME=VALUE field */
1455 static char * cookie_get_name( const char * cookie )
1457 char * ret = cookie_get_content( cookie ); /* NAME=VALUE */
1458 if( !ret ) return NULL;
1460 while( *str && *str != '=' ) str++;
1465 /* Add a cookie in cookies, checking to see how it should be added */
1466 static void cookie_append( vlc_array_t * cookies, char * cookie )
1473 char * cookie_name = cookie_get_name( cookie );
1475 /* Don't send invalid cookies */
1479 char * cookie_domain = cookie_get_domain( cookie );
1480 for( i = 0; i < vlc_array_count( cookies ); i++ )
1482 char * current_cookie = vlc_array_item_at_index( cookies, i );
1483 char * current_cookie_name = cookie_get_name( current_cookie );
1484 char * current_cookie_domain = cookie_get_domain( current_cookie );
1486 assert( current_cookie_name );
1488 bool is_domain_matching = ( cookie_domain && current_cookie_domain &&
1489 !strcmp( cookie_domain, current_cookie_domain ) );
1491 if( is_domain_matching && !strcmp( cookie_name, current_cookie_name ) )
1493 /* Remove previous value for this cookie */
1494 free( current_cookie );
1495 vlc_array_remove( cookies, i );
1498 free( current_cookie_name );
1499 free( current_cookie_domain );
1502 free( current_cookie_name );
1503 free( current_cookie_domain );
1505 free( cookie_name );
1506 free( cookie_domain );
1507 vlc_array_append( cookies, cookie );
1510 /*****************************************************************************
1511 * "RFC 2617: Basic and Digest Access Authentification" header parsing
1512 *****************************************************************************/
1513 static char *AuthGetParam( const char *psz_header, const char *psz_param )
1515 char psz_what[strlen(psz_param)+3];
1516 sprintf( psz_what, "%s=\"", psz_param );
1517 psz_header = strstr( psz_header, psz_what );
1520 const char *psz_end;
1521 psz_header += strlen( psz_what );
1522 psz_end = strchr( psz_header, '"' );
1523 if( !psz_end ) /* Invalid since we should have a closing quote */
1524 return strdup( psz_header );
1525 return strndup( psz_header, psz_end - psz_header );
1533 static char *AuthGetParamNoQuotes( const char *psz_header, const char *psz_param )
1535 char psz_what[strlen(psz_param)+2];
1536 sprintf( psz_what, "%s=", psz_param );
1537 psz_header = strstr( psz_header, psz_what );
1540 const char *psz_end;
1541 psz_header += strlen( psz_what );
1542 psz_end = strchr( psz_header, ',' );
1543 /* XXX: Do we need to filter out trailing space between the value and
1544 * the comma/end of line? */
1545 if( !psz_end ) /* Can be valid if this is the last parameter */
1546 return strdup( psz_header );
1547 return strndup( psz_header, psz_end - psz_header );
1555 static void AuthParseHeader( access_t *p_access, const char *psz_header,
1556 http_auth_t *p_auth )
1558 /* FIXME: multiple auth methods can be listed (comma seperated) */
1560 /* 2 Basic Authentication Scheme */
1561 if( !strncasecmp( psz_header, "Basic ", strlen( "Basic " ) ) )
1563 msg_Dbg( p_access, "Using Basic Authentication" );
1564 psz_header += strlen( "Basic " );
1565 p_auth->psz_realm = AuthGetParam( psz_header, "realm" );
1566 if( !p_auth->psz_realm )
1567 msg_Warn( p_access, "Basic Authentication: "
1568 "Mandatory 'realm' parameter is missing" );
1570 /* 3 Digest Access Authentication Scheme */
1571 else if( !strncasecmp( psz_header, "Digest ", strlen( "Digest " ) ) )
1573 msg_Dbg( p_access, "Using Digest Access Authentication" );
1574 if( p_auth->psz_nonce ) return; /* FIXME */
1575 psz_header += strlen( "Digest " );
1576 p_auth->psz_realm = AuthGetParam( psz_header, "realm" );
1577 p_auth->psz_domain = AuthGetParam( psz_header, "domain" );
1578 p_auth->psz_nonce = AuthGetParam( psz_header, "nonce" );
1579 p_auth->psz_opaque = AuthGetParam( psz_header, "opaque" );
1580 p_auth->psz_stale = AuthGetParamNoQuotes( psz_header, "stale" );
1581 p_auth->psz_algorithm = AuthGetParamNoQuotes( psz_header, "algorithm" );
1582 p_auth->psz_qop = AuthGetParam( psz_header, "qop" );
1583 p_auth->i_nonce = 0;
1584 /* printf("realm: |%s|\ndomain: |%s|\nnonce: |%s|\nopaque: |%s|\n"
1585 "stale: |%s|\nalgorithm: |%s|\nqop: |%s|\n",
1586 p_auth->psz_realm,p_auth->psz_domain,p_auth->psz_nonce,
1587 p_auth->psz_opaque,p_auth->psz_stale,p_auth->psz_algorithm,
1588 p_auth->psz_qop); */
1589 if( !p_auth->psz_realm )
1590 msg_Warn( p_access, "Digest Access Authentication: "
1591 "Mandatory 'realm' parameter is missing" );
1592 if( !p_auth->psz_nonce )
1593 msg_Warn( p_access, "Digest Access Authentication: "
1594 "Mandatory 'nonce' parameter is missing" );
1595 if( p_auth->psz_qop ) /* FIXME: parse the qop list */
1597 char *psz_tmp = strchr( p_auth->psz_qop, ',' );
1598 if( psz_tmp ) *psz_tmp = '\0';
1603 const char *psz_end = strchr( psz_header, ' ' );
1605 msg_Warn( p_access, "Unknown authentication scheme: '%*s'",
1606 psz_end - psz_header, psz_header );
1608 msg_Warn( p_access, "Unknown authentication scheme: '%s'",
1613 static char *AuthDigest( access_t *p_access, vlc_url_t *p_url,
1614 http_auth_t *p_auth, const char *psz_method )
1617 const char *psz_username = p_url->psz_username ?: "";
1618 const char *psz_password = p_url->psz_password ?: "";
1620 char *psz_HA1 = NULL;
1621 char *psz_HA2 = NULL;
1622 char *psz_response = NULL;
1626 if( p_auth->psz_HA1 )
1628 psz_HA1 = strdup( p_auth->psz_HA1 );
1629 if( !psz_HA1 ) goto error;
1634 AddMD5( &md5, psz_username, strlen( psz_username ) );
1635 AddMD5( &md5, ":", 1 );
1636 AddMD5( &md5, p_auth->psz_realm, strlen( p_auth->psz_realm ) );
1637 AddMD5( &md5, ":", 1 );
1638 AddMD5( &md5, psz_password, strlen( psz_password ) );
1641 psz_HA1 = psz_md5_hash( &md5 );
1642 if( !psz_HA1 ) goto error;
1644 if( p_auth->psz_algorithm
1645 && !strcmp( p_auth->psz_algorithm, "MD5-sess" ) )
1648 AddMD5( &md5, psz_HA1, 32 );
1650 AddMD5( &md5, ":", 1 );
1651 AddMD5( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) );
1652 AddMD5( &md5, ":", 1 );
1653 AddMD5( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) );
1656 psz_HA1 = psz_md5_hash( &md5 );
1657 if( !psz_HA1 ) goto error;
1658 p_auth->psz_HA1 = strdup( psz_HA1 );
1659 if( !p_auth->psz_HA1 ) goto error;
1666 AddMD5( &md5, psz_method, strlen( psz_method ) );
1667 AddMD5( &md5, ":", 1 );
1668 if( p_url->psz_path )
1669 AddMD5( &md5, p_url->psz_path, strlen( p_url->psz_path ) );
1671 AddMD5( &md5, "/", 1 );
1672 if( p_auth->psz_qop && !strcmp( p_auth->psz_qop, "auth-int" ) )
1677 AddMD5( &ent, "", 0 ); /* XXX: entity-body. should be ok for GET */
1679 psz_ent = psz_md5_hash( &ent );
1680 if( !psz_ent ) goto error;
1681 AddMD5( &md5, ":", 1 );
1682 AddMD5( &md5, psz_ent, 32 );
1686 psz_HA2 = psz_md5_hash( &md5 );
1687 if( !psz_HA2 ) goto error;
1689 /* Request digest */
1691 AddMD5( &md5, psz_HA1, 32 );
1692 AddMD5( &md5, ":", 1 );
1693 AddMD5( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) );
1694 AddMD5( &md5, ":", 1 );
1696 && ( !strcmp( p_auth->psz_qop, "auth" )
1697 || !strcmp( p_auth->psz_qop, "auth-int" ) ) )
1700 snprintf( psz_inonce, 9, "%08x", p_auth->i_nonce );
1701 AddMD5( &md5, psz_inonce, 8 );
1702 AddMD5( &md5, ":", 1 );
1703 AddMD5( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) );
1704 AddMD5( &md5, ":", 1 );
1705 AddMD5( &md5, p_auth->psz_qop, strlen( p_auth->psz_qop ) );
1706 AddMD5( &md5, ":", 1 );
1708 AddMD5( &md5, psz_HA2, 32 );
1710 psz_response = psz_md5_hash( &md5 );
1715 return psz_response;
1719 static void AuthReply( access_t *p_access, const char *psz_prefix,
1720 vlc_url_t *p_url, http_auth_t *p_auth )
1722 access_sys_t *p_sys = p_access->p_sys;
1723 v_socket_t *pvs = p_sys->p_vs;
1725 const char *psz_username = p_url->psz_username ?: "";
1726 const char *psz_password = p_url->psz_password ?: "";
1728 if( p_auth->psz_nonce )
1730 /* Digest Access Authentication */
1733 if( p_auth->psz_algorithm
1734 && strcmp( p_auth->psz_algorithm, "MD5" )
1735 && strcmp( p_auth->psz_algorithm, "MD5-sess" ) )
1737 msg_Err( p_access, "Digest Access Authentication: "
1738 "Unknown algorithm '%s'", p_auth->psz_algorithm );
1742 if( p_auth->psz_qop || !p_auth->psz_cnonce )
1744 /* FIXME: needs to be really random to prevent man in the middle
1746 free( p_auth->psz_cnonce );
1747 p_auth->psz_cnonce = strdup( "Some random string FIXME" );
1751 psz_response = AuthDigest( p_access, p_url, p_auth, "GET" );
1752 if( !psz_response ) return;
1754 net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs,
1755 "%sAuthorization: Digest "
1756 /* Mandatory parameters */
1762 /* Optional parameters */
1763 "%s%s%s" /* algorithm */
1764 "%s%s%s" /* cnonce */
1765 "%s%s%s" /* opaque */
1766 "%s%s%s" /* message qop */
1767 "%s%08x%s" /* nonce count */
1769 /* Mandatory parameters */
1774 p_url->psz_path ?: "/",
1776 /* Optional parameters */
1777 p_auth->psz_algorithm ? "algorithm=\"" : "",
1778 p_auth->psz_algorithm ?: "",
1779 p_auth->psz_algorithm ? "\", " : "",
1780 p_auth->psz_cnonce ? "cnonce=\"" : "",
1781 p_auth->psz_cnonce ?: "",
1782 p_auth->psz_cnonce ? "\", " : "",
1783 p_auth->psz_opaque ? "opaque=\"" : "",
1784 p_auth->psz_opaque ?: "",
1785 p_auth->psz_opaque ? "\", " : "",
1786 p_auth->psz_qop ? "qop=\"" : "",
1787 p_auth->psz_qop ?: "",
1788 p_auth->psz_qop ? "\", " : "",
1789 p_auth->i_nonce ? "nc=\"" : "uglyhack=\"", /* Will be parsed as an unhandled extension */
1791 p_auth->i_nonce ? "\"" : "\""
1794 free( psz_response );
1798 /* Basic Access Authentication */
1799 char buf[strlen( psz_username ) + strlen( psz_password ) + 2];
1802 snprintf( buf, sizeof( buf ), "%s:%s", psz_username, psz_password );
1803 b64 = vlc_b64_encode( buf );
1807 net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs,
1808 "%sAuthorization: Basic %s\r\n", psz_prefix, b64 );
1814 static int AuthCheckReply( access_t *p_access, const char *psz_header,
1815 vlc_url_t *p_url, http_auth_t *p_auth )
1817 int i_ret = VLC_EGENERIC;
1818 char *psz_nextnonce = AuthGetParam( psz_header, "nextnonce" );
1819 char *psz_qop = AuthGetParamNoQuotes( psz_header, "qop" );
1820 char *psz_rspauth = AuthGetParam( psz_header, "rspauth" );
1821 char *psz_cnonce = AuthGetParam( psz_header, "cnonce" );
1822 char *psz_nc = AuthGetParamNoQuotes( psz_header, "nc" );
1828 if( strcmp( psz_cnonce, p_auth->psz_cnonce ) )
1830 msg_Err( p_access, "HTTP Digest Access Authentication: server replied with a different client nonce value." );
1837 i_nonce = strtol( psz_nc, NULL, 16 );
1838 if( i_nonce != p_auth->i_nonce )
1840 msg_Err( p_access, "HTTP Digest Access Authentication: server replied with a different nonce count value." );
1845 if( psz_qop && p_auth->psz_qop && strcmp( psz_qop, p_auth->psz_qop ) )
1846 msg_Warn( p_access, "HTTP Digest Access Authentication: server replied using a different 'quality of protection' option" );
1848 /* All the clear text values match, let's now check the response
1850 psz_digest = AuthDigest( p_access, p_url, p_auth, "" );
1851 if( strcmp( psz_digest, psz_rspauth ) )
1853 msg_Err( p_access, "HTTP Digest Access Authentication: server replied with an invalid response digest (expected value: %s).", psz_digest );
1862 free( p_auth->psz_nonce );
1863 p_auth->psz_nonce = psz_nextnonce;
1864 psz_nextnonce = NULL;
1867 i_ret = VLC_SUCCESS;
1869 free( psz_nextnonce );
1871 free( psz_rspauth );
1878 static void AuthReset( http_auth_t *p_auth )
1880 FREENULL( p_auth->psz_realm );
1881 FREENULL( p_auth->psz_domain );
1882 FREENULL( p_auth->psz_nonce );
1883 FREENULL( p_auth->psz_opaque );
1884 FREENULL( p_auth->psz_stale );
1885 FREENULL( p_auth->psz_algorithm );
1886 FREENULL( p_auth->psz_qop );
1887 p_auth->i_nonce = 0;
1888 FREENULL( p_auth->psz_cnonce );
1889 FREENULL( p_auth->psz_HA1 );