X-Git-Url: https://git.sesse.net/?a=blobdiff_plain;f=modules%2Faccess%2Fhttp.c;h=583cf4a1258448a9a207a314c9a7ad0c3701b7cc;hb=efac86c9fd5f5cf57c190c5951a4a3eb2e6b0f29;hp=f94d7cd81ec66683dc8bb2bbbae8ebdba50e6bc8;hpb=fc44328d1a283e1729ab089a51bf6fdf4022c9a9;p=vlc diff --git a/modules/access/http.c b/modules/access/http.c index f94d7cd81e..583cf4a125 100644 --- a/modules/access/http.c +++ b/modules/access/http.c @@ -1,7 +1,7 @@ /***************************************************************************** * http.c: HTTP input module ***************************************************************************** - * Copyright (C) 2001-2008 the VideoLAN team + * Copyright (C) 2001-2008 VLC authors and VideoLAN * $Id$ * * Authors: Laurent Aimar @@ -9,19 +9,19 @@ * Rémi Denis-Courmont * Antoine Cellerier * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA. + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA. *****************************************************************************/ /***************************************************************************** @@ -46,16 +46,15 @@ #include #include #include +#include #ifdef HAVE_ZLIB_H # include #endif #include +#include -#ifdef HAVE_LIBPROXY -# include -#endif /***************************************************************************** * Module descriptor *****************************************************************************/ @@ -72,15 +71,6 @@ static void Close( vlc_object_t * ); #define PROXY_PASS_LONGTEXT N_( \ "If your HTTP proxy requires a password, set it here." ) -#define CACHING_TEXT N_("Caching value in ms") -#define CACHING_LONGTEXT N_( \ - "Caching value for HTTP streams. This " \ - "value should be set in milliseconds." ) - -#define AGENT_TEXT N_("HTTP user agent") -#define AGENT_LONGTEXT N_("User agent that will be " \ - "used for the connection.") - #define RECONNECT_TEXT N_("Auto re-connect") #define RECONNECT_LONGTEXT N_( \ "Automatically try to reconnect to the stream in case of a sudden " \ @@ -93,7 +83,16 @@ static void Close( vlc_object_t * ); "types of HTTP streams." ) #define FORWARD_COOKIES_TEXT N_("Forward Cookies") -#define FORWARD_COOKIES_LONGTEXT N_("Forward Cookies across http redirections ") +#define FORWARD_COOKIES_LONGTEXT N_("Forward Cookies across http redirections.") + +#define REFERER_TEXT N_("HTTP referer value") +#define REFERER_LONGTEXT N_("Customize the HTTP referer, simulating a previous document") + +#define UA_TEXT N_("User Agent") +#define UA_LONGTEXT N_("The name and version of the program will be " \ + "provided to the HTTP server. They must be separated by a forward " \ + "slash, e.g. FooBar/1.2.3. This option can only be specified per input " \ + "item, not globally.") vlc_module_begin () set_description( N_("HTTP input") ) @@ -102,29 +101,25 @@ vlc_module_begin () set_category( CAT_INPUT ) set_subcategory( SUBCAT_INPUT_ACCESS ) - add_string( "http-proxy", NULL, NULL, PROXY_TEXT, PROXY_LONGTEXT, + add_string( "http-proxy", NULL, PROXY_TEXT, PROXY_LONGTEXT, false ) - add_password( "http-proxy-pwd", NULL, NULL, + add_password( "http-proxy-pwd", NULL, PROXY_PASS_TEXT, PROXY_PASS_LONGTEXT, false ) - add_integer( "http-caching", 4 * DEFAULT_PTS_DELAY / 1000, NULL, - CACHING_TEXT, CACHING_LONGTEXT, true ) + add_obsolete_bool( "http-use-IE-proxy" ) + add_string( "http-referrer", NULL, REFERER_TEXT, REFERER_LONGTEXT, false ) + change_safe() + add_string( "http-user-agent", NULL, UA_TEXT, UA_LONGTEXT, false ) change_safe() - add_string( "http-user-agent", COPYRIGHT_MESSAGE , NULL, AGENT_TEXT, - AGENT_LONGTEXT, true ) - add_bool( "http-reconnect", 0, NULL, RECONNECT_TEXT, + change_private() + add_bool( "http-reconnect", false, RECONNECT_TEXT, RECONNECT_LONGTEXT, true ) - add_bool( "http-continuous", 0, NULL, CONTINUOUS_TEXT, + add_bool( "http-continuous", false, CONTINUOUS_TEXT, CONTINUOUS_LONGTEXT, true ) change_safe() - add_bool( "http-forward-cookies", true, NULL, FORWARD_COOKIES_TEXT, + add_bool( "http-forward-cookies", true, FORWARD_COOKIES_TEXT, FORWARD_COOKIES_LONGTEXT, true ) - add_obsolete_string("http-user") - add_obsolete_string("http-pwd") - add_shortcut( "http" ) - add_shortcut( "https" ) - add_shortcut( "unsv" ) - add_shortcut( "itpc" ) /* iTunes Podcast */ - add_shortcut( "icyx" ) + /* 'itpc' = iTunes Podcast */ + add_shortcut( "http", "https", "unsv", "itpc", "icyx" ) set_callbacks( Open, Close ) vlc_module_end () @@ -132,30 +127,18 @@ vlc_module_end () * Local prototypes *****************************************************************************/ -/* RFC 2617: Basic and Digest Access Authentication */ -typedef struct http_auth_t -{ - char *psz_realm; - char *psz_domain; - char *psz_nonce; - char *psz_opaque; - char *psz_stale; - char *psz_algorithm; - char *psz_qop; - int i_nonce; - char *psz_cnonce; - char *psz_HA1; /* stored H(A1) value if algorithm = "MD5-sess" */ -} http_auth_t; - struct access_sys_t { int fd; - tls_session_t *p_tls; - v_socket_t *p_vs; + bool b_error; + vlc_tls_creds_t *p_creds; + vlc_tls_t *p_tls; + v_socket_t *p_vs; /* From uri */ vlc_url_t url; char *psz_user_agent; + char *psz_referrer; http_auth_t auth; /* Proxy */ @@ -174,7 +157,6 @@ struct access_sys_t char *psz_location; bool b_mms; bool b_icecast; - bool b_ssl; #ifdef HAVE_ZLIB_H bool b_compressed; struct @@ -188,34 +170,36 @@ struct access_sys_t int64_t i_chunk; int i_icy_meta; - int64_t i_icy_offset; + uint64_t i_icy_offset; char *psz_icy_name; char *psz_icy_genre; char *psz_icy_title; - int64_t i_remaining; + uint64_t i_remaining; bool b_seekable; bool b_reconnect; bool b_continuous; bool b_pace_control; bool b_persist; + bool b_has_size; vlc_array_t * cookies; }; /* */ -static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies ); +static int OpenWithCookies( vlc_object_t *p_this, const char *psz_access, + unsigned i_redirect, vlc_array_t *cookies ); /* */ static ssize_t Read( access_t *, uint8_t *, size_t ); static ssize_t ReadCompressed( access_t *, uint8_t *, size_t ); -static int Seek( access_t *, int64_t ); +static int Seek( access_t *, uint64_t ); static int Control( access_t *, int, va_list ); /* */ -static int Connect( access_t *, int64_t ); -static int Request( access_t *p_access, int64_t i_tell ); +static int Connect( access_t *, uint64_t ); +static int Request( access_t *p_access, uint64_t i_tell ); static void Disconnect( access_t * ); /* Small Cookie utilities. Cookies support is partial. */ @@ -225,30 +209,39 @@ static char * cookie_get_name( const char * cookie ); static void cookie_append( vlc_array_t * cookies, char * cookie ); -static void AuthParseHeader( access_t *p_access, const char *psz_header, - http_auth_t *p_auth ); static void AuthReply( access_t *p_acces, const char *psz_prefix, vlc_url_t *p_url, http_auth_t *p_auth ); static int AuthCheckReply( access_t *p_access, const char *psz_header, vlc_url_t *p_url, http_auth_t *p_auth ); -static void AuthReset( http_auth_t *p_auth ); /***************************************************************************** * Open: *****************************************************************************/ static int Open( vlc_object_t *p_this ) { - return OpenWithCookies( p_this, NULL ); + access_t *p_access = (access_t*)p_this; + return OpenWithCookies( p_this, p_access->psz_access, 5, NULL ); } -static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies ) +/** + * Open the given url using the given cookies + * @param p_this: the vlc object + * @psz_access: the acces to use (http, https, ...) (this value must be used + * instead of p_access->psz_access) + * @i_redirect: number of redirections remaining + * @cookies: the available cookies + * @return vlc error codes + */ +static int OpenWithCookies( vlc_object_t *p_this, const char *psz_access, + unsigned i_redirect, vlc_array_t *cookies ) { access_t *p_access = (access_t*)p_this; access_sys_t *p_sys; char *psz, *p; + /* Only forward an store cookies if the corresponding option is activated */ - bool b_forward_cookies = var_CreateGetBool( p_access, "http-forward-cookies" ); - vlc_array_t * saved_cookies = b_forward_cookies ? (cookies ?: vlc_array_new()) : NULL; + bool b_forward_cookies = var_InheritBool( p_access, "http-forward-cookies" ); + vlc_array_t * saved_cookies = b_forward_cookies ? (cookies ? cookies : vlc_array_new()) : NULL; /* Set up p_access */ STANDARD_READ_ACCESS_INIT; @@ -266,8 +259,8 @@ static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies ) p_sys->b_icecast = false; p_sys->psz_location = NULL; p_sys->psz_user_agent = NULL; + p_sys->psz_referrer = NULL; p_sys->b_pace_control = true; - p_sys->b_ssl = false; #ifdef HAVE_ZLIB_H p_sys->b_compressed = false; /* 15 is the max windowBits, +32 to enable optional gzip decoding */ @@ -287,14 +280,18 @@ static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies ) p_sys->psz_icy_title = NULL; p_sys->i_remaining = 0; p_sys->b_persist = false; - p_access->info.i_size = -1; + p_sys->b_has_size = false; + p_access->info.i_size = 0; p_access->info.i_pos = 0; p_access->info.b_eof = false; p_sys->cookies = saved_cookies; + http_auth_Init( &p_sys->auth ); + http_auth_Init( &p_sys->proxy_auth ); + /* Parse URI - remove spaces */ - p = psz = strdup( p_access->psz_path ); + p = psz = strdup( p_access->psz_location ); while( (p = strchr( p, ' ' )) != NULL ) *p = '+'; vlc_UrlParse( &p_sys->url, psz, 0 ); @@ -305,10 +302,12 @@ static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies ) msg_Warn( p_access, "invalid host" ); goto error; } - if( !strncmp( p_access->psz_access, "https", 5 ) ) + if( !strncmp( psz_access, "https", 5 ) ) { /* HTTP over SSL */ - p_sys->b_ssl = true; + p_sys->p_creds = vlc_tls_ClientCreate( p_this ); + if( p_sys->p_creds == NULL ) + goto error; if( p_sys->url.i_port <= 0 ) p_sys->url.i_port = 443; } @@ -318,70 +317,75 @@ static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies ) p_sys->url.i_port = 80; } - /* Do user agent */ - p_sys->psz_user_agent = var_CreateGetString( p_access, "http-user-agent" ); - - /* Check proxy */ - psz = var_CreateGetNonEmptyString( p_access, "http-proxy" ); - if( psz ) - { - p_sys->b_proxy = true; - vlc_UrlParse( &p_sys->proxy, psz, 0 ); - free( psz ); - } -#ifdef HAVE_LIBPROXY - else + /* Determine the HTTP user agent */ + /* See RFC2616 §2.2 token and comment definition, and §3.8 and + * §14.43 user-agent header */ + p_sys->psz_user_agent = var_InheritString( p_access, "http-user-agent" ); + if (p_sys->psz_user_agent) { - pxProxyFactory *pf = px_proxy_factory_new(); - if (pf) + unsigned comment_level = 0; + for( char *p = p_sys->psz_user_agent; *p; p++ ) { - char *buf; - int i; - i=asprintf(&buf, "%s://%s", p_access->psz_access, p_access->psz_path); - if (i >= 0) + uint8_t c = *p; + if (comment_level == 0) { - msg_Dbg(p_access, "asking libproxy about url '%s'", buf); - char **proxies = px_proxy_factory_get_proxies(pf, buf); - if (proxies[0]) - { - msg_Dbg(p_access, "libproxy suggest to use '%s'", proxies[0]); - if(strcmp(proxies[0],"direct://") != 0) - { - p_sys->b_proxy = true; - vlc_UrlParse( &p_sys->proxy, proxies[0], 0); - } - } - for(i=0;proxies[i];i++) free(proxies[i]); - free(proxies); - free(buf); + if( c < 32 || strchr( ")<>@,;:\\\"[]?={}", c ) ) + *p = '_'; /* remove potentially harmful characters */ + } + else + { + if (c == ')') + comment_level--; + else if( c < 32 && strchr( "\t\r\n", c ) == NULL) + *p = '_'; /* remove potentially harmful characters */ + } + if (c == '(') + { + if (comment_level == UINT_MAX) + break; + comment_level++; } - px_proxy_factory_free(pf); } - else + /* truncate evil unclosed comments */ + if (comment_level > 0) { - msg_Err(p_access, "Allocating memory for libproxy failed"); + char *p = strchr(p_sys->psz_user_agent, '('); + *p = '\0'; } } -#elif HAVE_GETENV - else + + /* HTTP referrer */ + p_sys->psz_referrer = var_InheritString( p_access, "http-referrer" ); + + /* Check proxy */ + psz = var_InheritString( p_access, "http-proxy" ); + if( psz == NULL ) { - psz = getenv( "http_proxy" ); - if( psz ) + char *url; + + if (likely(asprintf(&url, "%s://%s", psz_access, + p_access->psz_location) != -1)) { - p_sys->b_proxy = true; - vlc_UrlParse( &p_sys->proxy, psz, 0 ); + msg_Dbg(p_access, "querying proxy for %s", url); + psz = vlc_getProxyUrl(url); + free(url); } + + if (psz != NULL) + msg_Dbg(p_access, "proxy: %s", psz); + else + msg_Dbg(p_access, "no proxy"); } -#endif - if( psz ) /* No, this is NOT a use-after-free error */ + if( psz != NULL ) { - psz = var_CreateGetNonEmptyString( p_access, "http-proxy-pwd" ); + p_sys->b_proxy = true; + vlc_UrlParse( &p_sys->proxy, psz, 0 ); + free( psz ); + + psz = var_InheritString( p_access, "http-proxy-pwd" ); if( psz ) p_sys->proxy.psz_password = p_sys->psz_proxy_passbuf = psz; - } - if( p_sys->b_proxy ) - { if( p_sys->proxy.psz_host == NULL || *p_sys->proxy.psz_host == '\0' ) { msg_Warn( p_access, "invalid proxy host" ); @@ -393,8 +397,9 @@ static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies ) } } - msg_Dbg( p_access, "http: server='%s' port=%d file='%s", - p_sys->url.psz_host, p_sys->url.i_port, p_sys->url.psz_path ); + msg_Dbg( p_access, "http: server='%s' port=%d file='%s'", + p_sys->url.psz_host, p_sys->url.i_port, + p_sys->url.psz_path != NULL ? p_sys->url.psz_path : "" ); if( p_sys->b_proxy ) { msg_Dbg( p_access, " proxy %s:%d", p_sys->proxy.psz_host, @@ -405,8 +410,8 @@ static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies ) msg_Dbg( p_access, " user='%s'", p_sys->url.psz_username ); } - p_sys->b_reconnect = var_CreateGetBool( p_access, "http-reconnect" ); - p_sys->b_continuous = var_CreateGetBool( p_access, "http-continuous" ); + p_sys->b_reconnect = var_InheritBool( p_access, "http-reconnect" ); + p_sys->b_continuous = var_InheritBool( p_access, "http-continuous" ); connect: /* Connect */ @@ -424,18 +429,20 @@ connect: if( !vlc_object_alive (p_access) || Connect( p_access, 0 ) ) goto error; -#ifndef NDEBUG case 0: break; default: - msg_Err( p_access, "You should not be here" ); - abort(); -#endif + assert(0); } if( p_sys->i_code == 401 ) { + if( p_sys->auth.psz_realm == NULL ) + { + msg_Err( p_access, "authentication failed without realm" ); + goto error; + } char *psz_login, *psz_password; /* FIXME ? */ if( p_sys->url.psz_username && p_sys->url.psz_password && @@ -452,14 +459,7 @@ connect: p_sys->auth.psz_realm ); if( psz_login != NULL && psz_password != NULL ) { - msg_Dbg( p_access, "retrying with user=%s, pwd=%s", - psz_login, -#if 1 - "yeah right, like we're going to print a password." -#else - psz_password -#endif - ); + msg_Dbg( p_access, "retrying with user=%s", psz_login ); p_sys->url.psz_username = psz_login; p_sys->url.psz_password = psz_password; Disconnect( p_access ); @@ -479,33 +479,50 @@ connect: { msg_Dbg( p_access, "redirection to %s", p_sys->psz_location ); - /* Do not accept redirection outside of HTTP works */ - if( strncmp( p_sys->psz_location, "http", 4 ) - || ( ( p_sys->psz_location[4] != ':' ) /* HTTP */ - && strncmp( p_sys->psz_location + 4, "s:", 2 ) /* HTTP/SSL */ ) ) + /* Check the number of redirection already done */ + if( i_redirect == 0 ) { - msg_Err( p_access, "insecure redirection ignored" ); + msg_Err( p_access, "Too many redirection: break potential infinite" + "loop" ); goto error; } - free( p_access->psz_path ); - p_access->psz_path = strdup( p_sys->psz_location ); + + const char *psz_protocol; + if( !strncmp( p_sys->psz_location, "http://", 7 ) ) + psz_protocol = "http"; + else if( !strncmp( p_sys->psz_location, "https://", 8 ) ) + psz_protocol = "https"; + else + { /* Do not accept redirection outside of HTTP */ + msg_Err( p_access, "unsupported redirection ignored" ); + goto error; + } + free( p_access->psz_location ); + p_access->psz_location = strdup( p_sys->psz_location + + strlen( psz_protocol ) + 3 ); /* Clean up current Open() run */ vlc_UrlClean( &p_sys->url ); - AuthReset( &p_sys->auth ); + http_auth_Reset( &p_sys->auth ); vlc_UrlClean( &p_sys->proxy ); free( p_sys->psz_proxy_passbuf ); - AuthReset( &p_sys->proxy_auth ); + http_auth_Reset( &p_sys->proxy_auth ); free( p_sys->psz_mime ); free( p_sys->psz_pragma ); free( p_sys->psz_location ); free( p_sys->psz_user_agent ); + free( p_sys->psz_referrer ); Disconnect( p_access ); + vlc_tls_Delete( p_sys->p_creds ); cookies = p_sys->cookies; +#ifdef HAVE_ZLIB_H + inflateEnd( &p_sys->inflate.stream ); +#endif free( p_sys ); /* Do new Open() run with new data */ - return OpenWithCookies( p_this, cookies ); + return OpenWithCookies( p_this, psz_protocol, i_redirect - 1, + cookies ); } if( p_sys->b_mms ) @@ -553,7 +570,7 @@ connect: } /* else probably Ogg Vorbis */ } - else if( !strcasecmp( p_access->psz_access, "unsv" ) && + else if( !strcasecmp( psz_access, "unsv" ) && p_sys->psz_mime && !strcasecmp( p_sys->psz_mime, "misc/ultravox" ) ) { @@ -561,7 +578,7 @@ connect: /* Grrrr! detect ultravox server and force NSV demuxer */ p_access->psz_demux = strdup( "nsv" ); } - else if( !strcmp( p_access->psz_access, "itpc" ) ) + else if( !strcmp( psz_access, "itpc" ) ) { free( p_access->psz_demux ); p_access->psz_demux = strdup( "podcast" ); @@ -576,9 +593,6 @@ connect: if( p_sys->b_reconnect ) msg_Dbg( p_access, "auto re-connect enabled" ); - /* PTS delay */ - var_Create( p_access, "http-caching", VLC_VAR_INTEGER |VLC_VAR_DOINHERIT ); - return VLC_SUCCESS; error: @@ -589,8 +603,10 @@ error: free( p_sys->psz_pragma ); free( p_sys->psz_location ); free( p_sys->psz_user_agent ); + free( p_sys->psz_referrer ); Disconnect( p_access ); + vlc_tls_Delete( p_sys->p_creds ); if( p_sys->cookies ) { @@ -616,9 +632,9 @@ static void Close( vlc_object_t *p_this ) access_sys_t *p_sys = p_access->p_sys; vlc_UrlClean( &p_sys->url ); - AuthReset( &p_sys->auth ); + http_auth_Reset( &p_sys->auth ); vlc_UrlClean( &p_sys->proxy ); - AuthReset( &p_sys->proxy_auth ); + http_auth_Reset( &p_sys->proxy_auth ); free( p_sys->psz_mime ); free( p_sys->psz_pragma ); @@ -629,8 +645,10 @@ static void Close( vlc_object_t *p_this ) free( p_sys->psz_icy_title ); free( p_sys->psz_user_agent ); + free( p_sys->psz_referrer ); Disconnect( p_access ); + vlc_tls_Delete( p_sys->p_creds ); if( p_sys->cookies ) { @@ -648,49 +666,25 @@ static void Close( vlc_object_t *p_this ) free( p_sys ); } -/***************************************************************************** - * Read: Read up to i_len bytes from the http connection and place in - * p_buffer. Return the actual number of bytes read - *****************************************************************************/ -static int ReadICYMeta( access_t *p_access ); -static ssize_t Read( access_t *p_access, uint8_t *p_buffer, size_t i_len ) +/* Read data from the socket taking care of chunked transfer if needed */ +static int ReadData( access_t *p_access, int *pi_read, + uint8_t *p_buffer, size_t i_len ) { access_sys_t *p_sys = p_access->p_sys; - int i_read; - - if( p_sys->fd == -1 ) - { - p_access->info.b_eof = true; - return 0; - } - - if( p_access->info.i_size >= 0 && - i_len + p_access->info.i_pos > p_access->info.i_size ) - { - if( ( i_len = p_access->info.i_size - p_access->info.i_pos ) == 0 ) - { - p_access->info.b_eof = true; - return 0; - } - } - if( p_sys->b_chunked ) { if( p_sys->i_chunk < 0 ) - { - p_access->info.b_eof = true; - return 0; - } + return VLC_EGENERIC; if( p_sys->i_chunk <= 0 ) { - char *psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, p_sys->p_vs ); + char *psz = net_Gets( p_access, p_sys->fd, p_sys->p_vs ); /* read the chunk header */ if( psz == NULL ) { /* fatal error - end of file */ msg_Dbg( p_access, "failed reading chunk-header line" ); - return 0; + return VLC_EGENERIC; } p_sys->i_chunk = strtoll( psz, NULL, 16 ); free( psz ); @@ -698,27 +692,58 @@ static ssize_t Read( access_t *p_access, uint8_t *p_buffer, size_t i_len ) if( p_sys->i_chunk <= 0 ) /* eof */ { p_sys->i_chunk = -1; - p_access->info.b_eof = true; - return 0; + return VLC_EGENERIC; } } if( i_len > p_sys->i_chunk ) - { i_len = p_sys->i_chunk; - } } - else if( p_access->info.i_size != -1 && (int64_t)i_len > p_sys->i_remaining) { - /* Only ask for the remaining length */ - i_len = (size_t)p_sys->i_remaining; - if(i_len == 0) { - p_access->info.b_eof = true; - return 0; + *pi_read = net_Read( p_access, p_sys->fd, p_sys->p_vs, p_buffer, i_len, false ); + if( *pi_read <= 0 ) + return VLC_SUCCESS; + + if( p_sys->b_chunked ) + { + p_sys->i_chunk -= *pi_read; + if( p_sys->i_chunk <= 0 ) + { + /* read the empty line */ + char *psz = net_Gets( p_access, p_sys->fd, p_sys->p_vs ); + free( psz ); } } + return VLC_SUCCESS; +} +/***************************************************************************** + * Read: Read up to i_len bytes from the http connection and place in + * p_buffer. Return the actual number of bytes read + *****************************************************************************/ +static int ReadICYMeta( access_t *p_access ); +static ssize_t Read( access_t *p_access, uint8_t *p_buffer, size_t i_len ) +{ + access_sys_t *p_sys = p_access->p_sys; + int i_read; - if( p_sys->i_icy_meta > 0 && p_access->info.i_pos-p_sys->i_icy_offset > 0 ) + if( p_sys->fd == -1 ) + goto fatal; + + if( p_sys->b_has_size ) + { + /* Remaining bytes in the file */ + uint64_t remainder = p_access->info.i_size - p_access->info.i_pos; + if( remainder < i_len ) + i_len = remainder; + + /* Remaining bytes in the response */ + if( p_sys->i_remaining < i_len ) + i_len = p_sys->i_remaining; + } + if( i_len == 0 ) + goto fatal; + + if( p_sys->i_icy_meta > 0 && p_access->info.i_pos - p_sys->i_icy_offset > 0 ) { int64_t i_next = p_sys->i_icy_meta - (p_access->info.i_pos - p_sys->i_icy_offset ) % p_sys->i_icy_meta; @@ -726,33 +751,16 @@ static ssize_t Read( access_t *p_access, uint8_t *p_buffer, size_t i_len ) if( i_next == p_sys->i_icy_meta ) { if( ReadICYMeta( p_access ) ) - { - p_access->info.b_eof = true; - return -1; - } + goto fatal; } if( i_len > i_next ) i_len = i_next; } - i_read = net_Read( p_access, p_sys->fd, p_sys->p_vs, p_buffer, i_len, false ); - - if( i_read > 0 ) - { - p_access->info.i_pos += i_read; + if( ReadData( p_access, &i_read, p_buffer, i_len ) ) + goto fatal; - if( p_sys->b_chunked ) - { - p_sys->i_chunk -= i_read; - if( p_sys->i_chunk <= 0 ) - { - /* read the empty line */ - char *psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, p_sys->p_vs ); - free( psz ); - } - } - } - else if( i_read <= 0 ) + if( i_read <= 0 ) { /* * I very much doubt that this will work. @@ -768,7 +776,7 @@ static ssize_t Read( access_t *p_access, uint8_t *p_buffer, size_t i_len ) p_sys->b_continuous = true; } Disconnect( p_access ); - if( p_sys->b_reconnect ) + if( p_sys->b_reconnect && vlc_object_alive( p_access ) ) { msg_Dbg( p_access, "got disconnected, trying to reconnect" ); if( Connect( p_access, p_access->info.i_pos ) ) @@ -780,21 +788,33 @@ static ssize_t Read( access_t *p_access, uint8_t *p_buffer, size_t i_len ) p_sys->b_reconnect = false; i_read = Read( p_access, p_buffer, i_len ); p_sys->b_reconnect = true; + + return i_read; } } - if( i_read == 0 ) - p_access->info.b_eof = true; - else if( i_read < 0 ) - p_access->b_error = true; + if( i_read <= 0 ) + { + if( i_read < 0 ) + p_sys->b_error = true; + goto fatal; + } } - if( p_access->info.i_size != -1 ) + assert( i_read >= 0 ); + p_access->info.i_pos += i_read; + if( p_sys->b_has_size ) { + assert( p_access->info.i_pos <= p_access->info.i_size ); + assert( (unsigned)i_read <= p_sys->i_remaining ); p_sys->i_remaining -= i_read; } return i_read; + +fatal: + p_access->info.b_eof = true; + return 0; } static int ReadICYMeta( access_t *p_access ) @@ -806,21 +826,24 @@ static int ReadICYMeta( access_t *p_access ) int i_read; /* Read meta data length */ - i_read = net_Read( p_access, p_sys->fd, p_sys->p_vs, &buffer, 1, - true ); - if( i_read <= 0 ) + if( ReadData( p_access, &i_read, &buffer, 1 ) ) return VLC_EGENERIC; - if( buffer == 0 ) - return VLC_SUCCESS; - - i_read = buffer << 4; - /* msg_Dbg( p_access, "ICY meta size=%u", i_read); */ - - psz_meta = malloc( i_read + 1 ); - if( net_Read( p_access, p_sys->fd, p_sys->p_vs, - (uint8_t *)psz_meta, i_read, true ) != i_read ) + if( i_read != 1 ) return VLC_EGENERIC; + const int i_size = buffer << 4; + /* msg_Dbg( p_access, "ICY meta size=%u", i_size); */ + psz_meta = malloc( i_size + 1 ); + for( i_read = 0; i_read < i_size; ) + { + int i_tmp; + if( ReadData( p_access, &i_tmp, (uint8_t *)&psz_meta[i_read], i_size - i_read ) || i_tmp <= 0 ) + { + free( psz_meta ); + return VLC_EGENERIC; + } + i_read += i_tmp; + } psz_meta[i_read] = '\0'; /* Just in case */ /* msg_Dbg( p_access, "icy-meta=%s", psz_meta ); */ @@ -850,7 +873,10 @@ static int ReadICYMeta( access_t *p_access ) strcmp( p_sys->psz_icy_title, &p[1] ) ) { free( p_sys->psz_icy_title ); - p_sys->psz_icy_title = EnsureUTF8( strdup( &p[1] )); + char *psz_tmp = strdup( &p[1] ); + p_sys->psz_icy_title = EnsureUTF8( psz_tmp ); + if( !p_sys->psz_icy_title ) + free( psz_tmp ); p_access->info.i_update |= INPUT_UPDATE_META; msg_Dbg( p_access, "New Title=%s", p_sys->psz_icy_title ); @@ -876,7 +902,7 @@ static ssize_t ReadCompressed( access_t *p_access, uint8_t *p_buffer, if( p_sys->inflate.stream.avail_in == 0 ) { - ssize_t i_read = Read( p_access, p_sys->inflate.p_buffer + p_sys->inflate.stream.avail_in, 256 * 1024 ); + ssize_t i_read = Read( p_access, p_sys->inflate.p_buffer, 256 * 1024 ); if( i_read <= 0 ) return i_read; p_sys->inflate.stream.next_in = p_sys->inflate.p_buffer; p_sys->inflate.stream.avail_in = i_read; @@ -886,7 +912,8 @@ static ssize_t ReadCompressed( access_t *p_access, uint8_t *p_buffer, p_sys->inflate.stream.next_out = p_buffer; i_ret = inflate( &p_sys->inflate.stream, Z_SYNC_FLUSH ); - msg_Warn( p_access, "inflate return value: %d, %s", i_ret, p_sys->inflate.stream.msg ); + if ( i_ret != Z_OK && i_ret != Z_STREAM_END ) + msg_Warn( p_access, "inflate return value: %d, %s", i_ret, p_sys->inflate.stream.msg ); return i_len - p_sys->inflate.stream.avail_out; } @@ -900,14 +927,14 @@ static ssize_t ReadCompressed( access_t *p_access, uint8_t *p_buffer, /***************************************************************************** * Seek: close and re-open a connection at the right place *****************************************************************************/ -static int Seek( access_t *p_access, int64_t i_pos ) +static int Seek( access_t *p_access, uint64_t i_pos ) { msg_Dbg( p_access, "trying to seek to %"PRId64, i_pos ); Disconnect( p_access ); if( p_access->info.i_size - && (uint64_t)i_pos >= (uint64_t)p_access->info.i_size ) { + && i_pos >= p_access->info.i_size ) { msg_Err( p_access, "seek to far" ); int retval = Seek( p_access, p_access->info.i_size - 1 ); if( retval == VLC_SUCCESS ) { @@ -961,7 +988,8 @@ static int Control( access_t *p_access, int i_query, va_list args ) /* */ case ACCESS_GET_PTS_DELAY: pi_64 = (int64_t*)va_arg( args, int64_t * ); - *pi_64 = (int64_t)var_GetInteger( p_access, "http-caching" ) * 1000; + *pi_64 = INT64_C(1000) + * var_InheritInteger( p_access, "network-caching" ); break; /* */ @@ -1001,7 +1029,7 @@ static int Control( access_t *p_access, int i_query, va_list args ) /***************************************************************************** * Connect: *****************************************************************************/ -static int Connect( access_t *p_access, int64_t i_tell ) +static int Connect( access_t *p_access, uint64_t i_tell ) { access_sys_t *p_sys = p_access->p_sys; vlc_url_t srv = p_sys->b_proxy ? p_sys->proxy : p_sys->url; @@ -1029,8 +1057,8 @@ static int Connect( access_t *p_access, int64_t i_tell ) p_sys->psz_icy_title = NULL; p_sys->i_remaining = 0; p_sys->b_persist = false; - - p_access->info.i_size = -1; + p_sys->b_has_size = false; + p_access->info.i_size = 0; p_access->info.i_pos = i_tell; p_access->info.b_eof = false; @@ -1045,7 +1073,7 @@ static int Connect( access_t *p_access, int64_t i_tell ) setsockopt (p_sys->fd, SOL_SOCKET, SO_KEEPALIVE, &(int){ 1 }, sizeof (int)); /* Initialize TLS/SSL session */ - if( p_sys->b_ssl == true ) + if( p_sys->p_creds != NULL ) { /* CONNECT to establish TLS tunnel through HTTP proxy */ if( p_sys->b_proxy ) @@ -1060,13 +1088,13 @@ static int Connect( access_t *p_access, int64_t i_tell ) return -1; } - net_Printf( VLC_OBJECT(p_access), p_sys->fd, NULL, + net_Printf( p_access, p_sys->fd, NULL, "CONNECT %s:%d HTTP/1.%d\r\nHost: %s:%d\r\n\r\n", p_sys->url.psz_host, p_sys->url.i_port, p_sys->i_version, p_sys->url.psz_host, p_sys->url.i_port); - psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, NULL ); + psz = net_Gets( p_access, p_sys->fd, NULL ); if( psz == NULL ) { msg_Err( p_access, "cannot establish HTTP/TLS tunnel" ); @@ -1086,7 +1114,7 @@ static int Connect( access_t *p_access, int64_t i_tell ) do { - psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, NULL ); + psz = net_Gets( p_access, p_sys->fd, NULL ); if( psz == NULL ) { msg_Err( p_access, "HTTP proxy connection failed" ); @@ -1099,7 +1127,7 @@ static int Connect( access_t *p_access, int64_t i_tell ) free( psz ); - if( !vlc_object_alive (p_access) || p_access->b_error ) + if( !vlc_object_alive (p_access) || p_sys->b_error ) { Disconnect( p_access ); return -1; @@ -1109,8 +1137,8 @@ static int Connect( access_t *p_access, int64_t i_tell ) } /* TLS/SSL handshake */ - p_sys->p_tls = tls_ClientCreate( VLC_OBJECT(p_access), p_sys->fd, - srv.psz_host ); + p_sys->p_tls = vlc_tls_ClientSessionCreate( p_sys->p_creds, p_sys->fd, + p_sys->url.psz_host, "https" ); if( p_sys->p_tls == NULL ) { msg_Err( p_access, "cannot establish HTTP/TLS session" ); @@ -1124,7 +1152,7 @@ static int Connect( access_t *p_access, int64_t i_tell ) } -static int Request( access_t *p_access, int64_t i_tell ) +static int Request( access_t *p_access, uint64_t i_tell ) { access_sys_t *p_sys = p_access->p_sys; char *psz ; @@ -1132,53 +1160,40 @@ static int Request( access_t *p_access, int64_t i_tell ) p_sys->b_persist = false; p_sys->i_remaining = 0; - if( p_sys->b_proxy ) - { - if( p_sys->url.psz_path ) - { - net_Printf( VLC_OBJECT(p_access), p_sys->fd, NULL, - "GET http://%s:%d%s HTTP/1.%d\r\n", - p_sys->url.psz_host, p_sys->url.i_port, - p_sys->url.psz_path, p_sys->i_version ); - } - else - { - net_Printf( VLC_OBJECT(p_access), p_sys->fd, NULL, - "GET http://%s:%d/ HTTP/1.%d\r\n", - p_sys->url.psz_host, p_sys->url.i_port, - p_sys->i_version ); - } - } + + const char *psz_path = p_sys->url.psz_path; + if( !psz_path || !*psz_path ) + psz_path = "/"; + if( p_sys->b_proxy && pvs == NULL ) + net_Printf( p_access, p_sys->fd, NULL, + "GET http://%s:%d%s HTTP/1.%d\r\n", + p_sys->url.psz_host, p_sys->url.i_port, + psz_path, p_sys->i_version ); else - { - const char *psz_path = p_sys->url.psz_path; - if( !psz_path || !*psz_path ) - { - psz_path = "/"; - } - if( p_sys->url.i_port != (pvs ? 443 : 80) ) - { - net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, - "GET %s HTTP/1.%d\r\nHost: %s:%d\r\n", - psz_path, p_sys->i_version, p_sys->url.psz_host, - p_sys->url.i_port ); - } - else - { - net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, - "GET %s HTTP/1.%d\r\nHost: %s\r\n", - psz_path, p_sys->i_version, p_sys->url.psz_host ); - } - } + net_Printf( p_access, p_sys->fd, pvs, "GET %s HTTP/1.%d\r\n", + psz_path, p_sys->i_version ); + if( p_sys->url.i_port != (pvs ? 443 : 80) ) + net_Printf( p_access, p_sys->fd, pvs, "Host: %s:%d\r\n", + p_sys->url.psz_host, p_sys->url.i_port ); + else + net_Printf( p_access, p_sys->fd, pvs, "Host: %s\r\n", + p_sys->url.psz_host ); /* User Agent */ - net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, "User-Agent: %s\r\n", + net_Printf( p_access, p_sys->fd, pvs, "User-Agent: %s\r\n", p_sys->psz_user_agent ); + /* Referrer */ + if (p_sys->psz_referrer) + { + net_Printf( p_access, p_sys->fd, pvs, "Referer: %s\r\n", + p_sys->psz_referrer); + } /* Offset */ if( p_sys->i_version == 1 && ! p_sys->b_continuous ) { p_sys->b_persist = true; - net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, + net_Printf( p_access, p_sys->fd, pvs, "Range: bytes=%"PRIu64"-\r\n", i_tell ); + net_Printf( p_access, p_sys->fd, pvs, "Connection: close\r\n" ); } /* Cookies */ @@ -1199,7 +1214,7 @@ static int Request( access_t *p_access, int64_t i_tell ) if( is_in_right_domain ) { msg_Dbg( p_access, "Sending Cookie %s", psz_cookie_content ); - if( net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, "Cookie: %s\r\n", psz_cookie_content ) < 0 ) + if( net_Printf( p_access, p_sys->fd, pvs, "Cookie: %s\r\n", psz_cookie_content ) < 0 ) msg_Err( p_access, "failed to send Cookie" ); } free( psz_cookie_content ); @@ -1216,10 +1231,10 @@ static int Request( access_t *p_access, int64_t i_tell ) AuthReply( p_access, "Proxy-", &p_sys->proxy, &p_sys->proxy_auth ); /* ICY meta data request */ - net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, "Icy-MetaData: 1\r\n" ); + net_Printf( p_access, p_sys->fd, pvs, "Icy-MetaData: 1\r\n" ); - if( net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, "\r\n" ) < 0 ) + if( net_Printf( p_access, p_sys->fd, pvs, "\r\n" ) < 0 ) { msg_Err( p_access, "failed to send request" ); Disconnect( p_access ); @@ -1227,7 +1242,7 @@ static int Request( access_t *p_access, int64_t i_tell ) } /* Read Answer */ - if( ( psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, pvs ) ) == NULL ) + if( ( psz = net_Gets( p_access, p_sys->fd, pvs ) ) == NULL ) { msg_Err( p_access, "failed to read answer" ); goto error; @@ -1275,8 +1290,9 @@ static int Request( access_t *p_access, int64_t i_tell ) for( ;; ) { - char *psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, pvs ); + char *psz = net_Gets( p_access, p_sys->fd, pvs ); char *p; + char *p_trailing; if( psz == NULL ) { @@ -1284,7 +1300,7 @@ static int Request( access_t *p_access, int64_t i_tell ) goto error; } - if( !vlc_object_alive (p_access) || p_access->b_error ) + if( !vlc_object_alive (p_access) || p_sys->b_error ) { free( psz ); goto error; @@ -1304,29 +1320,45 @@ static int Request( access_t *p_access, int64_t i_tell ) goto error; } *p++ = '\0'; - while( *p == ' ' ) p++; + p += strspn( p, " \t" ); + + /* trim trailing white space */ + p_trailing = p + strlen( p ); + if( p_trailing > p ) + { + p_trailing--; + while( ( *p_trailing == ' ' || *p_trailing == '\t' ) && p_trailing > p ) + { + *p_trailing = '\0'; + p_trailing--; + } + } if( !strcasecmp( psz, "Content-Length" ) ) { - int64_t i_size = i_tell + (p_sys->i_remaining = atoll( p )); + uint64_t i_size = i_tell + (p_sys->i_remaining = (uint64_t)atoll( p )); if(i_size > p_access->info.i_size) { + p_sys->b_has_size = true; p_access->info.i_size = i_size; } - msg_Dbg( p_access, "this frame size=%"PRId64, p_sys->i_remaining ); + msg_Dbg( p_access, "this frame size=%"PRIu64, p_sys->i_remaining ); } else if( !strcasecmp( psz, "Content-Range" ) ) { - int64_t i_ntell = i_tell; - int64_t i_nend = (p_access->info.i_size > 0)?(p_access->info.i_size - 1):i_tell; - int64_t i_nsize = p_access->info.i_size; - sscanf(p,"bytes %"PRId64"-%"PRId64"/%"PRId64,&i_ntell,&i_nend,&i_nsize); + uint64_t i_ntell = i_tell; + uint64_t i_nend = (p_access->info.i_size > 0)?(p_access->info.i_size - 1):i_tell; + uint64_t i_nsize = p_access->info.i_size; + sscanf(p,"bytes %"SCNu64"-%"SCNu64"/%"SCNu64,&i_ntell,&i_nend,&i_nsize); if(i_nend > i_ntell ) { p_access->info.i_pos = i_ntell; + p_sys->i_icy_offset = i_ntell; p_sys->i_remaining = i_nend+1-i_ntell; - int64_t i_size = (i_nsize > i_nend) ? i_nsize : (i_nend + 1); + uint64_t i_size = (i_nsize > i_nend) ? i_nsize : (i_nend + 1); if(i_size > p_access->info.i_size) { + p_sys->b_has_size = true; p_access->info.i_size = i_size; } - msg_Dbg( p_access, "stream size=%"PRId64",pos=%"PRId64",remaining=%"PRId64,i_nsize,i_ntell,p_sys->i_remaining); + msg_Dbg( p_access, "stream size=%"PRIu64",pos=%"PRIu64",remaining=%"PRIu64, + i_nsize, i_ntell, p_sys->i_remaining); } } else if( !strcasecmp( psz, "Connection" ) ) { @@ -1345,9 +1377,9 @@ static int Request( access_t *p_access, int64_t i_tell ) * handle it as everyone does. */ if( p[0] == '/' ) { - const char *psz_http_ext = p_sys->b_ssl ? "s" : "" ; + const char *psz_http_ext = p_sys->p_tls ? "s" : "" ; - if( p_sys->url.i_port == ( p_sys->b_ssl ? 443 : 80 ) ) + if( p_sys->url.i_port == ( p_sys->p_tls ? 443 : 80 ) ) { if( asprintf(&psz_new_loc, "http%s://%s%s", psz_http_ext, p_sys->url.psz_host, p) < 0 ) @@ -1377,12 +1409,14 @@ static int Request( access_t *p_access, int64_t i_tell ) else if( !strcasecmp( psz, "Content-Encoding" ) ) { msg_Dbg( p_access, "Content-Encoding: %s", p ); - if( strcasecmp( p, "identity" ) ) + if( !strcasecmp( p, "identity" ) ) + ; #ifdef HAVE_ZLIB_H + else if( !strcasecmp( p, "gzip" ) || !strcasecmp( p, "deflate" ) ) p_sys->b_compressed = true; -#else - msg_Warn( p_access, "Compressed content not supported. Rebuild with zlib support." ); #endif + else + msg_Warn( p_access, "Unknown content coding: %s", p ); } else if( !strcasecmp( psz, "Pragma" ) ) { @@ -1432,7 +1466,10 @@ static int Request( access_t *p_access, int64_t i_tell ) else if( !strcasecmp( psz, "Icy-Name" ) ) { free( p_sys->psz_icy_name ); - p_sys->psz_icy_name = EnsureUTF8( strdup( p )); + char *psz_tmp = strdup( p ); + p_sys->psz_icy_name = EnsureUTF8( psz_tmp ); + if( !p_sys->psz_icy_name ) + free( psz_tmp ); msg_Dbg( p_access, "Icy-Name: %s", p_sys->psz_icy_name ); p_sys->b_icecast = true; /* be on the safeside. set it here as well. */ @@ -1442,7 +1479,10 @@ static int Request( access_t *p_access, int64_t i_tell ) else if( !strcasecmp( psz, "Icy-Genre" ) ) { free( p_sys->psz_icy_genre ); - p_sys->psz_icy_genre = EnsureUTF8( strdup( p )); + char *psz_tmp = strdup( p ); + p_sys->psz_icy_genre = EnsureUTF8( psz_tmp ); + if( !p_sys->psz_icy_genre ) + free( psz_tmp ); msg_Dbg( p_access, "Icy-Genre: %s", p_sys->psz_icy_genre ); } else if( !strncasecmp( psz, "Icy-Notice", 10 ) ) @@ -1468,12 +1508,14 @@ static int Request( access_t *p_access, int64_t i_tell ) else if( !strcasecmp( psz, "www-authenticate" ) ) { msg_Dbg( p_access, "Authentication header: %s", p ); - AuthParseHeader( p_access, p, &p_sys->auth ); + http_auth_ParseWwwAuthenticateHeader( VLC_OBJECT(p_access), + &p_sys->auth, p ); } else if( !strcasecmp( psz, "proxy-authenticate" ) ) { msg_Dbg( p_access, "Proxy authentication header: %s", p ); - AuthParseHeader( p_access, p, &p_sys->proxy_auth ); + http_auth_ParseWwwAuthenticateHeader( VLC_OBJECT(p_access), + &p_sys->proxy_auth, p ); } else if( !strcasecmp( psz, "authentication-info" ) ) { @@ -1487,13 +1529,18 @@ static int Request( access_t *p_access, int64_t i_tell ) if( AuthCheckReply( p_access, p, &p_sys->proxy, &p_sys->proxy_auth ) ) goto error; } + else if( !strcasecmp( psz, "Accept-Ranges" ) ) + { + if( !strcasecmp( p, "bytes" ) ) + p_sys->b_seekable = true; + } free( psz ); } /* We close the stream for zero length data, unless of course the * server has already promised to do this for us. */ - if( p_access->info.i_size != -1 && p_sys->i_remaining == 0 && p_sys->b_persist ) { + if( p_sys->b_has_size && p_sys->i_remaining == 0 && p_sys->b_persist ) { Disconnect( p_access ); } return VLC_SUCCESS; @@ -1512,7 +1559,7 @@ static void Disconnect( access_t *p_access ) if( p_sys->p_tls != NULL) { - tls_ClientDelete( p_sys->p_tls ); + vlc_tls_SessionDelete( p_sys->p_tls ); p_sys->p_tls = NULL; p_sys->p_vs = NULL; } @@ -1606,8 +1653,10 @@ static void cookie_append( vlc_array_t * cookies, char * cookie ) assert( current_cookie_name ); - bool is_domain_matching = ( cookie_domain && current_cookie_domain && - !strcmp( cookie_domain, current_cookie_domain ) ); + bool is_domain_matching = ( + ( !cookie_domain && !current_cookie_domain ) || + ( cookie_domain && current_cookie_domain && + !strcmp( cookie_domain, current_cookie_domain ) ) ); if( is_domain_matching && !strcmp( cookie_name, current_cookie_name ) ) { @@ -1628,384 +1677,37 @@ static void cookie_append( vlc_array_t * cookies, char * cookie ) vlc_array_append( cookies, cookie ); } + /***************************************************************************** - * "RFC 2617: Basic and Digest Access Authentication" header parsing + * HTTP authentication *****************************************************************************/ -static char *AuthGetParam( const char *psz_header, const char *psz_param ) -{ - char psz_what[strlen(psz_param)+3]; - sprintf( psz_what, "%s=\"", psz_param ); - psz_header = strstr( psz_header, psz_what ); - if( psz_header ) - { - const char *psz_end; - psz_header += strlen( psz_what ); - psz_end = strchr( psz_header, '"' ); - if( !psz_end ) /* Invalid since we should have a closing quote */ - return strdup( psz_header ); - return strndup( psz_header, psz_end - psz_header ); - } - else - { - return NULL; - } -} - -static char *AuthGetParamNoQuotes( const char *psz_header, const char *psz_param ) -{ - char psz_what[strlen(psz_param)+2]; - sprintf( psz_what, "%s=", psz_param ); - psz_header = strstr( psz_header, psz_what ); - if( psz_header ) - { - const char *psz_end; - psz_header += strlen( psz_what ); - psz_end = strchr( psz_header, ',' ); - /* XXX: Do we need to filter out trailing space between the value and - * the comma/end of line? */ - if( !psz_end ) /* Can be valid if this is the last parameter */ - return strdup( psz_header ); - return strndup( psz_header, psz_end - psz_header ); - } - else - { - return NULL; - } -} - -static void AuthParseHeader( access_t *p_access, const char *psz_header, - http_auth_t *p_auth ) -{ - /* FIXME: multiple auth methods can be listed (comma seperated) */ - - /* 2 Basic Authentication Scheme */ - if( !strncasecmp( psz_header, "Basic ", strlen( "Basic " ) ) ) - { - msg_Dbg( p_access, "Using Basic Authentication" ); - psz_header += strlen( "Basic " ); - p_auth->psz_realm = AuthGetParam( psz_header, "realm" ); - if( !p_auth->psz_realm ) - msg_Warn( p_access, "Basic Authentication: " - "Mandatory 'realm' parameter is missing" ); - } - /* 3 Digest Access Authentication Scheme */ - else if( !strncasecmp( psz_header, "Digest ", strlen( "Digest " ) ) ) - { - msg_Dbg( p_access, "Using Digest Access Authentication" ); - if( p_auth->psz_nonce ) return; /* FIXME */ - psz_header += strlen( "Digest " ); - p_auth->psz_realm = AuthGetParam( psz_header, "realm" ); - p_auth->psz_domain = AuthGetParam( psz_header, "domain" ); - p_auth->psz_nonce = AuthGetParam( psz_header, "nonce" ); - p_auth->psz_opaque = AuthGetParam( psz_header, "opaque" ); - p_auth->psz_stale = AuthGetParamNoQuotes( psz_header, "stale" ); - p_auth->psz_algorithm = AuthGetParamNoQuotes( psz_header, "algorithm" ); - p_auth->psz_qop = AuthGetParam( psz_header, "qop" ); - p_auth->i_nonce = 0; - /* printf("realm: |%s|\ndomain: |%s|\nnonce: |%s|\nopaque: |%s|\n" - "stale: |%s|\nalgorithm: |%s|\nqop: |%s|\n", - p_auth->psz_realm,p_auth->psz_domain,p_auth->psz_nonce, - p_auth->psz_opaque,p_auth->psz_stale,p_auth->psz_algorithm, - p_auth->psz_qop); */ - if( !p_auth->psz_realm ) - msg_Warn( p_access, "Digest Access Authentication: " - "Mandatory 'realm' parameter is missing" ); - if( !p_auth->psz_nonce ) - msg_Warn( p_access, "Digest Access Authentication: " - "Mandatory 'nonce' parameter is missing" ); - if( p_auth->psz_qop ) /* FIXME: parse the qop list */ - { - char *psz_tmp = strchr( p_auth->psz_qop, ',' ); - if( psz_tmp ) *psz_tmp = '\0'; - } - } - else - { - const char *psz_end = strchr( psz_header, ' ' ); - if( psz_end ) - msg_Warn( p_access, "Unknown authentication scheme: '%*s'", - (int)(psz_end - psz_header), psz_header ); - else - msg_Warn( p_access, "Unknown authentication scheme: '%s'", - psz_header ); - } -} - -static char *AuthDigest( access_t *p_access, vlc_url_t *p_url, - http_auth_t *p_auth, const char *psz_method ) -{ - (void)p_access; - const char *psz_username = p_url->psz_username ?: ""; - const char *psz_password = p_url->psz_password ?: ""; - - char *psz_HA1 = NULL; - char *psz_HA2 = NULL; - char *psz_response = NULL; - struct md5_s md5; - - /* H(A1) */ - if( p_auth->psz_HA1 ) - { - psz_HA1 = strdup( p_auth->psz_HA1 ); - if( !psz_HA1 ) goto error; - } - else - { - InitMD5( &md5 ); - AddMD5( &md5, psz_username, strlen( psz_username ) ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_realm, strlen( p_auth->psz_realm ) ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, psz_password, strlen( psz_password ) ); - EndMD5( &md5 ); - - psz_HA1 = psz_md5_hash( &md5 ); - if( !psz_HA1 ) goto error; - - if( p_auth->psz_algorithm - && !strcmp( p_auth->psz_algorithm, "MD5-sess" ) ) - { - InitMD5( &md5 ); - AddMD5( &md5, psz_HA1, 32 ); - free( psz_HA1 ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) ); - EndMD5( &md5 ); - - psz_HA1 = psz_md5_hash( &md5 ); - if( !psz_HA1 ) goto error; - p_auth->psz_HA1 = strdup( psz_HA1 ); - if( !p_auth->psz_HA1 ) goto error; - } - } - - /* H(A2) */ - InitMD5( &md5 ); - if( *psz_method ) - AddMD5( &md5, psz_method, strlen( psz_method ) ); - AddMD5( &md5, ":", 1 ); - if( p_url->psz_path ) - AddMD5( &md5, p_url->psz_path, strlen( p_url->psz_path ) ); - else - AddMD5( &md5, "/", 1 ); - if( p_auth->psz_qop && !strcmp( p_auth->psz_qop, "auth-int" ) ) - { - char *psz_ent; - struct md5_s ent; - InitMD5( &ent ); - AddMD5( &ent, "", 0 ); /* XXX: entity-body. should be ok for GET */ - EndMD5( &ent ); - psz_ent = psz_md5_hash( &ent ); - if( !psz_ent ) goto error; - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, psz_ent, 32 ); - free( psz_ent ); - } - EndMD5( &md5 ); - psz_HA2 = psz_md5_hash( &md5 ); - if( !psz_HA2 ) goto error; - - /* Request digest */ - InitMD5( &md5 ); - AddMD5( &md5, psz_HA1, 32 ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) ); - AddMD5( &md5, ":", 1 ); - if( p_auth->psz_qop - && ( !strcmp( p_auth->psz_qop, "auth" ) - || !strcmp( p_auth->psz_qop, "auth-int" ) ) ) - { - char psz_inonce[9]; - snprintf( psz_inonce, 9, "%08x", p_auth->i_nonce ); - AddMD5( &md5, psz_inonce, 8 ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_qop, strlen( p_auth->psz_qop ) ); - AddMD5( &md5, ":", 1 ); - } - AddMD5( &md5, psz_HA2, 32 ); - EndMD5( &md5 ); - psz_response = psz_md5_hash( &md5 ); - - error: - free( psz_HA1 ); - free( psz_HA2 ); - return psz_response; -} - static void AuthReply( access_t *p_access, const char *psz_prefix, vlc_url_t *p_url, http_auth_t *p_auth ) { access_sys_t *p_sys = p_access->p_sys; - v_socket_t *pvs = p_sys->p_vs; - - const char *psz_username = p_url->psz_username ?: ""; - const char *psz_password = p_url->psz_password ?: ""; - - if( p_auth->psz_nonce ) - { - /* Digest Access Authentication */ - char *psz_response; - - if( p_auth->psz_algorithm - && strcmp( p_auth->psz_algorithm, "MD5" ) - && strcmp( p_auth->psz_algorithm, "MD5-sess" ) ) - { - msg_Err( p_access, "Digest Access Authentication: " - "Unknown algorithm '%s'", p_auth->psz_algorithm ); - return; - } - - if( p_auth->psz_qop || !p_auth->psz_cnonce ) - { - /* FIXME: needs to be really random to prevent man in the middle - * attacks */ - free( p_auth->psz_cnonce ); - p_auth->psz_cnonce = strdup( "Some random string FIXME" ); - } - p_auth->i_nonce ++; - - psz_response = AuthDigest( p_access, p_url, p_auth, "GET" ); - if( !psz_response ) return; - - net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, - "%sAuthorization: Digest " - /* Mandatory parameters */ - "username=\"%s\", " - "realm=\"%s\", " - "nonce=\"%s\", " - "uri=\"%s\", " - "response=\"%s\", " - /* Optional parameters */ - "%s%s%s" /* algorithm */ - "%s%s%s" /* cnonce */ - "%s%s%s" /* opaque */ - "%s%s%s" /* message qop */ - "%s%08x%s" /* nonce count */ - "\r\n", - /* Mandatory parameters */ - psz_prefix, - psz_username, - p_auth->psz_realm, - p_auth->psz_nonce, - p_url->psz_path ?: "/", - psz_response, - /* Optional parameters */ - p_auth->psz_algorithm ? "algorithm=\"" : "", - p_auth->psz_algorithm ?: "", - p_auth->psz_algorithm ? "\", " : "", - p_auth->psz_cnonce ? "cnonce=\"" : "", - p_auth->psz_cnonce ?: "", - p_auth->psz_cnonce ? "\", " : "", - p_auth->psz_opaque ? "opaque=\"" : "", - p_auth->psz_opaque ?: "", - p_auth->psz_opaque ? "\", " : "", - p_auth->psz_qop ? "qop=\"" : "", - p_auth->psz_qop ?: "", - p_auth->psz_qop ? "\", " : "", - p_auth->i_nonce ? "nc=\"" : "uglyhack=\"", /* Will be parsed as an unhandled extension */ - p_auth->i_nonce, - p_auth->i_nonce ? "\"" : "\"" - ); - - free( psz_response ); - } - else - { - /* Basic Access Authentication */ - char buf[strlen( psz_username ) + strlen( psz_password ) + 2]; - char *b64; - - snprintf( buf, sizeof( buf ), "%s:%s", psz_username, psz_password ); - b64 = vlc_b64_encode( buf ); + char *psz_value; + + psz_value = + http_auth_FormatAuthorizationHeader( VLC_OBJECT(p_access), p_auth, + "GET", p_url->psz_path, + p_url->psz_username, + p_url->psz_password ); + if ( psz_value == NULL ) + return; - if( b64 != NULL ) - { - net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, - "%sAuthorization: Basic %s\r\n", psz_prefix, b64 ); - free( b64 ); - } - } + net_Printf( p_access, p_sys->fd, p_sys->p_vs, + "%sAuthorization: %s\r\n", psz_prefix, psz_value ); + free( psz_value ); } static int AuthCheckReply( access_t *p_access, const char *psz_header, vlc_url_t *p_url, http_auth_t *p_auth ) { - int i_ret = VLC_EGENERIC; - char *psz_nextnonce = AuthGetParam( psz_header, "nextnonce" ); - char *psz_qop = AuthGetParamNoQuotes( psz_header, "qop" ); - char *psz_rspauth = AuthGetParam( psz_header, "rspauth" ); - char *psz_cnonce = AuthGetParam( psz_header, "cnonce" ); - char *psz_nc = AuthGetParamNoQuotes( psz_header, "nc" ); - - if( psz_cnonce ) - { - char *psz_digest; - - if( strcmp( psz_cnonce, p_auth->psz_cnonce ) ) - { - msg_Err( p_access, "HTTP Digest Access Authentication: server replied with a different client nonce value." ); - goto error; - } - - if( psz_nc ) - { - int i_nonce; - i_nonce = strtol( psz_nc, NULL, 16 ); - if( i_nonce != p_auth->i_nonce ) - { - msg_Err( p_access, "HTTP Digest Access Authentication: server replied with a different nonce count value." ); - goto error; - } - } - - if( psz_qop && p_auth->psz_qop && strcmp( psz_qop, p_auth->psz_qop ) ) - msg_Warn( p_access, "HTTP Digest Access Authentication: server replied using a different 'quality of protection' option" ); - - /* All the clear text values match, let's now check the response - * digest */ - psz_digest = AuthDigest( p_access, p_url, p_auth, "" ); - if( strcmp( psz_digest, psz_rspauth ) ) - { - msg_Err( p_access, "HTTP Digest Access Authentication: server replied with an invalid response digest (expected value: %s).", psz_digest ); - free( psz_digest ); - goto error; - } - free( psz_digest ); - } - - if( psz_nextnonce ) - { - free( p_auth->psz_nonce ); - p_auth->psz_nonce = psz_nextnonce; - psz_nextnonce = NULL; - } - - i_ret = VLC_SUCCESS; - error: - free( psz_nextnonce ); - free( psz_qop ); - free( psz_rspauth ); - free( psz_cnonce ); - free( psz_nc ); - - return i_ret; -} - -static void AuthReset( http_auth_t *p_auth ) -{ - FREENULL( p_auth->psz_realm ); - FREENULL( p_auth->psz_domain ); - FREENULL( p_auth->psz_nonce ); - FREENULL( p_auth->psz_opaque ); - FREENULL( p_auth->psz_stale ); - FREENULL( p_auth->psz_algorithm ); - FREENULL( p_auth->psz_qop ); - p_auth->i_nonce = 0; - FREENULL( p_auth->psz_cnonce ); - FREENULL( p_auth->psz_HA1 ); + return + http_auth_ParseAuthenticationInfoHeader( VLC_OBJECT(p_access), p_auth, + psz_header, "", + p_url->psz_path, + p_url->psz_username, + p_url->psz_password ); }