[openssl] master update
dev at ddvo.net
dev at ddvo.net
Wed Mar 31 17:52:04 UTC 2021
The branch master has been updated
via 534725fd4389782d693cff061f4d31b786058ab1 (commit)
from c37b94795730a857485c6cebac6402c03246dce5 (commit)
- Log -----------------------------------------------------------------
commit 534725fd4389782d693cff061f4d31b786058ab1
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date: Sat Mar 20 22:04:58 2021 +0100
HTTP: Fix method_POST param by moving it to OSSL_HTTP_REQ_CTX_set_request_line()
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14699)
-----------------------------------------------------------------------
Summary of changes:
crypto/http/http_client.c | 20 +++++++++-----------
crypto/ocsp/ocsp_http.c | 4 ++--
doc/man3/OSSL_HTTP_REQ_CTX.pod | 35 +++++++++++++++++------------------
include/openssl/http.h | 5 ++---
include/openssl/ocsp.h.in | 5 +++--
5 files changed, 33 insertions(+), 36 deletions(-)
diff --git a/crypto/http/http_client.c b/crypto/http/http_client.c
index 4aba5e7761..8e4f8e8c83 100644
--- a/crypto/http/http_client.c
+++ b/crypto/http/http_client.c
@@ -73,8 +73,7 @@ struct ossl_http_req_ctx_st {
#define OHS_HTTP_HEADER (9 | OHS_NOREAD) /* Headers set, w/o final \r\n */
OSSL_HTTP_REQ_CTX *OSSL_HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio,
- int method_POST, int maxline,
- unsigned long max_resp_len,
+ int maxline, unsigned long max_resp_len,
int timeout, const char *expected_ct,
int expect_asn1)
{
@@ -96,7 +95,6 @@ OSSL_HTTP_REQ_CTX *OSSL_HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio,
OPENSSL_free(rctx);
return NULL;
}
- rctx->method_POST = method_POST;
rctx->expected_ct = expected_ct;
rctx->expect_asn1 = expect_asn1;
rctx->resp_len = 0;
@@ -135,10 +133,10 @@ void OSSL_HTTP_REQ_CTX_set_max_response_length(OSSL_HTTP_REQ_CTX *rctx,
}
/*
- * Create request line using |ctx| and |path| (or "/" in case |path| is NULL).
+ * Create request line using |rctx| and |path| (or "/" in case |path| is NULL).
* Server name (and port) must be given if and only if plain HTTP proxy is used.
*/
-int OSSL_HTTP_REQ_CTX_set_request_line(OSSL_HTTP_REQ_CTX *rctx,
+int OSSL_HTTP_REQ_CTX_set_request_line(OSSL_HTTP_REQ_CTX *rctx, int method_POST,
const char *server, const char *port,
const char *path)
{
@@ -150,6 +148,7 @@ int OSSL_HTTP_REQ_CTX_set_request_line(OSSL_HTTP_REQ_CTX *rctx,
if ((rctx->mem = BIO_new(BIO_s_mem())) == NULL)
return 0;
+ rctx->method_POST = method_POST != 0;
if (BIO_printf(rctx->mem, "%s ", rctx->method_POST ? "POST" : "GET") <= 0)
return 0;
@@ -202,7 +201,7 @@ int OSSL_HTTP_REQ_CTX_add1_header(OSSL_HTTP_REQ_CTX *rctx,
return 1;
}
-static int OSSL_HTTP_REQ_CTX_set_content(OSSL_HTTP_REQ_CTX *rctx,
+static int ossl_http_req_ctx_set_content(OSSL_HTTP_REQ_CTX *rctx,
const char *content_type, BIO *req_mem)
{
const unsigned char *req;
@@ -259,7 +258,7 @@ int OSSL_HTTP_REQ_CTX_set1_req(OSSL_HTTP_REQ_CTX *rctx, const char *content_type
}
res = (mem = ossl_http_asn1_item2bio(it, req)) != NULL
- && OSSL_HTTP_REQ_CTX_set_content(rctx, content_type, mem);
+ && ossl_http_req_ctx_set_content(rctx, content_type, mem);
BIO_free(mem);
return res;
}
@@ -308,18 +307,17 @@ OSSL_HTTP_REQ_CTX
}
/* remaining parameters are checked indirectly by the functions called */
- if ((rctx = OSSL_HTTP_REQ_CTX_new(wbio, rbio, req_mem != NULL, maxline,
- max_resp_len, timeout,
+ if ((rctx = OSSL_HTTP_REQ_CTX_new(wbio, rbio, maxline, max_resp_len, timeout,
expected_ct, expect_asn1))
== NULL)
return NULL;
- if (OSSL_HTTP_REQ_CTX_set_request_line(rctx,
+ if (OSSL_HTTP_REQ_CTX_set_request_line(rctx, req_mem != NULL,
use_http_proxy ? server : NULL, port,
path)
&& OSSL_HTTP_REQ_CTX_add1_headers(rctx, headers, server)
&& (req_mem == NULL
- || OSSL_HTTP_REQ_CTX_set_content(rctx, content_type, req_mem)))
+ || ossl_http_req_ctx_set_content(rctx, content_type, req_mem)))
return rctx;
OSSL_HTTP_REQ_CTX_free(rctx);
diff --git a/crypto/ocsp/ocsp_http.c b/crypto/ocsp/ocsp_http.c
index a35201e047..7a3c19c860 100644
--- a/crypto/ocsp/ocsp_http.c
+++ b/crypto/ocsp/ocsp_http.c
@@ -18,13 +18,13 @@ OSSL_HTTP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path,
{
OSSL_HTTP_REQ_CTX *rctx = NULL;
- if ((rctx = OSSL_HTTP_REQ_CTX_new(io, io, 1 /* POST */,
+ if ((rctx = OSSL_HTTP_REQ_CTX_new(io, io,
maxline, 0 /* default max_resp_len */,
0 /* no timeout, blocking indefinitely */,
NULL, 1 /* expect_asn1 */)) == NULL)
return NULL;
- if (!OSSL_HTTP_REQ_CTX_set_request_line(rctx, NULL, NULL, path))
+ if (!OSSL_HTTP_REQ_CTX_set_request_line(rctx, 1 /* POST */, NULL, NULL, path))
goto err;
if (req != NULL
diff --git a/doc/man3/OSSL_HTTP_REQ_CTX.pod b/doc/man3/OSSL_HTTP_REQ_CTX.pod
index 9cfae4c3cb..8e928f19fa 100644
--- a/doc/man3/OSSL_HTTP_REQ_CTX.pod
+++ b/doc/man3/OSSL_HTTP_REQ_CTX.pod
@@ -21,14 +21,13 @@ OSSL_HTTP_REQ_CTX_set_max_response_length
typedef struct ossl_http_req_ctx_st OSSL_HTTP_REQ_CTX;
OSSL_HTTP_REQ_CTX *OSSL_HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio,
- int method_POST, int maxline,
- unsigned long max_resp_len,
+ int maxline, unsigned long max_resp_len,
int timeout,
const char *expected_content_type,
int expect_asn1);
void OSSL_HTTP_REQ_CTX_free(OSSL_HTTP_REQ_CTX *rctx);
- int OSSL_HTTP_REQ_CTX_set_request_line(OSSL_HTTP_REQ_CTX *rctx,
+ int OSSL_HTTP_REQ_CTX_set_request_line(OSSL_HTTP_REQ_CTX *rctx, int method_POST,
const char *server, const char *port,
const char *path);
int OSSL_HTTP_REQ_CTX_add1_header(OSSL_HTTP_REQ_CTX *rctx,
@@ -59,8 +58,6 @@ the B<BIO> to read the response from (I<rbio>, which may be equal to I<wbio>),
the maximum expected response header line length (I<maxline>, where a value <= 0
indicates that the B<HTTP_DEFAULT_MAX_LINE_LENGTH> of 4KiB should be used;
this length is also used as the number of content bytes read at a time),
-the request method (I<method_POST>, which may be 1 to indicate that the C<POST>
-method is to be used, or 0 to indicate that the C<GET> method is to be used),
the maximum allowed response content length (I<max_resp_len>, where 0 means
that the B<HTTP_DEFAULT_MAX_RESP_LEN> is used, which currently is 100 KiB),
a response timeout measure in seconds (I<timeout>,
@@ -78,11 +75,11 @@ The I<wbio> and I<rbio> are not free'd and it is up to the application
to do so.
OSSL_HTTP_REQ_CTX_set_request_line() adds the HTTP request line to the context.
-The request method itself becomes C<GET> or C<POST> depending on the value
-of I<method_POST> in the OSSL_HTTP_REQ_CTX_new() call. I<server> and I<port>
-may be set to indicate a proxy server and port that the request should go
-through, otherwise they should be left NULL. I<path> is the HTTP request path;
-if left NULL, C</> is used.
+The HTTP method is determined by I<method_POST>,
+which should be 1 to indicate C<POST> or 0 to indicate C<GET>.
+I<server> and I<port> may be set to indicate a proxy server and port
+that the request should go through, otherwise they should be left NULL.
+I<path> is the HTTP request path; if left NULL, C</> is used.
OSSL_HTTP_REQ_CTX_add1_header() adds header I<name> with value I<value> to the
context I<rctx>. It can be called more than once to add multiple headers.
@@ -90,12 +87,14 @@ For example, to add a C<Host> header for C<example.com> you would call:
OSSL_HTTP_REQ_CTX_add1_header(ctx, "Host", "example.com");
-OSSL_HTTP_REQ_CTX_set1_req() finalizes the HTTP request context by adding
-the DER encoding of I<req>, using the ASN.1 template I<it> to do the encoding.
-The HTTP header C<Content-Length> is automatically filled out, and if
-I<content_type> isn't NULL, the HTTP header C<Content-Type> is also added with
-its content as value. All of this ends up in the internal memory B<BIO>.
-This requires that I<method_POST> was 1 in the OSSL_HTTP_REQ_CTX_new() call.
+OSSL_HTTP_REQ_CTX_set1_req() is to be used if and only if the I<method_POST>
+parameter in the OSSL_HTTP_REQ_CTX_set_request_line() call was 1.
+It finalizes the HTTP request context by adding the DER encoding of I<req>,
+using the ASN.1 template I<it> to do the encoding.
+The HTTP header C<Content-Length> is filled out with the length of the request.
+If I<content_type> isn't NULL,
+the HTTP header C<Content-Type> is also added with its content as value.
+All of this ends up in the internal memory B<BIO>.
OSSL_HTTP_REQ_CTX_nbio() attempts to send the request prepared I<rctx>
and gathering the response via HTTP, using the I<rbio> and I<wbio>
@@ -150,8 +149,8 @@ This is optional and may be done multiple times with different names.
=item 3.
Add C<POST> data with OSSL_HTTP_REQ_CTX_set1_req(). This may only be done if
-I<method_POST> was 1 in the OSSL_HTTP_REQ_CTX_new() call, and must be done
-exactly once in that case.
+I<method_POST> was 1 in the OSSL_HTTP_REQ_CTX_set_request_line() call,
+and must be done exactly once in that case.
=back
diff --git a/include/openssl/http.h b/include/openssl/http.h
index 9be738f48c..18d0f13b3e 100644
--- a/include/openssl/http.h
+++ b/include/openssl/http.h
@@ -39,12 +39,11 @@ typedef BIO *(*OSSL_HTTP_bio_cb_t)(BIO *bio, void *arg, int connect, int detail)
#define HTTP_DEFAULT_MAX_RESP_LEN (100 * 1024)
OSSL_HTTP_REQ_CTX *OSSL_HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio,
- int method_GET, int maxline,
- unsigned long max_resp_len,
+ int maxline, unsigned long max_resp_len,
int timeout, const char *expected_ct,
int expect_asn1);
void OSSL_HTTP_REQ_CTX_free(OSSL_HTTP_REQ_CTX *rctx);
-int OSSL_HTTP_REQ_CTX_set_request_line(OSSL_HTTP_REQ_CTX *rctx,
+int OSSL_HTTP_REQ_CTX_set_request_line(OSSL_HTTP_REQ_CTX *rctx, int method_POST,
const char *server, const char *port,
const char *path);
int OSSL_HTTP_REQ_CTX_add1_header(OSSL_HTTP_REQ_CTX *rctx,
diff --git a/include/openssl/ocsp.h.in b/include/openssl/ocsp.h.in
index b84d1d89d5..bf8bd7e676 100644
--- a/include/openssl/ocsp.h.in
+++ b/include/openssl/ocsp.h.in
@@ -178,11 +178,12 @@ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx);
# ifndef OPENSSL_NO_DEPRECATED_3_0
typedef OSSL_HTTP_REQ_CTX OCSP_REQ_CTX;
# define OCSP_REQ_CTX_new(io, maxline) \
- OSSL_HTTP_REQ_CTX_new(io, io, 1, maxline, 0, 0, NULL, 1)
+ OSSL_HTTP_REQ_CTX_new(io, io, maxline, 0, 0, NULL, 1)
# define OCSP_REQ_CTX_free(r) \
OSSL_HTTP_REQ_CTX_free(r)
# define OCSP_REQ_CTX_http(rctx, op, path) \
- OSSL_HTTP_REQ_CTX_set_request_line(rctx, NULL, NULL, path)
+ OSSL_HTTP_REQ_CTX_set_request_line(rctx, strcmp(op, "POST") == 0, \
+ NULL, NULL, path)
# define OCSP_REQ_CTX_add1_header(r, n, v) \
OSSL_HTTP_REQ_CTX_add1_header(r, n, v)
# define OCSP_REQ_CTX_i2d(r, i, req) \
More information about the openssl-commits
mailing list