// send check header "X-CC-DOWN-CHECK" to lower FC
static int SendCheckHeader(clientHttpRequest *http)
{
// do not send X-CC-UP-CHECK to client as possible
httpHeaderDelByName(&http->reply->header, "X-CC-UP-CHECK");
struct mod_conf_param *cfg = cc_get_mod_param(http->conn->fd, mod);
if (NULL == cfg || !cfg->send) {
debug(107,3)("mod_check_response: no need to send X-CC-UP-CHECK header\n");
return -1;
}
const char *down_buf = httpHeaderGetValue(&http->request->header, "X-CC-DOWN-CHECK");
if (NULL == down_buf) {
if (cfg->send)
debug(107,2)("mod_check_response: do not send X-CC-UP-CHECK header, for not received X-CC-DOWN-CHECK header\n");
return -1;
}
char key[512];
memset(key, 0, 512);
unsigned char md5[SQUID_MD5_DIGEST_LENGTH];
memset(md5, 0, SQUID_MD5_DIGEST_LENGTH);
strncpy(key, down_buf, 511);
char *host = key + strlen(key);
url2host(host, http->uri);
GetMD5Digest(key, md5);
assert(cfg->send);
httpHeaderAddEntry(&http->reply->header, httpHeaderEntryCreate(HDR_OTHER, "X-CC-UP-CHECK", (char*)md5));
debug(107, 3)("mod_check_response: send X-CC-UP-CHECK=[%s] header to client\n", md5);
return 0;
}
/*
* Send a "regular" HTTP GET message to "addr" and stuff the response
* into the connection buffer.
* Return the HTTP error code or <0 on failure.
*/
static long
nreq(struct conn *c, const char *addr)
{
struct httpget *g;
struct source src[MAX_SERVERS_DNS];
char *host, *path;
short port;
size_t srcsz;
ssize_t ssz;
long code;
if (NULL == (host = url2host(addr, &port, &path)))
return(-1);
if ((ssz = urlresolve(c->dfd, host, src)) < 0) {
free(host);
free(path);
return(-1);
}
srcsz = ssz;
g = http_get(src, srcsz, host, port, path, NULL, 0);
free(host);
free(path);
if (NULL == g)
return(-1);
code = g->code;
/* Copy the body part into our buffer. */
free(c->buf.buf);
c->buf.sz = g->bodypartsz;
c->buf.buf = malloc(c->buf.sz);
memcpy(c->buf.buf, g->bodypart, c->buf.sz);
http_get_free(g);
if (NULL == c->buf.buf) {
warn("malloc");
return(-1);
}
return(code);
}
/*
* Create and send a signed communication to the ACME server.
* Stuff the response into the communication buffer.
* Return <0 on failure on the HTTP error code otherwise.
*/
static long
sreq(struct conn *c, const char *addr, const char *req)
{
struct httpget *g;
struct source src[MAX_SERVERS_DNS];
char *host, *path, *nonce, *reqsn;
short port;
struct httphead *h;
ssize_t ssz;
long code;
if (NULL == (host = url2host(c->na, &port, &path)))
return(-1);
if ((ssz = urlresolve(c->dfd, host, src)) < 0) {
free(host);
free(path);
return(-1);
}
g = http_get(src, (size_t)ssz, host, port, path, NULL, 0);
free(host);
free(path);
if (NULL == g)
return(-1);
h = http_head_get("Replay-Nonce", g->head, g->headsz);
if (NULL == h) {
warnx("%s: no replay nonce", c->na);
http_get_free(g);
return(-1);
} else if (NULL == (nonce = strdup(h->val))) {
warn("strdup");
http_get_free(g);
return(-1);
}
http_get_free(g);
/*
* Send the nonce and request payload to the acctproc.
* This will create the proper JSON object we need.
*/
if (writeop(c->fd, COMM_ACCT, ACCT_SIGN) <= 0) {
free(nonce);
return(-1);
} else if (writestr(c->fd, COMM_PAY, req) <= 0) {
free(nonce);
return(-1);
} else if (writestr(c->fd, COMM_NONCE, nonce) <= 0) {
free(nonce);
return(-1);
}
free(nonce);
/* Now read back the signed payload. */
if (NULL == (reqsn = readstr(c->fd, COMM_REQ)))
return(-1);
/* Now send the signed payload to the CA. */
if (NULL == (host = url2host(addr, &port, &path))) {
free(reqsn);
return(-1);
} else if ((ssz = urlresolve(c->dfd, host, src)) < 0) {
free(host);
free(path);
free(reqsn);
return(-1);
}
g = http_get(src, (size_t)ssz, host,
port, path, reqsn, strlen(reqsn));
free(host);
free(path);
free(reqsn);
if (NULL == g)
return(-1);
/* Stuff response into parse buffer. */
code = g->code;
free(c->buf.buf);
c->buf.sz = g->bodypartsz;
c->buf.buf = malloc(c->buf.sz);
memcpy(c->buf.buf, g->bodypart, c->buf.sz);
http_get_free(g);
if (NULL == c->buf.buf) {
warn("malloc");
return(-1);
}
return(code);
}