/* convert a NAME_ENTRY to UTF8 string */
char *modssl_X509_NAME_ENTRY_to_string(apr_pool_t *p, X509_NAME_ENTRY *xsne,
int raw)
{
char *result = asn1_string_convert(p, X509_NAME_ENTRY_get_data(xsne), raw);
ap_xlate_proto_from_ascii(result, len);
return result;
}
static char *lookup_ssl_cert_dn(X509_NAME *xsname, int dnidx)
{
char *result;
X509_NAME_ENTRY *xsne;
int i, j, n, idx = 0;
result = NULL;
for (i = 0; info_cert_dn_rec[i].fid != 0; i++) {
if (info_cert_dn_rec[i].fid == dnidx) {
for (j = 0; j < sk_X509_NAME_ENTRY_num((STACK_OF(X509_NAME_ENTRY) *)
(xsname->entries)); j++) {
xsne = sk_X509_NAME_ENTRY_value((STACK_OF(X509_NAME_ENTRY) *)
(xsname->entries), j);
n =OBJ_obj2nid((ASN1_OBJECT *)X509_NAME_ENTRY_get_object(xsne));
if (n == info_cert_dn_rec[i].nid && idx-- == 0) {
result = malloc(xsne->value->length + 1);
memcpy(result, xsne->value->data,
xsne->value->length);
result[xsne->value->length] = '\0';
#if APR_CHARSET_EBCDIC
ap_xlate_proto_from_ascii(result, xsne->value->length);
#endif /* APR_CHARSET_EBCDIC */
break;
}
}
break;
}
}
return result;
}
/* convert a NAME_ENTRY to UTF8 string */
char *SSL_X509_NAME_ENTRY_to_string(apr_pool_t *p, X509_NAME_ENTRY *xsne)
{
char *result = NULL;
BIO* bio;
int len;
if ((bio = BIO_new(BIO_s_mem())) == NULL)
return NULL;
ASN1_STRING_print_ex(bio, X509_NAME_ENTRY_get_data(xsne),
ASN1_STRFLGS_ESC_CTRL|ASN1_STRFLGS_UTF8_CONVERT);
len = BIO_pending(bio);
result = apr_palloc(p, len+1);
len = BIO_read(bio, result, len);
result[len] = NUL;
BIO_free(bio);
ap_xlate_proto_from_ascii(result, len);
return result;
}
static apr_status_t rfc1413_query(apr_socket_t *sock, conn_rec *conn,
server_rec *srv)
{
apr_port_t rmt_port, our_port;
apr_port_t sav_rmt_port, sav_our_port;
apr_size_t i;
char *cp;
char buffer[RFC1413_MAXDATA + 1];
char user[RFC1413_USERLEN + 1]; /* XXX */
apr_size_t buflen;
apr_sockaddr_port_get(&sav_our_port, conn->local_addr);
apr_sockaddr_port_get(&sav_rmt_port, conn->remote_addr);
/* send the data */
buflen = apr_snprintf(buffer, sizeof(buffer), "%hu,%hu\r\n", sav_rmt_port,
sav_our_port);
ap_xlate_proto_to_ascii(buffer, buflen);
/* send query to server. Handle short write. */
i = 0;
while (i < buflen) {
apr_size_t j = strlen(buffer + i);
apr_status_t status;
status = apr_send(sock, buffer+i, &j);
if (status != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, status, srv,
"write: rfc1413: error sending request");
return status;
}
else if (j > 0) {
i+=j;
}
}
/*
* Read response from server. - the response should be newline
* terminated according to rfc - make sure it doesn't stomp its
* way out of the buffer.
*/
i = 0;
memset(buffer, '\0', sizeof(buffer));
/*
* Note that the strchr function below checks for \012 instead of '\n'
* this allows it to work on both ASCII and EBCDIC machines.
*/
while((cp = strchr(buffer, '\012')) == NULL && i < sizeof(buffer) - 1) {
apr_size_t j = sizeof(buffer) - 1 - i;
apr_status_t status;
status = apr_recv(sock, buffer+i, &j);
if (status != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, status, srv,
"read: rfc1413: error reading response");
return status;
}
else if (j > 0) {
i+=j;
}
else if (status == APR_SUCCESS && j == 0) {
/* Oops... we ran out of data before finding newline */
return APR_EINVAL;
}
}
/* RFC1413_USERLEN = 512 */
ap_xlate_proto_from_ascii(buffer, i);
if (sscanf(buffer, "%hu , %hu : USERID :%*[^:]:%512s", &rmt_port, &our_port,
user) != 3 || sav_rmt_port != rmt_port
|| sav_our_port != our_port)
return APR_EINVAL;
/*
* Strip trailing carriage return. It is part of the
* protocol, not part of the data.
*/
if ((cp = strchr(user, '\r')))
*cp = '\0';
conn->remote_logname = apr_pstrdup(conn->pool, user);
return APR_SUCCESS;
}
static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg,
request_rec *r,
proxy_dir_conf *dconf)
{
apr_uint16_t status;
apr_status_t rc;
const char *ptr;
apr_uint16_t num_headers;
int i;
rc = ajp_msg_get_uint16(msg, &status);
if (rc != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00983)
"ajp_unmarshal_response: Null status");
return rc;
}
r->status = status;
rc = ajp_msg_get_string(msg, &ptr);
if (rc == APR_SUCCESS) {
#if APR_CHARSET_EBCDIC /* copy only if we have to */
ptr = apr_pstrdup(r->pool, ptr);
ap_xlate_proto_from_ascii(ptr, strlen(ptr));
#endif
r->status_line = apr_psprintf(r->pool, "%d %s", status, ptr);
} else {
r->status_line = NULL;
}
ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r,
"ajp_unmarshal_response: status = %d", status);
rc = ajp_msg_get_uint16(msg, &num_headers);
if (rc == APR_SUCCESS) {
apr_table_t *save_table;
/* First, tuck away all already existing cookies */
/*
* Could optimize here, but just in case we want to
* also save other headers, keep this logic.
*/
save_table = apr_table_make(r->pool, num_headers + 2);
apr_table_do(addit_dammit, save_table, r->headers_out,
"Set-Cookie", NULL);
r->headers_out = save_table;
} else {
r->headers_out = NULL;
num_headers = 0;
}
ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r,
"ajp_unmarshal_response: Number of headers is = %d",
num_headers);
for(i = 0 ; i < (int) num_headers ; i++) {
apr_uint16_t name;
const char *stringname;
const char *value;
rc = ajp_msg_peek_uint16(msg, &name);
if (rc != APR_SUCCESS) {
return rc;
}
if ((name & 0XFF00) == 0XA000) {
ajp_msg_get_uint16(msg, &name);
stringname = long_res_header_for_sc(name);
if (stringname == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00984)
"ajp_unmarshal_response: "
"No such sc (%08x)",
name);
return AJP_EBAD_HEADER;
}
} else {
name = 0;
rc = ajp_msg_get_string(msg, &stringname);
if (rc != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00985)
"ajp_unmarshal_response: "
"Null header name");
return rc;
}
ap_xlate_proto_from_ascii(stringname, strlen(stringname));
}
rc = ajp_msg_get_string(msg, &value);
if (rc != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00986)
"ajp_unmarshal_response: "
"Null header value");
return rc;
}
/* Set-Cookie need additional processing */
if (!strcasecmp(stringname, "Set-Cookie")) {
value = ap_proxy_cookie_reverse_map(r, dconf, value);
}
/* Location, Content-Location, URI and Destination need additional
* processing */
else if (!strcasecmp(stringname, "Location")
|| !strcasecmp(stringname, "Content-Location")
|| !strcasecmp(stringname, "URI")
|| !strcasecmp(stringname, "Destination"))
{
value = ap_proxy_location_reverse_map(r, dconf, value);
}
ap_xlate_proto_from_ascii(value, strlen(value));
ap_log_rerror(APLOG_MARK, APLOG_TRACE5, 0, r,
"ajp_unmarshal_response: Header[%d] [%s] = [%s]",
i, stringname, value);
apr_table_add(r->headers_out, stringname, value);
/* Content-type needs an additional handling */
if (strcasecmp(stringname, "Content-Type") == 0) {
/* add corresponding filter */
ap_set_content_type(r, apr_pstrdup(r->pool, value));
ap_log_rerror(APLOG_MARK, APLOG_TRACE5, 0, r,
"ajp_unmarshal_response: ap_set_content_type to '%s'", value);
}
}
return APR_SUCCESS;
}
