Esempio n. 1
0
static int http_ocsp_transaction(CYASSL_OCSP* ocsp, DecodedCert* cert,
                        byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf)
{
    SOCKET_T sfd = -1;
    byte httpBuf[SCRATCH_BUFFER_SIZE];
    int httpBufSz = SCRATCH_BUFFER_SIZE;
    char domainName[80], path[80];
    int port, ocspRespSz;

    if (ocsp->useOverrideUrl || cert->extAuthInfo == NULL) {
        if (ocsp->overrideName != NULL) {
            XMEMCPY(domainName, ocsp->overrideName, 80);
            XMEMCPY(path, ocsp->overridePath, 80);
            port = ocsp->overridePort;
        } else
            return OCSP_NEED_URL;
    } else {
        if (!decode_url((const char*)cert->extAuthInfo, cert->extAuthInfoSz,
                                                    domainName, path, &port))
            return OCSP_NEED_URL;
    }

    httpBufSz = build_http_request(domainName, path, ocspReqSz,
                                                        httpBuf, httpBufSz);

    tcp_connect(&sfd, domainName, port);
    if (sfd > 0) {
        int written;
        written = (int)write(sfd, httpBuf, httpBufSz);
        if (written == httpBufSz) {
            written = (int)write(sfd, ocspReqBuf, ocspReqSz);
            if (written == ocspReqSz) {
                httpBufSz = (int)read(sfd, httpBuf, SCRATCH_BUFFER_SIZE);
                if (httpBufSz > 0) {
                    ocspRespSz = decode_http_response(httpBuf, httpBufSz,
                        ocspRespBuf);
                }
            }
        }
        close(sfd);
        if (ocspRespSz == 0) {
            CYASSL_MSG("HTTP response was not OK, no OCSP response");
            return OCSP_LOOKUP_FAIL;
        }
    } else {
        CYASSL_MSG("OCSP Responder connection failed");
        return OCSP_LOOKUP_FAIL;
    }

    return ocspRespSz;
}
Esempio n. 2
0
int EmbedOcspLookup(void* ctx, const char* url, int urlSz,
                        byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf)
{
    SOCKET_T sfd = 0;
    word16   port;
    int      ret = -1;
#ifdef CYASSL_SMALL_STACK
    char*    path;
    char*    domainName;
#else
    char     path[80];
    char     domainName[80];
#endif

#ifdef CYASSL_SMALL_STACK
    path = (char*)XMALLOC(80, NULL, DYNAMIC_TYPE_TMP_BUFFER);
    if (path == NULL)
        return -1;
    
    domainName = (char*)XMALLOC(80, NULL, DYNAMIC_TYPE_TMP_BUFFER);
    if (domainName == NULL) {
        XFREE(path, NULL, DYNAMIC_TYPE_TMP_BUFFER);
        return -1;
    }
#endif

    (void)ctx;

    if (ocspReqBuf == NULL || ocspReqSz == 0) {
        CYASSL_MSG("OCSP request is required for lookup");
    }
    else if (ocspRespBuf == NULL) {
        CYASSL_MSG("Cannot save OCSP response");
    }
    else if (decode_url(url, urlSz, domainName, path, &port) < 0) {
        CYASSL_MSG("Unable to decode OCSP URL");
    }
    else {
        /* Note, the library uses the EmbedOcspRespFree() callback to
         * free this buffer. */
        int   httpBufSz = SCRATCH_BUFFER_SIZE;
        byte* httpBuf   = (byte*)XMALLOC(httpBufSz, NULL, 
                                                        DYNAMIC_TYPE_IN_BUFFER);

        if (httpBuf == NULL) {
            CYASSL_MSG("Unable to create OCSP response buffer");
        }
        else {
            httpBufSz = build_http_request(domainName, path, ocspReqSz,
                                                            httpBuf, httpBufSz);

            if ((tcp_connect(&sfd, domainName, port) != 0) || (sfd <= 0)) {
                CYASSL_MSG("OCSP Responder connection failed");
            }
            else if ((int)send(sfd, (char*)httpBuf, httpBufSz, 0) !=
                                                                    httpBufSz) {
                CYASSL_MSG("OCSP http request failed");
            }
            else if ((int)send(sfd, (char*)ocspReqBuf, ocspReqSz, 0) !=
                                                                    ocspReqSz) {
                CYASSL_MSG("OCSP ocsp request failed");
            }
            else {
                ret = process_http_response(sfd, ocspRespBuf, httpBuf,
                                                           SCRATCH_BUFFER_SIZE);
            }

            close(sfd);
            XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
        }
    }

#ifdef CYASSL_SMALL_STACK
    XFREE(path,       NULL, DYNAMIC_TYPE_TMP_BUFFER);
    XFREE(domainName, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif

    return ret;
}
Esempio n. 3
0
int EmbedOcspLookup(void* ctx, const char* url, int urlSz,
                        byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf)
{
    char domainName[80], path[80];
    int port, httpBufSz, sfd = -1;
    int ocspRespSz = 0;
    byte* httpBuf = NULL;

    (void)ctx;

    if (ocspReqBuf == NULL || ocspReqSz == 0) {
        CYASSL_MSG("OCSP request is required for lookup");
        return -1;
    }

    if (ocspRespBuf == NULL) {
        CYASSL_MSG("Cannot save OCSP response");
        return -1;
    }

    if (decode_url(url, urlSz, domainName, path, &port) < 0) {
        CYASSL_MSG("Unable to decode OCSP URL");
        return -1;
    }
    
    /* Note, the library uses the EmbedOcspRespFree() callback to
     * free this buffer. */
    httpBufSz = SCRATCH_BUFFER_SIZE;
    httpBuf = (byte*)XMALLOC(httpBufSz, NULL, DYNAMIC_TYPE_IN_BUFFER);

    if (httpBuf == NULL) {
        CYASSL_MSG("Unable to create OCSP response buffer");
        return -1;
    }

    httpBufSz = build_http_request(domainName, path, ocspReqSz,
                                                        httpBuf, httpBufSz);

    if ((tcp_connect(&sfd, domainName, port) == 0) && (sfd > 0)) {
        int written;
        written = (int)send(sfd, httpBuf, httpBufSz, 0);
        if (written == httpBufSz) {
            written = (int)send(sfd, ocspReqBuf, ocspReqSz, 0);
            if (written == ocspReqSz) {
                ocspRespSz = process_http_response(sfd, ocspRespBuf,
                                                 httpBuf, SCRATCH_BUFFER_SIZE);
            }
        }
        close(sfd);
        if (ocspRespSz == 0) {
            CYASSL_MSG("OCSP response was not OK, no OCSP response");
            XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
            return -1;
        }
    } else {
        CYASSL_MSG("OCSP Responder connection failed");
        close(sfd);
        XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
        return -1;
    }

    XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
    return ocspRespSz;
}