Esempio n. 1
0
/**
 * Throws NSPRException upon NSPR error
 */
Connection::Connection(const ServerInfo& server,
		       const std::string &certDBPasswd,
		       const std::string &certNickName,
		       bool alwaysTrustServerCert) 
    : socket(NULL), certdbpasswd(NULL), certnickname(NULL)
{
    char      buffer[PR_NETDB_BUF_SIZE];
    PRNetAddr address;
    PRHostEnt hostEntry;
    PRIntn    hostIndex;
    PRStatus	prStatus;
    SECStatus	secStatus;

    prStatus = PR_GetHostByName(server.getHost().c_str(), buffer,
				sizeof(buffer), &hostEntry);
    if (PR_SUCCESS != prStatus) {
        throw NSPRException("Connection::Connection", "PR_GetHostByName");
    }

    hostIndex = PR_EnumerateHostEnt(0, &hostEntry, server.getPort(), &address);
    if (hostIndex < 0) {
        throw NSPRException("Connection::Connection", "PR_EnumerateHostEnt");
    }

    socket = createSocket(address, server.useSSL(),
			  certDBPasswd,
			  certNickName,
			  alwaysTrustServerCert);

    if (server.useSSL()) {
	secStatus = SSL_SetURL(socket, server.getHost().c_str());
	if (SECSuccess != secStatus) {
	    PRErrorCode error = PR_GetError();

	    PR_Shutdown(socket, PR_SHUTDOWN_BOTH);
	    PR_Close(socket);
	    Log::log(Log::ALL_MODULES, Log::LOG_ERROR,
		     "SSL_SetURL() returned error: %s",
		     PR_ErrorToString(error, PR_LANGUAGE_I_DEFAULT));
	    throw NSPRException("Connection::Connection",
				"SSL_SetURL", error);
	}
    }

    prStatus = PR_Connect(socket, &address, connect_timeout);

    if (prStatus != PR_SUCCESS) {
	PRErrorCode error = PR_GetError();

	PR_Shutdown(socket, PR_SHUTDOWN_BOTH);
	PR_Close(socket);
	throw NSPRException("Connection::Connection PR_Connect", "PR_Connect", error);
    }
}
Esempio n. 2
0
am_status_t
BaseService::doRequest(const ServiceInfo& service,
		       const BodyChunk& headerPrefix,
		       const std::string& uriParameters,
		       const Http::CookieList& cookieList,
		       const BodyChunk& headerSuffix,
		       const BodyChunkList& bodyChunkList,
		       Http::Response& response,
		       std::size_t initialBufferLen,
		       const std::string &cert_nick_name,
		       const ServerInfo** serverInfo) const
{
    am_status_t status = AM_SERVICE_NOT_AVAILABLE;
    std::size_t dataLen = 0;
    // Create a temporary buffer for the Content-Line header
    // the extra '2' is for the <CR><LF> at the end.  The
    // sizeof the CONTENT_LENGTH_HDR includes space for the
    // terminating NUL.
    char contentLine[sizeof(CONTENT_LENGTH_HDR) +
		     (sizeof(dataLen) * DIGITS_PER_BYTE) + 2];
    std::size_t contentLineLen;

    for (unsigned int i = 0; i < bodyChunkList.size(); ++i) {
	dataLen += bodyChunkList[i].data.size();
    }

    contentLineLen = snprintf(contentLine, sizeof(contentLine), "%s%d\r\n",
			      CONTENT_LENGTH_HDR, dataLen);
    if (sizeof(contentLine) > contentLineLen) {
	BodyChunk contentLineChunk(contentLine, contentLineLen);
	ServiceInfo::const_iterator iter;

	for (iter = service.begin(); iter != service.end(); ++iter) {
            ServerInfo svrInfo = ServerInfo((const ServerInfo&)(*iter));
	    if (!svrInfo.isHealthy(poll_primary_server)) {
		Log::log(logModule, Log::LOG_WARNING,
			"BaseService::doRequest(): "
			"Server is unavailable: %s.",
			svrInfo.getURL().c_str());
		continue;
	    } else {
		Log::log(logModule, Log::LOG_DEBUG,
			"BaseService::doRequest(): Using server: %s.",
			iter->getURL().c_str());
            }

            Http::HeaderList headerList, proxyHeaderList;
            Http::Cookie hostHeader("Host", svrInfo.getHost());
            headerList.push_back(hostHeader);

            if (useProxy) {
                proxyHeaderList.push_back(hostHeader);
                // Override (temporarily) server credentials if using proxy
                svrInfo.setHost(proxyHost);
                svrInfo.setPort(proxyPort);
                // We don't use SSL for initial proxy connection
		svrInfo.setUseSSL(false);
                Log::log(logModule, Log::LOG_DEBUG,
                         "BaseService::doRequest(): Using proxy: %s:%d",
                         proxyHost.c_str(),proxyPort);
                // Add Proxy-Authorization header if user defined
                if (useProxyAuth) {
                    // allocate enough for a base64-encoded digest
                    int authSize = proxyUser.size() + 
                                   proxyPassword.size() + 1;
                    // 11 extra bytes for prefix and terminator
                    char * digest = (char *)malloc(authSize * 4/3 + 11);
                    strcpy(digest, "Basic ");
                    encode_base64((proxyUser + ":" + proxyPassword).c_str(),
                                   authSize,(digest + 6));
                    Log::log(logModule, Log::LOG_MAX_DEBUG,
                         "BaseService::doRequest(): Using proxy auth as: %s",
                         proxyUser.c_str());
                    hostHeader = Http::Cookie("Proxy-Authorization", digest);
                    proxyHeaderList.push_back(hostHeader);
                    free(digest);
                }
            }

            // retry to connect to server before marking it as down.
            // making the number of attempts configurable may have a negative
            // side effect on performance, if the the value is a high number.
            int retryAttempts = 3;
            int retryCount = 0;
            while(retryCount < retryAttempts) {
                retryCount++;
	        try {
                    Connection conn(svrInfo, certDBPasswd,
                      (cert_nick_name.size()>0)?cert_nick_name:certNickName,
                         alwaysTrustServerCert);
		    const char *operation = "sending to";
                    // in case proxy is defined and target URL is HTTPS, 
                    // establish an SSL tunnel first send 
                    // CONNECT host:port string
                    if (useProxy && iter->useSSL()) {
                        SECStatus   secStatus = SECFailure;
                        // All the other parameters would be empty for a 
                        // proxy CONNECT
                        Http::CookieList emptyCookieList;
                        BodyChunk emptyChunk;
                        BodyChunkList emptyChunkList;

                        // Add a Keep-alive header since we're using HTTP/1.0
                        hostHeader = Http::Cookie("Connection", 
                                                  "Keep-Alive\r\n");
                        proxyHeaderList.push_back(hostHeader);
                        status = sendRequest(conn, 
                                        BodyChunk(std::string("CONNECT ")), 
                                        iter->getHost() + ":" +
					Utils::toString(iter->getPort()), 
                                        std::string(""), proxyHeaderList, 
                                        emptyCookieList, emptyChunk, 
                                        emptyChunk, emptyChunkList);
                        if (status == AM_SUCCESS) {
                            // Retrieve proxie's response if tunnel 
                            // established
                            (void) response.readAndIgnore(logModule, conn);
                            // Secure the tunnel now by upgrading the socket
                            PRFileDesc *sock = conn.secureSocket(
                                                  certDBPasswd, 
                                                  (cert_nick_name.size()>0)?
                                            cert_nick_name:certNickName, 
				            alwaysTrustServerCert, NULL);
                            if (sock != static_cast<PRFileDesc *>(NULL)) {
                                secStatus = SSL_SetURL(sock, 
                                                  iter->getHost().c_str());
                            }
                        }

                        if (status != AM_SUCCESS || SECSuccess != secStatus){
                            Log::log(logModule, Log::LOG_ERROR,
                                "BaseService::doRequest(): could not "
				"establish a secure proxy tunnel");
                            // Can't continue and mark server as down as 
                            // it was a  proxy failure
                            return AM_FAILURE;
                        }
                    }

		    if(Log::isLevelEnabled(logModule, Log::LOG_MAX_DEBUG)) {
		        std::string commString;
		        for(std::size_t i = 0; i<bodyChunkList.size(); ++i) {
			    if(!bodyChunkList[i].secure) {
			        commString.append(bodyChunkList[i].data);
			    } else {
			        commString.append("<secure data>");
			    }
		        }
		        for(std::size_t commPos = commString.find("%");
		    	    commPos != std::string::npos &&
			    commPos < commString.size();
			    commPos = commString.find("%", commPos)) {
			    commString.replace(commPos, 1, "%%");
			    commPos += 2;
		        }
		        Log::log(logModule, Log::LOG_MAX_DEBUG,
			     commString.c_str());
		    }

                    std::string requestString = iter->getURI();
                    /*
                     * In case the following request would go to a proxy
                     * we need to use full URL and special headers.
                     * If the resource is HTTPS, we're not posting our
                     * request to the proxy, but to the server 
                     * through proxy tunnel
                     */

                    if (useProxy && !(iter->useSSL())) {
                        requestString = iter->getURL();
                        headerList = proxyHeaderList;
                    }
		    status = sendRequest(conn, headerPrefix, requestString,
				     uriParameters, headerList, cookieList,
				     contentLineChunk, headerSuffix,
				     bodyChunkList);
		    if (AM_SUCCESS == status) {
		        operation = "receiving from";
		        status = response.readAndParse(logModule, conn,
						   initialBufferLen);
		        if (AM_SUCCESS == status) {
			    Log::log(logModule, Log::LOG_MAX_DEBUG, "%.*s",
				 response.getBodyLen(), response.getBodyPtr());
		        }
		    }

		    if (AM_NSPR_ERROR == status) {
		        PRErrorCode nspr_code = PR_GetError();
		        Log::log(logModule, Log::LOG_ALWAYS,
			     "BaseService::doRequest() NSPR failure while "
			     "%s %s, error = %s", operation,
			     (*iter).toString().c_str(), 
			     PR_ErrorToName(nspr_code));
		    }
		
		    if (AM_SUCCESS == status) {
		        if(serverInfo != NULL) *serverInfo = &(*iter);
		            break;
		    } else {
                        if(retryCount < retryAttempts) {
                            continue;
                        } else {
                           Log::log(logModule, Log::LOG_DEBUG,
                               "BaseService::doRequest() Invoking markSeverDown");
                           svrInfo.markServerDown(poll_primary_server);
                        }
		    }
	        } catch (const NSPRException& exc) {
		    Log::log(logModule, Log::LOG_DEBUG,
			 "BaseService::doRequest() caught %s: %s called by %s "
			 "returned %s", exc.what(), exc.getNsprMethod(),
			 exc.getThrowingMethod(), 
			 PR_ErrorToName(exc.getErrorCode()));

                   if(retryCount < retryAttempts) {
		       status = AM_NSPR_ERROR;
                       continue;
                    } else {
                       Log::log(logModule, Log::LOG_DEBUG,
                           "BaseService::doRequest() Invoking markSeverDown");
                       svrInfo.markServerDown(poll_primary_server);
		       status = AM_NSPR_ERROR;
                    }
	        }
            } //end of while

            if (AM_SUCCESS == status) {
               if(serverInfo != NULL) *serverInfo = &(*iter);
                    break;
            }
            if (status = AM_NSPR_ERROR) {
               continue;
            }

	} // end of for
    } else {
	status = AM_BUFFER_TOO_SMALL;
    }

    return status;
}