int main(int argc, char **argv) { int rc = RTR3InitExe(argc, &argv, 0); if (RT_FAILURE(rc)) return RTMsgInitFailure(rc); /* * Create a HTTP client instance. */ RTHTTP hHttp; rc = RTHttpCreate(&hHttp); if (RT_FAILURE(rc)) return RTMsgErrorExit(RTEXITCODE_FAILURE, "RTHttpCreate failed: %Rrc", rc); /* * Parse arguments. */ static const RTGETOPTDEF s_aOptions[] = { { "--output", 'o', RTGETOPT_REQ_STRING }, { "--quiet", 'q', RTGETOPT_REQ_NOTHING }, { "--verbose", 'v', RTGETOPT_REQ_NOTHING }, }; RTEXITCODE rcExit = RTEXITCODE_SUCCESS; const char *pszOutput = NULL; unsigned uVerbosityLevel = 1; RTGETOPTUNION ValueUnion; RTGETOPTSTATE GetState; RTGetOptInit(&GetState, argc, argv, s_aOptions, RT_ELEMENTS(s_aOptions), 1, RTGETOPTINIT_FLAGS_OPTS_FIRST); while ((rc = RTGetOpt(&GetState, &ValueUnion))) { switch (rc) { case 'o': pszOutput = ValueUnion.psz; break; case 'q': uVerbosityLevel--; break; case 'v': uVerbosityLevel++; break; case 'h': RTPrintf("Usage: %s [options] URL0 [URL1 [...]]\n" "\n" "Options:\n" " -o,--output=file\n" " Output file. If not given, the file is displayed on stdout.\n" " -q, --quiet\n" " -v, --verbose\n" " Controls the verbosity level.\n" " -h, -?, --help\n" " Display this help text and exit successfully.\n" " -V, --version\n" " Display the revision and exit successfully.\n" , RTPathFilename(argv[0])); return RTEXITCODE_SUCCESS; case 'V': RTPrintf("$Revision: 102641 $\n"); return RTEXITCODE_SUCCESS; case VINF_GETOPT_NOT_OPTION: { int rcHttp; if (pszOutput && strcmp("-", pszOutput)) { if (uVerbosityLevel > 0) RTStrmPrintf(g_pStdErr, "Fetching '%s' into '%s'...\n", ValueUnion.psz, pszOutput); rcHttp = RTHttpGetFile(hHttp, ValueUnion.psz, pszOutput); } else { if (uVerbosityLevel > 0) RTStrmPrintf(g_pStdErr, "Fetching '%s'...\n", ValueUnion.psz); void *pvResp; size_t cbResp; rcHttp = RTHttpGetBinary(hHttp, ValueUnion.psz, &pvResp, &cbResp); if (RT_SUCCESS(rcHttp)) { RTVFSIOSTREAM hVfsIos; rc = RTVfsIoStrmFromStdHandle(RTHANDLESTD_OUTPUT, 0, true /*fLeaveOpen*/, &hVfsIos); if (RT_SUCCESS(rc)) { rc = RTVfsIoStrmWrite(hVfsIos, pvResp, cbResp, true /*fBlocking*/, NULL); if (RT_FAILURE(rc)) rcExit = RTMsgErrorExit(RTEXITCODE_FAILURE, "Error writing to stdout: %Rrc", rc); RTVfsIoStrmRelease(hVfsIos); } else rcExit = RTMsgErrorExit(RTEXITCODE_FAILURE, "Error opening stdout: %Rrc", rc); RTHttpFreeResponse(pvResp); } } if (RT_FAILURE(rcHttp)) rcExit = RTMsgErrorExit(RTEXITCODE_FAILURE, "Error %Rrc getting '%s'", rcHttp, ValueUnion.psz); break; } default: return RTGetOptPrintError(rc, &ValueUnion); } } return rcExit; }
int main(int argc, char **argv) { unsigned cErrors = 0; RTR3InitExe(argc, &argv, 0); if (argc <= 1) { RTPrintf("usage: %s default\n", argv[0]); return 1; } for (int i = 1; i < argc; i++) { if (!strcmp(argv[i], "default")) ; else { RTPrintf("Unknown parameter '%s'\n", argv[i]); return 1; } } RTHTTP hHttp; char *pszBuf = NULL; PRTSTREAM CAFile = NULL; int rc = RTHttpCreate(&hHttp); /* * Create the certificate file */ if (RT_SUCCESS(rc)) rc = RTStrmOpen(CAFILE_NAME, "w+b", &CAFile); if (RT_SUCCESS(rc)) { /* * The old way: */ /* * Fetch the root CA certificate (new one, often avoided in cert chains by * using an intermediate cert which is signed by old root) */ if (RT_SUCCESS(rc)) rc = RTHttpGetText(hHttp, "http://www.verisign.com/repository/roots/root-certificates/PCA-3G5.pem", &pszBuf); if (RT_SUCCESS(rc) && pszBuf) rc = extractPCA3G5(hHttp, CAFile, (uint8_t*)pszBuf, strlen(pszBuf)); else checkError(hHttp, rc, "PCA-3G5.pem"); if (pszBuf) { RTMemFree(pszBuf); pszBuf = NULL; } /* * Fetch the root CA certificate (old one, but still very widely used) */ if (RT_SUCCESS(rc)) rc = RTHttpGetText(hHttp, "http://www.verisign.com/repository/roots/root-certificates/PCA-3.pem", &pszBuf); if (RT_SUCCESS(rc) && pszBuf) rc = extractPCA3(hHttp, CAFile, (uint8_t*)pszBuf, strlen(pszBuf)); else checkError(hHttp, rc, "PCA-3.pem"); if (pszBuf) { RTMemFree(pszBuf); pszBuf = NULL; } RTPrintf("Old way: rc=%Rrc\n", rc); /* * The new way: */ void *pu8Buf; size_t cb; rc = RTHttpGetBinary(hHttp, "http://www.verisign.com/support/roots.zip", &pu8Buf, &cb); if (RT_SUCCESS(rc) && pu8Buf) { void *pvDecomp; size_t cbDecomp; rc = RTZipPkzipMemDecompress(&pvDecomp, &cbDecomp, pu8Buf, cb, "VeriSign Root Certificates/Generation 5 (G5) PCA/VeriSign Class 3 Public Primary Certification Authority - G5.pem"); if (RT_SUCCESS(rc)) { rc = extractPCA3G5(hHttp, CAFile, (uint8_t*)pvDecomp, cbDecomp); RTMemFree(pvDecomp); rc = RTZipPkzipMemDecompress(&pvDecomp, &cbDecomp, pu8Buf, cb, "VeriSign Root Certificates/Generation 1 (G1) PCAs/Class 3 Public Primary Certification Authority.pem"); if (RT_SUCCESS(rc)) { rc = extractPCA3(hHttp, CAFile, (uint8_t*)pvDecomp, cbDecomp); RTMemFree(pvDecomp); } } } else checkError(hHttp, rc, "roots.zip"); RTPrintf("New way: rc=%Rrc\n", rc); } /* * Close the certificate file */ if (CAFile) { RTStrmClose(CAFile); CAFile = NULL; } /* * Use it */ if (RT_SUCCESS(rc)) rc = RTHttpSetCAFile(hHttp, CAFILE_NAME); /* * Now try to do the actual HTTPS request */ if (RT_SUCCESS(rc)) rc = RTHttpGetText(hHttp, "https://update.virtualbox.org/query.php?platform=LINUX_32BITS_UBUNTU_12_04&version=4.1.18", &pszBuf); if ( RT_FAILURE(rc) && rc != VERR_HTTP_COULDNT_CONNECT) cErrors++; if (RT_FAILURE(rc)) RTPrintf("Error code: %Rrc\n", rc); else { RTPrintf("Success!\n"); RTPrintf("Got: %s\n", pszBuf); } if (pszBuf) { RTMemFree(pszBuf); pszBuf = NULL; } RTHttpDestroy(hHttp); // RTFileDelete(CAFILE_NAME); return !!cErrors; }