static int http_ocsp_transaction(CYASSL_OCSP* ocsp, DecodedCert* cert,
byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf)
{
SOCKET_T sfd = -1;
byte httpBuf[SCRATCH_BUFFER_SIZE];
int httpBufSz = SCRATCH_BUFFER_SIZE;
char domainName[80], path[80];
int port, ocspRespSz;
if (ocsp->useOverrideUrl || cert->extAuthInfo == NULL) {
if (ocsp->overrideName != NULL) {
XMEMCPY(domainName, ocsp->overrideName, 80);
XMEMCPY(path, ocsp->overridePath, 80);
port = ocsp->overridePort;
} else
return OCSP_NEED_URL;
} else {
if (!decode_url((const char*)cert->extAuthInfo, cert->extAuthInfoSz,
domainName, path, &port))
return OCSP_NEED_URL;
}
httpBufSz = build_http_request(domainName, path, ocspReqSz,
httpBuf, httpBufSz);
tcp_connect(&sfd, domainName, port);
if (sfd > 0) {
int written;
written = (int)write(sfd, httpBuf, httpBufSz);
if (written == httpBufSz) {
written = (int)write(sfd, ocspReqBuf, ocspReqSz);
if (written == ocspReqSz) {
httpBufSz = (int)read(sfd, httpBuf, SCRATCH_BUFFER_SIZE);
if (httpBufSz > 0) {
ocspRespSz = decode_http_response(httpBuf, httpBufSz,
ocspRespBuf);
}
}
}
close(sfd);
if (ocspRespSz == 0) {
CYASSL_MSG("HTTP response was not OK, no OCSP response");
return OCSP_LOOKUP_FAIL;
}
} else {
CYASSL_MSG("OCSP Responder connection failed");
return OCSP_LOOKUP_FAIL;
}
return ocspRespSz;
}
int EmbedOcspLookup(void* ctx, const char* url, int urlSz,
byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf)
{
SOCKET_T sfd = 0;
word16 port;
int ret = -1;
#ifdef CYASSL_SMALL_STACK
char* path;
char* domainName;
#else
char path[80];
char domainName[80];
#endif
#ifdef CYASSL_SMALL_STACK
path = (char*)XMALLOC(80, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (path == NULL)
return -1;
domainName = (char*)XMALLOC(80, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (domainName == NULL) {
XFREE(path, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return -1;
}
#endif
(void)ctx;
if (ocspReqBuf == NULL || ocspReqSz == 0) {
CYASSL_MSG("OCSP request is required for lookup");
}
else if (ocspRespBuf == NULL) {
CYASSL_MSG("Cannot save OCSP response");
}
else if (decode_url(url, urlSz, domainName, path, &port) < 0) {
CYASSL_MSG("Unable to decode OCSP URL");
}
else {
/* Note, the library uses the EmbedOcspRespFree() callback to
* free this buffer. */
int httpBufSz = SCRATCH_BUFFER_SIZE;
byte* httpBuf = (byte*)XMALLOC(httpBufSz, NULL,
DYNAMIC_TYPE_IN_BUFFER);
if (httpBuf == NULL) {
CYASSL_MSG("Unable to create OCSP response buffer");
}
else {
httpBufSz = build_http_request(domainName, path, ocspReqSz,
httpBuf, httpBufSz);
if ((tcp_connect(&sfd, domainName, port) != 0) || (sfd <= 0)) {
CYASSL_MSG("OCSP Responder connection failed");
}
else if ((int)send(sfd, (char*)httpBuf, httpBufSz, 0) !=
httpBufSz) {
CYASSL_MSG("OCSP http request failed");
}
else if ((int)send(sfd, (char*)ocspReqBuf, ocspReqSz, 0) !=
ocspReqSz) {
CYASSL_MSG("OCSP ocsp request failed");
}
else {
ret = process_http_response(sfd, ocspRespBuf, httpBuf,
SCRATCH_BUFFER_SIZE);
}
close(sfd);
XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
}
}
#ifdef CYASSL_SMALL_STACK
XFREE(path, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(domainName, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int EmbedOcspLookup(void* ctx, const char* url, int urlSz,
byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf)
{
char domainName[80], path[80];
int port, httpBufSz, sfd = -1;
int ocspRespSz = 0;
byte* httpBuf = NULL;
(void)ctx;
if (ocspReqBuf == NULL || ocspReqSz == 0) {
CYASSL_MSG("OCSP request is required for lookup");
return -1;
}
if (ocspRespBuf == NULL) {
CYASSL_MSG("Cannot save OCSP response");
return -1;
}
if (decode_url(url, urlSz, domainName, path, &port) < 0) {
CYASSL_MSG("Unable to decode OCSP URL");
return -1;
}
/* Note, the library uses the EmbedOcspRespFree() callback to
* free this buffer. */
httpBufSz = SCRATCH_BUFFER_SIZE;
httpBuf = (byte*)XMALLOC(httpBufSz, NULL, DYNAMIC_TYPE_IN_BUFFER);
if (httpBuf == NULL) {
CYASSL_MSG("Unable to create OCSP response buffer");
return -1;
}
httpBufSz = build_http_request(domainName, path, ocspReqSz,
httpBuf, httpBufSz);
if ((tcp_connect(&sfd, domainName, port) == 0) && (sfd > 0)) {
int written;
written = (int)send(sfd, httpBuf, httpBufSz, 0);
if (written == httpBufSz) {
written = (int)send(sfd, ocspReqBuf, ocspReqSz, 0);
if (written == ocspReqSz) {
ocspRespSz = process_http_response(sfd, ocspRespBuf,
httpBuf, SCRATCH_BUFFER_SIZE);
}
}
close(sfd);
if (ocspRespSz == 0) {
CYASSL_MSG("OCSP response was not OK, no OCSP response");
XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
return -1;
}
} else {
CYASSL_MSG("OCSP Responder connection failed");
close(sfd);
XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
return -1;
}
XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
return ocspRespSz;
}