static tempfile_t *
tempfile_get(void)
{
size_t size;
if (!tempfile_current) {
tempfile_current = tempfile_new();
return tempfile_current;
}
/* get file size */
size = tempfile_size(tempfile_current);
/* if the file size reaches TEMPFILE_MAX_SIZE, return new temporary file */
if (size > TEMPFILE_MAX_SIZE) {
tempfile_current = tempfile_new();
return tempfile_current;
}
/* increment reference counter */
tempfile_ref(tempfile_current);
return tempfile_current;
}
static void session_download_new(struct incident *i, char *url)
{
g_debug("%s incident %p", __PRETTY_FUNCTION__, i);
struct session *session = session_new();
session->type = session_type_download;
session->url = g_strdup(url);
struct connection *con = NULL;
if( incident_value_con_get(i, "con", &con) )
{
session->laddr = g_strdup(con->local.ip_string);
curl_easy_setopt(session->easy, CURLOPT_INTERFACE, session->laddr);
connection_ref(con);
}
curl_easy_setopt(session->easy, CURLOPT_URL, session->url);
curl_easy_setopt(session->easy, CURLOPT_WRITEFUNCTION, curl_writefunction_cb);
curl_easy_setopt(session->easy, CURLOPT_WRITEDATA, session);
curl_easy_setopt(session->easy, CURLOPT_DEBUGFUNCTION, curl_debugfunction_cb);
curl_easy_setopt(session->easy, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(session->easy, CURLOPT_ERRORBUFFER, session->error);
curl_easy_setopt(session->easy, CURLOPT_PRIVATE, session);
curl_easy_setopt(session->easy, CURLOPT_NOPROGRESS, 0L);
curl_easy_setopt(session->easy, CURLOPT_FOLLOWLOCATION, 10);
curl_easy_setopt(session->easy, CURLOPT_PROGRESSFUNCTION, curl_progressfunction_cb);
curl_easy_setopt(session->easy, CURLOPT_PROGRESSDATA, session);
curl_easy_setopt(session->easy, CURLOPT_LOW_SPEED_TIME, 3L);
curl_easy_setopt(session->easy, CURLOPT_LOW_SPEED_LIMIT, 10L);
curl_easy_setopt(session->easy, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)");
session->action.download.file = tempfile_new(curl_runtime.download_dir, "http-");
session->action.download.ctxcon = con;
g_debug("session %p file %i path %s", session, session->action.download.file->fd, session->action.download.file->path);
g_debug("Adding easy %p to multi %p (%s)", session->easy, curl_runtime.multi, url);
curl_multi_add_handle(curl_runtime.multi, session->easy);
curl_runtime.queued++;
check_run_count();
}
void session_upload_new(struct incident *i)
{
GHashTableIter iter;
gpointer key, value;
GString *gstemp;
struct session *session = NULL;
char *url = NULL;
if (incident_value_string_get(i, "_url", &gstemp) == false )
{
g_debug("dionaea.upload.request got no _url in incident!");
return;
}
session = session_new();
session->type = session_type_upload;
url = gstemp->str;
session->url = g_strdup(url);
g_hash_table_iter_init (&iter, i->data);
while( g_hash_table_iter_next (&iter, &key, &value) )
{
char *name = key;
struct opaque_data *d = value;
char name_and_param[1024];
if( d->type == opaque_type_int )
{
g_warning("incident key %s has integer value. all post fields must be string values.", name);
} else
if( d->type == opaque_type_string)
{
/* ignore help field values */
if( strstr(name, "_ct") != NULL ||
strcmp(name, "_url") == 0)
continue;
if( strcmp(name, "_callback") == 0 )
{ /* incident callback */
session->action.upload.callback = g_strdup(d->opaque.string->str);
session->action.upload.file = tempfile_new(curl_runtime.download_dir, "httpupload-");
}else
if( strcmp(name, "_userdata") == 0 )
{ /* incident callback userdata */
session->action.upload.userdata = g_strdup(d->opaque.string->str);
}else
if( strcmp(name, "user") == 0 )
{ /* http auth user */
session->action.upload.username = g_strdup(d->opaque.string->str);
curl_easy_setopt(session->easy, CURLOPT_USERNAME, session->action.upload.username);
}else
if( strcmp(name, "pass") == 0 )
{ /* http auth password */
session->action.upload.password = g_strdup(d->opaque.string->str);
curl_easy_setopt(session->easy, CURLOPT_PASSWORD, session->action.upload.password);
}else
if( strncmp(name, "file://", 7) == 0 )
{ /* we upload this file */
curl_formadd(&session->action.upload.formpost,
&session->action.upload.last,
CURLFORM_COPYNAME, name + 7,
CURLFORM_FILE, d->opaque.string->str,
CURLFORM_END);
}else
{ /* all other values */
snprintf(name_and_param, 1024, "%s_ct", name);
if ( incident_value_string_get(i, name_and_param, &gstemp) == true)
{ /* with content type */
curl_formadd(&session->action.upload.formpost,
&session->action.upload.last,
CURLFORM_COPYNAME, name,
CURLFORM_CONTENTTYPE, gstemp->str,
CURLFORM_COPYCONTENTS, d->opaque.string->str,
CURLFORM_END);
} else
{ /* without content type */
curl_formadd(&session->action.upload.formpost,
&session->action.upload.last,
CURLFORM_COPYNAME, name,
CURLFORM_COPYCONTENTS, d->opaque.string->str,
CURLFORM_END);
}
}
}
}
char buf[] = "Expect:";
session->action.upload.headers = curl_slist_append(session->action.upload.headers, buf);
curl_easy_setopt(session->easy, CURLOPT_URL, session->url);
curl_easy_setopt(session->easy, CURLOPT_HTTPPOST, session->action.upload.formpost);
curl_easy_setopt(session->easy, CURLOPT_HTTPHEADER, session->action.upload.headers);
curl_easy_setopt(session->easy, CURLOPT_WRITEFUNCTION, curl_writefunction_cb);
curl_easy_setopt(session->easy, CURLOPT_WRITEDATA, session);
curl_easy_setopt(session->easy, CURLOPT_DEBUGFUNCTION, curl_debugfunction_cb);
// curl_easy_setopt(session->easy, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(session->easy, CURLOPT_ERRORBUFFER, session->error);
curl_easy_setopt(session->easy, CURLOPT_PRIVATE, session);
curl_easy_setopt(session->easy, CURLOPT_NOPROGRESS, 0L);
curl_easy_setopt(session->easy, CURLOPT_PROGRESSFUNCTION, curl_progressfunction_cb);
curl_easy_setopt(session->easy, CURLOPT_PROGRESSDATA, session);
curl_easy_setopt(session->easy, CURLOPT_LOW_SPEED_TIME, 3L);
curl_easy_setopt(session->easy, CURLOPT_LOW_SPEED_LIMIT, 10L);
curl_easy_setopt(session->easy, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)");
curl_easy_setopt(session->easy, CURLOPT_SSL_VERIFYPEER, 0);
curl_easy_setopt(session->easy, CURLOPT_SSL_VERIFYHOST, 0);
g_debug("Adding easy %p to multi %p (%s)", session->easy, curl_runtime.multi, url);
curl_multi_add_handle(curl_runtime.multi, session->easy);
curl_runtime.queued++;
check_run_count();
}
