ANSC_STATUS
CcspCwmpAcscoHttpBspNotify
(
ANSC_HANDLE hThisObject,
ULONG ulEvent,
ULONG ulError,
ANSC_HANDLE hReqContext,
ANSC_HANDLE hBmoReq,
ANSC_HANDLE hBmoRep
)
{
ANSC_STATUS returnStatus = ANSC_STATUS_SUCCESS;
PANSC_ACS_INTERN_HTTP_CONTENT pHttpGetReq = (PANSC_ACS_INTERN_HTTP_CONTENT )hReqContext;
PCCSP_CWMP_ACS_CONNECTION_OBJECT pMyObject = (PCCSP_CWMP_ACS_CONNECTION_OBJECT)hThisObject;
PCCSP_CWMP_SESSION_OBJECT pWmpSession = (PCCSP_CWMP_SESSION_OBJECT )pMyObject->hCcspCwmpSession;
PCCSP_CWMP_CPE_CONTROLLER_OBJECT pCcspCwmpCpeController = (PCCSP_CWMP_CPE_CONTROLLER_OBJECT)pWmpSession->hCcspCwmpCpeController;
PCCSP_CWMP_STAT_INTERFACE pCcspCwmpStatIf = (PCCSP_CWMP_STAT_INTERFACE)pCcspCwmpCpeController->hCcspCwmpStaIf;
PHTTP_BMO_REP_OBJECT pHttpBmoRep = (PHTTP_BMO_REP_OBJECT )hBmoRep;
switch ( ulEvent )
{
case HTTP_BSP_EVENT_BAD_REQUEST :
case HTTP_BSP_EVENT_CANNOT_RESOLVE_NAME :
case HTTP_BSP_EVENT_SERVER_UNAVAILABLE :
case HTTP_BSP_EVENT_NETWORK_FAILURE :
case HTTP_BSP_EVENT_TIMEOUT :
if( pHttpGetReq != NULL && pHttpGetReq->CompleteStatus == ANSC_STATUS_RESET_SESSION)
{
break;
}
if( pHttpGetReq && pHttpGetReq->ulContentSize == 0)
{
pHttpGetReq->CompleteStatus = ANSC_STATUS_FAILURE;
AnscSetEvent(&pHttpGetReq->CompleteEvent);
}
CcspTr069PaTraceDebug(("HttpClient Notify: %d\n", (int)ulEvent));
if( pCcspCwmpStatIf)
{
pCcspCwmpStatIf->IncTcpFailure(pCcspCwmpStatIf->hOwnerContext);
}
CcspCwmpAcscoHttpSessionClosed(hThisObject);
break;
case HTTP_BSP_EVENT_SOCKET_CLOSED:
/*
* During the test with Motive ACS, we observed that the web server
* close the connection after sending chanllenge back, which is an option.
*
* In that case, we need to start a new session and send back the authentication
* information.
*/
if( pHttpGetReq)
{
char* pHeaderLocation = NULL;
if ( pHttpBmoRep )
{
pHeaderLocation = pHttpBmoRep->GetHeaderValueByName((ANSC_HANDLE)pHttpBmoRep, "Location");
}
if ( pHeaderLocation && AnscSizeOfString(pHeaderLocation) != 0 )
{
ULONG ulCode = pHttpBmoRep->GetCode((ANSC_HANDLE)pHttpBmoRep);
CcspTr069PaTraceInfo(("ACS URL moved (HTTP code=%u) to: %s\n", ulCode, pHeaderLocation));
pHttpGetReq->ulContentSize = AnscSizeOfString(pHeaderLocation);
pHttpGetReq->pContent = CcspTr069PaCloneString(pHeaderLocation);
pHttpGetReq->bIsRedirect = TRUE;
}
pHttpGetReq->CompleteStatus = ANSC_STATUS_RESET_SESSION;
AnscSetEvent(&pHttpGetReq->CompleteEvent);
}
CcspTr069PaTraceDebug(("HttpClient Notify: SOCKET CLOSED\n"));
/* CcspCwmpAcscoHttpSessionClosed(hThisObject); */
break;
case HTTP_BSP_EVENT_TLS_TIMEOUT:
case HTTP_BSP_EVENT_TLS_ERROR:
CcspTr069PaTraceDebug(("HttpClient TLS Notify: %d\n", ulEvent));
if( pCcspCwmpStatIf)
{
pCcspCwmpStatIf->IncTlsFailure(pCcspCwmpStatIf->hOwnerContext);
}
if ( pHttpGetReq )
{
pHttpGetReq->CompleteStatus = ANSC_STATUS_FAILURE;
AnscSetEvent(&pHttpGetReq->CompleteEvent);
}
break;
default :
CcspTr069PaTraceDebug(("HttpClient Notify: %d\n", ulEvent));
if ( pHttpGetReq )
{
pHttpGetReq->CompleteStatus = ANSC_STATUS_FAILURE;
AnscSetEvent(&pHttpGetReq->CompleteEvent);
}
break;
}
return ANSC_STATUS_SUCCESS;
}
ANSC_STATUS
CcspCwmpAcscoRequest
(
ANSC_HANDLE hThisObject,
char* pSoapMessage,
char* pMethodName,
ULONG ulReqEnvCount,
ULONG ulRepEnvCount
)
{
PCCSP_CWMP_ACS_CONNECTION_OBJECT pMyObject = (PCCSP_CWMP_ACS_CONNECTION_OBJECT)hThisObject;
PHTTP_SIMPLE_CLIENT_OBJECT pHttpClient = (PHTTP_SIMPLE_CLIENT_OBJECT)pMyObject->hHttpSimpleClient;
PCCSP_CWMP_SESSION_OBJECT pWmpSession = (PCCSP_CWMP_SESSION_OBJECT )pMyObject->hCcspCwmpSession;
PCCSP_CWMP_CPE_CONTROLLER_OBJECT pCcspCwmpCpeController = (PCCSP_CWMP_CPE_CONTROLLER_OBJECT)pWmpSession->hCcspCwmpCpeController;
PCCSP_CWMP_STAT_INTERFACE pCcspCwmpStatIf = (PCCSP_CWMP_STAT_INTERFACE)pCcspCwmpCpeController->hCcspCwmpStaIf;
PCCSP_CWMP_CFG_INTERFACE pCcspCwmpCfgIf = (PCCSP_CWMP_CFG_INTERFACE)pCcspCwmpCpeController->hCcspCwmpCfgIf;
PCCSP_CWMP_MCO_INTERFACE pCcspCwmpMcoIf = (PCCSP_CWMP_MCO_INTERFACE )pWmpSession->hCcspCwmpMcoIf;
PHTTP_HFP_INTERFACE pHttpHfpIf = (PHTTP_HFP_INTERFACE)pHttpClient->GetHfpIf((ANSC_HANDLE)pHttpClient);
PHTTP_CAS_INTERFACE pHttpCasIf = NULL;
PHTTP_REQUEST_URI pHttpReqInfo = NULL;
ANSC_STATUS returnStatus = ANSC_STATUS_SUCCESS;
PANSC_ACS_INTERN_HTTP_CONTENT pHttpGetReq = &intHttpContent;
BOOL bApplyTls = FALSE;
PCHAR pRequestURL = NULL;
PCHAR pTempString = NULL;
PHTTP_AUTH_CLIENT_OBJECT pAuthClientObj = NULL;
char pNewUrl[257] = { 0 };
ULONG uRedirect = 0;
ULONG uMaxRedirect = 5;
ULONG ulRpcCallTimeout= CCSP_CWMPSO_RPCCALL_TIMEOUT;
/* If the response is 401 authentication required, we need to try again */
int nMaxAuthRetries = 2;
if( pMyObject->AcsUrl == NULL || AnscSizeOfString(pMyObject->AcsUrl) <= 10 || pHttpHfpIf == NULL)
{
return ANSC_STATUS_NOT_READY;
}
AnscZeroMemory(pHttpGetReq, sizeof(ANSC_ACS_INTERN_HTTP_CONTENT));
CcspTr069PaTraceDebug(("CcspCwmpAcscoRequest -- AcsUrl = '%s'\n", pMyObject->AcsUrl));
pHttpCasIf = (PHTTP_CAS_INTERFACE)pHttpClient->GetCasIf((ANSC_HANDLE)pHttpClient);
if ( pHttpCasIf != NULL)
{
if( pMyObject->Username == NULL || AnscSizeOfString(pMyObject->Username) == 0)
{
pHttpCasIf->EnableAuth(pHttpCasIf->hOwnerContext, FALSE);
}
else
{
pHttpCasIf->EnableAuth(pHttpCasIf->hOwnerContext, TRUE);
pAuthClientObj = (PHTTP_AUTH_CLIENT_OBJECT)pHttpClient->GetClientAuthObj((ANSC_HANDLE)pHttpClient);
if ( pAuthClientObj != NULL)
{
pAuthClientObj->SetAcmIf((ANSC_HANDLE)pAuthClientObj, (ANSC_HANDLE)pMyObject->hHttpAcmIf);
}
else
{
CcspTr069PaTraceError(("Failed to Get HttpAuthClient object.\n"));
}
}
}
#ifdef _DEBUG
if ( !pSoapMessage )
{
CcspTr069PaTraceDebug(("CPE Request:\n<EMPTY>\n"));
}
else if ( AnscSizeOfString(pSoapMessage) <= CCSP_CWMP_TRACE_MAX_SOAP_MSG_LENGTH )
{
CcspTr069PaTraceDebug(("CPE Request:\n%s\n", pSoapMessage));
}
else
{
char partSoap[CCSP_CWMP_TRACE_MAX_SOAP_MSG_LENGTH+1+8];
AnscCopyMemory(partSoap, pSoapMessage, CCSP_CWMP_TRACE_MAX_SOAP_MSG_LENGTH);
partSoap[CCSP_CWMP_TRACE_MAX_SOAP_MSG_LENGTH] = '\n';
partSoap[CCSP_CWMP_TRACE_MAX_SOAP_MSG_LENGTH+1] = '.';
partSoap[CCSP_CWMP_TRACE_MAX_SOAP_MSG_LENGTH+2] = '.';
partSoap[CCSP_CWMP_TRACE_MAX_SOAP_MSG_LENGTH+3] = '.';
partSoap[CCSP_CWMP_TRACE_MAX_SOAP_MSG_LENGTH+4] = '\n';
partSoap[CCSP_CWMP_TRACE_MAX_SOAP_MSG_LENGTH+5] = 0;
CcspTr069PaTraceDebug(("CPE Request:\n%s\n", partSoap));
}
#endif
START:
pRequestURL = pMyObject->AcsUrl;
pHttpReqInfo =
(PHTTP_REQUEST_URI)pHttpHfpIf->ParseHttpUrl
(
pHttpHfpIf->hOwnerContext,
pRequestURL,
AnscSizeOfString(pRequestURL)
);
if ( !pHttpReqInfo )
{
return ANSC_STATUS_INTERNAL_ERROR;
}
pHttpReqInfo->Type = HTTP_URI_TYPE_ABS_PATH;
/* init the request */
AnscZeroMemory(pHttpGetReq, sizeof(ANSC_ACS_INTERN_HTTP_CONTENT));
pHttpGetReq->bIsRedirect = FALSE;
pHttpGetReq->SoapMessage = pSoapMessage;
/* When there is more than one envelope in a single HTTP Request,
* when there is a SOAP response in an HTTP Request, or when there is a
* SOAP Fault response in an HTTP Request, the SOAPAction header in the
* HTTP Request MUST have no value (with no quotes), indicating that this
* header provides no information as to the intent of the message."
*/
if( ulReqEnvCount == 1 && ulRepEnvCount == 0)
{
pHttpGetReq->MethodName = pMethodName;
}
AnscInitializeEvent(&pHttpGetReq->CompleteEvent);
while ( nMaxAuthRetries > 0 )
{
CcspTr069PaTraceInfo(("ACS Request now at: %u\n", (unsigned int)AnscGetTickInSeconds()));
if ( AnscEqualString2(pRequestURL, "https", 5, FALSE) )
{
bApplyTls = TRUE;
}
else if ( AnscEqualString2(pRequestURL, "http", 4, FALSE) )
{
if ( bIsComcastImage() ){
#ifdef _SUPPORT_HTTP
CcspTr069PaTraceInfo(("HTTP request from ACS is supported\n"));
bApplyTls = FALSE;
#else
CcspTr069PaTraceInfo(("TR-069 blocked unsecured traffic from ACS\n"));
pHttpGetReq->CompleteStatus = ANSC_STATUS_NOT_SUPPORTED;
pHttpGetReq->bUnauthorized = TRUE;
pHttpGetReq->bIsRedirect = FALSE;
break;
#endif
}
else {
bApplyTls = FALSE;
}
}
else
{
pHttpGetReq->CompleteStatus = ANSC_STATUS_NOT_SUPPORTED;
pHttpGetReq->bUnauthorized = FALSE;
pHttpGetReq->bIsRedirect = FALSE;
break;
}
if(pHttpGetReq->pContent != NULL)
{
CcspTr069PaFreeMemory(pHttpGetReq->pContent);
pHttpGetReq->pContent = NULL;
}
pHttpGetReq->CompleteStatus = ANSC_STATUS_FAILURE;
pHttpGetReq->bUnauthorized = FALSE;
AnscResetEvent (&pHttpGetReq->CompleteEvent);
returnStatus =
pHttpClient->Request
(
(ANSC_HANDLE)pHttpClient,
(ULONG )HTTP_METHOD_CODE_POST,
(ANSC_HANDLE)pHttpReqInfo,
(ANSC_HANDLE)pHttpGetReq,
bApplyTls
);
if( returnStatus != ANSC_STATUS_SUCCESS)
{
CcspTr069PaTraceError(("ACS Request failed: returnStatus = %.X\n", (unsigned int)returnStatus));
break;
}
if ( pCcspCwmpCfgIf && pCcspCwmpCfgIf->GetCwmpRpcTimeout )
{
ulRpcCallTimeout = pCcspCwmpCfgIf->GetCwmpRpcTimeout(pCcspCwmpCfgIf->hOwnerContext);
if ( ulRpcCallTimeout < CCSP_CWMPSO_RPCCALL_TIMEOUT )
{
ulRpcCallTimeout = CCSP_CWMPSO_RPCCALL_TIMEOUT;
}
}
AnscWaitEvent(&pHttpGetReq->CompleteEvent, ulRpcCallTimeout * 1000);
if ( pHttpGetReq->CompleteStatus == ANSC_STATUS_SUCCESS && pHttpGetReq->bUnauthorized && nMaxAuthRetries > 0 )
{
CcspTr069PaTraceError(("ACS Request is not authenticated, try again.\n"));
nMaxAuthRetries --;
#ifdef _ANSC_USE_OPENSSL_
if( bApplyTls )
{
if ( ANSC_STATUS_SUCCESS == CcspTr069PaSsp_GetTr069CertificateLocationForSyndication( &openssl_client_ca_certificate_files ) )
{
openssl_load_ca_certificates( SSL_CLIENT_CALLS );
}
}
#endif /* _ANSC_USE_OPENSSL_ */
}
else
{
CcspTr069PaTraceInfo(("ACS Request has completed with status code %lu, at %lu\n", pHttpGetReq->CompleteStatus, AnscGetTickInSeconds()));
break;
}
}
/* AnscResetEvent (&pHttpGetReq->CompleteEvent); */
AnscFreeEvent(&pHttpGetReq->CompleteEvent);
CcspTr069PaFreeMemory(pHttpReqInfo);
if ( pHttpGetReq->CompleteStatus != ANSC_STATUS_SUCCESS )
{
if ( pHttpGetReq->CompleteStatus == ANSC_STATUS_RESET_SESSION )
{
goto REDIRECTED;
}
else
{
returnStatus = pHttpGetReq->CompleteStatus;
goto EXIT;
}
}
else if( pHttpGetReq->bUnauthorized)
{
returnStatus = ANSC_STATUS_FAILURE;
if( pCcspCwmpStatIf)
{
pCcspCwmpStatIf->IncTcpFailure(pCcspCwmpStatIf->hOwnerContext);
}
goto EXIT;
}
REDIRECTED:
if( pHttpGetReq->bIsRedirect)
{
if( _ansc_strstr((PCHAR)pHttpGetReq->pContent, "http") == pHttpGetReq->pContent)
{
if ( pMyObject->AcsUrl ) CcspTr069PaFreeMemory(pMyObject->AcsUrl);
pMyObject->AcsUrl = CcspTr069PaCloneString(pHttpGetReq->pContent);
}
else
{
/* if it's partial path */
pTempString = _ansc_strstr(pRequestURL, "//");
if( pTempString == NULL)
{
returnStatus = ANSC_STATUS_FAILURE;
goto EXIT;
}
pTempString += AnscSizeOfString("//");
pTempString = _ansc_strstr(pTempString, "/");
if( pTempString == NULL)
{
returnStatus = ANSC_STATUS_FAILURE;
goto EXIT;
}
AnscCopyMemory(pNewUrl, pRequestURL, (ULONG)(pTempString - pRequestURL));
AnscCatString(pNewUrl, (PCHAR)pHttpGetReq->pContent);
if ( pMyObject->AcsUrl ) CcspTr069PaFreeMemory(pMyObject->AcsUrl);
pMyObject->AcsUrl = CcspTr069PaCloneString(pNewUrl);
}
uRedirect ++;
if( uRedirect >= uMaxRedirect)
{
CcspTr069PaTraceDebug(("Maximum Redirection reached. Give up!\n"));
returnStatus = ANSC_STATUS_FAILURE;
goto EXIT;
}
else
{
CcspTr069PaTraceDebug(("Acs connection redirection #%u: '%s'\n", (unsigned int)uRedirect, pMyObject->AcsUrl));
/* in case redirected ACS challenges CPE again */
nMaxAuthRetries = 2;
/* tear down current HTTP session before redirecting to new ACS,
* otherwise, there might be case that ACS sends out redirection
* response and immediately closes the socket, CWMP may be
* confused by closing CWMP session prematurely.
*/
pHttpClient->DelAllWcsos((ANSC_HANDLE)pHttpClient);
goto START;
}
}
if(pWmpSession != NULL)
{
if( pHttpGetReq->ulContentSize > 0 && pHttpGetReq->pContent != NULL)
{
CcspTr069PaTraceDebug(("Response:\n%s\n", (char*)pHttpGetReq->pContent));
returnStatus =
pWmpSession->RecvSoapMessage
(
pWmpSession,
(PCHAR)pHttpGetReq->pContent
);
}
else
{
CcspTr069PaTraceDebug(("Response: <EMPTY>\n"));
returnStatus =
pCcspCwmpMcoIf->NotifyAcsStatus
(
pCcspCwmpMcoIf->hOwnerContext,
TRUE, /* no more requests */
FALSE
);
}
}
EXIT:
if(pHttpGetReq->pContent != NULL)
{
CcspTr069PaFreeMemory(pHttpGetReq->pContent);
pHttpGetReq->pContent = NULL;
}
/******************************************************************
GRACEFUL ROLLBACK PROCEDURES AND EXIT DOORS
******************************************************************/
return returnStatus;
}
