* Author: David Woodhouse <dwmw2@infradead.org>

*

* This program is free software; you can redistribute it and/or

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* Lesser General Public License for more details.

*/

#include <config.h>

#include <unistd.h>

#include <fcntl.h>

#include <time.h>

#include <errno.h>

#include <stdlib.h>

#include <stdio.h>

#include <libxml/uri.h>

static int proxy_write(struct openconnect_info *vpninfo, char *buf, size_t len);

static int proxy_read(struct openconnect_info *vpninfo, char *buf, size_t len);

#define BUF_CHUNK_SIZE 4096

{

return calloc(1, sizeof(struct oc_text_buf));

}

{

while (str && *str) {

buf_append_bytes(buf, str, 1);

else

buf_append(buf, "%%%02x", c);

str++;

}

}

void buf_append_xmlescaped(struct oc_text_buf *buf, const char *str)

{

while (str && *str) {

unsigned char c = *str;

if (c=='<' || c=='>' || c=='&' || c=='"' || c=='\'')

buf_append(buf, "&#x%02x;", c);

else

buf_append_bytes(buf, str, 1);

str++;

}

}

void buf_append_hex(struct oc_text_buf *buf, const void *str, unsigned len)

{

const unsigned char *data = str;

unsigned i;

for (i = 0; i < len; i++)

buf_append(buf, "%02x", (unsigned)data[i]);

}

void buf_truncate(struct oc_text_buf *buf)

{

if (!buf)

return;

if (buf->data)

memset(buf->data, 0, buf->pos);

buf->pos = 0;

}

if (!buf)

return -ENOMEM;

new_buf_len = (buf->pos + len + BUF_CHUNK_SIZE - 1) & ~(BUF_CHUNK_SIZE - 1);

if (new_buf_len <= buf->buf_len)

return 0;

buf->error = -E2BIG;

return buf->error;

} else {

realloc_inplace(buf->data, new_buf_len);

if (!buf->data)

buf->error = -ENOMEM;

else

buf->buf_len = new_buf_len;

}

return buf->error;

}

void __attribute__ ((format (printf, 2, 3)))

buf_append(struct oc_text_buf *buf, const char *fmt, ...)

{

va_list ap;

if (!buf || buf->error)

return;

if (buf_ensure_space(buf, 1))

return;

while (1) {

int max_len = buf->buf_len - buf->pos, ret;

va_start(ap, fmt);

ret = vsnprintf(buf->data + buf->pos, max_len, fmt, ap);

va_end(ap);

if (ret < 0) {

buf->error = -EIO;

break;

} else if (ret < max_len) {

buf->pos += ret;

break;

} else if (buf_ensure_space(buf, ret))

break;

}

}

void buf_append_bytes(struct oc_text_buf *buf, const void *bytes, int len)

{

if (!buf || buf->error)

return;

memcpy(buf->data + buf->pos, bytes, len);

buf->pos += len;

}

void buf_append_from_utf16le(struct oc_text_buf *buf, const void *_utf16)

{

const unsigned char *utf16 = _utf16;

unsigned char utf8[4];

int c;

if (!utf16)

return;

while (utf16[0] || utf16[1]) {

if ((utf16[1] & 0xfc) == 0xd8 && (utf16[3] & 0xfc) == 0xdc) {

c = ((load_le16(utf16) & 0x3ff) << 10)|

(load_le16(utf16 + 2) & 0x3ff);

c += 0x10000;

utf16 += 4;

} else {

utf16 += 2;

}

if (c < 0x80) {

utf8[0] = c;

buf_append_bytes(buf, utf8, 1);

} else if (c < 0x800) {

utf8[0] = 0xc0 | (c >> 6);

utf8[1] = 0x80 | (c & 0x3f);

buf_append_bytes(buf, utf8, 2);

} else if (c < 0x10000) {

utf8[0] = 0xe0 | (c >> 12);

utf8[1] = 0x80 | ((c >> 6) & 0x3f);

utf8[2] = 0x80 | (c & 0x3f);

buf_append_bytes(buf, utf8, 3);

} else {

utf8[0] = 0xf0 | (c >> 18);

utf8[1] = 0x80 | ((c >> 12) & 0x3f);

utf8[2] = 0x80 | ((c >> 6) & 0x3f);

utf8[3] = 0x80 | (c & 0x3f);

buf_append_bytes(buf, utf8, 4);

}

}

utf8[0] = 0;

buf_append_bytes(buf, utf8, 1);

}

int utfchar, nr_extra, min;

c = *(utf8++);

if (c < 128) {

utfchar = c;

nr_extra = 0;

min = 0;

} else if ((c & 0xe0) == 0xc0) {

utfchar = c & 0x1f;

nr_extra = 1;

min = 0x80;

} else if ((c & 0xf0) == 0xe0) {

utfchar = c & 0x0f;

nr_extra = 2;

min = 0x800;

} else if ((c & 0xf8) == 0xf0) {

utfchar = c & 0x07;

nr_extra = 3;

min = 0x10000;

} else {

return -EILSEQ;

}

utfchar <<= 6;

utfchar |= (c & 0x3f);

}

if (utfchar > 0x10ffff || utfchar < min)

return -EILSEQ;

*p = utf8;

return utfchar;

}

int buf_append_utf16le(struct oc_text_buf *buf, const char *utf8)

{

int utfchar, len = 0;

/* Ick. Now I'm implementing my own UTF8 handling too. Perhaps it's

time to bite the bullet and start requiring something like glib? */

while (*utf8) {

utfchar = get_utf8char(&utf8);

if (utfchar < 0) {

buf->error = utfchar;

return utfchar;

}

if (!buf)

continue;

if (utfchar >= 0x10000) {

utfchar -= 0x10000;

if (buf_ensure_space(buf, 4))

store_le16(buf->data + buf->pos, (utfchar >> 10) | 0xd800);

store_le16(buf->data + buf->pos + 2, (utfchar & 0x3ff) | 0xdc00);

buf->pos += 4;

len += 4;

} else {

if (buf_ensure_space(buf, 2))

store_le16(buf->data + buf->pos, utfchar);

buf->pos += 2;

len += 2;

}

}

/* We were only being used for validation */

if (!buf)

return 0;

/* Ensure UTF16 is NUL-terminated */

if (buf_ensure_space(buf, 2))

buf->data[buf->pos] = buf->data[buf->pos + 1] = 0;

return len;

}

{

return buf ? buf->error : -ENOMEM;

}

{

int error = buf_error(buf);

if (buf) {

if (buf->data)

free(buf->data);

free(buf);

}

return error;

}

* thought that it would be available in a library somewhere. But neither

* cURL nor Neon have reliable cross-platform ways of either using a cert

* from the TPM, or just reading from / writing to a transport which is

* provided by their caller.

*/

int http_add_cookie(struct openconnect_info *vpninfo, const char *option,

const char *value, int replace)

if (*value) {

new = malloc(sizeof(*new));

if (!new) {

vpn_progress(vpninfo, PRG_ERR,

_("No memory for allocating cookies\n"));

return -ENOMEM;

}

new->next = NULL;

new->option = strdup(option);

new->value = strdup(value);

if (!new->option || !new->value) {

free(new->option);

free(new->value);

free(new);

return -ENOMEM;

}

} else {

/* Kill cookie; don't replace it */

new = NULL;

/* This would be meaningless */

if (!replace)

return -EINVAL;

}

for (this = &vpninfo->cookies; *this; this = &(*this)->next) {

if (!strcmp(option, (*this)->option)) {

if (!replace) {

free(new->value);

free(new->option);

free(new);

return 0;

}

/* Replace existing cookie */

if (new)

new->next = (*this)->next;

else

new = (*this)->next;

free((*this)->option);

free((*this)->value);

free(*this);

*this = new;

break;

}

}

if (new && !*this) {

*this = new;

new->next = NULL;

}

return 0;

}

/* Read one HTTP header line into hdrbuf, potentially allowing for

* continuation lines. Will never leave a character in 'nextchar' when

* an empty line (signifying end of headers) is received. Will only

* return success when hdrbuf is valid. */

static int read_http_header(struct openconnect_info *vpninfo, char *nextchar,

struct oc_text_buf *hdrbuf, int allow_cont)

{

int eol = 0;

int ret;

char c;

buf_truncate(hdrbuf);

c = *nextchar;

if (c) {

*nextchar = 0;

goto skip_first;

}

while (1) {

ret = vpninfo->ssl_read(vpninfo, &c, 1);

if (ret < 0)

return ret;

if (ret != 1)

return -EINVAL;

/* If we were looking for a continuation line and didn't get it,

* stash the character we *did* get into *nextchar for next time. */

if (eol && c != ' ' && c != '\t') {

*nextchar = c;

return buf_error(hdrbuf);

}

eol = 0;

skip_first:

if (c == '\n') {

if (!buf_error(hdrbuf) && hdrbuf->pos &&

hdrbuf->data[hdrbuf->pos - 1] == '\r') {

hdrbuf->pos--;

hdrbuf->data[hdrbuf->pos] = 0;

}

/* For a non-empty header line, see if there's a continuation */

if (allow_cont && hdrbuf->pos) {

eol = 1;

continue;

}

return buf_error(hdrbuf);

}

buf_append_bytes(hdrbuf, &c, 1);

}

return buf_error(hdrbuf);

}

#define BODY_HTTP10 -1

#define BODY_CHUNKED -2

int process_http_response(struct openconnect_info *vpninfo, int connect,

int (*header_cb)(struct openconnect_info *, char *, char *),

struct oc_text_buf *body)

struct oc_text_buf *hdrbuf = buf_alloc();

char nextchar = 0;

int bodylen = BODY_HTTP10;

int closeconn = 0;

int i;

buf_truncate(body);

/* Ensure it has *something* in it, so that we can dereference hdrbuf->data

* later without checking (for anything except buf_error(hdrbuf), which is

* what read_http_header() uses for its return code anyway). */

buf_append_bytes(hdrbuf, "\0", 1);

ret = read_http_header(vpninfo, &nextchar, hdrbuf, 0);

if (ret) {

vpn_progress(vpninfo, PRG_ERR, _("Error reading HTTP response: %s\n"),

}

if ((!closeconn && strncmp(hdrbuf->data, "HTTP/1.1 ", 9)) ||

!(result = atoi(hdrbuf->data + 9))) {

_("Failed to parse HTTP response '%s'\n"), hdrbuf->data);

ret = -EINVAL;

goto err;

}

/* Eat headers... */

ret = read_http_header(vpninfo, &nextchar, hdrbuf, 1);

if (ret) {

vpn_progress(vpninfo, PRG_ERR, _("Error reading HTTP response: %s\n"),

/* Default error case */

ret = -EINVAL;

/* Empty line ends headers */

if (!hdrbuf->pos)

break;

hdrline = hdrbuf->data;

colon = strchr(hdrline, ':');

continue;

}

*(colon++) = 0;

if (*colon == ' ')

colon++;

/* Handle Set-Cookie first so that we can avoid printing the

webvpn cookie in the verbose debug output */

const char *print_equals;

char *equals = strchr(colon, '=');

if (semicolon)

*semicolon = 0;

if (!equals) {

_("Invalid cookie offered: %s\n"), hdrline);

ret = -EINVAL;

goto err;

}

*(equals++) = 0;

print_equals = equals;

/* Don't print the webvpn cookie unless it's empty; we don't

want people posting it in public with debugging output */

if (!strcmp(colon, "webvpn") && *equals)

/* The server tends to ask for the username and password as

usual, even if we've already failed because it didn't like

our cert. Thankfully it does give us this hint... */

if (!strcmp(colon, "ClientCertAuthFailed"))

vpn_progress(vpninfo, PRG_ERR,

_("SSL certificate authentication failed\n"));

if (ret)

goto err;

}

if (!strcasecmp(colon, "Close"))

closeconn = 1;

#if 0

/* This might seem reasonable, but in fact it breaks

certificate authentication with some servers. If

they give an HTTP/1.0 response, even if they

explicitly give a Connection: Keep-Alive header,

just close the connection. */

else if (!strcasecmp(colon, "Keep-Alive"))

closeconn = 0;

ret = -ENOMEM;

goto err;

vpn_progress(vpninfo, PRG_ERR,

_("Response body has negative size (%d)\n"),

bodylen);

ret = -EINVAL;

goto err;

}

}

vpn_progress(vpninfo, PRG_ERR,

_("Unknown Transfer-Encoding: %s\n"),

colon);

ret = -EINVAL;

goto err;

}

}

}

/* Handle 'HTTP/1.1 100 Continue'. Not that we should ever see it */

goto cont;

if (connect && (result == 200 || result == 101)) {

buf_free(hdrbuf);

bodylen == BODY_HTTP10 ? "http 1.0" :

bodylen == BODY_CHUNKED ? "chunked" : "length: ",

/* If we were given Content-Length, it's nice and easy... */

if (bodylen > 0) {

ret = buf_error(body);

goto err;

while (body->pos < bodylen) {

i = vpninfo->ssl_read(vpninfo, body->data + body->pos, bodylen - body->pos);

vpn_progress(vpninfo, PRG_ERR,

_("Error reading HTTP response body\n"));

ret = i;

goto err;