/*
This file is part of TALER
Copyright (C) 2019-2021 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 3, or (at your
option) any later version.
TALER is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public
License along with TALER; see the file COPYING. If not, see
*/
/**
* @file curl/curl.c
* @brief Helper routines for interactions with libcurl
* @author Christian Grothoff
*/
#include "platform.h"
#include "taler_curl_lib.h"
#if TALER_CURL_COMPRESS_BODIES
#include
#endif
void
TALER_curl_set_secure_redirect_policy (CURL *eh,
const char *url)
{
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_FOLLOWLOCATION,
1L));
GNUNET_assert ( (0 == strncasecmp (url,
"https://",
strlen ("https://"))) ||
(0 == strncasecmp (url,
"http://",
strlen ("http://"))) );
#ifdef CURLOPT_REDIR_PROTOCOLS_STR
if (0 == strncasecmp (url,
"https://",
strlen ("https://")))
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_REDIR_PROTOCOLS_STR,
"https"));
else
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_REDIR_PROTOCOLS_STR,
"http,https"));
#else
#ifdef CURLOPT_REDIR_PROTOCOLS
if (0 == strncasecmp (url,
"https://",
strlen ("https://")))
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_REDIR_PROTOCOLS,
CURLPROTO_HTTPS));
else
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_REDIR_PROTOCOLS,
CURLPROTO_HTTP | CURLPROTO_HTTPS));
#endif
#endif
/* limit MAXREDIRS to 5 as a simple security measure against
a potential infinite loop caused by a malicious target */
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_MAXREDIRS,
5L));
}
enum GNUNET_GenericReturnValue
TALER_curl_easy_post (struct TALER_CURL_PostContext *ctx,
CURL *eh,
const json_t *body)
{
char *str;
size_t slen;
str = json_dumps (body,
JSON_COMPACT);
if (NULL == str)
{
GNUNET_break (0);
return GNUNET_SYSERR;
}
slen = strlen (str);
if (TALER_CURL_COMPRESS_BODIES &&
(! ctx->disable_compression) )
{
Bytef *cbuf;
uLongf cbuf_size;
int ret;
cbuf_size = compressBound (slen);
cbuf = GNUNET_malloc (cbuf_size);
ret = compress (cbuf,
&cbuf_size,
(const Bytef *) str,
slen);
if (Z_OK != ret)
{
/* compression failed!? */
GNUNET_break (0);
GNUNET_free (cbuf);
return GNUNET_SYSERR;
}
free (str);
slen = (size_t) cbuf_size;
ctx->json_enc = (char *) cbuf;
GNUNET_assert (
NULL !=
(ctx->headers = curl_slist_append (
ctx->headers,
"Content-Encoding: deflate")));
}
else
{
ctx->json_enc = str;
}
GNUNET_assert (
NULL !=
(ctx->headers = curl_slist_append (
ctx->headers,
"Content-Type: application/json")));
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_POSTFIELDS,
ctx->json_enc));
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_POSTFIELDSIZE,
slen));
return GNUNET_OK;
}
void
TALER_curl_easy_post_finished (struct TALER_CURL_PostContext *ctx)
{
curl_slist_free_all (ctx->headers);
ctx->headers = NULL;
GNUNET_free (ctx->json_enc);
ctx->json_enc = NULL;
}