tunnel.c 6.54 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50
/*****************************************************************************
 * tunnel.c: HTTP CONNECT
 *****************************************************************************
 * Copyright (C) 2015 Rémi Denis-Courmont
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation; either version 2.1 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with this program; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
 *****************************************************************************/

#ifdef HAVE_CONFIG_H
# include <config.h>
#endif

#include <assert.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include <vlc_common.h>
#include <vlc_tls.h>
#include <vlc_url.h>
#include "message.h"
#include "conn.h"
#include "transport.h"

static char *vlc_http_authority(const char *host, unsigned port)
{
    static const char *const formats[2] = { "%s:%u", "[%s]:%u" };
    const bool brackets = strchr(host, ':') != NULL;
    char *authority;

    if (unlikely(asprintf(&authority, formats[brackets], host, port) == -1))
        return NULL;
    return authority;
}

static struct vlc_http_msg *vlc_http_tunnel_open(struct vlc_http_conn *conn,
                                                 const char *hostname,
51 52 53
                                                 unsigned port,
                                                 const char *username,
                                                 const char *password)
54 55 56 57 58 59 60 61 62 63 64
{
    char *authority = vlc_http_authority(hostname, port);
    if (authority == NULL)
        return NULL;

    struct vlc_http_msg *req = vlc_http_req_create("CONNECT", NULL, authority,
                                                   NULL);
    free(authority);
    if (unlikely(req == NULL))
        return NULL;

65
    vlc_http_msg_add_header(req, "ALPN", "h2, http%%2F1.1");
66
    vlc_http_msg_add_agent(req, PACKAGE_NAME "/" PACKAGE_VERSION);
67 68 69
    if (username != NULL)
        vlc_http_msg_add_creds_basic(req, true, username,
                                     (password != NULL) ? password : "");
70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90

    struct vlc_http_stream *stream = vlc_http_stream_open(conn, req);

    vlc_http_msg_destroy(req);
    if (stream == NULL)
        return NULL;

    struct vlc_http_msg *resp = vlc_http_msg_get_initial(stream);
    resp = vlc_http_msg_get_final(resp);
    if (resp == NULL)
        return NULL;

    int status = vlc_http_msg_get_status(resp);
    if ((status / 100) != 2)
    {
        vlc_http_msg_destroy(resp);
        resp = NULL;
    }
    return resp;
}

91 92 93 94 95 96
typedef struct vlc_tls_proxy
{
    vlc_tls_t tls;
    vlc_tls_t *sock;
} vlc_tls_proxy_t;

97
static int vlc_tls_ProxyGetFD(vlc_tls_t *tls)
98
{
99
    vlc_tls_proxy_t *proxy = (vlc_tls_proxy_t *)tls;
100

101
    return vlc_tls_GetFD(proxy->sock);
102 103
}

104 105
static ssize_t vlc_tls_ProxyRead(vlc_tls_t *tls, struct iovec *iov,
                                 unsigned count)
106
{
107 108
    vlc_tls_proxy_t *proxy = (vlc_tls_proxy_t *)tls;
    vlc_tls_t *sock = proxy->sock;
109 110 111 112 113 114 115

    return sock->readv(sock, iov, count);
}

static ssize_t vlc_tls_ProxyWrite(vlc_tls_t *tls, const struct iovec *iov,
                                  unsigned count)
{
116 117
    vlc_tls_proxy_t *proxy = (vlc_tls_proxy_t *)tls;
    vlc_tls_t *sock = proxy->sock;
118 119 120 121 122 123

    return sock->writev(sock, iov, count);
}

static int vlc_tls_ProxyShutdown(vlc_tls_t *tls, bool duplex)
{
124
    vlc_tls_proxy_t *proxy = (vlc_tls_proxy_t *)tls;
125

126
    return vlc_tls_Shutdown(proxy->sock, duplex);
127 128 129 130
}

static void vlc_tls_ProxyClose(vlc_tls_t *tls)
{
131 132 133
    vlc_tls_proxy_t *proxy = (vlc_tls_proxy_t *)tls;

    free(proxy);
134 135
}

136
vlc_tls_t *vlc_https_connect_proxy(void *ctx, vlc_tls_creds_t *creds,
137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157
                                   const char *hostname, unsigned port,
                                   bool *restrict two, const char *proxy)
{
    vlc_url_t url;
    int canc;

    assert(proxy != NULL);

    if (port == 0)
        port = 443;

    canc = vlc_savecancel();
    vlc_UrlParse(&url, proxy);
    vlc_restorecancel(canc);

    if (url.psz_protocol == NULL || url.psz_host == NULL)
    {
        vlc_UrlClean(&url);
        return NULL;
    }

158
    vlc_tls_t *sock = NULL;
159
    bool ptwo = false;
160
    if (!strcasecmp(url.psz_protocol, "https"))
161
        sock = vlc_https_connect(creds, url.psz_host, url.i_port, &ptwo);
162
    else
163
    if (!strcasecmp(url.psz_protocol, "http"))
164 165
        sock = vlc_tls_SocketOpenTCP(creds ? creds->obj.parent : NULL,
                                     url.psz_host, url.i_port);
166
    else
167
        sock = NULL;
168

169
    if (sock == NULL)
170 171
    {
        vlc_UrlClean(&url);
172
        return NULL;
173
    }
174

175 176
    assert(!ptwo); /* HTTP/2 proxy not supported yet */

177
    vlc_tls_proxy_t *psock = malloc(sizeof (*psock));
178
    if (unlikely(psock == NULL))
179 180
    {
        vlc_UrlClean(&url);
181
        goto error;
182
    }
183

184 185 186 187 188 189 190 191 192 193
    psock->tls.get_fd = vlc_tls_ProxyGetFD;
    psock->tls.readv = vlc_tls_ProxyRead;
    psock->tls.writev = vlc_tls_ProxyWrite;
    psock->tls.shutdown = vlc_tls_ProxyShutdown;
    psock->tls.close = vlc_tls_ProxyClose;
    psock->tls.p = NULL;
    psock->sock = sock;

    struct vlc_http_conn *conn = /*ptwo ? vlc_h2_conn_create(ctx, &psock->tls)
                               :*/ vlc_h1_conn_create(ctx, &psock->tls, false);
194 195
    if (unlikely(conn == NULL))
    {
196
        vlc_tls_Close(&psock->tls);
197
        vlc_UrlClean(&url);
198 199 200
        goto error;
    }

201 202 203 204
    struct vlc_http_msg *resp = vlc_http_tunnel_open(conn, hostname, port,
                                                     url.psz_username,
                                                     url.psz_password);
    vlc_UrlClean(&url);
205 206 207 208 209 210

    /* TODO: reuse connection to HTTP/2 proxy */
    vlc_http_conn_release(conn); /* psock is destroyed there too */

    if (resp == NULL)
        goto error;
211 212

    vlc_tls_t *tls;
213 214
    const char *alpn[] = { "h2", "http/1.1", NULL };
    char *alp;
215

216
    tls = vlc_tls_ClientSessionCreate(creds, sock, hostname, "https",
217 218
                                      alpn + !*two, &alp);
    if (tls == NULL)
219
        goto error;
220 221 222

    *two = (alp != NULL) && !strcmp(alp, "h2");
    free(alp);
223
    return tls;
224 225 226
error:
    vlc_tls_Close(sock);
    return NULL;
227
}