sl@0: /* ocsp_ht.c */ sl@0: /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL sl@0: * project 2000. sl@0: */ sl@0: /* ==================================================================== sl@0: * Copyright (c) 2000 The OpenSSL Project. All rights reserved. sl@0: * sl@0: * Redistribution and use in source and binary forms, with or without sl@0: * modification, are permitted provided that the following conditions sl@0: * are met: sl@0: * sl@0: * 1. Redistributions of source code must retain the above copyright sl@0: * notice, this list of conditions and the following disclaimer. sl@0: * sl@0: * 2. Redistributions in binary form must reproduce the above copyright sl@0: * notice, this list of conditions and the following disclaimer in sl@0: * the documentation and/or other materials provided with the sl@0: * distribution. sl@0: * sl@0: * 3. All advertising materials mentioning features or use of this sl@0: * software must display the following acknowledgment: sl@0: * "This product includes software developed by the OpenSSL Project sl@0: * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" sl@0: * sl@0: * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to sl@0: * endorse or promote products derived from this software without sl@0: * prior written permission. For written permission, please contact sl@0: * licensing@OpenSSL.org. sl@0: * sl@0: * 5. Products derived from this software may not be called "OpenSSL" sl@0: * nor may "OpenSSL" appear in their names without prior written sl@0: * permission of the OpenSSL Project. sl@0: * sl@0: * 6. Redistributions of any form whatsoever must retain the following sl@0: * acknowledgment: sl@0: * "This product includes software developed by the OpenSSL Project sl@0: * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" sl@0: * sl@0: * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY sl@0: * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE sl@0: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR sl@0: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR sl@0: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, sl@0: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT sl@0: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; sl@0: * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) sl@0: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, sl@0: * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) sl@0: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED sl@0: * OF THE POSSIBILITY OF SUCH DAMAGE. sl@0: * ==================================================================== sl@0: * sl@0: * This product includes cryptographic software written by Eric Young sl@0: * (eay@cryptsoft.com). This product includes software written by Tim sl@0: * Hudson (tjh@cryptsoft.com). sl@0: * sl@0: */ sl@0: /* sl@0: © Portions copyright (c) 2006 Nokia Corporation. All rights reserved. sl@0: */ sl@0: sl@0: sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: #if (defined(SYMBIAN) && (defined(__WINSCW__) || defined(__WINS__))) sl@0: #include "libcrypto_wsd_macros.h" sl@0: #include "libcrypto_wsd.h" sl@0: #endif sl@0: #ifdef OPENSSL_SYS_SUNOS sl@0: #define strtoul (unsigned long)strtol sl@0: #endif /* OPENSSL_SYS_SUNOS */ sl@0: sl@0: /* Quick and dirty HTTP OCSP request handler. sl@0: * Could make this a bit cleverer by adding sl@0: * support for non blocking BIOs and a few sl@0: * other refinements. sl@0: */ sl@0: #ifdef EMULATOR sl@0: static const char req_txt[] = sl@0: "POST %s HTTP/1.0\r\n\ sl@0: Content-Type: application/ocsp-request\r\n\ sl@0: Content-Length: %d\r\n\r\n"; sl@0: #endif sl@0: sl@0: sl@0: EXPORT_C OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req) sl@0: { sl@0: BIO *mem = NULL; sl@0: char tmpbuf[1024]; sl@0: OCSP_RESPONSE *resp = NULL; sl@0: char *p, *q, *r; sl@0: int len, retcode; sl@0: #ifndef EMULATOR sl@0: static char req_txt[] = sl@0: "POST %s HTTP/1.0\r\n\ sl@0: Content-Type: application/ocsp-request\r\n\ sl@0: Content-Length: %d\r\n\r\n"; sl@0: #endif sl@0: sl@0: len = i2d_OCSP_REQUEST(req, NULL); sl@0: if(BIO_printf(b, req_txt, path, len) < 0) { sl@0: OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR); sl@0: goto err; sl@0: } sl@0: if(i2d_OCSP_REQUEST_bio(b, req) <= 0) { sl@0: OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR); sl@0: goto err; sl@0: } sl@0: if(!(mem = BIO_new(BIO_s_mem()))) goto err; sl@0: /* Copy response to a memory BIO: socket bios can't do gets! */ sl@0: while ((len = BIO_read(b, tmpbuf, sizeof tmpbuf))) { sl@0: if(len < 0) { sl@0: OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR); sl@0: goto err; sl@0: } sl@0: BIO_write(mem, tmpbuf, len); sl@0: } sl@0: if(BIO_gets(mem, tmpbuf, 512) <= 0) { sl@0: OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); sl@0: goto err; sl@0: } sl@0: /* Parse the HTTP response. This will look like this: sl@0: * "HTTP/1.0 200 OK". We need to obtain the numeric code and sl@0: * (optional) informational message. sl@0: */ sl@0: sl@0: /* Skip to first white space (passed protocol info) */ sl@0: for(p = tmpbuf; *p && !isspace((unsigned char)*p); p++) continue; sl@0: if(!*p) { sl@0: OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); sl@0: goto err; sl@0: } sl@0: /* Skip past white space to start of response code */ sl@0: while(*p && isspace((unsigned char)*p)) p++; sl@0: if(!*p) { sl@0: OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); sl@0: goto err; sl@0: } sl@0: /* Find end of response code: first whitespace after start of code */ sl@0: for(q = p; *q && !isspace((unsigned char)*q); q++) continue; sl@0: if(!*q) { sl@0: OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); sl@0: goto err; sl@0: } sl@0: /* Set end of response code and start of message */ sl@0: *q++ = 0; sl@0: /* Attempt to parse numeric code */ sl@0: retcode = strtoul(p, &r, 10); sl@0: if(*r) goto err; sl@0: /* Skip over any leading white space in message */ sl@0: while(*q && isspace((unsigned char)*q)) q++; sl@0: if(*q) { sl@0: /* Finally zap any trailing white space in message (include CRLF) */ sl@0: /* We know q has a non white space character so this is OK */ sl@0: for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) *r = 0; sl@0: } sl@0: if(retcode != 200) { sl@0: OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_ERROR); sl@0: if(!*q) { sl@0: ERR_add_error_data(2, "Code=", p); sl@0: } sl@0: else { sl@0: ERR_add_error_data(4, "Code=", p, ",Reason=", q); sl@0: } sl@0: goto err; sl@0: } sl@0: /* Find blank line marking beginning of content */ sl@0: while(BIO_gets(mem, tmpbuf, 512) > 0) sl@0: { sl@0: for(p = tmpbuf; *p && isspace((unsigned char)*p); p++) continue; sl@0: if(!*p) break; sl@0: } sl@0: if(*p) { sl@0: OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_NO_CONTENT); sl@0: goto err; sl@0: } sl@0: if(!(resp = d2i_OCSP_RESPONSE_bio(mem, NULL))) { sl@0: OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,ERR_R_NESTED_ASN1_ERROR); sl@0: goto err; sl@0: } sl@0: err: sl@0: BIO_free(mem); sl@0: return resp; sl@0: }