Curl - Load a URL. More...

#include "asterisk.h"
#include <curl/curl.h>
#include "asterisk/lock.h"
#include "asterisk/file.h"
#include "asterisk/channel.h"
#include "asterisk/pbx.h"
#include "asterisk/cli.h"
#include "asterisk/module.h"
#include "asterisk/app.h"
#include "asterisk/utils.h"
#include "asterisk/threadstorage.h"
#include "asterisk/test.h"

Include dependency graph for func_curl.c:

Go to the source code of this file.

Data Structures
struct	curl_args

struct	curl_settings

struct	curl_write_callback_data
	Callback data passed to WriteMemoryCallback. More...

struct	global_curl_info

Macros
#define	CURLOPT_SPECIAL_FAILURE_CODE 999

#define	CURLOPT_SPECIAL_HASHCOMPAT ((CURLoption) -500)

#define	CURLVERSION_ATLEAST(a, b, c) ((LIBCURL_VERSION_MAJOR > (a)) \|\| ((LIBCURL_VERSION_MAJOR == (a)) && (LIBCURL_VERSION_MINOR > (b))) \|\| ((LIBCURL_VERSION_MAJOR == (a)) && (LIBCURL_VERSION_MINOR == (b)) && (LIBCURL_VERSION_PATCH >= (c))))

Enumerations
enum	hashcompat { HASHCOMPAT_NO = 0, HASHCOMPAT_YES, HASHCOMPAT_LEGACY }

enum	optiontype { OT_BOOLEAN, OT_INTEGER, OT_INTEGER_MS, OT_STRING, OT_ENUM }

Functions
static void	__init_curl_instance (void)

static void	__init_thread_escapebuf (void)

static void	__reg_module (void)

static void	__unreg_module (void)

static int	acf_curl_exec (struct ast_channel chan, const char cmd, char info, struct ast_str *buf, ssize_t len)

static int	acf_curl_helper (struct ast_channel chan, struct curl_args args)

static int	acf_curl_write (struct ast_channel chan, const char cmd, char name, const char value)

static int	acf_curlopt_helper (struct ast_channel chan, const char cmd, char data, char buf, struct ast_str **bufstr, ssize_t len)

static int	acf_curlopt_read (struct ast_channel chan, const char cmd, char data, char buf, size_t len)

static int	acf_curlopt_read2 (struct ast_channel chan, const char cmd, char data, struct ast_str *buf, ssize_t len)

static int	acf_curlopt_write (struct ast_channel chan, const char cmd, char name, const char value)

struct ast_module *	AST_MODULE_SELF_SYM (void)

	AST_TEST_DEFINE (vulnerable_url)

static void	curl_instance_cleanup (void *data)

static int	curl_instance_init (void *data)

static void	curlds_free (void *data)

static int	load_module (void)

static int	parse_curlopt_key (const char name, CURLoption key, enum optiontype *ot)

static int	unload_module (void)

static int	url_is_vulnerable (const char *url)
	Check for potential HTTP injection risk. More...

static size_t	WriteMemoryCallback (void ptr, size_t size, size_t nmemb, void data)

Variables
static struct ast_module_info	__mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_LOAD_ORDER , .description = "Load external URL" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = "30ef0c93b36035ec78c9cfd712d36d9b" , .support_level = AST_MODULE_SUPPORT_CORE, .load = load_module, .unload = unload_module, .load_pri = AST_MODPRI_REALTIME_DEPEND2, .requires = "res_curl", }

static struct ast_custom_function	acf_curl

static struct ast_custom_function	acf_curlopt

static const struct ast_module_info *	ast_module_info = &__mod_info

static const struct ast_datastore_info	curl_info

static struct ast_threadstorage	curl_instance = { .once = PTHREAD_ONCE_INIT , .key_init = __init_curl_instance , .custom_init = curl_instance_init , }

struct global_curl_info	global_curl_info = { .first = NULL, .last = NULL, .lock = { PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP , NULL, {1, 0} } , }

static const char *const	global_useragent = "asterisk-libcurl-agent/1.0"

static struct ast_threadstorage	thread_escapebuf = { .once = PTHREAD_ONCE_INIT , .key_init = __init_thread_escapebuf , .custom_init = NULL , }

Detailed Description

Curl - Load a URL.

Author: Tilghman Lesher curl-.nosp@m.2005.nosp@m.0919@.nosp@m.the-.nosp@m.tilgh.nosp@m.man..nosp@m.com

Note: Brian Wilkins bwilk.nosp@m.ins@.nosp@m.cfl.r.nosp@m.r.co.nosp@m.m (Added POST option)

ExtRef:: Depends on the CURL library - http://curl.haxx.se/

Definition in file func_curl.c.

Macro Definition Documentation

◆ CURLOPT_SPECIAL_FAILURE_CODE

#define CURLOPT_SPECIAL_FAILURE_CODE 999

Definition at line 212 of file func_curl.c.

Referenced by acf_curl_helper(), and parse_curlopt_key().

◆ CURLOPT_SPECIAL_HASHCOMPAT

#define CURLOPT_SPECIAL_HASHCOMPAT ((CURLoption) -500)

Definition at line 210 of file func_curl.c.

Referenced by acf_curl_helper(), acf_curlopt_helper(), acf_curlopt_write(), and parse_curlopt_key().

◆ CURLVERSION_ATLEAST

#define CURLVERSION_ATLEAST	(	a,
		b,
		c
	)	((LIBCURL_VERSION_MAJOR > (a)) \|\| ((LIBCURL_VERSION_MAJOR == (a)) && (LIBCURL_VERSION_MINOR > (b))) \|\| ((LIBCURL_VERSION_MAJOR == (a)) && (LIBCURL_VERSION_MINOR == (b)) && (LIBCURL_VERSION_PATCH >= (c))))

Definition at line 207 of file func_curl.c.

Enumeration Type Documentation

◆ hashcompat

enum hashcompat

Enumerator
HASHCOMPAT_NO
HASHCOMPAT_YES
HASHCOMPAT_LEGACY

Definition at line 251 of file func_curl.c.

                 {
    HASHCOMPAT_NO = 0,
    HASHCOMPAT_YES,
    HASHCOMPAT_LEGACY,
 };

◆ optiontype

enum optiontype

Enumerator
OT_BOOLEAN
OT_INTEGER
OT_INTEGER_MS
OT_STRING
OT_ENUM

Definition at line 243 of file func_curl.c.

                 {
    OT_BOOLEAN,
    OT_INTEGER,
    OT_INTEGER_MS,
    OT_STRING,
    OT_ENUM,
 };

Function Documentation

◆ __init_curl_instance()

static void __init_curl_instance ( void )

static

Definition at line 629 of file func_curl.c.

649 {

◆ __init_thread_escapebuf()

static void __init_thread_escapebuf ( void )

static

Definition at line 630 of file func_curl.c.

649 {

◆ __reg_module()

static void __reg_module ( void )

static

Definition at line 1011 of file func_curl.c.

◆ __unreg_module()

static void __unreg_module ( void )

static

Definition at line 1011 of file func_curl.c.

◆ acf_curl_exec()

static int acf_curl_exec	(	struct ast_channel *	chan,
		const char *	cmd,
		char *	info,
		struct ast_str **	buf,
		ssize_t	len
	)

static

Definition at line 824 of file func_curl.c.

References acf_curl_helper(), args, AST_APP_ARG, AST_DECLARE_APP_ARGS, ast_free, ast_log, AST_STANDARD_APP_ARGS, ast_str_buffer(), ast_str_create, ast_str_set(), ast_strlen_zero, curl_args::cb_data, LOG_WARNING, curl_args::postdata, curl_write_callback_data::str, url, and curl_args::url.

 {
    struct curl_args curl_params = { 0, };
    int res;
 
    AST_DECLARE_APP_ARGS(args,
       AST_APP_ARG(url);
       AST_APP_ARG(postdata);
    );
 
    AST_STANDARD_APP_ARGS(args, info);
 
    if (ast_strlen_zero(info)) {
       ast_log(LOG_WARNING, "CURL requires an argument (URL)\n");
       return -1;
    }
 
    curl_params.url = args.url;
    curl_params.postdata = args.postdata;
    curl_params.cb_data.str = ast_str_create(16);
    if (!curl_params.cb_data.str) {
       return -1;
    }
 
    res = acf_curl_helper(chan, &curl_params);
    ast_str_set(buf, len, "%s", ast_str_buffer(curl_params.cb_data.str));
    ast_free(curl_params.cb_data.str);
 
    return res;
 }

◆ acf_curl_helper()

static int acf_curl_helper	(	struct ast_channel *	chan,
		struct curl_args *	args
	)

static

Definition at line 663 of file func_curl.c.

References ast_autoservice_start(), ast_autoservice_stop(), ast_channel_datastore_find(), ast_channel_lock, ast_channel_name(), ast_channel_unlock, ast_debug, ast_free, AST_LIST_HEAD, AST_LIST_LOCK, AST_LIST_TRAVERSE, AST_LIST_UNLOCK, ast_log, ast_str_append(), ast_str_buffer(), ast_str_create, ast_str_set(), ast_str_set_escapecommas(), ast_str_strlen(), ast_str_thread_get(), ast_str_trim_blanks(), ast_threadstorage_get(), ast_uri_decode(), ast_uri_http, ast_uri_http_legacy, AST_VECTOR_APPEND, AST_VECTOR_FREE, AST_VECTOR_GET, AST_VECTOR_INIT, AST_VECTOR_SIZE, curl_args::cb_data, curl_instance, CURLOPT_SPECIAL_FAILURE_CODE, CURLOPT_SPECIAL_HASHCOMPAT, ast_datastore::data, HASHCOMPAT_LEGACY, curl_settings::key, curl_settings::list, LOG_ERROR, LOG_NOTICE, LOG_WARNING, name, NULL, pbx_builtin_setvar_helper(), curl_args::postdata, S_OR, curl_write_callback_data::str, strsep(), thread_escapebuf, curl_args::url, url_is_vulnerable(), and curl_settings::value.

Referenced by acf_curl_exec(), and acf_curl_write().

 {
    struct ast_str *escapebuf = ast_str_thread_get(&thread_escapebuf, 16);
    int ret = 0;
    long http_code = 0; /* read curl response */
    size_t i;
    struct ast_vector_int hasfailurecode = { NULL };
    char *failurecodestrings,*found;
    CURL **curl;
    struct curl_settings *cur;
    struct curl_slist *headers = NULL;
    struct ast_datastore *store = NULL;
    int hashcompat = 0;
    AST_LIST_HEAD(global_curl_info, curl_settings) *list = NULL;
    char curl_errbuf[CURL_ERROR_SIZE + 1]; /* add one to be safe */
 
    if (!escapebuf) {
       return -1;
    }
 
    if (!(curl = ast_threadstorage_get(&curl_instance, sizeof(*curl)))) {
       ast_log(LOG_ERROR, "Cannot allocate curl structure\n");
       return -1;
    }
 
    if (url_is_vulnerable(args->url)) {
       ast_log(LOG_ERROR, "URL '%s' is vulnerable to HTTP injection attacks. Aborting CURL() call.\n", args->url);
       return -1;
    }
 
    if (chan) {
       ast_autoservice_start(chan);
    }
 
    AST_VECTOR_INIT(&hasfailurecode, 0); /*Initialize vector*/
    AST_LIST_LOCK(&global_curl_info);
    AST_LIST_TRAVERSE(&global_curl_info, cur, list) {
       if (cur->key == CURLOPT_SPECIAL_HASHCOMPAT) {
          hashcompat = (long) cur->value;
       } else if (cur->key == CURLOPT_HTTPHEADER) {
          headers = curl_slist_append(headers, (char*) cur->value);
       } else if (cur->key == CURLOPT_SPECIAL_FAILURE_CODE) {
          failurecodestrings = (char*) cur->value;
          while( (found = strsep(&failurecodestrings, ",")) != NULL) {
             AST_VECTOR_APPEND(&hasfailurecode, atoi(found));
          }
       } else {
          curl_easy_setopt(*curl, cur->key, cur->value);
       }
    }
    AST_LIST_UNLOCK(&global_curl_info);
 
    if (chan) {
       ast_channel_lock(chan);
       store = ast_channel_datastore_find(chan, &curl_info, NULL);
       ast_channel_unlock(chan);
       if (store) {
          list = store->data;
          AST_LIST_LOCK(list);
          AST_LIST_TRAVERSE(list, cur, list) {
             if (cur->key == CURLOPT_SPECIAL_HASHCOMPAT) {
                hashcompat = (long) cur->value;
             } else if (cur->key == CURLOPT_HTTPHEADER) {
                headers = curl_slist_append(headers, (char*) cur->value);
             } else if (cur->key == CURLOPT_SPECIAL_FAILURE_CODE) {
                failurecodestrings = (char*) cur->value;
                while( (found = strsep(&failurecodestrings, ",")) != NULL) {
                   AST_VECTOR_APPEND(&hasfailurecode, atoi(found));
                }
             } else {
                curl_easy_setopt(*curl, cur->key, cur->value);
             }
          }
       }
    }
 
    curl_easy_setopt(*curl, CURLOPT_URL, args->url);
    curl_easy_setopt(*curl, CURLOPT_FILE, (void *) &args->cb_data);
 
    if (args->postdata) {
       curl_easy_setopt(*curl, CURLOPT_POST, 1);
       curl_easy_setopt(*curl, CURLOPT_POSTFIELDS, args->postdata);
    }
 
    /* Always assign the headers - even when NULL - in case we had
     * custom headers the last time we used this shared cURL
     * instance */
    curl_easy_setopt(*curl, CURLOPT_HTTPHEADER, headers);
 
    /* Temporarily assign a buffer for curl to write errors to. */
    curl_errbuf[0] = curl_errbuf[CURL_ERROR_SIZE] = '\0';
    curl_easy_setopt(*curl, CURLOPT_ERRORBUFFER, curl_errbuf);
 
    if (curl_easy_perform(*curl) != 0) {
       ast_log(LOG_WARNING, "%s ('%s')\n", curl_errbuf, args->url);
    }
 
    /* Reset buffer to NULL so curl doesn't try to write to it when the
     * buffer is deallocated. Documentation is vague about allowing NULL
     * here, but the source allows it. See: "typecheck: allow NULL to unset
     * CURLOPT_ERRORBUFFER" (62bcf005f4678a93158358265ba905bace33b834). */
    curl_easy_setopt(*curl, CURLOPT_ERRORBUFFER, (char*)NULL);
    curl_easy_getinfo (*curl, CURLINFO_RESPONSE_CODE, &http_code);
 
    for (i = 0; i < AST_VECTOR_SIZE(&hasfailurecode); ++i) {
       if (http_code == AST_VECTOR_GET(&hasfailurecode,i)){
          ast_log(LOG_NOTICE, "%s%sCURL '%s' returned response code (%ld).\n",
             chan ? ast_channel_name(chan) : "",
             chan ? ast_channel_name(chan) : ": ",
             args->url,
             http_code);
          ret=-1;
          break;
       }
    }
    AST_VECTOR_FREE(&hasfailurecode); /* Release the vector*/
 
    if (store) {
       AST_LIST_UNLOCK(list);
    }
    curl_slist_free_all(headers);
 
    if (args->postdata) {
       curl_easy_setopt(*curl, CURLOPT_POST, 0);
    }
 
    if (args->cb_data.str && ast_str_strlen(args->cb_data.str)) {
       ast_str_trim_blanks(args->cb_data.str);
 
       ast_debug(3, "CURL returned str='%s'\n", ast_str_buffer(args->cb_data.str));
       if (hashcompat) {
          char *remainder = ast_str_buffer(args->cb_data.str);
          char *piece;
          struct ast_str *fields = ast_str_create(ast_str_strlen(args->cb_data.str) / 2);
          struct ast_str *values = ast_str_create(ast_str_strlen(args->cb_data.str) / 2);
          int rowcount = 0;
          while (fields && values && (piece = strsep(&remainder, "&"))) {
             char *name = strsep(&piece, "=");
             struct ast_flags mode = (hashcompat == HASHCOMPAT_LEGACY ? ast_uri_http_legacy : ast_uri_http);
             if (piece) {
                ast_uri_decode(piece, mode);
             }
             ast_uri_decode(name, mode);
             ast_str_append(&fields, 0, "%s%s", rowcount ? "," : "", ast_str_set_escapecommas(&escapebuf, 0, name, INT_MAX));
             ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", ast_str_set_escapecommas(&escapebuf, 0, S_OR(piece, ""), INT_MAX));
             rowcount++;
          }
          pbx_builtin_setvar_helper(chan, "~ODBCFIELDS~", ast_str_buffer(fields));
          ast_str_set(&args->cb_data.str, 0, "%s", ast_str_buffer(values));
          ast_free(fields);
          ast_free(values);
       }
    }
 
    if (chan) {
       ast_autoservice_stop(chan);
    }
 
    return ret;
 }

◆ acf_curl_write()

static int acf_curl_write	(	struct ast_channel *	chan,
		const char *	cmd,
		char *	name,
		const char *	value
	)

static

Definition at line 855 of file func_curl.c.

References acf_curl_helper(), args, AST_APP_ARG, AST_DECLARE_APP_ARGS, ast_log, AST_STANDARD_APP_ARGS, ast_strdupa, ast_strlen_zero, curl_args::cb_data, errno, LOG_WARNING, name, curl_write_callback_data::out_file, and curl_args::url.

 {
    struct curl_args curl_params = { 0, };
    int res;
    char *args_value = ast_strdupa(value);
    AST_DECLARE_APP_ARGS(args,
       AST_APP_ARG(file_path);
    );
 
    AST_STANDARD_APP_ARGS(args, args_value);
 
    if (ast_strlen_zero(name)) {
       ast_log(LOG_WARNING, "CURL requires an argument (URL)\n");
       return -1;
    }
 
    if (ast_strlen_zero(args.file_path)) {
       ast_log(LOG_WARNING, "CURL requires a file to write\n");
       return -1;
    }
 
    curl_params.url = name;
    curl_params.cb_data.out_file = fopen(args.file_path, "w");
    if (!curl_params.cb_data.out_file) {
       ast_log(LOG_WARNING, "Failed to open file %s: %s (%d)\n",
          args.file_path,
          strerror(errno),
          errno);
       return -1;
    }
 
    res = acf_curl_helper(chan, &curl_params);
 
    fclose(curl_params.cb_data.out_file);
 
    return res;
 }

◆ acf_curlopt_helper()

static int acf_curlopt_helper	(	struct ast_channel *	chan,
		const char *	cmd,
		char *	data,
		char *	buf,
		struct ast_str **	bufstr,
		ssize_t	len
	)

static

Definition at line 461 of file func_curl.c.

References ast_channel_datastore_find(), ast_copy_string(), ast_debug, AST_LIST_LOCK, AST_LIST_TRAVERSE, AST_LIST_UNLOCK, ast_log, ast_str_set(), CURLOPT_SPECIAL_HASHCOMPAT, ast_datastore::data, global_curl_info, HASHCOMPAT_LEGACY, HASHCOMPAT_NO, HASHCOMPAT_YES, curl_settings::key, curl_settings::list, LOG_ERROR, NULL, OT_BOOLEAN, OT_INTEGER, OT_INTEGER_MS, OT_STRING, parse_curlopt_key(), and curl_settings::value.

Referenced by acf_curlopt_read(), and acf_curlopt_read2().

 {
    struct ast_datastore *store;
    struct global_curl_info *list[2] = { &global_curl_info, NULL };
    struct curl_settings *cur = NULL;
    CURLoption key;
    enum optiontype ot;
    int i;
 
    if (parse_curlopt_key(data, &key, &ot)) {
       ast_log(LOG_ERROR, "Unrecognized option: '%s'\n", data);
       return -1;
    }
 
    if (chan && (store = ast_channel_datastore_find(chan, &curl_info, NULL))) {
       list[0] = store->data;
       list[1] = &global_curl_info;
    }
 
    for (i = 0; i < 2; i++) {
       if (!list[i]) {
          break;
       }
       AST_LIST_LOCK(list[i]);
       AST_LIST_TRAVERSE(list[i], cur, list) {
          if (cur->key == key) {
             if (ot == OT_BOOLEAN || ot == OT_INTEGER) {
                if (buf) {
                   snprintf(buf, len, "%ld", (long) cur->value);
                } else {
                   ast_str_set(bufstr, len, "%ld", (long) cur->value);
                }
             } else if (ot == OT_INTEGER_MS) {
                if ((long) cur->value % 1000 == 0) {
                   if (buf) {
                      snprintf(buf, len, "%ld", (long)cur->value / 1000);
                   } else {
                      ast_str_set(bufstr, len, "%ld", (long) cur->value / 1000);
                   }
                } else {
                   if (buf) {
                      snprintf(buf, len, "%.3f", (double) ((long) cur->value) / 1000.0);
                   } else {
                      ast_str_set(bufstr, len, "%.3f", (double) ((long) cur->value) / 1000.0);
                   }
                }
             } else if (ot == OT_STRING) {
                ast_debug(1, "Found entry %p, with key %d and value %p\n", cur, cur->key, cur->value);
                if (buf) {
                   ast_copy_string(buf, cur->value, len);
                } else {
                   ast_str_set(bufstr, 0, "%s", (char *) cur->value);
                }
             } else if (key == CURLOPT_PROXYTYPE) {
                const char *strval = "unknown";
                if (0) {
 #if CURLVERSION_ATLEAST(7,15,2)
                } else if ((long)cur->value == CURLPROXY_SOCKS4) {
                   strval = "socks4";
 #endif
 #if CURLVERSION_ATLEAST(7,18,0)
                } else if ((long)cur->value == CURLPROXY_SOCKS4A) {
                   strval = "socks4a";
 #endif
                } else if ((long)cur->value == CURLPROXY_SOCKS5) {
                   strval = "socks5";
 #if CURLVERSION_ATLEAST(7,18,0)
                } else if ((long)cur->value == CURLPROXY_SOCKS5_HOSTNAME) {
                   strval = "socks5hostname";
 #endif
 #if CURLVERSION_ATLEAST(7,10,0)
                } else if ((long)cur->value == CURLPROXY_HTTP) {
                   strval = "http";
 #endif
                }
                if (buf) {
                   ast_copy_string(buf, strval, len);
                } else {
                   ast_str_set(bufstr, 0, "%s", strval);
                }
             } else if (key == CURLOPT_SPECIAL_HASHCOMPAT) {
                const char *strval = "unknown";
                if ((long) cur->value == HASHCOMPAT_LEGACY) {
                   strval = "legacy";
                } else if ((long) cur->value == HASHCOMPAT_YES) {
                   strval = "yes";
                } else if ((long) cur->value == HASHCOMPAT_NO) {
                   strval = "no";
                }
                if (buf) {
                   ast_copy_string(buf, strval, len);
                } else {
                   ast_str_set(bufstr, 0, "%s", strval);
                }
             }
             break;
          }
       }
       AST_LIST_UNLOCK(list[i]);
       if (cur) {
          break;
       }
    }
 
    return cur ? 0 : -1;
 }

◆ acf_curlopt_read()

static int acf_curlopt_read	(	struct ast_channel *	chan,
		const char *	cmd,
		char *	data,
		char *	buf,
		size_t	len
	)

static

Definition at line 568 of file func_curl.c.

References acf_curlopt_helper(), and NULL.

 {
    return acf_curlopt_helper(chan, cmd, data, buf, NULL, len);
 }

◆ acf_curlopt_read2()

static int acf_curlopt_read2	(	struct ast_channel *	chan,
		const char *	cmd,
		char *	data,
		struct ast_str **	buf,
		ssize_t	len
	)

static

Definition at line 573 of file func_curl.c.

References acf_curlopt_helper(), and NULL.

 {
    return acf_curlopt_helper(chan, cmd, data, NULL, buf, len);
 }

◆ acf_curlopt_write()

static int acf_curlopt_write	(	struct ast_channel *	chan,
		const char *	cmd,
		char *	name,
		const char *	value
	)

static

Definition at line 335 of file func_curl.c.

References ast_calloc, ast_channel_datastore_add(), ast_channel_datastore_find(), ast_datastore_alloc, ast_datastore_free(), ast_debug, ast_free, AST_LIST_HEAD_INIT, AST_LIST_INSERT_TAIL, AST_LIST_LOCK, AST_LIST_REMOVE_CURRENT, AST_LIST_TRAVERSE_SAFE_BEGIN, AST_LIST_TRAVERSE_SAFE_END, AST_LIST_UNLOCK, ast_log, ast_true(), CURLOPT_SPECIAL_HASHCOMPAT, ast_datastore::data, global_curl_info, HASHCOMPAT_LEGACY, HASHCOMPAT_NO, HASHCOMPAT_YES, curl_settings::key, curl_settings::list, LOG_ERROR, NULL, OT_BOOLEAN, OT_ENUM, OT_INTEGER, OT_INTEGER_MS, OT_STRING, parse_curlopt_key(), and tmp().

 {
    struct ast_datastore *store;
    struct global_curl_info *list;
    struct curl_settings *cur, *new = NULL;
    CURLoption key;
    enum optiontype ot;
 
    if (chan) {
       if (!(store = ast_channel_datastore_find(chan, &curl_info, NULL))) {
          /* Create a new datastore */
          if (!(store = ast_datastore_alloc(&curl_info, NULL))) {
             ast_log(LOG_ERROR, "Unable to allocate new datastore.  Cannot set any CURL options\n");
             return -1;
          }
 
          if (!(list = ast_calloc(1, sizeof(*list)))) {
             ast_log(LOG_ERROR, "Unable to allocate list head.  Cannot set any CURL options\n");
             ast_datastore_free(store);
             return -1;
          }
 
          store->data = list;
          AST_LIST_HEAD_INIT(list);
          ast_channel_datastore_add(chan, store);
       } else {
          list = store->data;
       }
    } else {
       /* Populate the global structure */
       list = &global_curl_info;
    }
 
    if (!parse_curlopt_key(name, &key, &ot)) {
       if (ot == OT_BOOLEAN) {
          if ((new = ast_calloc(1, sizeof(*new)))) {
             new->value = (void *)((long) ast_true(value));
          }
       } else if (ot == OT_INTEGER) {
          long tmp = atol(value);
          if ((new = ast_calloc(1, sizeof(*new)))) {
             new->value = (void *)tmp;
          }
       } else if (ot == OT_INTEGER_MS) {
          long tmp = atof(value) * 1000.0;
          if ((new = ast_calloc(1, sizeof(*new)))) {
             new->value = (void *)tmp;
          }
       } else if (ot == OT_STRING) {
          if ((new = ast_calloc(1, sizeof(*new) + strlen(value) + 1))) {
             new->value = (char *)new + sizeof(*new);
             strcpy(new->value, value);
          }
       } else if (ot == OT_ENUM) {
          if (key == CURLOPT_PROXYTYPE) {
             long ptype =
 #if CURLVERSION_ATLEAST(7,10,0)
                CURLPROXY_HTTP;
 #else
                CURLPROXY_SOCKS5;
 #endif
             if (0) {
 #if CURLVERSION_ATLEAST(7,15,2)
             } else if (!strcasecmp(value, "socks4")) {
                ptype = CURLPROXY_SOCKS4;
 #endif
 #if CURLVERSION_ATLEAST(7,18,0)
             } else if (!strcasecmp(value, "socks4a")) {
                ptype = CURLPROXY_SOCKS4A;
 #endif
 #if CURLVERSION_ATLEAST(7,18,0)
             } else if (!strcasecmp(value, "socks5")) {
                ptype = CURLPROXY_SOCKS5;
 #endif
 #if CURLVERSION_ATLEAST(7,18,0)
             } else if (!strncasecmp(value, "socks5", 6)) {
                ptype = CURLPROXY_SOCKS5_HOSTNAME;
 #endif
             }
 
             if ((new = ast_calloc(1, sizeof(*new)))) {
                new->value = (void *)ptype;
             }
          } else if (key == CURLOPT_SPECIAL_HASHCOMPAT) {
             if ((new = ast_calloc(1, sizeof(*new)))) {
                new->value = (void *) (long) (!strcasecmp(value, "legacy") ? HASHCOMPAT_LEGACY : ast_true(value) ? HASHCOMPAT_YES : HASHCOMPAT_NO);
             }
          } else {
             /* Highly unlikely */
             goto yuck;
          }
       }
 
       /* Memory allocation error */
       if (!new) {
          return -1;
       }
 
       new->key = key;
    } else {
 yuck:
       ast_log(LOG_ERROR, "Unrecognized option: %s\n", name);
       return -1;
    }
 
    /* Remove any existing entry, only http headers are left */
    AST_LIST_LOCK(list);
    if (new->key != CURLOPT_HTTPHEADER) {
       AST_LIST_TRAVERSE_SAFE_BEGIN(list, cur, list) {
          if (cur->key == new->key) {
             AST_LIST_REMOVE_CURRENT(list);
             ast_free(cur);
             break;
          }
       }
       AST_LIST_TRAVERSE_SAFE_END
    }
 
    /* Insert new entry */
    ast_debug(1, "Inserting entry %p with key %d and value %p\n", new, new->key, new->value);
    AST_LIST_INSERT_TAIL(list, new, list);
    AST_LIST_UNLOCK(list);
 
    return 0;
 }

◆ AST_MODULE_SELF_SYM()

struct ast_module* AST_MODULE_SELF_SYM ( void )

Definition at line 1011 of file func_curl.c.

◆ AST_TEST_DEFINE()

AST_TEST_DEFINE ( vulnerable_url )

Definition at line 932 of file func_curl.c.

References ARRAY_LEN, AST_TEST_FAIL, AST_TEST_PASS, ast_test_status_update, sip_to_pjsip::info(), TEST_EXECUTE, TEST_INIT, and url_is_vulnerable().

 {
    const char *bad_urls [] = {
       "http://example.com\r\nDELETE http://example.com/everything",
       "http://example.com\rDELETE http://example.com/everything",
       "http://example.com\nDELETE http://example.com/everything",
       "\r\nhttp://example.com",
       "\rhttp://example.com",
       "\nhttp://example.com",
       "http://example.com\r\n",
       "http://example.com\r",
       "http://example.com\n",
    };
    const char *good_urls [] = {
       "http://example.com",
       "http://example.com/%5Cr%5Cn",
    };
    int i;
    enum ast_test_result_state res = AST_TEST_PASS;
 
    switch (cmd) {
    case TEST_INIT:
       info->name = "vulnerable_url";
       info->category = "/funcs/func_curl/";
       info->summary = "cURL vulnerable URL test";
       info->description =
          "Ensure that any combination of '\\r' or '\\n' in a URL invalidates the URL";
    case TEST_EXECUTE:
       break;
    }
 
    for (i = 0; i < ARRAY_LEN(bad_urls); ++i) {
       if (!url_is_vulnerable(bad_urls[i])) {
          ast_test_status_update(test, "String '%s' detected as valid when it should be invalid\n", bad_urls[i]);
          res = AST_TEST_FAIL;
       }
    }
 
    for (i = 0; i < ARRAY_LEN(good_urls); ++i) {
       if (url_is_vulnerable(good_urls[i])) {
          ast_test_status_update(test, "String '%s' detected as invalid when it should be valid\n", good_urls[i]);
          res = AST_TEST_FAIL;
       }
    }
 
    return res;
 }

◆ curl_instance_cleanup()

static void curl_instance_cleanup ( void * data )

static

Definition at line 620 of file func_curl.c.

References ast_free.

 {
    CURL **curl = data;
 
    curl_easy_cleanup(*curl);
 
    ast_free(data);
 }

◆ curl_instance_init()

static int curl_instance_init ( void * data )

static

Definition at line 605 of file func_curl.c.

References global_useragent, and WriteMemoryCallback().

 {
    CURL **curl = data;
 
    if (!(*curl = curl_easy_init()))
       return -1;
 
    curl_easy_setopt(*curl, CURLOPT_NOSIGNAL, 1);
    curl_easy_setopt(*curl, CURLOPT_TIMEOUT, 180);
    curl_easy_setopt(*curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
    curl_easy_setopt(*curl, CURLOPT_USERAGENT, global_useragent);
 
    return 0;
 }

◆ curlds_free()

static void curlds_free ( void * data )

static

Definition at line 229 of file func_curl.c.

References ast_free, AST_LIST_HEAD, AST_LIST_HEAD_DESTROY, AST_LIST_REMOVE_HEAD, and curl_settings::list.

 {
    AST_LIST_HEAD(global_curl_info, curl_settings) *list = data;
    struct curl_settings *setting;
    if (!list) {
       return;
    }
    while ((setting = AST_LIST_REMOVE_HEAD(list, list))) {
       ast_free(setting);
    }
    AST_LIST_HEAD_DESTROY(list);
    ast_free(list);
 }

◆ load_module()

static int load_module ( void )

static

Definition at line 993 of file func_curl.c.

References AST_CFE_WRITE, ast_custom_function_register, ast_custom_function_register_escalating, AST_MODFLAG_LOAD_ORDER, AST_MODPRI_REALTIME_DEPEND2, AST_MODULE_INFO(), AST_MODULE_SUPPORT_CORE, AST_TEST_REGISTER, ASTERISK_GPL_KEY, and unload_module().

 {
    int res;
 
    res = ast_custom_function_register_escalating(&acf_curl, AST_CFE_WRITE);
    res |= ast_custom_function_register(&acf_curlopt);
 
    AST_TEST_REGISTER(vulnerable_url);
 
    return res;
 }

◆ parse_curlopt_key()

static int parse_curlopt_key	(	const char *	name,
		CURLoption *	key,
		enum optiontype *	ot
	)

static

Definition at line 257 of file func_curl.c.

References CURLOPT_SPECIAL_FAILURE_CODE, CURLOPT_SPECIAL_HASHCOMPAT, OT_BOOLEAN, OT_ENUM, OT_INTEGER, OT_INTEGER_MS, and OT_STRING.

Referenced by acf_curlopt_helper(), and acf_curlopt_write().

 {
    if (!strcasecmp(name, "header")) {
       *key = CURLOPT_HEADER;
       *ot = OT_BOOLEAN;
    } else if (!strcasecmp(name, "httpheader")) {
       *key = CURLOPT_HTTPHEADER;
       *ot = OT_STRING;
    } else if (!strcasecmp(name, "proxy")) {
       *key = CURLOPT_PROXY;
       *ot = OT_STRING;
    } else if (!strcasecmp(name, "proxyport")) {
       *key = CURLOPT_PROXYPORT;
       *ot = OT_INTEGER;
    } else if (!strcasecmp(name, "proxytype")) {
       *key = CURLOPT_PROXYTYPE;
       *ot = OT_ENUM;
    } else if (!strcasecmp(name, "dnstimeout")) {
       *key = CURLOPT_DNS_CACHE_TIMEOUT;
       *ot = OT_INTEGER;
    } else if (!strcasecmp(name, "userpwd")) {
       *key = CURLOPT_USERPWD;
       *ot = OT_STRING;
    } else if (!strcasecmp(name, "proxyuserpwd")) {
       *key = CURLOPT_PROXYUSERPWD;
       *ot = OT_STRING;
    } else if (!strcasecmp(name, "followlocation")) {
       *key = CURLOPT_FOLLOWLOCATION;
       *ot = OT_BOOLEAN;
    } else if (!strcasecmp(name, "maxredirs")) {
       *key = CURLOPT_MAXREDIRS;
       *ot = OT_INTEGER;
    } else if (!strcasecmp(name, "referer")) {
       *key = CURLOPT_REFERER;
       *ot = OT_STRING;
    } else if (!strcasecmp(name, "useragent")) {
       *key = CURLOPT_USERAGENT;
       *ot = OT_STRING;
    } else if (!strcasecmp(name, "cookie")) {
       *key = CURLOPT_COOKIE;
       *ot = OT_STRING;
    } else if (!strcasecmp(name, "ftptimeout")) {
       *key = CURLOPT_FTP_RESPONSE_TIMEOUT;
       *ot = OT_INTEGER;
    } else if (!strcasecmp(name, "httptimeout")) {
 #if CURLVERSION_ATLEAST(7,16,2)
       *key = CURLOPT_TIMEOUT_MS;
       *ot = OT_INTEGER_MS;
 #else
       *key = CURLOPT_TIMEOUT;
       *ot = OT_INTEGER;
 #endif
    } else if (!strcasecmp(name, "conntimeout")) {
 #if CURLVERSION_ATLEAST(7,16,2)
       *key = CURLOPT_CONNECTTIMEOUT_MS;
       *ot = OT_INTEGER_MS;
 #else
       *key = CURLOPT_CONNECTTIMEOUT;
       *ot = OT_INTEGER;
 #endif
    } else if (!strcasecmp(name, "ftptext")) {
       *key = CURLOPT_TRANSFERTEXT;
       *ot = OT_BOOLEAN;
    } else if (!strcasecmp(name, "ssl_verifypeer")) {
       *key = CURLOPT_SSL_VERIFYPEER;
       *ot = OT_BOOLEAN;
    } else if (!strcasecmp(name, "hashcompat")) {
       *key = CURLOPT_SPECIAL_HASHCOMPAT;
       *ot = OT_ENUM;
    } else if (!strcasecmp(name, "failurecodes")) {
       *key = CURLOPT_SPECIAL_FAILURE_CODE;
       *ot = OT_STRING;
    } else {
       return -1;
    }
    return 0;
 }

◆ unload_module()

static int unload_module ( void )

static

Definition at line 981 of file func_curl.c.

References ast_custom_function_unregister(), and AST_TEST_UNREGISTER.

Referenced by load_module().

 {
    int res;
 
    res = ast_custom_function_unregister(&acf_curl);
    res |= ast_custom_function_unregister(&acf_curlopt);
 
    AST_TEST_UNREGISTER(vulnerable_url);
 
    return res;
 }

◆ url_is_vulnerable()

static int url_is_vulnerable ( const char * url )

static

Check for potential HTTP injection risk.

CVE-2014-8150 brought up the fact that HTTP proxies are subject to injection attacks. An HTTP URL sent to a proxy contains a carriage-return linefeed combination, followed by a complete HTTP request. Proxies will handle this as two separate HTTP requests rather than as a malformed URL.

libcURL patched this vulnerability in version 7.40.0, but we have no guarantee that Asterisk systems will be using an up-to-date cURL library. Therefore, we implement the same fix as libcURL for determining if a URL is vulnerable to an injection attack.

Parameters

url	The URL to check for vulnerability

Return values

0	The URL is not vulnerable
1	The URL is vulnerable.

Definition at line 648 of file func_curl.c.

Referenced by acf_curl_helper(), and AST_TEST_DEFINE().

 {
    if (strpbrk(url, "\r\n")) {
       return 1;
    }
 
    return 0;
 }

◆ WriteMemoryCallback()

static size_t WriteMemoryCallback	(	void *	ptr,
		size_t	size,
		size_t	nmemb,
		void *	data
	)

static

Definition at line 588 of file func_curl.c.

References ast_str_append_substr(), curl_write_callback_data::out_file, and curl_write_callback_data::str.

Referenced by curl_instance_init().

 {
    register int realsize = 0;
    struct curl_write_callback_data *cb_data = data;
 
    if (cb_data->str) {
       realsize = size * nmemb;
       ast_str_append_substr(&cb_data->str, 0, ptr, realsize);
    } else if (cb_data->out_file) {
       realsize = fwrite(ptr, size, nmemb, cb_data->out_file);
    }
 
    return realsize;
 }

Variable Documentation

◆ __mod_info

struct ast_module_info __mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_LOAD_ORDER , .description = "Load external URL" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = "30ef0c93b36035ec78c9cfd712d36d9b" , .support_level = AST_MODULE_SUPPORT_CORE, .load = load_module, .unload = unload_module, .load_pri = AST_MODPRI_REALTIME_DEPEND2, .requires = "res_curl", }

static

Definition at line 1011 of file func_curl.c.

◆ acf_curl

struct ast_custom_function acf_curl

static

Initial value:

= {
   .name = "CURL",
   .read2 = acf_curl_exec,
   .write = acf_curl_write,
}

Definition at line 893 of file func_curl.c.

◆ acf_curlopt

struct ast_custom_function acf_curlopt

static

Definition at line 899 of file func_curl.c.

◆ ast_module_info

const struct ast_module_info* ast_module_info = &__mod_info

static

Definition at line 1011 of file func_curl.c.

◆ curl_info

const struct ast_datastore_info curl_info

static

Initial value:

= {
   .type = "CURL",
   .destroy = curlds_free,
}

Definition at line 216 of file func_curl.c.

◆ curl_instance

struct ast_threadstorage curl_instance = { .once = PTHREAD_ONCE_INIT , .key_init = __init_curl_instance , .custom_init = curl_instance_init , }

static

Definition at line 629 of file func_curl.c.

Referenced by acf_curl_helper().

◆ global_curl_info

struct global_curl_info global_curl_info = { .first = NULL, .last = NULL, .lock = { PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP , NULL, {1, 0} } , }

Referenced by acf_curlopt_helper(), and acf_curlopt_write().

◆ global_useragent

const char* const global_useragent = "asterisk-libcurl-agent/1.0"

static

Definition at line 603 of file func_curl.c.

Referenced by curl_instance_init().

◆ thread_escapebuf

struct ast_threadstorage thread_escapebuf = { .once = PTHREAD_ONCE_INIT , .key_init = __init_thread_escapebuf , .custom_init = NULL , }

static

Definition at line 630 of file func_curl.c.

Referenced by acf_curl_helper().

Data Structures

Macros

Enumerations

Functions

Variables

Detailed Description

Macro Definition Documentation

◆ CURLOPT_SPECIAL_FAILURE_CODE

◆ CURLOPT_SPECIAL_HASHCOMPAT

◆ CURLVERSION_ATLEAST

Enumeration Type Documentation

◆ hashcompat

◆ optiontype

Function Documentation

◆ __init_curl_instance()

◆ __init_thread_escapebuf()

◆ __reg_module()

◆ __unreg_module()

◆ acf_curl_exec()

◆ acf_curl_helper()

◆ acf_curl_write()

◆ acf_curlopt_helper()

◆ acf_curlopt_read()

◆ acf_curlopt_read2()

◆ acf_curlopt_write()

◆ AST_MODULE_SELF_SYM()

◆ AST_TEST_DEFINE()

◆ curl_instance_cleanup()

◆ curl_instance_init()

◆ curlds_free()

◆ load_module()

◆ parse_curlopt_key()

◆ unload_module()

◆ url_is_vulnerable()

◆ WriteMemoryCallback()

Variable Documentation

◆ __mod_info

◆ acf_curl

◆ acf_curlopt

◆ ast_module_info

◆ curl_info

◆ curl_instance

◆ global_curl_info

◆ global_useragent

◆ thread_escapebuf