http.c File Reference

http server for AMI access More...

#include "asterisk.h"
#include <time.h>
#include <sys/time.h>
#include <sys/stat.h>
#include <signal.h>
#include <fcntl.h>
#include "asterisk/paths.h"
#include "asterisk/cli.h"
#include "asterisk/tcptls.h"
#include "asterisk/http.h"
#include "asterisk/utils.h"
#include "asterisk/strings.h"
#include "asterisk/config.h"
#include "asterisk/stringfields.h"
#include "asterisk/ast_version.h"
#include "asterisk/manager.h"
#include "asterisk/module.h"
#include "asterisk/astobj2.h"
#include "asterisk/netsock2.h"
#include "asterisk/json.h"

Include dependency graph for http.c:

Go to the source code of this file.

Data Structures
struct	ast_cfhttp_methods_text
struct	http_uri_redirect
struct	http_worker_private_data
struct	uri_redirects
struct	uris

Macros
#define	BASIC_LEN   6
#define	BASIC_PREFIX   "Basic "
#define	DEFAULT_PORT   8088
#define	DEFAULT_RESPONSE_HEADER_LENGTH   512
#define	DEFAULT_SESSION_INACTIVITY   30000
#define	DEFAULT_SESSION_KEEP_ALIVE   15000
#define	DEFAULT_SESSION_LIMIT   100
#define	DEFAULT_TLS_PORT   8089
#define	INITIAL_RESPONSE_BODY_BUFFER   1024
#define	MAX_CONTENT_LENGTH   40960
#define	MAX_HTTP_LINE_LENGTH   4096
#define	MAX_HTTP_REQUEST_HEADERS   100
#define	MAX_PREFIX   80
#define	MAX_SERVER_NAME_LENGTH   128
#define	MIN_INITIAL_REQUEST_TIMEOUT   10000

Enumerations
enum	http_private_flags { HTTP_FLAG_HAS_BODY = (1 << 0), HTTP_FLAG_BODY_READ = (1 << 1), HTTP_FLAG_CLOSE_ON_COMPLETION = (1 << 2) }

Functions
static int	__ast_http_load (int reload)
static void	__reg_module (void)
static void	__unreg_module (void)
static void	add_redirect (const char *value)
	Add a new URI redirect The entries in the redirect list are sorted by length, just like the list of URI handlers. More...
const char *	ast_get_http_method (enum ast_http_method method)
	Return http method name string. More...
void	ast_http_auth (struct ast_tcptls_session_instance *ser, const char *realm, const unsigned long nonce, const unsigned long opaque, int stale, const char *text)
	Send http "401 Unauthorized" response and close socket. More...
int	ast_http_body_discard (struct ast_tcptls_session_instance *ser)
	Read and discard any unread HTTP request body. More...
void	ast_http_body_read_status (struct ast_tcptls_session_instance *ser, int read_success)
	Update the body read success status. More...
void	ast_http_create_response (struct ast_tcptls_session_instance *ser, int status_code, const char *status_title, struct ast_str *http_header_data, const char *text)
	Creates and sends a formatted http response message. More...
void	ast_http_error (struct ast_tcptls_session_instance *ser, int status_code, const char *status_title, const char *text)
	Send HTTP error message and close socket. More...
const char *	ast_http_ftype2mtype (const char *ftype)
	Return mime type based on extension. More...
struct ast_http_auth *	ast_http_get_auth (struct ast_variable *headers)
	Get HTTP authentication information from headers. More...
static char *	ast_http_get_contents (int *return_length, struct ast_tcptls_session_instance *ser, struct ast_variable *headers)
	Returns the contents (body) of the HTTP request. More...
struct ast_variable *	ast_http_get_cookies (struct ast_variable *headers)
	Get cookie from Request headers. More...
struct ast_json *	ast_http_get_json (struct ast_tcptls_session_instance *ser, struct ast_variable *headers)
	Get JSON from client Request Entity-Body, if content type is application/json. More...
struct ast_variable *	ast_http_get_post_vars (struct ast_tcptls_session_instance *ser, struct ast_variable *headers)
	Get post variables from client Request Entity-Body, if content type is application/x-www-form-urlencoded. More...
int	ast_http_header_match (const char *name, const char *expected_name, const char *value, const char *expected_value)
	Check if the header and value match (case insensitive) their associated expected values. More...
int	ast_http_header_match_in (const char *name, const char *expected_name, const char *value, const char *expected_value)
	Check if the header name matches the expected header name. If so, then check to see if the value can be located in the expected value. More...
int	ast_http_header_parse (char *buf, char **name, char **value)
	Parse a header into the given name/value strings. More...
uint32_t	ast_http_manid_from_vars (struct ast_variable *headers)
	Return manager id, if exist, from request headers. More...
void	ast_http_prefix (char *buf, int len)
	Return the current prefix. More...
void	ast_http_request_close_on_completion (struct ast_tcptls_session_instance *ser)
	Request the HTTP connection be closed after this HTTP request. More...
int	ast_http_response_status_line (const char *buf, const char *version, int code)
	Parse the http response status line. More...
void	ast_http_send (struct ast_tcptls_session_instance *ser, enum ast_http_method method, int status_code, const char *status_title, struct ast_str *http_header, struct ast_str *out, int fd, unsigned int static_content)
	Generic function for sending HTTP/1.1 response. More...
int	ast_http_uri_link (struct ast_http_uri *urih)
	Link the new uri into the list. More...
void	ast_http_uri_unlink (struct ast_http_uri *urih)
	Unregister a URI handler. More...
void	ast_http_uri_unlink_all_with_key (const char *key)
	Unregister all handlers with matching key. More...
struct ast_module *	AST_MODULE_SELF_SYM (void)
static struct ast_http_auth *	auth_create (const char *userid, const char *password)
static int	chunked_atoh (const char *s, int len)
static int	get_content_length (struct ast_variable *headers)
	Returns the value of the Content-Length header. More...
static char *	get_content_type (struct ast_variable *headers)
	Retrieves the content type specified in the "Content-Type" header. More...
static const char *	get_header (struct ast_variable *headers, const char *field_name)
	Retrieves the header with the given field name. More...
static const char *	get_transfer_encoding (struct ast_variable *headers)
	Returns the value of the Transfer-Encoding header. More...
static char *	handle_show_http (struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
static int	handle_uri (struct ast_tcptls_session_instance *ser, char *uri, enum ast_http_method method, struct ast_variable *headers)
static int	http_body_check_chunk_sync (struct ast_tcptls_session_instance *ser)
static int	http_body_discard_chunk_trailer_headers (struct ast_tcptls_session_instance *ser)
static int	http_body_discard_contents (struct ast_tcptls_session_instance *ser, int length, const char *what_getting)
static int	http_body_get_chunk_length (struct ast_tcptls_session_instance *ser)
static int	http_body_read_contents (struct ast_tcptls_session_instance *ser, char *buf, int length, const char *what_getting)
static int	http_check_connection_close (struct ast_variable *headers)
static int	http_request_headers_get (struct ast_tcptls_session_instance *ser, struct ast_variable **headers)
static void	http_request_tracking_init (struct http_worker_private_data *request)
static int	http_request_tracking_setup (struct ast_tcptls_session_instance *ser, struct ast_variable *headers)
static void *	httpd_helper_thread (void *arg)
static int	httpd_process_request (struct ast_tcptls_session_instance *ser)
static int	httpstatus_callback (struct ast_tcptls_session_instance *ser, const struct ast_http_uri *urih, const char *uri, enum ast_http_method method, struct ast_variable *get_vars, struct ast_variable *headers)
static int	load_module (void)
static struct ast_variable *	parse_cookies (const char *cookies)
static int	reload_module (void)
static void	remove_excess_lws (char *s)
static int	static_callback (struct ast_tcptls_session_instance *ser, const struct ast_http_uri *urih, const char *uri, enum ast_http_method method, struct ast_variable *get_vars, struct ast_variable *headers)
static int	unload_module (void)

Variables
static struct ast_module_info	__mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_GLOBAL_SYMBOLS | AST_MODFLAG_LOAD_ORDER , .description = "Built-in HTTP Server" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = "30ef0c93b36035ec78c9cfd712d36d9b" , .support_level = AST_MODULE_SUPPORT_CORE, .load = load_module, .unload = unload_module, .reload = reload_module, .load_pri = AST_MODPRI_CORE, .requires = "extconfig", }
static const struct ast_cfhttp_methods_text	ast_http_methods_text []
static const struct ast_module_info *	ast_module_info = &__mod_info
static struct ast_cli_entry	cli_http []
static struct ast_tcptls_session_args	http_desc
static char	http_server_name [MAX_SERVER_NAME_LENGTH]
static struct ast_tls_config	http_tls_cfg
static struct ast_tcptls_session_args	https_desc
struct {
const char *   ext
const char *   mtype
}	mimetypes []
	Limit the kinds of files we're willing to serve up. More...
static char	prefix [MAX_PREFIX]
static int	session_count = 0
static int	session_inactivity = DEFAULT_SESSION_INACTIVITY
static int	session_keep_alive = DEFAULT_SESSION_KEEP_ALIVE
static int	session_limit = DEFAULT_SESSION_LIMIT
static struct ast_http_uri	static_uri
static int	static_uri_enabled
static struct ast_http_uri	status_uri
static int	status_uri_enabled
static struct uri_redirects	uri_redirects = { .first = NULL, .last = NULL, .lock = { PTHREAD_RWLOCK_INITIALIZER , NULL, {1, 0} } , }
static struct uris	uris = { .first = NULL, .last = NULL, .lock = { PTHREAD_RWLOCK_INITIALIZER , NULL, {1, 0} } , }

Detailed Description

http server for AMI access

Author

Mark Spencer marks.nosp@m.ter@.nosp@m.digiu.nosp@m.m.co.nosp@m.m

This program implements a tiny http server and was inspired by micro-httpd by Jef Poskanzer

GMime http://spruce.sourceforge.net/gmime/

AMI over HTTP support - AMI over the http protocol

Definition in file http.c.

Macro Definition Documentation

BASIC_LEN

#define BASIC_LEN   6

strlen(BASIC_PREFIX)

Definition at line 1577 of file http.c.

Referenced by ast_http_get_auth().

BASIC_PREFIX

#define BASIC_PREFIX   "Basic "

Definition at line 1576 of file http.c.

Referenced by ast_http_get_auth().

DEFAULT_PORT

#define DEFAULT_PORT   8088

Definition at line 69 of file http.c.

Referenced by __ast_http_load().

DEFAULT_RESPONSE_HEADER_LENGTH

#define DEFAULT_RESPONSE_HEADER_LENGTH   512

Max size for the http response header

Definition at line 81 of file http.c.

Referenced by ast_http_auth(), and ast_http_error().

DEFAULT_SESSION_INACTIVITY

#define DEFAULT_SESSION_INACTIVITY   30000

(ms) Idle time waiting for data.

Definition at line 73 of file http.c.

Referenced by __ast_http_load().

DEFAULT_SESSION_KEEP_ALIVE

#define DEFAULT_SESSION_KEEP_ALIVE   15000

(ms) Idle time between HTTP requests

Definition at line 77 of file http.c.

Referenced by __ast_http_load().

DEFAULT_SESSION_LIMIT

#define DEFAULT_SESSION_LIMIT   100

Definition at line 71 of file http.c.

Referenced by __ast_http_load().

DEFAULT_TLS_PORT

#define DEFAULT_TLS_PORT   8089

Definition at line 70 of file http.c.

Referenced by __ast_http_load().

INITIAL_RESPONSE_BODY_BUFFER

#define INITIAL_RESPONSE_BODY_BUFFER   1024

Initial response body length.

Definition at line 92 of file http.c.

Referenced by ast_http_create_response().

MAX_CONTENT_LENGTH

#define MAX_CONTENT_LENGTH   40960

Maximum application/json or application/x-www-form-urlencoded body content length.

Definition at line 85 of file http.c.

Referenced by ast_http_get_contents().

MAX_HTTP_LINE_LENGTH

#define MAX_HTTP_LINE_LENGTH   4096

Maximum line length for HTTP requests.

Definition at line 99 of file http.c.

Referenced by http_body_discard_chunk_trailer_headers(), http_body_get_chunk_length(), http_request_headers_get(), and httpd_process_request().

MAX_HTTP_REQUEST_HEADERS

#define MAX_HTTP_REQUEST_HEADERS   100

Limit the number of request headers in case the sender is being ridiculous.

Definition at line 1744 of file http.c.

Referenced by http_request_headers_get().

MAX_PREFIX

#define MAX_PREFIX   80

Definition at line 68 of file http.c.

Referenced by __ast_http_load().

MAX_SERVER_NAME_LENGTH

#define MAX_SERVER_NAME_LENGTH   128

Max size for the http server name

Definition at line 79 of file http.c.

Referenced by __ast_http_load(), ast_http_create_response(), and ast_http_send().

MIN_INITIAL_REQUEST_TIMEOUT

#define MIN_INITIAL_REQUEST_TIMEOUT   10000

(ms) Min timeout for initial HTTP request to start coming in.

Definition at line 75 of file http.c.

Referenced by httpd_helper_thread().

Enumeration Type Documentation

http_private_flags

enum http_private_flags

Enumerator
HTTP_FLAG_HAS_BODY	TRUE if the HTTP request has a body.
HTTP_FLAG_BODY_READ	TRUE if the HTTP request body has been read.
HTTP_FLAG_CLOSE_ON_COMPLETION	TRUE if the HTTP request must close when completed.

Definition at line 439 of file http.c.

 {
 /*! TRUE if the HTTP request has a body. */
 HTTP_FLAG_HAS_BODY = (1 << 0),
 /*! TRUE if the HTTP request body has been read. */
 HTTP_FLAG_BODY_READ = (1 << 1),
 /*! TRUE if the HTTP request must close when completed. */
 HTTP_FLAG_CLOSE_ON_COMPLETION = (1 << 2),
};

Function Documentation

__ast_http_load()

static int __ast_http_load ( int  reload )

static

Definition at line 2077 of file http.c.

References ast_tcptls_session_args::accept_fd, add_redirect(), AST_AF_UNSPEC, AST_CERTFILE, ast_config_destroy(), ast_config_load2(), ast_copy_string(), ast_free, ast_get_version(), ast_http_uri_link(), ast_http_uri_unlink(), ast_log, ast_parse_arg(), AST_RWLIST_REMOVE_HEAD, AST_RWLIST_UNLOCK, AST_RWLIST_WRLOCK, ast_set_flag, ast_sockaddr_copy(), ast_sockaddr_isnull(), ast_sockaddr_port, ast_sockaddr_resolve(), ast_sockaddr_set_port, ast_sockaddr_setnull(), ast_sockaddr_stringify(), AST_SSL_DISABLE_TLSV1, AST_SSL_SERVER_CIPHER_ORDER, ast_ssl_setup(), ast_strdup, ast_strlen_zero, ast_tcptls_server_start(), ast_tcptls_server_stop(), ast_tls_read_conf(), ast_true(), ast_variable_browse(), ast_verb, ast_tls_config::capath, ast_tls_config::certfile, ast_tls_config::cipher, CONFIG_FLAG_FILEUNCHANGED, CONFIG_STATUS_FILEINVALID, CONFIG_STATUS_FILEUNCHANGED, DEFAULT_PORT, DEFAULT_SESSION_INACTIVITY, DEFAULT_SESSION_KEEP_ALIVE, DEFAULT_SESSION_LIMIT, DEFAULT_TLS_PORT, ast_tls_config::enabled, enabled, ast_tls_config::flags, http_server_name, http_tls_cfg, ast_variable::lineno, ast_tcptls_session_args::local_address, LOG_WARNING, MAX_PREFIX, MAX_SERVER_NAME_LENGTH, ast_variable::name, ast_variable::next, NULL, PARSE_DEFAULT, PARSE_IN_RANGE, PARSE_INT32, PARSE_UINT32, prefix, ast_tls_config::pvtfile, RAII_VAR, session_inactivity, session_keep_alive, session_limit, static_uri_enabled, status_uri_enabled, ast_tcptls_session_args::tls_cfg, and ast_variable::value.

Referenced by load_module(), and reload_module().

{
 struct ast_config *cfg;
 struct ast_variable *v;
 int enabled = 0;
 int new_static_uri_enabled = 0;
 int new_status_uri_enabled = 1; /* Default to enabled for BC */
 char newprefix[MAX_PREFIX] = "";
 char server_name[MAX_SERVER_NAME_LENGTH];
 struct http_uri_redirect *redirect;
 struct ast_flags config_flags = { reload ? CONFIG_FLAG_FILEUNCHANGED : 0 };
 uint32_t bindport = DEFAULT_PORT;
 RAII_VAR(struct ast_sockaddr *, addrs, NULL, ast_free);
 int num_addrs = 0;
 int http_tls_was_enabled = 0;

 cfg = ast_config_load2("http.conf", "http", config_flags);
 if (!cfg || cfg == CONFIG_STATUS_FILEINVALID) {
 return 0;
 }

 /* Even if the http.conf hasn't been updated, the TLS certs/keys may have been */
 if (cfg == CONFIG_STATUS_FILEUNCHANGED) {
 if (http_tls_cfg.enabled && ast_ssl_setup(https_desc.tls_cfg)) {
 ast_tcptls_server_start(&https_desc);
 }
 return 0;
 }

 http_tls_was_enabled = (reload && http_tls_cfg.enabled);

 http_tls_cfg.enabled = 0;

 ast_free(http_tls_cfg.certfile);
 http_tls_cfg.certfile = ast_strdup(AST_CERTFILE);

 ast_free(http_tls_cfg.capath);
 http_tls_cfg.capath = ast_strdup("");

 ast_free(http_tls_cfg.pvtfile);
 http_tls_cfg.pvtfile = ast_strdup("");

 /* Apply modern intermediate settings according to the Mozilla OpSec team as of July 30th, 2015 but disable TLSv1 */
 ast_set_flag(&http_tls_cfg.flags, AST_SSL_DISABLE_TLSV1 | AST_SSL_SERVER_CIPHER_ORDER);

 ast_free(http_tls_cfg.cipher);
 http_tls_cfg.cipher = ast_strdup("ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA");

 AST_RWLIST_WRLOCK(&uri_redirects);
 while ((redirect = AST_RWLIST_REMOVE_HEAD(&uri_redirects, entry))) {
 ast_free(redirect);
 }
 AST_RWLIST_UNLOCK(&uri_redirects);

 ast_sockaddr_setnull(&https_desc.local_address);

 session_limit = DEFAULT_SESSION_LIMIT;
 session_inactivity = DEFAULT_SESSION_INACTIVITY;
 session_keep_alive = DEFAULT_SESSION_KEEP_ALIVE;

 snprintf(server_name, sizeof(server_name), "Asterisk/%s", ast_get_version());

 v = ast_variable_browse(cfg, "general");
 for (; v; v = v->next) {
 /* read tls config options while preventing unsupported options from being set */
 if (strcasecmp(v->name, "tlscafile")
 && strcasecmp(v->name, "tlscapath")
 && strcasecmp(v->name, "tlscadir")
 && strcasecmp(v->name, "tlsverifyclient")
 && strcasecmp(v->name, "tlsdontverifyserver")
 && strcasecmp(v->name, "tlsclientmethod")
 && strcasecmp(v->name, "sslclientmethod")
 && !ast_tls_read_conf(&http_tls_cfg, &https_desc, v->name, v->value)) {
 continue;
 }

 if (!strcasecmp(v->name, "servername")) {
 if (!ast_strlen_zero(v->value)) {
 ast_copy_string(server_name, v->value, sizeof(server_name));
 } else {
 server_name[0] = '\0';
 }
 } else if (!strcasecmp(v->name, "enabled")) {
 enabled = ast_true(v->value);
 } else if (!strcasecmp(v->name, "enablestatic") || !strcasecmp(v->name, "enable_static")) {
 new_static_uri_enabled = ast_true(v->value);
 } else if (!strcasecmp(v->name, "enable_status")) {
 new_status_uri_enabled = ast_true(v->value);
 } else if (!strcasecmp(v->name, "bindport")) {
 if (ast_parse_arg(v->value, PARSE_UINT32 | PARSE_IN_RANGE | PARSE_DEFAULT,
 &bindport, DEFAULT_PORT, 0, 65535)) {
 ast_log(LOG_WARNING, "Invalid port %s specified. Using default port %" PRId32 "\n",
 v->value, DEFAULT_PORT);
 }
 } else if (!strcasecmp(v->name, "bindaddr")) {
 if (!(num_addrs = ast_sockaddr_resolve(&addrs, v->value, 0, AST_AF_UNSPEC))) {
 ast_log(LOG_WARNING, "Invalid bind address %s\n", v->value);
 }
 } else if (!strcasecmp(v->name, "prefix")) {
 if (!ast_strlen_zero(v->value)) {
 newprefix[0] = '/';
 ast_copy_string(newprefix + 1, v->value, sizeof(newprefix) - 1);
 } else {
 newprefix[0] = '\0';
 }
 } else if (!strcasecmp(v->name, "redirect")) {
 add_redirect(v->value);
 } else if (!strcasecmp(v->name, "sessionlimit")) {
 if (ast_parse_arg(v->value, PARSE_INT32 | PARSE_DEFAULT | PARSE_IN_RANGE,
 &session_limit, DEFAULT_SESSION_LIMIT, 1, INT_MAX)) {
 ast_log(LOG_WARNING, "Invalid %s '%s' at line %d of http.conf\n",
 v->name, v->value, v->lineno);
 }
 } else if (!strcasecmp(v->name, "session_inactivity")) {
 if (ast_parse_arg(v->value, PARSE_INT32 | PARSE_DEFAULT | PARSE_IN_RANGE,
 &session_inactivity, DEFAULT_SESSION_INACTIVITY, 1, INT_MAX)) {
 ast_log(LOG_WARNING, "Invalid %s '%s' at line %d of http.conf\n",
 v->name, v->value, v->lineno);
 }
 } else if (!strcasecmp(v->name, "session_keep_alive")) {
 if (sscanf(v->value, "%30d", &session_keep_alive) != 1
 || session_keep_alive < 0) {
 session_keep_alive = DEFAULT_SESSION_KEEP_ALIVE;
 ast_log(LOG_WARNING, "Invalid %s '%s' at line %d of http.conf\n",
 v->name, v->value, v->lineno);
 }
 } else {
 ast_log(LOG_WARNING, "Ignoring unknown option '%s' in http.conf\n", v->name);
 }
 }

 ast_config_destroy(cfg);

 if (strcmp(prefix, newprefix)) {
 ast_copy_string(prefix, newprefix, sizeof(prefix));
 }

 ast_copy_string(http_server_name, server_name, sizeof(http_server_name));

 if (num_addrs && enabled) {
 int i;
 for (i = 0; i < num_addrs; ++i) {
 ast_sockaddr_copy(&http_desc.local_address, &addrs[i]);
 if (!ast_sockaddr_port(&http_desc.local_address)) {
 ast_sockaddr_set_port(&http_desc.local_address, bindport);
 }
 ast_tcptls_server_start(&http_desc);
 if (http_desc.accept_fd == -1) {
 ast_log(LOG_WARNING, "Failed to start HTTP server for address %s\n", ast_sockaddr_stringify(&addrs[i]));
 ast_sockaddr_setnull(&http_desc.local_address);
 } else {
 ast_verb(1, "Bound HTTP server to address %s\n", ast_sockaddr_stringify(&addrs[i]));
 break;
 }
 }
 /* When no specific TLS bindaddr is specified, we just use
 * the non-TLS bindaddress here.
 */
 if (ast_sockaddr_isnull(&https_desc.local_address) && http_desc.accept_fd != -1) {
 ast_sockaddr_copy(&https_desc.local_address, &http_desc.local_address);
 /* Of course, we can't use the same port though.
 * Since no bind address was specified, we just use the
 * default TLS port
 */
 ast_sockaddr_set_port(&https_desc.local_address, DEFAULT_TLS_PORT);
 }
 }
 if (http_tls_was_enabled && !http_tls_cfg.enabled) {
 ast_tcptls_server_stop(&https_desc);
 } else if (http_tls_cfg.enabled && !ast_sockaddr_isnull(&https_desc.local_address)) {
 /* We can get here either because a TLS-specific address was specified
 * or because we copied the non-TLS address here. In the case where
 * we read an explicit address from the config, there may have been
 * no port specified, so we'll just use the default TLS port.
 */
 if (!ast_sockaddr_port(&https_desc.local_address)) {
 ast_sockaddr_set_port(&https_desc.local_address, DEFAULT_TLS_PORT);
 }
 if (ast_ssl_setup(https_desc.tls_cfg)) {
 ast_tcptls_server_start(&https_desc);
 }
 }

 if (static_uri_enabled && !new_static_uri_enabled) {
 ast_http_uri_unlink(&static_uri);
 } else if (!static_uri_enabled && new_static_uri_enabled) {
 ast_http_uri_link(&static_uri);
 }

 static_uri_enabled = new_static_uri_enabled;

 if (status_uri_enabled && !new_status_uri_enabled) {
 ast_http_uri_unlink(&status_uri);
 } else if (!status_uri_enabled && new_status_uri_enabled) {
 ast_http_uri_link(&status_uri);
 }

 status_uri_enabled = new_status_uri_enabled;

 return 0;
}

__reg_module()

static void __reg_module ( void  )

static

Definition at line 2388 of file http.c.

__unreg_module()

static void __unreg_module ( void  )

static

Definition at line 2388 of file http.c.

add_redirect()

static void add_redirect ( const char *  value )

static

Add a new URI redirect The entries in the redirect list are sorted by length, just like the list of URI handlers.

Definition at line 2022 of file http.c.

References ast_calloc, ast_copy_string(), ast_log, AST_RWLIST_EMPTY, AST_RWLIST_FIRST, AST_RWLIST_INSERT_AFTER, AST_RWLIST_INSERT_HEAD, AST_RWLIST_INSERT_TAIL, AST_RWLIST_NEXT, AST_RWLIST_TRAVERSE, AST_RWLIST_UNLOCK, AST_RWLIST_WRLOCK, ast_skip_blanks(), ast_strdupa, http_uri_redirect::dest, LOG_WARNING, strsep(), and http_uri_redirect::target.

Referenced by __ast_http_load().

{
 char *target, *dest;
 struct http_uri_redirect *redirect, *cur;
 unsigned int target_len;
 unsigned int total_len;
 size_t dest_len;

 dest = ast_strdupa(value);
 dest = ast_skip_blanks(dest);
 target = strsep(&dest, " ");
 target = ast_skip_blanks(target);
 target = strsep(&target, " "); /* trim trailing whitespace */

 if (!dest) {
 ast_log(LOG_WARNING, "Invalid redirect '%s'\n", value);
 return;
 }

 target_len = strlen(target) + 1;
 dest_len = strlen(dest) + 1;
 total_len = sizeof(*redirect) + target_len + dest_len;

 if (!(redirect = ast_calloc(1, total_len))) {
 return;
 }
 redirect->dest = redirect->target + target_len;
 strcpy(redirect->target, target);
 ast_copy_string(redirect->dest, dest, dest_len);

 AST_RWLIST_WRLOCK(&uri_redirects);

 target_len--; /* So we can compare directly with strlen() */
 if (AST_RWLIST_EMPTY(&uri_redirects)
 || strlen(AST_RWLIST_FIRST(&uri_redirects)->target) <= target_len ) {
 AST_RWLIST_INSERT_HEAD(&uri_redirects, redirect, entry);
 AST_RWLIST_UNLOCK(&uri_redirects);

 return;
 }

 AST_RWLIST_TRAVERSE(&uri_redirects, cur, entry) {
 if (AST_RWLIST_NEXT(cur, entry)
 && strlen(AST_RWLIST_NEXT(cur, entry)->target) <= target_len ) {
 AST_RWLIST_INSERT_AFTER(&uri_redirects, cur, redirect, entry);
 AST_RWLIST_UNLOCK(&uri_redirects);
 return;
 }
 }

 AST_RWLIST_INSERT_TAIL(&uri_redirects, redirect, entry);

 AST_RWLIST_UNLOCK(&uri_redirects);
}

ast_get_http_method()

const char* ast_get_http_method

(

enum ast_http_method

method

)

Return http method name string.

Since

1.8

Definition at line 190 of file http.c.

References ARRAY_LEN, ast_http_methods_text, NULL, and ast_cfhttp_methods_text::text.

Referenced by add_allow_header(), ast_ari_invoke(), auth_http_callback(), and handle_options().

{
 int x;

 for (x = 0; x < ARRAY_LEN(ast_http_methods_text); x++) {
 if (ast_http_methods_text[x].method == method) {
 return ast_http_methods_text[x].text;
 }
 }

 return NULL;
}

ast_http_auth()

void ast_http_auth	(	struct ast_tcptls_session_instance *	ser,
		const char *	realm,
		const unsigned long	nonce,
		const unsigned long	opaque,
		int	stale,
		const char *	text
	)

Send http "401 Unauthorized" response and close socket.

Definition at line 622 of file http.c.

References ast_http_create_response(), ast_str_create, ast_str_set(), and DEFAULT_RESPONSE_HEADER_LENGTH.

Referenced by auth_http_callback().

{
 int status_code = 401;
 char *status_title = "Unauthorized";
 struct ast_str *http_header_data = ast_str_create(DEFAULT_RESPONSE_HEADER_LENGTH);

 if (http_header_data) {
 ast_str_set(&http_header_data,
 0,
 "WWW-authenticate: Digest algorithm=MD5, realm=\"%s\", nonce=\"%08lx\", qop=\"auth\", opaque=\"%08lx\"%s\r\n"
 "Content-type: text/html\r\n",
 realm ? realm : "Asterisk",
 nonce,
 opaque,
 stale ? ", stale=true" : "");
 }

 ast_http_create_response(ser,
 status_code,
 status_title,
 http_header_data,
 text);
}

ast_http_body_discard()

int ast_http_body_discard

(

struct ast_tcptls_session_instance *

ser

)

Read and discard any unread HTTP request body.

Since

12.4.0

Parameters

ser	HTTP TCP/TLS session object.

Return values

0	on success.
-1	on error.

Definition at line 1120 of file http.c.

References ast_assert, ast_debug, ast_set_flag, ast_test_flag, http_worker_private_data::body_length, http_worker_private_data::flags, http_body_check_chunk_sync(), http_body_discard_chunk_trailer_headers(), http_body_discard_contents(), http_body_get_chunk_length(), HTTP_FLAG_BODY_READ, HTTP_FLAG_CLOSE_ON_COMPLETION, HTTP_FLAG_HAS_BODY, ast_tcptls_session_instance::private_data, and request().

Referenced by ast_http_send(), and ast_websocket_uri_cb().

{
 struct http_worker_private_data *request;

 request = ser->private_data;
 if (!ast_test_flag(&request->flags, HTTP_FLAG_HAS_BODY)
 || ast_test_flag(&request->flags, HTTP_FLAG_BODY_READ)) {
 /* No body to read or it has already been read. */
 return 0;
 }
 ast_set_flag(&request->flags, HTTP_FLAG_BODY_READ);

 ast_debug(1, "HTTP discarding unused request body\n");

 ast_assert(request->body_length != 0);
 if (0 < request->body_length) {
 if (http_body_discard_contents(ser, request->body_length, "body")) {
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 return -1;
 }
 return 0;
 }

 /* parse chunked-body */
 for (;;) {
 int length;

 length = http_body_get_chunk_length(ser);
 if (length < 0) {
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 return -1;
 }
 if (length == 0) {
 /* parsed last-chunk */
 break;
 }

 if (http_body_discard_contents(ser, length, "chunk-data")
 || http_body_check_chunk_sync(ser)) {
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 return -1;
 }
 }

 /* Read and discard any trailer entity-header lines. */
 if (http_body_discard_chunk_trailer_headers(ser)) {
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 return -1;
 }
 return 0;
}

ast_http_body_read_status()

void ast_http_body_read_status	(	struct ast_tcptls_session_instance *	ser,
		int	read_success
	)

Update the body read success status.

Since

12.4.0

Parameters

ser	HTTP TCP/TLS session object.
read_success	TRUE if body was read successfully.

Returns

Nothing

Definition at line 899 of file http.c.

References ast_set_flag, ast_test_flag, http_worker_private_data::flags, HTTP_FLAG_BODY_READ, HTTP_FLAG_CLOSE_ON_COMPLETION, HTTP_FLAG_HAS_BODY, ast_tcptls_session_instance::private_data, and request().

Referenced by http_post_callback().

{
 struct http_worker_private_data *request;

 request = ser->private_data;
 if (!ast_test_flag(&request->flags, HTTP_FLAG_HAS_BODY)
 || ast_test_flag(&request->flags, HTTP_FLAG_BODY_READ)) {
 /* No body to read. */
 return;
 }
 ast_set_flag(&request->flags, HTTP_FLAG_BODY_READ);
 if (!read_success) {
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 }
}

ast_http_create_response()

void ast_http_create_response	(	struct ast_tcptls_session_instance *	ser,
		int	status_code,
		const char *	status_title,
		struct ast_str *	http_header_data,
		const char *	text
	)

Creates and sends a formatted http response message.

Parameters

ser	TCP/TLS session object
status_code	HTTP response code (200/401/403/404/500)
status_title	English equivalent to the status_code parameter
http_header_data	The formatted text to use in the http header
text	Additional informational text to use in the response

Note

Function constructs response headers from the status_code, status_title and http_header_data parameters.

The response body is created as HTML content, from the status_code, status_title, and the text parameters.

The http_header_data parameter will be freed as a result of calling function.

Since

13.2.0

Definition at line 567 of file http.c.

References ast_debug, ast_free, ast_http_send(), AST_HTTP_UNKNOWN, ast_str_buffer(), ast_str_create, ast_str_set(), ast_strlen_zero, ast_tcptls_close_session_file(), ast_xml_escape(), http_server_name, INITIAL_RESPONSE_BODY_BUFFER, MAX_SERVER_NAME_LENGTH, and out.

Referenced by ast_http_auth(), and ast_http_error().

{
 char server_name[MAX_SERVER_NAME_LENGTH];
 struct ast_str *server_address = ast_str_create(MAX_SERVER_NAME_LENGTH);
 struct ast_str *out = ast_str_create(INITIAL_RESPONSE_BODY_BUFFER);

 if (!http_header_data || !server_address || !out) {
 ast_free(http_header_data);
 ast_free(server_address);
 ast_free(out);
 if (ser) {
 ast_debug(1, "HTTP closing session. OOM.\n");
 ast_tcptls_close_session_file(ser);
 }
 return;
 }

 if(!ast_strlen_zero(http_server_name)) {
 ast_xml_escape(http_server_name, server_name, sizeof(server_name));
 ast_str_set(&server_address,
 0,
 "<address>%s</address>\r\n",
 server_name);
 }

 ast_str_set(&out,
 0,
 "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n"
 "<html><head>\r\n"
 "<title>%d %s</title>\r\n"
 "</head><body>\r\n"
 "<h1>%s</h1>\r\n"
 "<p>%s</p>\r\n"
 "<hr />\r\n"
 "%s"
 "</body></html>\r\n",
 status_code,
 status_title,
 status_title,
 text ? text : "",
 ast_str_buffer(server_address));

 ast_free(server_address);

 ast_http_send(ser,
 AST_HTTP_UNKNOWN,
 status_code,
 status_title,
 http_header_data,
 out,
 0,
 0);
}

ast_http_error()

void ast_http_error	(	struct ast_tcptls_session_instance *	ser,
		int	status_code,
		const char *	status_title,
		const char *	text
	)

Send HTTP error message and close socket.

Definition at line 648 of file http.c.

References ast_http_create_response(), ast_str_create, ast_str_set(), and DEFAULT_RESPONSE_HEADER_LENGTH.

Referenced by ast_ari_callback(), ast_ari_events_event_websocket_ws_attempted_cb(), ast_websocket_uri_cb(), auth_http_callback(), event_session_allocation_error_handler(), generic_http_callback(), handle_uri(), http_callback(), http_post_callback(), http_request_headers_get(), http_request_tracking_setup(), httpd_helper_thread(), httpd_process_request(), httpstatus_callback(), static_callback(), and websocket_bad_request().

{
 struct ast_str *http_header_data = ast_str_create(DEFAULT_RESPONSE_HEADER_LENGTH);

 if (http_header_data) {
 ast_str_set(&http_header_data, 0, "Content-type: text/html\r\n");
 }

 ast_http_create_response(ser,
 status_code,
 status_title,
 http_header_data,
 text);
}

ast_http_ftype2mtype()

const char* ast_http_ftype2mtype

(

const char *

ftype

)

Return mime type based on extension.

Parameters

ftype

filename extension

Returns

String containing associated MIME type

Since

1.8

Definition at line 203 of file http.c.

References ARRAY_LEN, ext, mimetypes, and NULL.

Referenced by build_profile(), and static_callback().

{
 int x;

 if (ftype) {
 for (x = 0; x < ARRAY_LEN(mimetypes); x++) {
 if (!strcasecmp(ftype, mimetypes[x].ext)) {
 return mimetypes[x].mtype;
 }
 }
 }
 return NULL;
}

ast_http_get_auth()

struct ast_http_auth* ast_http_get_auth

(

struct ast_variable *

headers

)

Get HTTP authentication information from headers.

The returned object is AO2 managed, so clean up with ao2_cleanup().

Parameters

headers

HTTP request headers.

Returns

HTTP auth structure.

NULL if no supported HTTP auth headers present.

Since

12

Definition at line 1579 of file http.c.

References ast_assert, ast_base64decode(), ast_begins_with(), ast_log, auth_create(), base64, BASIC_LEN, BASIC_PREFIX, LOG_DEBUG, LOG_WARNING, ast_variable::name, ast_variable::next, NULL, password, strsep(), and ast_variable::value.

Referenced by authenticate_user(), and http_callback().

{
 struct ast_variable *v;

 for (v = headers; v; v = v->next) {
 const char *base64;
 char decoded[256] = {};
 char *username;
 char *password;
#ifdef AST_DEVMODE
 int cnt;
#endif /* AST_DEVMODE */

 if (strcasecmp("Authorization", v->name) != 0) {
 continue;
 }

 if (!ast_begins_with(v->value, BASIC_PREFIX)) {
 ast_log(LOG_DEBUG,
 "Unsupported Authorization scheme\n");
 continue;
 }

 /* Basic auth header parsing. RFC 2617, section 2.
 * credentials = "Basic" basic-credentials
 * basic-credentials = base64-user-pass
 * base64-user-pass = <base64 encoding of user-pass,
 * except not limited to 76 char/line>
 * user-pass = userid ":" password
 */

 base64 = v->value + BASIC_LEN;

 /* This will truncate "userid:password" lines to
 * sizeof(decoded). The array is long enough that this shouldn't
 * be a problem */
#ifdef AST_DEVMODE
 cnt =
#endif /* AST_DEVMODE */
 ast_base64decode((unsigned char*)decoded, base64,
 sizeof(decoded) - 1);
 ast_assert(cnt < sizeof(decoded));

 /* Split the string at the colon */
 password = decoded;
 username = strsep(&password, ":");
 if (!password) {
 ast_log(LOG_WARNING, "Invalid Authorization header\n");
 return NULL;
 }

 return auth_create(username, password);
 }

 return NULL;
}

ast_http_get_contents()

static char* ast_http_get_contents ( int *  return_length, struct ast_tcptls_session_instance *  ser, struct ast_variable *  headers  )

static

Returns the contents (body) of the HTTP request.

Parameters

return_length	ptr to int that returns content length
ser	HTTP TCP/TLS session object
headers	List of HTTP headers

Returns

ptr to content (zero terminated) or NULL on failure

Note

Since returned ptr is malloc'd, it should be free'd by caller

Definition at line 1181 of file http.c.

References ast_assert, ast_debug, ast_free, ast_log, ast_malloc, ast_realloc, ast_set_flag, ast_test_flag, http_worker_private_data::body_length, buf, errno, http_worker_private_data::flags, http_body_check_chunk_sync(), http_body_discard_chunk_trailer_headers(), http_body_get_chunk_length(), http_body_read_contents(), HTTP_FLAG_BODY_READ, HTTP_FLAG_CLOSE_ON_COMPLETION, HTTP_FLAG_HAS_BODY, LOG_WARNING, MAX_CONTENT_LENGTH, NULL, ast_tcptls_session_instance::private_data, and request().

Referenced by ast_http_get_json(), and ast_http_get_post_vars().

{
 struct http_worker_private_data *request;
 int content_length;
 int bufsize;
 char *buf;

 request = ser->private_data;
 if (!ast_test_flag(&request->flags, HTTP_FLAG_HAS_BODY)) {
 /* no content - not an error */
 return NULL;
 }
 if (ast_test_flag(&request->flags, HTTP_FLAG_BODY_READ)) {
 /* Already read the body. Cannot read again. Assume no content. */
 ast_assert(0);
 return NULL;
 }
 ast_set_flag(&request->flags, HTTP_FLAG_BODY_READ);

 ast_debug(2, "HTTP consuming request body\n");

 ast_assert(request->body_length != 0);
 if (0 < request->body_length) {
 /* handle regular non-chunked content */
 content_length = request->body_length;
 if (content_length > MAX_CONTENT_LENGTH) {
 ast_log(LOG_WARNING, "Excessively long HTTP content. (%d > %d)\n",
 content_length, MAX_CONTENT_LENGTH);
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 errno = EFBIG;
 return NULL;
 }
 buf = ast_malloc(content_length + 1);
 if (!buf) {
 /* Malloc sets ENOMEM */
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 return NULL;
 }

 if (http_body_read_contents(ser, buf, content_length, "body")) {
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 errno = EIO;
 ast_free(buf);
 return NULL;
 }

 buf[content_length] = 0;
 *return_length = content_length;
 return buf;
 }

 /* pre-allocate buffer */
 bufsize = 250;
 buf = ast_malloc(bufsize);
 if (!buf) {
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 return NULL;
 }

 /* parse chunked-body */
 content_length = 0;
 for (;;) {
 int chunk_length;

 chunk_length = http_body_get_chunk_length(ser);
 if (chunk_length < 0) {
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 errno = EIO;
 ast_free(buf);
 return NULL;
 }
 if (chunk_length == 0) {
 /* parsed last-chunk */
 break;
 }
 if (content_length + chunk_length > MAX_CONTENT_LENGTH) {
 ast_log(LOG_WARNING,
 "Excessively long HTTP accumulated chunked body. (%d + %d > %d)\n",
 content_length, chunk_length, MAX_CONTENT_LENGTH);
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 errno = EFBIG;
 ast_free(buf);
 return NULL;
 }

 /* insure buffer is large enough +1 */
 if (content_length + chunk_length >= bufsize) {
 char *new_buf;

 /* Increase bufsize until it can handle the expected data. */
 do {
 bufsize *= 2;
 } while (content_length + chunk_length >= bufsize);

 new_buf = ast_realloc(buf, bufsize);
 if (!new_buf) {
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 ast_free(buf);
 return NULL;
 }
 buf = new_buf;
 }

 if (http_body_read_contents(ser, buf + content_length, chunk_length, "chunk-data")
 || http_body_check_chunk_sync(ser)) {
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 errno = EIO;
 ast_free(buf);
 return NULL;
 }
 content_length += chunk_length;
 }

 /*
 * Read and discard any trailer entity-header lines
 * which we don't care about.
 *
 * XXX In the future we may need to add the trailer headers
 * to the passed in headers list rather than discarding them.
 */
 if (http_body_discard_chunk_trailer_headers(ser)) {
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 errno = EIO;
 ast_free(buf);
 return NULL;
 }

 buf[content_length] = 0;
 *return_length = content_length;
 return buf;
}

ast_http_get_cookies()

struct ast_variable* ast_http_get_cookies

(

struct ast_variable *

headers

)

Get cookie from Request headers.

Definition at line 1532 of file http.c.

References ast_variables_destroy(), ast_variable::name, ast_variable::next, NULL, parse_cookies(), and ast_variable::value.

Referenced by ast_http_manid_from_vars(), and httpstatus_callback().

{
 struct ast_variable *v, *cookies = NULL;

 for (v = headers; v; v = v->next) {
 if (!strcasecmp(v->name, "Cookie")) {
 ast_variables_destroy(cookies);
 cookies = parse_cookies(v->value);
 }
 }
 return cookies;
}

ast_http_get_json()

struct ast_json* ast_http_get_json	(	struct ast_tcptls_session_instance *	ser,
		struct ast_variable *	headers
	)

Get JSON from client Request Entity-Body, if content type is application/json.

Parameters

ser	TCP/TLS session object
headers	List of HTTP headers

Returns

Parsed JSON content body

NULL on error, if no content, or if different content type.

Since

12

Definition at line 1314 of file http.c.

References ast_free, ast_http_get_contents(), ast_json_load_buf(), ast_strlen_zero, buf, errno, get_content_type(), NULL, RAII_VAR, and type.

Referenced by ast_ari_callback().

{
 int content_length = 0;
 struct ast_json *body;
 RAII_VAR(char *, buf, NULL, ast_free);
 RAII_VAR(char *, type, get_content_type(headers), ast_free);

 /* Use errno to distinguish errors from no body */
 errno = 0;

 if (ast_strlen_zero(type) || strcasecmp(type, "application/json")) {
 /* Content type is not JSON. Don't read the body. */
 return NULL;
 }

 buf = ast_http_get_contents(&content_length, ser, headers);
 if (!buf || !content_length) {
 /*
 * errno already set
 * or it is not an error to have zero content
 */
 return NULL;
 }

 body = ast_json_load_buf(buf, content_length, NULL);
 if (!body) {
 /* Failed to parse JSON; treat as an I/O error */
 errno = EIO;
 return NULL;
 }

 return body;
}

ast_http_get_post_vars()

struct ast_variable* ast_http_get_post_vars	(	struct ast_tcptls_session_instance *	ser,
		struct ast_variable *	headers
	)

Get post variables from client Request Entity-Body, if content type is application/x-www-form-urlencoded.

Parameters

ser	TCP/TLS session object
headers	List of HTTP headers

Returns

List of variables within the POST body

Note

Since returned list is malloc'd, list should be free'd by the calling function

Since

1.8

Definition at line 1353 of file http.c.

References ast_free, ast_http_get_contents(), ast_strlen_zero, ast_uri_decode(), ast_uri_http_legacy, ast_variable_new, buf, errno, get_content_type(), NULL, RAII_VAR, strsep(), type, and var.

Referenced by ast_ari_callback(), auth_http_callback(), and generic_http_callback().

{
 int content_length = 0;
 struct ast_variable *v, *post_vars=NULL, *prev = NULL;
 char *var, *val;
 RAII_VAR(char *, buf, NULL, ast_free);
 RAII_VAR(char *, type, get_content_type(headers), ast_free);

 /* Use errno to distinguish errors from no params */
 errno = 0;

 if (ast_strlen_zero(type) ||
 strcasecmp(type, "application/x-www-form-urlencoded")) {
 /* Content type is not form data. Don't read the body. */
 return NULL;
 }

 buf = ast_http_get_contents(&content_length, ser, headers);
 if (!buf || !content_length) {
 /*
 * errno already set
 * or it is not an error to have zero content
 */
 return NULL;
 }

 while ((val = strsep(&buf, "&"))) {
 var = strsep(&val, "=");
 if (val) {
 ast_uri_decode(val, ast_uri_http_legacy);
 } else {
 val = "";
 }
 ast_uri_decode(var, ast_uri_http_legacy);
 if ((v = ast_variable_new(var, val, ""))) {
 if (post_vars) {
 prev->next = v;
 } else {
 post_vars = v;
 }
 prev = v;
 }
 }

 return post_vars;
}

ast_http_header_match()

int ast_http_header_match	(	const char *	name,
		const char *	expected_name,
		const char *	value,
		const char *	expected_value
	)

Check if the header and value match (case insensitive) their associated expected values.

Parameters

name	header name to check
expected_name	the expected name of the header
value	header value to check
expected_value	the expected value of the header

Returns

0 if the name and expected name do not match

-1 if the value and expected value do not match

1 if the both the name and value match their expected value

Since

13

Definition at line 1710 of file http.c.

References ast_log, and LOG_ERROR.

Referenced by websocket_client_handshake_get_response().

{
 if (strcasecmp(name, expected_name)) {
 /* no value to validate if names don't match */
 return 0;
 }

 if (strcasecmp(value, expected_value)) {
 ast_log(LOG_ERROR, "Invalid header value - expected %s "
 "received %s", value, expected_value);
 return -1;
 }
 return 1;
}

ast_http_header_match_in()

int ast_http_header_match_in	(	const char *	name,
		const char *	expected_name,
		const char *	value,
		const char *	expected_value
	)

Check if the header name matches the expected header name. If so, then check to see if the value can be located in the expected value.

Note

Both header and value checks are case insensitive.

Parameters

name	header name to check
expected_name	the expected name of the header
value	header value to check if in expected value
expected_value	the expected value(s)

Returns

0 if the name and expected name do not match

-1 if the value and is not in the expected value

1 if the name matches expected name and value is in expected value

Since

13

Definition at line 1726 of file http.c.

References ast_log, LOG_ERROR, and strcasestr().

Referenced by websocket_client_handshake_get_response().

{
 if (strcasecmp(name, expected_name)) {
 /* no value to validate if names don't match */
 return 0;
 }

 if (!strcasestr(expected_value, value)) {
 ast_log(LOG_ERROR, "Header '%s' - could not locate '%s' "
 "in '%s'\n", name, value, expected_value);
 return -1;

 }
 return 1;
}

ast_http_header_parse()

int ast_http_header_parse	(	char *	buf,
		char **	name,
		char **	value
	)

Parse a header into the given name/value strings.

Note

This modifies the given buffer and the out parameters point (not allocated) to the start of the header name and header value, respectively.

Parameters

buf	a string containing the name/value to point to
name	out parameter pointing to the header name
value	out parameter pointing to header value

Returns

-1 if buf is empty

0 if buf could be separated into name and value

1 if name or value portion don't exist

Since

13

Definition at line 1688 of file http.c.

References ast_skip_blanks(), ast_strlen_zero, ast_trim_blanks(), buf, remove_excess_lws(), and strsep().

Referenced by websocket_client_handshake_get_response().

{
 ast_trim_blanks(buf);
 if (ast_strlen_zero(buf)) {
 return -1;
 }

 *value = buf;
 *name = strsep(value, ":");
 if (!*value) {
 return 1;
 }

 *value = ast_skip_blanks(*value);
 if (ast_strlen_zero(*value) || ast_strlen_zero(*name)) {
 return 1;
 }

 remove_excess_lws(*value);
 return 0;
}

ast_http_manid_from_vars()

uint32_t ast_http_manid_from_vars

(

struct ast_variable *

headers

)

Return manager id, if exist, from request headers.

Parameters

headers

List of HTTP headers

Returns

32-bit associated manager session identifier

Since

1.8

Definition at line 217 of file http.c.

References ast_http_get_cookies(), ast_variables_destroy(), ast_variable::name, ast_variable::next, and ast_variable::value.

Referenced by generic_http_callback(), http_post_callback(), and static_callback().

{
 uint32_t mngid = 0;
 struct ast_variable *v, *cookies;

 cookies = ast_http_get_cookies(headers);
 for (v = cookies; v; v = v->next) {
 if (!strcasecmp(v->name, "mansession_id")) {
 sscanf(v->value, "%30x", &mngid);
 break;
 }
 }
 ast_variables_destroy(cookies);
 return mngid;
}

ast_http_prefix()

void ast_http_prefix	(	char *	buf,
		int	len
	)

Return the current prefix.

Parameters

[out]	buf	destination buffer for previous
[in]	len	length of prefix to copy

Since

1.6.1

Definition at line 233 of file http.c.

References ast_copy_string(), and prefix.

{
 if (buf) {
 ast_copy_string(buf, prefix, len);
 }
}

ast_http_request_close_on_completion()

void ast_http_request_close_on_completion

(

struct ast_tcptls_session_instance *

ser

)

Request the HTTP connection be closed after this HTTP request.

Since

12.4.0

Parameters

ser	HTTP TCP/TLS session object.

Note

Call before ast_http_error() to make the connection close.

Returns

Nothing

Definition at line 836 of file http.c.

References ast_set_flag, http_worker_private_data::flags, HTTP_FLAG_CLOSE_ON_COMPLETION, ast_tcptls_session_instance::private_data, and request().

Referenced by ast_ari_callback(), auth_http_callback(), generic_http_callback(), handle_uri(), http_callback(), http_post_callback(), httpstatus_callback(), static_callback(), and websocket_bad_request().

{
 struct http_worker_private_data *request = ser->private_data;

 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
}

ast_http_response_status_line()

int ast_http_response_status_line	(	const char *	buf,
		const char *	version,
		int	code
	)

Parse the http response status line.

Parameters

buf	the http response line information
version	the expected http version (e.g. HTTP/1.1)
code	the expected status code

Returns

-1 if version didn't match or status code conversion fails.

status code (>0)

Since

13

Definition at line 1636 of file http.c.

References ast_log, and LOG_ERROR.

Referenced by websocket_client_handshake_get_response().

{
 int status_code;
 size_t size = strlen(version);

 if (strncmp(buf, version, size) || buf[size] != ' ') {
 ast_log(LOG_ERROR, "HTTP version not supported - "
 "expected %s\n", version);
 return -1;
 }

 /* skip to status code (version + space) */
 buf += size + 1;

 if (sscanf(buf, "%d", &status_code) != 1) {
 ast_log(LOG_ERROR, "Could not read HTTP status code - "
 "%s\n", buf);
 return -1;
 }

 return status_code;
}

ast_http_send()

void ast_http_send	(	struct ast_tcptls_session_instance *	ser,
		enum ast_http_method	method,
		int	status_code,
		const char *	status_title,
		struct ast_str *	http_header,
		struct ast_str *	out,
		int	fd,
		unsigned int	static_content
	)

Generic function for sending HTTP/1.1 response.

Parameters

ser	TCP/TLS session object
method	GET/POST/HEAD
status_code	HTTP response code (200/401/403/404/500)
status_title	English equivalent to the status_code parameter
http_header	An ast_str object containing all headers
out	An ast_str object containing the body of the response
fd	If out is NULL, a file descriptor where the body of the response is held (otherwise -1)
static_content	Zero if the content is dynamically generated and should not be cached; nonzero otherwise

Note

Function determines the HTTP response header from status_code, status_header, and http_header.

Extra HTTP headers MUST be present only in the http_header argument. The argument "out" should contain only content of the response (no headers!).

HTTP content can be constructed from the argument "out", if it is not NULL; otherwise, the function will read content from FD.

This function calculates the content-length http header itself.

Both the http_header and out arguments will be freed by this function; however, if FD is open, it will remain open.

Since

1.8

Definition at line 456 of file http.c.

References ast_assert, ast_debug, ast_free, ast_http_body_discard(), AST_HTTP_HEAD, ast_iostream_printf(), ast_iostream_write(), ast_localtime(), ast_str_buffer(), ast_str_create, ast_str_set(), ast_str_strlen(), ast_strftime(), ast_strlen_zero, ast_tcptls_close_session_file(), ast_test_flag, ast_tvnow(), buf, errno, http_worker_private_data::flags, HTTP_FLAG_CLOSE_ON_COMPLETION, http_server_name, len(), MAX_SERVER_NAME_LENGTH, ast_tcptls_session_instance::private_data, request(), session_keep_alive, and ast_tcptls_session_instance::stream.

Referenced by ast_ari_callback(), ast_http_create_response(), auth_http_callback(), generic_http_callback(), handle_uri(), http_callback(), httpstatus_callback(), static_callback(), and websocket_bad_request().

{
 struct timeval now = ast_tvnow();
 struct ast_tm tm;
 char timebuf[80];
 char buf[256];
 int len;
 int content_length = 0;
 int close_connection;
 struct ast_str *server_header_field = ast_str_create(MAX_SERVER_NAME_LENGTH);
 int send_content;

 if (!ser || !server_header_field) {
 /* The connection is not open. */
 ast_free(http_header);
 ast_free(out);
 ast_free(server_header_field);
 return;
 }

 if(!ast_strlen_zero(http_server_name)) {
 ast_str_set(&server_header_field,
 0,
 "Server: %s\r\n",
 http_server_name);
 }

 /*
 * We shouldn't be sending non-final status codes to this
 * function because we may close the connection before
 * returning.
 */
 ast_assert(200 <= status_code);

 if (session_keep_alive <= 0) {
 close_connection = 1;
 } else {
 struct http_worker_private_data *request;

 request = ser->private_data;
 if (!request
 || ast_test_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION)
 || ast_http_body_discard(ser)) {
 close_connection = 1;
 } else {
 close_connection = 0;
 }
 }

 ast_strftime(timebuf, sizeof(timebuf), "%a, %d %b %Y %H:%M:%S GMT", ast_localtime(&now, &tm, "GMT"));

 /* calc content length */
 if (out) {
 content_length += ast_str_strlen(out);
 }

 if (fd) {
 content_length += lseek(fd, 0, SEEK_END);
 lseek(fd, 0, SEEK_SET);
 }

 send_content = method != AST_HTTP_HEAD || status_code >= 400;

 /* send http header */
 if (ast_iostream_printf(ser->stream,
 "HTTP/1.1 %d %s\r\n"
 "%s"
 "Date: %s\r\n"
 "%s"
 "%s"
 "%s"
 "Content-Length: %d\r\n"
 "\r\n"
 "%s",
 status_code, status_title ? status_title : "OK",
 ast_str_buffer(server_header_field),
 timebuf,
 close_connection ? "Connection: close\r\n" : "",
 static_content ? "" : "Cache-Control: no-cache, no-store\r\n",
 http_header ? ast_str_buffer(http_header) : "",
 content_length,
 send_content && out && ast_str_strlen(out) ? ast_str_buffer(out) : ""
 ) <= 0) {
 ast_debug(1, "ast_iostream_printf() failed: %s\n", strerror(errno));
 close_connection = 1;
 } else if (send_content && fd) {
 /* send file content */
 while ((len = read(fd, buf, sizeof(buf))) > 0) {
 if (ast_iostream_write(ser->stream, buf, len) != len) {
 ast_debug(1, "ast_iostream_write() failed: %s\n", strerror(errno));
 close_connection = 1;
 break;
 }
 }
 }

 ast_free(http_header);
 ast_free(out);
 ast_free(server_header_field);

 if (close_connection) {
 ast_debug(1, "HTTP closing session. status_code:%d\n", status_code);
 ast_tcptls_close_session_file(ser);
 } else {
 ast_debug(1, "HTTP keeping session open. status_code:%d\n", status_code);
 }
}

ast_http_uri_link()

int ast_http_uri_link

(

struct ast_http_uri *

urih

)

Link the new uri into the list.

Register a URI handler.

They are sorted by length of the string, not alphabetically. Duplicate entries are not replaced, but the insertion order (using <= and not just <) makes sure that more recent insertions hide older ones. On a lookup, we just scan the list and stop at the first matching entry.

Definition at line 673 of file http.c.

References AST_RWLIST_EMPTY, AST_RWLIST_FIRST, AST_RWLIST_INSERT_AFTER, AST_RWLIST_INSERT_HEAD, AST_RWLIST_INSERT_TAIL, AST_RWLIST_NEXT, AST_RWLIST_TRAVERSE, AST_RWLIST_UNLOCK, AST_RWLIST_WRLOCK, len(), ast_http_uri::prefix, prefix, and ast_http_uri::uri.

Referenced by __ast_http_load(), __ast_http_post_load(), __init_manager(), load_module(), and reload_module().

{
 struct ast_http_uri *uri;
 int len = strlen(urih->uri);

 AST_RWLIST_WRLOCK(&uris);

 urih->prefix = prefix;

 if ( AST_RWLIST_EMPTY(&uris) || strlen(AST_RWLIST_FIRST(&uris)->uri) <= len ) {
 AST_RWLIST_INSERT_HEAD(&uris, urih, entry);
 AST_RWLIST_UNLOCK(&uris);
 return 0;
 }

 AST_RWLIST_TRAVERSE(&uris, uri, entry) {
 if (AST_RWLIST_NEXT(uri, entry) &&
 strlen(AST_RWLIST_NEXT(uri, entry)->uri) <= len) {
 AST_RWLIST_INSERT_AFTER(&uris, uri, urih, entry);
 AST_RWLIST_UNLOCK(&uris);

 return 0;
 }
 }

 AST_RWLIST_INSERT_TAIL(&uris, urih, entry);

 AST_RWLIST_UNLOCK(&uris);

 return 0;
}

ast_http_uri_unlink()

void ast_http_uri_unlink

(

struct ast_http_uri *

urih

)

Unregister a URI handler.

Definition at line 705 of file http.c.

References AST_RWLIST_REMOVE, AST_RWLIST_UNLOCK, and AST_RWLIST_WRLOCK.

Referenced by __ast_http_load(), __init_manager(), load_module(), reload_module(), and unload_module().

{
 AST_RWLIST_WRLOCK(&uris);
 AST_RWLIST_REMOVE(&uris, urih, entry);
 AST_RWLIST_UNLOCK(&uris);
}

ast_http_uri_unlink_all_with_key()

void ast_http_uri_unlink_all_with_key

(

const char *

key

)

Unregister all handlers with matching key.

Definition at line 712 of file http.c.

References ast_free, AST_RWLIST_REMOVE_CURRENT, AST_RWLIST_TRAVERSE_SAFE_BEGIN, AST_RWLIST_TRAVERSE_SAFE_END, AST_RWLIST_UNLOCK, AST_RWLIST_WRLOCK, ast_http_uri::data, ast_http_uri::dmallocd, ast_http_uri::key, and ast_http_uri::mallocd.

Referenced by __ast_http_post_load(), and unload_module().

{
 struct ast_http_uri *urih;
 AST_RWLIST_WRLOCK(&uris);
 AST_RWLIST_TRAVERSE_SAFE_BEGIN(&uris, urih, entry) {
 if (!strcmp(urih->key, key)) {
 AST_RWLIST_REMOVE_CURRENT(entry);
 if (urih->dmallocd) {
 ast_free(urih->data);
 }
 if (urih->mallocd) {
 ast_free(urih);
 }
 }
 }
 AST_RWLIST_TRAVERSE_SAFE_END;
 AST_RWLIST_UNLOCK(&uris);
}

AST_MODULE_SELF_SYM()

struct ast_module* AST_MODULE_SELF_SYM

(

void

)

Definition at line 2388 of file http.c.

auth_create()

static struct ast_http_auth* auth_create ( const char *  userid, const char *  password  )

static

Definition at line 1545 of file http.c.

References ao2_alloc, ast_log, LOG_ERROR, NULL, ast_http_auth::password, and ast_http_auth::userid.

Referenced by ast_http_get_auth().

{
 struct ast_http_auth *auth;
 size_t userid_len;
 size_t password_len;

 if (!userid || !password) {
 ast_log(LOG_ERROR, "Invalid userid/password\n");
 return NULL;
 }

 userid_len = strlen(userid) + 1;
 password_len = strlen(password) + 1;

 /* Allocate enough room to store everything in one memory block */
 auth = ao2_alloc(sizeof(*auth) + userid_len + password_len, NULL);
 if (!auth) {
 return NULL;
 }

 /* Put the userid right after the struct */
 auth->userid = (char *)(auth + 1);
 strcpy(auth->userid, userid);

 /* Put the password right after the userid */
 auth->password = auth->userid + userid_len;
 strcpy(auth->password, password);

 return auth;
}

chunked_atoh()

static int chunked_atoh ( const char *  s, int  len  )

static

Definition at line 987 of file http.c.

References c, and value.

Referenced by http_body_get_chunk_length().

{
 int value = 0;
 char c;

 if (*s < '0') {
 /* zero value must be 0\n not just \n */
 return -1;
 }

 while (len--) {
 c = *s++;
 if (c == '\x0D') {
 return value;
 }
 if (c == ';') {
 /* We have a chunk-extension that we don't care about. */
 while (len--) {
 if (*s++ == '\x0D') {
 return value;
 }
 }
 break;
 }
 value <<= 4;
 if (c >= '0' && c <= '9') {
 value += c - '0';
 continue;
 }
 if (c >= 'a' && c <= 'f') {
 value += 10 + c - 'a';
 continue;
 }
 if (c >= 'A' && c <= 'F') {
 value += 10 + c - 'A';
 continue;
 }
 /* invalid character */
 return -1;
 }
 /* end of string */
 return -1;
}

get_content_length()

static int get_content_length ( struct ast_variable *  headers )

static

Returns the value of the Content-Length header.

Parameters

headers

HTTP headers.

Return values

length	Value of the Content-Length header.
0	if header is not present.
-1	if header is invalid.

Definition at line 786 of file http.c.

References get_header().

Referenced by http_request_tracking_setup().

{
 const char *content_length = get_header(headers, "Content-Length");
 int length;

 if (!content_length) {
 /* Missing content length; assume zero */
 return 0;
 }

 length = 0;
 if (sscanf(content_length, "%30d", &length) != 1) {
 /* Invalid Content-Length value */
 length = -1;
 }
 return length;
}

get_content_type()

static char* get_content_type ( struct ast_variable *  headers )

static

Retrieves the content type specified in the "Content-Type" header.

This function only returns the "type/subtype" and any trailing parameter is not included.

Note

the return value is an allocated string that needs to be freed.

Return values

the	content type/subtype or NULL if the header is not found.

Definition at line 761 of file http.c.

References ast_strndup, get_header(), and NULL.

Referenced by ast_http_get_json(), and ast_http_get_post_vars().

{
 const char *content_type = get_header(headers, "Content-Type");
 const char *param;
 size_t size;

 if (!content_type) {
 return NULL;
 }

 param = strchr(content_type, ';');
 size = param ? param - content_type : strlen(content_type);

 return ast_strndup(content_type, size);
}

get_header()

static const char* get_header ( struct ast_variable *  headers, const char *  field_name  )

static

Retrieves the header with the given field name.

Parameters

headers	Headers to search.
field_name	Name of the header to find.

Returns

Associated header value.

NULL if header is not present.

Definition at line 739 of file http.c.

References ast_variable::name, ast_variable::next, NULL, and ast_variable::value.

Referenced by get_content_length(), get_content_type(), get_transfer_encoding(), and http_check_connection_close().

{
 struct ast_variable *v;

 for (v = headers; v; v = v->next) {
 if (!strcasecmp(v->name, field_name)) {
 return v->value;
 }
 }
 return NULL;
}

get_transfer_encoding()

static const char* get_transfer_encoding ( struct ast_variable *  headers )

static

Returns the value of the Transfer-Encoding header.

Parameters

headers

HTTP headers.

Return values

string	Value of the Transfer-Encoding header.
NULL	if header is not present.

Definition at line 811 of file http.c.

References get_header().

Referenced by http_request_tracking_setup(), and httpd_process_request().

{
 return get_header(headers, "Transfer-Encoding");
}

handle_show_http()

static char* handle_show_http ( struct ast_cli_entry *  e, int  cmd, struct ast_cli_args *  a  )

static

Definition at line 2279 of file http.c.

References ast_cli_args::argc, ast_cli(), AST_RWLIST_EMPTY, AST_RWLIST_RDLOCK, AST_RWLIST_TRAVERSE, AST_RWLIST_UNLOCK, ast_sockaddr_isnull(), ast_sockaddr_stringify(), CLI_GENERATE, CLI_INIT, CLI_SHOWUSAGE, CLI_SUCCESS, ast_cli_entry::command, ast_http_uri::description, http_uri_redirect::dest, ast_tls_config::enabled, ast_cli_args::fd, ast_http_uri::has_subtree, http_server_name, http_tls_cfg, NULL, ast_tcptls_session_args::old_address, prefix, http_uri_redirect::target, ast_http_uri::uri, and ast_cli_entry::usage.

{
 struct ast_http_uri *urih;
 struct http_uri_redirect *redirect;

 switch (cmd) {
 case CLI_INIT:
 e->command = "http show status";
 e->usage =
 "Usage: http show status\n"
 " Lists status of internal HTTP engine\n";
 return NULL;
 case CLI_GENERATE:
 return NULL;
 }

 if (a->argc != 3) {
 return CLI_SHOWUSAGE;
 }
 ast_cli(a->fd, "HTTP Server Status:\n");
 ast_cli(a->fd, "Prefix: %s\n", prefix);
 ast_cli(a->fd, "Server: %s\n", http_server_name);
 if (ast_sockaddr_isnull(&http_desc.old_address)) {
 ast_cli(a->fd, "Server Disabled\n\n");
 } else {
 ast_cli(a->fd, "Server Enabled and Bound to %s\n\n",
 ast_sockaddr_stringify(&http_desc.old_address));
 if (http_tls_cfg.enabled) {
 ast_cli(a->fd, "HTTPS Server Enabled and Bound to %s\n\n",
 ast_sockaddr_stringify(&https_desc.old_address));
 }
 }

 ast_cli(a->fd, "Enabled URI's:\n");
 AST_RWLIST_RDLOCK(&uris);
 if (AST_RWLIST_EMPTY(&uris)) {
 ast_cli(a->fd, "None.\n");
 } else {
 AST_RWLIST_TRAVERSE(&uris, urih, entry)
 ast_cli(a->fd, "%s/%s%s => %s\n", prefix, urih->uri, (urih->has_subtree ? "/..." : "" ), urih->description);
 }
 AST_RWLIST_UNLOCK(&uris);

 ast_cli(a->fd, "\nEnabled Redirects:\n");
 AST_RWLIST_RDLOCK(&uri_redirects);
 AST_RWLIST_TRAVERSE(&uri_redirects, redirect, entry)
 ast_cli(a->fd, " %s => %s\n", redirect->target, redirect->dest);
 if (AST_RWLIST_EMPTY(&uri_redirects)) {
 ast_cli(a->fd, " None.\n");
 }
 AST_RWLIST_UNLOCK(&uri_redirects);

 return CLI_SUCCESS;
}

handle_uri()

static int handle_uri ( struct ast_tcptls_session_instance *  ser, char *  uri, enum ast_http_method  method, struct ast_variable *  headers  )

static

Definition at line 1401 of file http.c.

References ast_debug, ast_http_error(), ast_http_request_close_on_completion(), ast_http_send(), AST_RWLIST_RDLOCK, AST_RWLIST_TRAVERSE, AST_RWLIST_UNLOCK, ast_str_create, ast_str_set(), ast_uri_decode(), ast_uri_http_legacy, ast_variable_new, ast_variables_destroy(), c, ast_http_uri::callback, cleanup(), http_uri_redirect::dest, ast_http_uri::has_subtree, ast_http_uri::no_decode_uri, NULL, prefix, strsep(), http_uri_redirect::target, ast_http_uri::uri, and var.

Referenced by httpd_process_request().

{
 char *c;
 int res = 0;
 char *params = uri;
 struct ast_http_uri *urih = NULL;
 int l;
 struct ast_variable *get_vars = NULL, *v, *prev = NULL;
 struct http_uri_redirect *redirect;

 ast_debug(2, "HTTP Request URI is %s \n", uri);

 strsep(&params, "?");
 /* Extract arguments from the request and store them in variables. */
 if (params) {
 char *var, *val;

 while ((val = strsep(&params, "&"))) {
 var = strsep(&val, "=");
 if (val) {
 ast_uri_decode(val, ast_uri_http_legacy);
 } else {
 val = "";
 }
 ast_uri_decode(var, ast_uri_http_legacy);
 if ((v = ast_variable_new(var, val, ""))) {
 if (get_vars) {
 prev->next = v;
 } else {
 get_vars = v;
 }
 prev = v;
 }
 }
 }

 AST_RWLIST_RDLOCK(&uri_redirects);
 AST_RWLIST_TRAVERSE(&uri_redirects, redirect, entry) {
 if (!strcasecmp(uri, redirect->target)) {
 struct ast_str *http_header = ast_str_create(128);

 if (!http_header) {
 ast_http_request_close_on_completion(ser);
 ast_http_error(ser, 500, "Server Error", "Out of memory");
 break;
 }
 ast_str_set(&http_header, 0, "Location: %s\r\n", redirect->dest);
 ast_http_send(ser, method, 302, "Moved Temporarily", http_header, NULL, 0, 0);
 break;
 }
 }
 AST_RWLIST_UNLOCK(&uri_redirects);
 if (redirect) {
 goto cleanup;
 }

 /* We want requests to start with the (optional) prefix and '/' */
 l = strlen(prefix);
 if (!strncasecmp(uri, prefix, l) && uri[l] == '/') {
 uri += l + 1;
 /* scan registered uris to see if we match one. */
 AST_RWLIST_RDLOCK(&uris);
 AST_RWLIST_TRAVERSE(&uris, urih, entry) {
 l = strlen(urih->uri);
 c = uri + l; /* candidate */
 ast_debug(2, "match request [%s] with handler [%s] len %d\n", uri, urih->uri, l);
 if (strncasecmp(urih->uri, uri, l) /* no match */
 || (*c && *c != '/')) { /* substring */
 continue;
 }
 if (*c == '/') {
 c++;
 }
 if (!*c || urih->has_subtree) {
 uri = c;
 break;
 }
 }
 AST_RWLIST_UNLOCK(&uris);
 }
 if (urih) {
 ast_debug(1, "Match made with [%s]\n", urih->uri);
 if (!urih->no_decode_uri) {
 ast_uri_decode(uri, ast_uri_http_legacy);
 }
 res = urih->callback(ser, urih, uri, method, get_vars, headers);
 } else {
 ast_debug(1, "Requested URI [%s] has no handler\n", uri);
 ast_http_error(ser, 404, "Not Found", "The requested URL was not found on this server.");
 }

cleanup:
 ast_variables_destroy(get_vars);
 return res;
}

http_body_check_chunk_sync()

static int http_body_check_chunk_sync ( struct ast_tcptls_session_instance *  ser )

static

Definition at line 1069 of file http.c.

References ast_iostream_read(), ast_log, LOG_WARNING, and ast_tcptls_session_instance::stream.

Referenced by ast_http_body_discard(), and ast_http_get_contents().

{
 int res;
 char chunk_sync[2];

 /* Stay in fread until get the expected CRLF or timeout. */
 res = ast_iostream_read(ser->stream, chunk_sync, sizeof(chunk_sync));
 if (res < sizeof(chunk_sync)) {
 ast_log(LOG_WARNING, "Short HTTP chunk sync read (Wanted %zu)\n",
 sizeof(chunk_sync));
 return -1;
 }
 if (chunk_sync[0] != 0x0D || chunk_sync[1] != 0x0A) {
 ast_log(LOG_WARNING, "HTTP chunk sync bytes wrong (0x%02hhX, 0x%02hhX)\n",
 (unsigned char) chunk_sync[0], (unsigned char) chunk_sync[1]);
 return -1;
 }

 return 0;
}

http_body_discard_chunk_trailer_headers()

static int http_body_discard_chunk_trailer_headers ( struct ast_tcptls_session_instance *  ser )

static

Definition at line 1100 of file http.c.

References ast_iostream_gets(), ast_log, ast_strlen_zero, ast_trim_blanks(), LOG_WARNING, MAX_HTTP_LINE_LENGTH, and ast_tcptls_session_instance::stream.

Referenced by ast_http_body_discard(), and ast_http_get_contents().

{
 char header_line[MAX_HTTP_LINE_LENGTH];

 for (;;) {
 if (ast_iostream_gets(ser->stream, header_line, sizeof(header_line)) <= 0) {
 ast_log(LOG_WARNING, "Short HTTP read of chunked trailer header\n");
 return -1;
 }

 /* Trim trailing whitespace */
 ast_trim_blanks(header_line);
 if (ast_strlen_zero(header_line)) {
 /* A blank line ends the chunked-body */
 break;
 }
 }
 return 0;
}

http_body_discard_contents()

static int http_body_discard_contents ( struct ast_tcptls_session_instance *  ser, int  length, const char *  what_getting  )

static

Definition at line 964 of file http.c.

References ast_iostream_discard(), ast_log, LOG_WARNING, and ast_tcptls_session_instance::stream.

Referenced by ast_http_body_discard().

{
 ssize_t res;

 res = ast_iostream_discard(ser->stream, length);
 if (res < length) {
 ast_log(LOG_WARNING, "Short HTTP request %s (Wanted %d but got %zd)\n",
 what_getting, length, res);
 return -1;
 }
 return 0;
}

http_body_get_chunk_length()

static int http_body_get_chunk_length ( struct ast_tcptls_session_instance *  ser )

static

Definition at line 1041 of file http.c.

References ast_iostream_gets(), ast_log, chunked_atoh(), LOG_WARNING, MAX_HTTP_LINE_LENGTH, and ast_tcptls_session_instance::stream.

Referenced by ast_http_body_discard(), and ast_http_get_contents().

{
 int length;
 char header_line[MAX_HTTP_LINE_LENGTH];

 /* get the line of hexadecimal giving chunk-size w/ optional chunk-extension */
 if (ast_iostream_gets(ser->stream, header_line, sizeof(header_line)) <= 0) {
 ast_log(LOG_WARNING, "Short HTTP read of chunked header\n");
 return -1;
 }
 length = chunked_atoh(header_line, strlen(header_line));
 if (length < 0) {
 ast_log(LOG_WARNING, "Invalid HTTP chunk size\n");
 return -1;
 }
 return length;
}

http_body_read_contents()

static int http_body_read_contents ( struct ast_tcptls_session_instance *  ser, char *  buf, int  length, const char *  what_getting  )

static

Definition at line 928 of file http.c.

References ast_iostream_read(), ast_log, LOG_WARNING, ast_tcptls_session_instance::stream, and total.

Referenced by ast_http_get_contents().

{
 int res;
 int total = 0;

 /* Stream is in exclusive mode so we get it all if possible. */
 while (total != length) {
 res = ast_iostream_read(ser->stream, buf + total, length - total);
 if (res <= 0) {
 break;
 }

 total += res;
 }

 if (total != length) {
 ast_log(LOG_WARNING, "Wrong HTTP content read. Request %s (Wanted %d, Read %d)\n",
 what_getting, length, res);
 return -1;
 }

 return 0;
}

http_check_connection_close()

static int http_check_connection_close ( struct ast_variable *  headers )

static

Definition at line 825 of file http.c.

References get_header().

Referenced by http_request_tracking_setup().

{
 const char *connection = get_header(headers, "Connection");
 int close_connection = 0;

 if (connection && !strcasecmp(connection, "close")) {
 close_connection = -1;
 }
 return close_connection;
}

http_request_headers_get()

static int http_request_headers_get ( struct ast_tcptls_session_instance *  ser, struct ast_variable **  headers  )

static

Definition at line 1757 of file http.c.

References ast_http_error(), ast_iostream_gets(), ast_skip_blanks(), ast_strlen_zero, ast_trim_blanks(), ast_variable_new, ast_variables_destroy(), len(), MAX_HTTP_LINE_LENGTH, MAX_HTTP_REQUEST_HEADERS, ast_tcptls_session_args::name, ast_variable::next, NULL, ast_tcptls_session_instance::stream, strsep(), and value.

Referenced by httpd_process_request().

{
 struct ast_variable *tail = *headers;
 int remaining_headers;
 char header_line[MAX_HTTP_LINE_LENGTH];

 remaining_headers = MAX_HTTP_REQUEST_HEADERS;
 for (;;) {
 ssize_t len;
 char *name;
 char *value;

 len = ast_iostream_gets(ser->stream, header_line, sizeof(header_line));
 if (len <= 0) {
 ast_http_error(ser, 400, "Bad Request", "Timeout");
 return -1;
 }
 if (header_line[len - 1] != '\n') {
 /* We didn't get a full line */
 ast_http_error(ser, 400, "Bad Request",
 (len == sizeof(header_line) - 1) ? "Header line too long" : "Timeout");
 return -1;
 }

 /* Trim trailing characters */
 ast_trim_blanks(header_line);
 if (ast_strlen_zero(header_line)) {
 /* A blank line ends the request header section. */
 break;
 }

 value = header_line;
 name = strsep(&value, ":");
 if (!value) {
 continue;
 }

 value = ast_skip_blanks(value);
 if (ast_strlen_zero(value) || ast_strlen_zero(name)) {
 continue;
 }

 ast_trim_blanks(name);

 if (!remaining_headers--) {
 /* Too many headers. */
 ast_http_error(ser, 413, "Request Entity Too Large", "Too many headers");
 return -1;
 }
 if (!*headers) {
 *headers = ast_variable_new(name, value, __FILE__);
 tail = *headers;
 } else {
 tail->next = ast_variable_new(name, value, __FILE__);
 tail = tail->next;
 }
 if (!tail) {
 /*
 * Variable allocation failure.
 * Try to make some room.
 */
 ast_variables_destroy(*headers);
 *headers = NULL;

 ast_http_error(ser, 500, "Server Error", "Out of memory");
 return -1;
 }
 }

 return 0;
}

http_request_tracking_init()

static void http_request_tracking_init ( struct http_worker_private_data *  request )

static

Definition at line 852 of file http.c.

References ast_set_flags_to, http_worker_private_data::flags, HTTP_FLAG_BODY_READ, HTTP_FLAG_CLOSE_ON_COMPLETION, and HTTP_FLAG_HAS_BODY.

Referenced by httpd_helper_thread(), and httpd_process_request().

{
 ast_set_flags_to(&request->flags,
 HTTP_FLAG_HAS_BODY | HTTP_FLAG_BODY_READ | HTTP_FLAG_CLOSE_ON_COMPLETION,
 /* Assume close in case request fails early */
 HTTP_FLAG_CLOSE_ON_COMPLETION);
}

http_request_tracking_setup()

static int http_request_tracking_setup ( struct ast_tcptls_session_instance *  ser, struct ast_variable *  headers  )

static

Definition at line 871 of file http.c.

References ast_http_error(), ast_set_flag, ast_set_flags_to, http_worker_private_data::body_length, http_worker_private_data::flags, get_content_length(), get_transfer_encoding(), http_check_connection_close(), HTTP_FLAG_BODY_READ, HTTP_FLAG_CLOSE_ON_COMPLETION, HTTP_FLAG_HAS_BODY, ast_tcptls_session_instance::private_data, and request().

Referenced by httpd_process_request().

{
 struct http_worker_private_data *request = ser->private_data;
 const char *transfer_encoding;

 ast_set_flags_to(&request->flags,
 HTTP_FLAG_HAS_BODY | HTTP_FLAG_BODY_READ | HTTP_FLAG_CLOSE_ON_COMPLETION,
 http_check_connection_close(headers) ? HTTP_FLAG_CLOSE_ON_COMPLETION : 0);

 transfer_encoding = get_transfer_encoding(headers);
 if (transfer_encoding && !strcasecmp(transfer_encoding, "chunked")) {
 request->body_length = -1;
 ast_set_flag(&request->flags, HTTP_FLAG_HAS_BODY);
 return 0;
 }

 request->body_length = get_content_length(headers);
 if (0 < request->body_length) {
 ast_set_flag(&request->flags, HTTP_FLAG_HAS_BODY);
 } else if (request->body_length < 0) {
 /* Invalid Content-Length */
 ast_set_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION);
 ast_http_error(ser, 400, "Bad Request", "Invalid Content-Length in request!");
 return -1;
 }
 return 0;
}

httpd_helper_thread()

static void * httpd_helper_thread ( void *  arg )

static

Definition at line 1937 of file http.c.

References AO2_ALLOC_OPT_LOCK_NOLOCK, ao2_alloc_options, ao2_cleanup, ao2_ref, ast_atomic_fetchadd_int(), ast_debug, ast_http_error(), ast_iostream_get_fd(), ast_iostream_nonblock(), ast_iostream_set_exclusive_input(), ast_iostream_set_timeout_idle_inactivity(), ast_log, ast_tcptls_close_session_file(), done, errno, http_request_tracking_init(), httpd_process_request(), LOG_WARNING, MIN_INITIAL_REQUEST_TIMEOUT, NULL, ast_tcptls_session_instance::private_data, session_count, session_inactivity, session_keep_alive, session_limit, ast_tcptls_session_instance::stream, and timeout.

{
 struct ast_tcptls_session_instance *ser = data;
 int timeout;
 int arg = 1;

 if (!ser) {
 ao2_cleanup(ser);
 return NULL;
 }

 if (ast_atomic_fetchadd_int(&session_count, +1) >= session_limit) {
 ast_log(LOG_WARNING, "HTTP session count exceeded %d sessions.\n",
 session_limit);
 goto done;
 }
 ast_debug(1, "HTTP opening session. Top level\n");

 /*
 * Here we set TCP_NODELAY on the socket to disable Nagle's algorithm.
 * This is necessary to prevent delays (caused by buffering) as we
 * write to the socket in bits and pieces.
 */
 if (setsockopt(ast_iostream_get_fd(ser->stream), IPPROTO_TCP, TCP_NODELAY, (char *) &arg, sizeof(arg)) < 0) {
 ast_log(LOG_WARNING, "Failed to set TCP_NODELAY on HTTP connection: %s\n", strerror(errno));
 }
 ast_iostream_nonblock(ser->stream);

 /* Setup HTTP worker private data to keep track of request body reading. */
 ao2_cleanup(ser->private_data);
 ser->private_data = ao2_alloc_options(sizeof(struct http_worker_private_data), NULL,
 AO2_ALLOC_OPT_LOCK_NOLOCK);
 if (!ser->private_data) {
 ast_http_error(ser, 500, "Server Error", "Out of memory");
 goto done;
 }
 http_request_tracking_init(ser->private_data);

 /* Determine initial HTTP request wait timeout. */
 timeout = session_keep_alive;
 if (timeout <= 0) {
 /* Persistent connections not enabled. */
 timeout = session_inactivity;
 }
 if (timeout < MIN_INITIAL_REQUEST_TIMEOUT) {
 timeout = MIN_INITIAL_REQUEST_TIMEOUT;
 }

 /* We can let the stream wait for data to arrive. */
 ast_iostream_set_exclusive_input(ser->stream, 1);

 for (;;) {
 /* Wait for next potential HTTP request message. */
 ast_iostream_set_timeout_idle_inactivity(ser->stream, timeout, session_inactivity);
 if (httpd_process_request(ser)) {
 /* Break the connection or the connection closed */
 break;
 }
 if (!ser->stream) {
 /* Web-socket or similar that took the connection */
 break;
 }

 timeout = session_keep_alive;
 if (timeout <= 0) {
 /* Persistent connections not enabled. */
 break;
 }
 }

done:
 ast_atomic_fetchadd_int(&session_count, -1);

 ast_debug(1, "HTTP closing session. Top level\n");
 ast_tcptls_close_session_file(ser);

 ao2_ref(ser, -1);
 return NULL;
}

httpd_process_request()

static int httpd_process_request ( struct ast_tcptls_session_instance *  ser )

static

Definition at line 1839 of file http.c.

References AST_HTTP_DELETE, ast_http_error(), AST_HTTP_GET, AST_HTTP_HEAD, AST_HTTP_OPTIONS, AST_HTTP_POST, AST_HTTP_PUT, AST_HTTP_UNKNOWN, ast_iostream_gets(), ast_shutdown_final(), ast_skip_blanks(), ast_skip_nonblanks(), ast_test_flag, ast_variables_destroy(), c, http_worker_private_data::flags, get_transfer_encoding(), handle_uri(), HTTP_FLAG_CLOSE_ON_COMPLETION, http_request_headers_get(), http_request_tracking_init(), http_request_tracking_setup(), len(), MAX_HTTP_LINE_LENGTH, method, NULL, ast_tcptls_session_instance::private_data, RAII_VAR, request(), and ast_tcptls_session_instance::stream.

Referenced by httpd_helper_thread().

{
 RAII_VAR(struct ast_variable *, headers, NULL, ast_variables_destroy);
 char *uri;
 char *method;
 const char *transfer_encoding;
 struct http_worker_private_data *request;
 enum ast_http_method http_method = AST_HTTP_UNKNOWN;
 int res;
 ssize_t len;
 char request_line[MAX_HTTP_LINE_LENGTH];

 len = ast_iostream_gets(ser->stream, request_line, sizeof(request_line));
 if (len <= 0) {
 return -1;
 }

 /* Re-initialize the request body tracking data. */
 request = ser->private_data;
 http_request_tracking_init(request);

 if (request_line[len - 1] != '\n') {
 /* We didn't get a full line */
 ast_http_error(ser, 400, "Bad Request",
 (len == sizeof(request_line) - 1) ? "Request line too long" : "Timeout");
 return -1;
 }

 /* Get method */
 method = ast_skip_blanks(request_line);
 uri = ast_skip_nonblanks(method);
 if (*uri) {
 *uri++ = '\0';
 }

 if (!strcasecmp(method,"GET")) {
 http_method = AST_HTTP_GET;
 } else if (!strcasecmp(method,"POST")) {
 http_method = AST_HTTP_POST;
 } else if (!strcasecmp(method,"HEAD")) {
 http_method = AST_HTTP_HEAD;
 } else if (!strcasecmp(method,"PUT")) {
 http_method = AST_HTTP_PUT;
 } else if (!strcasecmp(method,"DELETE")) {
 http_method = AST_HTTP_DELETE;
 } else if (!strcasecmp(method,"OPTIONS")) {
 http_method = AST_HTTP_OPTIONS;
 }

 uri = ast_skip_blanks(uri); /* Skip white space */
 if (*uri) { /* terminate at the first blank */
 char *c = ast_skip_nonblanks(uri);

 if (*c) {
 *c = '\0';
 }
 } else {
 ast_http_error(ser, 400, "Bad Request", "Invalid Request");
 return -1;
 }

 if (ast_shutdown_final()) {
 ast_http_error(ser, 503, "Service Unavailable", "Shutdown in progress");
 return -1;
 }

 /* process "Request Headers" lines */
 if (http_request_headers_get(ser, &headers)) {
 return -1;
 }

 transfer_encoding = get_transfer_encoding(headers);
 /* Transfer encoding defaults to identity */
 if (!transfer_encoding) {
 transfer_encoding = "identity";
 }

 /*
 * RFC 2616, section 3.6, we should respond with a 501 for any transfer-
 * codings we don't understand.
 */
 if (strcasecmp(transfer_encoding, "identity") != 0 &&
 strcasecmp(transfer_encoding, "chunked") != 0) {
 /* Transfer encodings not supported */
 ast_http_error(ser, 501, "Unimplemented", "Unsupported Transfer-Encoding.");
 return -1;
 }

 if (http_request_tracking_setup(ser, headers)
 || handle_uri(ser, uri, http_method, headers)
 || ast_test_flag(&request->flags, HTTP_FLAG_CLOSE_ON_COMPLETION)) {
 res = -1;
 } else {
 res = 0;
 }
 return res;
}

httpstatus_callback()

static int httpstatus_callback ( struct ast_tcptls_session_instance *  ser, const struct ast_http_uri *  urih, const char *  uri, enum ast_http_method  method, struct ast_variable *  get_vars, struct ast_variable *  headers  )

static

Definition at line 368 of file http.c.

References ast_http_error(), AST_HTTP_GET, ast_http_get_cookies(), AST_HTTP_HEAD, ast_http_request_close_on_completion(), ast_http_send(), ast_sockaddr_stringify_addr(), ast_sockaddr_stringify_port(), ast_str_append(), ast_str_create, ast_variables_destroy(), ast_tls_config::enabled, http_server_name, http_tls_cfg, ast_variable::name, ast_variable::next, NULL, ast_tcptls_session_args::old_address, out, prefix, and ast_variable::value.

{
 struct ast_str *out;
 struct ast_variable *v, *cookies = NULL;

 if (method != AST_HTTP_GET && method != AST_HTTP_HEAD) {
 ast_http_error(ser, 501, "Not Implemented", "Attempt to use unimplemented / unsupported method");
 return 0;
 }

 out = ast_str_create(512);
 if (!out) {
 ast_http_request_close_on_completion(ser);
 ast_http_error(ser, 500, "Server Error", "Out of memory");
 return 0;
 }

 ast_str_append(&out, 0,
 "<html><title>Asterisk HTTP Status</title>\r\n"
 "<body bgcolor=\"#ffffff\">\r\n"
 "<table bgcolor=\"#f1f1f1\" align=\"center\"><tr><td bgcolor=\"#e0e0ff\" colspan=\"2\" width=\"500\">\r\n"
 "<h2>&nbsp;&nbsp;Asterisk&trade; HTTP Status</h2></td></tr>\r\n");

 ast_str_append(&out, 0, "<tr><td><i>Server</i></td><td><b>%s</b></td></tr>\r\n", http_server_name);
 ast_str_append(&out, 0, "<tr><td><i>Prefix</i></td><td><b>%s</b></td></tr>\r\n", prefix);
 ast_str_append(&out, 0, "<tr><td><i>Bind Address</i></td><td><b>%s</b></td></tr>\r\n",
 ast_sockaddr_stringify_addr(&http_desc.old_address));
 ast_str_append(&out, 0, "<tr><td><i>Bind Port</i></td><td><b>%s</b></td></tr>\r\n",
 ast_sockaddr_stringify_port(&http_desc.old_address));
 if (http_tls_cfg.enabled) {
 ast_str_append(&out, 0, "<tr><td><i>SSL Bind Port</i></td><td><b>%s</b></td></tr>\r\n",
 ast_sockaddr_stringify_port(&https_desc.old_address));
 }
 ast_str_append(&out, 0, "<tr><td colspan=\"2\"><hr></td></tr>\r\n");
 for (v = get_vars; v; v = v->next) {
 ast_str_append(&out, 0, "<tr><td><i>Submitted GET Variable '%s'</i></td><td>%s</td></tr>\r\n", v->name, v->value);
 }
 ast_str_append(&out, 0, "<tr><td colspan=\"2\"><hr></td></tr>\r\n");

 cookies = ast_http_get_cookies(headers);
 for (v = cookies; v; v = v->next) {
 ast_str_append(&out, 0, "<tr><td><i>Cookie '%s'</i></td><td>%s</td></tr>\r\n", v->name, v->value);
 }
 ast_variables_destroy(cookies);

 ast_str_append(&out, 0, "</table><center><font size=\"-1\"><i>Asterisk and Digium are registered trademarks of Digium, Inc.</i></font></center></body></html>\r\n");
 ast_http_send(ser, method, 200, NULL, NULL, out, 0, 0);
 return 0;
}

load_module()

static int load_module ( void  )

static

Definition at line 2374 of file http.c.

References __ast_http_load(), ARRAY_LEN, ast_cli_register_multiple, AST_MODFLAG_GLOBAL_SYMBOLS, AST_MODFLAG_LOAD_ORDER, AST_MODPRI_CORE, AST_MODULE_INFO(), AST_MODULE_LOAD_FAILURE, AST_MODULE_LOAD_SUCCESS, AST_MODULE_SUPPORT_CORE, ASTERISK_GPL_KEY, reload(), reload_module(), and unload_module().

{
 ast_cli_register_multiple(cli_http, ARRAY_LEN(cli_http));

 return __ast_http_load(0) ? AST_MODULE_LOAD_FAILURE : AST_MODULE_LOAD_SUCCESS;
}

parse_cookies()

static struct ast_variable* parse_cookies ( const char *  cookies )

static

Definition at line 1498 of file http.c.

References ast_debug, ast_strdupa, ast_strip(), ast_strip_quoted(), ast_strlen_zero, ast_variable_new, ast_tcptls_session_args::name, NULL, parse(), strsep(), and var.

Referenced by ast_http_get_cookies().

{
 char *parse = ast_strdupa(cookies);
 char *cur;
 struct ast_variable *vars = NULL, *var;

 while ((cur = strsep(&parse, ";"))) {
 char *name, *val;

 name = val = cur;
 strsep(&val, "=");

 if (ast_strlen_zero(name) || ast_strlen_zero(val)) {
 continue;
 }

 name = ast_strip(name);
 val = ast_strip_quoted(val, "\"", "\"");

 if (ast_strlen_zero(name) || ast_strlen_zero(val)) {
 continue;
 }

 ast_debug(1, "HTTP Cookie, Name: '%s' Value: '%s'\n", name, val);

 var = ast_variable_new(name, val, __FILE__);
 var->next = vars;
 vars = var;
 }

 return vars;
}

reload_module()

static int reload_module ( void  )

static

Definition at line 2334 of file http.c.

References __ast_http_load().

Referenced by load_module().

{
 return __ast_http_load(1);
}

remove_excess_lws()

static void remove_excess_lws ( char *  s )

static

Definition at line 1659 of file http.c.

References ast_free, ast_malloc, ast_skip_blanks(), ast_skip_nonblanks(), and buf.

Referenced by ast_http_header_parse().

{
 char *p, *res = s;
 char *buf = ast_malloc(strlen(s) + 1);
 char *buf_end;

 if (!buf) {
 return;
 }

 buf_end = buf;

 while (*s && *(s = ast_skip_blanks(s))) {
 p = s;
 s = ast_skip_nonblanks(s);

 if (buf_end != buf) {
 *buf_end++ = ' ';
 }

 memcpy(buf_end, p, s - p);
 buf_end += s - p;
 }
 *buf_end = '\0';
 /* safe since buf will always be less than or equal to res */
 strcpy(res, buf);
 ast_free(buf);
}

static_callback()

static int static_callback ( struct ast_tcptls_session_instance *  ser, const struct ast_http_uri *  urih, const char *  uri, enum ast_http_method  method, struct ast_variable *  get_vars, struct ast_variable *  headers  )

static

Definition at line 240 of file http.c.

References ast_alloca, ast_config_AST_DATA_DIR, ast_http_error(), ast_http_ftype2mtype(), AST_HTTP_GET, AST_HTTP_HEAD, ast_http_manid_from_vars(), ast_http_request_close_on_completion(), ast_http_send(), ast_localtime(), ast_str_create, ast_str_set(), ast_strftime(), ast_strlen_zero, astman_is_authed(), len(), mtype, ast_variable::name, ast_variable::next, NULL, S_OR, and ast_variable::value.

{
 char *path;
 const char *ftype;
 const char *mtype;
 char wkspace[80];
 struct stat st;
 int len;
 int fd;
 struct ast_str *http_header;
 struct timeval tv;
 struct ast_tm tm;
 char timebuf[80], etag[23];
 struct ast_variable *v;
 int not_modified = 0;

 if (method != AST_HTTP_GET && method != AST_HTTP_HEAD) {
 ast_http_error(ser, 501, "Not Implemented", "Attempt to use unimplemented / unsupported method");
 return 0;
 }

 /* Yuck. I'm not really sold on this, but if you don't deliver static content it
 * makes your configuration substantially more challenging, but this seems like a
 * rather irritating feature creep on Asterisk.
 *
 * XXX: It is not clear to me what this comment means or if it is any longer
 * relevant. */
 if (ast_strlen_zero(uri)) {
 goto out403;
 }

 /* Disallow any funny filenames at all (checking first character only??) */
 if ((uri[0] < 33) || strchr("./|~@#$%^&*() \t", uri[0])) {
 goto out403;
 }

 if (strstr(uri, "/..")) {
 goto out403;
 }

 if ((ftype = strrchr(uri, '.'))) {
 ftype++;
 }

 if (!(mtype = ast_http_ftype2mtype(ftype))) {
 snprintf(wkspace, sizeof(wkspace), "text/%s", S_OR(ftype, "plain"));
 mtype = wkspace;
 }

 /* Cap maximum length */
 if ((len = strlen(uri) + strlen(ast_config_AST_DATA_DIR) + strlen("/static-http/") + 5) > 1024) {
 goto out403;
 }

 path = ast_alloca(len);
 sprintf(path, "%s/static-http/%s", ast_config_AST_DATA_DIR, uri);
 if (stat(path, &st)) {
 goto out404;
 }

 if (S_ISDIR(st.st_mode)) {
 goto out404;
 }

 if (strstr(path, "/private/") && !astman_is_authed(ast_http_manid_from_vars(headers))) {
 goto out403;
 }

 fd = open(path, O_RDONLY);
 if (fd < 0) {
 goto out403;
 }

 /* make "Etag:" http header value */
 snprintf(etag, sizeof(etag), "\"%ld\"", (long)st.st_mtime);

 /* make "Last-Modified:" http header value */
 tv.tv_sec = st.st_mtime;
 tv.tv_usec = 0;
 ast_strftime(timebuf, sizeof(timebuf), "%a, %d %b %Y %H:%M:%S GMT", ast_localtime(&tv, &tm, "GMT"));

 /* check received "If-None-Match" request header and Etag value for file */
 for (v = headers; v; v = v->next) {
 if (!strcasecmp(v->name, "If-None-Match")) {
 if (!strcasecmp(v->value, etag)) {
 not_modified = 1;
 }
 break;
 }
 }

 http_header = ast_str_create(255);
 if (!http_header) {
 ast_http_request_close_on_completion(ser);
 ast_http_error(ser, 500, "Server Error", "Out of memory");
 close(fd);
 return 0;
 }

 ast_str_set(&http_header, 0, "Content-type: %s\r\n"
 "ETag: %s\r\n"
 "Last-Modified: %s\r\n",
 mtype,
 etag,
 timebuf);

 /* ast_http_send() frees http_header, so we don't need to do it before returning */
 if (not_modified) {
 ast_http_send(ser, method, 304, "Not Modified", http_header, NULL, 0, 1);
 } else {
 ast_http_send(ser, method, 200, NULL, http_header, NULL, fd, 1); /* static content flag is set */
 }
 close(fd);
 return 0;

out404:
 ast_http_error(ser, 404, "Not Found", "The requested URL was not found on this server.");
 return 0;

out403:
 ast_http_request_close_on_completion(ser);
 ast_http_error(ser, 403, "Access Denied", "You do not have permission to access the requested URL.");
 return 0;
}

unload_module()

static int unload_module ( void  )

static

Definition at line 2343 of file http.c.

References ARRAY_LEN, ast_cli_unregister_multiple(), ast_free, ast_http_uri_unlink(), AST_RWLIST_REMOVE_HEAD, AST_RWLIST_UNLOCK, AST_RWLIST_WRLOCK, ast_tcptls_server_stop(), ast_tls_config::capath, ast_tls_config::certfile, ast_tls_config::cipher, ast_tls_config::enabled, http_tls_cfg, ast_tls_config::pvtfile, static_uri_enabled, and status_uri_enabled.

Referenced by load_module().

{
 struct http_uri_redirect *redirect;
 ast_cli_unregister_multiple(cli_http, ARRAY_LEN(cli_http));

 ast_tcptls_server_stop(&http_desc);
 if (http_tls_cfg.enabled) {
 ast_tcptls_server_stop(&https_desc);
 }
 ast_free(http_tls_cfg.certfile);
 ast_free(http_tls_cfg.capath);
 ast_free(http_tls_cfg.pvtfile);
 ast_free(http_tls_cfg.cipher);

 if (status_uri_enabled) {
 ast_http_uri_unlink(&status_uri);
 }

 if (static_uri_enabled) {
 ast_http_uri_unlink(&static_uri);
 }

 AST_RWLIST_WRLOCK(&uri_redirects);
 while ((redirect = AST_RWLIST_REMOVE_HEAD(&uri_redirects, entry))) {
 ast_free(redirect);
 }
 AST_RWLIST_UNLOCK(&uri_redirects);

 return 0;
}

Variable Documentation

__mod_info

struct ast_module_info __mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_GLOBAL_SYMBOLS | AST_MODFLAG_LOAD_ORDER , .description = "Built-in HTTP Server" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = "30ef0c93b36035ec78c9cfd712d36d9b" , .support_level = AST_MODULE_SUPPORT_CORE, .load = load_module, .unload = unload_module, .reload = reload_module, .load_pri = AST_MODPRI_CORE, .requires = "extconfig", }

static

Definition at line 2388 of file http.c.

ast_http_methods_text

const struct ast_cfhttp_methods_text ast_http_methods_text[]

static

Referenced by ast_get_http_method().

ast_module_info

const struct ast_module_info* ast_module_info = &__mod_info

static

Definition at line 2388 of file http.c.

cli_http

struct ast_cli_entry cli_http[]

static

Initial value:

= {
 { .handler = handle_show_http , .summary = "Display HTTP server status" ,},
}

Definition at line 2339 of file http.c.

ext

const char* ext

Definition at line 147 of file http.c.

Referenced by ast_ext_ctx(), ast_http_ftype2mtype(), ast_media_cache_create_or_update(), ast_media_cache_retrieve(), ast_rtp_interpret(), bucket_file_update_path(), cli_console_dial(), common_exec(), dahdi_call(), do_directory(), filehelper(), filename_parse(), handle_cli_dialplan_save(), hintdevice_hash_cb(), is_recording(), json_array_from_list(), misdn_call(), misdn_request(), ooh323_request(), pbx_load_config(), pbx_load_users(), pvalGotoSetTarget(), read_dirs_cb(), record_exec(), register_exten(), register_peer_exten(), rtp_add_candidates_to_ice(), rtp_raw_write(), set_rec_filename(), sip_request_call(), and unregister_exten().

http_desc

struct ast_tcptls_session_args http_desc

static

we have up to two accepting threads, one for http, one for https

Definition at line 118 of file http.c.

http_server_name

char http_server_name[MAX_SERVER_NAME_LENGTH]

static

Definition at line 104 of file http.c.

Referenced by __ast_http_load(), ast_http_create_response(), ast_http_send(), handle_show_http(), and httpstatus_callback().

http_tls_cfg

struct ast_tls_config http_tls_cfg

static

Definition at line 111 of file http.c.

Referenced by __ast_http_load(), handle_show_http(), httpstatus_callback(), and unload_module().

https_desc

struct ast_tcptls_session_args https_desc

static

Definition at line 128 of file http.c.

mimetypes

struct { ... } mimetypes[]

Limit the kinds of files we're willing to serve up.

Referenced by ast_http_ftype2mtype().

mtype

const char* mtype

Definition at line 148 of file http.c.

Referenced by static_callback().

prefix

char prefix[MAX_PREFIX]

static

Examples:

/usr/src/asterisk-18.5.0/include/asterisk/strings.h.

Definition at line 141 of file http.c.

Referenced by __ast_http_load(), _if_exec(), _while_exec(), aoc_d_event(), aoc_e_event(), aoc_s_event(), aor_deleted_observer(), ast_begins_with(), ast_db_deltree(), ast_db_gettree(), ast_db_gettree_by_prefix(), ast_http_prefix(), ast_http_uri_link(), ast_remotecontrol(), ast_sip_location_retrieve_aor_contacts_nolock_filtered(), console_print(), exec_clearhash(), handle_auth(), handle_cli_database_show(), handle_show_http(), handle_uri(), hashkeys_read(), hashkeys_read2(), httpstatus_callback(), process_config(), shared_read(), shared_write(), sip_options_apply_aor_configuration(), sip_show_settings(), sorcery_astdb_create(), sorcery_astdb_delete(), sorcery_astdb_retrieve_fields_common(), sorcery_astdb_retrieve_id(), sorcery_astdb_retrieve_regex(), sorcery_astdb_update(), sorcery_config_retrieve_prefix(), sorcery_memory_cache_retrieve_prefix(), test_xml_entry(), update_scoreboard(), and while_continue_exec().

session_count

int session_count = 0

static

Definition at line 109 of file http.c.

Referenced by cli_fax_show_sessions(), httpd_helper_thread(), is_media_state_valid(), and manager_fax_sessions().

session_inactivity

int session_inactivity = DEFAULT_SESSION_INACTIVITY

static

Definition at line 107 of file http.c.

Referenced by __ast_http_load(), and httpd_helper_thread().

session_keep_alive

int session_keep_alive = DEFAULT_SESSION_KEEP_ALIVE

static

Definition at line 108 of file http.c.

Referenced by __ast_http_load(), ast_http_send(), and httpd_helper_thread().

session_limit

int session_limit = DEFAULT_SESSION_LIMIT

static

Definition at line 106 of file http.c.

Referenced by __ast_http_load(), and httpd_helper_thread().

static_uri

struct ast_http_uri static_uri

static

Definition at line 430 of file http.c.

static_uri_enabled

int static_uri_enabled

static

Definition at line 142 of file http.c.

Referenced by __ast_http_load(), and unload_module().

status_uri

struct ast_http_uri status_uri

static

Definition at line 421 of file http.c.

status_uri_enabled

int status_uri_enabled

static

Definition at line 143 of file http.c.

Referenced by __ast_http_load(), and unload_module().

uri_redirects

struct uri_redirects uri_redirects = { .first = NULL, .last = NULL, .lock = { PTHREAD_RWLOCK_INITIALIZER , NULL, {1, 0} } , }

static

uris

struct uris uris = { .first = NULL, .last = NULL, .lock = { PTHREAD_RWLOCK_INITIALIZER , NULL, {1, 0} } , }

static

list of supported handlers