diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2019-10-30 23:39:35 +0100 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-02-10 16:49:37 +0100 |
| commit | 29f178bddfdbd11218fbcba0b8060297696968e3 (patch) | |
| tree | a44efcd919c122d9c6ff38c61b14676b002aa010 /apps/include/apps.h | |
| parent | add BIO_socket_wait(), BIO_wait(), and BIO_connect_retry() improving timeout ... (diff) | |
| download | openssl-29f178bddfdbd11218fbcba0b8060297696968e3.tar.xz openssl-29f178bddfdbd11218fbcba0b8060297696968e3.zip | |
Generalize the HTTP client so far implemented mostly in crypto/ocsp/ocsp_ht.c
The new client has become an independent libcrpyto module in crypto/http/ and
* can handle any types of requests and responses (ASN.1-encoded and plain)
* does not include potentially busy loops when waiting for responses but
* makes use of a new timeout mechanism integrated with socket-based BIO
* supports the use of HTTP proxies and TLS, including HTTPS over proxies
* supports HTTP redirection via codes 301 and 302 for GET requests
* returns more useful diagnostics in various error situations
Also adapts - and strongly simplifies - hitherto uses of HTTP in crypto/ocsp/,
crypto/x509/x_all.c, apps/lib/apps.c, and apps/{ocsp,s_client,s_server}.c
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/10667)
Diffstat (limited to 'apps/include/apps.h')
| -rw-r--r-- | apps/include/apps.h | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/apps/include/apps.h b/apps/include/apps.h index c33a98772b..78be647619 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -28,12 +28,14 @@ # include <openssl/txt_db.h> # include <openssl/engine.h> # include <openssl/ocsp.h> +# include <openssl/http.h> # include <signal.h> # include "apps_ui.h" # include "opt.h" # include "fmt.h" # include "platform.h" +/* also in include/internal/sockets.h */ # if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINCE) # define openssl_fdset(a,b) FD_SET((unsigned int)a, b) # else @@ -215,6 +217,30 @@ void print_cert_checks(BIO *bio, X509 *x, void store_setup_crl_download(X509_STORE *st); +typedef struct app_http_tls_info_st { + const char *server; + const char *port; + int use_proxy; + long timeout; + SSL_CTX *ssl_ctx; +} APP_HTTP_TLS_INFO; +BIO *app_http_tls_cb(BIO *hbio, /* APP_HTTP_TLS_INFO */ void *arg, + int connect, int detail); +# ifndef OPENSSL_NO_SOCK +ASN1_VALUE *app_http_get_asn1(const char *url, const char *proxy, + const char *proxy_port, SSL_CTX *ssl_ctx, + const STACK_OF(CONF_VALUE) *headers, + long timeout, const char *expected_content_type, + const ASN1_ITEM *it); +ASN1_VALUE *app_http_post_asn1(const char *host, const char *port, + const char *path, const char *proxy, + const char *proxy_port, SSL_CTX *ctx, + const STACK_OF(CONF_VALUE) *headers, + const char *content_type, + ASN1_VALUE *req, const ASN1_ITEM *req_it, + long timeout, const ASN1_ITEM *rsp_it); +# endif + # define EXT_COPY_NONE 0 # define EXT_COPY_ADD 1 # define EXT_COPY_ALL 2 |