2 * Copyright (C) 2016 Robin Gareus <robin@gareus.org>
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26 #include "pbd/compose.h"
28 #include "pbd/error.h"
30 #include "ardour_http.h"
33 #include "gtk2ardour-version.h"
36 #ifndef ARDOUR_CURL_TIMEOUT
37 #define ARDOUR_CURL_TIMEOUT (60)
40 using namespace ArdourCurl;
42 const char* HttpGet::ca_path = NULL;
43 const char* HttpGet::ca_info = NULL;
46 HttpGet::setup_certificate_paths ()
48 /* this is only needed for Linux Bundles.
49 * (on OSX, Windows, we use system-wide ssl (darwinssl, winssl)
50 * Gnu/Linux distro will link against system-wide libcurl.
52 * but for linux-bundles we get to enjoy:
53 * https://www.happyassassin.net/2015/01/12/a-note-about-ssltls-trusted-certificate-stores-and-platforms/
55 * (we do ship curl + nss + nss-pem)
57 * Short of this mess: we could simply bundle a .crt of
58 * COMODO (ardour) and ghandi (freesound) and be done with it.
60 assert (!ca_path && !ca_info); // call once
62 curl_global_init (CURL_GLOBAL_DEFAULT);
64 if (Glib::file_test ("/etc/pki/tls/certs/ca-bundle.crt", Glib::FILE_TEST_EXISTS|Glib::FILE_TEST_IS_REGULAR)) {
65 // Fedora / RHEL, Arch
66 ca_info = "/etc/pki/tls/certs/ca-bundle.crt";
68 else if (Glib::file_test ("/etc/ssl/certs/ca-certificates.crt", Glib::FILE_TEST_EXISTS|Glib::FILE_TEST_IS_REGULAR)) {
69 // Debian and derivatives
70 ca_info = "/etc/ssl/certs/ca-certificates.crt";
72 else if (Glib::file_test ("/etc/pki/tls/cert.pem", Glib::FILE_TEST_EXISTS|Glib::FILE_TEST_IS_REGULAR)) {
73 // GNU/TLS can keep extra stuff here
74 ca_info = "/etc/pki/tls/cert.pem";
76 // else NULL: use default (currently) "/etc/ssl/certs/ca-certificates.crt" if it exists
78 if (Glib::file_test ("/etc/pki/tls/certs/ca-bundle.crt", Glib::FILE_TEST_EXISTS|Glib::FILE_TEST_IS_DIR)) {
79 // we're on RHEL // https://bugzilla.redhat.com/show_bug.cgi?id=1053882
80 ca_path = "/nonexistent_path"; // don't try "/etc/ssl/certs" in case it's curl's default
82 else if (Glib::file_test ("/etc/ssl/certs", Glib::FILE_TEST_EXISTS|Glib::FILE_TEST_IS_DIR)) {
83 // Debian and derivs + OpenSuSe
84 ca_path = "/etc/ssl/certs";
86 ca_path = "/nonexistent_path"; // don't try -- just in case:
89 /* If we don't set anything defaults are used. at the time of writing we compile bundled curl on debian
90 * and it'll default to /etc/ssl/certs and /etc/ssl/certs/ca-certificates.crt
95 WriteMemoryCallback (void *ptr, size_t size, size_t nmemb, void *data) {
96 size_t realsize = size * nmemb;
97 struct HttpGet::MemStruct *mem = (struct HttpGet::MemStruct*)data;
99 mem->data = (char *)realloc (mem->data, mem->size + realsize + 1);
101 memcpy (&(mem->data[mem->size]), ptr, realsize);
102 mem->size += realsize;
103 mem->data[mem->size] = 0;
108 static size_t headerCallback (char* ptr, size_t size, size_t nmemb, void* data)
110 size_t realsize = size * nmemb;
111 struct HttpGet::HeaderInfo *nfo = (struct HttpGet::HeaderInfo*)data;
112 std::string header (static_cast<const char*>(ptr), realsize);
113 std::string::size_type index = header.find (':', 0);
114 if (index != std::string::npos) {
115 std::string k = header.substr (0, index);
116 std::string v = header.substr (index + 2);
117 k.erase(k.find_last_not_of (" \n\r\t")+1);
118 v.erase(v.find_last_not_of (" \n\r\t")+1);
125 HttpGet::HttpGet (bool p, bool ssl)
130 error_buffer[0] = '\0';
131 _curl = curl_easy_init ();
133 curl_easy_setopt (_curl, CURLOPT_WRITEDATA, (void *)&mem);
134 curl_easy_setopt (_curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
135 curl_easy_setopt (_curl, CURLOPT_HEADERDATA, (void *)&nfo);
136 curl_easy_setopt (_curl, CURLOPT_HEADERFUNCTION, headerCallback);
137 curl_easy_setopt (_curl, CURLOPT_USERAGENT, PROGRAM_NAME VERSIONSTRING);
138 curl_easy_setopt (_curl, CURLOPT_TIMEOUT, ARDOUR_CURL_TIMEOUT);
139 curl_easy_setopt (_curl, CURLOPT_NOSIGNAL, 1);
140 curl_easy_setopt (_curl, CURLOPT_ERRORBUFFER, error_buffer);
142 // by default use curl's default.
143 if (ssl && ca_info) {
144 curl_easy_setopt (_curl, CURLOPT_CAINFO, ca_info);
146 if (ssl && ca_path) {
147 curl_easy_setopt (_curl, CURLOPT_CAPATH, ca_path);
153 curl_easy_cleanup (_curl);
160 HttpGet::get (const char* url)
162 _status = _result = -1;
163 if (!_curl || !url) {
167 if (strncmp ("http://", url, 7) && strncmp ("https://", url, 8)) {
173 } // otherwise caller is expected to have free()d or re-used it.
178 curl_easy_setopt (_curl, CURLOPT_URL, url);
179 _result = curl_easy_perform (_curl);
180 curl_easy_getinfo (_curl, CURLINFO_RESPONSE_CODE, &_status);
183 PBD::error << string_compose (_("HTTP request failed: (%1) %2"), _result, error_buffer);
186 if (_status != 200) {
187 PBD::error << string_compose (_("HTTP request status: %1"), _status);
195 HttpGet::error () const {
197 return string_compose (_("HTTP request failed: (%1) %2"), _result, error_buffer);
199 if (_status != 200) {
200 return string_compose (_("HTTP request status: %1"), _status);
206 ArdourCurl::http_get (const char* url, int* status) {
208 char* rv = h.get (url);
210 *status = h.status ();
216 ArdourCurl::http_get (const std::string& url) {
217 return HttpGet (false).get (url);