2 * Copyright (C) 2016 Robin Gareus <robin@gareus.org>
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26 #include "pbd/compose.h"
28 #include "pbd/error.h"
30 #include "ardour_http.h"
33 #include "gtk2ardour-version.h"
36 #ifndef ARDOUR_CURL_TIMEOUT
37 #define ARDOUR_CURL_TIMEOUT (60)
40 using namespace ArdourCurl;
42 const char* HttpGet::ca_path = NULL;
43 const char* HttpGet::ca_info = NULL;
46 HttpGet::setup_certificate_paths ()
48 /* this is only needed for Linux Bundles.
49 * (on OSX, Windows, we use system-wide ssl (darwinssl, winssl)
50 * Gnu/Linux distro will link against system-wide libcurl.
52 * but for linux-bundles we get to enjoy:
53 * https://www.happyassassin.net/2015/01/12/a-note-about-ssltls-trusted-certificate-stores-and-platforms/
55 * (we do ship curl + nss + nss-pem)
57 * Short of this mess: we could simply bundle a .crt of
58 * COMODO (ardour) and ghandi (freesound) and be done with it.
60 assert (!ca_path && !ca_info); // call once
62 if (Glib::file_test ("/etc/pki/tls/certs/ca-bundle.crt", Glib::FILE_TEST_EXISTS|Glib::FILE_TEST_IS_REGULAR)) {
63 // Fedora / RHEL, Arch
64 ca_info = "/etc/pki/tls/certs/ca-bundle.crt";
66 else if (Glib::file_test ("/etc/ssl/certs/ca-certificates.crt", Glib::FILE_TEST_EXISTS|Glib::FILE_TEST_IS_REGULAR)) {
67 // Debian and derivatives
68 ca_info = "/etc/ssl/certs/ca-certificates.crt";
70 else if (Glib::file_test ("/etc/pki/tls/cert.pem", Glib::FILE_TEST_EXISTS|Glib::FILE_TEST_IS_REGULAR)) {
71 // GNU/TLS can keep extra stuff here
72 ca_info = "/etc/pki/tls/cert.pem";
74 // else NULL: use default (currently) "/etc/ssl/certs/ca-certificates.crt" if it exists
76 if (Glib::file_test ("/etc/pki/tls/certs/ca-bundle.crt", Glib::FILE_TEST_EXISTS|Glib::FILE_TEST_IS_DIR)) {
77 // we're on RHEL // https://bugzilla.redhat.com/show_bug.cgi?id=1053882
78 ca_path = "/nonexistent_path"; // don't try "/etc/ssl/certs" in case it's curl's default
80 else if (Glib::file_test ("/etc/ssl/certs", Glib::FILE_TEST_EXISTS|Glib::FILE_TEST_IS_DIR)) {
81 // Debian and derivs + OpenSuSe
82 ca_path = "/etc/ssl/certs";
84 ca_path = "/nonexistent_path"; // don't try -- just in case:
87 /* If we don't set anything defaults are used. at the time of writing we compile bundled curl on debian
88 * and it'll default to /etc/ssl/certs and /etc/ssl/certs/ca-certificates.crt
93 WriteMemoryCallback (void *ptr, size_t size, size_t nmemb, void *data) {
94 size_t realsize = size * nmemb;
95 struct HttpGet::MemStruct *mem = (struct HttpGet::MemStruct*)data;
97 mem->data = (char *)realloc (mem->data, mem->size + realsize + 1);
99 memcpy (&(mem->data[mem->size]), ptr, realsize);
100 mem->size += realsize;
101 mem->data[mem->size] = 0;
106 static size_t headerCallback (char* ptr, size_t size, size_t nmemb, void* data)
108 size_t realsize = size * nmemb;
109 struct HttpGet::HeaderInfo *nfo = (struct HttpGet::HeaderInfo*)data;
110 std::string header (static_cast<const char*>(ptr), realsize);
111 std::string::size_type index = header.find (':', 0);
112 if (index != std::string::npos) {
113 std::string k = header.substr (0, index);
114 std::string v = header.substr (index + 2);
115 k.erase(k.find_last_not_of (" \n\r\t")+1);
116 v.erase(v.find_last_not_of (" \n\r\t")+1);
123 HttpGet::HttpGet (bool p, bool ssl)
128 memset (error_buffer, 0, sizeof (*error_buffer));
129 _curl = curl_easy_init ();
131 curl_easy_setopt (_curl, CURLOPT_WRITEDATA, (void *)&mem);
132 curl_easy_setopt (_curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
133 curl_easy_setopt (_curl, CURLOPT_HEADERDATA, (void *)&nfo);
134 curl_easy_setopt (_curl, CURLOPT_HEADERFUNCTION, headerCallback);
135 curl_easy_setopt (_curl, CURLOPT_USERAGENT, PROGRAM_NAME VERSIONSTRING);
136 curl_easy_setopt (_curl, CURLOPT_TIMEOUT, ARDOUR_CURL_TIMEOUT);
137 curl_easy_setopt (_curl, CURLOPT_NOSIGNAL, 1);
138 curl_easy_setopt (_curl, CURLOPT_ERRORBUFFER, error_buffer);
140 // by default use curl's default.
141 if (ssl && ca_info) {
142 curl_easy_setopt (_curl, CURLOPT_CAINFO, ca_info);
144 if (ssl && ca_path) {
145 curl_easy_setopt (_curl, CURLOPT_CAPATH, ca_path);
151 curl_easy_cleanup (_curl);
158 HttpGet::get (const char* url)
160 _status = _result = -1;
161 if (!_curl || !url) {
165 if (strncmp ("http://", url, 7) && strncmp ("https://", url, 8)) {
171 } // otherwise caller is expected to have free()d or re-used it.
173 memset (error_buffer, 0, sizeof (*error_buffer));
177 curl_easy_setopt (_curl, CURLOPT_URL, url);
178 _result = curl_easy_perform (_curl);
179 curl_easy_getinfo (_curl, CURLINFO_RESPONSE_CODE, &_status);
182 PBD::error << string_compose (_("HTTP request failed: (%1) %2"), _result, error_buffer) << endmsg;
185 if (_status != 200) {
186 PBD::error << string_compose (_("HTTP request status: %1"), _status) << endmsg;
194 HttpGet::error () const {
196 return string_compose (_("HTTP request failed: (%1) %2"), _result, error_buffer);
198 if (_status != 200) {
199 return string_compose (_("HTTP request status: %1"), _status);
205 ArdourCurl::http_get (const char* url, int* status) {
207 char* rv = h.get (url);
209 *status = h.status ();
215 ArdourCurl::http_get (const std::string& url) {
216 return HttpGet (false).get (url);