/* ** Copyright (c) 2009 D. Richard Hipp ** ** This program is free software; you can redistribute it and/or ** modify it under the terms of the Simplified BSD License (also ** known as the "2-Clause License" or "FreeBSD License".) ** This program is distributed in the hope that it will be useful, ** but without any warranty; without even the implied warranty of ** merchantability or fitness for a particular purpose. ** ** Author contact information: ** drh@hwaci.com ** http://www.hwaci.com/drh/ ** ******************************************************************************* ** ** This module implements the transport layer for the client side HTTP ** connection. The purpose of this layer is to provide a common interface ** for both HTTP and HTTPS and to provide a common "fetch one line" ** interface that is used for parsing the reply. */ #include "config.h" #include "http_transport.h" /* ** State information */ static struct { int isOpen; /* True when the transport layer is open */ char *pBuf; /* Buffer used to hold the reply */ int nAlloc; /* Space allocated for transportBuf[] */ int nUsed ; /* Space of transportBuf[] used */ int iCursor; /* Next unread by in transportBuf[] */ i64 nSent; /* Number of bytes sent */ i64 nRcvd; /* Number of bytes received */ FILE *pFile; /* File I/O for FILE: */ char *zOutFile; /* Name of outbound file for FILE: */ char *zInFile; /* Name of inbound file for FILE: */ FILE *pLog; /* Log output here */ } transport = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; /* ** Information about the connection to the SSH subprocess when ** using the ssh:// sync method. */ static int sshPid; /* Process id of ssh subprocess */ static int sshIn; /* From ssh subprocess to this process */ static FILE *sshOut; /* From this to ssh subprocess */ /* ** Return the current transport error message. */ const char *transport_errmsg(void){ #ifdef FOSSIL_ENABLE_SSL if( g.urlIsHttps ){ return ssl_errmsg(); } #endif return socket_errmsg(); } /* ** Retrieve send/receive counts from the transport layer. If "resetFlag" ** is true, then reset the counts. */ void transport_stats(i64 *pnSent, i64 *pnRcvd, int resetFlag){ if( pnSent ) *pnSent = transport.nSent; if( pnRcvd ) *pnRcvd = transport.nRcvd; if( resetFlag ){ transport.nSent = 0; transport.nRcvd = 0; } } /* ** Read text from sshIn. Zero-terminate and remove trailing ** whitespace. */ static void sshin_read(char *zBuf, int szBuf){ int got; zBuf[0] = 0; got = read(sshIn, zBuf, szBuf-1); while( got>=0 ){ zBuf[got] = 0; if( got==0 || !fossil_isspace(zBuf[got-1]) ) break; got--; } } /* ** Default SSH command */ #ifdef __MINGW32__ static char zDefaultSshCmd[] = "ssh -T"; #else static char zDefaultSshCmd[] = "ssh -e none -T"; #endif /* ** Generate a random SSH link problem keyword */ static int random_probe(char *zProbe, int nProbe){ unsigned r[4]; sqlite3_randomness(sizeof(r), r); sqlite3_snprintf(nProbe, zProbe, "probe-%08x%08x%08x%08x", r[0], r[1], r[2], r[3]); return (int)strlen(zProbe); } /* ** Bring up an SSH link. This involves sending some "echo" commands and ** get back appropriate responses. The point is to move past the MOTD and ** verify that the link is working. */ static void transport_ssh_startup(void){ char *zIn; /* An input line received back from remote */ int nWait; /* Number of times waiting for the MOTD */ char zProbe[40]; /* Text of the random probe */ int nProbe; /* Size of probe message */ int nIn; /* Size of input */ static const int nBuf = 10000; /* Size of input buffer */ zIn = fossil_malloc(nBuf); nProbe = random_probe(zProbe, sizeof(zProbe)); fprintf(sshOut, "echo %s\n", zProbe); fflush(sshOut); if( g.fSshTrace ){ printf("Sent: [echo %s]\n", zProbe); fflush(stdout); } memset(zIn, '*', nProbe); for(nWait=1; nWait<=10; nWait++){ sshin_read(zIn+nProbe, nBuf-nProbe); if( g.fSshTrace ){ printf("Got back-----------------------------------------------\n" "%s\n" "-------------------------------------------------------\n", zIn+nProbe); } if( strstr(zIn, zProbe) ) break; sqlite3_sleep(100*nWait); nIn = (int)strlen(zIn); memcpy(zIn, zIn+(nIn-nProbe), nProbe); if( g.fSshTrace ){ printf("Fetching more text. Looking for [%s]...\n", zProbe); fflush(stdout); } } nProbe = random_probe(zProbe, sizeof(zProbe)); fprintf(sshOut, "echo %s\n", zProbe); fflush(sshOut); if( g.fSshTrace ){ printf("Sent: [echo %s]\n", zProbe); fflush(stdout); } sshin_read(zIn, nBuf); if( zIn[0]==0 ){ sqlite3_sleep(250); sshin_read(zIn, nBuf); } if( g.fSshTrace ){ printf("Got back-----------------------------------------------\n" "%s\n" "-------------------------------------------------------\n", zIn); } if( memcmp(zIn, zProbe, nProbe)!=0 ){ pclose2(sshIn, sshOut, sshPid); fossil_fatal("ssh connection failed: [%s]", zIn); } fossil_free(zIn); } /* ** Global initialization of the transport layer */ void transport_global_startup(void){ if( g.urlIsSsh ){ /* Only SSH requires a global initialization. For SSH we need to create ** and run an SSH command to talk to the remote machine. */ const char *zSsh; /* The base SSH command */ Blob zCmd; /* The SSH command */ char *zHost; /* The host name to contact */ int n; /* Size of prefix string */ zSsh = db_get("ssh-command", zDefaultSshCmd); blob_init(&zCmd, zSsh, -1); if( g.urlPort!=g.urlDfltPort ){ #ifdef __MINGW32__ blob_appendf(&zCmd, " -P %d", g.urlPort); #else blob_appendf(&zCmd, " -p %d", g.urlPort); #endif } fossil_force_newline(); fossil_print("%s", blob_str(&zCmd)); /* Show the base of the SSH command */ if( g.urlUser && g.urlUser[0] ){ zHost = mprintf("%s@%s", g.urlUser, g.urlName); #ifdef __MINGW32__ /* Only win32 (and specifically PLINK.EXE) support the -pw option */ if( g.urlPasswd && g.urlPasswd[0] ){ Blob pw; blob_zero(&pw); if( g.urlPasswd[0]=='*' ){ char *zPrompt; zPrompt = mprintf("Password for [%s]: ", zHost); prompt_for_password(zPrompt, &pw, 0); free(zPrompt); }else{ blob_init(&pw, g.urlPasswd, -1); } blob_append(&zCmd, " -pw ", -1); shell_escape(&zCmd, blob_str(&pw)); blob_reset(&pw); fossil_print(" -pw ********"); /* Do not show the password text */ } #endif }else{ zHost = mprintf("%s", g.urlName); } n = blob_size(&zCmd); blob_append(&zCmd, " ", 1); shell_escape(&zCmd, zHost); if( g.urlShell ){ blob_appendf(&zCmd, " %s", g.urlShell); }else{ #if defined(FOSSIL_ENABLE_SSH_FAR_SIDE) /* The following works. But only if the fossil on the remote side ** is recent enough to support the test-ssh-far-side command. That ** command was added on 2013-02-06. We will leave this turned off ** until most fossil servers have upgraded to that version or a later ** version. The sync will still work as long as the shell on the far ** side is bash and not tcsh. And if the default far side shell is ** tcsh, then the shell=/bin/bash query parameter can be used as a ** work-around. Enable this code after about a year... */ blob_appendf(&zCmd, " exec %s test-ssh-far-side", g.urlFossil); #endif } fossil_print("%s\n", blob_str(&zCmd)+n); /* Show tail of SSH command */ free(zHost); popen2(blob_str(&zCmd), &sshIn, &sshOut, &sshPid); if( sshPid==0 ){ fossil_fatal("cannot start ssh tunnel using [%b]", &zCmd); } blob_reset(&zCmd); transport_ssh_startup(); } } /* ** COMMAND: test-ssh-far-side ** ** Read lines of input text, one by one, and evaluate each line using ** system(). The ssh: sync protocol uses this on the far side of the ** SSH link. */ void test_ssh_far_side_cmd(void){ int i = 0; int got; char zLine[5000]; while( i0 ){ sent = ssl_send(0, z, n); /* printf("Sent %d of %d bytes\n", sent, n); fflush(stdout); */ if( sent<=0 ) break; n -= sent; } #endif }else if( g.urlIsFile ){ fwrite(z, 1, n, transport.pFile); }else{ int sent; while( n>0 ){ sent = socket_send(0, z, n); /* printf("Sent %d of %d bytes\n", sent, n); fflush(stdout); */ if( sent<=0 ) break; n -= sent; } } } /* ** This routine is called when the outbound message is complete and ** it is time to being receiving a reply. */ void transport_flip(void){ if( g.urlIsSsh ){ fprintf(sshOut, "\n\n"); }else if( g.urlIsFile ){ char *zCmd; fclose(transport.pFile); zCmd = mprintf("\"%s\" http \"%s\" \"%s\" \"%s\" 127.0.0.1 --localauth", g.nameOfExe, g.urlName, transport.zOutFile, transport.zInFile ); fossil_system(zCmd); free(zCmd); transport.pFile = fossil_fopen(transport.zInFile, "rb"); } } /* ** Log all input to a file. The transport layer will take responsibility ** for closing the log file when it is done. */ void transport_log(FILE *pLog){ if( transport.pLog ){ fclose(transport.pLog); transport.pLog = 0; } transport.pLog = pLog; } /* ** This routine is called when the inbound message has been received ** and it is time to start sending again. */ void transport_rewind(void){ if( g.urlIsFile ){ transport_close(); } } /* ** Read N bytes of content directly from the wire and write into ** the buffer. */ static int transport_fetch(char *zBuf, int N){ int got; if( sshIn ){ int x; int wanted = N; got = 0; while( wanted>0 ){ x = read(sshIn, &zBuf[got], wanted); if( x<=0 ) break; got += x; wanted -= x; } }else if( g.urlIsHttps ){ #ifdef FOSSIL_ENABLE_SSL got = ssl_receive(0, zBuf, N); #else got = 0; #endif }else if( g.urlIsFile ){ got = fread(zBuf, 1, N, transport.pFile); }else{ got = socket_receive(0, zBuf, N); } /* printf("received %d of %d bytes\n", got, N); fflush(stdout); */ if( transport.pLog ){ fwrite(zBuf, 1, got, transport.pLog); fflush(transport.pLog); } return got; } /* ** Read N bytes of content from the wire and store in the supplied buffer. ** Return the number of bytes actually received. */ int transport_receive(char *zBuf, int N){ int onHand; /* Bytes current held in the transport buffer */ int nByte = 0; /* Bytes of content received */ onHand = transport.nUsed - transport.iCursor; if( g.fSshTrace){ printf("Reading %d bytes with %d on hand... ", N, onHand); fflush(stdout); } if( onHand>0 ){ int toMove = onHand; if( toMove>N ) toMove = N; /* printf("bytes on hand: %d of %d\n", toMove, N); fflush(stdout); */ memcpy(zBuf, &transport.pBuf[transport.iCursor], toMove); transport.iCursor += toMove; if( transport.iCursor>=transport.nUsed ){ transport.nUsed = 0; transport.iCursor = 0; } N -= toMove; zBuf += toMove; nByte += toMove; } if( N>0 ){ int got = transport_fetch(zBuf, N); if( got>0 ){ nByte += got; transport.nRcvd += got; } } if( g.fSshTrace ) printf("Got %d bytes\n", nByte); return nByte; } /* ** Load up to N new bytes of content into the transport.pBuf buffer. ** The buffer itself might be moved. And the transport.iCursor value ** might be reset to 0. */ static void transport_load_buffer(int N){ int i, j; if( transport.nAlloc==0 ){ transport.nAlloc = N; transport.pBuf = fossil_malloc( N ); transport.iCursor = 0; transport.nUsed = 0; } if( transport.iCursor>0 ){ for(i=0, j=transport.iCursor; j transport.nAlloc ){ char *pNew; transport.nAlloc = transport.nUsed + N; pNew = fossil_realloc(transport.pBuf, transport.nAlloc); transport.pBuf = pNew; } if( N>0 ){ i = transport_fetch(&transport.pBuf[transport.nUsed], N); if( i>0 ){ transport.nRcvd += i; transport.nUsed += i; } } } /* ** Fetch a single line of input where a line is all text up to the next ** \n character or until the end of input. Remove all trailing whitespace ** from the received line and zero-terminate the result. Return a pointer ** to the line. ** ** Each call to this routine potentially overwrites the returned buffer. */ char *transport_receive_line(void){ int i; int iStart; i = iStart = transport.iCursor; while(1){ if( i >= transport.nUsed ){ transport_load_buffer(g.urlIsSsh ? 2 : 1000); i -= iStart; iStart = 0; if( i >= transport.nUsed ){ transport.pBuf[i] = 0; transport.iCursor = i; break; } } if( transport.pBuf[i]=='\n' ){ transport.iCursor = i+1; while( i>=iStart && fossil_isspace(transport.pBuf[i]) ){ transport.pBuf[i] = 0; i--; } break; } i++; } if( g.fSshTrace ) printf("Got line: [%s]\n", &transport.pBuf[iStart]); return &transport.pBuf[iStart]; } void transport_global_shutdown(void){ if( g.urlIsSsh && sshPid ){ /*printf("Closing SSH tunnel: ");*/ fflush(stdout); pclose2(sshIn, sshOut, sshPid); sshPid = 0; } if( g.urlIsHttps ){ #ifdef FOSSIL_ENABLE_SSL ssl_global_shutdown(); #endif }else{ socket_global_shutdown(); } }