libzypp/HEAD/curlhelper_8cc_source.html

/*---------------------------------------------------------------------\

|                          ____ _   __ __ ___                          |

|                         |__  / \ / / . \ . \                         |

|                           / / \ V /|  _/  _/                         |

|                          / /__ | | | | | |                           |

|                         /_____||_| |_| |_|                           |

|                                                                      |

\---------------------------------------------------------------------*/

#include "private/curlhelper_p.h"


#include <zypp/APIConfig.h>


#include <zypp-core/fs/PathInfo.h>

#include <zypp-core/Pathname.h>

#include <zypp-core/base/LogTools.h>

#include <zypp-core/base/String.h>

#include <zypp-core/base/StringV.h>

#include <zypp-curl/ProxyInfo>

#include <zypp-curl/auth/CurlAuthData>

#include <zypp-media/MediaException>

#include <list>

#include <string>


#define  TRANSFER_TIMEOUT_MAX   60 * 60


using std::endl;

using namespace zypp;


namespace zypp

{

  namespace env

  {

    const long & ZYPP_MEDIA_CURL_DEBUG()

    {

      static const long ret = [](){

        const char * env = getenv("ZYPP_MEDIA_CURL_DEBUG");

        return env && *env ? str::strtonum<ulong>( env ) : 0;

      }();

      return ret;

    }


    int ZYPP_MEDIA_CURL_IPRESOLVE()

    {

      static int _v = [](){

        int ret = 0;

        if ( const char * envp = getenv( "ZYPP_MEDIA_CURL_IPRESOLVE" ) ) {

          WAR << "env set: $ZYPP_MEDIA_CURL_IPRESOLVE='" << envp << "'" << std::endl;

          if (      strcmp( envp, "4" ) == 0 )  ret = 4;

          else if ( strcmp( envp, "6" ) == 0 )  ret = 6;

        }

        return ret;

      }();

      return _v;

    }

  } // namespace env

} // namespace zypp


namespace internal

{


void globalInitCurlOnce()

{

  // function-level static <=> std::call_once

  static bool once __attribute__ ((__unused__)) = ( [] {

    MIL << "global_init libcurl: " << curl_version_info(CURLVERSION_NOW)->version << endl;

    if ( curl_global_init( CURL_GLOBAL_ALL ) != 0 )

      WAR << "curl global init failed" << std::endl;

  } (), true );

}


int log_curl( CURL * curl, curl_infotype info, char * ptr, size_t len, void * max_lvl )

{

  if ( max_lvl == nullptr )

    return 0;


  long maxlvl = *((long *)max_lvl);

  const char * pfx = "";

  bool isContent = true;  // otherwise it's data

  switch( info )

  {

    case CURLINFO_TEXT:         if ( maxlvl < 1 ) return 0; pfx = "*"; break;

    case CURLINFO_HEADER_IN:    if ( maxlvl < 2 ) return 0; pfx = "<"; break;

    case CURLINFO_HEADER_OUT:   if ( maxlvl < 2 ) return 0; pfx = ">"; break;

    case CURLINFO_SSL_DATA_IN:  if ( maxlvl < 3 ) return 0; isContent = false; pfx = "<[SSL]"; break;

    case CURLINFO_SSL_DATA_OUT: if ( maxlvl < 3 ) return 0; isContent = false; pfx = ">[SSL]"; break;

    case CURLINFO_DATA_IN:      if ( maxlvl < 3 ) return 0; isContent = false; pfx = "<[DTA]"; break;

    case CURLINFO_DATA_OUT:     if ( maxlvl < 3 ) return 0; isContent = false; pfx = ">[DTA]"; break;


    default:

      return 0;

  }


  // We'd like to keep all log messages within function `log_curl`

  // because this tag to grep for is known and communicate to users.

  if ( isContent ) {

    std::vector<std::string_view> lines;  // don't want log from within the lambda

    strv::split( std::string_view( ptr, len ), "\n", [&lines]( std::string_view line, unsigned, bool last ) {

      if ( last ) return; // empty word after final \n

      line = strv::rtrim( line, "\r" );

      lines.push_back( line );

    });

    for ( const auto & line : lines ) {

      if ( str::hasPrefix( line, "Authorization:" ) ) {

        std::string_view::size_type pos { line.find( " ", 15 ) }; // Authorization: <type> <credentials>

        if ( pos == std::string::npos )

          pos = 15;

        DBG << curl << " " << pfx << " " << line.substr( 0, pos ) << " <credentials removed>" << endl;

      }

      else

        DBG << curl << " " << pfx << " " << line << endl;

    }

  } else {

    if ( maxlvl < 4 )

      DBG << curl << " " << pfx << " " << len << " byte" << endl;

    else

      hexdumpOn( DBG << curl << " " << pfx << " ", ptr, len );

  }

  return 0;

}


void setupZYPP_MEDIA_CURL_DEBUG( CURL *curl )

{

  if ( not curl ) {

    INT << "Got a NULL curl handle" << endl;

    return;

  }

  if ( env::ZYPP_MEDIA_CURL_DEBUG() > 0 ) {

    curl_easy_setopt( curl, CURLOPT_VERBOSE, 1L );

    curl_easy_setopt( curl, CURLOPT_DEBUGFUNCTION, log_curl );

    curl_easy_setopt( curl, CURLOPT_DEBUGDATA, &env::ZYPP_MEDIA_CURL_DEBUG() );

  }

}


size_t log_redirects_curl( char *ptr, size_t size, size_t nmemb, void *userdata)

{

  //INT << "got header: " << std::string(ptr, ptr + size*nmemb) << endl;


  char * lstart = ptr, * lend = ptr;

  size_t pos = 0;

  size_t max = size * nmemb;

  while (pos + 1 < max)

  {

    // get line

    for (lstart = lend; *lend != '\n' && pos < max; ++lend, ++pos);


    // look for "Location"

    if ( strncasecmp( lstart, "Location:", 9 ) == 0 )

    {

      std::string line { lstart, *(lend-1)=='\r' ? lend-1 : lend };

      DBG << "redirecting to " << line << std::endl;

      if ( userdata ) {

        *reinterpret_cast<std::string *>( userdata ) = line;

      }

      return max;

    }


    // continue with the next line

    if (pos + 1 < max)

    {

      ++lend;

      ++pos;

    }

    else

      break;

  }


  return max;

}


void fillSettingsFromUrl( const Url &url, media::TransferSettings &s )

{

  {

    const std::string & param { url.getQueryParam("timeout") };

    if( ! param.empty() )

    {

      long num = str::strtonum<long>(param);

      if( num >= 0 && num <= TRANSFER_TIMEOUT_MAX )

        s.setTimeout( num );

    }

  }

  {

    std::string param { url.getUsername() };

    if ( ! param.empty() )

    {

      s.setUsername( std::move(param) );

      param = url.getPassword();

      if ( ! param.empty() )

        s.setPassword( std::move(param) );

    }

    else

    {

      // if there is no username, set anonymous auth

      if ( ( url.getScheme() == "ftp" || url.getScheme() == "tftp" ) && s.username().empty() )

        s.setAnonymousAuth();

    }

  }

  if ( url.getScheme() == "https" )

  {

    s.setVerifyPeerEnabled( false );

    s.setVerifyHostEnabled( false );


    const std::string & verify { url.getQueryParam("ssl_verify") };

    if( verify.empty() || verify == "yes" )

    {

      s.setVerifyPeerEnabled( true );

      s.setVerifyHostEnabled( true );

    }

    else if ( verify == "no" )

    {

      s.setVerifyPeerEnabled( false );

      s.setVerifyHostEnabled( false );

    }

    else

    {

      std::vector<std::string> flags;

      str::split( verify, std::back_inserter(flags), "," );

      for ( const auto & flag : flags )

      {

        if ( flag == "host" )

          s.setVerifyHostEnabled( true );

        else if ( flag == "peer" )

          s.setVerifyPeerEnabled( true );

        else

          ZYPP_THROW( media::MediaBadUrlException(url, "Unknown ssl_verify flag "+flag) );

      }

    }

  }

  {

    Pathname ca_path { url.getQueryParam("ssl_capath") };

    if( ! ca_path.empty() )

    {

      if( ! PathInfo(ca_path).isDir() || ! ca_path.absolute() )

        ZYPP_THROW(media::MediaBadUrlException(url, "Invalid ssl_capath path"));

      else

        s.setCertificateAuthoritiesPath( std::move(ca_path) );

    }

  }

  {

    Pathname client_cert { url.getQueryParam("ssl_clientcert") };

    if( ! client_cert.empty() )

    {

      if( ! PathInfo(client_cert).isFile() || ! client_cert.absolute() )

        ZYPP_THROW(media::MediaBadUrlException(url, "Invalid ssl_clientcert file"));

      else

        s.setClientCertificatePath( std::move(client_cert) );

    }

  }

  {

    Pathname client_key { url.getQueryParam("ssl_clientkey") };

    if( ! client_key.empty() )

    {

      if( ! PathInfo(client_key).isFile() || ! client_key.absolute() )

        ZYPP_THROW(media::MediaBadUrlException(url, "Invalid ssl_clientkey file"));

      else

        s.setClientKeyPath( std::move(client_key) );

    }

  }

  {

    std::string param { url.getQueryParam( "proxy" ) };

    if ( ! param.empty() )

    {

      if ( param == EXPLICITLY_NO_PROXY ) {

        // Workaround TransferSettings shortcoming: With an

        // empty proxy string, code will continue to look for

        // valid proxy settings. So set proxy to some non-empty

        // string, to indicate it has been explicitly disabled.

        s.setProxy(EXPLICITLY_NO_PROXY);

        s.setProxyEnabled(false);

      }

      else {

        const std::string & proxyport { url.getQueryParam( "proxyport" ) };

        if ( ! proxyport.empty() ) {

          param += ":";

          param += proxyport;

        }

        s.setProxy( std::move(param) );

        s.setProxyEnabled( true );

      }

    }

  }

  {

    std::string param { url.getQueryParam( "proxyuser" ) };

    if ( ! param.empty() )

    {

      s.setProxyUsername( std::move(param) );

      s.setProxyPassword( url.getQueryParam( "proxypass" ) );

    }

  }

  {

    // HTTP authentication type

    std::string param { url.getQueryParam("auth") };

    if ( ! param.empty() && (url.getScheme() == "http" || url.getScheme() == "https") )

    {

      try

      {

        media::CurlAuthData::auth_type_str2long (param );       // check if we know it

      }

      catch ( const media::MediaException & ex_r )

      {

        DBG << "Rethrowing as MediaUnauthorizedException.";

        ZYPP_THROW(media::MediaUnauthorizedException(url, ex_r.msg(), "", ""));

      }

      s.setAuthType( std::move(param) );

    }

  }

  {

    // workarounds

    const std::string & param { url.getQueryParam("head_requests") };

    if( ! param.empty() && param == "no" )

      s.setHeadRequestsAllowed( false );

  }

}


void fillSettingsSystemProxy( const Url& url, media::TransferSettings &s )

{

  media::ProxyInfo proxy_info;

  if ( proxy_info.useProxyFor( url ) )

  {

    // We must extract any 'user:pass' from the proxy url

    // otherwise they won't make it into curl (.curlrc wins).

    try {

      Url u( proxy_info.proxy( url ) );

      s.setProxy( u.asString( url::ViewOption::WITH_SCHEME + url::ViewOption::WITH_HOST + url::ViewOption::WITH_PORT ) );

      // don't overwrite explicit auth settings

      if ( s.proxyUsername().empty() )

      {

        s.setProxyUsername( u.getUsername( url::E_ENCODED ) );

        s.setProxyPassword( u.getPassword( url::E_ENCODED ) );

      }

      s.setProxyEnabled( true );

    }

    catch (...) {}      // no proxy if URL is malformed

  }

}


void curlEscape( std::string & str_r,

  const char char_r, const std::string & escaped_r ) {

  for ( std::string::size_type pos = str_r.find( char_r );

        pos != std::string::npos; pos = str_r.find( char_r, pos ) ) {

    str_r.replace( pos, 1, escaped_r );

  }

}


std::string curlEscapedPath( std::string path_r ) {

  curlEscape( path_r, ' ', "%20" );

  return path_r;

}


std::string curlUnEscape( std::string text_r ) {

  char * tmp = curl_unescape( text_r.c_str(), 0 );

  std::string ret( tmp );

  curl_free( tmp );

  return ret;

}


Url clearQueryString(const Url &url)

{

  Url curlUrl (url);

  curlUrl.setUsername( "" );

  curlUrl.setPassword( "" );

  curlUrl.setPathParams( "" );

  curlUrl.setFragment( "" );

  curlUrl.delQueryParam("cookies");

  curlUrl.delQueryParam("proxy");

  curlUrl.delQueryParam("proxyport");

  curlUrl.delQueryParam("proxyuser");

  curlUrl.delQueryParam("proxypass");

  curlUrl.delQueryParam("ssl_capath");

  curlUrl.delQueryParam("ssl_verify");

  curlUrl.delQueryParam("ssl_clientcert");

  curlUrl.delQueryParam("timeout");

  curlUrl.delQueryParam("auth");

  curlUrl.delQueryParam("username");

  curlUrl.delQueryParam("password");

  curlUrl.delQueryParam("mediahandler");

  curlUrl.delQueryParam("credentials");

  curlUrl.delQueryParam("head_requests");

  return curlUrl;

}


// bsc#933839: propagate proxy settings passed in the repo URL

// boo#1127591: propagate ssl settings passed in the repo URL

zypp::Url propagateQueryParams( zypp::Url url_r, const zypp::Url & template_r )

{

  using namespace std::literals::string_literals;

  for ( const std::string &param : { "proxy"s, "proxyport"s, "proxyuser"s, "proxypass"s, "ssl_capath"s, "ssl_verify"s } )

  {

    const std::string & value( template_r.getQueryParam( param ) );

    if ( ! value.empty() )

      url_r.setQueryParam( param, value );

  }

  return url_r;

}


}

APIConfig.h
Provides API related macros.

zypp::Exception::msg
const std::string & msg() const
Return the message string provided to the ctor.
Definition: Exception.h:195

zypp::Url
Url manipulation class.
Definition: Url.h:92

zypp::Url::getScheme
std::string getScheme() const
Returns the scheme name of the URL.
Definition: Url.cc:533

zypp::Url::asString
std::string asString() const
Returns a default string representation of the Url object.
Definition: Url.cc:497

zypp::Url::getUsername
std::string getUsername(EEncoding eflag=zypp::url::E_DECODED) const
Returns the username from the URL authority.
Definition: Url.cc:572

zypp::Url::setFragment
void setFragment(const std::string &fragment, EEncoding eflag=zypp::url::E_DECODED)
Set the fragment string in the URL.
Definition: Url.cc:722

zypp::Url::getQueryParam
std::string getQueryParam(const std::string &param, EEncoding eflag=zypp::url::E_DECODED) const
Return the value for the specified query parameter.
Definition: Url.cc:660

zypp::Url::delQueryParam
void delQueryParam(const std::string &param)
remove the specified query parameter.
Definition: Url.cc:845

zypp::Url::setPassword
void setPassword(const std::string &pass, EEncoding eflag=zypp::url::E_DECODED)
Set the password in the URL authority.
Definition: Url.cc:739

zypp::Url::setPathParams
void setPathParams(const std::string &params)
Set the path parameters.
Definition: Url.cc:791

zypp::Url::setQueryParam
void setQueryParam(const std::string &param, const std::string &value)
Set or add value for the specified query parameter.
Definition: Url.cc:838

zypp::Url::setUsername
void setUsername(const std::string &user, EEncoding eflag=zypp::url::E_DECODED)
Set the username in the URL authority.
Definition: Url.cc:730

zypp::Url::getPassword
std::string getPassword(EEncoding eflag=zypp::url::E_DECODED) const
Returns the password from the URL authority.
Definition: Url.cc:580

zypp::filesystem::PathInfo
Wrapper class for stat/lstat.
Definition: PathInfo.h:221

zypp::filesystem::Pathname
Pathname.
Definition: Pathname.h:45

zypp::media::CurlAuthData::auth_type_str2long
static long auth_type_str2long(std::string &auth_type_str)
Converts a string of comma separated list of authetication type names into a long of ORed CURLAUTH_* ...
Definition: curlauthdata.cc:50

zypp::media::MediaBadUrlException
Definition: mediaexception.h:287

zypp::media::MediaException
Just inherits Exception to separate media exceptions.
Definition: mediaexception.h:36

zypp::media::MediaUnauthorizedException
Definition: mediaexception.h:445

zypp::media::ProxyInfo
Definition: proxyinfo.h:30

zypp::media::ProxyInfo::useProxyFor
bool useProxyFor(const Url &url_r) const
Return true if enabled and url_r does not match noProxy.
Definition: proxyinfo.cc:55

zypp::media::ProxyInfo::proxy
std::string proxy(const Url &url) const
Definition: proxyinfo.cc:43

zypp::media::TransferSettings
Holds transfer setting.
Definition: transfersettings.h:34

zypp::media::TransferSettings::setProxy
void setProxy(const std::string &val_r)
proxy to use if it is enabled
Definition: transfersettings.cc:178

zypp::media::TransferSettings::setProxyEnabled
void setProxyEnabled(bool enabled)
whether the proxy is used or not
Definition: transfersettings.cc:171

zypp::media::TransferSettings::setUsername
void setUsername(const std::string &val_r)
sets the auth username
Definition: transfersettings.cc:137

zypp::media::TransferSettings::setProxyUsername
void setProxyUsername(const std::string &val_r)
sets the proxy user
Definition: transfersettings.cc:188

zypp::media::TransferSettings::setHeadRequestsAllowed
void setHeadRequestsAllowed(bool allowed)
set whether HEAD requests are allowed
Definition: transfersettings.cc:311

zypp::media::TransferSettings::setVerifyHostEnabled
void setVerifyHostEnabled(bool enabled)
Sets whether to verify host for ssl.
Definition: transfersettings.cc:258

zypp::media::TransferSettings::setClientKeyPath
void setClientKeyPath(const Pathname &val_r)
Sets the SSL client key file.
Definition: transfersettings.cc:281

zypp::media::TransferSettings::setClientCertificatePath
void setClientCertificatePath(const Pathname &val_r)
Sets the SSL client certificate file.
Definition: transfersettings.cc:271

zypp::media::TransferSettings::setPassword
void setPassword(const std::string &val_r)
sets the auth password
Definition: transfersettings.cc:146

zypp::media::TransferSettings::setVerifyPeerEnabled
void setVerifyPeerEnabled(bool enabled)
Sets whether to verify host for ssl.
Definition: transfersettings.cc:265

zypp::media::TransferSettings::setAnonymousAuth
void setAnonymousAuth()
sets anonymous authentication (ie: for ftp)
Definition: transfersettings.cc:164

zypp::media::TransferSettings::username
const std::string & username() const
auth username
Definition: transfersettings.cc:143

zypp::media::TransferSettings::proxyUsername
const std::string & proxyUsername() const
proxy auth username
Definition: transfersettings.cc:194

zypp::media::TransferSettings::setAuthType
void setAuthType(const std::string &val_r)
set the allowed authentication types
Definition: transfersettings.cc:301

zypp::media::TransferSettings::setCertificateAuthoritiesPath
void setCertificateAuthoritiesPath(const Pathname &val_r)
Sets the SSL certificate authorities path.
Definition: transfersettings.cc:291

zypp::media::TransferSettings::setProxyPassword
void setProxyPassword(const std::string &val_r)
sets the proxy password
Definition: transfersettings.cc:197

zypp::media::TransferSettings::setTimeout
void setTimeout(long t)
set the transfer timeout
Definition: transfersettings.cc:216

TRANSFER_TIMEOUT_MAX
#define TRANSFER_TIMEOUT_MAX
Definition: curlhelper.cc:27

curlhelper_p.h

EXPLICITLY_NO_PROXY
#define EXPLICITLY_NO_PROXY
Definition: curlhelper_p.h:21

internal
Definition: MediaCurl.cc:44

internal::fillSettingsFromUrl
void fillSettingsFromUrl(const Url &url, media::TransferSettings &s)
Fills the settings structure using options passed on the url for example ?timeout=x&proxy=foo.
Definition: curlhelper.cc:177

internal::log_redirects_curl
size_t log_redirects_curl(char *ptr, size_t size, size_t nmemb, void *userdata)
Definition: curlhelper.cc:137

internal::globalInitCurlOnce
void globalInitCurlOnce()
Definition: curlhelper.cc:64

internal::propagateQueryParams
zypp::Url propagateQueryParams(zypp::Url url_r, const zypp::Url &template_r)
Definition: curlhelper.cc:394

internal::curlUnEscape
std::string curlUnEscape(std::string text_r)
Definition: curlhelper.cc:360

internal::setupZYPP_MEDIA_CURL_DEBUG
void setupZYPP_MEDIA_CURL_DEBUG(CURL *curl)
Setup CURLOPT_VERBOSE and CURLOPT_DEBUGFUNCTION according to env::ZYPP_MEDIA_CURL_DEBUG.
Definition: curlhelper.cc:124

internal::curlEscapedPath
std::string curlEscapedPath(std::string path_r)
Definition: curlhelper.cc:355

internal::fillSettingsSystemProxy
void fillSettingsSystemProxy(const Url &url, media::TransferSettings &s)
Reads the system proxy configuration and fills the settings structure proxy information.
Definition: curlhelper.cc:325

internal::clearQueryString
Url clearQueryString(const Url &url)
Definition: curlhelper.cc:367

internal::curlEscape
void curlEscape(std::string &str_r, const char char_r, const std::string &escaped_r)
Definition: curlhelper.cc:347

internal::log_curl
int log_curl(CURL *curl, curl_infotype info, char *ptr, size_t len, void *max_lvl)
Definition: curlhelper.cc:74

zypp::env::ZYPP_MEDIA_CURL_DEBUG
const long & ZYPP_MEDIA_CURL_DEBUG()
const long& for setting CURLOPT_DEBUGDATA Returns a reference to a static variable,...
Definition: curlhelper.cc:36

zypp::env::ZYPP_MEDIA_CURL_IPRESOLVE
int ZYPP_MEDIA_CURL_IPRESOLVE()
4/6 to force IPv4/v6
Definition: curlhelper.cc:45

zypp::str::hasPrefix
bool hasPrefix(const C_Str &str_r, const C_Str &prefix_r)
Return whether str_r has prefix prefix_r.
Definition: String.h:1027

zypp::str::split
unsigned split(const C_Str &line_r, TOutputIterator result_r, const C_Str &sepchars_r=" \t", const Trim trim_r=NO_TRIM)
Split line_r into words.
Definition: String.h:531

zypp::url::E_ENCODED
@ E_ENCODED
Flag to request encoded string(s).
Definition: UrlUtils.h:53

zypp
Easy-to use interface to the ZYPP dependency resolver.
Definition: CodePitfalls.doc:2

zypp::hexdumpOn
std::ostream & hexdumpOn(std::ostream &outs, const unsigned char *ptr, size_t size)
hexdump data on stream
Definition: LogTools.h:445

zypp::url::ViewOption::WITH_SCHEME
static const ViewOption WITH_SCHEME
Option to include scheme name in the URL string.
Definition: UrlBase.h:51

zypp::url::ViewOption::WITH_PORT
static const ViewOption WITH_PORT
Option to include port number in the URL string.
Definition: UrlBase.h:81

zypp::url::ViewOption::WITH_HOST
static const ViewOption WITH_HOST
Option to include hostname in the URL string.
Definition: UrlBase.h:74

ZYPP_THROW
#define ZYPP_THROW(EXCPT)
Drops a logline and throws the Exception.
Definition: Exception.h:428

DBG
#define DBG
Definition: Logger.h:95

MIL
#define MIL
Definition: Logger.h:96

WAR
#define WAR
Definition: Logger.h:97

INT
#define INT
Definition: Logger.h:100