Skip to content

Commit

Permalink
http_client.c: distinguish between request/response header and body a…
Browse files Browse the repository at this point in the history 
…nd body types
  • Loading branch information
@DDvO
DDvO committed Sep 25, 2024
1 parent e7abc21 commit 9bc6808
Show file tree
Hide file tree
Showing 3 changed files with 120 additions and 116 deletions.
34 changes: 19 additions & 15 deletions crypto/http/http_client.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ struct ossl_http_req_ctx_st {
#define OHS_WRITE_INIT (2 | OHS_NOREAD) /* 1st call: ready to start send */
#define OHS_WRITE_HDR1 (3 | OHS_NOREAD) /* Request header to be sent */
#define OHS_WRITE_HDR (4 | OHS_NOREAD) /* Request header being sent */
#define OHS_WRITE_REQ (5 | OHS_NOREAD) /* Request content being sent */
#define OHS_WRITE_REQ (5 | OHS_NOREAD) /* Request content (body) being sent */
#define OHS_FLUSH (6 | OHS_NOREAD) /* Request being flushed */
#define OHS_FIRSTLINE 1 /* First line of response being read */
#define OHS_HEADERS 2 /* MIME headers of response being read */
Expand Down Expand Up @@ -618,10 +618,12 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
rctx->state = OHS_ERROR;
return 0;
}
if (OSSL_TRACE_ENABLED(HTTP) && rctx->state == OHS_WRITE_HDR1)
OSSL_TRACE(HTTP, "Sending request: [\n");
if (rctx->state == OHS_WRITE_HDR1)
OSSL_TRACE(HTTP, "Sending request header: [\n");
OSSL_TRACE_STRING(HTTP, rctx->state != OHS_WRITE_REQ || rctx->text,
rctx->state != OHS_WRITE_REQ, rctx->pos, sz);
/* for request headers, this usually traces several lines at once */
OSSL_TRACE(HTTP, "]\n");
if (rctx->state == OHS_WRITE_HDR1)
rctx->state = OHS_WRITE_HDR;
rctx->pos += sz;
Expand All @@ -630,6 +632,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
}
if (rctx->state == OHS_WRITE_HDR) {
(void)BIO_reset(rctx->mem);
OSSL_TRACE1(HTTP, "Sending request body (likely of type %s)\n", rctx->text ? "text" : "ASN.1");
rctx->state = OHS_WRITE_REQ;
}
if (rctx->req != NULL && !BIO_eof(rctx->req)) {
Expand All @@ -644,8 +647,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
rctx->len_to_send = n;
goto next_io;
}
if (OSSL_TRACE_ENABLED(HTTP))
OSSL_TRACE(HTTP, "]\n");
OSSL_TRACE(HTTP, "]\n");
rctx->state = OHS_FLUSH;

/* fall through */
Expand Down Expand Up @@ -698,7 +700,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
resp_hdr_lines++;
if (rctx->max_hdr_lines != 0 && rctx->max_hdr_lines < resp_hdr_lines) {
ERR_raise(ERR_LIB_HTTP, HTTP_R_RESPONSE_TOO_MANY_HDRLINES);
OSSL_TRACE(HTTP, "Received too many headers\n");
OSSL_TRACE(HTTP, "Received too many header lines\n");
rctx->state = OHS_ERROR;
return 0;
}
Expand All @@ -711,13 +713,11 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
}

/* dump all response header lines */
if (OSSL_TRACE_ENABLED(HTTP)) {
if (rctx->state == OHS_FIRSTLINE)
OSSL_TRACE(HTTP, "Received response header: [\n");
OSSL_TRACE1(HTTP, "%s", buf);
}
if (rctx->state == OHS_FIRSTLINE)
OSSL_TRACE(HTTP, "Received response header: [\n");
OSSL_TRACE1(HTTP, "%s", buf);

/* First line */
/* First line in response header */
if (rctx->state == OHS_FIRSTLINE) {
switch (parse_http_line1(buf, &found_keep_alive)) {
case HTTP_STATUS_CODE_OK:
Expand Down Expand Up @@ -804,8 +804,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
}
if (*p != '\0') /* not end of headers */
goto next_line;
if (OSSL_TRACE_ENABLED(HTTP))
OSSL_TRACE(HTTP, "]\n");
OSSL_TRACE(HTTP, "]\n");

resp_hdr_lines = 0;

Expand All @@ -823,7 +822,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
if (OSSL_TRACE_ENABLED(HTTP)) {
int printed_final_nl = 0;

OSSL_TRACE(HTTP, "Received error response body: [\n");
OSSL_TRACE(HTTP, "Receiving error response body: [\n");
while ((n = BIO_read(rctx->rbio, rctx->buf, rctx->buf_size)) > 0
|| (OSSL_sleep(100), BIO_should_retry(rctx->rbio))) {
OSSL_TRACE_STRING(HTTP, got_text, 1, rctx->buf, n);
Expand All @@ -847,11 +846,14 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
return 0;
}

/* Note: will not trace response body content */
if (!rctx->expect_asn1) {
OSSL_TRACE(HTTP, "Receiving response text body\n");
rctx->state = OHS_STREAM;
return 1;
}

OSSL_TRACE(HTTP, "Receiving response ASN.1 body\n");
rctx->state = OHS_ASN1_HEADER;

/* Fall thru */
Expand Down Expand Up @@ -898,6 +900,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
if (!check_set_resp_len(rctx, resp_len))
return 0;

OSSL_TRACE1(HTTP, "Expected response ASN.1 content length: %zd\n", resp_len);
rctx->state = OHS_ASN1_CONTENT;

/* Fall thru */
Expand All @@ -907,6 +910,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
if (n < 0 || (size_t)n < rctx->resp_len)
goto next_io;

OSSL_TRACE(HTTP, "Finished receiving response ASN.1 content\n");
rctx->state = OHS_ASN1_DONE;
return 1;
}
Expand Down
109 changes: 8 additions & 101 deletions doc/man1/openssl.pod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -691,113 +691,20 @@ See L<property(7)> for a more detailed description.

=head1 ENVIRONMENT

The OpenSSL library can be take some configuration parameters from the
environment. Some of these variables are listed below. For information
about specific commands, see L<openssl-engine(1)>,
L<openssl-rehash(1)>, and L<tsget(1)>.

For information about the use of environment variables in configuration,
see L<config(5)/ENVIRONMENT>.

For information about querying or specifying CPU architecture flags, see
L<OPENSSL_ia32cap(3)>, L<OPENSSL_s390xcap(3)> and L<OPENSSL_riscvcap(3)>.
The OpenSSL libraries can be take some configuration parameters from the
environment.

For information about all environment variables used by the OpenSSL libraries,
see L<openssl-env(7)>.

=over 4

=item B<OPENSSL_TRACE=>I<name>[,...]

Enable tracing output of OpenSSL library, by name.
This output will only make sense if you know OpenSSL internals well.
Also, it might not give you any output at all
if OpenSSL was built without tracing support.

The value is a comma separated list of names, with the following
available:

=over 4

=item B<TRACE>

Traces the OpenSSL trace API itself.

=item B<INIT>

Traces OpenSSL library initialization and cleanup.

=item B<TLS>

Traces the TLS/SSL protocol.

=item B<TLS_CIPHER>

Traces the ciphers used by the TLS/SSL protocol.

=item B<CONF>

Show details about provider and engine configuration.

=item B<ENGINE_TABLE>

The function that is used by RSA, DSA (etc) code to select registered
ENGINEs, cache defaults and functional references (etc), will generate
debugging summaries.

=item B<ENGINE_REF_COUNT>

Reference counts in the ENGINE structure will be monitored with a line
of generated for each change.

=item B<PKCS5V2>

Traces PKCS#5 v2 key generation.

=item B<PKCS12_KEYGEN>

Traces PKCS#12 key generation.

=item B<PKCS12_DECRYPT>

Traces PKCS#12 decryption.

=item B<X509V3_POLICY>

Generates the complete policy tree at various points during X.509 v3
policy evaluation.

=item B<BN_CTX>

Traces BIGNUM context operations.

=item B<CMP>

Traces CMP client and server activity.

=item B<STORE>

Traces STORE operations.

=item B<DECODER>

Traces decoder operations.

=item B<ENCODER>

Traces encoder operations.

=item B<REF_COUNT>

Traces decrementing certain ASN.1 structure references.

=item B<HTTP>

Traces the HTTP client and server, such as messages being sent and received.
For information about the use of environment variables in configuration,
see L<config(5)/ENVIRONMENT>.

=back
For information about specific commands, see L<openssl-engine(1)>,
L<openssl-rehash(1)>, and L<tsget(1)>.

=back
For information about querying or specifying CPU architecture flags, see
L<OPENSSL_ia32cap(3)>, L<OPENSSL_s390xcap(3)> and L<OPENSSL_riscvcap(3)>.

=head1 SEE ALSO

Expand Down
93 changes: 93 additions & 0 deletions doc/man7/openssl-env.pod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,99 @@ See L<OPENSSL_malloc(3)>.
Specifies the directory from which cryptographic providers are loaded.
Equivalently, the generic B<-provider-path> command-line option may be used.

=item B<OPENSSL_TRACE>

By default the OpenSSL trace feature is disabled statically.
To enable it, OpenSSL must be built with tracing support,
which may be configured like this: C<./config enable-trace>

Unless OpenSSL tracing support is generally disabled,
enable trace output of specific parts of OpenSSL libraries, by name.
This output usually makes sense only if you know OpenSSL internals well.

The value of this environment varialble is a comma-separated list of names,
with the following available:

=over 4

=item B<TRACE>

Traces the OpenSSL trace API itself.

=item B<INIT>

Traces OpenSSL library initialization and cleanup.

=item B<TLS>

Traces the TLS/SSL protocol.

=item B<TLS_CIPHER>

Traces the ciphers used by the TLS/SSL protocol.

=item B<CONF>

Show details about provider and engine configuration.

=item B<ENGINE_TABLE>

The function that is used by RSA, DSA (etc) code to select registered
ENGINEs, cache defaults and functional references (etc), will generate
debugging summaries.

=item B<ENGINE_REF_COUNT>

Reference counts in the ENGINE structure will be monitored with a line
of generated for each change.

=item B<PKCS5V2>

Traces PKCS#5 v2 key generation.

=item B<PKCS12_KEYGEN>

Traces PKCS#12 key generation.

=item B<PKCS12_DECRYPT>

Traces PKCS#12 decryption.

=item B<X509V3_POLICY>

Generates the complete policy tree at various points during X.509 v3
policy evaluation.

=item B<BN_CTX>

Traces BIGNUM context operations.

=item B<CMP>

Traces CMP client and server activity.

=item B<STORE>

Traces STORE operations.

=item B<DECODER>

Traces decoder operations.

=item B<ENCODER>

Traces encoder operations.

=item B<REF_COUNT>

Traces decrementing certain ASN.1 structure references.

=item B<HTTP>

Traces the HTTP client and server, such as messages being sent and received.

=back

=item B<OPENSSL_WIN32_UTF8>

If set, then L<UI_OpenSSL(3)> returns UTF-8 encoded strings, rather than
Expand Down

0 comments on commit 9bc6808

Please sign in to comment.