14
|
1 /**
|
|
2 * Orthanc - A Lightweight, RESTful DICOM Store
|
|
3 * Copyright (C) 2012-2016 Sebastien Jodogne, Medical Physics
|
|
4 * Department, University Hospital of Liege, Belgium
|
|
5 *
|
|
6 * This program is free software: you can redistribute it and/or
|
|
7 * modify it under the terms of the GNU General Public License as
|
|
8 * published by the Free Software Foundation, either version 3 of the
|
|
9 * License, or (at your option) any later version.
|
|
10 *
|
|
11 * In addition, as a special exception, the copyright holders of this
|
|
12 * program give permission to link the code of its release with the
|
|
13 * OpenSSL project's "OpenSSL" library (or with modified versions of it
|
|
14 * that use the same license as the "OpenSSL" library), and distribute
|
|
15 * the linked executables. You must obey the GNU General Public License
|
|
16 * in all respects for all of the code used other than "OpenSSL". If you
|
|
17 * modify file(s) with this exception, you may extend this exception to
|
|
18 * your version of the file(s), but you are not obligated to do so. If
|
|
19 * you do not wish to do so, delete this exception statement from your
|
|
20 * version. If you delete this exception statement from all source files
|
|
21 * in the program, then also delete it here.
|
|
22 *
|
|
23 * This program is distributed in the hope that it will be useful, but
|
|
24 * WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
26 * General Public License for more details.
|
|
27 *
|
|
28 * You should have received a copy of the GNU General Public License
|
|
29 * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
30 **/
|
|
31
|
|
32
|
|
33 #include "PrecompiledHeaders.h"
|
|
34 #include "HttpClient.h"
|
|
35
|
|
36 #include "Toolbox.h"
|
|
37 #include "OrthancException.h"
|
|
38 #include "Logging.h"
|
|
39
|
|
40 #include <string.h>
|
|
41 #include <curl/curl.h>
|
|
42 #include <boost/algorithm/string/predicate.hpp>
|
|
43
|
|
44
|
|
45 static std::string globalCACertificates_;
|
|
46 static bool globalVerifyPeers_ = true;
|
|
47 static long globalTimeout_ = 0;
|
|
48
|
|
49 extern "C"
|
|
50 {
|
|
51 static CURLcode GetHttpStatus(CURLcode code, CURL* curl, long* status)
|
|
52 {
|
|
53 if (code == CURLE_OK)
|
|
54 {
|
|
55 code = curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, status);
|
|
56 return code;
|
|
57 }
|
|
58 else
|
|
59 {
|
|
60 *status = 0;
|
|
61 return code;
|
|
62 }
|
|
63 }
|
|
64
|
|
65 // This is a dummy wrapper function to suppress any OpenSSL-related
|
|
66 // problem in valgrind. Inlining is prevented.
|
|
67 #if defined(__GNUC__) || defined(__clang__)
|
|
68 __attribute__((noinline))
|
|
69 #endif
|
|
70 static CURLcode OrthancHttpClientPerformSSL(CURL* curl, long* status)
|
|
71 {
|
|
72 return GetHttpStatus(curl_easy_perform(curl), curl, status);
|
|
73 }
|
|
74 }
|
|
75
|
|
76
|
|
77
|
|
78 namespace Orthanc
|
|
79 {
|
|
80 struct HttpClient::PImpl
|
|
81 {
|
|
82 CURL* curl_;
|
|
83 struct curl_slist *postHeaders_;
|
|
84 };
|
|
85
|
|
86
|
|
87 static void ThrowException(HttpStatus status)
|
|
88 {
|
|
89 switch (status)
|
|
90 {
|
|
91 case HttpStatus_400_BadRequest:
|
|
92 throw OrthancException(ErrorCode_BadRequest);
|
|
93
|
|
94 case HttpStatus_401_Unauthorized:
|
|
95 throw OrthancException(ErrorCode_Unauthorized);
|
|
96
|
|
97 case HttpStatus_404_NotFound:
|
|
98 throw OrthancException(ErrorCode_InexistentItem);
|
|
99
|
|
100 default:
|
|
101 throw OrthancException(ErrorCode_NetworkProtocol);
|
|
102 }
|
|
103 }
|
|
104
|
|
105
|
|
106
|
|
107 static CURLcode CheckCode(CURLcode code)
|
|
108 {
|
|
109 if (code != CURLE_OK)
|
|
110 {
|
|
111 LOG(ERROR) << "libCURL error: " + std::string(curl_easy_strerror(code));
|
|
112 throw OrthancException(ErrorCode_NetworkProtocol);
|
|
113 }
|
|
114
|
|
115 return code;
|
|
116 }
|
|
117
|
|
118
|
|
119 static size_t CurlCallback(void *buffer, size_t size, size_t nmemb, void *payload)
|
|
120 {
|
|
121 std::string& target = *(static_cast<std::string*>(payload));
|
|
122
|
|
123 size_t length = size * nmemb;
|
|
124 if (length == 0)
|
|
125 return 0;
|
|
126
|
|
127 size_t pos = target.size();
|
|
128
|
|
129 target.resize(pos + length);
|
|
130 memcpy(&target.at(pos), buffer, length);
|
|
131
|
|
132 return length;
|
|
133 }
|
|
134
|
|
135
|
|
136 void HttpClient::Setup()
|
|
137 {
|
|
138 pimpl_->postHeaders_ = NULL;
|
|
139 if ((pimpl_->postHeaders_ = curl_slist_append(pimpl_->postHeaders_, "Expect:")) == NULL)
|
|
140 {
|
|
141 throw OrthancException(ErrorCode_NotEnoughMemory);
|
|
142 }
|
|
143
|
|
144 pimpl_->curl_ = curl_easy_init();
|
|
145 if (!pimpl_->curl_)
|
|
146 {
|
|
147 curl_slist_free_all(pimpl_->postHeaders_);
|
|
148 throw OrthancException(ErrorCode_NotEnoughMemory);
|
|
149 }
|
|
150
|
|
151 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_WRITEFUNCTION, &CurlCallback));
|
|
152 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HEADER, 0));
|
|
153 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_FOLLOWLOCATION, 1));
|
|
154
|
|
155 // This fixes the "longjmp causes uninitialized stack frame" crash
|
|
156 // that happens on modern Linux versions.
|
|
157 // http://stackoverflow.com/questions/9191668/error-longjmp-causes-uninitialized-stack-frame
|
|
158 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_NOSIGNAL, 1));
|
|
159
|
|
160 url_ = "";
|
|
161 method_ = HttpMethod_Get;
|
|
162 lastStatus_ = HttpStatus_200_Ok;
|
|
163 isVerbose_ = false;
|
|
164 timeout_ = globalTimeout_;
|
|
165 verifyPeers_ = globalVerifyPeers_;
|
|
166 }
|
|
167
|
|
168
|
|
169 HttpClient::HttpClient() : pimpl_(new PImpl)
|
|
170 {
|
|
171 Setup();
|
|
172 }
|
|
173
|
|
174
|
|
175 HttpClient::HttpClient(const HttpClient& other) : pimpl_(new PImpl)
|
|
176 {
|
|
177 Setup();
|
|
178
|
|
179 if (other.IsVerbose())
|
|
180 {
|
|
181 SetVerbose(true);
|
|
182 }
|
|
183
|
|
184 if (other.credentials_.size() != 0)
|
|
185 {
|
|
186 credentials_ = other.credentials_;
|
|
187 }
|
|
188 }
|
|
189
|
|
190
|
|
191 HttpClient::~HttpClient()
|
|
192 {
|
|
193 curl_easy_cleanup(pimpl_->curl_);
|
|
194 curl_slist_free_all(pimpl_->postHeaders_);
|
|
195 }
|
|
196
|
|
197
|
|
198 void HttpClient::SetVerbose(bool isVerbose)
|
|
199 {
|
|
200 isVerbose_ = isVerbose;
|
|
201
|
|
202 if (isVerbose_)
|
|
203 {
|
|
204 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_VERBOSE, 1));
|
|
205 }
|
|
206 else
|
|
207 {
|
|
208 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_VERBOSE, 0));
|
|
209 }
|
|
210 }
|
|
211
|
|
212
|
|
213 bool HttpClient::Apply(std::string& answer)
|
|
214 {
|
|
215 answer.clear();
|
|
216 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_URL, url_.c_str()));
|
|
217 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_WRITEDATA, &answer));
|
|
218
|
|
219 // Setup HTTPS-related options
|
|
220 #if ORTHANC_SSL_ENABLED == 1
|
|
221 if (IsHttpsVerifyPeers())
|
|
222 {
|
|
223 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_CAINFO, GetHttpsCACertificates().c_str()));
|
|
224 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSL_VERIFYPEER, 1));
|
|
225 }
|
|
226 else
|
|
227 {
|
|
228 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_SSL_VERIFYPEER, 0));
|
|
229 }
|
|
230 #endif
|
|
231
|
|
232 // Reset the parameters from previous calls to Apply()
|
|
233 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HTTPHEADER, NULL));
|
|
234 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HTTPGET, 0L));
|
|
235 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_POST, 0L));
|
|
236 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_NOBODY, 0L));
|
|
237 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_CUSTOMREQUEST, NULL));
|
|
238 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_POSTFIELDS, NULL));
|
|
239 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_POSTFIELDSIZE, 0));
|
|
240 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_PROXY, NULL));
|
|
241
|
|
242 // Set timeouts
|
|
243 if (timeout_ <= 0)
|
|
244 {
|
|
245 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_TIMEOUT, 10)); /* default: 10 seconds */
|
|
246 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_CONNECTTIMEOUT, 10)); /* default: 10 seconds */
|
|
247 }
|
|
248 else
|
|
249 {
|
|
250 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_TIMEOUT, timeout_));
|
|
251 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_CONNECTTIMEOUT, timeout_));
|
|
252 }
|
|
253
|
|
254 if (credentials_.size() != 0)
|
|
255 {
|
|
256 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_USERPWD, credentials_.c_str()));
|
|
257 }
|
|
258
|
|
259 if (proxy_.size() != 0)
|
|
260 {
|
|
261 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_PROXY, proxy_.c_str()));
|
|
262 }
|
|
263
|
|
264 switch (method_)
|
|
265 {
|
|
266 case HttpMethod_Get:
|
|
267 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HTTPGET, 1L));
|
|
268 break;
|
|
269
|
|
270 case HttpMethod_Post:
|
|
271 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_POST, 1L));
|
|
272 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HTTPHEADER, pimpl_->postHeaders_));
|
|
273 break;
|
|
274
|
|
275 case HttpMethod_Delete:
|
|
276 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_NOBODY, 1L));
|
|
277 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_CUSTOMREQUEST, "DELETE"));
|
|
278 break;
|
|
279
|
|
280 case HttpMethod_Put:
|
|
281 // http://stackoverflow.com/a/7570281/881731: Don't use
|
|
282 // CURLOPT_PUT if there is a body
|
|
283
|
|
284 // CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_PUT, 1L));
|
|
285
|
|
286 curl_easy_setopt(pimpl_->curl_, CURLOPT_CUSTOMREQUEST, "PUT"); /* !!! */
|
|
287 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_HTTPHEADER, pimpl_->postHeaders_));
|
|
288 break;
|
|
289
|
|
290 default:
|
|
291 throw OrthancException(ErrorCode_InternalError);
|
|
292 }
|
|
293
|
|
294
|
|
295 if (method_ == HttpMethod_Post ||
|
|
296 method_ == HttpMethod_Put)
|
|
297 {
|
|
298 if (body_.size() > 0)
|
|
299 {
|
|
300 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_POSTFIELDS, body_.c_str()));
|
|
301 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_POSTFIELDSIZE, body_.size()));
|
|
302 }
|
|
303 else
|
|
304 {
|
|
305 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_POSTFIELDS, NULL));
|
|
306 CheckCode(curl_easy_setopt(pimpl_->curl_, CURLOPT_POSTFIELDSIZE, 0));
|
|
307 }
|
|
308 }
|
|
309
|
|
310
|
|
311 // Do the actual request
|
|
312 CURLcode code;
|
|
313 long status = 0;
|
|
314
|
|
315 if (boost::starts_with(url_, "https://"))
|
|
316 {
|
|
317 code = OrthancHttpClientPerformSSL(pimpl_->curl_, &status);
|
|
318 }
|
|
319 else
|
|
320 {
|
|
321 code = GetHttpStatus(curl_easy_perform(pimpl_->curl_), pimpl_->curl_, &status);
|
|
322 }
|
|
323
|
|
324 CheckCode(code);
|
|
325
|
|
326 if (status == 0)
|
|
327 {
|
|
328 // This corresponds to a call to an inexistent host
|
|
329 lastStatus_ = HttpStatus_500_InternalServerError;
|
|
330 }
|
|
331 else
|
|
332 {
|
|
333 lastStatus_ = static_cast<HttpStatus>(status);
|
|
334 }
|
|
335
|
|
336 return (status >= 200 && status < 300);
|
|
337 }
|
|
338
|
|
339
|
|
340 bool HttpClient::Apply(Json::Value& answer)
|
|
341 {
|
|
342 std::string s;
|
|
343 if (Apply(s))
|
|
344 {
|
|
345 Json::Reader reader;
|
|
346 return reader.parse(s, answer);
|
|
347 }
|
|
348 else
|
|
349 {
|
|
350 return false;
|
|
351 }
|
|
352 }
|
|
353
|
|
354
|
|
355 void HttpClient::SetCredentials(const char* username,
|
|
356 const char* password)
|
|
357 {
|
|
358 credentials_ = std::string(username) + ":" + std::string(password);
|
|
359 }
|
|
360
|
|
361
|
|
362 const std::string& HttpClient::GetHttpsCACertificates() const
|
|
363 {
|
|
364 if (caCertificates_.empty())
|
|
365 {
|
|
366 return globalCACertificates_;
|
|
367 }
|
|
368 else
|
|
369 {
|
|
370 return caCertificates_;
|
|
371 }
|
|
372 }
|
|
373
|
|
374
|
|
375 void HttpClient::GlobalInitialize(bool httpsVerifyPeers,
|
|
376 const std::string& httpsVerifyCertificates)
|
|
377 {
|
|
378 globalVerifyPeers_ = httpsVerifyPeers;
|
|
379 globalCACertificates_ = httpsVerifyCertificates;
|
|
380
|
|
381 #if ORTHANC_SSL_ENABLED == 1
|
|
382 if (httpsVerifyPeers)
|
|
383 {
|
|
384 if (globalCACertificates_.empty())
|
|
385 {
|
|
386 LOG(WARNING) << "No certificates are provided to validate peers, "
|
|
387 << "set \"HttpsCACertificates\" if you need to do HTTPS requests";
|
|
388 }
|
|
389 else
|
|
390 {
|
|
391 LOG(WARNING) << "HTTPS will use the CA certificates from this file: " << globalCACertificates_;
|
|
392 }
|
|
393 }
|
|
394 else
|
|
395 {
|
|
396 LOG(WARNING) << "The verification of the peers in HTTPS requests is disabled!";
|
|
397 }
|
|
398 #endif
|
|
399
|
|
400 CheckCode(curl_global_init(CURL_GLOBAL_DEFAULT));
|
|
401 }
|
|
402
|
|
403
|
|
404 void HttpClient::GlobalFinalize()
|
|
405 {
|
|
406 curl_global_cleanup();
|
|
407 }
|
|
408
|
|
409
|
|
410 void HttpClient::SetDefaultTimeout(long timeout)
|
|
411 {
|
|
412 LOG(INFO) << "Setting the default timeout for HTTP client connections: " << timeout << " seconds";
|
|
413 globalTimeout_ = timeout;
|
|
414 }
|
|
415
|
|
416
|
|
417 void HttpClient::ApplyAndThrowException(std::string& answer)
|
|
418 {
|
|
419 if (!Apply(answer))
|
|
420 {
|
|
421 ThrowException(GetLastStatus());
|
|
422 }
|
|
423 }
|
|
424
|
|
425 void HttpClient::ApplyAndThrowException(Json::Value& answer)
|
|
426 {
|
|
427 if (!Apply(answer))
|
|
428 {
|
|
429 ThrowException(GetLastStatus());
|
|
430 }
|
|
431 }
|
|
432 }
|