Curl - Load a URL. More...
#include "asterisk.h"#include <curl/curl.h>#include "asterisk/lock.h"#include "asterisk/file.h"#include "asterisk/channel.h"#include "asterisk/pbx.h"#include "asterisk/cli.h"#include "asterisk/module.h"#include "asterisk/app.h"#include "asterisk/utils.h"#include "asterisk/threadstorage.h"#include "asterisk/test.h"
Include dependency graph for func_curl.c:
Go to the source code of this file.
Data Structures | |
| struct | curl_args |
| struct | curl_settings |
| struct | curl_write_callback_data |
| Callback data passed to WriteMemoryCallback. More... | |
| struct | global_curl_info |
Macros | |
| #define | CURLOPT_SPECIAL_FAILURE_CODE 999 |
| #define | CURLOPT_SPECIAL_HASHCOMPAT ((CURLoption) -500) |
| #define | CURLVERSION_ATLEAST(a, b, c) ((LIBCURL_VERSION_MAJOR > (a)) || ((LIBCURL_VERSION_MAJOR == (a)) && (LIBCURL_VERSION_MINOR > (b))) || ((LIBCURL_VERSION_MAJOR == (a)) && (LIBCURL_VERSION_MINOR == (b)) && (LIBCURL_VERSION_PATCH >= (c)))) |
Enumerations | |
| enum | hashcompat { HASHCOMPAT_NO = 0 , HASHCOMPAT_YES , HASHCOMPAT_LEGACY } |
| enum | optiontype { OT_BOOLEAN , OT_INTEGER , OT_INTEGER_MS , OT_STRING , OT_ENUM } |
Functions | |
| static void | __reg_module (void) |
| static void | __unreg_module (void) |
| static int | acf_curl_exec (struct ast_channel *chan, const char *cmd, char *info, struct ast_str **buf, ssize_t len) |
| static int | acf_curl_helper (struct ast_channel *chan, struct curl_args *args) |
| static int | acf_curl_write (struct ast_channel *chan, const char *cmd, char *name, const char *value) |
| static int | acf_curlopt_helper (struct ast_channel *chan, const char *cmd, char *data, char *buf, struct ast_str **bufstr, ssize_t len) |
| static int | acf_curlopt_read (struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t len) |
| static int | acf_curlopt_read2 (struct ast_channel *chan, const char *cmd, char *data, struct ast_str **buf, ssize_t len) |
| static int | acf_curlopt_write (struct ast_channel *chan, const char *cmd, char *name, const char *value) |
| struct ast_module * | AST_MODULE_SELF_SYM (void) |
| AST_THREADSTORAGE_CUSTOM_SCOPE (curl_instance, curl_instance_init, curl_instance_cleanup, static) | |
| AST_THREADSTORAGE_CUSTOM_SCOPE (thread_escapebuf, NULL, ast_free_ptr, static) | |
| static void | curl_instance_cleanup (void *data) |
| static int | curl_instance_init (void *data) |
| static void | curlds_free (void *data) |
| static int | load_module (void) |
| static int | parse_curlopt_key (const char *name, CURLoption *key, enum optiontype *ot) |
| static int | unload_module (void) |
| static int | url_is_vulnerable (const char *url) |
| Check for potential HTTP injection risk. | |
| static size_t | WriteMemoryCallback (void *ptr, size_t size, size_t nmemb, void *data) |
Variables | |
| static struct ast_module_info | __mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_LOAD_ORDER , .description = "Load external URL" , .key = ASTERISK_GPL_KEY , .buildopt_sum = AST_BUILDOPT_SUM, .support_level = AST_MODULE_SUPPORT_CORE, .load = load_module, .unload = unload_module, .load_pri = AST_MODPRI_REALTIME_DEPEND2, .requires = "res_curl", } |
| static struct ast_custom_function | acf_curl |
| static struct ast_custom_function | acf_curlopt |
| static const struct ast_module_info * | ast_module_info = &__mod_info |
| static const struct ast_datastore_info | curl_info |
| struct global_curl_info | global_curl_info = AST_LIST_HEAD_INIT_VALUE |
Detailed Description
Curl - Load a URL.
- Note
- Brian Wilkins bwilk.nosp@m.ins@.nosp@m.cfl.r.nosp@m.r.co.nosp@m.m (Added POST option)
- ExtRef:
- Depends on the CURL library - http://curl.haxx.se/
Definition in file func_curl.c.
Macro Definition Documentation
◆ CURLOPT_SPECIAL_FAILURE_CODE
| #define CURLOPT_SPECIAL_FAILURE_CODE 999 |
Definition at line 267 of file func_curl.c.
◆ CURLOPT_SPECIAL_HASHCOMPAT
| #define CURLOPT_SPECIAL_HASHCOMPAT ((CURLoption) -500) |
Definition at line 265 of file func_curl.c.
◆ CURLVERSION_ATLEAST
| #define CURLVERSION_ATLEAST | ( | a, | |
| b, | |||
| c | |||
| ) | ((LIBCURL_VERSION_MAJOR > (a)) || ((LIBCURL_VERSION_MAJOR == (a)) && (LIBCURL_VERSION_MINOR > (b))) || ((LIBCURL_VERSION_MAJOR == (a)) && (LIBCURL_VERSION_MINOR == (b)) && (LIBCURL_VERSION_PATCH >= (c)))) |
Definition at line 262 of file func_curl.c.
270 {
271 .type = "CURL",
272 .destroy = curlds_free,
273};
274
277 CURLoption key;
279};
280
282
284{
288 return;
289 }
291 ast_free(setting);
292 }
295}
296
298 OT_BOOLEAN,
299 OT_INTEGER,
300 OT_INTEGER_MS,
301 OT_STRING,
302 OT_ENUM,
303};
304
306 HASHCOMPAT_NO = 0,
307 HASHCOMPAT_YES,
308 HASHCOMPAT_LEGACY,
309};
310
312{
314 *key = CURLOPT_HEADER;
315 *ot = OT_BOOLEAN;
317 *key = CURLOPT_HTTPHEADER;
318 *ot = OT_STRING;
320 *key = CURLOPT_HTTPAUTH;
321 *ot = OT_ENUM;
323 *key = CURLOPT_PROXY;
324 *ot = OT_STRING;
326 *key = CURLOPT_PROXYPORT;
327 *ot = OT_INTEGER;
329 *key = CURLOPT_PROXYTYPE;
330 *ot = OT_ENUM;
332 *key = CURLOPT_DNS_CACHE_TIMEOUT;
333 *ot = OT_INTEGER;
335 *key = CURLOPT_USERPWD;
336 *ot = OT_STRING;
338 *key = CURLOPT_PROXYUSERPWD;
339 *ot = OT_STRING;
341 *key = CURLOPT_FOLLOWLOCATION;
342 *ot = OT_BOOLEAN;
344 *key = CURLOPT_MAXREDIRS;
345 *ot = OT_INTEGER;
347 *key = CURLOPT_REFERER;
348 *ot = OT_STRING;
350 *key = CURLOPT_USERAGENT;
351 *ot = OT_STRING;
353 *key = CURLOPT_COOKIE;
354 *ot = OT_STRING;
356 *key = CURLOPT_FTP_RESPONSE_TIMEOUT;
357 *ot = OT_INTEGER;
359#if CURLVERSION_ATLEAST(7,16,2)
360 *key = CURLOPT_TIMEOUT_MS;
361 *ot = OT_INTEGER_MS;
362#else
363 *key = CURLOPT_TIMEOUT;
364 *ot = OT_INTEGER;
365#endif
367#if CURLVERSION_ATLEAST(7,16,2)
368 *key = CURLOPT_CONNECTTIMEOUT_MS;
369 *ot = OT_INTEGER_MS;
370#else
371 *key = CURLOPT_CONNECTTIMEOUT;
372 *ot = OT_INTEGER;
373#endif
375 *key = CURLOPT_TRANSFERTEXT;
376 *ot = OT_BOOLEAN;
378 *key = CURLOPT_SSL_VERIFYPEER;
379 *ot = OT_BOOLEAN;
381 *key = CURLOPT_SSL_VERIFYHOST;
382 *ot = OT_INTEGER;
384 *key = CURLOPT_CAINFO;
385 *ot = OT_STRING;
387 *key = CURLOPT_CAPATH;
388 *ot = OT_STRING;
390 *key = CURLOPT_SSLCERT;
391 *ot = OT_STRING;
393 *key = CURLOPT_SSLCERTTYPE;
394 *ot = OT_STRING;
396 *key = CURLOPT_SSLKEY;
397 *ot = OT_STRING;
399 *key = CURLOPT_SSLKEYTYPE;
400 *ot = OT_STRING;
402 *key = CURLOPT_KEYPASSWD;
403 *ot = OT_STRING;
406 *ot = OT_ENUM;
409 *ot = OT_STRING;
410 } else {
411 return -1;
412 }
413 return 0;
414}
415
416static int acf_curlopt_write(struct ast_channel *chan, const char *cmd, char *name, const char *value)
417{
421 CURLoption key;
423
424 if (chan) {
425 ast_channel_lock(chan);
427 /* Create a new datastore */
430 ast_channel_unlock(chan);
431 return -1;
432 }
433
436 ast_datastore_free(store);
437 ast_channel_unlock(chan);
438 return -1;
439 }
440
443 ast_channel_datastore_add(chan, store);
444 } else {
446 }
447 ast_channel_unlock(chan);
448 } else {
449 /* Populate the global structure */
451 }
452
457 }
461 new->value = (void *)tmp;
462 }
466 new->value = (void *)tmp;
467 }
470 new->value = (char *)new + sizeof(*new);
471 strcpy(new->value, value);
472 }
475 long ptype =
476#if CURLVERSION_ATLEAST(7,10,0)
477 CURLPROXY_HTTP;
478#else
479 CURLPROXY_SOCKS5;
480#endif
481 if (0) {
482#if CURLVERSION_ATLEAST(7,15,2)
484 ptype = CURLPROXY_SOCKS4;
485#endif
486#if CURLVERSION_ATLEAST(7,18,0)
488 ptype = CURLPROXY_SOCKS4A;
489#endif
490#if CURLVERSION_ATLEAST(7,18,0)
492 ptype = CURLPROXY_SOCKS5;
493#endif
494#if CURLVERSION_ATLEAST(7,18,0)
496 ptype = CURLPROXY_SOCKS5_HOSTNAME;
497#endif
498 }
499
501 new->value = (void *)ptype;
502 }
504 long authtype = 0;
507 if (!strcasecmp(authmethod, "basic")) {
508 authtype |= CURLAUTH_BASIC;
509 } else if (!strcasecmp(authmethod, "digest")) {
510 authtype |= CURLAUTH_DIGEST;
511 } else {
513 return -1;
514 }
515 }
516 if (!authmethod) {
518 }
520 new->value = (void *)authtype;
521 }
524 new->value = (void *) (long) (!strcasecmp(value, "legacy") ? HASHCOMPAT_LEGACY : ast_true(value) ? HASHCOMPAT_YES : HASHCOMPAT_NO);
525 }
526 } else {
527 /* Highly unlikely */
528 goto yuck;
529 }
530 }
531
532 /* Memory allocation error */
533 if (!new) {
534 return -1;
535 }
536
538 } else {
539yuck:
541 return -1;
542 }
543
544 /* Remove any existing entry, only http headers are left */
546 if (new->key != CURLOPT_HTTPHEADER) {
550 ast_free(cur);
551 break;
552 }
553 }
555 }
556
557 /* Insert new entry */
561
562 return 0;
563}
564
565static int acf_curlopt_helper(struct ast_channel *chan, const char *cmd, char *data, char *buf, struct ast_str **bufstr, ssize_t len)
566{
570 CURLoption key;
572 int i;
573
576 return -1;
577 }
578
579 if (chan) {
580 /* If we have a channel, we want to read the options set there before
581 falling back to the global settings */
582 ast_channel_lock(chan);
584 ast_channel_unlock(chan);
585
586 if (store) {
589 }
590 }
591
592 for (i = 0; i < 2; i++) {
594 break;
595 }
602 } else {
604 }
609 } else {
611 }
612 } else {
615 } else {
617 }
618 }
623 } else {
625 }
627 const char *strval = "unknown";
628 if (0) {
629#if CURLVERSION_ATLEAST(7,15,2)
631 strval = "socks4";
632#endif
633#if CURLVERSION_ATLEAST(7,18,0)
635 strval = "socks4a";
636#endif
638 strval = "socks5";
639#if CURLVERSION_ATLEAST(7,18,0)
641 strval = "socks5hostname";
642#endif
643#if CURLVERSION_ATLEAST(7,10,0)
645 strval = "http";
646#endif
647 }
650 } else {
652 }
654 const char *strval = "unknown";
656 strval = "legacy";
658 strval = "yes";
660 strval = "no";
661 }
664 } else {
666 }
667 }
668 break;
669 }
670 }
672 if (cur) {
673 break;
674 }
675 }
676
677 return cur ? 0 : -1;
678}
679
680static int acf_curlopt_read(struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t len)
681{
683}
684
685static int acf_curlopt_read2(struct ast_channel *chan, const char *cmd, char *data, struct ast_str **buf, ssize_t len)
686{
688}
689
690/*! \brief Callback data passed to \ref WriteMemoryCallback */
692 /*! \brief If a string is being built, the string buffer */
694 /*! \brief The max size of \ref str */
695 ssize_t len;
696 /*! \brief If a file is being retrieved, the file to write to */
697 FILE *out_file;
698};
699
701{
702 register int realsize = 0;
704
706 realsize = size * nmemb;
709 realsize = fwrite(ptr, size, nmemb, cb_data->out_file);
710 }
711
712 return realsize;
713}
714
716{
717 CURL **curl = data;
718
719 if (!(*curl = curl_easy_init()))
720 return -1;
721
722 curl_easy_setopt(*curl, CURLOPT_NOSIGNAL, 1);
723 curl_easy_setopt(*curl, CURLOPT_TIMEOUT, 180);
724 curl_easy_setopt(*curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
725 curl_easy_setopt(*curl, CURLOPT_USERAGENT, AST_CURL_USER_AGENT);
726
727 return 0;
728}
729
731{
732 CURL **curl = data;
733
734 curl_easy_cleanup(*curl);
735
736 ast_free(data);
737}
738
740AST_THREADSTORAGE(thread_escapebuf);
741
742/*!
743 * \brief Check for potential HTTP injection risk.
744 *
745 * CVE-2014-8150 brought up the fact that HTTP proxies are subject to injection
746 * attacks. An HTTP URL sent to a proxy contains a carriage-return linefeed combination,
747 * followed by a complete HTTP request. Proxies will handle this as two separate HTTP
748 * requests rather than as a malformed URL.
749 *
750 * libcURL patched this vulnerability in version 7.40.0, but we have no guarantee that
751 * Asterisk systems will be using an up-to-date cURL library. Therefore, we implement
752 * the same fix as libcURL for determining if a URL is vulnerable to an injection attack.
753 *
754 * \param url The URL to check for vulnerability
755 * \retval 0 The URL is not vulnerable
756 * \retval 1 The URL is vulnerable.
757 */
759{
761 return 1;
762 }
763
764 return 0;
765}
766
771};
772
774{
776 int ret = 0;
777 long http_code = 0; /* read curl response */
778 size_t i;
780 char *failurecodestrings,*found;
781 CURL **curl;
787 char curl_errbuf[CURL_ERROR_SIZE + 1]; /* add one to be safe */
788
789 if (!escapebuf) {
790 return -1;
791 }
792
795 return -1;
796 }
797
799 ast_log(LOG_ERROR, "URL '%s' is vulnerable to HTTP injection attacks. Aborting CURL() call.\n", args->url);
800 return -1;
801 }
802
803 if (chan) {
804 ast_autoservice_start(chan);
805 }
806
817 AST_VECTOR_APPEND(&hasfailurecode, atoi(found));
818 }
819 } else {
821 }
822 }
824
825 if (chan) {
826 ast_channel_lock(chan);
828 ast_channel_unlock(chan);
829 if (store) {
830 list = store->data;
831 AST_LIST_LOCK(list);
832 AST_LIST_TRAVERSE(list, cur, list) {
840 AST_VECTOR_APPEND(&hasfailurecode, atoi(found));
841 }
842 } else {
844 }
845 }
846 }
847 }
848
849 curl_easy_setopt(*curl, CURLOPT_URL, args->url);
851
853 curl_easy_setopt(*curl, CURLOPT_POST, 1);
854 curl_easy_setopt(*curl, CURLOPT_POSTFIELDS, args->postdata);
855 }
856
857 /* Always assign the headers - even when NULL - in case we had
858 * custom headers the last time we used this shared cURL
859 * instance */
860 curl_easy_setopt(*curl, CURLOPT_HTTPHEADER, headers);
861
862 /* Temporarily assign a buffer for curl to write errors to. */
863 curl_errbuf[0] = curl_errbuf[CURL_ERROR_SIZE] = '\0';
864 curl_easy_setopt(*curl, CURLOPT_ERRORBUFFER, curl_errbuf);
865
866 if (curl_easy_perform(*curl) != 0) {
868 }
869
870 /* Reset buffer to NULL so curl doesn't try to write to it when the
871 * buffer is deallocated. Documentation is vague about allowing NULL
872 * here, but the source allows it. See: "typecheck: allow NULL to unset
873 * CURLOPT_ERRORBUFFER" (62bcf005f4678a93158358265ba905bace33b834). */
875 curl_easy_getinfo (*curl, CURLINFO_RESPONSE_CODE, &http_code);
876
883 http_code);
884 ret=-1;
885 break;
886 }
887 }
889
890 if (store) {
891 AST_LIST_UNLOCK(list);
892 }
893 curl_slist_free_all(headers);
894
896 curl_easy_setopt(*curl, CURLOPT_POST, 0);
897 }
898
901
905 char *piece;
908 int rowcount = 0;
912 if (piece) {
913 ast_uri_decode(piece, mode);
914 }
916 ast_str_append(&fields, 0, "%s%s", rowcount ? "," : "", ast_str_set_escapecommas(&escapebuf, 0, name, INT_MAX));
917 ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", ast_str_set_escapecommas(&escapebuf, 0, S_OR(piece, ""), INT_MAX));
918 rowcount++;
919 }
922 ast_free(fields);
924 }
925 }
926
927 if (chan) {
928 ast_autoservice_stop(chan);
929 }
930
931 return ret;
932}
933
934static int acf_curl_exec(struct ast_channel *chan, const char *cmd, char *info, struct ast_str **buf, ssize_t len)
935{
937 int res;
938
942 );
943
945
948 return -1;
949 }
950
955 return -1;
956 }
957
958 res = acf_curl_helper(chan, &curl_params);
961
962 return res;
963}
964
965static int acf_curl_write(struct ast_channel *chan, const char *cmd, char *name, const char *value)
966{
968 int res;
971 AST_APP_ARG(file_path);
972 );
973
975
978 return -1;
979 }
980
983 return -1;
984 }
985
990 args.file_path,
991 strerror(errno),
992 errno);
993 return -1;
994 }
995
996 res = acf_curl_helper(chan, &curl_params);
997
999
1000 return res;
1001}
1002
1005 .read2 = acf_curl_exec,
1006 .write = acf_curl_write,
1007};
1008
1011 .read = acf_curlopt_read,
1012 .read2 = acf_curlopt_read2,
1013 .write = acf_curlopt_write,
1014};
1015
1016#ifdef TEST_FRAMEWORK
1017AST_TEST_DEFINE(vulnerable_url)
1018{
1019 const char *bad_urls [] = {
1020 "http://example.com\r\nDELETE http://example.com/everything",
1021 "http://example.com\rDELETE http://example.com/everything",
1022 "http://example.com\nDELETE http://example.com/everything",
1023 "\r\nhttp://example.com",
1024 "\rhttp://example.com",
1025 "\nhttp://example.com",
1026 "http://example.com\r\n",
1027 "http://example.com\r",
1028 "http://example.com\n",
1029 };
1030 const char *good_urls [] = {
1031 "http://example.com",
1032 "http://example.com/%5Cr%5Cn",
1033 };
1034 int i;
1036
1037 switch (cmd) {
1042 info->description =
1043 "Ensure that any combination of '\\r' or '\\n' in a URL invalidates the URL";
1045 break;
1046 }
1047
1050 ast_test_status_update(test, "String '%s' detected as valid when it should be invalid\n", bad_urls[i]);
1051 res = AST_TEST_FAIL;
1052 }
1053 }
1054
1057 ast_test_status_update(test, "String '%s' detected as invalid when it should be valid\n", good_urls[i]);
1058 res = AST_TEST_FAIL;
1059 }
1060 }
1061
1062 return res;
1063}
1064#endif
1065
1067{
1068 int res;
1069
1072
1073 AST_TEST_UNREGISTER(vulnerable_url);
1074
1075 return res;
1076}
1077
1079{
1080 int res;
1081
1084
1085 AST_TEST_REGISTER(vulnerable_url);
1086
1087 return res;
1088}
1089
1091 .support_level = AST_MODULE_SUPPORT_CORE,
1092 .load = load_module,
1093 .unload = unload_module,
1094 .load_pri = AST_MODPRI_REALTIME_DEPEND2,
1095 .requires = "res_curl",
1096);
char * strsep(char **str, const char *delims)
const char * ast_channel_name(const struct ast_channel *chan)
int ast_autoservice_stop(struct ast_channel *chan)
Stop servicing a channel for us...
Definition autoservice.c:266
int ast_channel_datastore_add(struct ast_channel *chan, struct ast_datastore *datastore)
Add a datastore to a channel.
Definition channel.c:2375
int ast_autoservice_start(struct ast_channel *chan)
Automatically service a channel for us...
Definition autoservice.c:200
struct ast_datastore * ast_channel_datastore_find(struct ast_channel *chan, const struct ast_datastore_info *info, const char *uid)
Find a datastore on a channel.
Definition channel.c:2389
int ast_datastore_free(struct ast_datastore *datastore)
Free a data store object.
Definition datastore.c:68
static int acf_curl_helper(struct ast_channel *chan, struct curl_args *args)
Definition func_curl.c:774
static int acf_curlopt_read2(struct ast_channel *chan, const char *cmd, char *data, struct ast_str **buf, ssize_t len)
Definition func_curl.c:686
static int acf_curl_exec(struct ast_channel *chan, const char *cmd, char *info, struct ast_str **buf, ssize_t len)
Definition func_curl.c:935
static int acf_curlopt_write(struct ast_channel *chan, const char *cmd, char *name, const char *value)
Definition func_curl.c:417
static int acf_curlopt_read(struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t len)
Definition func_curl.c:681
static int url_is_vulnerable(const char *url)
Check for potential HTTP injection risk.
Definition func_curl.c:759
static int acf_curlopt_helper(struct ast_channel *chan, const char *cmd, char *data, char *buf, struct ast_str **bufstr, ssize_t len)
Definition func_curl.c:566
static int acf_curl_write(struct ast_channel *chan, const char *cmd, char *name, const char *value)
Definition func_curl.c:966
static int parse_curlopt_key(const char *name, CURLoption *key, enum optiontype *ot)
Definition func_curl.c:312
static size_t WriteMemoryCallback(void *ptr, size_t size, size_t nmemb, void *data)
Definition func_curl.c:701
static int len(struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t buflen)
Definition func_strings.c:1669
#define AST_DECLARE_APP_ARGS(name, arglist)
Declare a structure to hold an application's arguments.
Definition include/asterisk/app.h:1247
#define AST_STANDARD_APP_ARGS(args, parse)
Performs the 'standard' argument separation process for an application.
Definition include/asterisk/app.h:1283
#define AST_LIST_HEAD_STATIC(name, type)
Defines a structure to be used to hold a list of specified type, statically initialized.
Definition linkedlists.h:291
#define AST_LIST_TRAVERSE(head, var, field)
Loops over (traverses) the entries in a list.
Definition linkedlists.h:491
#define AST_LIST_INSERT_TAIL(head, elm, field)
Appends a list entry to the tail of a list.
Definition linkedlists.h:731
#define AST_LIST_ENTRY(type)
Declare a forward link structure inside a list entry.
Definition linkedlists.h:410
#define AST_LIST_TRAVERSE_SAFE_BEGIN(head, var, field)
Loops safely over (traverses) the entries in a list.
Definition linkedlists.h:529
#define AST_LIST_REMOVE_CURRENT(field)
Removes the current entry from a list during a traversal.
Definition linkedlists.h:557
#define AST_LIST_REMOVE_HEAD(head, field)
Removes and returns the head entry from a list.
Definition linkedlists.h:833
#define AST_LIST_HEAD(name, type)
Defines a structure to be used to hold a list of specified type.
Definition linkedlists.h:173
int errno
#define AST_MODULE_INFO(keystr, flags_to_set, desc, fields...)
Definition module.h:557
int pbx_builtin_setvar_helper(struct ast_channel *chan, const char *name, const char *value)
Add a variable to the channel variable stack, removing the most recently set value for the same name.
Definition pbx_variables.c:1233
#define ast_custom_function_register_escalating(acf, escalation)
Register a custom function which requires escalated privileges.
Definition pbx.h:1571
int ast_custom_function_unregister(struct ast_custom_function *acf)
Unregister a custom function.
Definition pbx_functions.c:262
static struct @519 args
int ast_str_append(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Append to a thread local dynamic string.
Definition strings.h:1139
size_t attribute_pure ast_str_strlen(const struct ast_str *buf)
Returns the current length of the string stored within buf.
Definition strings.h:730
#define S_OR(a, b)
returns the equivalent of logic or for strings: first one if not empty, otherwise second one.
Definition strings.h:80
int attribute_pure ast_true(const char *val)
Make sure something is true. Determine if a string containing a boolean value is "true"....
Definition utils.c:2235
char * ast_str_set_escapecommas(struct ast_str **buf, ssize_t maxlen, const char *src, size_t maxsrc)
Set a dynamic string to a non-NULL terminated substring, with escaping of commas.
Definition strings.h:1069
static force_inline int attribute_pure ast_strlen_zero(const char *s)
Definition strings.h:65
char * ast_str_append_substr(struct ast_str **buf, ssize_t maxlen, const char *src, size_t maxsrc)
Append a non-NULL terminated substring to the end of a dynamic string.
Definition strings.h:1062
void ast_str_trim_blanks(struct ast_str *buf)
Trims trailing whitespace characters from an ast_str string.
Definition strings.h:719
int ast_str_set(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Set a dynamic string using variable arguments.
Definition strings.h:1113
char *attribute_pure ast_str_buffer(const struct ast_str *buf)
Returns the string buffer within the ast_str buf.
Definition strings.h:761
void ast_copy_string(char *dst, const char *src, size_t size)
Size-limited null-terminating string copy.
Definition strings.h:425
struct ast_str * ast_str_thread_get(struct ast_threadstorage *ts, size_t init_len)
Retrieve a thread locally stored dynamic string.
Definition strings.h:909
Definition func_curl.c:768
Definition func_curl.c:276
struct curl_settings::@178 list
Definition func_curl.c:282
Definition test_logger.c:43
Definition cdr_sqlite3_custom.c:66
#define AST_THREADSTORAGE_CUSTOM(a, b, c)
Define a thread storage variable, with custom initialization and cleanup.
Definition threadstorage.h:111
void * ast_threadstorage_get(struct ast_threadstorage *ts, size_t init_size)
Retrieve thread storage.
Definition threadstorage.h:199
void ast_uri_decode(char *s, struct ast_flags spec)
Decode URI, URN, URL (overwrite string)
Definition utils.c:762
#define AST_VECTOR_APPEND(vec, elem)
Append an element to a vector, growing the vector if needed.
Definition vector.h:267
Enumeration Type Documentation
◆ hashcompat
| enum hashcompat |
| Enumerator | |
|---|---|
| HASHCOMPAT_NO | |
| HASHCOMPAT_YES | |
| HASHCOMPAT_LEGACY | |
Definition at line 306 of file func_curl.c.
◆ optiontype
| enum optiontype |
| Enumerator | |
|---|---|
| OT_BOOLEAN | |
| OT_INTEGER | |
| OT_INTEGER_MS | |
| OT_STRING | |
| OT_ENUM | |
Definition at line 298 of file func_curl.c.
Function Documentation
◆ __reg_module()
|
static |
Definition at line 1097 of file func_curl.c.
◆ __unreg_module()
|
static |
Definition at line 1097 of file func_curl.c.
◆ acf_curl_exec()
|
static |
Definition at line 935 of file func_curl.c.
936{
938 int res;
939
943 );
944
946
949 return -1;
950 }
951
956 return -1;
957 }
958
959 res = acf_curl_helper(chan, &curl_params);
962
963 return res;
964}
References acf_curl_helper(), args, AST_APP_ARG, AST_DECLARE_APP_ARGS, ast_free, ast_log, AST_STANDARD_APP_ARGS, ast_str_buffer(), ast_str_create, ast_str_set(), ast_strlen_zero(), buf, curl_args::cb_data, len(), LOG_WARNING, curl_args::postdata, curl_write_callback_data::str, curl_args::url, and url.
◆ acf_curl_helper()
|
static |
Definition at line 774 of file func_curl.c.
775{
777 int ret = 0;
778 long http_code = 0; /* read curl response */
779 size_t i;
781 char *failurecodestrings,*found;
782 CURL **curl;
788 char curl_errbuf[CURL_ERROR_SIZE + 1]; /* add one to be safe */
789
790 if (!escapebuf) {
791 return -1;
792 }
793
796 return -1;
797 }
798
800 ast_log(LOG_ERROR, "URL '%s' is vulnerable to HTTP injection attacks. Aborting CURL() call.\n", args->url);
801 return -1;
802 }
803
804 if (chan) {
805 ast_autoservice_start(chan);
806 }
807
818 AST_VECTOR_APPEND(&hasfailurecode, atoi(found));
819 }
820 } else {
822 }
823 }
825
826 if (chan) {
827 ast_channel_lock(chan);
829 ast_channel_unlock(chan);
830 if (store) {
831 list = store->data;
832 AST_LIST_LOCK(list);
833 AST_LIST_TRAVERSE(list, cur, list) {
841 AST_VECTOR_APPEND(&hasfailurecode, atoi(found));
842 }
843 } else {
845 }
846 }
847 }
848 }
849
850 curl_easy_setopt(*curl, CURLOPT_URL, args->url);
852
854 curl_easy_setopt(*curl, CURLOPT_POST, 1);
855 curl_easy_setopt(*curl, CURLOPT_POSTFIELDS, args->postdata);
856 }
857
858 /* Always assign the headers - even when NULL - in case we had
859 * custom headers the last time we used this shared cURL
860 * instance */
861 curl_easy_setopt(*curl, CURLOPT_HTTPHEADER, headers);
862
863 /* Temporarily assign a buffer for curl to write errors to. */
864 curl_errbuf[0] = curl_errbuf[CURL_ERROR_SIZE] = '\0';
865 curl_easy_setopt(*curl, CURLOPT_ERRORBUFFER, curl_errbuf);
866
867 if (curl_easy_perform(*curl) != 0) {
869 }
870
871 /* Reset buffer to NULL so curl doesn't try to write to it when the
872 * buffer is deallocated. Documentation is vague about allowing NULL
873 * here, but the source allows it. See: "typecheck: allow NULL to unset
874 * CURLOPT_ERRORBUFFER" (62bcf005f4678a93158358265ba905bace33b834). */
876 curl_easy_getinfo (*curl, CURLINFO_RESPONSE_CODE, &http_code);
877
884 http_code);
885 ret=-1;
886 break;
887 }
888 }
890
891 if (store) {
892 AST_LIST_UNLOCK(list);
893 }
894 curl_slist_free_all(headers);
895
897 curl_easy_setopt(*curl, CURLOPT_POST, 0);
898 }
899
902
906 char *piece;
909 int rowcount = 0;
913 if (piece) {
914 ast_uri_decode(piece, mode);
915 }
917 ast_str_append(&fields, 0, "%s%s", rowcount ? "," : "", ast_str_set_escapecommas(&escapebuf, 0, name, INT_MAX));
918 ast_str_append(&values, 0, "%s%s", rowcount ? "," : "", ast_str_set_escapecommas(&escapebuf, 0, S_OR(piece, ""), INT_MAX));
919 rowcount++;
920 }
923 ast_free(fields);
925 }
926 }
927
928 if (chan) {
929 ast_autoservice_stop(chan);
930 }
931
932 return ret;
933}
References args, ast_autoservice_start(), ast_autoservice_stop(), ast_channel_datastore_find(), ast_channel_lock, ast_channel_name(), ast_channel_unlock, ast_debug, ast_free, AST_LIST_HEAD, AST_LIST_LOCK, AST_LIST_TRAVERSE, AST_LIST_UNLOCK, ast_log, ast_str_append(), ast_str_buffer(), ast_str_create, ast_str_set(), ast_str_set_escapecommas(), ast_str_strlen(), ast_str_thread_get(), ast_str_trim_blanks(), ast_threadstorage_get(), ast_uri_decode(), ast_uri_http, ast_uri_http_legacy, AST_VECTOR_APPEND, AST_VECTOR_FREE, AST_VECTOR_GET, AST_VECTOR_INIT, AST_VECTOR_SIZE, curl_info, CURLOPT_SPECIAL_FAILURE_CODE, CURLOPT_SPECIAL_HASHCOMPAT, ast_datastore::data, HASHCOMPAT_LEGACY, curl_settings::key, LOG_ERROR, LOG_NOTICE, LOG_WARNING, name, NULL, pbx_builtin_setvar_helper(), S_OR, strsep(), url_is_vulnerable(), and curl_settings::value.
Referenced by acf_curl_exec(), and acf_curl_write().
◆ acf_curl_write()
|
static |
Definition at line 966 of file func_curl.c.
967{
969 int res;
972 AST_APP_ARG(file_path);
973 );
974
976
979 return -1;
980 }
981
984 return -1;
985 }
986
991 args.file_path,
992 strerror(errno),
993 errno);
994 return -1;
995 }
996
997 res = acf_curl_helper(chan, &curl_params);
998
1000
1001 return res;
1002}
References acf_curl_helper(), args, AST_APP_ARG, AST_DECLARE_APP_ARGS, ast_log, AST_STANDARD_APP_ARGS, ast_strdupa, ast_strlen_zero(), curl_args::cb_data, errno, LOG_WARNING, name, curl_write_callback_data::out_file, curl_args::url, and value.
◆ acf_curlopt_helper()
|
static |
Definition at line 566 of file func_curl.c.
567{
571 CURLoption key;
573 int i;
574
577 return -1;
578 }
579
580 if (chan) {
581 /* If we have a channel, we want to read the options set there before
582 falling back to the global settings */
583 ast_channel_lock(chan);
585 ast_channel_unlock(chan);
586
587 if (store) {
590 }
591 }
592
593 for (i = 0; i < 2; i++) {
595 break;
596 }
603 } else {
605 }
610 } else {
612 }
613 } else {
616 } else {
618 }
619 }
624 } else {
626 }
628 const char *strval = "unknown";
629 if (0) {
630#if CURLVERSION_ATLEAST(7,15,2)
632 strval = "socks4";
633#endif
634#if CURLVERSION_ATLEAST(7,18,0)
636 strval = "socks4a";
637#endif
639 strval = "socks5";
640#if CURLVERSION_ATLEAST(7,18,0)
642 strval = "socks5hostname";
643#endif
644#if CURLVERSION_ATLEAST(7,10,0)
646 strval = "http";
647#endif
648 }
651 } else {
653 }
655 const char *strval = "unknown";
657 strval = "legacy";
659 strval = "yes";
661 strval = "no";
662 }
665 } else {
667 }
668 }
669 break;
670 }
671 }
673 if (cur) {
674 break;
675 }
676 }
677
678 return cur ? 0 : -1;
679}
References ast_channel_datastore_find(), ast_channel_lock, ast_channel_unlock, ast_copy_string(), ast_debug, AST_LIST_LOCK, AST_LIST_TRAVERSE, AST_LIST_UNLOCK, ast_log, ast_str_set(), buf, curl_info, CURLOPT_SPECIAL_HASHCOMPAT, ast_datastore::data, HASHCOMPAT_LEGACY, HASHCOMPAT_NO, HASHCOMPAT_YES, curl_settings::key, len(), curl_settings::list, LOG_ERROR, NULL, OT_BOOLEAN, OT_INTEGER, OT_INTEGER_MS, OT_STRING, parse_curlopt_key(), and curl_settings::value.
Referenced by acf_curlopt_read(), and acf_curlopt_read2().
◆ acf_curlopt_read()
|
static |
Definition at line 681 of file func_curl.c.
References acf_curlopt_helper(), buf, len(), and NULL.
◆ acf_curlopt_read2()
|
static |
Definition at line 686 of file func_curl.c.
References acf_curlopt_helper(), buf, len(), and NULL.
◆ acf_curlopt_write()
|
static |
Definition at line 417 of file func_curl.c.
418{
422 CURLoption key;
424
425 if (chan) {
426 ast_channel_lock(chan);
428 /* Create a new datastore */
431 ast_channel_unlock(chan);
432 return -1;
433 }
434
437 ast_datastore_free(store);
438 ast_channel_unlock(chan);
439 return -1;
440 }
441
444 ast_channel_datastore_add(chan, store);
445 } else {
447 }
448 ast_channel_unlock(chan);
449 } else {
450 /* Populate the global structure */
452 }
453
458 }
462 new->value = (void *)tmp;
463 }
467 new->value = (void *)tmp;
468 }
471 new->value = (char *)new + sizeof(*new);
472 strcpy(new->value, value);
473 }
476 long ptype =
477#if CURLVERSION_ATLEAST(7,10,0)
478 CURLPROXY_HTTP;
479#else
480 CURLPROXY_SOCKS5;
481#endif
482 if (0) {
483#if CURLVERSION_ATLEAST(7,15,2)
485 ptype = CURLPROXY_SOCKS4;
486#endif
487#if CURLVERSION_ATLEAST(7,18,0)
489 ptype = CURLPROXY_SOCKS4A;
490#endif
491#if CURLVERSION_ATLEAST(7,18,0)
493 ptype = CURLPROXY_SOCKS5;
494#endif
495#if CURLVERSION_ATLEAST(7,18,0)
497 ptype = CURLPROXY_SOCKS5_HOSTNAME;
498#endif
499 }
500
502 new->value = (void *)ptype;
503 }
505 long authtype = 0;
508 if (!strcasecmp(authmethod, "basic")) {
509 authtype |= CURLAUTH_BASIC;
510 } else if (!strcasecmp(authmethod, "digest")) {
511 authtype |= CURLAUTH_DIGEST;
512 } else {
514 return -1;
515 }
516 }
517 if (!authmethod) {
519 }
521 new->value = (void *)authtype;
522 }
525 new->value = (void *) (long) (!strcasecmp(value, "legacy") ? HASHCOMPAT_LEGACY : ast_true(value) ? HASHCOMPAT_YES : HASHCOMPAT_NO);
526 }
527 } else {
528 /* Highly unlikely */
529 goto yuck;
530 }
531 }
532
533 /* Memory allocation error */
534 if (!new) {
535 return -1;
536 }
537
539 } else {
540yuck:
542 return -1;
543 }
544
545 /* Remove any existing entry, only http headers are left */
547 if (new->key != CURLOPT_HTTPHEADER) {
551 ast_free(cur);
552 break;
553 }
554 }
556 }
557
558 /* Insert new entry */
562
563 return 0;
564}
References ast_calloc, ast_channel_datastore_add(), ast_channel_datastore_find(), ast_channel_lock, ast_channel_unlock, ast_datastore_alloc, ast_datastore_free(), ast_debug, ast_free, AST_LIST_HEAD_INIT, AST_LIST_INSERT_TAIL, AST_LIST_LOCK, AST_LIST_REMOVE_CURRENT, AST_LIST_TRAVERSE_SAFE_BEGIN, AST_LIST_TRAVERSE_SAFE_END, AST_LIST_UNLOCK, ast_log, ast_strdupa, ast_true(), curl_info, CURLOPT_SPECIAL_HASHCOMPAT, ast_datastore::data, HASHCOMPAT_LEGACY, HASHCOMPAT_NO, HASHCOMPAT_YES, curl_settings::key, curl_settings::list, LOG_ERROR, LOG_WARNING, name, NULL, OT_BOOLEAN, OT_ENUM, OT_INTEGER, OT_INTEGER_MS, OT_STRING, parse_curlopt_key(), strsep(), and value.
◆ AST_MODULE_SELF_SYM()
| struct ast_module * AST_MODULE_SELF_SYM | ( | void | ) |
Definition at line 1097 of file func_curl.c.
◆ AST_THREADSTORAGE_CUSTOM_SCOPE() [1/2]
| AST_THREADSTORAGE_CUSTOM_SCOPE | ( | curl_instance | , |
| curl_instance_init | , | ||
| curl_instance_cleanup | , | ||
| static | |||
| ) |
◆ AST_THREADSTORAGE_CUSTOM_SCOPE() [2/2]
| AST_THREADSTORAGE_CUSTOM_SCOPE | ( | thread_escapebuf | , |
| NULL | , | ||
| ast_free_ptr | , | ||
| static | |||
| ) |
◆ curl_instance_cleanup()
|
static |
Definition at line 731 of file func_curl.c.
References ast_free.
◆ curl_instance_init()
|
static |
Definition at line 716 of file func_curl.c.
717{
718 CURL **curl = data;
719
720 if (!(*curl = curl_easy_init()))
721 return -1;
722
723 curl_easy_setopt(*curl, CURLOPT_NOSIGNAL, 1);
724 curl_easy_setopt(*curl, CURLOPT_TIMEOUT, 180);
725 curl_easy_setopt(*curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
726 curl_easy_setopt(*curl, CURLOPT_USERAGENT, AST_CURL_USER_AGENT);
727
728 return 0;
729}
References AST_CURL_USER_AGENT, and WriteMemoryCallback().
◆ curlds_free()
|
static |
Definition at line 284 of file func_curl.c.
References ast_free, AST_LIST_HEAD, AST_LIST_HEAD_DESTROY, AST_LIST_REMOVE_HEAD, and curl_settings::list.
◆ load_module()
|
static |
Definition at line 1079 of file func_curl.c.
References acf_curl, acf_curlopt, AST_CFE_WRITE, ast_custom_function_register, ast_custom_function_register_escalating, and AST_TEST_REGISTER.
◆ parse_curlopt_key()
|
static |
Definition at line 312 of file func_curl.c.
313{
315 *key = CURLOPT_HEADER;
316 *ot = OT_BOOLEAN;
318 *key = CURLOPT_HTTPHEADER;
319 *ot = OT_STRING;
321 *key = CURLOPT_HTTPAUTH;
322 *ot = OT_ENUM;
324 *key = CURLOPT_PROXY;
325 *ot = OT_STRING;
327 *key = CURLOPT_PROXYPORT;
328 *ot = OT_INTEGER;
330 *key = CURLOPT_PROXYTYPE;
331 *ot = OT_ENUM;
333 *key = CURLOPT_DNS_CACHE_TIMEOUT;
334 *ot = OT_INTEGER;
336 *key = CURLOPT_USERPWD;
337 *ot = OT_STRING;
339 *key = CURLOPT_PROXYUSERPWD;
340 *ot = OT_STRING;
342 *key = CURLOPT_FOLLOWLOCATION;
343 *ot = OT_BOOLEAN;
345 *key = CURLOPT_MAXREDIRS;
346 *ot = OT_INTEGER;
348 *key = CURLOPT_REFERER;
349 *ot = OT_STRING;
351 *key = CURLOPT_USERAGENT;
352 *ot = OT_STRING;
354 *key = CURLOPT_COOKIE;
355 *ot = OT_STRING;
357 *key = CURLOPT_FTP_RESPONSE_TIMEOUT;
358 *ot = OT_INTEGER;
360#if CURLVERSION_ATLEAST(7,16,2)
361 *key = CURLOPT_TIMEOUT_MS;
362 *ot = OT_INTEGER_MS;
363#else
364 *key = CURLOPT_TIMEOUT;
365 *ot = OT_INTEGER;
366#endif
368#if CURLVERSION_ATLEAST(7,16,2)
369 *key = CURLOPT_CONNECTTIMEOUT_MS;
370 *ot = OT_INTEGER_MS;
371#else
372 *key = CURLOPT_CONNECTTIMEOUT;
373 *ot = OT_INTEGER;
374#endif
376 *key = CURLOPT_TRANSFERTEXT;
377 *ot = OT_BOOLEAN;
379 *key = CURLOPT_SSL_VERIFYPEER;
380 *ot = OT_BOOLEAN;
382 *key = CURLOPT_SSL_VERIFYHOST;
383 *ot = OT_INTEGER;
385 *key = CURLOPT_CAINFO;
386 *ot = OT_STRING;
388 *key = CURLOPT_CAPATH;
389 *ot = OT_STRING;
391 *key = CURLOPT_SSLCERT;
392 *ot = OT_STRING;
394 *key = CURLOPT_SSLCERTTYPE;
395 *ot = OT_STRING;
397 *key = CURLOPT_SSLKEY;
398 *ot = OT_STRING;
400 *key = CURLOPT_SSLKEYTYPE;
401 *ot = OT_STRING;
403 *key = CURLOPT_KEYPASSWD;
404 *ot = OT_STRING;
406 *key = CURLOPT_SPECIAL_HASHCOMPAT;
407 *ot = OT_ENUM;
409 *key = CURLOPT_SPECIAL_FAILURE_CODE;
410 *ot = OT_STRING;
411 } else {
412 return -1;
413 }
414 return 0;
415}
References CURLOPT_SPECIAL_FAILURE_CODE, CURLOPT_SPECIAL_HASHCOMPAT, curl_settings::key, name, OT_BOOLEAN, OT_ENUM, OT_INTEGER, OT_INTEGER_MS, and OT_STRING.
Referenced by acf_curlopt_helper(), and acf_curlopt_write().
◆ unload_module()
|
static |
Definition at line 1067 of file func_curl.c.
References acf_curl, acf_curlopt, ast_custom_function_unregister(), and AST_TEST_UNREGISTER.
◆ url_is_vulnerable()
|
static |
Check for potential HTTP injection risk.
CVE-2014-8150 brought up the fact that HTTP proxies are subject to injection attacks. An HTTP URL sent to a proxy contains a carriage-return linefeed combination, followed by a complete HTTP request. Proxies will handle this as two separate HTTP requests rather than as a malformed URL.
libcURL patched this vulnerability in version 7.40.0, but we have no guarantee that Asterisk systems will be using an up-to-date cURL library. Therefore, we implement the same fix as libcURL for determining if a URL is vulnerable to an injection attack.
- Parameters
-
url The URL to check for vulnerability
- Return values
-
0 The URL is not vulnerable 1 The URL is vulnerable.
Definition at line 759 of file func_curl.c.
References url.
Referenced by acf_curl_helper().
◆ WriteMemoryCallback()
|
static |
Definition at line 701 of file func_curl.c.
702{
703 register int realsize = 0;
705
707 realsize = size * nmemb;
710 realsize = fwrite(ptr, size, nmemb, cb_data->out_file);
711 }
712
713 return realsize;
714}
References ast_str_append_substr(), curl_write_callback_data::out_file, and curl_write_callback_data::str.
Referenced by curl_instance_init().
Variable Documentation
◆ __mod_info
|
static |
Definition at line 1097 of file func_curl.c.
◆ acf_curl
|
static |
Initial value:
Definition at line 1004 of file func_curl.c.
Referenced by load_module(), and unload_module().
◆ acf_curlopt
|
static |
Definition at line 1010 of file func_curl.c.
1010 {
1011 .name = "CURLOPT",
1012 .read = acf_curlopt_read,
1013 .read2 = acf_curlopt_read2,
1014 .write = acf_curlopt_write,
1015};
Referenced by load_module(), and unload_module().
◆ ast_module_info
|
static |
Definition at line 1097 of file func_curl.c.
◆ curl_info
|
static |
Initial value:
Definition at line 271 of file func_curl.c.
Referenced by acf_curl_helper(), acf_curlopt_helper(), and acf_curlopt_write().
