diff options
| -rwxr-xr-x | configure.py | 2 | ||||
| -rwxr-xr-x | doc/examples/python/rsa.py | 2 | ||||
| -rw-r--r-- | doc/python.rst | 7 | ||||
| -rw-r--r-- | doc/relnotes/1_11_6.rst | 18 | ||||
| -rw-r--r-- | src/cert/x509/info.txt | 1 | ||||
| -rw-r--r-- | src/utils/boost/info.txt | 7 | ||||
| -rw-r--r-- | src/utils/http_util/http_util.cpp | 100 | ||||
| -rw-r--r-- | src/utils/http_util/http_util.h | 22 | ||||
| -rw-r--r-- | src/utils/http_util/info.txt | 6 |
9 files changed, 124 insertions, 41 deletions
diff --git a/configure.py b/configure.py index dd9b40879..5dc94ddcc 100755 --- a/configure.py +++ b/configure.py @@ -373,7 +373,7 @@ def process_command_line(args): mods_group.add_option('--no-autoload', action='store_true', default=False, help='disable automatic loading') - for mod in ['sqlite3', 'openssl', 'gnump', 'bzip2', 'zlib', 'lzma']: + for mod in ['boost', 'sqlite3', 'zlib', 'bzip2', 'lzma', 'gnump', 'openssl']: mods_group.add_option('--with-%s' % (mod), help='add support for using %s' % (mod), diff --git a/doc/examples/python/rsa.py b/doc/examples/python/rsa.py index 8ca95ff8b..998b72b7b 100755 --- a/doc/examples/python/rsa.py +++ b/doc/examples/python/rsa.py @@ -16,7 +16,7 @@ def make_into_c_array(ber): rng = botan.RandomNumberGenerator() -rsa_priv = botan.RSA_PrivateKey(768, rng) +rsa_priv = botan.RSA_PrivateKey(1024, rng) print rsa_priv.to_string() print int(rsa_priv.get_N()) diff --git a/doc/python.rst b/doc/python.rst index dcd274eed..32ffe3878 100644 --- a/doc/python.rst +++ b/doc/python.rst @@ -11,4 +11,11 @@ Python Binding Botan includes a binding for Python, implemented using Boost.Python. +As you can see, it is not currently documented, though there are a few +examples under `examples/python`, such as RSA + .. literalinclude:: examples/python/rsa.py + +and EAX encryption using a passphrase: + +.. literalinclude:: examples/python/cipher.py diff --git a/doc/relnotes/1_11_6.rst b/doc/relnotes/1_11_6.rst index 8e58c5455..a6dd9ba35 100644 --- a/doc/relnotes/1_11_6.rst +++ b/doc/relnotes/1_11_6.rst @@ -1,12 +1,16 @@ Version 1.11.6, Not Yet Released ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* The Boost filesystem and asio libraries are now being used + internally. Using Boost is enabled by default, pass + ``--without-boost`` to ``configure.py`` to disable. + +* The default TLS policy no longer includes RC4 in the cipher list, and + refuses to negotation SSLv3 by default. + * OAEP had two bugs, one of which allowed it to be used even if the key was too small, and the other of which would cause a crash during - decoding if the input was too large to have been created for the - associated key. - -* Botan now requires Boost, specifically the filesystem and asio libraries. + decryption if the EME data was too large for the associated key. * GCM mode now uses the Intel clmul instruction when available @@ -16,8 +20,4 @@ Version 1.11.6, Not Yet Released * Add SIV from :rfc:`5297` -* TLS::Session_Manager_In_Memory's constructor now an rng reference argument - -* The default TLS policy no longer includes RC4 in the cipher list, and - refuses to negotation SSLv3 by default. - +* TLS::Session_Manager_In_Memory's constructor now requires a RNG diff --git a/src/cert/x509/info.txt b/src/cert/x509/info.txt index a74fd6631..83512857f 100644 --- a/src/cert/x509/info.txt +++ b/src/cert/x509/info.txt @@ -3,7 +3,6 @@ define OCSP 20131128 <requires> datastor -http_util </requires> <libs> diff --git a/src/utils/boost/info.txt b/src/utils/boost/info.txt new file mode 100644 index 000000000..e87fd5b88 --- /dev/null +++ b/src/utils/boost/info.txt @@ -0,0 +1,7 @@ +define BOOST_FILESYSTEM 20131228 +define BOOST_ASIO 20131228 + +<libs> +all -> boost_system,boost_filesystem +</libs> + diff --git a/src/utils/http_util/http_util.cpp b/src/utils/http_util/http_util.cpp index 2a02e1280..a233c1c60 100644 --- a/src/utils/http_util/http_util.cpp +++ b/src/utils/http_util/http_util.cpp @@ -1,5 +1,5 @@ /* -* HTTP utilities +* Sketchy HTTP client * (C) 2013 Jack Lloyd * * Distributed under the terms of the Botan license @@ -8,13 +8,46 @@ #include <botan/http_util.h> #include <botan/parsing.h> #include <botan/hex.h> +#include <sstream> +#if defined(BOTAN_HAS_BOOST_ASIO) #include <boost/asio.hpp> +#endif namespace Botan { namespace HTTP { +#if defined(BOTAN_HAS_BOOST_ASIO) +std::string http_transact_asio(const std::string& hostname, + const std::string& message) + { + using namespace boost::asio::ip; + + boost::asio::ip::tcp::iostream tcp; + + tcp.connect(hostname, "http"); + + if(!tcp) + throw std::runtime_error("HTTP connection to " + hostname + " failed"); + + tcp << message; + tcp.flush(); + + std::ostringstream oss; + oss << tcp.rdbuf(); + + return oss.str(); + } +#endif + +std::string http_transact_fail(const std::string& hostname, + const std::string&) + { + throw std::runtime_error("Cannot connect to " + hostname + + ": network code disabled in build"); + } + std::string url_encode(const std::string& in) { std::ostringstream out; @@ -33,19 +66,26 @@ std::string url_encode(const std::string& in) out << '%' << hex_encode(reinterpret_cast<byte*>(&c), 1); } - std::cout << "URL(" << in << ") = " << out.str(); - return out.str(); } -Response http_sync(const std::string& verb, +std::ostream& operator<<(std::ostream& o, const Response& resp) + { + o << "HTTP " << resp.status_code() << " " << resp.status_message() << "\n"; + for(auto h : resp.headers()) + o << "Header '" << h.first << "' = '" << h.second << "'\n"; + o << "Body " << std::to_string(resp.body().size()) << " bytes:\n"; + o.write(reinterpret_cast<const char*>(&resp.body()[0]), resp.body().size()); + return o; + } + +Response http_sync(http_exch_fn http_transact, + const std::string& verb, const std::string& url, const std::string& content_type, const std::vector<byte>& body, size_t allowable_redirects) { - using namespace boost::asio::ip; - const auto protocol_host_sep = url.find("://"); if(protocol_host_sep == std::string::npos) throw std::runtime_error("Invalid URL " + url); @@ -66,12 +106,6 @@ Response http_sync(const std::string& verb, loc = url.substr(host_loc_sep, std::string::npos); } - tcp::iostream sock; - - sock.connect(hostname, "http"); - if(!sock) - throw std::runtime_error("Connection to " + hostname + " failed"); - std::ostringstream outbuf; outbuf << verb << " " << loc << " HTTP/1.0\r\n"; @@ -90,12 +124,11 @@ Response http_sync(const std::string& verb, outbuf << "Connection: close\r\n\r\n"; outbuf.write(reinterpret_cast<const char*>(&body[0]), body.size()); - sock << outbuf.str(); - sock.flush(); + std::istringstream io(http_transact(hostname, outbuf.str())); std::string line1; - std::getline(sock, line1); - if(!sock) + std::getline(io, line1); + if(!io || line1.empty()) throw std::runtime_error("No response"); std::stringstream response_stream(line1); @@ -112,14 +145,18 @@ Response http_sync(const std::string& verb, std::map<std::string, std::string> headers; std::string header_line; - while (std::getline(sock, header_line) && header_line != "\r") + while (std::getline(io, header_line) && header_line != "\r") { auto sep = header_line.find(": "); if(sep == std::string::npos || sep > header_line.size() - 2) throw std::runtime_error("Invalid HTTP header " + header_line); const std::string key = header_line.substr(0, sep); - const std::string val = header_line.substr(sep + 2, std::string::npos); - headers[key] = val; + + if(sep + 2 < header_line.size() - 1) + { + const std::string val = header_line.substr(sep + 2, (header_line.size() - 1) - (sep + 2)); + headers[key] = val; + } } if(status_code == 301 && headers.count("Location")) @@ -132,15 +169,34 @@ Response http_sync(const std::string& verb, // Use Content-Length if set std::vector<byte> resp_body; std::vector<byte> buf(4096); - while(sock.good()) + while(io.good()) { - sock.read(reinterpret_cast<char*>(&buf[0]), buf.size()); - resp_body.insert(resp_body.end(), &buf[0], &buf[sock.gcount()]); + io.read(reinterpret_cast<char*>(&buf[0]), buf.size()); + resp_body.insert(resp_body.end(), &buf[0], &buf[io.gcount()]); } return Response(status_code, status_message, resp_body, headers); } +Response http_sync(const std::string& verb, + const std::string& url, + const std::string& content_type, + const std::vector<byte>& body, + size_t allowable_redirects) + { + return http_sync( +#if defined(BOTAN_HAS_BOOST_ASIO) + http_transact_asio, +#else + http_transact_fail, +#endif + verb, + url, + content_type, + body, + allowable_redirects); + } + Response GET_sync(const std::string& url, size_t allowable_redirects) { return http_sync("GET", url, "", std::vector<byte>(), allowable_redirects); diff --git a/src/utils/http_util/http_util.h b/src/utils/http_util/http_util.h index 0d9ab2756..d024add4d 100644 --- a/src/utils/http_util/http_util.h +++ b/src/utils/http_util/http_util.h @@ -51,6 +51,26 @@ struct Response std::map<std::string, std::string> m_headers; }; +BOTAN_DLL std::ostream& operator<<(std::ostream& o, const Response& resp); + +typedef std::function<std::string (const std::string&, const std::string&)> http_exch_fn; + +#if defined(BOTAN_HAS_BOOST_ASIO) +std::string BOTAN_DLL http_transact_asio(const std::string& hostname, + const std::string& message); +#endif + +std::string BOTAN_DLL http_transact_fail(const std::string& hostname, + const std::string& message); + + +BOTAN_DLL Response http_sync(http_exch_fn fn, + const std::string& verb, + const std::string& url, + const std::string& content_type, + const std::vector<byte>& body, + size_t allowable_redirects); + BOTAN_DLL Response http_sync(const std::string& verb, const std::string& url, const std::string& content_type, @@ -65,7 +85,7 @@ BOTAN_DLL Response POST_sync(const std::string& url, const std::vector<byte>& body, size_t allowable_redirects = 1); -BOTAN_DLL std::future<Response> BOTAN_DLL GET_async(const std::string& url, +std::future<Response> BOTAN_DLL GET_async(const std::string& url, size_t allowable_redirects = 1); BOTAN_DLL std::string url_encode(const std::string& url); diff --git a/src/utils/http_util/info.txt b/src/utils/http_util/info.txt index 279e93352..a23a43a3d 100644 --- a/src/utils/http_util/info.txt +++ b/src/utils/http_util/info.txt @@ -1,7 +1 @@ define HTTP_UTIL 20131128 - -load_on auto - -<libs> -all -> boost_system -</libs> |