summaryrefslogtreecommitdiffstats
path: root/crypto/cmp/cmp_http.c
AgeCommit message (Collapse)Author
2023-05-30cmp_http.c: Remove obsolete comment w.r.t. ERR_clear_error()Dr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/17354)
2022-07-11cmp_http.c: extend comment in keep_alive()Dr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18702)
2022-05-04Remove duplicated #include headersJHH20
CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18220)
2021-11-17Move more general parts of internal/cryptlib.h to new internal/common.hDr. David von Oheimb
Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15847)
2021-05-27Use <> for #include openssl/xxxRich Salz
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15468)
2021-05-20Update copyright yearMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15381)
2021-05-14HTTP: Implement persistent connections (keep-alive)Dr. David von Oheimb
Both at API and at CLI level (for the CMP app only, so far) there is a new parameter/option: keep_alive. * 0 means HTTP connections are not kept open after receiving a response, which is the default behavior for HTTP 1.0. * 1 means that persistent connections are requested. * 2 means that persistent connections are required, i.e., in case the server does not grant them an error occurs. For the CMP app the default value is 1, which means preferring to keep the connection open. For all other internal uses of the HTTP client (fetching an OCSP response, a cert, or a CRL) it does not matter because these operations just take one round trip. If the client application requested or required a persistent connection and this was granted by the server, it can keep the OSSL_HTTP_REQ_CTX * as long as it wants to send further requests and OSSL_HTTP_is_alive() returns nonzero, else it should call OSSL_HTTP_REQ_CTX_free() or OSSL_HTTP_close(). In case the client application keeps the OSSL_HTTP_REQ_CTX * but the connection then dies for any reason at the server side, it will notice this obtaining an I/O error when trying to send the next request. This requires extending the HTTP header parsing and rearranging the high-level HTTP client API. In particular: * Split the monolithic OSSL_HTTP_transfer() into OSSL_HTTP_open(), OSSL_HTTP_set_request(), a lean OSSL_HTTP_transfer(), and OSSL_HTTP_close(). * Split the timeout functionality accordingly and improve default behavior. * Extract part of OSSL_HTTP_REQ_CTX_new() to OSSL_HTTP_REQ_CTX_set_expected(). * Extend struct ossl_http_req_ctx_st accordingly. Use the new feature for the CMP client, which requires extending related transaction management of CMP client and test server. Update the documentation and extend the tests accordingly. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15053)
2021-05-12HTTP client: Minimal changes that include the improved APIDr. David von Oheimb
This is a minimal version of pull request #15053 including all the proposed improvements to the HTTP client API and its documentation but only those code adaptations strictly needed for it. The proposed new features include * support for persistent connections (keep-alive), * generalization to arbitrary request and response types, and * support for streaming BIOs for request and response data. The related API changes include: * Split the monolithic OSSL_HTTP_transfer() into OSSL_HTTP_open(), OSSL_HTTP_set_request(), a lean OSSL_HTTP_transfer(), and OSSL_HTTP_close(). * Split the timeout functionality accordingly and improve default behavior. * Extract part of OSSL_HTTP_REQ_CTX_new() to OSSL_HTTP_REQ_CTX_set_expected(). Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15147)
2020-11-13Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() callRichard Levitte
This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
2020-09-13Fix safestack issues in conf.hMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-01Add -verbosity option to apps/cmp.c and add log output also in crypto/cmpDr. David von Oheimb
* In the cmp app so far the -verbosity option had been missing. * Extend log output helpful for debugging CMP applications in setup_ssl_ctx() of the cmp app, ossl_cmp_msg_add_extraCerts(), OSSL_CMP_validate_msg(), and OSSL_CMP_MSG_http_perform(). * Correct suppression of log output with insufficient severity. * Add logging/severity level OSSL_CMP_LOG_TRACE = OSSL_CMP_LOG_MAX. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12739)
2020-05-09Constify 'req' parameter of OSSL_HTTP_post_asn1()Dr. David von Oheimb
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11736)
2020-04-24In OpenSSL builds, declare STACK for datatypes ...Rich Salz
... and only *define* them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds and not non-deprecated builds. Deprecate stack-of-block Better documentation Move some ASN1 struct typedefs to types.h Update ParseC to handle this. Most of all, ParseC needed to be more consistent. The handlers are "recursive", in so far that they are called again and again until they terminate, which depends entirely on what the "massager" returns. There's a comment at the beginning of ParseC that explains how that works. {Richard Levtte} Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10669)
2020-04-23Update copyright yearMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
2020-04-02HTTP client: make server/proxy and port params more consistent; minor other ↵Dr. David von Oheimb
improvements Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11404)
2020-04-02 Chunk 10 of CMP contribution to OpenSSL: CMP http client and related testsDr. David von Oheimb
Also improve the generic HTTP client w.r.t. proxy and no_proxy options. Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712). Adds the CMP and CRMF API to libcrypto and the "cmp" app to the CLI. Adds extensive documentation and tests. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11404)
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-12 09:30:59 +0000