1 // Copyright (c) 2006, Google Inc. 2 // All rights reserved. 3 // 4 // Redistribution and use in source and binary forms, with or without 5 // modification, are permitted provided that the following conditions are 6 // met: 7 // 8 // * Redistributions of source code must retain the above copyright 9 // notice, this list of conditions and the following disclaimer. 10 // * Redistributions in binary form must reproduce the above 11 // copyright notice, this list of conditions and the following disclaimer 12 // in the documentation and/or other materials provided with the 13 // distribution. 14 // * Neither the name of Google Inc. nor the names of its 15 // contributors may be used to endorse or promote products derived from 16 // this software without specific prior written permission. 17 // 18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 30 #include <assert.h> 31 32 // Disable exception handler warnings. 33 #pragma warning(disable:4530) 34 35 #include <fstream> 36 #include <vector> 37 38 #include "common/windows/string_utils-inl.h" 39 40 #include "common/windows/http_upload.h" 41 42 namespace { 43 using std::string; 44 using std::wstring; 45 using std::map; 46 using std::vector; 47 using std::ifstream; 48 using std::ios; 49 50 const wchar_t kUserAgent[] = L"Breakpad/1.0 (Windows)"; 51 52 // Helper class which closes an internet handle when it goes away 53 class AutoInternetHandle { 54 public: AutoInternetHandle(HINTERNET handle)55 explicit AutoInternetHandle(HINTERNET handle) : handle_(handle) {} ~AutoInternetHandle()56 ~AutoInternetHandle() { 57 if (handle_) { 58 InternetCloseHandle(handle_); 59 } 60 } 61 get()62 HINTERNET get() { return handle_; } 63 64 private: 65 HINTERNET handle_; 66 }; 67 UTF8ToWide(const string & utf8)68 wstring UTF8ToWide(const string &utf8) { 69 if (utf8.length() == 0) { 70 return wstring(); 71 } 72 73 // compute the length of the buffer we'll need 74 int charcount = MultiByteToWideChar(CP_UTF8, 0, utf8.c_str(), -1, NULL, 0); 75 76 if (charcount == 0) { 77 return wstring(); 78 } 79 80 // convert 81 wchar_t* buf = new wchar_t[charcount]; 82 MultiByteToWideChar(CP_UTF8, 0, utf8.c_str(), -1, buf, charcount); 83 wstring result(buf); 84 delete[] buf; 85 return result; 86 } 87 WideToMBCP(const wstring & wide,unsigned int cp)88 string WideToMBCP(const wstring &wide, unsigned int cp) { 89 if (wide.length() == 0) { 90 return string(); 91 } 92 93 // compute the length of the buffer we'll need 94 int charcount = WideCharToMultiByte(cp, 0, wide.c_str(), -1, 95 NULL, 0, NULL, NULL); 96 if (charcount == 0) { 97 return string(); 98 } 99 100 // convert 101 char *buf = new char[charcount]; 102 WideCharToMultiByte(cp, 0, wide.c_str(), -1, buf, charcount, 103 NULL, NULL); 104 105 string result(buf); 106 delete[] buf; 107 return result; 108 } 109 GetFileContents(const wstring & filename,vector<char> * contents)110 bool GetFileContents(const wstring &filename, vector<char> *contents) { 111 bool rv = false; 112 // The "open" method on pre-MSVC8 ifstream implementations doesn't accept a 113 // wchar_t* filename, so use _wfopen directly in that case. For VC8 and 114 // later, _wfopen has been deprecated in favor of _wfopen_s, which does 115 // not exist in earlier versions, so let the ifstream open the file itself. 116 // GCC doesn't support wide file name and opening on FILE* requires ugly 117 // hacks, so fallback to multi byte file. 118 #ifdef _MSC_VER 119 ifstream file; 120 file.open(filename.c_str(), ios::binary); 121 #else // GCC 122 ifstream file(WideToMBCP(filename, CP_ACP).c_str(), ios::binary); 123 #endif // _MSC_VER >= 1400 124 if (file.is_open()) { 125 file.seekg(0, ios::end); 126 std::streamoff length = file.tellg(); 127 // Check for loss of data when converting lenght from std::streamoff into 128 // std::vector<char>::size_type 129 std::vector<char>::size_type vector_size = 130 static_cast<std::vector<char>::size_type>(length); 131 if (static_cast<std::streamoff>(vector_size) == length) { 132 contents->resize(vector_size); 133 if (length != 0) { 134 file.seekg(0, ios::beg); 135 file.read(&((*contents)[0]), length); 136 } 137 rv = true; 138 } 139 file.close(); 140 } 141 return rv; 142 } 143 CheckParameters(const map<wstring,wstring> & parameters)144 bool CheckParameters(const map<wstring, wstring> ¶meters) { 145 for (map<wstring, wstring>::const_iterator pos = parameters.begin(); 146 pos != parameters.end(); ++pos) { 147 const wstring &str = pos->first; 148 if (str.size() == 0) { 149 return false; // disallow empty parameter names 150 } 151 for (unsigned int i = 0; i < str.size(); ++i) { 152 wchar_t c = str[i]; 153 if (c < 32 || c == '"' || c > 127) { 154 return false; 155 } 156 } 157 } 158 return true; 159 } 160 161 // Converts a UTF16 string to UTF8. WideToUTF8(const wstring & wide)162 string WideToUTF8(const wstring &wide) { 163 return WideToMBCP(wide, CP_UTF8); 164 } 165 ReadResponse(HINTERNET request,wstring * response)166 bool ReadResponse(HINTERNET request, wstring *response) { 167 bool has_content_length_header = false; 168 wchar_t content_length[32]; 169 DWORD content_length_size = sizeof(content_length); 170 DWORD claimed_size = 0; 171 string response_body; 172 173 if (HttpQueryInfo(request, HTTP_QUERY_CONTENT_LENGTH, 174 static_cast<LPVOID>(&content_length), 175 &content_length_size, 0)) { 176 has_content_length_header = true; 177 claimed_size = wcstol(content_length, NULL, 10); 178 response_body.reserve(claimed_size); 179 } 180 181 DWORD bytes_available; 182 DWORD total_read = 0; 183 BOOL return_code; 184 185 while (((return_code = InternetQueryDataAvailable(request, &bytes_available, 186 0, 0)) != 0) && bytes_available > 0) { 187 vector<char> response_buffer(bytes_available); 188 DWORD size_read; 189 190 return_code = InternetReadFile(request, 191 &response_buffer[0], 192 bytes_available, &size_read); 193 194 if (return_code && size_read > 0) { 195 total_read += size_read; 196 response_body.append(&response_buffer[0], size_read); 197 } 198 else { 199 break; 200 } 201 } 202 203 bool succeeded = return_code && (!has_content_length_header || 204 (total_read == claimed_size)); 205 if (succeeded && response) { 206 *response = UTF8ToWide(response_body); 207 } 208 209 return succeeded; 210 } 211 SendRequestInner(const wstring & url,const wstring & http_method,const wstring & content_type_header,const string & request_body,int * timeout_ms,wstring * response_body,int * response_code)212 bool SendRequestInner( 213 const wstring& url, 214 const wstring& http_method, 215 const wstring& content_type_header, 216 const string& request_body, 217 int* timeout_ms, 218 wstring* response_body, 219 int* response_code) { 220 if (response_code) { 221 *response_code = 0; 222 } 223 224 // Break up the URL and make sure we can handle it 225 wchar_t scheme[16], host[256], path[1024]; 226 URL_COMPONENTS components; 227 memset(&components, 0, sizeof(components)); 228 components.dwStructSize = sizeof(components); 229 components.lpszScheme = scheme; 230 components.dwSchemeLength = sizeof(scheme) / sizeof(scheme[0]); 231 components.lpszHostName = host; 232 components.dwHostNameLength = sizeof(host) / sizeof(host[0]); 233 components.lpszUrlPath = path; 234 components.dwUrlPathLength = sizeof(path) / sizeof(path[0]); 235 if (!InternetCrackUrl(url.c_str(), static_cast<DWORD>(url.size()), 236 0, &components)) { 237 DWORD err = GetLastError(); 238 wprintf(L"%d\n", err); 239 return false; 240 } 241 bool secure = false; 242 if (wcscmp(scheme, L"https") == 0) { 243 secure = true; 244 } 245 else if (wcscmp(scheme, L"http") != 0) { 246 return false; 247 } 248 249 AutoInternetHandle internet(InternetOpen(kUserAgent, 250 INTERNET_OPEN_TYPE_PRECONFIG, 251 NULL, // proxy name 252 NULL, // proxy bypass 253 0)); // flags 254 if (!internet.get()) { 255 return false; 256 } 257 258 AutoInternetHandle connection(InternetConnect(internet.get(), 259 host, 260 components.nPort, 261 NULL, // user name 262 NULL, // password 263 INTERNET_SERVICE_HTTP, 264 0, // flags 265 NULL)); // context 266 if (!connection.get()) { 267 return false; 268 } 269 270 DWORD http_open_flags = secure ? INTERNET_FLAG_SECURE : 0; 271 http_open_flags |= INTERNET_FLAG_NO_COOKIES; 272 AutoInternetHandle request(HttpOpenRequest(connection.get(), 273 http_method.c_str(), 274 path, 275 NULL, // version 276 NULL, // referer 277 NULL, // agent type 278 http_open_flags, 279 NULL)); // context 280 if (!request.get()) { 281 return false; 282 } 283 284 if (!content_type_header.empty()) { 285 HttpAddRequestHeaders(request.get(), 286 content_type_header.c_str(), 287 static_cast<DWORD>(-1), 288 HTTP_ADDREQ_FLAG_ADD); 289 } 290 291 if (timeout_ms) { 292 if (!InternetSetOption(request.get(), 293 INTERNET_OPTION_SEND_TIMEOUT, 294 timeout_ms, 295 sizeof(*timeout_ms))) { 296 fwprintf(stderr, L"Could not unset send timeout, continuing...\n"); 297 } 298 299 if (!InternetSetOption(request.get(), 300 INTERNET_OPTION_RECEIVE_TIMEOUT, 301 timeout_ms, 302 sizeof(*timeout_ms))) { 303 fwprintf(stderr, L"Could not unset receive timeout, continuing...\n"); 304 } 305 } 306 307 if (!HttpSendRequest(request.get(), NULL, 0, 308 const_cast<char *>(request_body.data()), 309 static_cast<DWORD>(request_body.size()))) { 310 return false; 311 } 312 313 // The server indicates a successful upload with HTTP status 200. 314 wchar_t http_status[4]; 315 DWORD http_status_size = sizeof(http_status); 316 if (!HttpQueryInfo(request.get(), HTTP_QUERY_STATUS_CODE, 317 static_cast<LPVOID>(&http_status), &http_status_size, 318 0)) { 319 return false; 320 } 321 322 int http_response = wcstol(http_status, NULL, 10); 323 if (response_code) { 324 *response_code = http_response; 325 } 326 327 bool result = (http_response == 200); 328 329 if (result) { 330 result = ReadResponse(request.get(), response_body); 331 } 332 333 return result; 334 } 335 GenerateMultipartBoundary()336 wstring GenerateMultipartBoundary() { 337 // The boundary has 27 '-' characters followed by 16 hex digits 338 static const wchar_t kBoundaryPrefix[] = L"---------------------------"; 339 static const int kBoundaryLength = 27 + 16 + 1; 340 341 // Generate some random numbers to fill out the boundary 342 int r0 = rand(); 343 int r1 = rand(); 344 345 wchar_t temp[kBoundaryLength]; 346 swprintf(temp, kBoundaryLength, L"%s%08X%08X", kBoundaryPrefix, r0, r1); 347 348 // remove when VC++7.1 is no longer supported 349 temp[kBoundaryLength - 1] = L'\0'; 350 351 return wstring(temp); 352 } 353 GenerateMultipartPostRequestHeader(const wstring & boundary)354 wstring GenerateMultipartPostRequestHeader(const wstring &boundary) { 355 wstring header = L"Content-Type: multipart/form-data; boundary="; 356 header += boundary; 357 return header; 358 } 359 AppendFileToRequestBody(const wstring & file_part_name,const wstring & filename,string * request_body)360 bool AppendFileToRequestBody( 361 const wstring& file_part_name, 362 const wstring& filename, 363 string* request_body) { 364 string file_part_name_utf8 = WideToUTF8(file_part_name); 365 if (file_part_name_utf8.empty()) { 366 return false; 367 } 368 369 string filename_utf8 = WideToUTF8(filename); 370 if (filename_utf8.empty()) { 371 return false; 372 } 373 374 request_body->append("Content-Disposition: form-data; " 375 "name=\"" + file_part_name_utf8 + "\"; " 376 "filename=\"" + filename_utf8 + "\"\r\n"); 377 request_body->append("Content-Type: application/octet-stream\r\n"); 378 request_body->append("\r\n"); 379 380 vector<char> contents; 381 if (!GetFileContents(filename, &contents)) { 382 return false; 383 } 384 385 if (!contents.empty()) { 386 request_body->append(&(contents[0]), contents.size()); 387 } 388 request_body->append("\r\n"); 389 390 return true; 391 } 392 GenerateRequestBody(const map<wstring,wstring> & parameters,const map<wstring,wstring> & files,const wstring & boundary,string * request_body)393 bool GenerateRequestBody(const map<wstring, wstring> ¶meters, 394 const map<wstring, wstring> &files, 395 const wstring &boundary, 396 string *request_body) { 397 string boundary_str = WideToUTF8(boundary); 398 if (boundary_str.empty()) { 399 return false; 400 } 401 402 request_body->clear(); 403 404 // Append each of the parameter pairs as a form-data part 405 for (map<wstring, wstring>::const_iterator pos = parameters.begin(); 406 pos != parameters.end(); ++pos) { 407 request_body->append("--" + boundary_str + "\r\n"); 408 request_body->append("Content-Disposition: form-data; name=\"" + 409 WideToUTF8(pos->first) + "\"\r\n\r\n" + 410 WideToUTF8(pos->second) + "\r\n"); 411 } 412 413 // Now append each upload file as a binary (octet-stream) part 414 for (map<wstring, wstring>::const_iterator pos = files.begin(); 415 pos != files.end(); ++pos) { 416 request_body->append("--" + boundary_str + "\r\n"); 417 418 if (!AppendFileToRequestBody(pos->first, pos->second, request_body)) { 419 return false; 420 } 421 } 422 request_body->append("--" + boundary_str + "--\r\n"); 423 return true; 424 } 425 } 426 427 namespace google_breakpad { SendPutRequest(const wstring & url,const wstring & path,int * timeout_ms,wstring * response_body,int * response_code)428 bool HTTPUpload::SendPutRequest( 429 const wstring& url, 430 const wstring& path, 431 int* timeout_ms, 432 wstring* response_body, 433 int* response_code) { 434 string request_body; 435 if (!AppendFileToRequestBody(L"symbol_file", path, &request_body)) { 436 return false; 437 } 438 439 return SendRequestInner( 440 url, 441 L"PUT", 442 L"", 443 request_body, 444 timeout_ms, 445 response_body, 446 response_code); 447 } 448 SendGetRequest(const wstring & url,int * timeout_ms,wstring * response_body,int * response_code)449 bool HTTPUpload::SendGetRequest( 450 const wstring& url, 451 int* timeout_ms, 452 wstring* response_body, 453 int* response_code) { 454 return SendRequestInner( 455 url, 456 L"GET", 457 L"", 458 "", 459 timeout_ms, 460 response_body, 461 response_code); 462 } 463 SendMultipartPostRequest(const wstring & url,const map<wstring,wstring> & parameters,const map<wstring,wstring> & files,int * timeout_ms,wstring * response_body,int * response_code)464 bool HTTPUpload::SendMultipartPostRequest( 465 const wstring& url, 466 const map<wstring, wstring>& parameters, 467 const map<wstring, wstring>& files, 468 int* timeout_ms, 469 wstring* response_body, 470 int* response_code) { 471 // TODO(bryner): support non-ASCII parameter names 472 if (!CheckParameters(parameters)) { 473 return false; 474 } 475 476 wstring boundary = GenerateMultipartBoundary(); 477 wstring content_type_header = GenerateMultipartPostRequestHeader(boundary); 478 479 string request_body; 480 if (!GenerateRequestBody(parameters, files, boundary, &request_body)) { 481 return false; 482 } 483 484 return SendRequestInner( 485 url, 486 L"POST", 487 content_type_header, 488 request_body, 489 timeout_ms, 490 response_body, 491 response_code); 492 } 493 SendSimplePostRequest(const wstring & url,const wstring & body,const wstring & content_type,int * timeout_ms,wstring * response_body,int * response_code)494 bool HTTPUpload::SendSimplePostRequest( 495 const wstring& url, 496 const wstring& body, 497 const wstring& content_type, 498 int *timeout_ms, 499 wstring *response_body, 500 int *response_code) { 501 return SendRequestInner( 502 url, 503 L"POST", 504 content_type, 505 WideToUTF8(body), 506 timeout_ms, 507 response_body, 508 response_code); 509 } 510 } // namespace google_breakpad 511