externals: update httplib and libressl ...

* In older `httplib`, SSL connections were not handled correctly and
  will have issues with proxy servers. Also, keep alive directives were
  not available back then, which is probably necessary to implement
  HTTP_C service correctly.
* Another reason being `httplib` now requires OpenSSL 1.1+ API while
  LibreSSL 2.x provided OpenSSL 1.0 compatible API.
* The bundled LibreSSL has been updated to 3.2.2 so it now provides
  OpenSSL 1.1 compatible API now.
* Also the path hint has been added so that it will find the correct
  path to the CA certs on *nix systems.
* An option is provided so that *nix system distributions/providers can
  use their own SSL implementations when compiling Yuzu/Citra to
  (hopefully) complies with their maintenance guidelines.
* LURLParse is also removed since `httplib` can handle
  `scheme:host:port` string itself now.
This commit is contained in:
liushuyu 2021-02-10 22:18:25 -07:00
parent 45a4a56264
commit af24f75c18
No known key found for this signature in database
GPG key ID: 23D1CE4534419437
12 changed files with 4436 additions and 2124 deletions

View file

@ -9,7 +9,7 @@ list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/externals/cmake-modul
include(DownloadExternals) include(DownloadExternals)
include(CMakeDependentOption) include(CMakeDependentOption)
project(citra) project(citra LANGUAGES C CXX ASM)
# Set bundled sdl2/qt as dependent options. # Set bundled sdl2/qt as dependent options.
# OFF by default, but if ENABLE_SDL2 and MSVC are true then ON # OFF by default, but if ENABLE_SDL2 and MSVC are true then ON

View file

@ -100,19 +100,24 @@ if (USE_DISCORD_PRESENCE)
endif() endif()
if (ENABLE_WEB_SERVICE) if (ENABLE_WEB_SERVICE)
# LibreSSL find_package(OpenSSL 1.1)
set(LIBRESSL_SKIP_INSTALL ON CACHE BOOL "") if (OPENSSL_FOUND)
add_subdirectory(libressl EXCLUDE_FROM_ALL) set(OPENSSL_LIBRARIES OpenSSL::SSL OpenSSL::Crypto)
target_include_directories(ssl INTERFACE ./libressl/include) else()
target_compile_definitions(ssl PRIVATE -DHAVE_INET_NTOP) # LibreSSL
set(LIBRESSL_SKIP_INSTALL ON CACHE BOOL "")
set(OPENSSLDIR "/etc/ssl/")
add_subdirectory(libressl EXCLUDE_FROM_ALL)
target_include_directories(ssl INTERFACE ./libressl/include)
target_compile_definitions(ssl PRIVATE -DHAVE_INET_NTOP)
get_directory_property(OPENSSL_LIBRARIES
DIRECTORY libressl
DEFINITION OPENSSL_LIBS)
endif()
# JSON # JSON
add_library(json-headers INTERFACE) add_library(json-headers INTERFACE)
target_include_directories(json-headers INTERFACE ./json) target_include_directories(json-headers INTERFACE ./json)
# lurlparser
add_subdirectory(lurlparser EXCLUDE_FROM_ALL)
if(ANDROID) if(ANDROID)
add_subdirectory(android-ifaddrs) add_subdirectory(android-ifaddrs)
endif() endif()
@ -121,6 +126,7 @@ if (ENABLE_WEB_SERVICE)
add_library(httplib INTERFACE) add_library(httplib INTERFACE)
target_include_directories(httplib INTERFACE ./httplib) target_include_directories(httplib INTERFACE ./httplib)
target_compile_options(httplib INTERFACE -DCPPHTTPLIB_OPENSSL_SUPPORT) target_compile_options(httplib INTERFACE -DCPPHTTPLIB_OPENSSL_SUPPORT)
target_link_libraries(httplib INTERFACE ${OPENSSL_LIBRARIES})
# cpp-jwt # cpp-jwt
add_library(cpp-jwt INTERFACE) add_library(cpp-jwt INTERFACE)

File diff suppressed because it is too large Load diff

2
externals/libressl vendored

@ -1 +1 @@
Subproject commit 7d01cb01cb1a926ecb4c9c98b107ef3c26f59dfb Subproject commit 8289d0d07de6553bf4b900bf60e808ea3f7f59da

View file

@ -1,8 +0,0 @@
add_library(lurlparser
LUrlParser.cpp
LUrlParser.h
)
create_target_directory_groups(lurlparser)
target_include_directories(lurlparser INTERFACE ${CMAKE_CURRENT_SOURCE_DIR})

View file

@ -1,265 +0,0 @@
/*
* Lightweight URL & URI parser (RFC 1738, RFC 3986)
* https://github.com/corporateshark/LUrlParser
*
* The MIT License (MIT)
*
* Copyright (C) 2015 Sergey Kosarevsky (sk@linderdaum.com)
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
#include "LUrlParser.h"
#include <algorithm>
#include <cstring>
#include <stdlib.h>
// check if the scheme name is valid
static bool IsSchemeValid( const std::string& SchemeName )
{
for ( auto c : SchemeName )
{
if ( !isalpha( c ) && c != '+' && c != '-' && c != '.' ) return false;
}
return true;
}
bool LUrlParser::clParseURL::GetPort( int* OutPort ) const
{
if ( !IsValid() ) { return false; }
int Port = atoi( m_Port.c_str() );
if ( Port <= 0 || Port > 65535 ) { return false; }
if ( OutPort ) { *OutPort = Port; }
return true;
}
// based on RFC 1738 and RFC 3986
LUrlParser::clParseURL LUrlParser::clParseURL::ParseURL( const std::string& URL )
{
LUrlParser::clParseURL Result;
const char* CurrentString = URL.c_str();
/*
* <scheme>:<scheme-specific-part>
* <scheme> := [a-z\+\-\.]+
* For resiliency, programs interpreting URLs should treat upper case letters as equivalent to lower case in scheme names
*/
// try to read scheme
{
const char* LocalString = strchr( CurrentString, ':' );
if ( !LocalString )
{
return clParseURL( LUrlParserError_NoUrlCharacter );
}
// save the scheme name
Result.m_Scheme = std::string( CurrentString, LocalString - CurrentString );
if ( !IsSchemeValid( Result.m_Scheme ) )
{
return clParseURL( LUrlParserError_InvalidSchemeName );
}
// scheme should be lowercase
std::transform( Result.m_Scheme.begin(), Result.m_Scheme.end(), Result.m_Scheme.begin(), ::tolower );
// skip ':'
CurrentString = LocalString+1;
}
/*
* //<user>:<password>@<host>:<port>/<url-path>
* any ":", "@" and "/" must be normalized
*/
// skip "//"
if ( *CurrentString++ != '/' ) return clParseURL( LUrlParserError_NoDoubleSlash );
if ( *CurrentString++ != '/' ) return clParseURL( LUrlParserError_NoDoubleSlash );
// check if the user name and password are specified
bool bHasUserName = false;
const char* LocalString = CurrentString;
while ( *LocalString )
{
if ( *LocalString == '@' )
{
// user name and password are specified
bHasUserName = true;
break;
}
else if ( *LocalString == '/' )
{
// end of <host>:<port> specification
bHasUserName = false;
break;
}
LocalString++;
}
// user name and password
LocalString = CurrentString;
if ( bHasUserName )
{
// read user name
while ( *LocalString && *LocalString != ':' && *LocalString != '@' ) LocalString++;
Result.m_UserName = std::string( CurrentString, LocalString - CurrentString );
// proceed with the current pointer
CurrentString = LocalString;
if ( *CurrentString == ':' )
{
// skip ':'
CurrentString++;
// read password
LocalString = CurrentString;
while ( *LocalString && *LocalString != '@' ) LocalString++;
Result.m_Password = std::string( CurrentString, LocalString - CurrentString );
CurrentString = LocalString;
}
// skip '@'
if ( *CurrentString != '@' )
{
return clParseURL( LUrlParserError_NoAtSign );
}
CurrentString++;
}
bool bHasBracket = ( *CurrentString == '[' );
// go ahead, read the host name
LocalString = CurrentString;
while ( *LocalString )
{
if ( bHasBracket && *LocalString == ']' )
{
// end of IPv6 address
LocalString++;
break;
}
else if ( !bHasBracket && ( *LocalString == ':' || *LocalString == '/' ) )
{
// port number is specified
break;
}
LocalString++;
}
Result.m_Host = std::string( CurrentString, LocalString - CurrentString );
CurrentString = LocalString;
// is port number specified?
if ( *CurrentString == ':' )
{
CurrentString++;
// read port number
LocalString = CurrentString;
while ( *LocalString && *LocalString != '/' ) LocalString++;
Result.m_Port = std::string( CurrentString, LocalString - CurrentString );
CurrentString = LocalString;
}
// end of string
if ( !*CurrentString )
{
Result.m_ErrorCode = LUrlParserError_Ok;
return Result;
}
// skip '/'
if ( *CurrentString != '/' )
{
return clParseURL( LUrlParserError_NoSlash );
}
CurrentString++;
// parse the path
LocalString = CurrentString;
while ( *LocalString && *LocalString != '#' && *LocalString != '?' ) LocalString++;
Result.m_Path = std::string( CurrentString, LocalString - CurrentString );
CurrentString = LocalString;
// check for query
if ( *CurrentString == '?' )
{
// skip '?'
CurrentString++;
// read query
LocalString = CurrentString;
while ( *LocalString && *LocalString != '#' ) LocalString++;
Result.m_Query = std::string( CurrentString, LocalString - CurrentString );
CurrentString = LocalString;
}
// check for fragment
if ( *CurrentString == '#' )
{
// skip '#'
CurrentString++;
// read fragment
LocalString = CurrentString;
while ( *LocalString ) LocalString++;
Result.m_Fragment = std::string( CurrentString, LocalString - CurrentString );
CurrentString = LocalString;
}
Result.m_ErrorCode = LUrlParserError_Ok;
return Result;
}

View file

@ -1,78 +0,0 @@
/*
* Lightweight URL & URI parser (RFC 1738, RFC 3986)
* https://github.com/corporateshark/LUrlParser
*
* The MIT License (MIT)
*
* Copyright (C) 2015 Sergey Kosarevsky (sk@linderdaum.com)
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
#pragma once
#include <string>
namespace LUrlParser
{
enum LUrlParserError
{
LUrlParserError_Ok = 0,
LUrlParserError_Uninitialized = 1,
LUrlParserError_NoUrlCharacter = 2,
LUrlParserError_InvalidSchemeName = 3,
LUrlParserError_NoDoubleSlash = 4,
LUrlParserError_NoAtSign = 5,
LUrlParserError_UnexpectedEndOfLine = 6,
LUrlParserError_NoSlash = 7,
};
class clParseURL
{
public:
LUrlParserError m_ErrorCode;
std::string m_Scheme;
std::string m_Host;
std::string m_Port;
std::string m_Path;
std::string m_Query;
std::string m_Fragment;
std::string m_UserName;
std::string m_Password;
clParseURL()
: m_ErrorCode( LUrlParserError_Uninitialized )
{}
/// return 'true' if the parsing was successful
bool IsValid() const { return m_ErrorCode == LUrlParserError_Ok; }
/// helper to convert the port number to int, return 'true' if the port is valid (within the 0..65535 range)
bool GetPort( int* OutPort ) const;
/// parse the URL
static clParseURL ParseURL( const std::string& URL );
private:
explicit clParseURL( LUrlParserError ErrorCode )
: m_ErrorCode( ErrorCode )
{}
};
} // namespace LUrlParser

View file

@ -1,19 +0,0 @@
From https://github.com/corporateshark/LUrlParser/commit/455d5e2d27e3946f11ad0328fee9ee2628e6a8e2
MIT License
===
Lightweight URL & URI parser (RFC 1738, RFC 3986)
(C) Sergey Kosarevsky, 2015
@corporateshark sk@linderdaum.com
http://www.linderdaum.com
http://blog.linderdaum.com
=============================
A tiny and lightweight URL & URI parser (RFC 1738, RFC 3986) written in C++.

View file

@ -476,12 +476,8 @@ target_link_libraries(core PUBLIC common PRIVATE audio_core network video_core)
target_link_libraries(core PUBLIC Boost::boost PRIVATE cryptopp fmt open_source_archives Boost::serialization) target_link_libraries(core PUBLIC Boost::boost PRIVATE cryptopp fmt open_source_archives Boost::serialization)
if (ENABLE_WEB_SERVICE) if (ENABLE_WEB_SERVICE)
get_directory_property(OPENSSL_LIBS
DIRECTORY ${PROJECT_SOURCE_DIR}/externals/libressl
DEFINITION OPENSSL_LIBS)
target_compile_definitions(core PRIVATE -DENABLE_WEB_SERVICE -DCPPHTTPLIB_OPENSSL_SUPPORT) target_compile_definitions(core PRIVATE -DENABLE_WEB_SERVICE -DCPPHTTPLIB_OPENSSL_SUPPORT)
target_link_libraries(core PRIVATE web_service ${OPENSSL_LIBS} httplib lurlparser) target_link_libraries(core PRIVATE web_service ${OPENSSL_LIBS} httplib)
if (ANDROID) if (ANDROID)
target_link_libraries(core PRIVATE ifaddrs) target_link_libraries(core PRIVATE ifaddrs)
endif() endif()

View file

@ -3,9 +3,6 @@
// Refer to the license.txt file included. // Refer to the license.txt file included.
#include <atomic> #include <atomic>
#ifdef ENABLE_WEB_SERVICE
#include <LUrlParser.h>
#endif
#include <cryptopp/aes.h> #include <cryptopp/aes.h>
#include <cryptopp/modes.h> #include <cryptopp/modes.h>
#include "common/archives.h" #include "common/archives.h"
@ -61,27 +58,9 @@ void Context::MakeRequest() {
ASSERT(state == RequestState::NotStarted); ASSERT(state == RequestState::NotStarted);
#ifdef ENABLE_WEB_SERVICE #ifdef ENABLE_WEB_SERVICE
LUrlParser::clParseURL parsedUrl = LUrlParser::clParseURL::ParseURL(url); std::unique_ptr<httplib::Client> client = std::make_unique<httplib::Client>(url.c_str());
int port; SSL_CTX* ctx = client->ssl_context();
std::unique_ptr<httplib::Client> client; if (ctx) {
if (parsedUrl.m_Scheme == "http") {
if (!parsedUrl.GetPort(&port)) {
port = 80;
}
// TODO(B3N30): Support for setting timeout
// Figure out what the default timeout on 3DS is
client = std::make_unique<httplib::Client>(parsedUrl.m_Host.c_str(), port);
} else {
if (!parsedUrl.GetPort(&port)) {
port = 443;
}
// TODO(B3N30): Support for setting timeout
// Figure out what the default timeout on 3DS is
auto ssl_client = std::make_unique<httplib::SSLClient>(parsedUrl.m_Host, port);
SSL_CTX* ctx = ssl_client->ssl_context();
client = std::move(ssl_client);
if (auto client_cert = ssl_config.client_cert_ctx.lock()) { if (auto client_cert = ssl_config.client_cert_ctx.lock()) {
SSL_CTX_use_certificate_ASN1(ctx, static_cast<int>(client_cert->certificate.size()), SSL_CTX_use_certificate_ASN1(ctx, static_cast<int>(client_cert->certificate.size()),
client_cert->certificate.data()); client_cert->certificate.data());
@ -105,6 +84,7 @@ void Context::MakeRequest() {
}; };
httplib::Request request; httplib::Request request;
httplib::Error error;
request.method = request_method_strings.at(method); request.method = request_method_strings.at(method);
request.path = url; request.path = url;
// TODO(B3N30): Add post data body // TODO(B3N30): Add post data body
@ -119,8 +99,8 @@ void Context::MakeRequest() {
request.headers.emplace(header.name, header.value); request.headers.emplace(header.name, header.value);
} }
if (!client->send(request, response)) { if (!client->send(request, response, error)) {
LOG_ERROR(Service_HTTP, "Request failed"); LOG_ERROR(Service_HTTP, "Request failed: {}", error);
state = RequestState::TimedOut; state = RequestState::TimedOut;
} else { } else {
LOG_DEBUG(Service_HTTP, "Request successful"); LOG_DEBUG(Service_HTTP, "Request successful");

View file

@ -13,11 +13,10 @@ add_library(web_service STATIC
create_target_directory_groups(web_service) create_target_directory_groups(web_service)
get_directory_property(OPENSSL_LIBS
DIRECTORY ${PROJECT_SOURCE_DIR}/externals/libressl
DEFINITION OPENSSL_LIBS)
target_compile_definitions(web_service PRIVATE -DCPPHTTPLIB_OPENSSL_SUPPORT) target_compile_definitions(web_service PRIVATE -DCPPHTTPLIB_OPENSSL_SUPPORT)
target_link_libraries(web_service PRIVATE common network json-headers ${OPENSSL_LIBS} httplib lurlparser cpp-jwt) target_link_libraries(web_service PRIVATE common network json-headers ${OPENSSL_LIBS} httplib cpp-jwt)
if (ANDROID) if (ANDROID)
target_link_libraries(web_service PRIVATE ifaddrs) target_link_libraries(web_service PRIVATE ifaddrs)
elseif(WIN32)
target_link_libraries(web_service PRIVATE crypt32)
endif() endif()

View file

@ -6,7 +6,6 @@
#include <cstdlib> #include <cstdlib>
#include <mutex> #include <mutex>
#include <string> #include <string>
#include <LUrlParser.h>
#include <fmt/format.h> #include <fmt/format.h>
#if defined(__ANDROID__) #if defined(__ANDROID__)
#include <ifaddrs.h> #include <ifaddrs.h>
@ -21,9 +20,6 @@ namespace WebService {
constexpr std::array<const char, 1> API_VERSION{'1'}; constexpr std::array<const char, 1> API_VERSION{'1'};
constexpr int HTTP_PORT = 80;
constexpr int HTTPS_PORT = 443;
constexpr std::size_t TIMEOUT_SECONDS = 30; constexpr std::size_t TIMEOUT_SECONDS = 30;
struct Client::Impl { struct Client::Impl {
@ -33,6 +29,10 @@ struct Client::Impl {
if (this->username == jwt_cache.username && this->token == jwt_cache.token) { if (this->username == jwt_cache.username && this->token == jwt_cache.token) {
jwt = jwt_cache.jwt; jwt = jwt_cache.jwt;
} }
// normalize host expression
if (this->host.back() == '/') {
static_cast<void>(this->host.pop_back());
}
} }
/// A generic function handles POST, GET and DELETE request together /// A generic function handles POST, GET and DELETE request together
@ -70,29 +70,16 @@ struct Client::Impl {
const std::string& jwt = "", const std::string& username = "", const std::string& jwt = "", const std::string& username = "",
const std::string& token = "") { const std::string& token = "") {
if (cli == nullptr) { if (cli == nullptr) {
auto parsedUrl = LUrlParser::clParseURL::ParseURL(host); cli = std::make_unique<httplib::Client>(host.c_str());
int port; cli->set_connection_timeout(TIMEOUT_SECONDS);
if (parsedUrl.m_Scheme == "http") { cli->set_read_timeout(TIMEOUT_SECONDS);
if (!parsedUrl.GetPort(&port)) { cli->set_write_timeout(TIMEOUT_SECONDS);
port = HTTP_PORT;
}
cli = std::make_unique<httplib::Client>(parsedUrl.m_Host.c_str(), port);
cli->set_timeout_sec(TIMEOUT_SECONDS);
} else if (parsedUrl.m_Scheme == "https") {
if (!parsedUrl.GetPort(&port)) {
port = HTTPS_PORT;
}
cli = std::make_unique<httplib::SSLClient>(parsedUrl.m_Host.c_str(), port);
cli->set_timeout_sec(TIMEOUT_SECONDS);
} else {
LOG_ERROR(WebService, "Bad URL scheme {}", parsedUrl.m_Scheme);
return Common::WebResult{Common::WebResult::Code::InvalidURL, "Bad URL scheme"};
}
} }
if (cli == nullptr) { if (!cli->is_valid()) {
LOG_ERROR(WebService, "Invalid URL {}", host + path); LOG_ERROR(WebService, "Invalid URL {}", host + path);
return Common::WebResult{Common::WebResult::Code::InvalidURL, "Invalid URL"}; return Common::WebResult{Common::WebResult::Code::InvalidURL, "Invalid URL"};
} }
LOG_ERROR(WebService, "{}", host);
httplib::Headers params; httplib::Headers params;
if (!jwt.empty()) { if (!jwt.empty()) {
@ -118,13 +105,15 @@ struct Client::Impl {
request.headers = params; request.headers = params;
request.body = data; request.body = data;
httplib::Response response; httplib::Result result = cli->send(request);
if (!cli->send(request, response)) { if (!result) {
LOG_ERROR(WebService, "{} to {} returned null", method, host + path); LOG_ERROR(WebService, "{} to {} returned null", method, host + path);
return Common::WebResult{Common::WebResult::Code::LibError, "Null response"}; return Common::WebResult{Common::WebResult::Code::LibError, "Null response"};
} }
httplib::Response response = result.value();
if (response.status >= 400) { if (response.status >= 400) {
LOG_ERROR(WebService, "{} to {} returned error status code: {}", method, host + path, LOG_ERROR(WebService, "{} to {} returned error status code: {}", method, host + path,
response.status); response.status);