mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-01-31 03:27:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
cosmopolitan/tool/curl/curl.c

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

555 lines
15 KiB
C
Raw Permalink Normal View History

Add curl example (#42) make -j8 o//examples/curl.com o//examples/curl.com http://justine.lol/ape.html
2021-02-19 03:20:41 +00:00
#if 0
/*─────────────────────────────────────────────────────────────────╗
To the extent possible under law, Justine Tunney has waived
all copyright and related or neighboring rights to this file,
as it is written in the following disclaimers:
http://unlicense.org/ │
http://creativecommons.org/publicdomain/zero/1.0/ │
*/
#endif
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
#include "libc/assert.h"
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
#include "libc/calls/calls.h"
Make slight SSL performance improvements
2021-07-09 04:54:21 +00:00
#include "libc/calls/struct/iovec.h"
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
#include "libc/calls/struct/timeval.h"
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
#include "libc/errno.h"
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
#include "libc/fmt/itoa.h"
#include "libc/fmt/magnumstrs.internal.h"
Remove more nonstandard stuff from cosmopolitan.h Fixes #61
2021-03-01 07:42:35 +00:00
#include "libc/macros.h"
Bring back gc() function Renaming gc() to _gc() was a mistake since the better thing to do is put it behind the _COSMO_SOURCE macro. We need this change because I haven't wanted to use my amazing garbage collector ever since we renamed it. You now need to define _COSMO_SOURCE yourself when using amalgamation header and cosmocc users need to pass the -mcosmo flag to get the gc() function Some other issues relating to cancelation have been fixed along the way. We're also now putting cosmocc in a folder named `.cosmocc` so it can be more safely excluded by grep --exclude-dir=.cosmocc --exclude-dir=o etc.
2024-01-08 18:07:35 +00:00
#include "libc/mem/gc.h"
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
#include "libc/mem/mem.h"
Add curl example (#42) make -j8 o//examples/curl.com o//examples/curl.com http://justine.lol/ape.html
2021-02-19 03:20:41 +00:00
#include "libc/runtime/runtime.h"
Refactor out some duplicated code
2021-08-14 13:17:56 +00:00
#include "libc/sock/goodsocket.internal.h"
Add curl example (#42) make -j8 o//examples/curl.com o//examples/curl.com http://justine.lol/ape.html
2021-02-19 03:20:41 +00:00
#include "libc/sock/sock.h"
Pay off more technical debt This makes breaking changes to add underscores to many non-standard function names provided by the c library. MODE=tiny is now tinier and we now use smaller locks that are better for tiny apps in this mode. Some headers have been renamed to be in the same folder as the build package, so it'll be easier to know which build dependency is needed. Certain old misguided interfaces have been removed. Intel intrinsics headers are now listed in libc/isystem (but not in the amalgamation) to help further improve open source compatibility. Header complexity has also been reduced. Lastly, more shell scripts are now available.
2022-09-13 06:10:38 +00:00
#include "libc/stdio/append.h"
#include "libc/stdio/rand.h"
Add curl example (#42) make -j8 o//examples/curl.com o//examples/curl.com http://justine.lol/ape.html
2021-02-19 03:20:41 +00:00
#include "libc/stdio/stdio.h"
Refactor out some duplicated code
2021-08-14 13:17:56 +00:00
#include "libc/str/slice.h"
Add curl example (#42) make -j8 o//examples/curl.com o//examples/curl.com http://justine.lol/ape.html
2021-02-19 03:20:41 +00:00
#include "libc/str/str.h"
#include "libc/sysv/consts/af.h"
#include "libc/sysv/consts/ipproto.h"
Make improvements to redbean The following Lua APIs have been added: - IsDaemon() → bool - ProgramPidPath(str) The following Lua hooks have been added: - OnClientConnection(ip:int,port:int,serverip:int,serverport:int) → bool - OnProcessCreate(pid:int,ip:int,port:int,serverip:int,serverport:int) - OnProcessDestroy(pid:int) - OnServerStart() - OnServerStop() - OnWorkerStart() - OnWorkerStop() redbean now does a better job at applying gzip on the fly from the local filesystem, using a streaming chunked api with constant memory, which is useful for doing things like serving a 4gb text file off NFS, and having it start transmitting in milliseconds. redbean will also compute entropy on the beginnings of files to determine if compression is profitable. This change pays off technical debts relating to memory, such as relying on exit() to free() allocations. That's now mostly fixed so it should be easier now to spot memory leaks in malloc traces. This change also fixes bugs and makes improvements to our SSL support. Uniprocess mode failed handshakes are no longer an issue. Token Alpn is offered so curl -v looks less weird. Hybrid SSL certificate loading is now smarter about naming conflicts. Self-signed CA root anchors will no longer be delivered to the client during the handshake.
2021-07-10 22:02:03 +00:00
#include "libc/sysv/consts/sig.h"
Add curl example (#42) make -j8 o//examples/curl.com o//examples/curl.com http://justine.lol/ape.html
2021-02-19 03:20:41 +00:00
#include "libc/sysv/consts/sock.h"
Make more major improvements to redbean - POSIX regular expressions for Lua - Improved protocol parsing and encoding - Additional APIs for ZIP storage retrieval - Fix st_mode issue on NT for regular files - Generalized APIs for URL and Host handling - Worked out the kinks in resource resolution - Allow for custom error pages like /404.html
2021-04-21 02:14:21 +00:00
#include "net/http/http.h"
#include "net/http/url.h"
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
#include "net/https/https.h"
Switch public headers to getopt_long() entirely Cosmopolitan's getopt() is now redefined as __getopt().
2023-07-03 02:57:43 +00:00
#include "third_party/getopt/getopt.internal.h"
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
#include "third_party/mbedtls/ctr_drbg.h"
#include "third_party/mbedtls/debug.h"
#include "third_party/mbedtls/error.h"
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
#include "third_party/mbedtls/iana.h"
#include "third_party/mbedtls/net_sockets.h"
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
#include "third_party/mbedtls/ssl.h"
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
#include "third_party/mbedtls/x509.h"
Use DNS implementation from Musl Libc Now that our socket system call polyfills are good enough to support Musl's DNS library we should be using that rather than the barebones domain name system implementation we rolled on our own. There's many benefits to making this change. So many, that I myself wouldn't feel qualified to enumerate them all. The Musl DNS code had to be changed in order to support Windows of course, which looks very solid so far
2023-12-29 06:58:17 +00:00
#include "third_party/musl/netdb.h"
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
Add curl example (#42) make -j8 o//examples/curl.com o//examples/curl.com http://justine.lol/ape.html
2021-02-19 03:20:41 +00:00
/**
* @fileoverview Downloads HTTP URL to stdout.
*/
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
#define HasHeader(H) (!!msg.headers[H].a)
#define HeaderData(H) (p + msg.headers[H].a)
#define HeaderLength(H) (msg.headers[H].b - msg.headers[H].a)
#define HeaderEqualCase(H, S) \
SlicesEqualCase(S, strlen(S), HeaderData(H), HeaderLength(H))
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
static int sock;
static int outfd;
static const char *prog;
static const char *outpath;
Make improvements - Fix build flakes - Polyfill SIGWINCH on Windows - Fix an execve issue on Windows - Make strerror show more information - Improve cmd.exe setup/teardown on Windows - Support bracketed paste mode in Blinkenlights - Show keyboard shortcuts in Blinkenlights status bar - Fixed copy_file_range() and copyfile() w/ zip filesystem - Size optimize GetDosArgv() to keep life.com 12kb in size - Improve Blinkenlights ability to load weird ELF executables - Fix program_executable_name and add GetInterpreterExecutableName - Make Python in tiny mode fail better if docstrings are requested - Update Python test exclusions in tiny* modes such as tinylinux - Add bulletproof unbreakable kprintf() troubleshooting function - Remove "oldskool" keyword from ape.S for virus scanners - Fix issue that caused backtraces to not print sometimes - Improve Blinkenlights serial uart character i/o - Make clock_gettime() not clobber errno on xnu - Improve sha256 cpuid check for old computers - Integrate some bestline linenoise fixes - Show runit process names better in htop - Remove SIGPIPE from ShowCrashReports() - Make realpath() not clobber errno - Avoid attaching GDB on non-Linux - Improve img.com example
2022-03-16 20:33:13 +00:00
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
static wontreturn void PrintUsage(int fd, int rc) {
tinyprint(fd, "usage: ", prog, " [-iksvV] URL\n", NULL);
exit(rc);
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
}
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
static const char *DescribeErrno(void) {
const char *reason;
if (!(reason = _strerdoc(errno)))
reason = "Unknown error";
return reason;
}
static int GetSslEntropy(void *c, unsigned char *p, size_t n) {
if (getrandom(p, n, 0) != n) {
perror("getrandom");
Make improvements - Fix build flakes - Polyfill SIGWINCH on Windows - Fix an execve issue on Windows - Make strerror show more information - Improve cmd.exe setup/teardown on Windows - Support bracketed paste mode in Blinkenlights - Show keyboard shortcuts in Blinkenlights status bar - Fixed copy_file_range() and copyfile() w/ zip filesystem - Size optimize GetDosArgv() to keep life.com 12kb in size - Improve Blinkenlights ability to load weird ELF executables - Fix program_executable_name and add GetInterpreterExecutableName - Make Python in tiny mode fail better if docstrings are requested - Update Python test exclusions in tiny* modes such as tinylinux - Add bulletproof unbreakable kprintf() troubleshooting function - Remove "oldskool" keyword from ape.S for virus scanners - Fix issue that caused backtraces to not print sometimes - Improve Blinkenlights serial uart character i/o - Make clock_gettime() not clobber errno on xnu - Improve sha256 cpuid check for old computers - Integrate some bestline linenoise fixes - Show runit process names better in htop - Remove SIGPIPE from ShowCrashReports() - Make realpath() not clobber errno - Avoid attaching GDB on non-Linux - Improve img.com example
2022-03-16 20:33:13 +00:00
exit(1);
}
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
return 0;
}
static void OnSslDebug(void *ctx, int level, const char *file, int line,
const char *message) {
char sline[12];
char slevel[12];
FormatInt32(sline, line);
FormatInt32(slevel, level);
tinyprint(2, file, ":", sline, ": (", slevel, ") ", message, "\n", NULL);
}
static void WriteOutput(const void *p, size_t n) {
if (!outfd) {
if (outpath) {
if ((outfd = creat(outpath, 0644)) <= 0) {
perror(outpath);
exit(1);
}
} else {
outfd = 1;
outpath = "<stdout>";
}
}
ssize_t rc;
for (size_t i = 0; i < n; i += rc) {
rc = write(outfd, p, n);
if (rc <= 0) {
perror(outpath);
exit(1);
}
}
Make improvements - Fix build flakes - Polyfill SIGWINCH on Windows - Fix an execve issue on Windows - Make strerror show more information - Improve cmd.exe setup/teardown on Windows - Support bracketed paste mode in Blinkenlights - Show keyboard shortcuts in Blinkenlights status bar - Fixed copy_file_range() and copyfile() w/ zip filesystem - Size optimize GetDosArgv() to keep life.com 12kb in size - Improve Blinkenlights ability to load weird ELF executables - Fix program_executable_name and add GetInterpreterExecutableName - Make Python in tiny mode fail better if docstrings are requested - Update Python test exclusions in tiny* modes such as tinylinux - Add bulletproof unbreakable kprintf() troubleshooting function - Remove "oldskool" keyword from ape.S for virus scanners - Fix issue that caused backtraces to not print sometimes - Improve Blinkenlights serial uart character i/o - Make clock_gettime() not clobber errno on xnu - Improve sha256 cpuid check for old computers - Integrate some bestline linenoise fixes - Show runit process names better in htop - Remove SIGPIPE from ShowCrashReports() - Make realpath() not clobber errno - Avoid attaching GDB on non-Linux - Improve img.com example
2022-03-16 20:33:13 +00:00
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
static int TlsSend(void *c, const unsigned char *p, size_t n) {
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
int rc;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if ((rc = write(*(int *)c, p, n)) == -1) {
perror("TlsSend");
exit(1);
}
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
return rc;
}
Make slight SSL performance improvements
2021-07-09 04:54:21 +00:00
static int TlsRecv(void *c, unsigned char *p, size_t n, uint32_t o) {
int r;
struct iovec v[2];
static unsigned a, b;
static unsigned char t[4096];
if (a < b) {
r = MIN(n, b - a);
memcpy(p, t + a, r);
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if ((a += r) == b) {
a = b = 0;
}
Make slight SSL performance improvements
2021-07-09 04:54:21 +00:00
return r;
}
v[0].iov_base = p;
v[0].iov_len = n;
v[1].iov_base = t;
v[1].iov_len = sizeof(t);
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if ((r = readv(*(int *)c, v, 2)) == -1) {
perror("TlsRecv");
exit(1);
}
if (r > n) {
b = r - n;
}
Make slight SSL performance improvements
2021-07-09 04:54:21 +00:00
return MIN(n, r);
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
}
Make `curl` example into a complete tool (#706) You can now handily use `curl` with popen()/system() by placing `STATIC_YOINK("_curl")` in your main source file.
2022-12-22 00:12:02 +00:00
int _curl(int argc, char *argv[]) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if (!NoDebug()) {
ShowCrashReports();
}
prog = argv[0];
if (!prog) {
prog = "curl";
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
/*
* Read flags.
*/
int opt;
struct Headers {
size_t n;
char **p;
} headers = {0};
Support any HTTP method It's now possible to use redbean Fetch() with arbitrary HTTP methods, e.g. LIST which is used by Hashicorp. There's an eight char limit and uppercase canonicalization still happens. This change also includes a better function for launching a browser tab, that won't deadlock on a headless workstation running Debian. Closes #1107
2024-02-22 22:12:18 +00:00
uint64_t method = 0;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
int authmode = MBEDTLS_SSL_VERIFY_REQUIRED;
int ciphersuite = MBEDTLS_SSL_PRESET_SUITEC;
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
bool includeheaders = false;
const char *postdata = NULL;
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
const char *agent = "hurl/1.o (https://github.com/jart/cosmopolitan)";
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
while ((opt = getopt(argc, argv, "qiksvBVIX:H:A:d:o:")) != -1) {
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
switch (opt) {
case 's':
case 'q':
break;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
case 'o':
outpath = optarg;
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
break;
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
case 'i':
includeheaders = true;
break;
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
case 'I':
method = kHttpHead;
break;
case 'A':
agent = optarg;
break;
case 'H':
headers.p = realloc(headers.p, ++headers.n * sizeof(*headers.p));
headers.p[headers.n - 1] = optarg;
break;
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
case 'd':
postdata = optarg;
break;
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
case 'X':
Support any HTTP method It's now possible to use redbean Fetch() with arbitrary HTTP methods, e.g. LIST which is used by Hashicorp. There's an eight char limit and uppercase canonicalization still happens. This change also includes a better function for launching a browser tab, that won't deadlock on a headless workstation running Debian. Closes #1107
2024-02-22 22:12:18 +00:00
if (!(method = ParseHttpMethod(optarg, -1))) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
tinyprint(2, prog, ": bad http method: ", optarg, "\n", NULL);
exit(1);
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
break;
case 'V':
++mbedtls_debug_threshold;
break;
case 'k':
authmode = MBEDTLS_SSL_VERIFY_NONE;
break;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
case 'B':
ciphersuite = MBEDTLS_SSL_PRESET_SUITEB;
break;
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
case 'h':
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
PrintUsage(1, 0);
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
default:
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
PrintUsage(2, 1);
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
}
}
Make more major improvements to redbean - POSIX regular expressions for Lua - Improved protocol parsing and encoding - Additional APIs for ZIP storage retrieval - Fix st_mode issue on NT for regular files - Generalized APIs for URL and Host handling - Worked out the kinks in resource resolution - Allow for custom error pages like /404.html
2021-04-21 02:14:21 +00:00
/*
* Get argument.
*/
const char *urlarg;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if (optind == argc) {
tinyprint(2, prog, ": missing url\n", NULL);
PrintUsage(2, 1);
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
urlarg = argv[optind];
Make more major improvements to redbean - POSIX regular expressions for Lua - Improved protocol parsing and encoding - Additional APIs for ZIP storage retrieval - Fix st_mode issue on NT for regular files - Generalized APIs for URL and Host handling - Worked out the kinks in resource resolution - Allow for custom error pages like /404.html
2021-04-21 02:14:21 +00:00
/*
* Parse URL.
*/
struct Url url;
char *host, *port;
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
bool usessl = false;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
gc(ParseUrl(urlarg, -1, &url, kUrlPlus));
gc(url.params.p);
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
if (url.scheme.n) {
if (url.scheme.n == 5 && !memcasecmp(url.scheme.p, "https", 5)) {
usessl = true;
} else if (!(url.scheme.n == 4 && !memcasecmp(url.scheme.p, "http", 4))) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
tinyprint(2, prog, ": not an http/https url: ", urlarg, "\n", NULL);
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
exit(1);
}
Make more major improvements to redbean - POSIX regular expressions for Lua - Improved protocol parsing and encoding - Additional APIs for ZIP storage retrieval - Fix st_mode issue on NT for regular files - Generalized APIs for URL and Host handling - Worked out the kinks in resource resolution - Allow for custom error pages like /404.html
2021-04-21 02:14:21 +00:00
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
if (url.host.n) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
host = gc(strndup(url.host.p, url.host.n));
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
if (url.port.n) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
port = gc(strndup(url.port.p, url.port.n));
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
} else {
port = usessl ? "443" : "80";
}
} else {
host = "127.0.0.1";
port = usessl ? "443" : "80";
}
Make more major improvements to redbean - POSIX regular expressions for Lua - Improved protocol parsing and encoding - Additional APIs for ZIP storage retrieval - Fix st_mode issue on NT for regular files - Generalized APIs for URL and Host handling - Worked out the kinks in resource resolution - Allow for custom error pages like /404.html
2021-04-21 02:14:21 +00:00
if (!IsAcceptableHost(host, -1)) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
tinyprint(2, prog, ": invalid host: ", urlarg, "\n", NULL);
Make more major improvements to redbean - POSIX regular expressions for Lua - Improved protocol parsing and encoding - Additional APIs for ZIP storage retrieval - Fix st_mode issue on NT for regular files - Generalized APIs for URL and Host handling - Worked out the kinks in resource resolution - Allow for custom error pages like /404.html
2021-04-21 02:14:21 +00:00
exit(1);
}
url.fragment.p = 0, url.fragment.n = 0;
url.scheme.p = 0, url.scheme.n = 0;
url.user.p = 0, url.user.n = 0;
url.pass.p = 0, url.pass.n = 0;
url.host.p = 0, url.host.n = 0;
url.port.p = 0, url.port.n = 0;
if (!url.path.n || url.path.p[0] != '/') {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
char *p = gc(malloc(1 + url.path.n));
Make more major improvements to redbean - POSIX regular expressions for Lua - Improved protocol parsing and encoding - Additional APIs for ZIP storage retrieval - Fix st_mode issue on NT for regular files - Generalized APIs for URL and Host handling - Worked out the kinks in resource resolution - Allow for custom error pages like /404.html
2021-04-21 02:14:21 +00:00
mempcpy(mempcpy(p, "/", 1), url.path.p, url.path.n);
url.path.p = p;
++url.path.n;
}
/*
* Create HTTP message.
*/
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if (!method) {
if (postdata) {
method = kHttpPost;
} else {
method = kHttpGet;
}
}
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
Add SNI support to redbean and improve SSL perf This change makes SSL virtual hosting possible. You can now load multiple certificates for multiple domains and redbean will just figure out which one to use, even if you only have 1 ip address. You can also use a jumbo certificate that lists all your domains in the the subject alternative names. This change also makes performance improvements to MbedTLS. Here are some benchmarks vs. cc1920749eb81f346badaf55fbf79620cb718a55 BEFORE AFTER (microsecs) suite_ssl.com 2512881 191738 13.11x faster suite_pkparse.com 36291 3295 11.01x faster suite_x509parse.com 854669 120293 7.10x faster suite_pkwrite.com 6549 1265 5.18x faster suite_ecdsa.com 53347 18778 2.84x faster suite_pk.com 49051 18717 2.62x faster suite_ecdh.com 19535 9502 2.06x faster suite_shax.com 15848 7965 1.99x faster suite_rsa.com 353257 184828 1.91x faster suite_x509write.com 162646 85733 1.90x faster suite_ecp.com 20503 11050 1.86x faster suite_hmac_drbg.no_reseed.com 19528 11417 1.71x faster suite_hmac_drbg.nopr.com 12460 8010 1.56x faster suite_mpi.com 687124 442661 1.55x faster suite_hmac_drbg.pr.com 11890 7752 1.53x faster There aren't any special tricks to the performance imporvements. It's mostly due to code cleanup, assembly and intel instructions like mulx, adox, and adcx.
2021-07-19 21:55:20 +00:00
char *request = 0;
Support any HTTP method It's now possible to use redbean Fetch() with arbitrary HTTP methods, e.g. LIST which is used by Hashicorp. There's an eight char limit and uppercase canonicalization still happens. This change also includes a better function for launching a browser tab, that won't deadlock on a headless workstation running Debian. Closes #1107
2024-02-22 22:12:18 +00:00
char methodstr[9] = {0};
WRITE64LE(methodstr, method);
Add SNI support to redbean and improve SSL perf This change makes SSL virtual hosting possible. You can now load multiple certificates for multiple domains and redbean will just figure out which one to use, even if you only have 1 ip address. You can also use a jumbo certificate that lists all your domains in the the subject alternative names. This change also makes performance improvements to MbedTLS. Here are some benchmarks vs. cc1920749eb81f346badaf55fbf79620cb718a55 BEFORE AFTER (microsecs) suite_ssl.com 2512881 191738 13.11x faster suite_pkparse.com 36291 3295 11.01x faster suite_x509parse.com 854669 120293 7.10x faster suite_pkwrite.com 6549 1265 5.18x faster suite_ecdsa.com 53347 18778 2.84x faster suite_pk.com 49051 18717 2.62x faster suite_ecdh.com 19535 9502 2.06x faster suite_shax.com 15848 7965 1.99x faster suite_rsa.com 353257 184828 1.91x faster suite_x509write.com 162646 85733 1.90x faster suite_ecp.com 20503 11050 1.86x faster suite_hmac_drbg.no_reseed.com 19528 11417 1.71x faster suite_hmac_drbg.nopr.com 12460 8010 1.56x faster suite_mpi.com 687124 442661 1.55x faster suite_hmac_drbg.pr.com 11890 7752 1.53x faster There aren't any special tricks to the performance imporvements. It's mostly due to code cleanup, assembly and intel instructions like mulx, adox, and adcx.
2021-07-19 21:55:20 +00:00
appendf(&request,
"%s %s HTTP/1.1\r\n"
"Connection: close\r\n"
"User-Agent: %s\r\n",
Support any HTTP method It's now possible to use redbean Fetch() with arbitrary HTTP methods, e.g. LIST which is used by Hashicorp. There's an eight char limit and uppercase canonicalization still happens. This change also includes a better function for launching a browser tab, that won't deadlock on a headless workstation running Debian. Closes #1107
2024-02-22 22:12:18 +00:00
methodstr, gc(EncodeUrl(&url, 0)), agent);
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
bool senthost = false;
bool sentcontenttype = false;
bool sentcontentlength = false;
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
for (int i = 0; i < headers.n; ++i) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
appends(&request, headers.p[i]);
appends(&request, "\r\n");
if (!strncasecmp("Host:", headers.p[i], 5)) {
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
senthost = true;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
} else if (!strncasecmp("Content-Type:", headers.p[i], 13)) {
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
sentcontenttype = true;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
} else if (!strncasecmp("Content-Length:", headers.p[i], 15)) {
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
sentcontentlength = true;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
}
}
if (!senthost) {
appends(&request, "Host: ");
appends(&request, host);
appendw(&request, ':');
appends(&request, port);
appends(&request, "\r\n");
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
}
if (postdata) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if (!sentcontenttype) {
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
appends(&request, "Content-Type: application/x-www-form-urlencoded\r\n");
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
}
if (!sentcontentlength) {
char ibuf[21];
FormatUint64(ibuf, strlen(postdata));
appends(&request, "Content-Length: ");
appends(&request, ibuf);
appends(&request, "\r\n");
}
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
}
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
appends(&request, "\r\n");
if (postdata) {
appends(&request, postdata);
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
}
Make more major improvements to redbean - POSIX regular expressions for Lua - Improved protocol parsing and encoding - Additional APIs for ZIP storage retrieval - Fix st_mode issue on NT for regular files - Generalized APIs for URL and Host handling - Worked out the kinks in resource resolution - Allow for custom error pages like /404.html
2021-04-21 02:14:21 +00:00
/*
* Perform DNS lookup.
*/
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
struct addrinfo *addr;
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
struct addrinfo hints = {.ai_family = AF_UNSPEC,
Add curl example (#42) make -j8 o//examples/curl.com o//examples/curl.com http://justine.lol/ape.html
2021-02-19 03:20:41 +00:00
.ai_socktype = SOCK_STREAM,
.ai_protocol = IPPROTO_TCP,
.ai_flags = AI_NUMERICSERV};
Use DNS implementation from Musl Libc Now that our socket system call polyfills are good enough to support Musl's DNS library we should be using that rather than the barebones domain name system implementation we rolled on our own. There's many benefits to making this change. So many, that I myself wouldn't feel qualified to enumerate them all. The Musl DNS code had to be changed in order to support Windows of course, which looks very solid so far
2023-12-29 06:58:17 +00:00
if (getaddrinfo(host, port, &hints, &addr) != 0) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
tinyprint(2, prog, ": could not resolve host: ", host, "\n", NULL);
exit(1);
}
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
/*
* Connect to server.
*/
Make improvements - Fix build flakes - Polyfill SIGWINCH on Windows - Fix an execve issue on Windows - Make strerror show more information - Improve cmd.exe setup/teardown on Windows - Support bracketed paste mode in Blinkenlights - Show keyboard shortcuts in Blinkenlights status bar - Fixed copy_file_range() and copyfile() w/ zip filesystem - Size optimize GetDosArgv() to keep life.com 12kb in size - Improve Blinkenlights ability to load weird ELF executables - Fix program_executable_name and add GetInterpreterExecutableName - Make Python in tiny mode fail better if docstrings are requested - Update Python test exclusions in tiny* modes such as tinylinux - Add bulletproof unbreakable kprintf() troubleshooting function - Remove "oldskool" keyword from ape.S for virus scanners - Fix issue that caused backtraces to not print sometimes - Improve Blinkenlights serial uart character i/o - Make clock_gettime() not clobber errno on xnu - Improve sha256 cpuid check for old computers - Integrate some bestline linenoise fixes - Show runit process names better in htop - Remove SIGPIPE from ShowCrashReports() - Make realpath() not clobber errno - Avoid attaching GDB on non-Linux - Improve img.com example
2022-03-16 20:33:13 +00:00
int ret;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if ((sock = GoodSocket(addr->ai_family, addr->ai_socktype, addr->ai_protocol,
false, &(struct timeval){-60})) == -1) {
perror("socket");
exit(1);
}
if (connect(sock, addr->ai_addr, addr->ai_addrlen)) {
tinyprint(2, prog, ": failed to connect to ", host, " port ", port, ": ",
DescribeErrno(), "\n", NULL);
exit(1);
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
freeaddrinfo(addr);
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
/*
* Setup crypto.
*/
mbedtls_ssl_config conf;
mbedtls_ssl_context ssl;
mbedtls_ctr_drbg_context drbg;
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
if (usessl) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
mbedtls_ssl_init(&ssl);
mbedtls_ctr_drbg_init(&drbg);
mbedtls_ssl_config_init(&conf);
Mint APE Loader v1.5 This change ports APE Loader to Linux AARCH64, so that Raspberry Pi users can run programs like redbean, without the executable needing to modify itself. Progress has also slipped into this change on the issue of making progress better conforming to user expectations and industry standards regarding which symbols we're allowed to declare
2023-07-26 20:54:49 +00:00
unassert(!mbedtls_ctr_drbg_seed(&drbg, GetSslEntropy, 0, "justine", 7));
unassert(!mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_STREAM,
ciphersuite));
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
mbedtls_ssl_conf_authmode(&conf, authmode);
mbedtls_ssl_conf_ca_chain(&conf, GetSslRoots(), 0);
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &drbg);
#ifndef NDEBUG
mbedtls_ssl_conf_dbg(&conf, OnSslDebug, 0);
#endif
Mint APE Loader v1.5 This change ports APE Loader to Linux AARCH64, so that Raspberry Pi users can run programs like redbean, without the executable needing to modify itself. Progress has also slipped into this change on the issue of making progress better conforming to user expectations and industry standards regarding which symbols we're allowed to declare
2023-07-26 20:54:49 +00:00
unassert(!mbedtls_ssl_setup(&ssl, &conf));
unassert(!mbedtls_ssl_set_hostname(&ssl, host));
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
mbedtls_ssl_set_bio(&ssl, &sock, TlsSend, 0, TlsRecv);
if ((ret = mbedtls_ssl_handshake(&ssl))) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
tinyprint(2, prog, ": ssl negotiation with ", host,
" failed: ", DescribeSslClientHandshakeError(&ssl, ret), "\n",
NULL);
exit(1);
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
}
}
/*
* Send HTTP Message.
*/
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
ssize_t rc;
size_t i, n;
Add SNI support to redbean and improve SSL perf This change makes SSL virtual hosting possible. You can now load multiple certificates for multiple domains and redbean will just figure out which one to use, even if you only have 1 ip address. You can also use a jumbo certificate that lists all your domains in the the subject alternative names. This change also makes performance improvements to MbedTLS. Here are some benchmarks vs. cc1920749eb81f346badaf55fbf79620cb718a55 BEFORE AFTER (microsecs) suite_ssl.com 2512881 191738 13.11x faster suite_pkparse.com 36291 3295 11.01x faster suite_x509parse.com 854669 120293 7.10x faster suite_pkwrite.com 6549 1265 5.18x faster suite_ecdsa.com 53347 18778 2.84x faster suite_pk.com 49051 18717 2.62x faster suite_ecdh.com 19535 9502 2.06x faster suite_shax.com 15848 7965 1.99x faster suite_rsa.com 353257 184828 1.91x faster suite_x509write.com 162646 85733 1.90x faster suite_ecp.com 20503 11050 1.86x faster suite_hmac_drbg.no_reseed.com 19528 11417 1.71x faster suite_hmac_drbg.nopr.com 12460 8010 1.56x faster suite_mpi.com 687124 442661 1.55x faster suite_hmac_drbg.pr.com 11890 7752 1.53x faster There aren't any special tricks to the performance imporvements. It's mostly due to code cleanup, assembly and intel instructions like mulx, adox, and adcx.
2021-07-19 21:55:20 +00:00
n = appendz(request).i;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
for (i = 0; i < n; i += rc) {
if (usessl) {
rc = mbedtls_ssl_write(&ssl, request + i, n - i);
if (rc <= 0) {
tinyprint(2, prog, ": ssl send failed: ", DescribeMbedtlsErrorCode(rc),
"\n", NULL);
exit(1);
}
} else {
rc = write(sock, request + i, n - i);
if (rc <= 0) {
tinyprint(2, prog, ": send failed: ", DescribeErrno(), "\n", NULL);
exit(1);
}
}
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
}
Make more major improvements to redbean - POSIX regular expressions for Lua - Improved protocol parsing and encoding - Additional APIs for ZIP storage retrieval - Fix st_mode issue on NT for regular files - Generalized APIs for URL and Host handling - Worked out the kinks in resource resolution - Allow for custom error pages like /404.html
2021-04-21 02:14:21 +00:00
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
/*
* Handle response.
*/
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
int t;
char *p;
struct HttpMessage msg;
struct HttpUnchunker u;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
size_t g, hdrlen, paylen;
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
InitHttpMessage(&msg, kHttpResponse);
for (p = 0, hdrlen = paylen = t = i = n = 0;;) {
if (i == n) {
n += 1000;
n += n >> 1;
p = realloc(p, n);
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
}
if (usessl) {
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
if ((rc = mbedtls_ssl_read(&ssl, p + i, n - i)) < 0) {
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
if (rc == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) {
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
rc = 0;
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
} else {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
tinyprint(2, prog,
": ssl recv failed: ", DescribeMbedtlsErrorCode(rc), "\n",
NULL);
exit(1);
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
}
}
} else {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if ((rc = read(sock, p + i, n - i)) == -1) {
tinyprint(2, prog, ": recv failed: ", DescribeErrno(), "\n", NULL);
exit(1);
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
}
g = rc;
i += g;
switch (t) {
case kHttpClientStateHeaders:
Mint APE Loader v1.5 This change ports APE Loader to Linux AARCH64, so that Raspberry Pi users can run programs like redbean, without the executable needing to modify itself. Progress has also slipped into this change on the issue of making progress better conforming to user expectations and industry standards regarding which symbols we're allowed to declare
2023-07-26 20:54:49 +00:00
unassert(g);
Refactor and improve CTL and other code
2024-06-04 12:41:53 +00:00
if ((rc = ParseHttpMessage(&msg, p, i, n)) == -1) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
tinyprint(2, prog, ": ", host, " sent bad http message\n", NULL);
exit(1);
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
if (rc) {
hdrlen = rc;
if (100 <= msg.status && msg.status <= 199) {
DestroyHttpMessage(&msg);
InitHttpMessage(&msg, kHttpResponse);
memmove(p, p + hdrlen, i - hdrlen);
i -= hdrlen;
break;
}
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
if (method == kHttpHead || includeheaders) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
WriteOutput(p, hdrlen);
Add support for the `-i` (include headers) and `-d` (POST data) options in `curl.com` (#708) This commit also paves the way for initial IPv6 support in `curl.com` by specifying `AF_UNSPEC` for the address family in the hints passed to `getaddrinfo()`.
2022-12-24 01:06:48 +00:00
}
if (method == kHttpHead || msg.status == 204 || msg.status == 304) {
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
goto Finished;
}
if (HasHeader(kHttpTransferEncoding) &&
!HeaderEqualCase(kHttpTransferEncoding, "identity")) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if (!HeaderEqualCase(kHttpTransferEncoding, "chunked")) {
tinyprint(2, prog, ": ", host,
" sent unsupported transfer encoding\n", NULL);
exit(1);
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
t = kHttpClientStateBodyChunked;
memset(&u, 0, sizeof(u));
goto Chunked;
} else if (HasHeader(kHttpContentLength)) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if ((rc = ParseContentLength(HeaderData(kHttpContentLength),
HeaderLength(kHttpContentLength))) ==
-1) {
tinyprint(2, prog, ": ", host, " sent bad content length\n",
NULL);
exit(1);
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
t = kHttpClientStateBodyLengthed;
paylen = rc;
if (paylen > i - hdrlen) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
WriteOutput(p + hdrlen, i - hdrlen);
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
} else {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
WriteOutput(p + hdrlen, paylen);
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
goto Finished;
}
} else {
t = kHttpClientStateBody;
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
WriteOutput(p + hdrlen, i - hdrlen);
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
}
}
break;
case kHttpClientStateBody:
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
WriteOutput(p + i - g, g);
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
if (!g)
goto Finished;
break;
case kHttpClientStateBodyLengthed:
Mint APE Loader v1.5 This change ports APE Loader to Linux AARCH64, so that Raspberry Pi users can run programs like redbean, without the executable needing to modify itself. Progress has also slipped into this change on the issue of making progress better conforming to user expectations and industry standards regarding which symbols we're allowed to declare
2023-07-26 20:54:49 +00:00
unassert(g);
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if (i - hdrlen > paylen) {
g = hdrlen + paylen - (i - g);
}
WriteOutput(p + i - g, g);
if (i - hdrlen >= paylen) {
goto Finished;
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
break;
case kHttpClientStateBodyChunked:
Chunked:
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if ((rc = Unchunk(&u, p + hdrlen, i - hdrlen, &paylen)) == -1) {
tinyprint(2, prog, ": ", host, " sent bad chunk coding\n", NULL);
exit(1);
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
if (rc) {
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
WriteOutput(p + hdrlen, paylen);
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
goto Finished;
}
break;
default:
abort();
Add curl example (#42) make -j8 o//examples/curl.com o//examples/curl.com http://justine.lol/ape.html
2021-02-19 03:20:41 +00:00
}
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
/*
* Close connection.
*/
Finished:
Do work on curl/mbedtls/zstd This change fixes stderr to be unbuffered. Added hardware AES on ARM64 to help safeguard against timing attacks. The curl.com command will be somewhat more pleasant to use.
2023-07-07 17:00:49 +00:00
if (close(sock)) {
tinyprint(2, prog, ": close failed: ", DescribeErrno(), "\n", NULL);
exit(1);
}
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
/*
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
* Free memory.
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
*/
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
free(p);
free(headers.p);
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
if (usessl) {
mbedtls_ssl_free(&ssl);
mbedtls_ctr_drbg_free(&drbg);
Add HTTP/HTTPS Fetch() API to redbean You can now say the following in your redbean Lua code: status,headers,payload = Fetch("https://foo.example") The following Lua APIs have been introduced: - Fetch(str) → str,{str:str},str - GetHttpReason(int) → str - GetHttpReason(int) → str - ProgramSslFetchVerify(bool) - ProgramSslClientVerify(bool) The following flags have been introduced: - `-j` enables client SSL verification - `-k` disables Fetch() SSL verification - `-t INT` may now be passed a negative value for keepalive Lua exceptions now invoke Cosmopolitan's garbage collector when unwinding the stack. So it's now safe to use _gc() w/ Lua 𝔱𝔥𝔯𝔬𝔴 See #97
2021-07-08 04:44:27 +00:00
mbedtls_ssl_config_free(&conf);
Make improvements to redbean The following Lua APIs have been added: - IsDaemon() → bool - ProgramPidPath(str) The following Lua hooks have been added: - OnClientConnection(ip:int,port:int,serverip:int,serverport:int) → bool - OnProcessCreate(pid:int,ip:int,port:int,serverip:int,serverport:int) - OnProcessDestroy(pid:int) - OnServerStart() - OnServerStop() - OnWorkerStart() - OnWorkerStop() redbean now does a better job at applying gzip on the fly from the local filesystem, using a streaming chunked api with constant memory, which is useful for doing things like serving a 4gb text file off NFS, and having it start transmitting in milliseconds. redbean will also compute entropy on the beginnings of files to determine if compression is profitable. This change pays off technical debts relating to memory, such as relying on exit() to free() allocations. That's now mostly fixed so it should be easier now to spot memory leaks in malloc traces. This change also fixes bugs and makes improvements to our SSL support. Uniprocess mode failed handshakes are no longer an issue. Token Alpn is offered so curl -v looks less weird. Hybrid SSL certificate loading is now smarter about naming conflicts. Self-signed CA root anchors will no longer be delivered to the client during the handshake.
2021-07-10 22:02:03 +00:00
mbedtls_ctr_drbg_free(&drbg);
Update curl example to support ssl / https Now that we know our SSL client works, and that it's able to verify certificates, the next step will be adding it as an API to redbean. See #97
2021-07-06 20:39:18 +00:00
}
Add curl example (#42) make -j8 o//examples/curl.com o//examples/curl.com http://justine.lol/ape.html
2021-02-19 03:20:41 +00:00
return 0;
}
Reference in a new issue Copy permalink