tsget 6.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200
  1. #!/usr/bin/perl
  2. # Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. # Copyright (c) 2002 The OpenTSA Project. All rights reserved.
  4. #
  5. # Licensed under the OpenSSL license (the "License"). You may not use
  6. # this file except in compliance with the License. You can obtain a copy
  7. # in the file LICENSE in the source distribution or at
  8. # https://www.openssl.org/source/license.html
  9. use strict;
  10. use IO::Handle;
  11. use Getopt::Std;
  12. use File::Basename;
  13. use WWW::Curl::Easy;
  14. use vars qw(%options);
  15. # Callback for reading the body.
  16. sub read_body {
  17. my ($maxlength, $state) = @_;
  18. my $return_data = "";
  19. my $data_len = length ${$state->{data}};
  20. if ($state->{bytes} < $data_len) {
  21. $data_len = $data_len - $state->{bytes};
  22. $data_len = $maxlength if $data_len > $maxlength;
  23. $return_data = substr ${$state->{data}}, $state->{bytes}, $data_len;
  24. $state->{bytes} += $data_len;
  25. }
  26. return $return_data;
  27. }
  28. # Callback for writing the body into a variable.
  29. sub write_body {
  30. my ($data, $pointer) = @_;
  31. ${$pointer} .= $data;
  32. return length($data);
  33. }
  34. # Initialise a new Curl object.
  35. sub create_curl {
  36. my $url = shift;
  37. # Create Curl object.
  38. my $curl = WWW::Curl::Easy::new();
  39. # Error-handling related options.
  40. $curl->setopt(CURLOPT_VERBOSE, 1) if $options{d};
  41. $curl->setopt(CURLOPT_FAILONERROR, 1);
  42. $curl->setopt(CURLOPT_USERAGENT,
  43. "OpenTSA tsget.pl/openssl-1.1.1f");
  44. # Options for POST method.
  45. $curl->setopt(CURLOPT_UPLOAD, 1);
  46. $curl->setopt(CURLOPT_CUSTOMREQUEST, "POST");
  47. $curl->setopt(CURLOPT_HTTPHEADER,
  48. ["Content-Type: application/timestamp-query",
  49. "Accept: application/timestamp-reply,application/timestamp-response"]);
  50. $curl->setopt(CURLOPT_READFUNCTION, \&read_body);
  51. $curl->setopt(CURLOPT_HEADERFUNCTION, sub { return length($_[0]); });
  52. # Options for getting the result.
  53. $curl->setopt(CURLOPT_WRITEFUNCTION, \&write_body);
  54. # SSL related options.
  55. $curl->setopt(CURLOPT_SSLKEYTYPE, "PEM");
  56. $curl->setopt(CURLOPT_SSL_VERIFYPEER, 1); # Verify server's certificate.
  57. $curl->setopt(CURLOPT_SSL_VERIFYHOST, 2); # Check server's CN.
  58. $curl->setopt(CURLOPT_SSLKEY, $options{k}) if defined($options{k});
  59. $curl->setopt(CURLOPT_SSLKEYPASSWD, $options{p}) if defined($options{p});
  60. $curl->setopt(CURLOPT_SSLCERT, $options{c}) if defined($options{c});
  61. $curl->setopt(CURLOPT_CAINFO, $options{C}) if defined($options{C});
  62. $curl->setopt(CURLOPT_CAPATH, $options{P}) if defined($options{P});
  63. $curl->setopt(CURLOPT_RANDOM_FILE, $options{r}) if defined($options{r});
  64. $curl->setopt(CURLOPT_EGDSOCKET, $options{g}) if defined($options{g});
  65. # Setting destination.
  66. $curl->setopt(CURLOPT_URL, $url);
  67. return $curl;
  68. }
  69. # Send a request and returns the body back.
  70. sub get_timestamp {
  71. my $curl = shift;
  72. my $body = shift;
  73. my $ts_body;
  74. local $::error_buf;
  75. # Error-handling related options.
  76. $curl->setopt(CURLOPT_ERRORBUFFER, "::error_buf");
  77. # Options for POST method.
  78. $curl->setopt(CURLOPT_INFILE, {data => $body, bytes => 0});
  79. $curl->setopt(CURLOPT_INFILESIZE, length(${$body}));
  80. # Options for getting the result.
  81. $curl->setopt(CURLOPT_FILE, \$ts_body);
  82. # Send the request...
  83. my $error_code = $curl->perform();
  84. my $error_string;
  85. if ($error_code != 0) {
  86. my $http_code = $curl->getinfo(CURLINFO_HTTP_CODE);
  87. $error_string = "could not get timestamp";
  88. $error_string .= ", http code: $http_code" unless $http_code == 0;
  89. $error_string .= ", curl code: $error_code";
  90. $error_string .= " ($::error_buf)" if defined($::error_buf);
  91. } else {
  92. my $ct = $curl->getinfo(CURLINFO_CONTENT_TYPE);
  93. if (lc($ct) ne "application/timestamp-reply"
  94. && lc($ct) ne "application/timestamp-response") {
  95. $error_string = "unexpected content type returned: $ct";
  96. }
  97. }
  98. return ($ts_body, $error_string);
  99. }
  100. # Print usage information and exists.
  101. sub usage {
  102. print STDERR "usage: $0 -h <server_url> [-e <extension>] [-o <output>] ";
  103. print STDERR "[-v] [-d] [-k <private_key.pem>] [-p <key_password>] ";
  104. print STDERR "[-c <client_cert.pem>] [-C <CA_certs.pem>] [-P <CA_path>] ";
  105. print STDERR "[-r <file:file...>] [-g <EGD_socket>] [<request>]...\n";
  106. exit 1;
  107. }
  108. # ----------------------------------------------------------------------
  109. # Main program
  110. # ----------------------------------------------------------------------
  111. # Getting command-line options (default comes from TSGET environment variable).
  112. my $getopt_arg = "h:e:o:vdk:p:c:C:P:r:g:";
  113. if (exists $ENV{TSGET}) {
  114. my @old_argv = @ARGV;
  115. @ARGV = split /\s+/, $ENV{TSGET};
  116. getopts($getopt_arg, \%options) or usage;
  117. @ARGV = @old_argv;
  118. }
  119. getopts($getopt_arg, \%options) or usage;
  120. # Checking argument consistency.
  121. if (!exists($options{h}) || (@ARGV == 0 && !exists($options{o}))
  122. || (@ARGV > 1 && exists($options{o}))) {
  123. print STDERR "Inconsistent command line options.\n";
  124. usage;
  125. }
  126. # Setting defaults.
  127. @ARGV = ("-") unless @ARGV != 0;
  128. $options{e} = ".tsr" unless defined($options{e});
  129. # Processing requests.
  130. my $curl = create_curl $options{h};
  131. undef $/; # For reading whole files.
  132. REQUEST: foreach (@ARGV) {
  133. my $input = $_;
  134. my ($base, $path) = fileparse($input, '\.[^.]*');
  135. my $output_base = $base . $options{e};
  136. my $output = defined($options{o}) ? $options{o} : $path . $output_base;
  137. STDERR->printflush("$input: ") if $options{v};
  138. # Read request.
  139. my $body;
  140. if ($input eq "-") {
  141. # Read the request from STDIN;
  142. $body = <STDIN>;
  143. } else {
  144. # Read the request from file.
  145. open INPUT, "<" . $input
  146. or warn("$input: could not open input file: $!\n"), next REQUEST;
  147. $body = <INPUT>;
  148. close INPUT
  149. or warn("$input: could not close input file: $!\n"), next REQUEST;
  150. }
  151. # Send request.
  152. STDERR->printflush("sending request") if $options{v};
  153. my ($ts_body, $error) = get_timestamp $curl, \$body;
  154. if (defined($error)) {
  155. die "$input: fatal error: $error\n";
  156. }
  157. STDERR->printflush(", reply received") if $options{v};
  158. # Write response.
  159. if ($output eq "-") {
  160. # Write to STDOUT.
  161. print $ts_body;
  162. } else {
  163. # Write to file.
  164. open OUTPUT, ">", $output
  165. or warn("$output: could not open output file: $!\n"), next REQUEST;
  166. print OUTPUT $ts_body;
  167. close OUTPUT
  168. or warn("$output: could not close output file: $!\n"), next REQUEST;
  169. }
  170. STDERR->printflush(", $output written.\n") if $options{v};
  171. }
  172. $curl->cleanup();