http_async_client: null terminated CURLOPT_

(cherry picked from commit 574a11d8c0c20d3d0c058726609df8ed4e5b68dc)

src/modules/http_async_client/async_http.c

@@ -273,25 +273,43 @@ void notification_socket_cb(int fd, short event, void *arg)
 	}
 	query_params.method  = aq->query_params.method;
 
-	if (aq->query_params.tls_client_cert.s && aq->query_params.tls_client_cert.len > 0) {
-		if (shm_str_dup(&query_params.tls_client_cert, &(aq->query_params.tls_client_cert)) < 0) {
+	if (aq->query_params.tls_client_cert) {
+		len = strlen(aq->query_params.tls_client_cert);
+		query_params.tls_client_cert = shm_malloc(len+1);
+
+		if(query_params.tls_client_cert == NULL) {
 			LM_ERR("Error allocating query_params.tls_client_cert\n");
 			goto done;
 		}
+
+		strncpy(query_params.tls_client_cert, aq->query_params.tls_client_cert, len);
+		query_params.tls_client_cert[len] = '\0';
 	}
 
-	if (aq->query_params.tls_client_key.s && aq->query_params.tls_client_key.len > 0) {
-		if (shm_str_dup(&query_params.tls_client_key, &(aq->query_params.tls_client_key)) < 0) {
+	if (aq->query_params.tls_client_key) {
+		len = strlen(aq->query_params.tls_client_key);
+		query_params.tls_client_key = shm_malloc(len+1);
+
+		if(query_params.tls_client_key == NULL) {
 			LM_ERR("Error allocating query_params.tls_client_key\n");
 			goto done;
 		}
+
+		strncpy(query_params.tls_client_key, aq->query_params.tls_client_key, len);
+		query_params.tls_client_key[len] = '\0';
 	}
 
-	if (aq->query_params.tls_ca_path.s && aq->query_params.tls_ca_path.len > 0) {
-		if (shm_str_dup(&query_params.tls_ca_path, &(aq->query_params.tls_ca_path)) < 0) {
+	if (aq->query_params.tls_ca_path) {
+		len = strlen(aq->query_params.tls_ca_path);
+		query_params.tls_ca_path = shm_malloc(len+1);
+
+		if(query_params.tls_ca_path == NULL) {
 			LM_ERR("Error allocating query_params.tls_ca_path\n");
 			goto done;
 		}
+
+		strncpy(query_params.tls_ca_path, aq->query_params.tls_ca_path, len);
+		query_params.tls_ca_path[len] = '\0';
 	}
 
 	if (aq->query_params.body.s && aq->query_params.body.len > 0) {
@@ -335,20 +353,17 @@ void notification_socket_cb(int fd, short event, void *arg)
 	}
 
 done:
-	if (query_params.tls_client_cert.s && query_params.tls_client_cert.len > 0) {
-		shm_free(query_params.tls_client_cert.s);
-		query_params.tls_client_cert.s = NULL;
-		query_params.tls_client_cert.len = 0;
+	if (query_params.tls_client_cert) {
+		shm_free(query_params.tls_client_cert);
+		query_params.tls_client_cert = NULL;
 	}
-	if (query_params.tls_client_key.s && query_params.tls_client_key.len > 0) {
-		shm_free(query_params.tls_client_key.s);
-		query_params.tls_client_key.s = NULL;
-		query_params.tls_client_key.len = 0;
+	if (query_params.tls_client_key) {
+		shm_free(query_params.tls_client_key);
+		query_params.tls_client_key = NULL;
 	}
-	if (query_params.tls_ca_path.s && query_params.tls_ca_path.len > 0) {
-		shm_free(query_params.tls_ca_path.s);
-		query_params.tls_ca_path.s = NULL;
-		query_params.tls_ca_path.len = 0;
+	if (query_params.tls_ca_path) {
+		shm_free(query_params.tls_ca_path);
+		query_params.tls_ca_path = NULL;
 	}
 	if (query_params.body.s && query_params.body.len > 0) {
 		shm_free(query_params.body.s);
@@ -441,31 +456,46 @@ int async_send_query(sip_msg_t *msg, str *query, cfg_action_t *act)
 	snprintf(q_id, MAX_ID_LEN+1, "%u-%u", (unsigned int)getpid(), q_idx);
 	strncpy(aq->id, q_id, strlen(q_id));
 
-	aq->query_params.tls_client_cert.s = NULL;
-	aq->query_params.tls_client_cert.len = 0;
-	if (ah_params.tls_client_cert.s && ah_params.tls_client_cert.len > 0) {
-		if (shm_str_dup(&aq->query_params.tls_client_cert, &(ah_params.tls_client_cert)) < 0) {
+	aq->query_params.tls_client_cert = NULL;
+	if (ah_params.tls_client_cert) {
+		len = strlen(ah_params.tls_client_cert);
+		aq->query_params.tls_client_cert = shm_malloc(len+1);
+
+		if(aq->query_params.tls_client_cert == NULL) {
 			LM_ERR("Error allocating aq->query_params.tls_client_cert\n");
 			goto error;
 		}
+
+		strncpy(aq->query_params.tls_client_cert, ah_params.tls_client_cert, len);
+		aq->query_params.tls_client_cert[len] = '\0';
 	}
 
-	aq->query_params.tls_client_key.s = NULL;
-	aq->query_params.tls_client_key.len = 0;
-	if (ah_params.tls_client_key.s && ah_params.tls_client_key.len > 0) {
-		if (shm_str_dup(&aq->query_params.tls_client_key, &(ah_params.tls_client_key)) < 0) {
+	aq->query_params.tls_client_key = NULL;
+	if (ah_params.tls_client_key) {
+		len = strlen(ah_params.tls_client_key);
+		aq->query_params.tls_client_key = shm_malloc(len+1);
+
+		if(aq->query_params.tls_client_key == NULL) {
 			LM_ERR("Error allocating aq->query_params.tls_client_key\n");
 			goto error;
 		}
+
+		strncpy(aq->query_params.tls_client_key, ah_params.tls_client_key, len);
+		aq->query_params.tls_client_key[len] = '\0';
 	}
 
-	aq->query_params.tls_ca_path.s = NULL;
-	aq->query_params.tls_ca_path.len = 0;
-	if (ah_params.tls_ca_path.s && ah_params.tls_ca_path.len > 0) {
-		if (shm_str_dup(&aq->query_params.tls_ca_path, &(ah_params.tls_ca_path)) < 0) {
+	aq->query_params.tls_ca_path = NULL;
+	if (ah_params.tls_ca_path) {
+		len = strlen(ah_params.tls_ca_path);
+		aq->query_params.tls_ca_path = shm_malloc(len+1);
+
+		if(aq->query_params.tls_ca_path == NULL) {
 			LM_ERR("Error allocating aq->query_params.tls_ca_path\n");
 			goto error;
 		}
+
+		strncpy(aq->query_params.tls_ca_path, ah_params.tls_ca_path, len);
+		aq->query_params.tls_ca_path[len] = '\0';
 	}
 
 	aq->query_params.body.s = NULL;
@@ -555,6 +585,7 @@ void init_query_params(struct query_params *p) {
 }
 
 void set_query_params(struct query_params *p) {
+	int len;
 	p->headers.len = 0;
 	p->headers.t = NULL;
 	p->tls_verify_host = tls_verify_host;
@@ -564,40 +595,55 @@ void set_query_params(struct query_params *p) {
 	p->method = AH_METH_DEFAULT;
 	p->authmethod = default_authmethod;
 
-	if (p->tls_client_cert.s && p->tls_client_cert.len > 0) {
-		shm_free(p->tls_client_cert.s);
-		p->tls_client_cert.s = NULL;
-		p->tls_client_cert.len = 0;
+	if (p->tls_client_cert) {
+		shm_free(p->tls_client_cert);
+		p->tls_client_cert = NULL;
 	}
-	if (tls_client_cert.s && tls_client_cert.len > 0) {
-		if (shm_str_dup(&p->tls_client_cert, &tls_client_cert) < 0) {
+	if (tls_client_cert) {
+		len = strlen(tls_client_cert);
+		p->tls_client_cert = shm_malloc(len+1);
+
+		if (p->tls_client_cert == NULL) {
 			LM_ERR("Error allocating tls_client_cert\n");
 			return;
 		}
+
+		strncpy(p->tls_client_cert, tls_client_cert, len);
+		p->tls_client_cert[len] = '\0';
 	}
 
-	if (p->tls_client_key.s && p->tls_client_key.len > 0) {
-		shm_free(p->tls_client_key.s);
-		p->tls_client_key.s = NULL;
-		p->tls_client_key.len = 0;
+	if (p->tls_client_key) {
+		shm_free(p->tls_client_key);
+		p->tls_client_key = NULL;
 	}
-	if (tls_client_key.s && tls_client_key.len > 0) {
-		if (shm_str_dup(&p->tls_client_key, &tls_client_key) < 0) {
+	if (tls_client_key) {
+		len = strlen(tls_client_key);
+		p->tls_client_key = shm_malloc(len+1);
+
+		if (p->tls_client_key == NULL) {
 			LM_ERR("Error allocating tls_client_key\n");
 			return;
 		}
+
+		strncpy(p->tls_client_key, tls_client_key, len);
+		p->tls_client_key[len] = '\0';
 	}
 
-	if (p->tls_ca_path.s && p->tls_ca_path.len > 0) {
-		shm_free(p->tls_ca_path.s);
-		p->tls_ca_path.s = NULL;
-		p->tls_ca_path.len = 0;
+	if (p->tls_ca_path) {
+		shm_free(p->tls_ca_path);
+		p->tls_ca_path = NULL;
 	}
-	if (tls_ca_path.s && tls_ca_path.len > 0) {
-		if (shm_str_dup(&p->tls_ca_path, &tls_ca_path) < 0) {
+	if (tls_ca_path) {
+		len = strlen(tls_ca_path);
+		p->tls_ca_path = shm_malloc(len+1);
+
+		if (p->tls_ca_path == NULL) {
 			LM_ERR("Error allocating tls_ca_path\n");
 			return;
 		}
+
+		strncpy(p->tls_ca_path, tls_ca_path, len);
+		p->tls_ca_path[len] = '\0';
 	}
 
 	if (p->body.s && p->body.len > 0) {

src/modules/http_async_client/async_http.h

@@ -55,9 +55,9 @@ extern str ah_error;
 
 extern int tls_verify_host;
 extern int tls_verify_peer;
-extern str tls_client_cert;
-extern str tls_client_key;
-extern str tls_ca_path;
+extern char* tls_client_cert;
+extern char* tls_client_key;
+extern char* tls_ca_path;
 
 extern unsigned int default_authmethod;
 
@@ -89,9 +89,9 @@ struct query_params {
 
 	unsigned int timeout;
 	struct header_list headers;
-	str tls_client_cert;
-	str tls_client_key;
-	str tls_ca_path;
+	char* tls_client_cert;
+	char* tls_client_key;
+	char* tls_ca_path;
 	str body;
 
 	unsigned int authmethod;
@@ -143,22 +143,19 @@ static inline void free_async_query(async_query_t *aq)
 		shm_free(aq->query_params.headers.t);
 	}
 
-	if (aq->query_params.tls_client_cert.s && aq->query_params.tls_client_cert.len > 0) {
-		shm_free(aq->query_params.tls_client_cert.s);
-		aq->query_params.tls_client_cert.s = NULL;
-		aq->query_params.tls_client_cert.len = 0;
+	if (aq->query_params.tls_client_cert) {
+		shm_free(aq->query_params.tls_client_cert);
+		aq->query_params.tls_client_cert = NULL;
 	}
 
-	if (aq->query_params.tls_client_key.s && aq->query_params.tls_client_key.len > 0) {
-		shm_free(aq->query_params.tls_client_key.s);
-		aq->query_params.tls_client_key.s = NULL;
-		aq->query_params.tls_client_key.len = 0;
+	if (aq->query_params.tls_client_key) {
+		shm_free(aq->query_params.tls_client_key);
+		aq->query_params.tls_client_key = NULL;
 	}
 
-	if (aq->query_params.tls_ca_path.s && aq->query_params.tls_ca_path.len > 0) {
-		shm_free(aq->query_params.tls_ca_path.s);
-		aq->query_params.tls_ca_path.s = NULL;
-		aq->query_params.tls_ca_path.len = 0;
+	if (aq->query_params.tls_ca_path) {
+		shm_free(aq->query_params.tls_ca_path);
+		aq->query_params.tls_ca_path = NULL;
 	}
 
 	if (aq->query_params.body.s && aq->query_params.body.len > 0) {

src/modules/http_async_client/hm_hash.h

@@ -70,9 +70,9 @@ typedef struct hm_params {
 	int tls_verify_peer;
 	struct curl_slist* headers;
 	int method;
-	str tls_client_cert;
-	str tls_client_key;
-	str tls_ca_path;
+	char* tls_client_cert;
+	char* tls_client_key;
+	char* tls_ca_path;
 	str body;
 	
 	unsigned int authmethod;

src/modules/http_async_client/http_async_client_mod.c

@@ -70,9 +70,9 @@ int tls_version = 0; // Use default SSL version in HTTPS requests (see curl/curl
 int tls_verify_host = 1; // By default verify host in HTTPS requests
 int tls_verify_peer = 1; // By default verify peer in HTTPS requests
 int curl_verbose = 0;
-str tls_client_cert = STR_STATIC_INIT(""); // client SSL certificate path, defaults to NULL
-str tls_client_key = STR_STATIC_INIT(""); // client SSL certificate key path, defaults to NULL
-str tls_ca_path = STR_STATIC_INIT(""); // certificate authority dir path, defaults to NULL
+char* tls_client_cert = ""; // client SSL certificate path, defaults to NULL
+char* tls_client_key = ""; // client SSL certificate key path, defaults to NULL
+char* tls_ca_path = ""; // certificate authority dir path, defaults to NULL
 static char *memory_manager = "shm";
 extern int curl_memory_manager;
 unsigned int default_authmethod = CURLAUTH_BASIC | CURLAUTH_DIGEST;
@@ -138,9 +138,9 @@ static param_export_t params[]={
 	{"tls_verify_host",		INT_PARAM,		&tls_verify_host},
 	{"tls_verify_peer",		INT_PARAM,		&tls_verify_peer},
 	{"curl_verbose",		INT_PARAM,		&curl_verbose},
-	{"tls_client_cert",		PARAM_STR,		&tls_client_cert},
-	{"tls_client_key",		PARAM_STR,		&tls_client_key},
-	{"tls_ca_path",			PARAM_STR,		&tls_ca_path},
+	{"tls_client_cert",		PARAM_STRING,	&tls_client_cert},
+	{"tls_client_key",		PARAM_STRING,	&tls_client_key},
+	{"tls_ca_path",			PARAM_STRING,	&tls_ca_path},
 	{"memory_manager",		PARAM_STRING,	&memory_manager},
 	{"authmethod",			PARAM_INT,		&default_authmethod },
 	{0, 0, 0}
@@ -679,9 +679,7 @@ static int ah_set_req(struct sip_msg* msg, pv_param_t *param,
 				LM_ERR("invalid value type for $http_req(tls_ca_path)\n");
 				return -1;
 			}
-			set_query_param(&ah_params.tls_ca_path, tval->rs);
-		} else {
-			set_query_param(&ah_params.tls_ca_path, tls_ca_path);
+			set_query_cparam(&ah_params.tls_ca_path, tval->rs);
 		}
 		break;
 	case E_HRN_TLS_CLIENT_KEY:
@@ -690,9 +688,7 @@ static int ah_set_req(struct sip_msg* msg, pv_param_t *param,
 				LM_ERR("invalid value type for $http_req(tls_client_key)\n");
 				return -1;
 			}
-			set_query_param(&ah_params.tls_client_key, tval->rs);
-		} else {
-			set_query_param(&ah_params.tls_client_key, tls_client_key);
+			set_query_cparam(&ah_params.tls_client_key, tval->rs);
 		}
 		break;
 	case E_HRN_TLS_CLIENT_CERT:
@@ -701,9 +697,7 @@ static int ah_set_req(struct sip_msg* msg, pv_param_t *param,
 				LM_ERR("invalid value type for $http_req(tls_client_cert)\n");
 				return -1;
 			}
-			set_query_param(&ah_params.tls_client_cert, tval->rs);
-		} else {
-			set_query_param(&ah_params.tls_client_cert, tls_client_cert);
+			set_query_cparam(&ah_params.tls_client_cert, tval->rs);
 		}
 		break;
 	case E_HRN_SUSPEND:

src/modules/http_async_client/http_multi.c

@@ -477,16 +477,16 @@ int new_request(str *query, http_m_params_t *query_params, http_multi_cbe_t cb,
 	curl_easy_setopt(cell->easy, CURLOPT_SSL_VERIFYHOST, cell->params.tls_verify_host?2:0);
 	curl_easy_setopt(cell->easy, CURLOPT_SSLVERSION, tls_version);
 
-	if (cell->params.tls_client_cert.s && cell->params.tls_client_cert.len > 0) {
-		curl_easy_setopt(cell->easy, CURLOPT_SSLCERT, cell->params.tls_client_cert.s);
+	if (cell->params.tls_client_cert) {
+		curl_easy_setopt(cell->easy, CURLOPT_SSLCERT, cell->params.tls_client_cert);
 	}
 
-	if (cell->params.tls_client_key.s && cell->params.tls_client_key.len > 0) {
-		curl_easy_setopt(cell->easy, CURLOPT_SSLKEY, cell->params.tls_client_key.s);
+	if (cell->params.tls_client_key) {
+		curl_easy_setopt(cell->easy, CURLOPT_SSLKEY, cell->params.tls_client_key);
 	}
 
-	if (cell->params.tls_ca_path.s && cell->params.tls_ca_path.len > 0) {
-		curl_easy_setopt(cell->easy, CURLOPT_CAPATH, cell->params.tls_ca_path.s);
+	if (cell->params.tls_ca_path) {
+		curl_easy_setopt(cell->easy, CURLOPT_CAPATH, cell->params.tls_ca_path);
 	}
 
 	curl_easy_setopt(cell->easy, CURLOPT_HEADER, 1);