#!/usr/bin/env perl

[0] Fix | Delete

# Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.

[1] Fix | Delete

# Copyright (c) 2002 The OpenTSA Project. All rights reserved.

[2] Fix | Delete

#

[3] Fix | Delete

# Licensed under the OpenSSL license (the "License"). You may not use

[4] Fix | Delete

# this file except in compliance with the License. You can obtain a copy

[5] Fix | Delete

# in the file LICENSE in the source distribution or at

[6] Fix | Delete

# https://www.openssl.org/source/license.html

[7] Fix | Delete

[8] Fix | Delete

use strict;

[9] Fix | Delete

use IO::Handle;

[10] Fix | Delete

use Getopt::Std;

[11] Fix | Delete

use File::Basename;

[12] Fix | Delete

use WWW::Curl::Easy;

[13] Fix | Delete

[14] Fix | Delete

use vars qw(%options);

[15] Fix | Delete

[16] Fix | Delete

# Callback for reading the body.

[17] Fix | Delete

sub read_body {

[18] Fix | Delete

my ($maxlength, $state) = @_;

[19] Fix | Delete

my $return_data = "";

[20] Fix | Delete

my $data_len = length ${$state->{data}};

[21] Fix | Delete

if ($state->{bytes} < $data_len) {

[22] Fix | Delete

$data_len = $data_len - $state->{bytes};

[23] Fix | Delete

$data_len = $maxlength if $data_len > $maxlength;

[24] Fix | Delete

$return_data = substr ${$state->{data}}, $state->{bytes}, $data_len;

[25] Fix | Delete

$state->{bytes} += $data_len;

[26] Fix | Delete

}

[27] Fix | Delete

return $return_data;

[28] Fix | Delete

}

[29] Fix | Delete

[30] Fix | Delete

# Callback for writing the body into a variable.

[31] Fix | Delete

sub write_body {

[32] Fix | Delete

my ($data, $pointer) = @_;

[33] Fix | Delete

${$pointer} .= $data;

[34] Fix | Delete

return length($data);

[35] Fix | Delete

}

[36] Fix | Delete

[37] Fix | Delete

# Initialise a new Curl object.

[38] Fix | Delete

sub create_curl {

[39] Fix | Delete

my $url = shift;

[40] Fix | Delete

[41] Fix | Delete

# Create Curl object.

[42] Fix | Delete

my $curl = WWW::Curl::Easy::new();

[43] Fix | Delete

[44] Fix | Delete

# Error-handling related options.

[45] Fix | Delete

$curl->setopt(CURLOPT_VERBOSE, 1) if $options{d};

[46] Fix | Delete

$curl->setopt(CURLOPT_FAILONERROR, 1);

[47] Fix | Delete

$curl->setopt(CURLOPT_USERAGENT,

[48] Fix | Delete

"OpenTSA tsget.pl/openssl-1.1.1p");

[49] Fix | Delete

[50] Fix | Delete

# Options for POST method.

[51] Fix | Delete

$curl->setopt(CURLOPT_UPLOAD, 1);

[52] Fix | Delete

$curl->setopt(CURLOPT_CUSTOMREQUEST, "POST");

[53] Fix | Delete

$curl->setopt(CURLOPT_HTTPHEADER,

[54] Fix | Delete

["Content-Type: application/timestamp-query",

[55] Fix | Delete

"Accept: application/timestamp-reply,application/timestamp-response"]);

[56] Fix | Delete

$curl->setopt(CURLOPT_READFUNCTION, \&read_body);

[57] Fix | Delete

$curl->setopt(CURLOPT_HEADERFUNCTION, sub { return length($_[0]); });

[58] Fix | Delete

[59] Fix | Delete

# Options for getting the result.

[60] Fix | Delete

$curl->setopt(CURLOPT_WRITEFUNCTION, \&write_body);

[61] Fix | Delete

[62] Fix | Delete

# SSL related options.

[63] Fix | Delete

$curl->setopt(CURLOPT_SSLKEYTYPE, "PEM");

[64] Fix | Delete

$curl->setopt(CURLOPT_SSL_VERIFYPEER, 1); # Verify server's certificate.

[65] Fix | Delete

$curl->setopt(CURLOPT_SSL_VERIFYHOST, 2); # Check server's CN.

[66] Fix | Delete

$curl->setopt(CURLOPT_SSLKEY, $options{k}) if defined($options{k});

[67] Fix | Delete

$curl->setopt(CURLOPT_SSLKEYPASSWD, $options{p}) if defined($options{p});

[68] Fix | Delete

$curl->setopt(CURLOPT_SSLCERT, $options{c}) if defined($options{c});

[69] Fix | Delete

$curl->setopt(CURLOPT_CAINFO, $options{C}) if defined($options{C});

[70] Fix | Delete

$curl->setopt(CURLOPT_CAPATH, $options{P}) if defined($options{P});

[71] Fix | Delete

$curl->setopt(CURLOPT_RANDOM_FILE, $options{r}) if defined($options{r});

[72] Fix | Delete

$curl->setopt(CURLOPT_EGDSOCKET, $options{g}) if defined($options{g});

[73] Fix | Delete

[74] Fix | Delete

# Setting destination.

[75] Fix | Delete

$curl->setopt(CURLOPT_URL, $url);

[76] Fix | Delete

[77] Fix | Delete

return $curl;

[78] Fix | Delete

}

[79] Fix | Delete

[80] Fix | Delete

# Send a request and returns the body back.

[81] Fix | Delete

sub get_timestamp {

[82] Fix | Delete

my $curl = shift;

[83] Fix | Delete

my $body = shift;

[84] Fix | Delete

my $ts_body;

[85] Fix | Delete

local $::error_buf;

[86] Fix | Delete

[87] Fix | Delete

# Error-handling related options.

[88] Fix | Delete

$curl->setopt(CURLOPT_ERRORBUFFER, "::error_buf");

[89] Fix | Delete

[90] Fix | Delete

# Options for POST method.

[91] Fix | Delete

$curl->setopt(CURLOPT_INFILE, {data => $body, bytes => 0});

[92] Fix | Delete

$curl->setopt(CURLOPT_INFILESIZE, length(${$body}));

[93] Fix | Delete

[94] Fix | Delete

# Options for getting the result.

[95] Fix | Delete

$curl->setopt(CURLOPT_FILE, \$ts_body);

[96] Fix | Delete

[97] Fix | Delete

# Send the request...

[98] Fix | Delete

my $error_code = $curl->perform();

[99] Fix | Delete

my $error_string;

[100] Fix | Delete

if ($error_code != 0) {

[101] Fix | Delete

my $http_code = $curl->getinfo(CURLINFO_HTTP_CODE);

[102] Fix | Delete

$error_string = "could not get timestamp";

[103] Fix | Delete

$error_string .= ", http code: $http_code" unless $http_code == 0;

[104] Fix | Delete

$error_string .= ", curl code: $error_code";

[105] Fix | Delete

$error_string .= " ($::error_buf)" if defined($::error_buf);

[106] Fix | Delete

} else {

[107] Fix | Delete

my $ct = $curl->getinfo(CURLINFO_CONTENT_TYPE);

[108] Fix | Delete

if (lc($ct) ne "application/timestamp-reply"

[109] Fix | Delete

&& lc($ct) ne "application/timestamp-response") {

[110] Fix | Delete

$error_string = "unexpected content type returned: $ct";

[111] Fix | Delete

}

[112] Fix | Delete

}

[113] Fix | Delete

return ($ts_body, $error_string);

[114] Fix | Delete

[115] Fix | Delete

}

[116] Fix | Delete

[117] Fix | Delete

# Print usage information and exists.

[118] Fix | Delete

sub usage {

[119] Fix | Delete

[120] Fix | Delete

print STDERR "usage: $0 -h <server_url> [-e <extension>] [-o <output>] ";

[121] Fix | Delete

print STDERR "[-v] [-d] [-k <private_key.pem>] [-p <key_password>] ";

[122] Fix | Delete

print STDERR "[-c <client_cert.pem>] [-C <CA_certs.pem>] [-P <CA_path>] ";

[123] Fix | Delete

print STDERR "[-r <file:file...>] [-g <EGD_socket>] [<request>]...\n";

[124] Fix | Delete

exit 1;

[125] Fix | Delete

}

[126] Fix | Delete

[127] Fix | Delete

# ----------------------------------------------------------------------

[128] Fix | Delete

# Main program

[129] Fix | Delete

# ----------------------------------------------------------------------

[130] Fix | Delete

[131] Fix | Delete

# Getting command-line options (default comes from TSGET environment variable).

[132] Fix | Delete

my $getopt_arg = "h:e:o:vdk:p:c:C:P:r:g:";

[133] Fix | Delete

if (exists $ENV{TSGET}) {

[134] Fix | Delete

my @old_argv = @ARGV;

[135] Fix | Delete

@ARGV = split /\s+/, $ENV{TSGET};

[136] Fix | Delete

getopts($getopt_arg, \%options) or usage;

[137] Fix | Delete

@ARGV = @old_argv;

[138] Fix | Delete

}

[139] Fix | Delete

getopts($getopt_arg, \%options) or usage;

[140] Fix | Delete

[141] Fix | Delete

# Checking argument consistency.

[142] Fix | Delete

if (!exists($options{h}) || (@ARGV == 0 && !exists($options{o}))

[143] Fix | Delete

|| (@ARGV > 1 && exists($options{o}))) {

[144] Fix | Delete

print STDERR "Inconsistent command line options.\n";

[145] Fix | Delete

usage;

[146] Fix | Delete

}

[147] Fix | Delete

# Setting defaults.

[148] Fix | Delete

@ARGV = ("-") unless @ARGV != 0;

[149] Fix | Delete

$options{e} = ".tsr" unless defined($options{e});

[150] Fix | Delete

[151] Fix | Delete

# Processing requests.

[152] Fix | Delete

my $curl = create_curl $options{h};

[153] Fix | Delete

undef $/; # For reading whole files.

[154] Fix | Delete

REQUEST: foreach (@ARGV) {

[155] Fix | Delete

my $input = $_;

[156] Fix | Delete

my ($base, $path) = fileparse($input, '\.[^.]*');

[157] Fix | Delete

my $output_base = $base . $options{e};

[158] Fix | Delete

my $output = defined($options{o}) ? $options{o} : $path . $output_base;

[159] Fix | Delete

[160] Fix | Delete

STDERR->printflush("$input: ") if $options{v};

[161] Fix | Delete

# Read request.

[162] Fix | Delete

my $body;

[163] Fix | Delete

if ($input eq "-") {

[164] Fix | Delete

# Read the request from STDIN;

[165] Fix | Delete

$body = <STDIN>;

[166] Fix | Delete

} else {

[167] Fix | Delete

# Read the request from file.

[168] Fix | Delete

open INPUT, "<" . $input

[169] Fix | Delete

or warn("$input: could not open input file: $!\n"), next REQUEST;

[170] Fix | Delete

$body = <INPUT>;

[171] Fix | Delete

close INPUT

[172] Fix | Delete

or warn("$input: could not close input file: $!\n"), next REQUEST;

[173] Fix | Delete

}

[174] Fix | Delete

[175] Fix | Delete

# Send request.

[176] Fix | Delete

STDERR->printflush("sending request") if $options{v};

[177] Fix | Delete

[178] Fix | Delete

my ($ts_body, $error) = get_timestamp $curl, \$body;

[179] Fix | Delete

if (defined($error)) {

[180] Fix | Delete

die "$input: fatal error: $error\n";

[181] Fix | Delete

}

[182] Fix | Delete

STDERR->printflush(", reply received") if $options{v};

[183] Fix | Delete

[184] Fix | Delete

# Write response.

[185] Fix | Delete

if ($output eq "-") {

[186] Fix | Delete

# Write to STDOUT.

[187] Fix | Delete

print $ts_body;

[188] Fix | Delete

} else {

[189] Fix | Delete

# Write to file.

[190] Fix | Delete

open OUTPUT, ">", $output

[191] Fix | Delete

or warn("$output: could not open output file: $!\n"), next REQUEST;

[192] Fix | Delete

print OUTPUT $ts_body;

[193] Fix | Delete

close OUTPUT

[194] Fix | Delete

or warn("$output: could not close output file: $!\n"), next REQUEST;

[195] Fix | Delete

}

[196] Fix | Delete

STDERR->printflush(", $output written.\n") if $options{v};

[197] Fix | Delete

}

[198] Fix | Delete

$curl->cleanup();

[199] Fix | Delete

[200] Fix | Delete