2N/A * The contents of this file are subject to the terms of the 2N/A * Common Development and Distribution License (the "License"). 2N/A * You may not use this file except in compliance with the License. 2N/A * See the License for the specific language governing permissions 2N/A * and limitations under the License. 2N/A * When distributing Covered Code, include this CDDL HEADER in each 2N/A * If applicable, add the following below this CDDL HEADER, with the 2N/A * fields enclosed by brackets "[]" replaced with your own identifying 2N/A * information: Portions Copyright [yyyy] [name of copyright owner] 2N/A * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. 2N/A * This function will establish a socket to the host on the specified port. 2N/A * If succeed, it return a socket descriptor; otherwise, return -1. 2N/A * This function will connect to host on the port. 2N/A * If succeed, return a socket descriptor; otherwise, return 0. 2N/A"POST %s HTTP/1.0\r\n\ 2N/AContent-Length: %d\r\n\r\n";
2N/A /* open the request file */ 2N/A /* Send http header */ 2N/A /* Send the request content */ 2N/A * Perform a write that can handle EINTR. 2N/A * This function will get the response from the server, check the http status 2N/A * line, and write the response content to a file. If this is a OCSP response, 2N/A * it will check the content type also. 2N/A /* set O_NONBLOCK flag on socket */ 2N/A * First read HTTP status line and headers. We will read up to at 2N/A * least the end of the HTTP headers 2N/A }
else if (
bytes == 0) {
/* no more data */ 2N/A }
else {
/* bytes > 0 */ 2N/A /* could not find the end of headers */ 2N/A * Parse the HTTP status line, which will look like this: 2N/A * "HTTP/1.1 200 OK". 2N/A * Check the HTTP status code. If it is not 200, the HTTP response 2N/A * Parse the HTTP headers in the buffer. Save content-type and 2N/A * content-length only. 2N/A /* Check the contenttype if this is an OCSP response */ 2N/A /* Now we are ready to read the body of the response */ 2N/A /* move all data to the beginning of the buffer */ 2N/A /* resize buffer to only what's needed to hold the current response */ 2N/A /* we still need to receive more content data */ 2N/A }
else if (
bytes == 0) {
/* no more data */ 2N/A /* write to the file */ 2N/A /* Connect to server */ 2N/A /* Send the OCSP request */ 2N/A /* Retrieve the OCSP response */ 2N/A maxsecs =
30;
/* default poll time limit is 30 seconds */ 2N/A"GET %s HTTP/1.0\r\n\ 2N/AAccept: */*\r\n\r\n";
2N/A /* get the host name */ 2N/A /* get the port number */ 2N/A /* Connect to server */ 2N/A /* Send the request */ 2N/A /* Retrieve the response */ 2N/A * Download the file and save it to a temp file. To make rename() 2N/A * happy, the temp file needs to be created in the same directory as 2N/A /* Check if it is a CRL file and get its format */ 2N/A /* Finally, change the temp filename to the target crlfile */ 2N/A * Download the file and save it to a temp file. To make rename() 2N/A * happy, the temp file needs to be created in the same directory as 2N/A /* Check if it is a Cert file and get its format */ 2N/A /* Finally, change the temp filename to the target filename */ 2N/A /* Create an OCSP request */ 2N/A * Create temporary files to hold the OCSP request & response data. 2N/A * Get the responder URI from certificate 2N/A * Authority Information Access 2N/A * thru OID_PKIX_AD_OCSP 2N/A /* Parse the URI string; get the hostname and port */ 2N/A /* get the proxy info */ 2N/A * Send the request to an OCSP responder and receive an