v/vlib/http/openssl_backend.v

// Copyright (c) 2019 Alexander Medvednikov. All rights reserved.
// Use of this source code is governed by an MIT license
// that can be found in the LICENSE file.

module http

import strings 

#flag -I @VROOT/thirdparty/openssl/include 
#flag -lssl -lcrypto 
 
#include <openssl/ssl.h>

struct C.SSL {
 
} 

fn init_module() {
	C.SSL_library_init() 
	//C.SSL_load_error_strings() 
	//C.OPENSSL_config(0) 
}

fn ssl_do(method, host_name, path string) string { 
	ssl_method := C.SSLv23_method() 
	if isnil(method) { 
	} 
	ctx := C.SSL_CTX_new(ssl_method) 
	if isnil(ctx) { 
	} 
	C.SSL_CTX_set_verify_depth(ctx, 4) 
	flags := C.SSL_OP_NO_SSLv2 | C.SSL_OP_NO_SSLv3 | C.SSL_OP_NO_COMPRESSION 
	C.SSL_CTX_set_options(ctx, flags) 
	mut res := C.SSL_CTX_load_verify_locations(ctx, 'random-org-chain.pem', 0) 
	if res != 1 {
	} 
	web := C.BIO_new_ssl_connect(ctx) 
	if isnil(ctx) { 
	} 
	addr := host_name + ':443' 
	res = C.BIO_set_conn_hostname(web, addr.str) 
	if res != 1 {
	} 
	ssl := &C.SSL{!} 
	C.BIO_get_ssl(web, &ssl) 
	if isnil(ssl) { 
	} 
	preferred_ciphers := 'HIGH:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4' 
	res = C.SSL_set_cipher_list(ssl, preferred_ciphers.str) 
	if res != 1 {
	} 
	res = C.SSL_set_tlsext_host_name(ssl, host_name.str) 
	out := C.BIO_new_fp(stdout, C.BIO_NOCLOSE) 
	res = C.BIO_do_connect(web) 
	res = C.BIO_do_handshake(web) 
	cert := C.SSL_get_peer_certificate(ssl) 
	res = C.SSL_get_verify_result(ssl) 
	/////// 
	s := '$method $path HTTP/1.1\r\n' + 
	     'Host: $host_name\r\n' + 
	     'Connection: close\r\n\r\n' 
	C.BIO_puts(web, s.str) 
	C.BIO_puts(out, '\n') 
	mut sb := strings.new_builder(100) 
	for {
		buff := [1536]byte 
		len := int(C.BIO_read(web, buff, 1536) ) 
		if len > 0 { 
			sb.write(tos(buff, len)) 
		} 
		else {
			break 
		} 
	} 
	if !isnil(out) { 
		C.BIO_free(out) 
	} 
	if !isnil(web) { 
		C.BIO_free_all(web)
	} 
	if !isnil(ctx) { 
		C.SSL_CTX_free(ctx) 
	} 
	return sb.str() 
}