1/***************************************************************************
2 *                                  _   _ ____  _
3 *  Project                     ___| | | |  _ \| |
4 *                             / __| | | | |_) | |
5 *                            | (__| |_| |  _ <| |___
6 *                             \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 ***************************************************************************/
24/* <DESC>
25 * Preload domains to HSTS
26 * </DESC>
27 */
28#include <stdio.h>
29#include <string.h>
30#include <curl/curl.h>
31
32struct entry {
33  const char *name;
34  const char *exp;
35};
36
37static const struct entry preload_hosts[] = {
38  { "example.com", "20370320 01:02:03" },
39  { "curl.se",     "20370320 03:02:01" },
40  { NULL, NULL } /* end of list marker */
41};
42
43struct state {
44  int index;
45};
46
47/* "read" is from the point of the library, it wants data from us. One domain
48   entry per invoke. */
49static CURLSTScode hstsread(CURL *easy, struct curl_hstsentry *e,
50                            void *userp)
51{
52  const char *host;
53  const char *expire;
54  struct state *s = (struct state *)userp;
55  (void)easy;
56  host = preload_hosts[s->index].name;
57  expire = preload_hosts[s->index++].exp;
58
59  if(host && (strlen(host) < e->namelen)) {
60    strcpy(e->name, host);
61    e->includeSubDomains = 0;
62    strcpy(e->expire, expire);
63    fprintf(stderr, "HSTS preload '%s' until '%s'\n", host, expire);
64  }
65  else
66    return CURLSTS_DONE;
67  return CURLSTS_OK;
68}
69
70static CURLSTScode hstswrite(CURL *easy, struct curl_hstsentry *e,
71                             struct curl_index *i, void *userp)
72{
73  (void)easy;
74  (void)userp; /* we have no custom input */
75  printf("[%u/%u] %s %s\n", (unsigned int)i->index, (unsigned int)i->total,
76         e->name, e->expire);
77  return CURLSTS_OK;
78}
79
80int main(void)
81{
82  CURL *curl;
83  CURLcode res;
84
85  curl = curl_easy_init();
86  if(curl) {
87    struct state st = {0};
88
89    /* enable HSTS for this handle */
90    curl_easy_setopt(curl, CURLOPT_HSTS_CTRL, (long)CURLHSTS_ENABLE);
91
92    /* function to call at first to populate the cache before the transfer */
93    curl_easy_setopt(curl, CURLOPT_HSTSREADFUNCTION, hstsread);
94    curl_easy_setopt(curl, CURLOPT_HSTSREADDATA, &st);
95
96    /* function to call after transfer to store the new state of the HSTS
97       cache */
98    curl_easy_setopt(curl, CURLOPT_HSTSWRITEFUNCTION, hstswrite);
99    curl_easy_setopt(curl, CURLOPT_HSTSWRITEDATA, NULL);
100
101    /* use the domain with HTTP but due to the preload, it should do the
102       transfer using HTTPS */
103    curl_easy_setopt(curl, CURLOPT_URL, "http://curl.se");
104
105    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
106
107    /* Perform the request, res will get the return code */
108    res = curl_easy_perform(curl);
109    /* Check for errors */
110    if(res != CURLE_OK)
111      fprintf(stderr, "curl_easy_perform() failed: %s\n",
112              curl_easy_strerror(res));
113
114    /* always cleanup */
115    curl_easy_cleanup(curl);
116  }
117  return 0;
118}
119