/*
 * header file of http_client.c
 *
 * Copyright (C) 2008 Juha Heinanen
 *
 * This file is part of Kamailio, a free SIP server.
 *
 * Kamailio is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version
 *
 * Kamailio is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License 
 * along with this program; if not, write to the Free Software 
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 *
 */

/*!
 * \file
 * \brief Kamailio http_client :: Core include file
 * \ingroup http_client
 * Module: \ref http_client
 */

#ifndef HTTP_CLIENT_H
#define HTTP_CLIENT_H

#include <curl/curl.h>

#include "../../core/str.h"
#include "../../core/counters.h"
#include "../../lib/srdb1/db.h"

extern unsigned int default_connection_timeout;
extern char *
		default_tls_cacert; /*!< File name: Default CA cert to use for curl TLS connection */
extern str
		default_tls_clientcert; /*!< File name: Default client certificate to use for curl TLS connection */
extern str
		default_tls_clientkey; /*!< File name: Key in PEM format that belongs to client cert */
extern str default_cipher_suite_list;	/*!< List of allowed cipher suites */
extern unsigned int default_tls_version; /*!< 0 = Use libcurl default */
extern unsigned int
		default_tls_verify_peer; /*!< 0 = Do not verify TLS server cert. 1 = Verify TLS cert (default) */
extern unsigned int
		default_tls_verify_host; /*!< 0 = Do not verify TLS server CN/SAN. 2 = Verify TLS server CN/SAN (default) */
extern str default_http_proxy;   /*!< Default HTTP proxy to use */
extern unsigned int
		default_http_proxy_port; /*!< Default HTTP proxy port to use */
extern unsigned int
		default_http_follow_redirect; /*!< Follow HTTP redirects CURLOPT_FOLLOWLOCATION */
extern str
		default_useragent; /*!< Default CURL useragent. Default "Kamailio Curl " */
extern unsigned int default_maxdatasize; /*!< Default Maximum download size */
extern unsigned int
		default_authmethod; /*!< authentication method - Basic, Digest or both */
extern unsigned int
		default_keep_connections; /*!< Keep http connections open for reuse */
extern unsigned int default_query_result; /*!< Default query result mode */
extern unsigned int default_query_maxdatasize; /*!< Default query result maximum download size */

extern counter_handle_t connections; /* Number of connection definitions */
extern counter_handle_t connok;		 /* Successful Connection attempts */
extern counter_handle_t connfail;	/* Failed Connection attempts */

extern char *default_netinterface;

/* Curl  stream object  */
typedef struct
{
	char *buf;
	size_t curr_size;
	size_t pos;
	size_t max_size;
} curl_res_stream_t;

enum connection_status
{
	AVAILABLE = 0, /*!< Available */
	NOTREACHABLE,  /*!< Failure */
	DISABLED,	  /*!< Disabled by action (RPC etc) */
	/* DELETED */  /*!< Should be deleted by pkg process, not listed */
};


/*! Predefined connection objects  - stored in shared memory */
typedef struct _curl_con
{
	str name;						  /*!< Connection name */
	unsigned int conid;				  /*!< Connection ID */
	enum connection_status connstate; /*!< Connection status */
	str url;		/*!< The URL without schema (host + base URL)*/
	str schema;		/*!< The URL schema */
	char *username; /*!< The username to use for auth */
	char *password; /*!< The password to use for auth */
	unsigned int
			authmethod; /*!< Authentication method -digest or basic or both */
	str failover;		/*!< Another connection to use if this one fails */
	char *useragent;	/*!< Useragent to use for this connection */
	char *cacert;		/*!< File name of CA cert to use */
	char *clientcert;   /*!< File name of CA client cert */
	char *clientkey;	/*!< File name of CA client key */
	char *ciphersuites; /*!< List of allowed cipher suites */
	unsigned int tlsversion;  /*!< SSL/TLS version to use */
	unsigned int verify_peer; /*!< TRUE if server cert to be verified */
	unsigned int verify_host; /*!< TRUE if server CN/SAN to be verified */
	int http_follow_redirect; /*!< TRUE if we should follow HTTP 302 redirects */
	unsigned int keep_connections; /*!< TRUE to keep curl connections open */
	unsigned int port;			   /*!< The port to connect to */
	int timeout;				   /*!< Timeout for this connection */
	unsigned int maxdatasize;	  /*!< Maximum data download on GET or POST */
	curl_res_stream_t *stream;	 /*!< Curl stream */
	char *http_proxy;			   /*!< HTTP proxy for this connection */
	unsigned int http_proxy_port;  /*!< HTTP proxy port for this connection */
	struct _curl_con *next;		   /*!< next connection */
} curl_con_t;


/*! Per-process copy of connection object -stored in pkg memory */
typedef struct _curl_con_pkg
{
	unsigned int conid; /*!< Connection ID (referring to core connection id */
	char redirecturl
			[512]; /*!< Last redirect URL - to use for $curlredirect(curlcon) pv */
	unsigned int last_result; /*!< Last result of accessing this connection */
	char result_content_type[512]; /*!< Response content-type */
	CURL *curl;					   /*!< Curl connection handle */
	double querytime;			   /*!< Seconds used for last request */
	double connecttime;			   /*!< Seconds used for connecting last request inc TLS setup  - see
					     https://curl.haxx.se/libcurl/c/CURLINFO_APPCONNECT_TIME.html */

	/* Potential candidates:	Last TLS fingerprint used 

	*/
	struct _curl_con_pkg *next; /*!< next connection */
} curl_con_pkg_t;

/*! Returns true if CURL supports TLS */
extern int curl_support_tls();

/*! Returns TRUE if curl supports IPv6 */
extern int curl_support_ipv6();

#endif /* HTTP_CLIENT_H */