The command line tool also independently sets --ftp-skip-pasv-ip by
default.
Ten test cases updated to adapt the modified --libcurl output.
Bug: https://curl.se/docs/CVE-2020-8284.html
CVE-2020-8284
Reported-by: Varnavas Papaioannou
... as it makes the URL parser accept "very-long-hostname://" as a valid
host name and we don't want that. The parser now only accepts a blank
(no digits) after the colon if the URL starts with a scheme.
Reported-by: d4d on hackerone
Closes#6283
This reverts commit d2a7d7c185.
This commit also reverts the subsequent follow-ups to that commit, which
were all done within windows #ifdefs that are removed in this
change. Marc helped me verify this.
Fixes#6146Closes#6281
In the case of TFO, the remote host name is not resolved at the
connetion time.
For FTP that has lead to missing hostname for the secondary connection.
Therefore the name resolution is done at the time, when FTP requires it.
Fixes#6252Closes#6265Closes#6282
This field needs to be wide enough to hold sockaddr_in6 when
connecting via IPv6. Otherwise, ngtcp2_conn_read_pkt will drop the
packets because of the address mismatch:
I00000022 [...] con ignore packet from unknown path
We can safely assume that struct sockaddr_storage is available, as it
is used in the public interface of ngtcp2.
Closes#6250
The resolve call is done with the right port number, but the subsequent
check used the wrong one, which then could find a previous resolve which
would return and leave the fresh resolve "incomplete" and leaking
memory.
Fixes#6247Closes#6253
file_disconnect() is identical with file_do() except the function header
but as the arguments are unused anyway so why not just return file_do()
directly!
Reviewed-by: Daniel Stenberg
Closes#6249
The function has been removed from common usage. Also removed comment in
gopher.c that still referenced it.
Reported-by: Rikard Falkeborn
Fixes#6242Closes#6243
To reduce use of types that can't be checked at compile time. Also
removes several typecasts.
... and rename the struct field from 'os_specific' to 'tdata'.
Closes#6239
Reviewed-by: Jay Satiro
EVP_MD_CTX_create will allocate memory for the context and returns
NULL in case the allocation fails. Make sure to catch any allocation
failures and exit early if so.
In passing, also move to EVP_DigestInit rather than EVP_DigestInit_ex
as the latter is intended for ENGINE selection which we don't do.
Closes#6224
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Emil Engler <me@emilengler.com>
curl CMake was setting the the EXE flags for static libraries which made
the /manifest:no flag ended up when linking the static library, which is
not a valid flag for lib.exe or llvm-lib.exe and caused llvm-lib to exit
with an error.
The better way to handle this is to make sure that we pass the correct
linker flags to CMAKE_STATIC_LINKER_FLAGS instead.
Reviewed-by: Jakub Zakrzewski
Closes#6195
... instead of the limiting it to just the max input size. As every
input byte can be expanded to 3 output bytes, this could limit the input
string to 2.66 MB instead of the intended 8 MB.
Reported-by: Marc Schlatter
Closes#6192
By setting the speed limit time stamps unconditionally at transfer
start, we can start off a transfer without speed limits and yet allow
them to get set during transfer and have an effect.
Reported-by: Kael1117 on github
Fixes#6162Closes#6184
The line variable will always be NULL in the error path, so remove
the free call since it's pointless.
Closes#6170
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
- enable in the build (configure)
- header parsing
- host name lookup
- unit tests for the above
- CI build
- CURL_VERSION_HSTS bit
- curl_version_info support
- curl -V output
- curl-config --features
- CURLOPT_HSTS_CTRL
- man page for CURLOPT_HSTS_CTRL
- curl --hsts (sets CURLOPT_HSTS_CTRL and works with --libcurl)
- man page for --hsts
- save cache to disk
- load cache from disk
- CURLOPT_HSTS
- man page for CURLOPT_HSTS
- added docs/HSTS.md
- fixed --version docs
- adjusted curl_easy_duphandle
Closes#5896
... when the chunked framing was added, the size of the "body part" of
the data was calculated wrongly so the debug callback would get told a
header chunk a few bytes too big that would also contain the first few
bytes of the request body.
Reported-by: Dirk Wetter
Ref: #6144Closes#6147
Build breaks because the http_proxy field is missing:
vssh/libssh2.c:3119:10: error: 'struct connectdata' has no member named 'http_proxy'
Regression from #6021, shipped in curl 7.73.0
Closes#6125
* fix two build errors due to mismatch between function
declarations and their definitions
* silence two mismatched signs warnings via casts
Approved-by: Daniel Stenberg
Closes#6093
... and remove the objnames scripts they tested. They're not used for
anything anymore so testing them serves no purpose!
Reported-by: Marc Hörsken
Fixes#6080Closes#6081
- Change get_winapi_error() to return the error string in the local
codepage instead of UTF-8 encoding.
Two weeks ago bed5f84 fixed get_winapi_error() to work on xbox, but it
also changed the error string's encoding from local codepage to UTF-8.
We return the local codepage version of the error string because if it
is output to the user's terminal it will likely be with functions which
expect the local codepage (eg fprintf, failf, infof).
This is essentially a partial revert of bed5f84. The support for xbox
remains but the error string is reverted back to local codepage.
Ref: https://github.com/curl/curl/pull/6005
Reviewed-by: Marcel Raad
Closes#6065
Whitespace is spelled without a space between white and space, so
make sure to consistently spell it that way across the codebase.
Closes#6023
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Emil Engler <me@emilengler.com>
There used to be a way to have memdebug fill allocated memory. 9 years
later this has no value there (valgrind and ASAN etc are way better). If
people need to know about it they can have a look at VCS logs.
Closes#5973
This matches what is returned in other TLS backends in the same
situation.
Reviewed-by: Jay Satiro
Reviewed-by: Emil Engler
Follow-up to 5a3efb1
Reported-by: iammrtau on github
Fixes#6003Closes#6018
Added test 348 to verify. Added a 'STOR' command to the test FTP
server to enable test 348. Documented the command in FILEFORMAT.md
Reported-by: Duncan Wilcox
Fixes#6016Closes#6017
When using HTTPS proxy, SSL is used but not in the view of the FTP
protocol handler itself so separate the connection's use of SSL from the
FTP control connection's sue.
Reported-by: Mingtao Yang
Fixes#5523Closes#6006
... reuses the same dynamic buffer instead of doing repeated malloc/free
cycles.
Test case 100 (FTP dir list PASV) does 7 fewer memory allocation calls
after this change in my test setup (132 => 125), curl 7.72.0 needed 140
calls for this.
Test case 103 makes 9 less allocations now (130). Down from 149 in
7.72.0.
Closes#6004
... by introducing a printf() function that appends directly into a
dynbuf: Curl_dyn_vprintf(). This avoids the mandatory extra malloc so if
the buffer is already big enough it can just printf directly into it.
Since this less-malloc version requires tthe use of a library internal
printf function, we only provide this version when building libcurl and
not for the dynbuf code that is used when building the curl tool.
Closes#5998
... as that counter is subsequently used to detect if nothing was
returned from the peer. This made curl return CURLE_OK when it should
have returned CURLE_GOT_NOTHING.
Fixes#5992
Reported-by: Tom van der Woerdt
Closes#5994
Fixed two return code mixups. CURLE_UNKNOWN_OPTION is saved for when the
option is, yeah, not known. Clarified this in the setopt man page too.
Closes#5993
These two files were always tightly connected and it was hard to
understand what went into which. This also allows us to make the
ftpsend() function static (moved from ftp.c).
Removed security.c
Renamed curl_sec.h to krb5.h
Closes#5987
By avoiding an unnecessary error check and the temp use of the tm
struct, the time2epoch conversion function gets a little bit faster.
When repeating test 517, the updated version is perhaps 1% faster (on
one particular build on one particular architecture).
Closes#5985
If the received PASV response doesn't match the expected pattern, we
could end up reading uninitialized integers for IP address and port
number.
Issue pointed out by muse.dev
Closes#5972
Also skip pre-checking sockets to set timeout_ms to 0
after the first socket has been detected to be ready.
Reviewed-by: rcombs on github
Reviewed-by: Daniel Stenberg
Follow up to #5886
Since the struct is quite large (1 long and 10 ints) we
declare it once at the beginning of the function instead
of multiple times inside loops to avoid stack movements.
Reviewed-by: Viktor Szakats
Reviewed-by: Daniel Stenberg
Closes#5886
This is primarily interesting for cases where CURLOPT_NOBODY is set as
previously curl would not return an error for this case.
MDTM getting 550 now also returns this error (it returned
CURLE_FTP_COULDNT_RETR_FILE before) in order to unify return codes for
missing files across protocols and specific FTP commands.
libcurl already returns error on a 550 as a MDTM response (when
CURLOPT_FILETIME is set). If CURLOPT_NOBODY is not set, an error would
happen subsequently anyway since the RETR command would fail.
Add test 1913 and 1914 to verify. Updated several tests accordingly due
to the updated SIZE behavior.
Reported-by: Tomas Berger
Fixes#5953Closes#5957
... when continuing a transfer from a FETCH response.
When the size of the file was small enough that the entirety of the
transfer happens in a single go and schannel buffers holds the entire
data. However, it wasn't completely read in Curl_pp_readresp since a
line break was found before that could happen. So, by the time we are in
imap_state_fetch_resp - there's data in buffers that needs to be read
via Curl_read but nothing to read from the socket. After we setup a
transfer (Curl_setup_transfer), curl just waits on the socket state to
change - which doesn't happen since no new data ever comes.
Closes#5961
Previously there were several locations that called
nghttp2_session_mem_recv and handled responses slightly differently.
Those have been converted to call the existing
h2_process_pending_input() function.
Moved the end-of-session check to h2_process_pending_input() since the
only place the end-of-session state can change is after nghttp2
processes additional input frames.
This will likely fix the fuzzing error. While I don't have a root cause
the out-of-bounds read seems like a use after free, so moving the
nghttp2_session_check_request_allowed() call to a location with a
guaranteed nghttp2 session seems reasonable.
Also updated a few nghttp2 callsites to include error messages and added
a few additional error checks.
Closes#5648
configure --enable-debug now enables -Wassign-enum with clang,
identifying several enum "abuses" also fixed.
Reported-by: Gisle Vanem
Bug: 879007f811 (commitcomment-42087553)Closes#5929
If the error reason from the lib is
SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED, libcurl will return
CURLE_PEER_FAILED_VERIFICATION and not CURLE_SSL_CONNECT_ERROR.
This unifies the libcurl return code and makes libressl run test 313
(CRL testing) fine.
Closes#5934
The cache content is not duplicated, like other caches, but the setting
and specified file name are.
Test 1908 is extended to verify this somewhat. Since the duplicated
handle gets the same file name, the test unfortunately overwrites the
same file twice (with different contents) which makes it hard to check
automatically.
Closes#5923
The code section that is OpenSSL 3+ specific now uses the same logic as
is used in the version < 3 section. It caused a compiler error without
it.
Closes#5907
Drop dynamic loading of ws2_32.dll and instead rely on the
imported version which is now required to be at least 2.2.
Reviewed-by: Marcel Raad
Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Reviewed-by: Viktor Szakats
Closes#5854
IPv6, telnet and now also the multi API require WinSock
version 2 which is available starting with Windows 95.
Therefore we think it is time to drop support for version 1.
Reviewed-by: Marcel Raad
Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Reviewed-by: Viktor Szakats
Follow up to #5634Closes#5854
The poll emulation via select already consumes POLLRDNORM,
POLLWRNORM and POLLRDBAND as input events. Therefore it
should also return them as output events if signaled.
Also fix indentation in input event handling block.
Assisted-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Replaces #5852Closes#5883
`USE_WINDOWS_SSPI` without `USE_WIN32_CRYPTO` but with any other DES
backend is fine, but was excluded before.
This also fixes test 1013 as the condition for SMB support in
configure.ac didn't match the condition in the source code. Now it
does.
Fixes https://github.com/curl/curl/issues/1262
Closes https://github.com/curl/curl/pull/5771
poll and select already return -1 on error according to POSIX,
so there is no need to perform a <0 to -1 conversion in code.
Also we can just use one check with <= 0 on the return code.
Assisted-by: Daniel Stenberg
Reviewed-by: Jay Satiro
Replaces #5852Closes#5880
Learn from the way Cygwin handles and maps the WinSock events
to simulate correct and complete poll and select behaviour
according to Richard W. Stevens Network Programming book.
Reviewed-by: Jay Satiro
Reviewed-by: Marcel Raad
Follow up to #5634Closes#5867
Setting a timeout to INT_MAX could cause an immediate error to get
returned as timeout because of an overflow when different values of
'now' were used.
This is primarily fixed by having Curl_pgrsTime() return the "now" when
TIMER_STARTSINGLE is set so that the parent function will continue using
that time.
Reported-by: Ionuț-Francisc Oancea
Fixes#5583Closes#5847
USE_TLS_SRP will be true if *any* selected TLS backend can use SRP
HAVE_OPENSSL_SRP is defined when OpenSSL can use it
HAVE_GNUTLS_SRP is defined when GnuTLS can use it
Clarify in the curl_verison_info docs that CURL_VERSION_TLSAUTH_SRP is
set if at least one of the supported backends offers SRP.
Reported-by: Stefan Strogin
Fixes#5865Closes#5870
const struct curl_easyoption *curl_easy_option_by_name(const char *name);
const struct curl_easyoption *curl_easy_option_by_id (CURLoption id);
const struct curl_easyoption *
curl_easy_option_next(const struct curl_easyoption *prev);
The purpose is to provide detailed enough information to allow for
example libcurl bindings to get option information at run-time about
what easy options that exist and what arguments they expect.
Assisted-by: Jeroen Ooms
Closes#5365
The get_cert_location function allocates memory only on success.
Previously get_cert_location was able to allocate memory and return
error. It wasn't obvious and in this case the memory wasn't
released.
Fixes#5855Closes#5860
Check readiness of all sockets before waiting on them
to avoid locking in case the one-time event FD_WRITE
was already consumed by a previous wait operation.
More information about WinSock network events:
https://docs.microsoft.com/en-us/windows/win32/api/
winsock2/nf-winsock2-wsaeventselect#return-value
Closes#5634