1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 09:38:54 -05:00
Commit Graph

9743 Commits

Author SHA1 Message Date
Patrick Monnerat
62cf2d180e smtp: fix processing of initial dot in data
RFC 5321 4.1.1.4 specifies the CRLF terminating the DATA command
should be taken into account when chasing the <CRLF>.<CRLF> end marker.
Thus a leading dot character in data is also subject to escaping.

Tests 911 and test server are adapted to this situation.
New tests 951 and 952 check proper handling of initial dot in data.

Closes #2304
2018-02-12 16:43:15 +01:00
Daniel Stenberg
3f6051f4ed
sha256: avoid redefine 2018-02-12 14:18:30 +01:00
Douglas Mencken
50c0033a6c
sha256: build with OpenSSL < 0.9.8 too
support for SHA-2 was introduced in OpenSSL 0.9.8

Closes #2305
2018-02-12 14:16:37 +01:00
Patrick Monnerat
155ea88184 http_chunks: don't write chunks twice with CURLOPT_HTTP_TRANSFER_DECODING on
Bug: #2303
Reported-By: Henry Roeland
2018-02-12 03:47:36 +01:00
Daniel Stenberg
23722c515f
get_posix_time: only check for overflows if they can happen! 2018-02-09 22:13:41 +01:00
Michael Kaufmann
1c680e35ab schannel: fix "no previous prototype" compiler warning 2018-02-09 20:10:25 +01:00
Mohammad AlSaleh
f886cbfe9c content_encoding: Add "none" alias to "identity"
Some servers return a "content-encoding" header with a non-standard
"none" value.

Add "none" as an alias to "identity" as a work-around, to avoid
unrecognised content encoding type errors.

Signed-off-by: Mohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com>

Closes https://github.com/curl/curl/pull/2298
2018-02-09 03:11:18 -05:00
Michael Kaufmann
a64b002e3a schannel: fix compiler warnings
Closes #2296
2018-02-08 22:31:45 +01:00
Steve Holme
0fd6221f8c curl_addrinfo.c: Allow Unix Domain Sockets to compile under Windows
Windows 10.0.17061 SDK introduces support for Unix Domain Sockets.
Added the necessary include file to curl_addrinfo.c.

Note: The SDK (which is considered beta) has to be installed, VS 2017
project file has to be re-targeted for Windows 10.0.17061 and #define
enabled in config-win32.h.
2018-02-07 21:33:57 +00:00
Patrick Monnerat
a0984eae14 fnmatch: optimize processing of consecutive *s and ?s pattern characters
Reported-By: Daniel Stenberg
Fixes #2291
Closes #2293
2018-02-07 15:01:51 +01:00
Patrick Schlangen
dc85437736
openssl: Don't add verify locations when verifypeer==0
When peer verification is disabled, calling
SSL_CTX_load_verify_locations is not necessary. Only call it when
verification is enabled to save resources and increase performance.

Closes #2290
2018-02-06 10:48:03 +01:00
Daniel Stenberg
84ad1fd304
formdata: use the mime-content type function
Reduce code duplication by making Curl_mime_contenttype available and
used by the formdata function. This also makes the formdata function
recognize a set of more file extensions by default.

PR #2280 brought this to my attention.

Closes #2282
2018-02-05 13:50:30 +01:00
Daniel Stenberg
a19afaccfe
getdate: return -1 for out of range
...as that's how the function is documented to work.

Reported-by: Michael Kaufmann
Bug found in an autobuild with 32 bit time_t

Closes #2278
2018-02-02 09:40:54 +01:00
Daniel Stenberg
ddd31dc5dd
time_t-fixes: remove typecasts to 'long' for info.filetime
They're now wrong.

Reported-by: Michael Kaufmann

Closes #2277
2018-02-01 07:50:59 +01:00
Daniel Stenberg
9409d0c26c
curl_setup: move the precautionary define of SIZEOF_TIME_T
... up to before it may be used for the TIME_T_MAX/MIN logic.

Reported-by: Michael Kaufmann
2018-01-31 23:01:01 +01:00
Daniel Stenberg
fcb9b63ee5
parsedate: s/#if/#ifdef
Reported-by: Michael Kaufmann
Bug: 1c39128d97 (commitcomment-27246479)
2018-01-31 22:56:36 +01:00
Patrick Monnerat
da5f4b1d84 fnmatch: pattern syntax can no longer fail
Whenever an expected pattern syntax rule cannot be matched, the
character starting the rule loses its special meaning and the parsing
is resumed:
- backslash at the end of pattern string matches itself.
- Error in [:keyword:] results in set containing :\[dekorwy.

Unit test 1307 updated for this new situation.

Closes #2273
2018-01-31 01:17:35 +01:00
Patrick Monnerat
fcaa1826bd fnmatch: accept an alphanum to be followed by a non-alphanum in char set
Also be more tolerant about set pattern syntax.
Update unit test 1307 accordingly.

Bug: https://curl.haxx.se/mail/lib-2018-01/0114.html
2018-01-31 01:17:35 +01:00
Patrick Monnerat
19abad095c fnmatch: do not match the empty string with a character set 2018-01-31 01:17:35 +01:00
Daniel Stenberg
0630bb21be
http2: set DEBUG_HTTP2 to enable more HTTP/2 logging
... instead of doing it unconditionally in debug builds. It cluttered up
the output a little too much.
2018-01-30 23:19:53 +01:00
Max Dymond
811d96e9e2
file: Check the return code from Curl_range and bail out on error 2018-01-30 17:23:35 +01:00
Max Dymond
3f8a727611
Curl_range: add check to ensure "from <= to" 2018-01-30 17:23:34 +01:00
Max Dymond
e04417d98f
Curl_range: commonize FTP and FILE range handling
Closes #2205
2018-01-30 17:23:26 +01:00
Daniel Stenberg
8f69a9f28a
time: support > year 2038 time stamps for system with 32bit long
... with the introduction of CURLOPT_TIMEVALUE_LARGE and
CURLINFO_FILETIME_T.

Fixes #2238
Closes #2264
2018-01-30 08:29:59 +01:00
Daniel Stenberg
9caa3e248d
curl_easy_reset: clear digest auth state
Bug: https://curl.haxx.se/mail/lib-2018-01/0074.html
Reported-by: Ruurd Beerstra
Fixes #2255
Closes #2272
2018-01-30 08:17:59 +01:00
Daniel Stenberg
4272a0b0fc
curl_ctype: private is*() type macros and functions
... since the libc provided one are locale dependent in a way we don't
want. Also, the "native" isalnum() (for example) works differently on
different platforms which caused test 1307 failures on macos only.

Closes #2269
2018-01-29 22:56:43 +01:00
5c497343d9
GSKit: restore pinnedpubkey functionality
inadvertently removed in 283babfaf8

Closes #2263
2018-01-25 23:16:14 +01:00
Dair Grant
f8475c6941
darwinssl: Don't import client certificates into Keychain on macOS
Closes #2085
2018-01-25 23:13:35 +01:00
Daniel Stenberg
1c39128d97
parsedate: fix date parsing for systems with 32 bit long
Make curl_getdate() handle dates before 1970 as well (returning negative
values).

Make test 517 test dates for 64 bit time_t.

This fixes bug (3) mentioned in #2238

Closes #2250
2018-01-25 22:20:52 +01:00
McDonough, Tim
1433e4645b
openssl: fix pinned public key build error in FIPS mode
Here is a version that should work with all versions of openssl 0.9.7
through 1.1.0.

Links to the docs:
https://www.openssl.org/docs/man1.0.2/crypto/EVP_DigestInit.html
https://www.openssl.org/docs/man1.1.0/crypto/EVP_DigestInit.html

At the very bottom of the 1.1.0 documentation there is a history section
that states, " stack allocated EVP_MD_CTXs are no longer supported."

If EVP_MD_CTX_create and EVP_MD_CTX_destroy are not defined, then a
simple mapping can be used as described here:
https://wiki.openssl.org/index.php/Talk:OpenSSL_1.1.0_Changes

Closes #2258
2018-01-25 22:16:24 +01:00
1c00519499
SChannel/WinSSL: Replace Curl_none_md5sum with Curl_schannel_md5sum 2018-01-25 22:14:40 +01:00
e178fbd40a
SChannel/WinSSL: Implement public key pinning
Closes #1429
2018-01-25 22:14:39 +01:00
Daniel Stenberg
4c46dfc398 cookies: remove verbose "cookie size:" output
It was once used for some debugging/verifying logic but should never have
ended up in git!
2018-01-25 17:33:35 +01:00
Gisle Vanem
fdaa8257ad
Fix small typo. 2018-01-24 13:27:19 +01:00
Daniel Stenberg
eb6e3c4f6e
CONNECT_TO: fail attempt to set an IPv6 numerical without IPv6 support
Bug: https://curl.haxx.se/mail/lib-2018-01/0087.html
Reported-by: John Hascall

Closes #2257
2018-01-23 08:01:04 +01:00
Daniel Stenberg
af32cd3859
http: prevent custom Authorization headers in redirects
... unless CURLOPT_UNRESTRICTED_AUTH is set to allow them. This matches how
curl already handles Authorization headers created internally.

Note: this changes behavior slightly, for the sake of reducing mistakes.

Added test 317 and 318 to verify.

Reported-by: Craig de Stigter
Bug: https://curl.haxx.se/docs/adv_2018-b3bf.html
2018-01-22 10:00:00 +01:00
Kartik Mahajan
a5e6d6ebcb
http2: don't close connection when single transfer is stopped
Fixes #2237
Closes #2249
2018-01-18 22:28:12 +01:00
Michael Gmelin
ddafd45af1 SSH: Fix state machine for ssh-agent authentication
In case an identity didn't match[0], the state machine would fail in
state SSH_AUTH_AGENT instead of progressing to the next identity in
ssh-agent. As a result, ssh-agent authentication only worked if the
identity required happened to be the first added to ssh-agent.

This was introduced as part of commit c4eb10e2f0, which
stated that the "else" statement was required to prevent getting stuck
in state SSH_AUTH_AGENT. Given the state machine's logic and libssh2's
interface I couldn't see how this could happen or reproduce it and I
also couldn't find a more detailed description of the problem which
would explain a test case to reproduce the problem this was supposed to
fix.

[0] libssh2_agent_userauth returning LIBSSH2_ERROR_AUTHENTICATION_FAILED

Closes #2248
2018-01-18 17:08:13 +01:00
Daniel Stenberg
9e4ad1e2af
openssl: fix potential memory leak in SSLKEYLOGFILE logic
Coverity CID 1427646.
2018-01-18 12:10:58 +01:00
Daniel Stenberg
ca9c93e3e1
openssl: fix the libressl build again
Follow-up to 84fcaa2e7. libressl does not have the API even if it says it is
late OpenSSL version...

Fixes #2246
Closes #2247

Reported-by: jungle-boogie on github
2018-01-18 09:07:23 +01:00
Daniel Stenberg
2a1b2b4ef5
curl_fnmatch: only allow 5 '*' sections in a single pattern
... to avoid excessive recursive calls. The number 5 is totally
arbitrary and could be modified if someone has a good motivation.
2018-01-17 11:13:29 +01:00
Daniel Stenberg
cb5accab9e
ftp-wildcard: fix matching an empty string with "*[^a]"
.... and avoid advancing the pointer to trigger an out of buffer read.

Detected by OSS-fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5251
Assisted-by: Max Dymond
2018-01-17 10:41:38 +01:00
Daniel Stenberg
25c40c9af9
SMB: fix numeric constant suffix and variable types
1. don't use "ULL" suffix since unsupported in older MSVC
2. use curl_off_t instead of custom long long ifdefs
3. make get_posix_time() not do unaligned data access

Fixes #2211
Closes #2240
Reported-by: Chester Liu
2018-01-16 22:21:59 +01:00
Daniel Stenberg
8dd4edeb90
smtp/pop3/imap_get_message: decrease the data length too...
Follow-up commit to 615edc1f73 which was incomplete.

Assisted-by: Max Dymond
Detected by OSS-fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5206
2018-01-15 21:40:52 +01:00
Daniel Stenberg
84fcaa2e73
openssl: enable SSLKEYLOGFILE support by default
Fixes #2210
Closes #2236
2018-01-15 10:33:08 +01:00
Patrick Monnerat
e44ddfd477 mime: clone mime tree upon easy handle duplication.
A mime tree attached to an easy handle using CURLOPT_MIMEPOST is
strongly bound to the handle: there is a pointer to the easy handle in
each item of the mime tree and following the parent pointer list
of mime items ends in a dummy part stored within the handle.

Because of this binding, a mime tree cannot be shared between different
easy handles, thus it needs to be cloned upon easy handle duplication.

There is no way for the caller to get the duplicated mime tree
handle: it is then set to be automatically destroyed upon freeing the
new easy handle.

New test 654 checks proper mime structure duplication/release.

Add a warning note in curl_mime_data_cb() documentation about sharing
user data between duplicated handles.

Closes #2235
2018-01-14 19:43:12 +01:00
Daniel Stenberg
f68e672715
HTTP: bail out on negative Content-Length: values
... and make the max filesize check trigger if the value is too big.

Updates test 178.

Reported-by: Brad Spencer
Fixes #2212
Closes #2223
2018-01-13 22:49:04 +01:00
Jay Satiro
6fa10c8fa2 setopt: fix SSLVERSION to allow CURL_SSLVERSION_MAX_ values
Broken since f121575 (precedes 7.56.1).

Bug: https://github.com/curl/curl/issues/2225
Reported-by: cmfrolick@users.noreply.github.com

Closes https://github.com/curl/curl/pull/2227
2018-01-13 02:57:30 -05:00
Patrick Monnerat
3b548ffde9 setopt: reintroduce non-static Curl_vsetopt() for OS400 support
This also upgrades ILE/RPG bindings with latest setopt options.

Reported-By: jonrumsey on github
Fixes #2230
Closes #2233
2018-01-13 01:28:19 +01:00
Zhouyihai Ding
fa3dbb9a14 http2: fix incorrect trailer buffer size
Prior to this change the stored byte count of each trailer was
miscalculated and 1 less than required. It appears any trailer
after the first that was passed to Curl_client_write would be truncated
or corrupted as well as the size. Potentially the size of some
subsequent trailer could be erroneously extracted from the contents of
that trailer, and since that size is used by client write an
out-of-bounds read could occur and cause a crash or be otherwise
processed by client write.

The bug appears to have been born in 0761a51 (precedes 7.49.0).

Closes https://github.com/curl/curl/pull/2231
2018-01-11 02:33:24 -05:00