Resolving the case insensitive host name 'localhost' now returns the
addresses 127.0.0.1 and (if IPv6 is enabled) ::1 without using any
resolver.
This removes the risk that users accidentally resolves 'localhost' to
something else. By making sure 'localhost' is always local, we can
assume a "secure context" for such transfers (for cookies etc).
Closes#7039
Also, use a single function library-wide for detecting if a given hostname is
a numerical IP address.
Reported-by: Harry Sintonen
Fixes#7146Closes#7149
To prevent previous ones to get reused on subsequent requests. Matches
how the built-in HTTP code works. Makes test 90 to 93 work.
Add test 90 to 93 in travis.
Closes#7139
In a3268eca79 this code was changed to use the ALPN_H2 constant
instead of the NGHTTP2_PROTO_ALPN constant. However, these constants are
not the same. The nghttp2 constant included the length of the string,
like this: "\x2h2". The ALPN_H2 constant is just "h2". Therefore we need
to re-add the length of the string to the ALPN buffer.
Closes#7138
When the SecCertificateCopyCommonName function fails, it leaves
common_name in a invalid state so CFStringCompare uses the invalid
result, causing EXC_BAD_ACCESS.
The fix is to check the return value of the function before using the
name.
Closes#7126
Latest version of quiche requires the application to pass the peer
address of received packets, and it provides the address for outgoing
packets back.
Closes#7120
In some situations, it was possible that a transfer was setup to
use an specific IP version, but due do DNS caching or connection
reuse, it ended up using a different IP version from requested.
This commit changes the effect of CURLOPT_IPRESOLVE from simply
restricting address resolution to preventing the wrong connection
type being used, when choosing a connection from the pool, and
to restricting what addresses could be used when establishing
a new connection.
It is important that all addresses versions are resolved, even if
not used in that transfer in particular, because the result is
cached, and could be useful for a different transfer with a
different CURLOPT_IPRESOLVE setting.
Closes#6853
AmiSSL replaces many functions with macros. Curl requires pointer
to some of these functions. Thus, we have to encapsulate these macros:
SHA256_Init, SHA256_Update, SHA256_Final, X509_INFO_free.
Bug: https://github.com/jens-maus/amissl/issues/15
Co-authored-by: Daniel Stenberg <daniel@haxx.se>
Closes#7099
Check the FIRST for all other protocols.
This fixes a timeout in an ftps download. The server sends a TLS
close_notify message in the same packet as the file data. The
close_notify seems to not be handled in the schannel_recv function, so
libcurl is not aware that the server has closed the connection. Thus
libcurl ends up waiting for action on the socket until a timeout is
reached. With the secondary socket check added to the data_pending
function, the close_notify is properly handled, and the ftps transfer
terminates as expected.
Fixes#7068Closes#7069
The libssh2 backend has SSH session associated with the connection but
the callback context is the easy handle, so when a connection gets
attached to a transfer, the protocol handler now allows for a custom
function to get used to set things up correctly.
Reported-by: Michael O'Farrell
Fixes#6898Closes#7078
Since the function is called for any protocol, we can't assume that the
HTTP struct is there without first making sure it is HTTP.
Reported-by: Denis Goleshchikhin
Fixes#7079Closes#7080
Some of the time, we get a HYPER_TASK_EMPTY response before the status
line, headers, and body have been read. Previously, that would cause us
to poll again, leading to a 1 second timeout.
The HYPER_TASK_EMPTY docs say:
The value of this task is null (does not imply an error).
So, if we receive a HYPER_TASK_EMPTY, continue on with processing the
response.
Reported-by: Kevin Burke
Fixes#7064Closes#7070
As of commit 54e7475, these flags would only be set when using a new
credential handle. When re-using an existing credential handle, the
flags would not be set.
Closes https://github.com/curl/curl/pull/7051
The Curl_resolv() had special code (when built in debug mode) for when
resolving the host name "LocalHost" (using that exact casing). It would
then get the host name from the --interface option instead.
This development-only feature was not used by anything (anymore) and we
have the --resolve feature if we want to play similar tricks properly
going forward.
Closes#7044
Otherwise the old value would linger from a previous use and would mess
up the network speed cap logic.
Reported-by: Ymir1711 on github
Fixes#7042Closes#7043
Writing the cookie file has multiple error conditions, and was using an
int with magic numbers to report the different error (which in turn were
disregarded anyways). This moves reporting to use a CURLcode value.
Lightly-touched-by: Daniel Stenberg
Closes#7037Closes#6749
strstore() is defined as a strdup which ensures to free the target
pointer before duping the source char * into it. Make use of it in
two more cases where it can simplify the code.
Comments in the cookie code were a bit all over the place in terms of
style and wording. This takes a stab at cleaning them up by keeping to
a single style and overall shape. Some comments are moved a little and
some removed alltogether due to being redundant. No functional changes
have been made,
This is considered not harmful as a following http2_recv shall be
called very soon.
This is considered helpful in the specific situation where some
servers (e.g. nghttpx v1.43.0) may fulfill stream 1 immediately
following the return of HTTP status 101, other than waiting for
the client-side connection preface to arrive.
Fixes#7036Closes#7040
Assumed to be a minor coding style improvement with no behavior change.
A modern compiler is expected to have the calculation optimized during
compilation. It may be deemed okay even if that's not the case, since
the added overhead is considered very low.
Closes#7032
Also added 'CURL_SMALLSENDS' to make Curl_write() send short packets,
which helped verifying this even more.
Add test 363 to verify.
Reported-by: ustcqidi on github
Fixes#6950Closes#7024
Previously this logic would cap the send to CURL_MAX_WRITE_SIZE bytes,
but for the situations where a larger upload buffer has been set, this
function can benefit from sending more bytes. With default size used,
this does the same as before.
Also changed the storage of the size to an 'unsigned int' as it is not
allowed to be set larger than 2M.
Also added cautions to the man pages about changing buffer sizes in
run-time.
Closes#7022
A reused transfer handle could otherwise reuse the previous leftover
buffer and havoc would ensue.
Reported-by: sergio-nsk on github
Fixes#7018Closes#7021
Previously, settting only the max allowed TLS version, leaving the
minimum one at default, didn't actually set it and left it to default
(TLS 1.3) too!
As a bonus, this change also removes the dead code handling of SSLv3
since that version can't be set anymore (since eff614fb02).
Reported-by: Daniel Carpenter
Fixes#6998Closes#7000
Since openldap itself uses that prefix and with OpenĹDAP 2.5.4 (at
least) there's a symbol collision because of that.
The private functions now use the 'oldap_' prefix where it previously
used 'ldap_'.
Reported-by: 3eka on github
Fixes#7004Closes#7005
... as they're checked for in the configure script and are used by
source code.
Removed checks for perror, setvbuf and strlcat since those defines are
not checked for in source code.
Bonus: removed HAVE_STRLCPY from a few config-*.h files since that
symbol is not used in source code.
Closes#6997
... to avoid memory leaks!
libssh2 is tricky as we have to deal with the non-blockiness even in
close and shutdown cases. In the cases when we shutdown after a timeout
already expired, it is crucial that curl doen't let the timeout abort
the shutdown process as that then leaks memory!
Reported-by: Benjamin Riefenstahl
Fixes#6990
When a TLS server requests a client certificate during handshake and
none can be provided, libcurl now returns this new error code
CURLE_SSL_CLIENTCERT
Only supported by Secure Transport and OpenSSL for TLS 1.3 so far.
Closes#6721
... detected by Coverity:
Error: RESOURCE_LEAK (CWE-772):
lib/http2.c:532: alloc_fn: Storage is returned from allocation function "duphandle".
lib/http2.c:532: var_assign: Assigning: "newhandle" = storage returned from "duphandle(data)".
lib/http2.c:552: noescape: Resource "newhandle" is not freed or pointed-to in "set_transfer_url".
lib/http2.c:555: leaked_storage: Variable "newhandle" going out of scope leaks the storage it points to.
Closes#6986
... detected by Coverity:
Error: RESOURCE_LEAK (CWE-772):
lib/http2.c:480: alloc_fn: Storage is returned from allocation function "curl_url". [Note: The source code implementation of the function has been overridden by a builtin model.]
lib/http2.c:480: var_assign: Assigning: "u" = storage returned from "curl_url()".
lib/http2.c:486: noescape: Resource "u" is not freed or pointed-to in "curl_url_set". [Note: The source code implementation of the function has been overridden by a builtin model.]
lib/http2.c:488: leaked_storage: Variable "u" going out of scope leaks the storage it points to.
Error: RESOURCE_LEAK (CWE-772):
lib/http2.c:480: alloc_fn: Storage is returned from allocation function "curl_url". [Note: The source code implementation of the function has been overridden by a builtin model.]
lib/http2.c:480: var_assign: Assigning: "u" = storage returned from "curl_url()".
lib/http2.c:493: noescape: Resource "u" is not freed or pointed-to in "curl_url_set". [Note: The source code implementation of the function has been overridden by a builtin model.]
lib/http2.c:495: leaked_storage: Variable "u" going out of scope leaks the storage it points to.
Error: RESOURCE_LEAK (CWE-772):
lib/http2.c:480: alloc_fn: Storage is returned from allocation function "curl_url". [Note: The source code implementation of the function has been overridden by a builtin model.]
lib/http2.c:480: var_assign: Assigning: "u" = storage returned from "curl_url()".
lib/http2.c:500: noescape: Resource "u" is not freed or pointed-to in "curl_url_set". [Note: The source code implementation of the function has been overridden by a builtin model.]
lib/http2.c:502: leaked_storage: Variable "u" going out of scope leaks the storage it points to.
Error: RESOURCE_LEAK (CWE-772):
lib/http2.c:480: alloc_fn: Storage is returned from allocation function "curl_url". [Note: The source code implementation of the function has been overridden by a builtin model.]
lib/http2.c:480: var_assign: Assigning: "u" = storage returned from "curl_url()".
lib/http2.c:505: noescape: Resource "u" is not freed or pointed-to in "curl_url_get". [Note: The source code implementation of the function has been overridden by a builtin model.]
lib/http2.c:507: leaked_storage: Variable "u" going out of scope leaks the storage it points to.
Closes#6986
Removed localfd and remotefd from ssl_backend_data (ued only with proxy
connection). Function pipe_ssloverssl return always 0, when proxy is not
used.
Closes#6981
This abstracts across the two HTTP/2 backends: nghttp2 and Hyper.
Add our own define for the "h2" ALPN protocol, so TLS backends can use
it without depending on a specific HTTP backend.
Closes#6959
Previously if a caller set CURLOPT_WRITEFUNCTION but did not set a
CURLOPT_HEADERDATA buffer, Hyper would still attempt to write headers to
the data->set.writeheader header buffer, even though it is null. This
led to NPE segfaults attempting to use libcurl+Hyper with Git, for
example.
Instead, process the client write for the status line using the same
logic we use to process the client write for the later HTTP headers,
which contains the appropriate guard logic. As a side benefit,
data->set.writeheader is now only read in one file instead of two.
Fixes#6619Fixesabetterinternet/crustls#49Fixeshyperium/hyper#2438Closes#6971
- Disable auto credentials by default. This is a breaking change
for clients that are using it, wittingly or not.
- New libcurl ssl option value CURLSSLOPT_AUTO_CLIENT_CERT tells libcurl
to automatically locate and use a client certificate for
authentication, when requested by the server.
- New curl tool options --ssl-auto-client-cert and
--proxy-ssl-auto-client-cert map to CURLSSLOPT_AUTO_CLIENT_CERT.
This option is only supported for Schannel (the native Windows SSL
library). Prior to this change Schannel would, with no notification to
the client, attempt to locate a client certificate and send it to the
server, when requested by the server. Since the server can request any
certificate that supports client authentication in the OS certificate
store it could be a privacy violation and unexpected.
Fixes https://github.com/curl/curl/issues/2262
Reported-by: Jeroen Ooms
Assisted-by: Wes Hinsley
Assisted-by: Rich FitzJohn
Ref: https://curl.se/mail/lib-2021-02/0066.html
Reported-by: Morten Minde Neergaard
Closes https://github.com/curl/curl/pull/6673
Input challenges and returned messages are now in binary.
Conversions from/to base64 are performed by callers (currently curl_sasl.c
and http_ntlm.c).
Closes#6654
A struct bufref holds a buffer pointer, a data size and a destructor.
When freed or its contents are changed, the previous buffer is implicitly
released by the associated destructor. The data size, although not used
internally, allows binary data support.
A unit test checks its handling methods: test 1661
Closes#6654
Reset FD_WRITE by sending zero bytes which is permissible
and will be treated by implementations as successful send.
Without this we won't be notified in case a socket is still
writable if we already received such a notification and did
not send any data afterwards on the socket. This would lead
to waiting forever on a writable socket being writable again.
Assisted-by: Tommy Odom
Reviewed-by: Jay Satiro
Reviewed-by: Marcel Raad
Tested-by: tmkk on github
Bug: #6146Closes#6245
1. Consolidate pre-checks into a single Curl_poll call:
This is an attempt to restructure the code in Curl_multi_wait
in such a way that less syscalls are made by removing individual
calls to Curl_socket_check via SOCKET_READABLE/SOCKET_WRITABLE.
2. Avoid resetting the WinSock event multiple times:
We finally call WSAResetEvent anyway, so specifying it as
an optional parameter to WSAEnumNetworkEvents is redundant.
3. Wakeup directly in case no sockets are being monitoring:
Fix the WinSock based implementation to skip extra waiting by
not sleeping in case no sockets are to be waited on and just
the WinSock event is being monitored for wakeup functionality.
Assisted-by: Tommy Odom
Reviewed-by: Jay Satiro
Reviewed-by: Marcel Raad
Bug: #6146Closes#6245
