1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-25 01:28:51 -05:00
Commit Graph

10839 Commits

Author SHA1 Message Date
Vilhelm Prytz
d0319adb0c
copyrights: update all copyright notices to 2019 on files changed this year
Closes #4547
2019-11-02 23:15:56 +01:00
Bastien Bouclet
9910d6b9a4
mbedtls: add error message for cert validity starting in the future
Closes #4552
2019-11-02 22:59:13 +01:00
Jay Satiro
9c49824902 schannel_verify: Fix concurrent openings of CA file
- Open the CA file using FILE_SHARE_READ mode so that others can read
  from it as well.

Prior to this change our schannel code opened the CA file without
sharing which meant concurrent openings (eg an attempt from another
thread or process) would fail during the time it was open without
sharing, which in curl's case would cause error:
"schannel: failed to open CA file".

Bug: https://curl.haxx.se/mail/lib-2019-10/0104.html
Reported-by: Richard Alcock
2019-11-01 18:02:59 -04:00
Daniel Stenberg
c2b01cce5c
gtls: make gnutls_bye() not wait for response on shutdown
... as it can make it wait there for a long time for no good purpose.

Patched-by: Jay Satiro
Reported-by: Bylon2 on github
Adviced-by: Nikos Mavrogiannopoulos

Fixes #4487
Closes #4541
2019-10-31 09:10:50 +01:00
Daniel Stenberg
dcd7e37c3a
url: make Curl_close() NULLify the pointer too
This is the common pattern used in the code and by a unified approach we
avoid mistakes.

Closes #4534
2019-10-30 09:36:21 +01:00
Daniel Stenberg
0cbd6f8df7
url: Curl_free_request_state() should also free doh handles
... or risk DoH memory leaks.

Reported-by: Paul Dreik
Fixes #4463
Closes #4527
2019-10-29 22:48:19 +01:00
Javier Blazquez
9f5b26d23f HTTP3: fix invalid use of sendto for connected UDP socket
On macOS/BSD, trying to call sendto on a connected UDP socket fails
with a EISCONN error. Because the singleipconnect has already called
connect on the socket when we're trying to use it for QUIC transfers
we need to use plain send instead.

Fixes #4529
Closes https://github.com/curl/curl/pull/4533
2019-10-28 15:00:33 -04:00
Javier Blazquez
e0ee3d9f9b
HTTP3: fix Windows build
The ngtcp2 QUIC backend was using the MSG_DONTWAIT flag for send/recv
in order to perform nonblocking operations. On Windows this flag does
not exist. Instead, the socket must be set to nonblocking mode via
ioctlsocket.

This change sets the nonblocking flag on UDP sockets used for QUIC on
all platforms so the use of MSG_DONTWAIT is not needed.

Fixes #4531
Closes #4532
2019-10-28 09:21:43 +01:00
Francois Rivard
8986df802d
schannel: reverse the order of certinfo insertions
Fixes #4518
Closes #4519
2019-10-24 16:30:40 +02:00
Daniel Stenberg
807c056c08
conn-reuse: requests wanting NTLM can reuse non-NTLM connections
Added test case 338 to verify.

Reported-by: Daniel Silverstone
Fixes #4499
Closes #4514
2019-10-23 10:15:39 +02:00
Daniel Stenberg
95a4cfd888
http2_recv: a closed stream trumps pause state
... and thus should return 0, not EAGAIN.

Reported-by: Tom van der Woerdt
Fixes #4496
Closes #4505
2019-10-18 23:23:48 +02:00
Daniel Stenberg
59041f052a
http2: expire a timeout at end of stream
To make sure that transfer is being dealt with. Streams without
Content-Length need a final read to notice the end-of-stream state.

Reported-by: Tom van der Woerdt
Fixes #4496
2019-10-18 23:23:43 +02:00
Daniel Stenberg
e062043433
url: normalize CURLINFO_EFFECTIVE_URL
The URL extracted with CURLINFO_EFFECTIVE_URL was returned as given as
input in most cases, which made it not get a scheme prefixed like before
if the URL was given without one, and it didn't remove dotdot sequences
etc.

Added test case 1907 to verify that this now works as intended and as
before 7.62.0.

Regression introduced in 7.62.0

Reported-by: Christophe Dervieux
Fixes #4491
Closes #4493
2019-10-16 14:10:55 +02:00
Marcel Raad
a626fa128c
security: silence conversion warning
With MinGW-w64, `curl_socket_t` is is a 32 or 64 bit unsigned integer,
while `read` expects a 32 bit signed integer.
Use `sread` instead of `read` to use the correct parameter type.

Closes https://github.com/curl/curl/pull/4483
2019-10-13 22:10:12 +02:00
Marcel Raad
be16d8d994
connect: silence sign-compare warning
With MinGW-w64 using WinSock, `curl_socklen_t` is signed, while the
result of `sizeof` is unsigned.

Closes https://github.com/curl/curl/pull/4483
2019-10-13 22:09:59 +02:00
Harry Sintonen
0dc14b8381
socketpair: fix include and define for older TCP header systems
fixed build for systems that need netinet/in.h for IPPROTO_TCP and are
missing INADDR_LOOPBACK

Closes #4480
2019-10-10 23:20:15 +02:00
Daniel Stenberg
622cf7db6b
socketpair: fix double-close in error case
Follow-up to bc2dbef0af
2019-10-10 11:18:21 +02:00
Daniel Stenberg
1b843bb5ed
gskit: use the generic Curl_socketpair 2019-10-10 11:04:38 +02:00
Daniel Stenberg
9c76f694de
asyn-thread: make use of Curl_socketpair() where available 2019-10-10 11:04:38 +02:00
Daniel Stenberg
bc2dbef0af
socketpair: an implemention for Windows and more
Curl_socketpair() is designed to be used and work everywhere if there's
no native version or the native version isn't good enough.

Closes #4466
2019-10-10 11:04:38 +02:00
Daniel Stenberg
490effc193
connect: return CURLE_OPERATION_TIMEDOUT for errno == ETIMEDOUT
Previosly all connect() failures would return CURLE_COULDNT_CONNECT, no
matter what errno said.

This makes for example --retry work on these transfer failures.

Reported-by: Nathaniel J. Smith
Fixes #4461
Clsoes #4462
2019-10-09 14:16:28 +02:00
Nicolas
8bb3a95ce1 ldap: fix OOM error on missing query string
- Allow missing queries, don't return NO_MEMORY error in such a case.

It is acceptable for there to be no specified query string, for example:

curl ldap://ldap.forumsys.com

A regression bug in 1b443a7 caused this issue.

This is a partial fix for #4261.

Bug: https://github.com/curl/curl/issues/4261#issuecomment-525543077
Reported-by: Jojojov@users.noreply.github.com
Analyzed-by: Samuel Surtees

Closes https://github.com/curl/curl/pull/4467
2019-10-05 19:47:31 -04:00
Paul B. Omta
df85b86a92 build: Remove unused HAVE_LIBSSL and HAVE_LIBCRYPTO defines
Closes https://github.com/curl/curl/pull/4460
2019-10-05 19:18:30 -04:00
Daniel Stenberg
b902b0632d
ngtcp2: adapt to API change
Closes #4457
2019-10-04 10:31:36 +02:00
Daniel Stenberg
249541f12f
cookies: change argument type for Curl_flush_cookies
The second argument is really a 'bool' so use that and pass in TRUE/FALSE
to make it clear.

Closes #4455
2019-10-03 22:56:28 +02:00
Daniel Stenberg
8a00560de2
http2: move state-init from creation to pre-transfer
To make sure that the HTTP/2 state is initialized correctly for
duplicated handles. It would otherwise easily generate "spurious"
PRIORITY frames to get sent over HTTP/2 connections when duplicated easy
handles were used.

Reported-by: Daniel Silverstone
Fixes #4303
Closes #4442
2019-10-03 22:55:42 +02:00
Daniel Stenberg
02c6b984cb
urlapi: fix use-after-free bug
Follow-up from 2c20109a9b

Added test 663 to verify.

Reported by OSS-Fuzz
Bug: https://crbug.com/oss-fuzz/17954

Closes #4453
2019-10-03 22:54:26 +02:00
Paul Dreik
13ecc0725f
cookie: avoid harmless use after free
This fix removes a use after free which can be triggered by
the internal cookie fuzzer, but otherwise is probably
impossible to trigger from an ordinary application.

The following program reproduces it:

        curl_global_init(CURL_GLOBAL_DEFAULT);
        CURL*  handle=curl_easy_init();
        CookieInfo* info=Curl_cookie_init(handle,NULL,NULL,false);
        curl_easy_setopt(handle, CURLOPT_COOKIEJAR, "/dev/null");
        Curl_flush_cookies(handle, true);
        Curl_cookie_cleanup(info);
        curl_easy_cleanup(handle);
        curl_global_cleanup();

This was found through fuzzing.

Closes #4454
2019-10-03 15:43:50 +02:00
Niall
0f48055c40
ESNI: initial build/setup
Closes #4011
2019-10-02 12:33:08 +02:00
Daniel Stenberg
c6f250c4d6
redirect: when following redirects to an absolute URL, URL encode it
... to make it handle for example (RFC violating) embeded spaces.

Reported-by: momala454 on github
Fixes #4445
Closes #4447
2019-10-02 07:53:32 +02:00
Daniel Stenberg
2c20109a9b
urlapi: fix URL encoding when setting a full URL 2019-10-02 07:53:17 +02:00
Kunal Ekawde
c124e6b3c0
CURLMOPT_MAX_CONCURRENT_STREAMS: new setopt
Closes #4410
2019-10-02 07:47:48 +02:00
Daniel Stenberg
f0f053fed0
chunked-encoding: stop hiding the CURLE_BAD_CONTENT_ENCODING error
Unknown content-encoding would get returned as CURLE_WRITE_ERROR if the
response is chunked-encoded.

Reported-by: Ilya Kosarev
Fixes #4310
Closes #4449
2019-10-02 07:46:05 +02:00
Marcel Raad
ac830139da
checksrc: fix uninitialized variable warning
The loop doesn't need to be executed without a file argument.

Closes https://github.com/curl/curl/pull/4444
2019-10-01 10:47:45 +02:00
Marcel Raad
0f62c9af8b
urlapi: fix unused variable warning
`dest` is only used with `ENABLE_IPV6`.

Closes https://github.com/curl/curl/pull/4444
2019-10-01 10:47:41 +02:00
Marcel Raad
69d95b6d4c
lib: silence conversion warnings
Closes https://github.com/curl/curl/pull/4444
2019-10-01 10:47:37 +02:00
Daniel Stenberg
c24cf6c64c
altsvc: accept quoted ma and persist values
As mandated by the spec. Test 1654 is extended to verify.

Closes #4443
2019-09-30 16:35:12 +02:00
lucas
19338e9721 quiche: update HTTP/3 config creation to new API 2019-09-29 22:40:58 +01:00
Daniel Stenberg
d0a7ee3f61
cookies: using a share with cookies shouldn't enable the cookie engine
The 'share object' only sets the storage area for cookies. The "cookie
engine" still needs to be enabled or activated using the normal cookie
options.

This caused the curl command line tool to accidentally use cookies
without having been told to, since curl switched to using shared cookies
in 7.66.0.

Test 1166 verifies

Updated test 506

Fixes #4429
Closes #4434
2019-09-28 18:10:43 +02:00
Daniel Stenberg
ed73509157
setopt: handle ALTSVC set to NULL 2019-09-27 16:26:50 +02:00
Zenju
500fb0e4cb
FTP: url-decode path before evaluation
Closes #4428
2019-09-27 08:29:54 +02:00
julian
c7e6b71e5a vtls: Fix comment typo about macosx-version-min compiler flag
Closes https://github.com/curl/curl/pull/4425
2019-09-27 01:46:49 -04:00
Daniel Stenberg
b6532b809f
quiche: don't close connection at end of stream! 2019-09-26 16:06:11 +02:00
Daniel Stenberg
2377465901
quiche: set 'drain' when returning without having drained the queues 2019-09-26 15:45:58 +02:00
Daniel Stenberg
ea7744a07e
Revert "FTP: url-decode path before evaluation"
This reverts commit 2f036a72d5.
2019-09-26 14:53:19 +02:00
Zenju
2f036a72d5
FTP: url-decode path before evaluation
Closes #4423
2019-09-26 13:57:44 +02:00
Daniel Stenberg
0ab38f5fd6
openssl: use strerror on SSL_ERROR_SYSCALL
Instead of showing the somewhat nonsensical errno number, use strerror()
to provide a more relatable error message.

Closes #4411
2019-09-26 13:55:18 +02:00
Jay Satiro
cded993700 url: don't set appconnect time for non-ssl/non-ssh connections
Prior to this change non-ssl/non-ssh connections that were reused set
TIMER_APPCONNECT [1]. Arguably that was incorrect since no SSL/SSH
handshake took place.

[1]: TIMER_APPCONNECT is publicly known as CURLINFO_APPCONNECT_TIME in
libcurl and %{time_appconnect} in the curl tool. It is documented as
"the time until the SSL/SSH handshake is completed".

Reported-by: Marcel Hernandez

Ref: https://github.com/curl/curl/issues/3760

Closes https://github.com/curl/curl/pull/3773
2019-09-26 03:04:26 -04:00
Daniel Stenberg
217812fa9e
ngtcp2: remove fprintf() calls
- convert some of them to H3BUF() calls to infof()
- remove some of them completely
- made DEBUG_HTTP3 defined only if CURLDEBUG is set for now

Closes #4421
2019-09-25 23:28:58 +02:00
Jay Satiro
af3ced3b9c
url: fix the NULL hostname compiler warning case
Closes #4403
2019-09-25 14:35:02 +02:00
Daniel Stenberg
218a62a6ce
altsvc: correct the #ifdef for the ngtcp2 backend 2019-09-25 12:13:43 +02:00
Daniel Stenberg
a4c6520991
altsvc: save h3 as h3-23
Follow-up to d176a2c7e5
2019-09-25 12:06:55 +02:00
Daniel Stenberg
6e7733f788
urlapi: question mark within fragment is still fragment
The parser would check for a query part before fragment, which caused it
to do wrong when the fragment contains a question mark.

Extended test 1560 to verify.

Reported-by: Alex Konev
Fixes #4412
Closes #4413
2019-09-24 23:30:43 +02:00
Patrick Monnerat
3e0a8e539c os400: getpeername() and getsockname() return ebcdic AF_UNIX sockaddr,
As libcurl now uses these 2 system functions, wrappers are needed on os400
to convert returned AF_UNIX sockaddrs to ascii.

This is a follow-up to commit 7fb54ef.
See also #4037.
Closes #4214
2019-09-24 13:39:22 +02:00
Lucas Pardue
4a778f75c5 strcase: fix raw lowercasing the letter X
Casing mistake in Curl_raw_tolower 'X' wasn't lowercased as 'x' prior to
this change.

Follow-up to 0023fce which added the function several days ago.

Ref: https://github.com/curl/curl/pull/4401#discussion_r327396546

Closes https://github.com/curl/curl/pull/4408
2019-09-24 01:31:37 -04:00
Daniel Stenberg
b259baabfe
http2: Expression 'stream->stream_id != - 1' is always true
PVS-Studio warning
Fixes #4402
2019-09-23 22:44:02 +02:00
Daniel Stenberg
f91b82e688
http2: A value is being subtracted from the unsigned variable
PVS-Studio warning
Fixes #4402
2019-09-23 22:44:02 +02:00
Daniel Stenberg
9aed993da0
libssh: part of conditional expression is always true: !result
PVS-Studio warning
Fixed #4402
2019-09-23 22:44:02 +02:00
Daniel Stenberg
b7e872ac17
libssh: part of conditional expression is always true
PVS-Studio warning
Fixes #4402
2019-09-23 22:44:01 +02:00
Daniel Stenberg
9221896768
libssh: The expression is excessive or contains a misprint
PVS-Studio warning
Fixes #4402
2019-09-23 22:44:01 +02:00
Daniel Stenberg
32fa043202
quiche: The expression must be surrounded by parentheses
PVS-Studio warning
Fixes #4402
2019-09-23 22:44:01 +02:00
Daniel Stenberg
89d972f24c
vauth: The parameter 'status' must be surrounded by parentheses
PVS-Studio warning
Fixes #4402
2019-09-23 22:44:01 +02:00
Paul Dreik
a5bf6a36c5
doh: allow only http and https in debug mode
Otherwise curl may be told to use for instance pop3 to
communicate with the doh server, which most likely
is not what you want.

Found through fuzzing.

Closes #4406
2019-09-23 22:38:23 +02:00
Paul Dreik
bb74201804
doh: return early if there is no time left
Closes #4406
2019-09-23 22:38:15 +02:00
Barry Pollard
0023fce38d
http: lowercase headernames for HTTP/2 and HTTP/3
Closes #4401
Fixes #4400
2019-09-23 22:33:31 +02:00
Marcel Raad
527461285f
vtls: fix narrowing conversion warnings
Curl_timeleft returns `timediff_t`, which is 64 bits wide also on
32-bit systems since commit b1616dad8f.

Closes https://github.com/curl/curl/pull/4398
2019-09-23 09:44:35 +02:00
Marcel Raad
367e4b3c4d
openssl: fix compiler warning with LibreSSL
It was already fixed for BoringSSL in commit a0f8fccb1e.
LibreSSL has had the second argument to SSL_CTX_set_min_proto_version
as uint16_t ever since the function was added in [0].

[0] 56f107201b

Closes https://github.com/curl/curl/pull/4397
2019-09-22 20:55:54 +02:00
Jay Satiro
5ee88eee68 socks: Fix destination host shown on SOCKS5 error
Prior to this change when a server returned a socks5 connect error then
curl would parse the destination address:port from that data and show it
to the user as the destination:

curld -v --socks5 10.0.3.1:1080 http://google.com:99
* SOCKS5 communication to google.com:99
* SOCKS5 connect to IPv4 172.217.12.206 (locally resolved)
* Can't complete SOCKS5 connection to 253.127.0.0:26673. (1)
curl: (7) Can't complete SOCKS5 connection to 253.127.0.0:26673. (1)

That's incorrect because the address:port included in the connect error
is actually a bind address:port (typically unused) and not the
destination address:port. This fix changes curl to show the destination
information that curl sent to the server instead:

curld -v --socks5 10.0.3.1:1080 http://google.com:99
* SOCKS5 communication to google.com:99
* SOCKS5 connect to IPv4 172.217.7.14:99 (locally resolved)
* Can't complete SOCKS5 connection to 172.217.7.14:99. (1)
curl: (7) Can't complete SOCKS5 connection to 172.217.7.14:99. (1)

curld -v --socks5-hostname 10.0.3.1:1080 http://google.com:99
* SOCKS5 communication to google.com:99
* SOCKS5 connect to google.com:99 (remotely resolved)
* Can't complete SOCKS5 connection to google.com:99. (1)
curl: (7) Can't complete SOCKS5 connection to google.com:99. (1)

Ref: https://tools.ietf.org/html/rfc1928#section-6

Closes https://github.com/curl/curl/pull/4394
2019-09-21 23:45:02 -04:00
Daniel Stenberg
d176a2c7e5
altsvc: both backends run h3-23 now
Closes #4395
2019-09-21 23:11:29 +02:00
Daniel Stenberg
fe514ad9ae
http: fix warning on conversion from int to bit
Follow-up from 03ebe66d70
2019-09-21 23:09:59 +02:00
Daniel Stenberg
03ebe66d70
urldata: use 'bool' for the bit type on MSVC compilers
Closes #4387
Fixes #4379
2019-09-21 23:05:41 +02:00
Zenju
36ff5e37b9
FTP: FTPFILE_NOCWD: avoid redundant CWDs
Closes #4382
2019-09-21 16:23:03 +02:00
Daniel Stenberg
0801343e27
cookie: pass in the correct cookie amount to qsort()
As the loop discards cookies without domain set. This bug would lead to
qsort() trying to sort uninitialized pointers. We have however not found
it a security problem.

Reported-by: Paul Dreik
Closes #4386
2019-09-21 16:07:52 +02:00
Paul Dreik
47066036a0
urlapi: avoid index underflow for short ipv6 hostnames
If the input hostname is "[", hlen will underflow to max of size_t when
it is subtracted with 2.

hostname[hlen] will then cause a warning by ubsanitizer:

runtime error: addition of unsigned offset to 0x<snip> overflowed to
0x<snip>

I think that in practice, the generated code will work, and the output
of hostname[hlen] will be the first character "[".

This can be demonstrated by the following program (tested in both clang
and gcc, with -O3)

int main() {
  char* hostname=strdup("[");
  size_t hlen = strlen(hostname);

  hlen-=2;
  hostname++;
  printf("character is %d\n",+hostname[hlen]);
  free(hostname-1);
}

I found this through fuzzing, and even if it seems harmless, the proper
thing is to return early with an error.

Closes #4389
2019-09-21 15:57:17 +02:00
Tatsuhiro Tsujikawa
63a8d2b172
ngtcp2: compile with latest ngtcp2 + nghttp3 draft-23
Closes #4392
2019-09-21 15:44:17 +02:00
Daniel Stenberg
7d5524500d
libssh2: part of conditional expression is always true: !result
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:52 +02:00
Daniel Stenberg
36fbb10071
urlapi: Expression 'storep' is always true
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:48 +02:00
Daniel Stenberg
a6451487d4
urlapi: 'scheme' is always true
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:46 +02:00
Daniel Stenberg
b10464399b
urlapi: part of conditional expression is always true: (relurl[0] == '/')
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:42 +02:00
Daniel Stenberg
8f593f6d3b
setopt: store CURLOPT_RTSP_SERVER_CSEQ correctly
Fixes bug detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:35 +02:00
Daniel Stenberg
2ba62322a7
mime: make Curl_mime_duppart() assert if called without valid dst
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:31 +02:00
Daniel Stenberg
cc95dbd64f
http_proxy: part of conditional expression is always true: !error
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:28 +02:00
Daniel Stenberg
d0390a538a
imap: merged two case-branches performing the same action
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:25 +02:00
Daniel Stenberg
07c1af9226
multi: value '2L' is assigned to a boolean
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:21 +02:00
Daniel Stenberg
2e68e5a023
easy: part of conditional expression is always true: !result
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:20 +02:00
Daniel Stenberg
0b90ec9bbf
netrc: part of conditional expression is always true: !done
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:18 +02:00
Daniel Stenberg
317c97bd81
version: Expression 'left > 1' is always true
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:17 +02:00
Daniel Stenberg
389426e3d0
url: remove dead code
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:13 +02:00
Daniel Stenberg
3ab45650e2
url: part of expression is always true: (bundle->multiuse == 0)
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:11 +02:00
Daniel Stenberg
e3c41ebd7c
ftp: the conditional expression is always true
... both !result and (ftp->transfer != FTPTRANSFER_BODY)!

Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:06 +02:00
Daniel Stenberg
49f3117a23
ftp: Expression 'ftpc->wait_data_conn' is always false
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:03 +02:00
Daniel Stenberg
a50c3d7fa0
ftp: Expression 'ftpc->wait_data_conn' is always true
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:07:00 +02:00
Daniel Stenberg
97c17e9fcb
ftp: part of conditional expression is always true: !result
Fixes warning detected by PVS-Studio
Fixes #4374
2019-09-20 08:06:58 +02:00
Daniel Stenberg
69ea985d4c
http: fix Expression 'http->postdata' is always false
Fixes warning detected by PVS-Studio
Fixes #4374
Reported-by: Valerii Zapodovnikov
2019-09-20 08:06:47 +02:00
Niall O'Reilly
0d59addff6
doh: avoid truncating DNS QTYPE to lower octet
Closes #4381
2019-09-19 22:50:38 +02:00
Jens Finkhaeuser
0a4ecbdf1c
urlapi: CURLU_NO_AUTHORITY allows empty authority/host part
CURLU_NO_AUTHORITY is intended for use with unknown schemes (i.e. not
"file:///") to override cURL's default demand that an authority exists.

Closes #4349
2019-09-19 15:57:28 +02:00
Daniel Stenberg
3c5f9ba899
url: only reuse TLS connections with matching pinning
If the requests have different CURLOPT_PINNEDPUBLICKEY strings set, the
connection should not be reused.

Bug: https://curl.haxx.se/mail/lib-2019-09/0061.html
Reported-by: Sebastian Haglund

Closes #4347
2019-09-19 14:58:24 +02:00
Michael Kaufmann
2a2404153b http: merge two "case" statements 2019-09-18 13:45:41 +02:00
Zenju
1c02a4e874
FTP: remove trailing slash from path for LIST/MLSD
Closes #4348
2019-09-18 09:27:21 +02:00
Daniel Stenberg
ac58c51b29
mime: when disabled, avoid C99 macro
Closes #4368
2019-09-18 08:08:41 +02:00
Daniel Stenberg
beb4350917
url: cleanup dangling DOH request headers too
Follow-up to 9bc44ff64d

Credit to OSS-Fuzz
Bug: https://crbug.com/oss-fuzz/17269

Closes #4372
2019-09-18 07:48:49 +02:00
Christoph M. Becker
7c596f5dea
http2: relax verification of :authority in push promise requests
If the :authority pseudo header field doesn't contain an explicit port,
we assume it is valid for the default port, instead of rejecting the
request for all ports.

Ref: https://curl.haxx.se/mail/lib-2019-09/0041.html

Closes #4365
2019-09-16 23:36:22 +02:00
Daniel Stenberg
9bc44ff64d
doh: clean up dangling DOH handles and memory on easy close
If you set the same URL for target as for DoH (and it isn't a DoH
server), like "https://example.com" in both, the easy handles used for
the DoH requests could be left "dangling" and end up not getting freed.

Reported-by: Paul Dreik
Closes #4366
2019-09-16 17:31:56 +02:00
Daniel Stenberg
6de1053692
smb: check for full size message before reading message details
To avoid reading of uninitialized data.

Assisted-by: Max Dymond
Bug: https://crbug.com/oss-fuzz/16907
Closes #4363
2019-09-16 14:16:06 +02:00
Daniel Stenberg
00da834156
quiche: persist connection details
... like we do for other protocols at connect time. This makes "curl -I"
and other things work.

Reported-by: George Liu
Fixes #4358
Closes #4360
2019-09-16 13:37:26 +02:00
Daniel Stenberg
a0f8fccb1e
openssl: fix warning with boringssl and SSL_CTX_set_min_proto_version
Follow-up to ffe34b7b59
Closes #4359
2019-09-16 08:49:51 +02:00
Paul Dreik
dda418266c
doh: fix undefined behaviour and open up for gcc and clang optimization
The undefined behaviour is annoying when running fuzzing with
sanitizers. The codegen is the same, but the meaning is now not up for
dispute. See https://cppinsights.io/s/516a2ff4

By incrementing the pointer first, both gcc and clang recognize this as
a bswap and optimizes it to a single instruction.  See
https://godbolt.org/z/994Zpx

Closes #4350
2019-09-15 23:27:45 +02:00
Paul Dreik
b766602729
doh: fix (harmless) buffer overrun
Added unit test case 1655 to verify.
Close #4352

the code correctly finds the flaws in the old code,
if one temporarily restores doh.c to the old version.
2019-09-15 23:25:24 +02:00
Daniel Stenberg
65f5b958c9
FTP: allow "rubbish" prepended to the SIZE response
This is a protocol violation but apparently there are legacy proprietary
servers doing this.

Added test 336 and 337 to verify.

Reported-by: Philippe Marguinaud
Closes #4339
2019-09-13 14:21:00 +02:00
Zenju
acf1d2acd1
FTP: skip CWD to entry dir when target is absolute
Closes #4332
2019-09-13 14:05:34 +02:00
Daniel Stenberg
83b4cfacba
parsedate: still provide the name arrays when disabled
If FILE or FTP are enabled, since they also use them!

Reported-by: Roland Hieber
Fixes #4325
Closes #4343
2019-09-13 08:25:14 +02:00
Daniel Stenberg
a56a47ac33
openssl: close_notify on the FTP data connection doesn't mean closure
For FTPS transfers, curl gets close_notify on the data connection
without that being a signal to close the control connection!

Regression since 3f5da4e59a (7.65.0)

Reported-by: Zenju on github
Reviewed-by: Jay Satiro
Fixes #4329
Closes #4340
2019-09-13 00:10:47 +02:00
Zenju
0aef91411e
setopt: make it easier to add new enum values
... by using the *_LAST define names better.

Closes #4321
2019-09-12 09:42:54 +02:00
Daniel Stenberg
e34ec7de59
asyn-thread: s/AF_LOCAL/AF_UNIX for Solaris
Reported-by: Dagobert Michelsen
Fixes #4328
Closes #4333
2019-09-12 09:37:11 +02:00
Jay Satiro
08f96982a9 ldap: Stop using wide char version of ldapp_err2string
Despite ldapp_err2string being documented by MS as returning a
PCHAR (char *), when UNICODE it is mapped to ldap_err2stringW and
returns PWCHAR (wchar_t *).

We have lots of code that expects ldap_err2string to return char *,
most of it failf used like this:

failf(data, "LDAP local: Some error: %s", ldap_err2string(rc));

Closes https://github.com/curl/curl/pull/4272
2019-09-11 02:44:47 -04:00
Daniel Stenberg
9637dbfffd
urlapi: one colon is enough for the strspn() input (typo) 2019-09-10 11:51:51 +02:00
Daniel Stenberg
eab3c580f9
urlapi: verify the IPv6 numerical address
It needs to parse correctly. Otherwise it could be tricked into letting
through a-f using host names that libcurl would then resolve. Like
'[ab.be]'.

Reported-by: Thomas Vegas
Closes #4315
2019-09-10 11:32:12 +02:00
Clément Notin
ffe34b7b59
openssl: use SSL_CTX_set_<min|max>_proto_version() when available
OpenSSL 1.1.0 adds SSL_CTX_set_<min|max>_proto_version() that we now use
when available.  Existing code is preserved for older versions of
OpenSSL.

Closes #4304
2019-09-10 08:11:42 +02:00
Clément Notin
9136542d33
openssl: indent, re-organize and add comments 2019-09-10 08:08:44 +02:00
migueljcrum
67b30b3418
sspi: fix memory leaks
Closes #4299
2019-09-10 08:06:05 +02:00
Daniel Stenberg
c4c9e070f3
Curl_fillreadbuffer: avoid double-free trailer buf on error
Reviewed-by: Jay Satiro
Reported-by: Thomas Vegas

Closes #4307
2019-09-09 09:36:27 +02:00
Daniel Stenberg
9069838b30
security:read_data fix bad realloc()
... that could end up a double-free

CVE-2019-5481
Bug: https://curl.haxx.se/docs/CVE-2019-5481.html
2019-09-09 08:14:34 +02:00
Thomas Vegas
facb0e4662
tftp: Alloc maximum blksize, and use default unless OACK is received
Fixes potential buffer overflow from 'recvfrom()', should the server
return an OACK without blksize.

Bug: https://curl.haxx.se/docs/CVE-2019-5482.html
CVE-2019-5482
2019-09-09 08:14:34 +02:00
Thomas Vegas
82f3ba3806
tftp: return error when packet is too small for options 2019-09-09 08:14:34 +02:00
Daniel Stenberg
158dcb9f86
netrc: free 'home' on error
Follow-up to f9c7ba9096

Coverity CID 1453474

Closes #4291
2019-09-03 23:00:51 +02:00
Daniel Stenberg
4ac2884003
urldata: avoid 'generic', use dedicated pointers
For the 'proto' union within the connectdata struct.

Closes #4290
2019-09-03 23:00:51 +02:00
Daniel Stenberg
5050edb124
cleanup: move functions out of url.c and make them static
Closes #4289
2019-09-03 13:11:12 +02:00
Daniel Stenberg
4d0306c698
smtp: check for and bail out on too short EHLO response
Otherwise, a three byte response would make the smtp_state_ehlo_resp()
function misbehave.

Credit to OSS-Fuzz
Bug: https://crbug.com/oss-fuzz/16918

Assisted-by: Max Dymond

Closes #4287
2019-09-03 08:25:23 +02:00
Daniel Stenberg
198b73d12c
smb: init *msg to NULL in smb_send_and_recv()
... it might otherwise return OK from this function leaving that pointer
uninitialized.

Bug: https://crbug.com/oss-fuzz/16907

Closes #4286
2019-09-02 23:06:48 +02:00
Daniel Stenberg
84ced9389e
Curl_addr2string: take an addrlen argument too
This allows the function to figure out if a unix domain socket has a
file name or not associated with it! When a socket is created with
socketpair(), as done in the fuzzer testing, the path struct member is
uninitialized and must not be accessed.

Bug: https://crbug.com/oss-fuzz/16699

Closes #4283
2019-08-31 11:41:56 +02:00
Daniel Stenberg
c30aff4f88
quiche: expire when poll returned data
... to make sure we continue draining the queue until empty

Closes #4281
2019-08-30 17:41:16 +02:00
Daniel Stenberg
4d9e324771
quiche: decrease available buffer size, don't assign it!
Found-by: Jeremy Lainé
2019-08-30 17:41:11 +02:00
Daniel Stenberg
7bac3135df
ngtcp2: on h3 stream close, call expire
... to trigger a new read to detect the stream close!

Closes #4275
2019-08-29 19:23:52 +02:00
Tatsuhiro Tsujikawa
484b6f345f
ngtcp2: build latest ngtcp2 and ngtcp2_crypto_openssl
Closes #4278
2019-08-29 19:22:16 +02:00
Daniel Stenberg
0690b3330c
ngtcp2: set flow control window to stream buffer size
Closes #4274
2019-08-28 14:37:19 +02:00
Tatsuhiro Tsujikawa
5b3be0729c
ngtcp2: Build with latest ngtcp2 and ngtcp2_crypto_openssl
Closes #4270
2019-08-27 16:31:19 +02:00
Daniel Stenberg
c1b6a384f9
http2: when marked for closure and wanted to close == OK
It could otherwise return an error even when closed correctly if GOAWAY
had been received previously.

Reported-by: Tom van der Woerdt
Fixes #4267
Closes #4268
2019-08-26 22:44:59 +02:00
Kamil Dudka
7e513c1048 vauth: return CURLE_AUTH_ERROR on gss_init_sec_context() failure
This is a follow-up to https://github.com/curl/curl/pull/3864 .

Closes #4224
2019-08-26 13:43:21 +02:00
Daniel Stenberg
48f589893d
quiche: send the HTTP body correctly on callback uploads
Closes #4265
2019-08-26 11:31:39 +02:00
Daniel Stenberg
aae22fdbd5
ngtcp2: add support for SSLKEYLOGFILE
Closes #4260
2019-08-25 23:29:46 +02:00
Daniel Stenberg
30a606e066
ngtcp2: improve h3 response receiving
Closes #4259
2019-08-25 23:29:43 +02:00
Daniel Stenberg
b959c2f775
ngtcp2: use nghttp3_version() 2019-08-25 23:18:17 +02:00
Daniel Stenberg
ff4ef390f6
ngtcp2: sync with upstream API changes
Assisted-by: Tatsuhiro Tsujikawa
2019-08-25 23:18:14 +02:00
Kyle Abramowitz
25f9621935
scp: fix directory name length used in memcpy
Fix read off end of array due to bad pointer math in getworkingpath for
SCP home directory case.

Closes #4258
2019-08-24 18:47:56 +02:00
Daniel Stenberg
65fda739ee
http: the 'closed' struct field is used by both ngh2 and ngh3
and remove 'header_recvbuf', not used for anything

Reported-by: Jeremy Lainé

Closes #4257
2019-08-24 17:21:41 +02:00
Daniel Stenberg
0a5d28fa2e
ngtcp2: accept upload via callback
Closes #4256
2019-08-23 22:33:29 +02:00
Daniel Stenberg
e59540139a
cleanup: remove DOT_CHAR completely
Follow-up to f9c7ba9096

The use of DOT_CHAR for ".ssh" was probably a mistake and is removed
now.

Pointed-out-by: Gisle Vanem
Bug: https://github.com/curl/curl/pull/4230#issuecomment-522960638

Closes #4247
2019-08-20 23:07:59 +02:00
Daniel Stenberg
23803aae7b
spnego_sspi: add typecast to fix build warning
Reported in build "Win32 target on Debian Stretch (64-bit) -
i686-w64-mingw32 - gcc-20170516"

Closes #4245
2019-08-20 23:06:19 +02:00
Daniel Stenberg
3e8a9bfd17
openssl: build warning free with boringssl
Closes #4244
2019-08-20 19:55:06 +02:00
Daniel Stenberg
2056175dc2
ngtcp2: make postfields-set posts work
Closes #4242
2019-08-20 16:53:40 +02:00