1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-10 19:45:04 -05:00
Commit Graph

9102 Commits

Author SHA1 Message Date
Jay Satiro
19613fb355 http2: check nghttp2_session_set_local_window_size exists
The function only exists since nghttp2 1.12.0.

Bug: https://github.com/curl/curl/commit/a4d8888#commitcomment-19985676
Reported-by: Michael Kaufmann
2016-11-28 14:08:35 -05:00
Anders Bakken
421f740164 http2: Fix crashes when parent stream gets aborted
Closes #1125
2016-11-28 15:06:17 +01:00
Okhin Vasilij
a4b2f7aafd curl_version_info: add CURL_VERSION_HTTPS_PROXY
Closes #1142
2016-11-26 17:28:53 +01:00
Frank Gevaerts
267b26b24a curl_easy_reset: clear info for CULRINFO_PROTOCOL and CURLINFO_SCHEME 2016-11-26 16:53:51 +01:00
Thomas Glanzmann
4f8b17743d HTTPS Proxy: Implement CURLOPT_PROXY_PINNEDPUBLICKEY 2016-11-25 10:49:38 +01:00
Thomas Glanzmann
1232dbb8bd url: proxy: Use 443 as default port for https proxies 2016-11-25 10:01:58 +01:00
Jay Satiro
2127457018 x509asn1: Restore the parameter check in Curl_getASN1Element
- Restore the removed parts of the parameter check.

Follow-up to 945f60e which altered the parameter check.
2016-11-24 19:43:20 -05:00
Frank Gevaerts
ba410f6c64 add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme}
Adds access to the effectively used protocol/scheme to both libcurl and
curl, both in string and numeric (CURLPROTO_*) form.

Note that the string form will be uppercase, as it is just the internal
string.

As these strings are declared internally as const, and all other strings
returned by curl_easy_getinfo() are de-facto const as well, string
handling in getinfo.c got const-ified.

Closes #1137
2016-11-25 00:45:18 +01:00
Daniel Stenberg
6832c1d4b2 checksrc: move open braces to comply with function declaration style 2016-11-24 23:58:22 +01:00
Daniel Stenberg
80e7cfeb87 checksrc: detect wrongly placed open braces in func declarations 2016-11-24 23:58:22 +01:00
Daniel Stenberg
8657c268e1 checksrc: white space edits to comply to stricter checksrc 2016-11-24 23:58:22 +01:00
Daniel Stenberg
ec0a5c96ac checksrc: verify ASTERISKNOSPACE
Detects (char*) and 'char*foo' uses.
2016-11-24 23:58:22 +01:00
Daniel Stenberg
dbadaebfc4 checksrc: code style: use 'char *name' style 2016-11-24 23:58:22 +01:00
Daniel Stenberg
bc7e08471c checksrc: add ASTERISKSPACE
Verifies a 'char *name' style, with no space after the asterisk.
2016-11-24 23:48:45 +01:00
Daniel Stenberg
74ffa040a4 openssl: remove dead code
Coverity CID 1394666
2016-11-24 23:41:45 +01:00
Okhin Vasilij
c6da05a5ec HTTPS-proxy: fixed mbedtls and polishing 2016-11-24 23:41:45 +01:00
Daniel Stenberg
49765cd75c darwinssl: adopted to the HTTPS proxy changes
It builds and runs all test cases. No adaptations for actual HTTPS proxy
support has been made.
2016-11-24 23:41:45 +01:00
Daniel Stenberg
8b4352658a gtls: fix indent to silence compiler warning
vtls/gtls.c: In function ‘Curl_gtls_data_pending’:
vtls/gtls.c:1429:3: error: this ‘if’ clause does not guard... [-Werror=misleading-indentation]
   if(conn->proxy_ssl[connindex].session &&
      ^~
      vtls/gtls.c:1433:5: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘if’
           return res;
2016-11-24 23:41:45 +01:00
Thomas Glanzmann
8cb872df10 mbedtls: Fix compile errors 2016-11-24 23:41:45 +01:00
Alex Rousskov
cb4e2be7c6 proxy: Support HTTPS proxy and SOCKS+HTTP(s)
* HTTPS proxies:

An HTTPS proxy receives all transactions over an SSL/TLS connection.
Once a secure connection with the proxy is established, the user agent
uses the proxy as usual, including sending CONNECT requests to instruct
the proxy to establish a [usually secure] TCP tunnel with an origin
server. HTTPS proxies protect nearly all aspects of user-proxy
communications as opposed to HTTP proxies that receive all requests
(including CONNECT requests) in vulnerable clear text.

With HTTPS proxies, it is possible to have two concurrent _nested_
SSL/TLS sessions: the "outer" one between the user agent and the proxy
and the "inner" one between the user agent and the origin server
(through the proxy). This change adds supports for such nested sessions
as well.

A secure connection with a proxy requires its own set of the usual SSL
options (their actual descriptions differ and need polishing, see TODO):

  --proxy-cacert FILE        CA certificate to verify peer against
  --proxy-capath DIR         CA directory to verify peer against
  --proxy-cert CERT[:PASSWD] Client certificate file and password
  --proxy-cert-type TYPE     Certificate file type (DER/PEM/ENG)
  --proxy-ciphers LIST       SSL ciphers to use
  --proxy-crlfile FILE       Get a CRL list in PEM format from the file
  --proxy-insecure           Allow connections to proxies with bad certs
  --proxy-key KEY            Private key file name
  --proxy-key-type TYPE      Private key file type (DER/PEM/ENG)
  --proxy-pass PASS          Pass phrase for the private key
  --proxy-ssl-allow-beast    Allow security flaw to improve interop
  --proxy-sslv2              Use SSLv2
  --proxy-sslv3              Use SSLv3
  --proxy-tlsv1              Use TLSv1
  --proxy-tlsuser USER       TLS username
  --proxy-tlspassword STRING TLS password
  --proxy-tlsauthtype STRING TLS authentication type (default SRP)

All --proxy-foo options are independent from their --foo counterparts,
except --proxy-crlfile which defaults to --crlfile and --proxy-capath
which defaults to --capath.

Curl now also supports %{proxy_ssl_verify_result} --write-out variable,
similar to the existing %{ssl_verify_result} variable.

Supported backends: OpenSSL, GnuTLS, and NSS.

* A SOCKS proxy + HTTP/HTTPS proxy combination:

If both --socks* and --proxy options are given, Curl first connects to
the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS
proxy.

TODO: Update documentation for the new APIs and --proxy-* options.
Look for "Added in 7.XXX" marks.
2016-11-24 23:41:44 +01:00
Patrick Monnerat
8034d8fc62 Declare endian read functions argument as a const pointer.
This is done for all functions of the form Curl_read[136][624]_[lb]e.
2016-11-24 16:14:21 +01:00
Patrick Monnerat
945f60e8a7 Limit ASN.1 structure sizes to 256K. Prevent some allocation size overflows.
See CRL-01-006.
2016-11-24 14:28:39 +01:00
Jay Satiro
3e9c0230f4 url: Fix conn reuse for local ports and interfaces
- Fix connection reuse for when the proposed new conn 'needle' has a
specified local port but does not have a specified device interface.

Bug: https://curl.haxx.se/mail/lib-2016-11/0137.html
Reported-by: bjt3[at]hotmail.com
2016-11-22 16:10:06 -05:00
Daniel Stenberg
f18f7bf934 rand: pass in number of randoms as an unsigned argument 2016-11-21 07:51:42 +01:00
Jay Satiro
8626632f3e rand: Fix potentially uninitialized result warning 2016-11-20 23:57:47 -05:00
Marcel Raad
c0ae2dbb86
vtls: fix build warnings
Fix warnings about conversions from long to time_t in openssl.c and
schannel.c.

Follow-up to de4de4e3c7
2016-11-19 14:09:03 +01:00
Marcel Raad
21aa32d30d lib: fix compiler warnings after de4de4e3c7
Visual C++ now complains about implicitly casting time_t (64-bit) to
long (32-bit). Fix this by changing some variables from long to time_t,
or explicitly casting to long where the public interface would be
affected.

Closes #1131
2016-11-18 10:11:55 +01:00
Isaac Boukris
0b8d682f81 Don't mix unix domain sockets with regular ones
When reusing a connection, make sure the unix domain
socket option matches.
2016-11-17 17:34:02 +01:00
Jay Satiro
a4d888857e http2: Use huge HTTP/2 windows
- Improve performance by using a huge HTTP/2 window size.

Bug: https://github.com/curl/curl/issues/1102
Reported-by: afrind@users.noreply.github.com
Assisted-by: Tatsuhiro Tsujikawa
2016-11-16 17:35:11 -05:00
Jay Satiro
b65f79d9e8 http2: Fix address sanitizer memcpy warning
- In Curl_http2_switched don't call memcpy when src is NULL.

Curl_http2_switched can be called like:

Curl_http2_switched(conn, NULL, 0);

.. and prior to this change memcpy was then called like:

memcpy(dest, NULL, 0)

.. causing address sanitizer to warn:

http2.c:2057:3: runtime error: null pointer passed as argument 2, which
is declared to never be null
2016-11-16 02:16:10 -05:00
David Schweikert
7c9b9add6f darwinssl: fix SSL client certificate not found on MacOS Sierra
Reviewed-by: Nick Zitzmann

Closes #1105
2016-11-15 08:41:32 +01:00
Daniel Stenberg
f682156a4f Curl_rand: fixed and moved to rand.c
Now Curl_rand() is made to fail if it cannot get the necessary random
level.

Changed the proto of Curl_rand() slightly to provide a number of ints at
once.

Moved out from vtls, since it isn't a TLS function and vtls provides
Curl_ssl_random() for this to use.

Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
2016-11-14 08:23:52 +01:00
Daniel Stenberg
ebf985c159 time_t fix: follow-up to de4de4e3c7
Blah, I accidentally wrote size_t instead of time_t for two variables.

Reported-by: Dave Reisner
2016-11-13 23:09:45 +01:00
Daniel Stenberg
de4de4e3c7 timeval: prefer time_t to hold seconds instead of long
... as long is still 32bit on modern 64bit windows machines, while
time_t is generally 64bit.
2016-11-12 13:32:21 +01:00
Daniel Stenberg
346340808c URL-parser: for file://[host]/ URLs, the [host] must be localhost
Previously, the [host] part was just ignored which made libcurl accept
strange URLs misleading users. like "file://etc/passwd" which might've
looked like it refers to "/etc/passwd" but is just "/passwd" since the
"etc" is an ignored host name.

Reported-by: Mike Crowe
Assisted-by: Kamil Dudka
2016-11-11 17:14:45 +01:00
Daniel Stenberg
ddefc056b6 openssl: make sure to fail in the unlikely event that PRNG seeding fails 2016-11-11 14:16:31 +01:00
Daniel Stenberg
942c952db6 openssl: avoid unnecessary seeding if already done
1.1.0+ does more of this by itself so we can avoid extra processing this
way.
2016-11-11 13:54:16 +01:00
Daniel Stenberg
f9de7c405f openssl: RAND_status always exists in OpenSSL >= 0.9.7
and remove RAND_screen from configure since nothing is using that
function
2016-11-11 13:44:09 +01:00
Daniel Stenberg
cbec00d914 Curl_pgrsUpdate: use dedicated function for time passed 2016-11-11 11:02:02 +01:00
Daniel Stenberg
0649433da5 realloc: use Curl_saferealloc to avoid common mistakes
Discussed: https://curl.haxx.se/mail/lib-2016-11/0087.html
2016-11-11 10:03:48 +01:00
Daniel Stenberg
ea80a2dcfc openssl: raise the max_version to 1.3 if asked for
Now I've managed to negotiate TLS 1.3 with https://enabled.tls13.com/ when
using boringssl.
2016-11-10 11:16:25 +01:00
Jay Satiro
f43b7b6cb6 vtls: Fail on unrecognized param for CURLOPT_SSLVERSION
- Fix GnuTLS code for CURL_SSLVERSION_TLSv1_2 that broke when the
TLS 1.3 support was added in 6ad3add.

- Homogenize across code for all backends the error message when TLS 1.3
is not available to "<backend>: TLS 1.3 is not yet supported".

- Return an error when a user-specified ssl version is unrecognized.

---

Prior to this change our code for some of the backends used the
'default' label in the switch statement (ie ver unrecognized) for
ssl.version and treated it the same as CURL_SSLVERSION_DEFAULT.

Bug: https://curl.haxx.se/mail/lib-2016-11/0048.html
Reported-by: Kamil Dudka
2016-11-09 22:08:49 -05:00
Isaac Boukris
46f906a1b0 SPNEGO: Fix memory leak when authentication fails
If SPNEGO fails, cleanup the negotiate handle right away.

Fixes #1115

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reported-by: ashman-p
2016-11-09 15:02:02 +01:00
Daniel Stenberg
5dd1b65f79 printf: fix ".*f" handling
It would always use precision 1 instead of reading it from the argument
list as intended.

Reported-by: Ray Satiro

Bug: #1113
2016-11-08 15:30:33 +01:00
Kamil Dudka
5e6c04f913 nss: silence warning 'SSL_NEXT_PROTO_EARLY_VALUE not handled in switch'
... with nss-3.26.0 and newer

Reported-by: Daniel Stenberg
2016-11-07 15:40:32 +01:00
Daniel Stenberg
9e8b0a283f openssl: initial TLS 1.3 adaptions
BoringSSL supports TLSv1.3 already, but these changes don't seem to be anough
to get it working.
2016-11-07 14:38:59 +01:00
Daniel Stenberg
50aded1cd4 ssh: check md5 fingerprints case insensitively (regression)
Revert the change from ce8d09483e but use the new function

Reported-by: Kamil Dudka
Bug: ce8d09483e (commitcomment-19666146)
2016-11-07 12:54:40 +01:00
Kamil Dudka
6ad3add606 vtls: support TLS 1.3 via CURL_SSLVERSION_TLSv1_3
Fully implemented with the NSS backend only for now.

Reviewed-by: Ray Satiro
2016-11-07 11:52:07 +01:00
Kamil Dudka
5d45ced7a4 nss: map CURL_SSLVERSION_DEFAULT to NSS default
... but make sure we use at least TLSv1.0 according to libcurl API

Reported-by: Cure53
Reviewed-by: Ray Satiro
2016-11-07 11:51:33 +01:00
Daniel Stenberg
27302abb94 s/cURL/curl
We're mostly saying just "curl" in lower case these days so here's a big
cleanup to adapt to this reality. A few instances are left as the
project could still formally be considered called cURL.
2016-11-07 10:36:23 +01:00
Tatsuhiro Tsujikawa
0269f6446d http2: Don't send header fields prohibited by HTTP/2 spec
Previously, we just ignored "Connection" header field.  But HTTP/2
specification actually prohibits few more header fields.  This commit
ignores all of them so that we don't send these bad header fields.

Bug: https://curl.haxx.se/mail/archive-2016-10/0033.html
Reported-by: Ricki Hirner

Closes https://github.com/curl/curl/pull/1092
2016-11-07 03:20:21 -05:00
Jay Satiro
4564636781 easy: Initialize info variables on easy init and duphandle
- Call Curl_initinfo on init and duphandle.

Prior to this change the statistical and informational variables were
simply zeroed by calloc on easy init and duphandle. While zero is the
correct default value for almost all info variables, there is one where
it isn't (filetime initializes to -1).

Bug: https://github.com/curl/curl/issues/1103
Reported-by: Neal Poole
2016-11-05 23:06:28 -04:00
Daniel Stenberg
9ea3a6e150 mbedtls: fix build with mbedtls versions < 2.4.0
Regression added in 62a8095e71

Reported-by: Tony Kelman

Discussed in #1087
2016-11-04 11:14:15 +01:00
Dan Fandrich
788b319dfe msvc: removed a straggling reference to strequal.c
Follow-up to 502acba2
2016-11-02 09:15:02 +01:00
Daniel Stenberg
f81a836461 ftp_done: don't clobber the passed in error code
Coverity CID 1374359 pointed out the unused result value.
2016-11-02 07:22:27 +01:00
Daniel Stenberg
3c6c2bcd5a ftp: remove dead code in ftp_done
Coverity CID 1374358
2016-11-02 07:18:24 +01:00
Michael Kaufmann
f9e51fb55d file: fix compiler warning
follow-up to 46133aa5
2016-11-01 20:40:26 +01:00
Dan Fandrich
e44bfc7664 strcase: fixed Metalink builds by redefining checkprefix()
...to use the public function curl_strnequal(). This isn't ideal because
it adds extra overhead to any internal calls to checkprefix.

follow-up to 95bd2b3e
2016-11-01 11:44:11 +01:00
Daniel Stenberg
95bd2b3e7f strcase: make the tool use curl_str[n]equal instead
As they are after all part of the public API. Saves space and reduces
complexity. Remove the strcase defines from the curlx_ family.

Suggested-by: Dan Fandrich
Idea: https://curl.haxx.se/mail/lib-2016-10/0136.html
2016-10-31 21:51:19 +01:00
Kamil Dudka
1071680946 gskit, nss: do not include strequal.h
follow-up to 811a693b80
2016-10-31 17:36:22 +01:00
Dan Fandrich
47a21ca9ba strcasecompare: include curl.h in strcase.c
This should fix the "warning: 'curl_strequal' redeclared without
dllimport attribute: previous dllimport ignored" message and subsequent
link error on Windows because of the missing CURL_EXTERN on the
prototype.
2016-10-31 15:21:13 +01:00
Daniel Stenberg
64c2d24c42 strcase: fix the remaining rawstr users 2016-10-31 15:19:26 +01:00
Dan Fandrich
9363f1a37f strcasecompare: replaced remaining rawstr.h with strcase.h
This is a followup to commit 811a693b
2016-10-31 12:57:58 +01:00
Marcel Raad
4f97d9832c
digest_sspi: fix include
Fix compile break from 811a693b80
2016-10-31 12:51:27 +01:00
Daniel Stenberg
cce5250f6a ldap: fix include
Fix bug from 811a693b80
2016-10-31 09:50:41 +01:00
Daniel Stenberg
c27013c05d url: remove unconditional idn2.h include
Mistake brought by 9c91ec7781
2016-10-31 09:50:12 +01:00
Daniel Stenberg
8fe4bd0844 curl_strequal: part of public API/ABI, needs to be kept
These two public functions have been mentioned as deprecated since a
very long time but since they are still part of the API and ABI we need
to keep them around.
2016-10-31 09:45:17 +01:00
Daniel Stenberg
44c53cc38b strcase: s/strequal/strcasecompare
some more follow-ups to 811a693b80
2016-10-31 09:37:54 +01:00
Daniel Stenberg
532491a27c ldap: fix strcase use
follow-up to 811a693b80
2016-10-31 09:30:36 +01:00
Daniel Stenberg
cff89bc088 cookie: replace use of fgets() with custom version
... that will ignore lines that are too long to fit in the buffer.

CVE-2016-8615

Bug: https://curl.haxx.se/docs/adv_20161102A.html
Reported-by: Cure53
2016-10-31 08:46:35 +01:00
Daniel Stenberg
811a693b80 strcasecompare: all case insensitive string compares ignore locale now
We had some confusions on when each function was used. We should not act
differently on different locales anyway.
2016-10-31 08:46:35 +01:00
Daniel Stenberg
502acba2af strcasecompare: is the new name for strequal()
... to make it less likely that we forget that the function actually
does case insentive compares. Also replaced several invokes of the
function with a plain strcmp when case sensitivity is not an issue (like
comparing with "-").
2016-10-31 08:46:35 +01:00
Daniel Stenberg
1833a45dde ftp: check for previous patch must be case sensitive!
... otherwise example.com/PATH and example.com/path would be assumed to
be the same and they usually aren't!
2016-10-31 08:46:35 +01:00
Daniel Stenberg
ce8d09483e SSH: check md5 fingerprint case sensitively 2016-10-31 08:46:35 +01:00
Daniel Stenberg
b3ee26c5df connectionexists: use case sensitive user/password comparisons
CVE-2016-8616

Bug: https://curl.haxx.se/docs/adv_20161102B.html
Reported-by: Cure53
2016-10-31 08:46:35 +01:00
Daniel Stenberg
efd24d5742 base64: check for integer overflow on large input
CVE-2016-8617

Bug: https://curl.haxx.se/docs/adv_20161102C.html
Reported-by: Cure53
2016-10-31 08:46:35 +01:00
Daniel Stenberg
3d6460edee krb5: avoid realloc(0)
If the requested size is zero, bail out with error instead of doing a
realloc() that would cause a double-free: realloc(0) acts as a free()
and then there's a second free in the cleanup path.

CVE-2016-8619

Bug: https://curl.haxx.se/docs/adv_20161102E.html
Reported-by: Cure53
2016-10-31 08:46:35 +01:00
Daniel Stenberg
8732ec40db aprintf: detect wrap-around when growing allocation
On 32bit systems we could otherwise wrap around after 2GB and allocate 0
bytes and crash.

CVE-2016-8618

Bug: https://curl.haxx.se/docs/adv_20161102D.html
Reported-by: Cure53
2016-10-31 08:46:35 +01:00
Daniel Stenberg
96a80b5a26 parsedate: handle cut off numbers better
... and don't read outside of the given buffer!

CVE-2016-8621

bug: https://curl.haxx.se/docs/adv_20161102G.html
Reported-by: Luật Nguyễn
2016-10-31 08:46:35 +01:00
Daniel Stenberg
46133aa536 escape: avoid using curl_easy_unescape() internally
Since the internal Curl_urldecode() function has a better API.
2016-10-31 08:46:35 +01:00
Daniel Stenberg
53e71e47d6 unescape: avoid integer overflow
CVE-2016-8622

Bug: https://curl.haxx.se/docs/adv_20161102H.html
Reported-by: Cure53
2016-10-31 08:46:35 +01:00
Daniel Stenberg
c5be3d7267 cookies: getlist() now holds deep copies of all cookies
Previously it only held references to them, which was reckless as the
thread lock was released so the cookies could get modified by other
handles that share the same cookie jar over the share interface.

CVE-2016-8623

Bug: https://curl.haxx.se/docs/adv_20161102I.html
Reported-by: Cure53
2016-10-31 08:46:35 +01:00
Daniel Stenberg
9c91ec7781 idn: switch to libidn2 use and IDNA2008 support
CVE-2016-8625

Bug: https://curl.haxx.se/docs/adv_20161102K.html
Reported-by: Christian Heimes
2016-10-31 08:46:35 +01:00
Daniel Stenberg
3bb273db7e urlparse: accept '#' as end of host name
'http://example.com#@127.0.0.1/x.txt' equals a request to example.com
for the '/' document with the rest of the URL being a fragment.

CVE-2016-8624

Bug: https://curl.haxx.se/docs/adv_20161102J.html
Reported-by: Fernando Muñoz
2016-10-31 08:46:35 +01:00
Jay Satiro
2e750ce452 mk-ca-bundle.vbs: Fix UTF-8 output
- Change initial message box to mention delay when downloading/parsing.

Since there is no progress meter it was somewhat unexpected that after
choosing a filename nothing appears to happen, when actually the cert
data is in the process of being downloaded and parsed.

- Warn if OpenSSL is not present.

- Use a UTF-8 stream to make the ca-bundle data.

- Save the UTF-8 ca-bundle stream as binary so that no BOM is added.

---

This is a follow-up to d2c6d15 which switched mk-ca-bundle.vbs output to
ANSI due to corrupt UTF-8 output, now fixed.

This change completes making the default certificate bundle output of
mk-ca-bundle.vbs as close as possible to that of mk-ca-bundle.pl, which
should make it easier to review any difference between their output.

Ref: https://github.com/curl/curl/pull/1012
2016-10-30 01:01:29 -04:00
Daniel Stenberg
62a8095e71 mbedtls: stop using deprecated include file
Reported-by: wyattoday
Fixes #1087
2016-10-26 23:38:04 +02:00
Martin Frodl
eb84412b33 nss: fix tight loop in non-blocking TLS handhsake over proxy
... in case the handshake completes before entering
CURLM_STATE_PROTOCONNECT

Bug: https://bugzilla.redhat.com/1388162
2016-10-25 11:56:37 +02:00
Jay Satiro
d2c6d1568e mk-ca-bundle: Update the vbscript version
Bring the VBScript version more in line with the perl version:

- Change timestamp to UTC.

- Change URL retrieval to HTTPS-only by default.

- Comment out the options that disabled SSL cert checking by default.

- Assume OpenSSL is present, get SHA256. And add a flag to toggle it.

- Fix cert issuer name output.

The cert issuer output is now ansi, converted from UTF-8. Prior to this
it was corrupt UTF-8. It turns out though we can work with UTF-8 the
FSO object that writes ca-bundle can't write UTF-8, so there will have
to be some alternative if UTF-8 is needed (like an ADODB.Stream).

- Disable the certificate text info feature.

The certificate text info doesn't work properly with any recent OpenSSL.
2016-10-25 03:17:26 -04:00
Jay Satiro
1ad2bdcf11 mk-ca-bundle: Change URL retrieval to HTTPS-only by default
- Change all predefined Mozilla URLs to HTTPS (Gregory Szorc).

- New option -k to allow URLs other than HTTPS and enable HTTP fallback.

Prior to this change the default URL retrieval mode was to fall back to
HTTP if HTTPS didn't work.

Reported-by: Gregory Szorc

Closes #1012
2016-10-24 09:41:03 +02:00
Daniel Stenberg
6290c3c26b multi: force connections to get closed in close_all_connections
Several independent reports on infinite loops hanging in the
close_all_connections() function when closing a multi handle, can be
fixed by first marking the connection to get closed before calling
Curl_disconnect.

This is more fixing-the-symptom rather than the underlying problem
though.

Bug: https://curl.haxx.se/mail/lib-2016-10/0011.html
Bug: https://curl.haxx.se/mail/lib-2016-10/0059.html

Reported-by: Dan Fandrich, Valentin David, Miloš Ljumović
2016-10-22 16:10:57 +02:00
Anders Bakken
406506ca92 curl_multi_remove_handle: fix a double-free
In short the easy handle needs to be disconnected from its connection at
this point since the connection still is serving other easy handles.

In our app we can reliably reproduce a crash in our http2 stress test
that is fixed by this change. I can't easily reproduce the same test in
a small example.

This is the gdb/asan output:

==11785==ERROR: AddressSanitizer: heap-use-after-free on address 0xe9f4fb80 at pc 0x09f41f19 bp 0xf27be688 sp 0xf27be67c
READ of size 4 at 0xe9f4fb80 thread T13 (RESOURCE_HTTP)
    #0 0x9f41f18 in curl_multi_remove_handle /path/to/source/3rdparty/curl/lib/multi.c:666

0xe9f4fb80 is located 0 bytes inside of 1128-byte region [0xe9f4fb80,0xe9f4ffe8)
freed by thread T13 (RESOURCE_HTTP) here:
    #0 0xf7b1b5c2 in __interceptor_free /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_malloc_linux.cc:45
    #1 0x9f7862d in conn_free /path/to/source/3rdparty/curl/lib/url.c:2808
    #2 0x9f78c6a in Curl_disconnect /path/to/source/3rdparty/curl/lib/url.c:2876
    #3 0x9f41b09 in multi_done /path/to/source/3rdparty/curl/lib/multi.c:615
    #4 0x9f48017 in multi_runsingle /path/to/source/3rdparty/curl/lib/multi.c:1896
    #5 0x9f490f1 in curl_multi_perform /path/to/source/3rdparty/curl/lib/multi.c:2123
    #6 0x9c4443c in perform /path/to/source/src/net/resourcemanager/ResourceManagerCurlThread.cpp:854
    #7 0x9c445e0 in ...
    #8 0x9c4cf1d in ...
    #9 0xa2be6b5 in ...
    #10 0xf7aa5780 in asan_thread_start /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_interceptors.cc:226
    #11 0xf4d3a16d in __clone (/lib/i386-linux-gnu/libc.so.6+0xe716d)

previously allocated by thread T13 (RESOURCE_HTTP) here:
    #0 0xf7b1ba27 in __interceptor_calloc /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_malloc_linux.cc:70
    #1 0x9f7dfa6 in allocate_conn /path/to/source/3rdparty/curl/lib/url.c:3904
    #2 0x9f88ca0 in create_conn /path/to/source/3rdparty/curl/lib/url.c:5797
    #3 0x9f8c928 in Curl_connect /path/to/source/3rdparty/curl/lib/url.c:6438
    #4 0x9f45a8c in multi_runsingle /path/to/source/3rdparty/curl/lib/multi.c:1411
    #5 0x9f490f1 in curl_multi_perform /path/to/source/3rdparty/curl/lib/multi.c:2123
    #6 0x9c4443c in perform /path/to/source/src/net/resourcemanager/ResourceManagerCurlThread.cpp:854
    #7 0x9c445e0 in ...
    #8 0x9c4cf1d in ...
    #9 0xa2be6b5 in ...
    #10 0xf7aa5780 in asan_thread_start /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_interceptors.cc:226
    #11 0xf4d3a16d in __clone (/lib/i386-linux-gnu/libc.so.6+0xe716d)

SUMMARY: AddressSanitizer: heap-use-after-free /path/to/source/3rdparty/curl/lib/multi.c:666 in curl_multi_remove_handle
Shadow bytes around the buggy address:
  0x3d3e9f20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x3d3e9f30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x3d3e9f40: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x3d3e9f50: fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa
  0x3d3e9f60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x3d3e9f70:[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x3d3e9f80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x3d3e9f90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x3d3e9fa0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x3d3e9fb0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x3d3e9fc0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==11785==ABORTING

Thread 14 "RESOURCE_HTTP" received signal SIGABRT, Aborted.
[Switching to Thread 0xf27bfb40 (LWP 12324)]
0xf7fd8be9 in __kernel_vsyscall ()
 (gdb) bt
 #0  0xf7fd8be9 in __kernel_vsyscall ()
 #1  0xf4c7ee89 in __GI_raise (sig=6) at ../sysdeps/unix/sysv/linux/raise.c:54
 #2  0xf4c803e7 in __GI_abort () at abort.c:89
 #3  0xf7b2ef2e in __sanitizer::Abort () at /opt/toolchain/src/gcc-6.2.0/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cc:122
 #4  0xf7b262fa in __sanitizer::Die () at /opt/toolchain/src/gcc-6.2.0/libsanitizer/sanitizer_common/sanitizer_common.cc:145
 #5  0xf7b21ab3 in __asan::ScopedInErrorReport::~ScopedInErrorReport (this=0xf27be171, __in_chrg=<optimized out>) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_report.cc:689
 #6  0xf7b214a5 in __asan::ReportGenericError (pc=166993689, bp=4068206216, sp=4068206204, addr=3925146496, is_write=false, access_size=4, exp=0, fatal=true) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_report.cc:1074
 #7  0xf7b21fce in __asan::__asan_report_load4 (addr=3925146496) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_rtl.cc:129
 #8  0x09f41f19 in curl_multi_remove_handle (multi=0xf3406080, data=0xde582400) at /path/to/source3rdparty/curl/lib/multi.c:666
 #9  0x09f6b277 in Curl_close (data=0xde582400) at /path/to/source3rdparty/curl/lib/url.c:415
 #10 0x09f3354e in curl_easy_cleanup (data=0xde582400) at /path/to/source3rdparty/curl/lib/easy.c:860
 #11 0x09c6de3f in ...
 #12 0x09c378c5 in ...
 #13 0x09c48133 in ...
 #14 0x09c4d092 in ...
 #15 0x0a2be6b6 in ...
 #16 0xf7aa5781 in asan_thread_start (arg=0xf2d22938) at /opt/toolchain/src/gcc-6.2.0/libsanitizer/asan/asan_interceptors.cc:226
 #17 0xf5de52b5 in start_thread (arg=0xf27bfb40) at pthread_create.c:333
 #18 0xf4d3a16e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:114

Fixes #1083
2016-10-22 15:50:22 +02:00
Daniel Stenberg
5c3d8d20a6 curl_multi_add_handle: set timeouts in closure handles
The closure handle only ever has default timeouts set. To improve the
state somewhat we clone the timeouts from each added handle so that the
closure handle always has the same timeouts as the most recently added
easy handle.

Fixes #739
2016-10-19 14:43:49 +02:00
Daniel Stenberg
0f1996321f s/cURL/curl
The tool was never called cURL, only the project. But even so, we have
more and more over time switched to just use lower case.
2016-10-18 13:59:54 +02:00
Daniel Stenberg
88753c1e89 polarssl: indented code, removed unused variables 2016-10-18 13:27:51 +02:00
Daniel Stenberg
8748d4787f polarssl: reduce #ifdef madness with a macro 2016-10-18 13:17:05 +02:00
Daniel Stenberg
1e3161a20d polarssl: fix unaligned SSL session-id lock 2016-10-18 13:14:11 +02:00
Daniel Stenberg
ace237ae4e Curl_polarsslthreadlock_thread_setup: clear array at init
... since if it fails to init the entire array and then tries to clean
it up, it would attempt to work on an uninitialized pointer.
2016-10-18 13:05:43 +02:00
Daniel Stenberg
9a509680f6 gopher: properly return error for poll failures 2016-10-18 11:14:48 +02:00
Daniel Stenberg
8a6e89a9eb select: switch to macros in uppercase
Curl_select_ready() was the former API that was replaced with
Curl_select_check() a while back and the former arg setup was provided
with a define (in order to leave existing code unmodified).

Now we instead offer SOCKET_READABLE and SOCKET_WRITABLE for the most
common shortcuts where only one socket is checked. They're also more
visibly macros.
2016-10-18 11:05:45 +02:00
Daniel Stenberg
a05906190c select: use more proper macro-looking names
... so that it becomes more obvious in the code what is what. Also added
a typecast for one of the calculations.
2016-10-18 09:46:10 +02:00