Commit Graph

101 Commits

Author SHA1 Message Date
Daniel Stenberg
0f4c439fc7
krb5: use dynbuf
Closes #13568
2024-05-09 10:59:13 +02:00
Stefan Eissing
3755153571
lib: Curl_read/Curl_write clarifications
- replace `Curl_read()`, `Curl_write()` and `Curl_nwrite()` to
  clarify when and at what level they operate
- send/recv of transfer related data is now done via
  `Curl_xfer_send()/Curl_xfer_recv()` which no longer has
  socket/socketindex as parameter. It decides on the transfer
  setup of `conn->sockfd` and `conn->writesockfd` on which
  connection filter chain to operate.
- send/recv on a specific connection filter chain is done via
  `Curl_conn_send()/Curl_conn_recv()` which get the socket index
  as parameter.
- rename `Curl_setup_transfer()` to `Curl_xfer_setup()` for
  naming consistency
- clarify that the special CURLE_AGAIN hangling to return
  `CURLE_OK` with length 0 only applies to `Curl_xfer_send()`
  and CURLE_AGAIN is returned by all other send() variants.
- fix a bug in websocket `curl_ws_recv()` that mixed up data
  when it arrived in more than a single chunk

The method for sending not just raw bytes, but bytes that are either
"headers" or "body". The send abstraction stack, to to bottom, now is:

* `Curl_req_send()`: has parameter to indicate amount of header bytes,
  buffers all data.
* `Curl_xfer_send()`: knows on which socket index to send, returns
  amount of bytes sent.
* `Curl_conn_send()`: called with socket index, returns amount of bytes
  sent.

In addition there is `Curl_req_flush()` for writing out all buffered
bytes.

`Curl_req_send()` is active for requests without body,
`Curl_buffer_send()` still being used for others. This is because the
special quirks need to be addressed in future parts:

* `expect-100` handling
* `Curl_fillreadbuffer()` needs to add directly to the new
  `data->req.sendbuf`
* special body handlings, like `chunked` encodings and line end
  conversions will be moved into something like a Client Reader.

In functions of the pattern `CURLcode xxx_send(..., ssize_t *written)`,
replace the `ssize_t` with a `size_t`. It makes no sense to allow for negative
values as the returned `CURLcode` already specifies error conditions. This
allows easier handling of lengths without casting.

Closes #12964
2024-02-27 14:13:56 +01:00
Stefan Eissing
5929822114
lib: send rework
Curl_read/Curl_write clarifications

- replace `Curl_read()`, `Curl_write()` and `Curl_nwrite()` to 1clarify
  when and at what level they operate

- send/recv of transfer related data is now done via
  `Curl_xfer_send()/Curl_xfer_recv()` which no longer has
  socket/socketindex as parameter. It decides on the transfer setup of
  `conn->sockfd` and `conn->writesockfd` on which connection filter
  chain to operate.

- send/recv on a specific connection filter chain is done via
  `Curl_conn_send()/Curl_conn_recv()` which get the socket index as
  parameter.

- rename `Curl_setup_transfer()` to `Curl_xfer_setup()` for naming
  consistency

- clarify that the special CURLE_AGAIN handling to return `CURLE_OK`
  with length 0 only applies to `Curl_xfer_send()` and CURLE_AGAIN is
  returned by all other send() variants.

SingleRequest reshuffling

- move functions into request.[ch]
- differentiate between reset and free
- add Curl_req_done() to perform last actions
- add a send `bufq` to SingleRequest for future use in keeping upload data

Closes #12963
2024-02-27 08:58:10 +01:00
Daniel Stenberg
aee4ebe591
krb5: add prototype to silence clang warnings on mvsnprintf()
"error: format string is not a string literal"

Follow-up to 0923012758 which made the warning appear

Assisted-by: Viktor Szakats
Closes #12803
2024-01-26 23:28:28 +01:00
Daniel Stenberg
31db4bfa73
krb5: access the response buffer correctly
As the pingpong code no longer uses the download buffer.

Folllow-up to c2d973627b
Pointed-out-by: Stefan Eissing
Closes #12796
2024-01-25 22:32:53 +01:00
Daniel Stenberg
cfe7902111
lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT
Closes #12658
2024-01-08 22:48:24 +01:00
Viktor Szakats
3829759bd0
build: enable missing OpenSSF-recommended warnings, with fixes
https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html
as of 2023-11-29 [1].

Enable new recommended warnings (except `-Wsign-conversion`):

- enable `-Wformat=2` for clang (in both cmake and autotools).
- add `CURL_PRINTF()` internal attribute and mark functions accepting
  printf arguments with it. This is a copy of existing
  `CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible
  with redefinting the `printf` symbol:
  https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94
- fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for
  mingw-w64 and enable it on this platform.
- enable `-Wimplicit-fallthrough`.
- enable `-Wtrampolines`.
- add `-Wsign-conversion` commented with a FIXME.
- cmake: enable `-pedantic-errors` the way we do it with autotools.
  Follow-up to d5c0351055 #2747
- lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format
  checks. Previously it was always disabled due to the internal `printf`
  macro.

Fix them:

- fix bug where an `set_ipv6_v6only()` call was missed in builds with
  `--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`.
- add internal `FALLTHROUGH()` macro.
- replace obsolete fall-through comments with `FALLTHROUGH()`.
- fix fallthrough markups: Delete redundant ones (showing up as
  warnings in most cases). Add missing ones. Fix indentation.
- silence `-Wformat-nonliteral` warnings with llvm/clang.
- fix one `-Wformat-nonliteral` warning.
- fix new `-Wformat` and `-Wformat-security` warnings.
- fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its
  definition to `lib/curl_setup.h` allowing use in `tests/server`.
- lib: fix two wrongly passed string arguments in log outputs.
  Co-authored-by: Jay Satiro
- fix new `-Wformat` warnings on mingw-w64.

[1] 56c0fde389/docs/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C%2B%2B.md

Closes #12489
2023-12-16 13:12:37 +00:00
Daniel Stenberg
25907fd5ba
krb5: fix "implicit conversion loses integer precision" warnings
conversions to/from enum and unsigned chars

Closes #11814
2023-09-07 16:17:13 +02:00
Stefan Eissing
2485547da0
http: fix sending of large requests
- refs #11342 where errors with git https interactions
  were observed
- problem was caused by 1st sends of size larger than 64KB
  which resulted in later retries of 64KB only
- limit sending of 1st block to 64KB
- adjust h2/h3 filters to cope with parsing the HTTP/1.1
  formatted request in chunks

- introducing Curl_nwrite() as companion to Curl_write()
  for the many cases where the sockindex is already known

Fixes #11342 (again)
Closes #11803
2023-09-05 16:36:03 +02:00
Daniel Stenberg
4aa64e67e2
krb5: add typecast to please Coverity 2023-07-17 20:10:38 +02:00
Daniel Stenberg
5ed7417d2f
krb5: avoid sscanf for parsing
Closes #10599
2023-02-24 17:24:01 +01:00
Marcel Raad
c1c969052f
krb5: silence cast-align warning
Add an intermediate cast to `void *`, as done everywhere else when
casting from `sockaddr *` to `sockaddr_in *`.

Closes https://github.com/curl/curl/pull/10528
2023-02-16 08:54:24 +01:00
Stefan Eissing
5651a36d1a
cf-socket: improvements in socket I/O handling
- Curl_write_plain/Curl_read_plain have been eliminated. Last code use
  now uses Curl_conn_send/recv so that requests use conn->send/revc
  callbacks which defaults to cfilters use.
- Curl_recv_plain/Curl_send_plain have been internalized in cf-socket.c.
- USE_RECV_BEFORE_SEND_WORKAROUND (active on Windows) has been moved
  into cf-socket.c. The pre_recv buffer is held at the socket filter
  context.  `postponed_data` structures have been removed from
  `connectdata`.
- the hanger in HTTP/2 request handling was a result of read buffering
  on all sends and the multi handling is not prepared for this. The
  following happens:

   - multi preforms on a HTTP/2 easy handle
   - h2 reads and processes data
   - this leads to a send of h2 data
   - which receives and buffers before the send
   - h2 returns
   - multi selects on the socket, but no data arrives (its in the buffer already)
   the workaround now receives data in a loop as long as there is something in
   the buffer. The real fix would be for multi to change, so that `data_pending`
   is evaluated before deciding to wait on the socket.

io_buffer, optional, in cf-socket.c, http/2 sets state.drain if lower
filter have pending data.

This io_buffer is only available/used when the
-DUSE_RECV_BEFORE_SEND_WORKAROUND is active, e.g. on Windows
configurations. It also maintains the original checks on protocol
handler being HTTP and conn->send/recv not being replaced.

The HTTP/2 (nghttp2) cfilter now sets data->state.drain when it finds
out that the "lower" filter chain has still pending data at the end of
its IO operation. This prevents the processing from becoming stalled.

Closes #10280
2023-01-31 11:23:59 +01:00
Stefan Eissing
6a8d7ef981
cf-socket: keep sockaddr local in the socket filters
- copy `struct Curl_addrinfo` on filter setup into context
- remove `struct Curl_addrinfoi *` with `struct Curl_sockaddr_ex *` in
  connectdata that is set and NULLed by the socket filter
- this means we have no reference to the resolver info in connectdata or
  its filters
- trigger the CF_CTRL_CONN_INFO_UPDATE event when the complete filter
  chain reaches connected status
- update easy handle connection information on CF_CTRL_DATA_SETUP event.

Closes #10213
2023-01-03 17:33:29 +01:00
Daniel Stenberg
2bc1d775f5
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING

checksrc is updated to allow non-year using copyright statements

Closes #10205
2023-01-03 09:19:21 +01:00
Jay Satiro
4f42150d04 sendf: change Curl_read_plain to wrap Curl_recv_plain (take 2)
Prior to this change Curl_read_plain would attempt to read the
socket directly. On Windows that's a problem because recv data may be
cached by libcurl and that data is only drained using Curl_recv_plain.

Rather than rewrite Curl_read_plain to handle cached recv data, I
changed it to wrap Curl_recv_plain, in much the same way that
Curl_write_plain already wraps Curl_send_plain.

Curl_read_plain -> Curl_recv_plain
Curl_write_plain -> Curl_send_plain

This fixes a bug in the schannel backend where decryption of arbitrary
TLS records fails because cached recv data is never drained. We send
data (TLS records formed by Schannel) using Curl_write_plain, which
calls Curl_send_plain, and that may do a recv-before-send
("pre-receive") to cache received data. The code calls Curl_read_plain
to read data (TLS records from the server), which prior to this change
did not call Curl_recv_plain and therefore cached recv data wasn't
retrieved, resulting in malformed TLS records and decryption failure
(SEC_E_DECRYPT_FAILURE).

The bug has only been observed during Schannel TLS 1.3 handshakes. Refer
to the issue and PR for more information.

--

This is take 2 of the original fix. It preserves the original behavior
of Curl_read_plain to write 0 to the bytes read parameter on error,
since apparently some callers expect that (SOCKS tests were hanging).
The original fix which landed in 12e1def5 and was later reverted in
18383fbf failed to work properly because it did not do that.

Also, it changes Curl_write_plain the same way to complement
Curl_read_plain, and it changes Curl_send_plain to return -1 instead of
0 on CURLE_AGAIN to complement Curl_recv_plain.

Behavior on error with these changes:

Curl_recv_plain returns -1 and *code receives error code.
Curl_send_plain returns -1 and *code receives error code.
Curl_read_plain returns error code and *n (bytes read) receives 0.
Curl_write_plain returns error code and *written receives 0.

--

Ref: https://github.com/curl/curl/issues/9431#issuecomment-1312420361

Assisted-by: Joel Depooter
Reported-by: Egor Pugin

Fixes https://github.com/curl/curl/issues/9431
Closes https://github.com/curl/curl/pull/9949
2022-11-20 03:54:36 -05:00
Daniel Stenberg
18383fbf72
Revert "sendf: change Curl_read_plain to wrap Curl_recv_plain"
This reverts commit 12e1def51a.

It introduced SOCKS proxy fails, like test 700 never ending.

Reopens #9431
2022-11-18 11:00:29 +01:00
Jay Satiro
12e1def51a sendf: change Curl_read_plain to wrap Curl_recv_plain
Prior to this change Curl_read_plain would attempt to read the
socket directly. On Windows that's a problem because recv data may be
cached by libcurl and that data is only drained using Curl_recv_plain.

Rather than rewrite Curl_read_plain to handle cached recv data, I
changed it to wrap Curl_recv_plain, in much the same way that
Curl_write_plain already wraps Curl_send_plain.

Curl_read_plain -> Curl_recv_plain
Curl_write_plain -> Curl_send_plain

This fixes a bug in the schannel backend where decryption of arbitrary
TLS records fails because cached recv data is never drained. We send
data (TLS records formed by Schannel) using Curl_write_plain, which
calls Curl_send_plain, and that may do a recv-before-send
("pre-receive") to cache received data. The code calls Curl_read_plain
to read data (TLS records from the server), which prior to this change
did not call Curl_recv_plain and therefore cached recv data wasn't
retrieved, resulting in malformed TLS records and decryption failure
(SEC_E_DECRYPT_FAILURE).

The bug has only been observed during Schannel TLS 1.3 handshakes. Refer
to the issue and PR for more information.

Ref: https://github.com/curl/curl/issues/9431#issuecomment-1312420361

Assisted-by: Joel Depooter
Reported-by: Egor Pugin

Fixes https://github.com/curl/curl/issues/9431
Closes https://github.com/curl/curl/pull/9904
2022-11-18 03:04:13 -05:00
Randall S. Becker
fc8d6b2370 build: fix for NonStop
- Include arpa/inet.h in all units where htonl is called.

Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com>

Closes https://github.com/curl/curl/pull/9816
2022-10-27 16:57:53 -04:00
Daniel Stenberg
6ecdf5136b
krb5: return error properly on decode errors
Bug: https://curl.se/docs/CVE-2022-32208.html
CVE-2022-32208
Reported-by: Harry Sintonen
Closes #9051
2022-06-25 22:13:09 +02:00
max.mehl
ad9bc5976d
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.

This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.

Closes #8869
2022-06-13 09:13:00 +02:00
Daniel Stenberg
2610142139
lib: remove support for CURL_DOES_CONVERSIONS
TPF was the only user and support for that was dropped.

Closes #8378
2022-02-04 08:05:35 +01:00
Daniel Stenberg
21248e052d
checksrc: detect more kinds of NULL comparisons we avoid
Co-authored-by: Jay Satiro
Closes #8180
2021-12-27 23:39:26 +01:00
Eddie Lumpkin
8e701cc978
lib: fixing comment spelling typos in lib files
Closes #7894
Signed-off-by: ewlumpkin <ewlumpkin@gmail.com>
2021-10-22 22:53:44 +02:00
Rikard Falkeborn
e75be2c4b2
cleanup: constify unmodified static structs
Constify a number of static structs that are never modified. Make them
const to show this.

Closes #7759
2021-09-23 12:54:35 +02:00
Daniel Stenberg
e7416cfd2b
infof: remove newline from format strings, always append it
- the data needs to be "line-based" anyway since it's also passed to the
  debug callback/application

- it makes infof() work like failf() and consistency is good

- there's an assert that triggers on newlines in the format string

- Also removes a few instances of "..."

- Removes the code that would append "..." to the end of the data *iff*
  it was truncated in infof()

Closes #7357
2021-07-07 22:54:01 +02:00
Harry Sintonen
5af7a48668
krb5/name_to_level: replace checkprefix with curl_strequal
Closes #6993
2021-05-03 16:35:27 +02:00
Daniel Stenberg
994af2a1e9
krb5: don't use 'static' to store PBSZ size response
... because it makes the knowledge and usage cross-transfer in funny and
unexpected ways.

Reported-by: Harry Sintonen
Closes #6963
2021-04-26 08:04:52 +02:00
Daniel Stenberg
7843fe0a1b
krb5: remove the unused 'overhead' function
Closes #6947
2021-04-25 14:51:34 +02:00
Daniel Stenberg
063d3f3b96
tidy-up: make conditional checks more consistent
... remove '== NULL' and '!= 0'

Closes #6912
2021-04-22 09:10:17 +02:00
Patrick Monnerat
234638ea63
lib: remove conn->data uses
Closes #6515
2021-01-26 15:19:41 +01:00
Daniel Stenberg
215db086e0
lib: pass in 'struct Curl_easy *' to most functions
... in most cases instead of 'struct connectdata *' but in some cases in
addition to.

- We mostly operate on transfers and not connections.

- We need the transfer handle to log, store data and more. Everything in
  libcurl is driven by a transfer (the CURL * in the public API).

- This work clarifies and separates the transfers from the connections
  better.

- We should avoid "conn->data". Since individual connections can be used
  by many transfers when multiplexing, making sure that conn->data
  points to the current and correct transfer at all times is difficult
  and has been notoriously error-prone over the years. The goal is to
  ultimately remove the conn->data pointer for this reason.

Closes #6425
2021-01-17 23:56:09 +01:00
Fabian Keil
4f61fd87b2
misc: fix typos
Bug: https://curl.se/mail/lib-2021-01/0063.html
Closes #6434
2021-01-11 15:12:25 +01:00
Daniel Stenberg
d70a5b5a0f
sendf: move the verbose-check into Curl_debug
Saves us from having the same check done everywhere.

Closes #6159
2020-11-02 22:49:36 +01:00
Daniel Stenberg
1ee289f7b5
curl_krb5.h: rename from krb5.h
Follow-up from f4873ebd0b

Turns out some older openssl installations go bananas otherwise.
Reported-by: Tom van der Woerdt
Fixes #5995
Closes #5996
2020-09-22 13:46:22 +02:00
Daniel Stenberg
f4873ebd0b
krb5: merged security.c and krb specific FTP functions in here
These two files were always tightly connected and it was hard to
understand what went into which. This also allows us to make the
ftpsend() function static (moved from ftp.c).

Removed security.c
Renamed curl_sec.h to krb5.h

Closes #5987
2020-09-21 23:31:39 +02:00
Daniel Stenberg
0bc60d91de
copyrights: fix copyright year range
.. because checksrc's copyright year check stopped working.

Ref: https://github.com/curl/curl/pull/4547

Closes https://github.com/curl/curl/pull/4549
2019-11-08 14:51:42 +01:00
Gergely Nagy
cf4255c847 lib: Use UTF-8 encoding in comments
Some editors and IDEs assume that source files use UTF-8 file encodings.
It also fixes the build with MSVC when /utf-8 command line option is
used (this option is mandatory for some other open-source projects, this
is useful when using the same options is desired for building all
libraries of a project).

Closes https://github.com/curl/curl/pull/4087
2019-07-06 23:25:20 -04:00
Marcel Raad
74f911d463
krb5: fix compiler warning
Even though the variable was used in a DEBUGASSERT, GCC 8 warned in
debug mode:
krb5.c:324:17: error: unused variable 'maj' [-Werror=unused-variable]

Just suppress the warning and declare the variable unconditionally
instead of only for DEBUGBUILD (which also missed the check for
HAVE_ASSERT_H).

Closes https://github.com/curl/curl/pull/4020
2019-06-13 11:08:53 +02:00
Daniel Gustafsson
daa12c6eb3 sendf: use failf() rather than Curl_failf()
The failf() macro is the name used for invoking Curl_failf(). While
there isn't a way to turn off failf like there is for infof, but it's
still a good idea to use the macro.

Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-13 10:48:21 +02:00
Daniel Gustafsson
3c5ee47fc2 krb5: fix memory leak in krb_auth
The FTP command allocated by aprintf() must be freed after usage.

Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-13 10:10:55 +02:00
Marcel Raad
612bc926f7
krb5: use nondeprecated functions
gss_seal/gss_unseal have been deprecated in favor of
gss_wrap/gss_unwrap with GSS-API v2 from January 1997 [1]. The first
version of "The Kerberos Version 5 GSS-API Mechanism" [2] from June
1996 already says "GSS_Wrap() (formerly GSS_Seal())" and
"GSS_Unwrap() (formerly GSS_Unseal())".

Use the nondeprecated functions to avoid deprecation warnings.

[1] https://tools.ietf.org/html/rfc2078
[2] https://tools.ietf.org/html/rfc1964

Closes https://github.com/curl/curl/pull/2356
2018-03-04 22:21:46 +01:00
Daniel Stenberg
13ce373a5b
krb5: fix a potential access of uninitialized memory
A scan-build warning.
2017-12-13 00:36:39 +01:00
Daniel Stenberg
c79f4908d4 krb5: use private buffer for temp string, not receive buffer 2017-05-01 22:55:29 +02:00
Daniel Stenberg
8657c268e1 checksrc: white space edits to comply to stricter checksrc 2016-11-24 23:58:22 +01:00
Daniel Stenberg
8238ba9c5f ftp: fix Curl_ftpsendf()
... it no longer takes printf() arguments since it was only really taken
advantage by one user and it was not written and used in a safe
way. Thus the 'f' is removed from the function name and the proto is
changed.

Although the current code wouldn't end up in badness, it was a risk that
future changes could end up springf()ing too large data or passing in a
format string inadvertently.
2016-10-08 15:13:46 +02:00
Daniel Stenberg
434f8d0389 internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
Daniel Stenberg
4f45240bc8 lib: include curl_printf.h as one of the last headers
curl_printf.h defines printf to curl_mprintf, etc. This can cause
problems with external headers which may use
__attribute__((format(printf, ...))) markers etc.

To avoid that they cause problems with system includes, we include
curl_printf.h after any system headers. That makes the three last
headers to always be, and we keep them in this order:

 curl_printf.h
 curl_memory.h
 memdebug.h

None of them include system headers, they all do funny #defines.

Reported-by: David Benjamin

Fixes #743
2016-04-29 22:32:49 +02:00
Steve Holme
9d89a03872 ftp/imap/pop3/smtp: Allow the service name to be overridden
Allow the service name to be overridden for DIGIST-MD5 and Kerberos 5
authentication in FTP, IMAP, POP3 and SMTP.
2016-04-08 18:59:33 +01:00
Daniel Stenberg
4d4ce84bb3 krb5: improved type handling to avoid clang compiler warnings 2016-03-10 10:40:10 +01:00