Commit Graph

25 Commits

Author SHA1 Message Date
Nick Zitzmann
fadf33c78a darwinssl: fix infinite loop if server disconnected abruptly
If the server hung up the connection without sending a closure alert,
then we'd keep probing the socket for data even though it's dead. Now
we're ready for this situation.

Bug: http://curl.haxx.se/mail/lib-2013-03/0014.html
Reported by: Aki Koskinen
2013-03-03 22:11:10 -07:00
Nick Zitzmann
66aa9bf52d darwinssl: Fix send glitchiness with data > 32 or so KB
An ambiguity in the SSLWrite() documentation lead to a bad inference in the
code where we assumed SSLWrite() returned the amount of bytes written to
the socket, when that is not actually true; it returns the amount of data
that is buffered for writing to the socket if it returns errSSLWouldBlock.
Now darwinssl_send() returns CURLE_AGAIN if data is buffered but not written.

Reference URL: http://curl.haxx.se/mail/lib-2013-02/0145.html
2013-02-12 13:02:36 -07:00
Nick Zitzmann
7f266f1c99 darwinssl: Make certificate errors less techy
Previously if a problem was found with one of the server's certificates,
we'd log an OSStatus for the end user to look up. Now we explain what
was wrong with the site's certificate chain. Also un-did part of the
previous commit where the code wouldn't catch errSSLServerAuthCompleted
if built under Leopard.
2013-02-08 18:34:11 -07:00
Nick Zitzmann
9613cf7211 darwinssl: Fix build under Leopard
It turns out that Leopard (OS X 10.5) doesn't have constants for the ECDH
ciphers in its headers, so the cases for them have been taken out of the
build when building under Leopard. Also added a standard function for
getting a string description of a SecCertificateRef.
2013-02-07 18:57:53 -07:00
Nick Zitzmann
163a1dca5f darwinssl: Fix bug where packets were sometimes transmitted twice
There was a bug where, if SSLWrite() returned errSSLWouldBlock but did
succeed in transmitting at least something, then we'd incorrectly
resend the packet. Now we never take errSSLWouldBlock as a sign that
nothing was transferred to/from the server.

Bug: http://curl.haxx.se/mail/lib-2013-01/0295.html
Reported by: Bruno de Carvalho
2013-01-29 09:05:59 +01:00
Yang Tse
5a053ffe80 build: fix circular header inclusion with other packages
This commit renames lib/setup.h to lib/curl_setup.h and
renames lib/setup_once.h to lib/curl_setup_once.h.

Removes the need and usage of a header inclusion guard foreign
to libcurl. [1]

Removes the need and presence of an alarming notice we carried
in old setup_once.h [2]

----------------------------------------

1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard
    up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H,
    this single inclusion guard is enough to ensure that inclusion of
    lib/setup_once.h done from lib/setup.h is only done once.

    Additionally lib/setup.h has always used __SETUP_ONCE_H macro to
    protect inclusion of setup_once.h even after commit ec691ca3, this
    was to avoid a circular header inclusion triggered when building a
    c-ares enabled version with c-ares sources available which also has
    a setup_once.h header. Commit ec691ca3 exposes the real nature of
    __SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard
    foreign to libcurl belonging to c-ares's setup_once.h

    The renaming this commit does, fixes the circular header inclusion,
    and as such removes the need and usage of a header inclusion guard
    foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl.

2 - Due to the circular interdependency of old lib/setup_once.h and the
    c-ares setup_once.h header, old file lib/setup_once.h has carried
    back from 2006 up to now days an alarming and prominent notice about
    the need of keeping libcurl's and c-ares's setup_once.h in sync.

    Given that this commit fixes the circular interdependency, the need
    and presence of mentioned notice is removed.

    All mentioned interdependencies come back from now old days when
    the c-ares project lived inside a curl subdirectory. This commit
    removes last traces of such fact.
2013-01-09 00:49:50 +01:00
Yang Tse
4a5aa6682d Revert changes relative to lib/*.[ch] recent renaming
This reverts renaming and usage of lib/*.h header files done
28-12-2012, reverting 2 commits:

  f871de0... build: make use of 76 lib/*.h renamed files
  ffd8e12... build: rename 76 lib/*.h files

This also reverts removal of redundant include guard (redundant thanks
to changes in above commits) done 2-12-2013, reverting 1 commit:

  c087374... curl_setup.h: remove redundant include guard

This also reverts renaming and usage of lib/*.c source files done
3-12-2013, reverting 3 commits:

  13606bb... build: make use of 93 lib/*.c renamed files
  5b6e792... build: rename 93 lib/*.c files
  7d83dff... build: commit 13606bbfde follow-up 1

Start of related discussion thread:

  http://curl.haxx.se/mail/lib-2013-01/0012.html

Asking for confirmation on pushing this revertion commit:

  http://curl.haxx.se/mail/lib-2013-01/0048.html

Confirmation summary:

  http://curl.haxx.se/mail/lib-2013-01/0079.html

NOTICE: The list of 2 files that have been modified by other
intermixed commits, while renamed, and also by at least one
of the 6 commits this one reverts follows below. These 2 files
will exhibit a hole in history unless git's '--follow' option
is used when viewing logs.

  lib/curl_imap.h
  lib/curl_smtp.h
2013-01-06 18:20:27 +01:00
Yang Tse
13606bbfde build: make use of 93 lib/*.c renamed files
93 *.c source files renamed to use our standard naming scheme.

This change affects 77 files in libcurl's source tree.
2013-01-03 05:50:26 +01:00
Yang Tse
f871de0064 build: make use of 76 lib/*.h renamed files
76 private header files renamed to use our standard naming scheme.

This change affects 322 files in libcurl's source tree.
2012-12-28 19:37:11 +01:00
Nick Zitzmann
e3ed2b82e6 darwinssl: Fixed inability to disable peer verification
... on Snow Leopard and Lion

Snow Leopard introduced the SSLSetSessionOption() function, but it
doesn't disable peer verification as expected on Snow Leopard or
Lion (it works as expected in Mountain Lion). So we now use sysctl()
to detect whether or not the user is using Snow Leopard or Lion,
and if that's the case, then we now use the deprecated
SSLSetEnableCertVerify() function instead to disable peer verification.
2012-12-27 19:09:25 +01:00
Nick Zitzmann
bbb4bbc0f1 darwinssl: Fix implicit conversion compiler warnings
The Clang compiler found a few implicit conversion problems that have
now been fixed.
2012-12-14 23:33:10 +01:00
Yang Tse
a0b207164c setup_once.h: refactor inclusion of <unistd.h> and <sys/socket.h>
Inclusion of top two most included header files now done in setup_once.h
2012-12-14 17:38:18 +01:00
Oscar Koeroo
1394cad30f SSL: Several SSL-backend related fixes
axTLS:

This will make the axTLS backend perform the RFC2818 checks, honoring
the VERIFYHOST setting similar to the OpenSSL backend.

Generic for OpenSSL and axTLS:

Move the hostcheck and cert_hostcheck functions from the lib/ssluse.c
files to make them genericly available for both the OpenSSL, axTLS and
other SSL backends. They are now in the new lib/hostcheck.c file.

CyaSSL:

CyaSSL now also has the RFC2818 checks enabled by default. There is a
limitation that the verifyhost can not be enabled exclusively on the
Subject CN field comparison. This SSL backend will thus behave like the
NSS and the GnuTLS (meaning: RFC2818 ok, or bust). In other words:
setting verifyhost to 0 or 1 will disable the Subject Alt Names checks
too.

Schannel:

Updated the schannel information messages: Split the IP address usage
message from the verifyhost setting and changed the message about
disabling SNI (Server Name Indication, used in HTTP virtual hosting)
into a message stating that the Subject Alternative Names checks are
being disabled when verifyhost is set to 0 or 1. As a side effect of
switching off the RFC2818 related servername checks with
SCH_CRED_NO_SERVERNAME_CHECK
(http://msdn.microsoft.com/en-us/library/aa923430.aspx) the SNI feature
is being disabled. This effect is not documented in MSDN, but Wireshark
output clearly shows the effect (details on the libcurl maillist).

PolarSSL:

Fix the prototype change in PolarSSL of ssl_set_session() and the move
of the peer_cert from the ssl_context to the ssl_session. Found this
change in the PolarSSL SVN between r1316 and r1317 where the
POLARSSL_VERSION_NUMBER was at 0x01010100. But to accommodate the Ubuntu
PolarSSL version 1.1.4 the check is to discriminate between lower then
PolarSSL version 1.2.0 and 1.2.0 and higher. Note: The PolarSSL SVN
trunk jumped from version 1.1.1 to 1.2.0.

Generic:

All the SSL backends are fixed and checked to work with the
ssl.verifyhost as a boolean, which is an internal API change.
2012-11-08 22:23:12 +01:00
Daniel Stenberg
da82f59b69 CURLOPT_SSL_VERIFYHOST: stop supporting the 1 value
After a research team wrote a document[1] that found several live source
codes out there in the wild that misused the CURLOPT_SSL_VERIFYHOST
option thinking it was a boolean, this change now bans 1 as a value and
will make libcurl return error for it.

1 was never a sensible value to use in production but was introduced
back in the days to help debugging. It was always documented clearly
this way.

1 was never supported by all SSL backends in libcurl, so this cleanup
makes the treatment of it unified.

The report's list of mistakes for this option were all PHP code and
while there's a binding layer between libcurl and PHP, the PHP team has
decided that they have an as thin layer as possible on top of libcurl so
they will not alter or specifically filter a 'TRUE' value for this
particular option. I sympathize with that position.

[1] = http://daniel.haxx.se/blog/2012/10/25/libcurl-claimed-to-be-dangerous/
2012-11-06 19:46:53 +01:00
Nick Zitzmann
f1d2e18508 darwinssl: un-broke iOS build, fix error on server disconnect
The iOS build was broken by a reference to a function that only existed
under OS X; fixed. Also fixed a hard-to-reproduce problem where, if the
server disconnected before libcurl got the chance to hang up first and
SecureTransport was in use, then we'd raise an error instead of failing
gracefully.
2012-10-16 19:55:03 +02:00
Nick Zitzmann
badb81769a darwinssl: fixed for older Mac OS X versions
SSL didn't work on older cats if built on a newer cat with weak-linking
turned on to support the older cat
2012-09-08 22:35:14 +02:00
Nick Zitzmann
2f6e1a8cc3 darwinssl: Bugfix for previous commit for older cats
I accidentally broke functionality for versions of OS X prior to Mountain
Lion in the previous commit. This commit fixes the problems.
2012-09-01 20:24:05 +02:00
Nick Zitzmann
d792e75f2c darwinssl: add TLS 1.1 and 1.2 support, replace deprecated functions
In Mountain Lion, Apple added TLS 1.1 and 1.2, and deprecated a number
of SecureTransport functions, some of which we were using. We now check
to see if the replacement functions are present, and if so, we use them
instead.  The old functions are still present for users of older
cats. Also fixed a build warning that started to appear under Mountain
Lion
2012-08-18 20:36:45 +02:00
Nick Zitzmann
f92779198d darwinssl: fixed freeze involving the multi interface
Previously the curl_multi interface would freeze if darwinssl was
enabled and at least one of the handles tried to connect to a Web site
using HTTPS. Removed the "wouldblock" state darwinssl was using because
I figured out a solution for our "would block but in which direction?"
dilemma.
2012-07-25 23:22:11 +02:00
Nick Zitzmann
59c88da74d darwinssl: don't use arc4random_buf
Re-wrote Curl_darwinssl_random() to not use arc4random_buf() because the
function is not available prior to iOS 4.3 and OS X 10.7.
2012-07-08 15:42:36 +02:00
Nick Zitzmann
825fff880e darwinssl: output cipher with text, remove SNI warning
The code was printing a warning when SNI was set up successfully. Oops.

Printing the cipher number in verbose mode was something only TLS/SSL
programmers might understand, so I had it print the name of the cipher,
just like in the OpenSSL code. That'll be at least a little bit easier
to understand. The SecureTransport API doesn't have a method of getting
a string from a cipher like OpenSSL does, so I had to generate the
strings manually.
2012-07-07 22:37:52 +02:00
Yang Tse
57d2732ccb build: add our standard includes to curl_darwinssl.c and curl_multibyte.c 2012-06-27 17:13:16 +02:00
Nick Zitzmann
7aa95afadd DarwinSSL: allow using NTLM authentication
Allow NTLM authentication when building using SecureTransport (Darwin) for SSL.

This uses CommonCrypto, a cryptography library that ships with all versions of
iOS and Mac OS X. It's like OpenSSL's libcrypto, except that it's missing a few
less-common cyphers and doesn't have a big number data structure.
2012-06-27 11:57:31 +02:00
Nick Zitzmann
3a4b28d473 DarwinSSL: several adjustments
- Renamed st_ function prefix to darwinssl_
- Renamed Curl_st_ function prefix to Curl_darwinssl_
- Moved the duplicated ssl_connect_done out of the #ifdef in lib/urldata.h
- Fixed a teensy little bug that made non-blocking connection attempts block
- Made it so that it builds cleanly against the iOS 5.1 SDK
2012-06-26 21:39:48 +02:00
Nick Zitzmann
6d1ea388cb darwinssl: add support for native Mac OS X/iOS SSL 2012-06-26 14:04:15 +02:00