mirror of
https://github.com/curl/curl.git
synced 2025-01-06 13:44:52 +08:00
12e1def51a
Prior to this change Curl_read_plain would attempt to read the
socket directly. On Windows that's a problem because recv data may be
cached by libcurl and that data is only drained using Curl_recv_plain.
Rather than rewrite Curl_read_plain to handle cached recv data, I
changed it to wrap Curl_recv_plain, in much the same way that
Curl_write_plain already wraps Curl_send_plain.
Curl_read_plain -> Curl_recv_plain
Curl_write_plain -> Curl_send_plain
This fixes a bug in the schannel backend where decryption of arbitrary
TLS records fails because cached recv data is never drained. We send
data (TLS records formed by Schannel) using Curl_write_plain, which
calls Curl_send_plain, and that may do a recv-before-send
("pre-receive") to cache received data. The code calls Curl_read_plain
to read data (TLS records from the server), which prior to this change
did not call Curl_recv_plain and therefore cached recv data wasn't
retrieved, resulting in malformed TLS records and decryption failure
(SEC_E_DECRYPT_FAILURE).
The bug has only been observed during Schannel TLS 1.3 handshakes. Refer
to the issue and PR for more information.
Ref: https://github.com/curl/curl/issues/9431#issuecomment-1312420361
Assisted-by: Joel Depooter
Reported-by: Egor Pugin
Fixes https://github.com/curl/curl/issues/9431
Closes https://github.com/curl/curl/pull/9904
98 lines
3.6 KiB
C
98 lines
3.6 KiB
C
#ifndef HEADER_CURL_SENDF_H
|
|
#define HEADER_CURL_SENDF_H
|
|
/***************************************************************************
|
|
* _ _ ____ _
|
|
* Project ___| | | | _ \| |
|
|
* / __| | | | |_) | |
|
|
* | (__| |_| | _ <| |___
|
|
* \___|\___/|_| \_\_____|
|
|
*
|
|
* Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
*
|
|
* This software is licensed as described in the file COPYING, which
|
|
* you should have received as part of this distribution. The terms
|
|
* are also available at https://curl.se/docs/copyright.html.
|
|
*
|
|
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|
* copies of the Software, and permit persons to whom the Software is
|
|
* furnished to do so, under the terms of the COPYING file.
|
|
*
|
|
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|
* KIND, either express or implied.
|
|
*
|
|
* SPDX-License-Identifier: curl
|
|
*
|
|
***************************************************************************/
|
|
|
|
#include "curl_setup.h"
|
|
|
|
void Curl_infof(struct Curl_easy *, const char *fmt, ...);
|
|
void Curl_failf(struct Curl_easy *, const char *fmt, ...);
|
|
|
|
#if defined(CURL_DISABLE_VERBOSE_STRINGS)
|
|
|
|
#if defined(HAVE_VARIADIC_MACROS_C99)
|
|
#define infof(...) Curl_nop_stmt
|
|
#elif defined(HAVE_VARIADIC_MACROS_GCC)
|
|
#define infof(x...) Curl_nop_stmt
|
|
#else
|
|
#error "missing VARIADIC macro define, fix and rebuild!"
|
|
#endif
|
|
|
|
#else /* CURL_DISABLE_VERBOSE_STRINGS */
|
|
|
|
#define infof Curl_infof
|
|
|
|
#endif /* CURL_DISABLE_VERBOSE_STRINGS */
|
|
|
|
#define failf Curl_failf
|
|
|
|
#define CLIENTWRITE_BODY (1<<0)
|
|
#define CLIENTWRITE_HEADER (1<<1)
|
|
#define CLIENTWRITE_STATUS (1<<2) /* the first "header" is the status line */
|
|
#define CLIENTWRITE_CONNECT (1<<3) /* a CONNECT response */
|
|
#define CLIENTWRITE_1XX (1<<4) /* a 1xx response */
|
|
#define CLIENTWRITE_TRAILER (1<<5) /* a trailer header */
|
|
#define CLIENTWRITE_BOTH (CLIENTWRITE_BODY|CLIENTWRITE_HEADER)
|
|
|
|
CURLcode Curl_client_write(struct Curl_easy *data, int type, char *ptr,
|
|
size_t len) WARN_UNUSED_RESULT;
|
|
|
|
bool Curl_recv_has_postponed_data(struct connectdata *conn, int sockindex);
|
|
|
|
/* internal read-function, does plain socket only */
|
|
CURLcode Curl_read_plain(struct Curl_easy *data,
|
|
curl_socket_t sockfd,
|
|
char *buf,
|
|
size_t sizerequested,
|
|
ssize_t *n);
|
|
|
|
ssize_t Curl_recv_plain(struct Curl_easy *data, int num, char *buf,
|
|
size_t len, CURLcode *code);
|
|
ssize_t Curl_send_plain(struct Curl_easy *data, int num,
|
|
const void *mem, size_t len, CURLcode *code);
|
|
|
|
/* internal read-function, does plain socket, SSL and krb4 */
|
|
CURLcode Curl_read(struct Curl_easy *data, curl_socket_t sockfd,
|
|
char *buf, size_t buffersize,
|
|
ssize_t *n);
|
|
|
|
/* internal write-function, does plain socket, SSL, SCP, SFTP and krb4 */
|
|
CURLcode Curl_write(struct Curl_easy *data,
|
|
curl_socket_t sockfd,
|
|
const void *mem, size_t len,
|
|
ssize_t *written);
|
|
|
|
/* internal write-function, does plain sockets ONLY */
|
|
CURLcode Curl_write_plain(struct Curl_easy *data,
|
|
curl_socket_t sockfd,
|
|
const void *mem, size_t len,
|
|
ssize_t *written);
|
|
|
|
/* the function used to output verbose information */
|
|
void Curl_debug(struct Curl_easy *data, curl_infotype type,
|
|
char *ptr, size_t size);
|
|
|
|
|
|
#endif /* HEADER_CURL_SENDF_H */
|