mirror of
https://github.com/curl/curl.git
synced 2025-01-24 14:15:18 +08:00
4f42150d04
Prior to this change Curl_read_plain would attempt to read the socket directly. On Windows that's a problem because recv data may be cached by libcurl and that data is only drained using Curl_recv_plain. Rather than rewrite Curl_read_plain to handle cached recv data, I changed it to wrap Curl_recv_plain, in much the same way that Curl_write_plain already wraps Curl_send_plain. Curl_read_plain -> Curl_recv_plain Curl_write_plain -> Curl_send_plain This fixes a bug in the schannel backend where decryption of arbitrary TLS records fails because cached recv data is never drained. We send data (TLS records formed by Schannel) using Curl_write_plain, which calls Curl_send_plain, and that may do a recv-before-send ("pre-receive") to cache received data. The code calls Curl_read_plain to read data (TLS records from the server), which prior to this change did not call Curl_recv_plain and therefore cached recv data wasn't retrieved, resulting in malformed TLS records and decryption failure (SEC_E_DECRYPT_FAILURE). The bug has only been observed during Schannel TLS 1.3 handshakes. Refer to the issue and PR for more information. -- This is take 2 of the original fix. It preserves the original behavior of Curl_read_plain to write 0 to the bytes read parameter on error, since apparently some callers expect that (SOCKS tests were hanging). The original fix which landed in12e1def5
and was later reverted in18383fbf
failed to work properly because it did not do that. Also, it changes Curl_write_plain the same way to complement Curl_read_plain, and it changes Curl_send_plain to return -1 instead of 0 on CURLE_AGAIN to complement Curl_recv_plain. Behavior on error with these changes: Curl_recv_plain returns -1 and *code receives error code. Curl_send_plain returns -1 and *code receives error code. Curl_read_plain returns error code and *n (bytes read) receives 0. Curl_write_plain returns error code and *written receives 0. -- Ref: https://github.com/curl/curl/issues/9431#issuecomment-1312420361 Assisted-by: Joel Depooter Reported-by: Egor Pugin Fixes https://github.com/curl/curl/issues/9431 Closes https://github.com/curl/curl/pull/9949
98 lines
3.6 KiB
C
98 lines
3.6 KiB
C
#ifndef HEADER_CURL_SENDF_H
|
|
#define HEADER_CURL_SENDF_H
|
|
/***************************************************************************
|
|
* _ _ ____ _
|
|
* Project ___| | | | _ \| |
|
|
* / __| | | | |_) | |
|
|
* | (__| |_| | _ <| |___
|
|
* \___|\___/|_| \_\_____|
|
|
*
|
|
* Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
*
|
|
* This software is licensed as described in the file COPYING, which
|
|
* you should have received as part of this distribution. The terms
|
|
* are also available at https://curl.se/docs/copyright.html.
|
|
*
|
|
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|
* copies of the Software, and permit persons to whom the Software is
|
|
* furnished to do so, under the terms of the COPYING file.
|
|
*
|
|
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|
* KIND, either express or implied.
|
|
*
|
|
* SPDX-License-Identifier: curl
|
|
*
|
|
***************************************************************************/
|
|
|
|
#include "curl_setup.h"
|
|
|
|
void Curl_infof(struct Curl_easy *, const char *fmt, ...);
|
|
void Curl_failf(struct Curl_easy *, const char *fmt, ...);
|
|
|
|
#if defined(CURL_DISABLE_VERBOSE_STRINGS)
|
|
|
|
#if defined(HAVE_VARIADIC_MACROS_C99)
|
|
#define infof(...) Curl_nop_stmt
|
|
#elif defined(HAVE_VARIADIC_MACROS_GCC)
|
|
#define infof(x...) Curl_nop_stmt
|
|
#else
|
|
#error "missing VARIADIC macro define, fix and rebuild!"
|
|
#endif
|
|
|
|
#else /* CURL_DISABLE_VERBOSE_STRINGS */
|
|
|
|
#define infof Curl_infof
|
|
|
|
#endif /* CURL_DISABLE_VERBOSE_STRINGS */
|
|
|
|
#define failf Curl_failf
|
|
|
|
#define CLIENTWRITE_BODY (1<<0)
|
|
#define CLIENTWRITE_HEADER (1<<1)
|
|
#define CLIENTWRITE_STATUS (1<<2) /* the first "header" is the status line */
|
|
#define CLIENTWRITE_CONNECT (1<<3) /* a CONNECT response */
|
|
#define CLIENTWRITE_1XX (1<<4) /* a 1xx response */
|
|
#define CLIENTWRITE_TRAILER (1<<5) /* a trailer header */
|
|
#define CLIENTWRITE_BOTH (CLIENTWRITE_BODY|CLIENTWRITE_HEADER)
|
|
|
|
CURLcode Curl_client_write(struct Curl_easy *data, int type, char *ptr,
|
|
size_t len) WARN_UNUSED_RESULT;
|
|
|
|
bool Curl_recv_has_postponed_data(struct connectdata *conn, int sockindex);
|
|
|
|
/* internal read-function, does plain socket only */
|
|
CURLcode Curl_read_plain(struct Curl_easy *data,
|
|
curl_socket_t sockfd,
|
|
char *buf,
|
|
size_t sizerequested,
|
|
ssize_t *n);
|
|
|
|
ssize_t Curl_recv_plain(struct Curl_easy *data, int num, char *buf,
|
|
size_t len, CURLcode *code);
|
|
ssize_t Curl_send_plain(struct Curl_easy *data, int num,
|
|
const void *mem, size_t len, CURLcode *code);
|
|
|
|
/* internal read-function, does plain socket, SSL and krb4 */
|
|
CURLcode Curl_read(struct Curl_easy *data, curl_socket_t sockfd,
|
|
char *buf, size_t buffersize,
|
|
ssize_t *n);
|
|
|
|
/* internal write-function, does plain socket, SSL, SCP, SFTP and krb4 */
|
|
CURLcode Curl_write(struct Curl_easy *data,
|
|
curl_socket_t sockfd,
|
|
const void *mem, size_t len,
|
|
ssize_t *written);
|
|
|
|
/* internal write-function, does plain sockets ONLY */
|
|
CURLcode Curl_write_plain(struct Curl_easy *data,
|
|
curl_socket_t sockfd,
|
|
const void *mem, size_t len,
|
|
ssize_t *written);
|
|
|
|
/* the function used to output verbose information */
|
|
void Curl_debug(struct Curl_easy *data, curl_infotype type,
|
|
char *ptr, size_t size);
|
|
|
|
|
|
#endif /* HEADER_CURL_SENDF_H */
|