parent
f0f4336cdc
commit
4f83e3c3c6
@ -0,0 +1,59 @@
|
|||||||
|
From c9828d86040737a47da862197b5def7ff6b0e3c4 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daniel Stenberg <daniel@haxx.se>
|
||||||
|
Date: Mon, 6 Mar 2023 12:07:33 +0100
|
||||||
|
Subject: [PATCH] telnet: only accept option arguments in ascii
|
||||||
|
|
||||||
|
To avoid embedded telnet negotiation commands etc.
|
||||||
|
|
||||||
|
Reported-by: Harry Sintonen
|
||||||
|
Closes #10728
|
||||||
|
|
||||||
|
Upstream-commit: 538b1e79a6e7b0bb829ab4cecc828d32105d0684
|
||||||
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||||
|
---
|
||||||
|
lib/telnet.c | 15 +++++++++++++++
|
||||||
|
1 file changed, 15 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/lib/telnet.c b/lib/telnet.c
|
||||||
|
index 22bc81e..baea885 100644
|
||||||
|
--- a/lib/telnet.c
|
||||||
|
+++ b/lib/telnet.c
|
||||||
|
@@ -770,6 +770,17 @@ static void printsub(struct Curl_easy *data,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+static bool str_is_nonascii(const char *str)
|
||||||
|
+{
|
||||||
|
+ size_t len = strlen(str);
|
||||||
|
+ while(len--) {
|
||||||
|
+ if(*str & 0x80)
|
||||||
|
+ return TRUE;
|
||||||
|
+ str++;
|
||||||
|
+ }
|
||||||
|
+ return FALSE;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static CURLcode check_telnet_options(struct Curl_easy *data)
|
||||||
|
{
|
||||||
|
struct curl_slist *head;
|
||||||
|
@@ -784,6 +795,8 @@ static CURLcode check_telnet_options(struct Curl_easy *data)
|
||||||
|
/* Add the user name as an environment variable if it
|
||||||
|
was given on the command line */
|
||||||
|
if(conn->bits.user_passwd) {
|
||||||
|
+ if(str_is_nonascii(data->conn->user))
|
||||||
|
+ return CURLE_BAD_FUNCTION_ARGUMENT;
|
||||||
|
msnprintf(option_arg, sizeof(option_arg), "USER,%s", conn->user);
|
||||||
|
beg = curl_slist_append(tn->telnet_vars, option_arg);
|
||||||
|
if(!beg) {
|
||||||
|
@@ -798,6 +811,8 @@ static CURLcode check_telnet_options(struct Curl_easy *data)
|
||||||
|
for(head = data->set.telnet_options; head; head = head->next) {
|
||||||
|
if(sscanf(head->data, "%127[^= ]%*[ =]%255s",
|
||||||
|
option_keyword, option_arg) == 2) {
|
||||||
|
+ if(str_is_nonascii(option_arg))
|
||||||
|
+ continue;
|
||||||
|
|
||||||
|
/* Terminal type */
|
||||||
|
if(strcasecompare(option_keyword, "TTYPE")) {
|
||||||
|
--
|
||||||
|
2.39.2
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,230 @@
|
|||||||
|
From e8705acd69383c13191c9dd4867d5118e58c54ba Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daniel Stenberg <daniel@haxx.se>
|
||||||
|
Date: Thu, 6 Oct 2022 00:49:10 +0200
|
||||||
|
Subject: [PATCH 1/2] strcase: add Curl_timestrcmp
|
||||||
|
|
||||||
|
This is a strcmp() alternative function for comparing "secrets",
|
||||||
|
designed to take the same time no matter the content to not leak
|
||||||
|
match/non-match info to observers based on how fast it is.
|
||||||
|
|
||||||
|
The time this function takes is only a function of the shortest input
|
||||||
|
string.
|
||||||
|
|
||||||
|
Reported-by: Trail of Bits
|
||||||
|
|
||||||
|
Closes #9658
|
||||||
|
|
||||||
|
Upstream-commit: ed5095ed94281989e103c72e032200b83be37878
|
||||||
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||||
|
---
|
||||||
|
lib/strcase.c | 22 ++++++++++++++++++++++
|
||||||
|
lib/strcase.h | 1 +
|
||||||
|
2 files changed, 23 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/lib/strcase.c b/lib/strcase.c
|
||||||
|
index f932485..c73907d 100644
|
||||||
|
--- a/lib/strcase.c
|
||||||
|
+++ b/lib/strcase.c
|
||||||
|
@@ -261,6 +261,28 @@ bool Curl_safecmp(char *a, char *b)
|
||||||
|
return !a && !b;
|
||||||
|
}
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * Curl_timestrcmp() returns 0 if the two strings are identical. The time this
|
||||||
|
+ * function spends is a function of the shortest string, not of the contents.
|
||||||
|
+ */
|
||||||
|
+int Curl_timestrcmp(const char *a, const char *b)
|
||||||
|
+{
|
||||||
|
+ int match = 0;
|
||||||
|
+ int i = 0;
|
||||||
|
+
|
||||||
|
+ if(a && b) {
|
||||||
|
+ while(1) {
|
||||||
|
+ match |= a[i]^b[i];
|
||||||
|
+ if(!a[i] || !b[i])
|
||||||
|
+ break;
|
||||||
|
+ i++;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ return a || b;
|
||||||
|
+ return match;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/* --- public functions --- */
|
||||||
|
|
||||||
|
int curl_strequal(const char *first, const char *second)
|
||||||
|
diff --git a/lib/strcase.h b/lib/strcase.h
|
||||||
|
index d245929..11a67a1 100644
|
||||||
|
--- a/lib/strcase.h
|
||||||
|
+++ b/lib/strcase.h
|
||||||
|
@@ -49,5 +49,6 @@ void Curl_strntoupper(char *dest, const char *src, size_t n);
|
||||||
|
void Curl_strntolower(char *dest, const char *src, size_t n);
|
||||||
|
|
||||||
|
bool Curl_safecmp(char *a, char *b);
|
||||||
|
+int Curl_timestrcmp(const char *first, const char *second);
|
||||||
|
|
||||||
|
#endif /* HEADER_CURL_STRCASE_H */
|
||||||
|
--
|
||||||
|
2.39.2
|
||||||
|
|
||||||
|
|
||||||
|
From 9cfaea212ff347937a38f6b5d6b885ed8ba1b931 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daniel Stenberg <daniel@haxx.se>
|
||||||
|
Date: Thu, 9 Mar 2023 17:47:06 +0100
|
||||||
|
Subject: [PATCH 2/2] ftp: add more conditions for connection reuse
|
||||||
|
|
||||||
|
Reported-by: Harry Sintonen
|
||||||
|
Closes #10730
|
||||||
|
|
||||||
|
Upstream-commit: 8f4608468b890dce2dad9f91d5607ee7e9c1aba1
|
||||||
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||||
|
---
|
||||||
|
lib/ftp.c | 28 ++++++++++++++++++++++++++--
|
||||||
|
lib/ftp.h | 5 +++++
|
||||||
|
lib/setopt.c | 2 +-
|
||||||
|
lib/url.c | 12 ++++++++++++
|
||||||
|
lib/urldata.h | 4 ++--
|
||||||
|
5 files changed, 46 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/ftp.c b/lib/ftp.c
|
||||||
|
index 9442832..df15bc0 100644
|
||||||
|
--- a/lib/ftp.c
|
||||||
|
+++ b/lib/ftp.c
|
||||||
|
@@ -4086,6 +4086,8 @@ static CURLcode ftp_disconnect(struct Curl_easy *data,
|
||||||
|
}
|
||||||
|
|
||||||
|
freedirs(ftpc);
|
||||||
|
+ Curl_safefree(ftpc->account);
|
||||||
|
+ Curl_safefree(ftpc->alternative_to_user);
|
||||||
|
Curl_safefree(ftpc->prevpath);
|
||||||
|
Curl_safefree(ftpc->server_os);
|
||||||
|
Curl_pp_disconnect(pp);
|
||||||
|
@@ -4346,11 +4348,31 @@ static CURLcode ftp_setup_connection(struct Curl_easy *data,
|
||||||
|
{
|
||||||
|
char *type;
|
||||||
|
struct FTP *ftp;
|
||||||
|
+ struct ftp_conn *ftpc = &conn->proto.ftpc;
|
||||||
|
|
||||||
|
- data->req.p.ftp = ftp = calloc(sizeof(struct FTP), 1);
|
||||||
|
+ ftp = calloc(sizeof(struct FTP), 1);
|
||||||
|
if(NULL == ftp)
|
||||||
|
return CURLE_OUT_OF_MEMORY;
|
||||||
|
|
||||||
|
+ /* clone connection related data that is FTP specific */
|
||||||
|
+ if(data->set.str[STRING_FTP_ACCOUNT]) {
|
||||||
|
+ ftpc->account = strdup(data->set.str[STRING_FTP_ACCOUNT]);
|
||||||
|
+ if(!ftpc->account) {
|
||||||
|
+ free(ftp);
|
||||||
|
+ return CURLE_OUT_OF_MEMORY;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ if(data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]) {
|
||||||
|
+ ftpc->alternative_to_user =
|
||||||
|
+ strdup(data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]);
|
||||||
|
+ if(!ftpc->alternative_to_user) {
|
||||||
|
+ Curl_safefree(ftpc->account);
|
||||||
|
+ free(ftp);
|
||||||
|
+ return CURLE_OUT_OF_MEMORY;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ data->req.p.ftp = ftp;
|
||||||
|
+
|
||||||
|
ftp->path = &data->state.up.path[1]; /* don't include the initial slash */
|
||||||
|
|
||||||
|
/* FTP URLs support an extension like ";type=<typecode>" that
|
||||||
|
@@ -4385,7 +4407,9 @@ static CURLcode ftp_setup_connection(struct Curl_easy *data,
|
||||||
|
/* get some initial data into the ftp struct */
|
||||||
|
ftp->transfer = PPTRANSFER_BODY;
|
||||||
|
ftp->downloadsize = 0;
|
||||||
|
- conn->proto.ftpc.known_filesize = -1; /* unknown size for now */
|
||||||
|
+ ftpc->known_filesize = -1; /* unknown size for now */
|
||||||
|
+ ftpc->use_ssl = data->set.use_ssl;
|
||||||
|
+ ftpc->ccc = data->set.ftp_ccc;
|
||||||
|
|
||||||
|
return CURLE_OK;
|
||||||
|
}
|
||||||
|
diff --git a/lib/ftp.h b/lib/ftp.h
|
||||||
|
index 7f6f432..3f33e27 100644
|
||||||
|
--- a/lib/ftp.h
|
||||||
|
+++ b/lib/ftp.h
|
||||||
|
@@ -115,6 +115,8 @@ struct FTP {
|
||||||
|
struct */
|
||||||
|
struct ftp_conn {
|
||||||
|
struct pingpong pp;
|
||||||
|
+ char *account;
|
||||||
|
+ char *alternative_to_user;
|
||||||
|
char *entrypath; /* the PWD reply when we logged on */
|
||||||
|
char *file; /* url-decoded file name (or path) */
|
||||||
|
char **dirs; /* realloc()ed array for path components */
|
||||||
|
@@ -144,6 +146,9 @@ struct ftp_conn {
|
||||||
|
ftpstate state; /* always use ftp.c:state() to change state! */
|
||||||
|
ftpstate state_saved; /* transfer type saved to be reloaded after
|
||||||
|
data connection is established */
|
||||||
|
+ unsigned char use_ssl; /* if AUTH TLS is to be attempted etc, for FTP or
|
||||||
|
+ IMAP or POP3 or others! (type: curl_usessl)*/
|
||||||
|
+ unsigned char ccc; /* ccc level for this connection */
|
||||||
|
curl_off_t retr_size_saved; /* Size of retrieved file saved */
|
||||||
|
char *server_os; /* The target server operating system. */
|
||||||
|
curl_off_t known_filesize; /* file size is different from -1, if wildcard
|
||||||
|
diff --git a/lib/setopt.c b/lib/setopt.c
|
||||||
|
index 3339a67..6fc111d 100644
|
||||||
|
--- a/lib/setopt.c
|
||||||
|
+++ b/lib/setopt.c
|
||||||
|
@@ -2264,7 +2264,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
|
||||||
|
arg = va_arg(param, long);
|
||||||
|
if((arg < CURLUSESSL_NONE) || (arg >= CURLUSESSL_LAST))
|
||||||
|
return CURLE_BAD_FUNCTION_ARGUMENT;
|
||||||
|
- data->set.use_ssl = (curl_usessl)arg;
|
||||||
|
+ data->set.use_ssl = (unsigned char)arg;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case CURLOPT_SSL_OPTIONS:
|
||||||
|
diff --git a/lib/url.c b/lib/url.c
|
||||||
|
index 61ba832..4e21838 100644
|
||||||
|
--- a/lib/url.c
|
||||||
|
+++ b/lib/url.c
|
||||||
|
@@ -1329,6 +1329,18 @@ ConnectionExists(struct Curl_easy *data,
|
||||||
|
if(!ssh_config_matches(needle, check))
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
+#ifndef CURL_DISABLE_FTP
|
||||||
|
+ else if(get_protocol_family(needle->handler) & PROTO_FAMILY_FTP) {
|
||||||
|
+ /* Also match ACCOUNT, ALTERNATIVE-TO-USER, USE_SSL and CCC options */
|
||||||
|
+ if(Curl_timestrcmp(needle->proto.ftpc.account,
|
||||||
|
+ check->proto.ftpc.account) ||
|
||||||
|
+ Curl_timestrcmp(needle->proto.ftpc.alternative_to_user,
|
||||||
|
+ check->proto.ftpc.alternative_to_user) ||
|
||||||
|
+ (needle->proto.ftpc.use_ssl != check->proto.ftpc.use_ssl) ||
|
||||||
|
+ (needle->proto.ftpc.ccc != check->proto.ftpc.ccc))
|
||||||
|
+ continue;
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
if((needle->handler->flags&PROTOPT_SSL)
|
||||||
|
#ifndef CURL_DISABLE_PROXY
|
||||||
|
diff --git a/lib/urldata.h b/lib/urldata.h
|
||||||
|
index 9d9ca92..4e2f5b9 100644
|
||||||
|
--- a/lib/urldata.h
|
||||||
|
+++ b/lib/urldata.h
|
||||||
|
@@ -1749,8 +1749,6 @@ struct UserDefined {
|
||||||
|
void *ssh_keyfunc_userp; /* custom pointer to callback */
|
||||||
|
enum CURL_NETRC_OPTION
|
||||||
|
use_netrc; /* defined in include/curl.h */
|
||||||
|
- curl_usessl use_ssl; /* if AUTH TLS is to be attempted etc, for FTP or
|
||||||
|
- IMAP or POP3 or others! */
|
||||||
|
long new_file_perms; /* Permissions to use when creating remote files */
|
||||||
|
long new_directory_perms; /* Permissions to use when creating remote dirs */
|
||||||
|
long ssh_auth_types; /* allowed SSH auth types */
|
||||||
|
@@ -1793,6 +1791,8 @@ struct UserDefined {
|
||||||
|
CURLU *uh; /* URL handle for the current parsed URL */
|
||||||
|
void *trailer_data; /* pointer to pass to trailer data callback */
|
||||||
|
curl_trailer_callback trailer_callback; /* trailing data callback */
|
||||||
|
+ unsigned char use_ssl; /* if AUTH TLS is to be attempted etc, for FTP or
|
||||||
|
+ IMAP or POP3 or others! (type: curl_usessl)*/
|
||||||
|
BIT(is_fread_set); /* has read callback been set to non-NULL? */
|
||||||
|
BIT(is_fwrite_set); /* has write callback been set to non-NULL? */
|
||||||
|
BIT(free_referer); /* set TRUE if 'referer' points to a string we
|
||||||
|
--
|
||||||
|
2.39.2
|
||||||
|
|
@ -0,0 +1,54 @@
|
|||||||
|
From 9d6dd7bc1dea42ae8e710aeae714e2a2c290de61 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daniel Stenberg <daniel@haxx.se>
|
||||||
|
Date: Fri, 10 Mar 2023 09:22:43 +0100
|
||||||
|
Subject: [PATCH] url: only reuse connections with same GSS delegation
|
||||||
|
|
||||||
|
Reported-by: Harry Sintonen
|
||||||
|
Closes #10731
|
||||||
|
|
||||||
|
Upstream-commit: cb49e67303dbafbab1cebf4086e3ec15b7d56ee5
|
||||||
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||||
|
---
|
||||||
|
lib/url.c | 6 ++++++
|
||||||
|
lib/urldata.h | 1 +
|
||||||
|
2 files changed, 7 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/lib/url.c b/lib/url.c
|
||||||
|
index 3b11b7e..cbbc7f3 100644
|
||||||
|
--- a/lib/url.c
|
||||||
|
+++ b/lib/url.c
|
||||||
|
@@ -1325,6 +1325,11 @@ ConnectionExists(struct Curl_easy *data,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* GSS delegation differences do not actually affect every connection
|
||||||
|
+ and auth method, but this check takes precaution before efficiency */
|
||||||
|
+ if(needle->gssapi_delegation != check->gssapi_delegation)
|
||||||
|
+ continue;
|
||||||
|
+
|
||||||
|
if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) {
|
||||||
|
if(!ssh_config_matches(needle, check))
|
||||||
|
continue;
|
||||||
|
@@ -1785,6 +1790,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
|
||||||
|
conn->fclosesocket = data->set.fclosesocket;
|
||||||
|
conn->closesocket_client = data->set.closesocket_client;
|
||||||
|
conn->lastused = Curl_now(); /* used now */
|
||||||
|
+ conn->gssapi_delegation = data->set.gssapi_delegation;
|
||||||
|
|
||||||
|
return conn;
|
||||||
|
error:
|
||||||
|
diff --git a/lib/urldata.h b/lib/urldata.h
|
||||||
|
index ce90304..9e16f26 100644
|
||||||
|
--- a/lib/urldata.h
|
||||||
|
+++ b/lib/urldata.h
|
||||||
|
@@ -995,6 +995,7 @@ struct connectdata {
|
||||||
|
char *sasl_authzid; /* authorisation identity string, allocated */
|
||||||
|
char *oauth_bearer; /* OAUTH2 bearer, allocated */
|
||||||
|
unsigned char httpversion; /* the HTTP version*10 reported by the server */
|
||||||
|
+ unsigned char gssapi_delegation; /* inherited from set.gssapi_delegation */
|
||||||
|
struct curltime now; /* "current" time */
|
||||||
|
struct curltime created; /* creation time */
|
||||||
|
struct curltime lastused; /* when returned to the connection cache */
|
||||||
|
--
|
||||||
|
2.39.2
|
||||||
|
|
@ -0,0 +1,30 @@
|
|||||||
|
From 133e25afe4b8961b9c12334ee0bd3374db9a1fd4 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daniel Stenberg <daniel@haxx.se>
|
||||||
|
Date: Fri, 10 Mar 2023 08:22:51 +0100
|
||||||
|
Subject: [PATCH] url: fix the SSH connection reuse check
|
||||||
|
|
||||||
|
Reported-by: Harry Sintonen
|
||||||
|
Closes #10735
|
||||||
|
|
||||||
|
Upstream-commit: af369db4d3833272b8ed443f7fcc2e757a0872eb
|
||||||
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
||||||
|
---
|
||||||
|
lib/url.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/lib/url.c b/lib/url.c
|
||||||
|
index 0c31486..3b11b7e 100644
|
||||||
|
--- a/lib/url.c
|
||||||
|
+++ b/lib/url.c
|
||||||
|
@@ -1330,7 +1330,7 @@ ConnectionExists(struct Curl_easy *data,
|
||||||
|
if(needle->gssapi_delegation != check->gssapi_delegation)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
- if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) {
|
||||||
|
+ if(get_protocol_family(needle->handler) & PROTO_FAMILY_SSH) {
|
||||||
|
if(!ssh_config_matches(needle, check))
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.39.2
|
||||||
|
|
@ -0,0 +1,420 @@
|
|||||||
|
From 47f0d37bfc008c088416f3dcca802c9e087d9bf1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daniel Stenberg <daniel@haxx.se>
|
||||||
|
Date: Tue, 25 Apr 2023 08:28:01 +0200
|
||||||
|
Subject: [PATCH] lib: unify the upload/method handling
|
||||||
|
|
||||||
|
By making sure we set state.upload based on the set.method value and not
|
||||||
|
independently as set.upload, we reduce confusion and mixup risks, both
|
||||||
|
internally and externally.
|
||||||
|
---
|
||||||
|
lib/curl_rtmp.c | 4 ++--
|
||||||
|
lib/file.c | 4 ++--
|
||||||
|
lib/ftp.c | 8 ++++----
|
||||||
|
lib/http.c | 4 ++--
|
||||||
|
lib/imap.c | 6 +++---
|
||||||
|
lib/rtsp.c | 4 ++--
|
||||||
|
lib/setopt.c | 6 ++----
|
||||||
|
lib/smb.c | 6 +++---
|
||||||
|
lib/smtp.c | 4 ++--
|
||||||
|
lib/tftp.c | 8 ++++----
|
||||||
|
lib/transfer.c | 4 ++--
|
||||||
|
lib/urldata.h | 2 +-
|
||||||
|
lib/vssh/libssh.c | 6 +++---
|
||||||
|
lib/vssh/libssh2.c | 6 +++---
|
||||||
|
lib/vssh/wolfssh.c | 2 +-
|
||||||
|
15 files changed, 36 insertions(+), 38 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c
|
||||||
|
index 2679a2cdc1afe..406fb42ac0f44 100644
|
||||||
|
--- a/lib/curl_rtmp.c
|
||||||
|
+++ b/lib/curl_rtmp.c
|
||||||
|
@@ -231,7 +231,7 @@ static CURLcode rtmp_connect(struct Curl_easy *data, bool *done)
|
||||||
|
/* We have to know if it's a write before we send the
|
||||||
|
* connect request packet
|
||||||
|
*/
|
||||||
|
- if(data->set.upload)
|
||||||
|
+ if(data->state.upload)
|
||||||
|
r->Link.protocol |= RTMP_FEATURE_WRITE;
|
||||||
|
|
||||||
|
/* For plain streams, use the buffer toggle trick to keep data flowing */
|
||||||
|
@@ -263,7 +263,7 @@ static CURLcode rtmp_do(struct Curl_easy *data, bool *done)
|
||||||
|
if(!RTMP_ConnectStream(r, 0))
|
||||||
|
return CURLE_FAILED_INIT;
|
||||||
|
|
||||||
|
- if(data->set.upload) {
|
||||||
|
+ if(data->state.upload) {
|
||||||
|
Curl_pgrsSetUploadSize(data, data->state.infilesize);
|
||||||
|
Curl_setup_transfer(data, -1, -1, FALSE, FIRSTSOCKET);
|
||||||
|
}
|
||||||
|
diff --git a/lib/file.c b/lib/file.c
|
||||||
|
index 51c5d07ce40ab..c751e8861a99b 100644
|
||||||
|
--- a/lib/file.c
|
||||||
|
+++ b/lib/file.c
|
||||||
|
@@ -240,7 +240,7 @@ static CURLcode file_connect(struct Curl_easy *data, bool *done)
|
||||||
|
file->freepath = real_path; /* free this when done */
|
||||||
|
|
||||||
|
file->fd = fd;
|
||||||
|
- if(!data->set.upload && (fd == -1)) {
|
||||||
|
+ if(!data->state.upload && (fd == -1)) {
|
||||||
|
failf(data, "Couldn't open file %s", data->state.up.path);
|
||||||
|
file_done(data, CURLE_FILE_COULDNT_READ_FILE, FALSE);
|
||||||
|
return CURLE_FILE_COULDNT_READ_FILE;
|
||||||
|
@@ -422,7 +422,7 @@ static CURLcode file_do(struct Curl_easy *data, bool *done)
|
||||||
|
|
||||||
|
Curl_pgrsStartNow(data);
|
||||||
|
|
||||||
|
- if(data->set.upload)
|
||||||
|
+ if(data->state.upload)
|
||||||
|
return file_upload(data);
|
||||||
|
|
||||||
|
file = data->req.p.file;
|
||||||
|
diff --git a/lib/ftp.c b/lib/ftp.c
|
||||||
|
index f50d7baf622f8..4ff68cc454cbc 100644
|
||||||
|
--- a/lib/ftp.c
|
||||||
|
+++ b/lib/ftp.c
|
||||||
|
@@ -1381,7 +1381,7 @@ static CURLcode ftp_state_prepare_transfer(struct Curl_easy *data)
|
||||||
|
data->set.str[STRING_CUSTOMREQUEST]?
|
||||||
|
data->set.str[STRING_CUSTOMREQUEST]:
|
||||||
|
(data->state.list_only?"NLST":"LIST"));
|
||||||
|
- else if(data->set.upload)
|
||||||
|
+ else if(data->state.upload)
|
||||||
|
result = Curl_pp_sendf(data, &ftpc->pp, "PRET STOR %s",
|
||||||
|
conn->proto.ftpc.file);
|
||||||
|
else
|
||||||
|
@@ -3368,7 +3368,7 @@ static CURLcode ftp_done(struct Curl_easy *data, CURLcode status,
|
||||||
|
/* the response code from the transfer showed an error already so no
|
||||||
|
use checking further */
|
||||||
|
;
|
||||||
|
- else if(data->set.upload) {
|
||||||
|
+ else if(data->state.upload) {
|
||||||
|
if((-1 != data->state.infilesize) &&
|
||||||
|
(data->state.infilesize != data->req.writebytecount) &&
|
||||||
|
!data->set.crlf &&
|
||||||
|
@@ -3640,7 +3640,7 @@ static CURLcode ftp_do_more(struct Curl_easy *data, int *completep)
|
||||||
|
connected back to us */
|
||||||
|
}
|
||||||
|
}
|
||||||
|
- else if(data->set.upload) {
|
||||||
|
+ else if(data->state.upload) {
|
||||||
|
result = ftp_nb_type(data, conn, data->state.prefer_ascii,
|
||||||
|
FTP_STOR_TYPE);
|
||||||
|
if(result)
|
||||||
|
@@ -4217,7 +4217,7 @@ CURLcode ftp_parse_url_path(struct Curl_easy *data)
|
||||||
|
ftpc->file = NULL; /* instead of point to a zero byte,
|
||||||
|
we make it a NULL pointer */
|
||||||
|
|
||||||
|
- if(data->set.upload && !ftpc->file && (ftp->transfer == PPTRANSFER_BODY)) {
|
||||||
|
+ if(data->state.upload && !ftpc->file && (ftp->transfer == PPTRANSFER_BODY)) {
|
||||||
|
/* We need a file name when uploading. Return error! */
|
||||||
|
failf(data, "Uploading to a URL without a file name!");
|
||||||
|
free(rawPath);
|
||||||
|
diff --git a/lib/http.c b/lib/http.c
|
||||||
|
index 80e43f6f361e8..bffdd3468536d 100644
|
||||||
|
--- a/lib/http.c
|
||||||
|
+++ b/lib/http.c
|
||||||
|
@@ -2112,7 +2112,7 @@ void Curl_http_method(struct Curl_easy *data, struct connectdata *conn,
|
||||||
|
Curl_HttpReq httpreq = data->state.httpreq;
|
||||||
|
const char *request;
|
||||||
|
if((conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_FTP)) &&
|
||||||
|
- data->set.upload)
|
||||||
|
+ data->state.upload)
|
||||||
|
httpreq = HTTPREQ_PUT;
|
||||||
|
|
||||||
|
/* Now set the 'request' pointer to the proper request string */
|
||||||
|
@@ -2423,7 +2423,7 @@ CURLcode Curl_http_body(struct Curl_easy *data, struct connectdata *conn,
|
||||||
|
if((conn->handler->protocol & PROTO_FAMILY_HTTP) &&
|
||||||
|
(((httpreq == HTTPREQ_POST_MIME || httpreq == HTTPREQ_POST_FORM) &&
|
||||||
|
http->postsize < 0) ||
|
||||||
|
- ((data->set.upload || httpreq == HTTPREQ_POST) &&
|
||||||
|
+ ((data->state.upload || httpreq == HTTPREQ_POST) &&
|
||||||
|
data->state.infilesize == -1))) {
|
||||||
|
if(conn->bits.authneg)
|
||||||
|
/* don't enable chunked during auth neg */
|
||||||
|
diff --git a/lib/imap.c b/lib/imap.c
|
||||||
|
index c2f675d4b2618..1952e66a1efcd 100644
|
||||||
|
--- a/lib/imap.c
|
||||||
|
+++ b/lib/imap.c
|
||||||
|
@@ -1511,11 +1511,11 @@ static CURLcode imap_done(struct Curl_easy *data, CURLcode status,
|
||||||
|
result = status; /* use the already set error code */
|
||||||
|
}
|
||||||
|
else if(!data->set.connect_only && !imap->custom &&
|
||||||
|
- (imap->uid || imap->mindex || data->set.upload ||
|
||||||
|
+ (imap->uid || imap->mindex || data->state.upload ||
|
||||||
|
data->set.mimepost.kind != MIMEKIND_NONE)) {
|
||||||
|
/* Handle responses after FETCH or APPEND transfer has finished */
|
||||||
|
|
||||||
|
- if(!data->set.upload && data->set.mimepost.kind == MIMEKIND_NONE)
|
||||||
|
+ if(!data->state.upload && data->set.mimepost.kind == MIMEKIND_NONE)
|
||||||
|
state(data, IMAP_FETCH_FINAL);
|
||||||
|
else {
|
||||||
|
/* End the APPEND command first by sending an empty line */
|
||||||
|
@@ -1581,7 +1581,7 @@ static CURLcode imap_perform(struct Curl_easy *data, bool *connected,
|
||||||
|
selected = TRUE;
|
||||||
|
|
||||||
|
/* Start the first command in the DO phase */
|
||||||
|
- if(data->set.upload || data->set.mimepost.kind != MIMEKIND_NONE)
|
||||||
|
+ if(data->state.upload || data->set.mimepost.kind != MIMEKIND_NONE)
|
||||||
|
/* APPEND can be executed directly */
|
||||||
|
result = imap_perform_append(data);
|
||||||
|
else if(imap->custom && (selected || !imap->mailbox))
|
||||||
|
diff --git a/lib/rtsp.c b/lib/rtsp.c
|
||||||
|
index ea99d720ec4eb..ccd7264b00e74 100644
|
||||||
|
--- a/lib/rtsp.c
|
||||||
|
+++ b/lib/rtsp.c
|
||||||
|
@@ -493,7 +493,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done)
|
||||||
|
rtspreq == RTSPREQ_SET_PARAMETER ||
|
||||||
|
rtspreq == RTSPREQ_GET_PARAMETER) {
|
||||||
|
|
||||||
|
- if(data->set.upload) {
|
||||||
|
+ if(data->state.upload) {
|
||||||
|
putsize = data->state.infilesize;
|
||||||
|
data->state.httpreq = HTTPREQ_PUT;
|
||||||
|
|
||||||
|
@@ -512,7 +512,7 @@ static CURLcode rtsp_do(struct Curl_easy *data, bool *done)
|
||||||
|
result =
|
||||||
|
Curl_dyn_addf(&req_buffer,
|
||||||
|
"Content-Length: %" CURL_FORMAT_CURL_OFF_T"\r\n",
|
||||||
|
- (data->set.upload ? putsize : postsize));
|
||||||
|
+ (data->state.upload ? putsize : postsize));
|
||||||
|
if(result)
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
diff --git a/lib/setopt.c b/lib/setopt.c
|
||||||
|
index 38f5711e44191..0c3b9634d1192 100644
|
||||||
|
--- a/lib/setopt.c
|
||||||
|
+++ b/lib/setopt.c
|
||||||
|
@@ -333,8 +333,8 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
|
||||||
|
* We want to sent data to the remote host. If this is HTTP, that equals
|
||||||
|
* using the PUT request.
|
||||||
|
*/
|
||||||
|
- data->set.upload = (0 != va_arg(param, long)) ? TRUE : FALSE;
|
||||||
|
- if(data->set.upload) {
|
||||||
|
+ arg = va_arg(param, long);
|
||||||
|
+ if(arg) {
|
||||||
|
/* If this is HTTP, PUT is what's needed to "upload" */
|
||||||
|
data->set.method = HTTPREQ_PUT;
|
||||||
|
data->set.opt_no_body = FALSE; /* this is implied */
|
||||||
|
@@ -628,7 +628,6 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
|
||||||
|
}
|
||||||
|
else
|
||||||
|
data->set.method = HTTPREQ_GET;
|
||||||
|
- data->set.upload = FALSE;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case CURLOPT_HTTPPOST:
|
||||||
|
@@ -888,7 +887,6 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
|
||||||
|
*/
|
||||||
|
if(va_arg(param, long)) {
|
||||||
|
data->set.method = HTTPREQ_GET;
|
||||||
|
- data->set.upload = FALSE; /* switch off upload */
|
||||||
|
data->set.opt_no_body = FALSE; /* this is implied */
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
diff --git a/lib/smb.c b/lib/smb.c
|
||||||
|
index a1e444ee6b97e..d6822213529bc 100644
|
||||||
|
--- a/lib/smb.c
|
||||||
|
+++ b/lib/smb.c
|
||||||
|
@@ -530,7 +530,7 @@ static CURLcode smb_send_open(struct Curl_easy *data)
|
||||||
|
byte_count = strlen(req->path);
|
||||||
|
msg.name_length = smb_swap16((unsigned short)byte_count);
|
||||||
|
msg.share_access = smb_swap32(SMB_FILE_SHARE_ALL);
|
||||||
|
- if(data->set.upload) {
|
||||||
|
+ if(data->state.upload) {
|
||||||
|
msg.access = smb_swap32(SMB_GENERIC_READ | SMB_GENERIC_WRITE);
|
||||||
|
msg.create_disposition = smb_swap32(SMB_FILE_OVERWRITE_IF);
|
||||||
|
}
|
||||||
|
@@ -813,7 +813,7 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done)
|
||||||
|
smb_m = (const struct smb_nt_create_response*) msg;
|
||||||
|
req->fid = smb_swap16(smb_m->fid);
|
||||||
|
data->req.offset = 0;
|
||||||
|
- if(data->set.upload) {
|
||||||
|
+ if(data->state.upload) {
|
||||||
|
data->req.size = data->state.infilesize;
|
||||||
|
Curl_pgrsSetUploadSize(data, data->req.size);
|
||||||
|
next_state = SMB_UPLOAD;
|
||||||
|
diff --git a/lib/smtp.c b/lib/smtp.c
|
||||||
|
index 7a030308d4689..c182cace742d7 100644
|
||||||
|
--- a/lib/smtp.c
|
||||||
|
+++ b/lib/smtp.c
|
||||||
|
@@ -1419,7 +1419,7 @@ static CURLcode smtp_done(struct Curl_easy *data, CURLcode status,
|
||||||
|
result = status; /* use the already set error code */
|
||||||
|
}
|
||||||
|
else if(!data->set.connect_only && data->set.mail_rcpt &&
|
||||||
|
- (data->set.upload || data->set.mimepost.kind)) {
|
||||||
|
+ (data->state.upload || data->set.mimepost.kind)) {
|
||||||
|
/* Calculate the EOB taking into account any terminating CRLF from the
|
||||||
|
previous line of the email or the CRLF of the DATA command when there
|
||||||
|
is "no mail data". RFC-5321, sect. 4.1.1.4.
|
||||||
|
@@ -1511,7 +1511,7 @@ static CURLcode smtp_perform(struct Curl_easy *data, bool *connected,
|
||||||
|
smtp->eob = 2;
|
||||||
|
|
||||||
|
/* Start the first command in the DO phase */
|
||||||
|
- if((data->set.upload || data->set.mimepost.kind) && data->set.mail_rcpt)
|
||||||
|
+ if((data->state.upload || data->set.mimepost.kind) && data->set.mail_rcpt)
|
||||||
|
/* MAIL transfer */
|
||||||
|
result = smtp_perform_mail(data);
|
||||||
|
else
|
||||||
|
diff --git a/lib/tftp.c b/lib/tftp.c
|
||||||
|
index 164d3c723c5b9..8ed1b887b4d21 100644
|
||||||
|
--- a/lib/tftp.c
|
||||||
|
+++ b/lib/tftp.c
|
||||||
|
@@ -370,7 +370,7 @@ static CURLcode tftp_parse_option_ack(struct tftp_state_data *state,
|
||||||
|
|
||||||
|
/* tsize should be ignored on upload: Who cares about the size of the
|
||||||
|
remote file? */
|
||||||
|
- if(!data->set.upload) {
|
||||||
|
+ if(!data->state.upload) {
|
||||||
|
if(!tsize) {
|
||||||
|
failf(data, "invalid tsize -:%s:- value in OACK packet", value);
|
||||||
|
return CURLE_TFTP_ILLEGAL;
|
||||||
|
@@ -451,7 +451,7 @@ static CURLcode tftp_send_first(struct tftp_state_data *state,
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if(data->set.upload) {
|
||||||
|
+ if(data->state.upload) {
|
||||||
|
/* If we are uploading, send an WRQ */
|
||||||
|
setpacketevent(&state->spacket, TFTP_EVENT_WRQ);
|
||||||
|
state->data->req.upload_fromhere =
|
||||||
|
@@ -486,7 +486,7 @@ static CURLcode tftp_send_first(struct tftp_state_data *state,
|
||||||
|
if(!data->set.tftp_no_options) {
|
||||||
|
char buf[64];
|
||||||
|
/* add tsize option */
|
||||||
|
- if(data->set.upload && (data->state.infilesize != -1))
|
||||||
|
+ if(data->state.upload && (data->state.infilesize != -1))
|
||||||
|
msnprintf(buf, sizeof(buf), "%" CURL_FORMAT_CURL_OFF_T,
|
||||||
|
data->state.infilesize);
|
||||||
|
else
|
||||||
|
@@ -540,7 +540,7 @@ static CURLcode tftp_send_first(struct tftp_state_data *state,
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TFTP_EVENT_OACK:
|
||||||
|
- if(data->set.upload) {
|
||||||
|
+ if(data->state.upload) {
|
||||||
|
result = tftp_connect_for_tx(state, event);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
diff --git a/lib/transfer.c b/lib/transfer.c
|
||||||
|
index e9ab8fbf09510..cb69f3365855a 100644
|
||||||
|
--- a/lib/transfer.c
|
||||||
|
+++ b/lib/transfer.c
|
||||||
|
@@ -1293,6 +1293,7 @@ void Curl_init_CONNECT(struct Curl_easy *data)
|
||||||
|
{
|
||||||
|
data->state.fread_func = data->set.fread_func_set;
|
||||||
|
data->state.in = data->set.in_set;
|
||||||
|
+ data->state.upload = (data->state.httpreq == HTTPREQ_PUT);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -1801,7 +1801,6 @@ CURLcode Curl_follow(struct Curl_easy *data,
|
||||||
|
data->state.httpreq != HTTPREQ_POST_MIME) ||
|
||||||
|
!(data->set.keep_post & CURL_REDIR_POST_303))) {
|
||||||
|
data->state.httpreq = HTTPREQ_GET;
|
||||||
|
- data->set.upload = false;
|
||||||
|
infof(data, "Switch to %s\n",
|
||||||
|
data->set.opt_no_body?"HEAD":"GET");
|
||||||
|
}
|
||||||
|
@@ -1770,7 +1770,7 @@ CURLcode Curl_retry_request(struct Curl_easy *data, char **url)
|
||||||
|
|
||||||
|
/* if we're talking upload, we can't do the checks below, unless the protocol
|
||||||
|
is HTTP as when uploading over HTTP we will still get a response */
|
||||||
|
- if(data->set.upload &&
|
||||||
|
+ if(data->state.upload &&
|
||||||
|
!(conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_RTSP)))
|
||||||
|
return CURLE_OK;
|
||||||
|
|
||||||
|
diff --git a/lib/urldata.h b/lib/urldata.h
|
||||||
|
index cca992a0295aa..a8580bdb66fe8 100644
|
||||||
|
--- a/lib/urldata.h
|
||||||
|
+++ b/lib/urldata.h
|
||||||
|
@@ -1494,6 +1494,7 @@ struct UrlState {
|
||||||
|
BIT(url_alloc); /* URL string is malloc()'ed */
|
||||||
|
BIT(referer_alloc); /* referer string is malloc()ed */
|
||||||
|
BIT(wildcard_resolve); /* Set to true if any resolve change is a wildcard */
|
||||||
|
+ BIT(upload); /* upload request */
|
||||||
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -1838,7 +1839,6 @@ struct UserDefined {
|
||||||
|
BIT(http_auto_referer); /* set "correct" referer when following
|
||||||
|
location: */
|
||||||
|
BIT(opt_no_body); /* as set with CURLOPT_NOBODY */
|
||||||
|
- BIT(upload); /* upload request */
|
||||||
|
BIT(verbose); /* output verbosity */
|
||||||
|
BIT(krb); /* Kerberos connection requested */
|
||||||
|
BIT(reuse_forbid); /* forbidden to be reused, close after use */
|
||||||
|
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
|
||||||
|
index b31f741ba9492..d60edaa303642 100644
|
||||||
|
--- a/lib/vssh/libssh.c
|
||||||
|
+++ b/lib/vssh/libssh.c
|
||||||
|
@@ -1209,7 +1209,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block)
|
||||||
|
}
|
||||||
|
|
||||||
|
case SSH_SFTP_TRANS_INIT:
|
||||||
|
- if(data->set.upload)
|
||||||
|
+ if(data->state.upload)
|
||||||
|
state(data, SSH_SFTP_UPLOAD_INIT);
|
||||||
|
else {
|
||||||
|
if(protop->path[strlen(protop->path)-1] == '/')
|
||||||
|
@@ -1802,7 +1802,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block)
|
||||||
|
/* Functions from the SCP subsystem cannot handle/return SSH_AGAIN */
|
||||||
|
ssh_set_blocking(sshc->ssh_session, 1);
|
||||||
|
|
||||||
|
- if(data->set.upload) {
|
||||||
|
+ if(data->state.upload) {
|
||||||
|
if(data->state.infilesize < 0) {
|
||||||
|
failf(data, "SCP requires a known file size for upload");
|
||||||
|
sshc->actualcode = CURLE_UPLOAD_FAILED;
|
||||||
|
@@ -1907,7 +1907,7 @@ static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
case SSH_SCP_DONE:
|
||||||
|
- if(data->set.upload)
|
||||||
|
+ if(data->state.upload)
|
||||||
|
state(data, SSH_SCP_SEND_EOF);
|
||||||
|
else
|
||||||
|
state(data, SSH_SCP_CHANNEL_FREE);
|
||||||
|
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
|
||||||
|
index f1154dc47a74e..f2e5352d1fd3a 100644
|
||||||
|
--- a/lib/vssh/libssh2.c
|
||||||
|
+++ b/lib/vssh/libssh2.c
|
||||||
|
@@ -2019,7 +2019,7 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block)
|
||||||
|
}
|
||||||
|
|
||||||
|
case SSH_SFTP_TRANS_INIT:
|
||||||
|
- if(data->set.upload)
|
||||||
|
+ if(data->state.upload)
|
||||||
|
state(data, SSH_SFTP_UPLOAD_INIT);
|
||||||
|
else {
|
||||||
|
if(sshp->path[strlen(sshp->path)-1] == '/')
|
||||||
|
@@ -2691,7 +2691,7 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if(data->set.upload) {
|
||||||
|
+ if(data->state.upload) {
|
||||||
|
if(data->state.infilesize < 0) {
|
||||||
|
failf(data, "SCP requires a known file size for upload");
|
||||||
|
sshc->actualcode = CURLE_UPLOAD_FAILED;
|
||||||
|
@@ -2831,7 +2831,7 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block)
|
||||||
|
break;
|
||||||
|
|
||||||
|
case SSH_SCP_DONE:
|
||||||
|
- if(data->set.upload)
|
||||||
|
+ if(data->state.upload)
|
||||||
|
state(data, SSH_SCP_SEND_EOF);
|
||||||
|
else
|
||||||
|
state(data, SSH_SCP_CHANNEL_FREE);
|
||||||
|
diff --git a/lib/vssh/wolfssh.c b/lib/vssh/wolfssh.c
|
||||||
|
index 17d59ecd23bc8..2ca91b7363b1d 100644
|
||||||
|
--- a/lib/vssh/wolfssh.c
|
||||||
|
+++ b/lib/vssh/wolfssh.c
|
||||||
|
@@ -557,7 +557,7 @@ static CURLcode wssh_statemach_act(struct Curl_easy *data, bool *block)
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case SSH_SFTP_TRANS_INIT:
|
||||||
|
- if(data->set.upload)
|
||||||
|
+ if(data->state.upload)
|
||||||
|
state(data, SSH_SFTP_UPLOAD_INIT);
|
||||||
|
else {
|
||||||
|
if(sftp_scp->path[strlen(sftp_scp->path)-1] == '/')
|
@ -0,0 +1,304 @@
|
|||||||
|
From 199f2d440d8659b42670c1b796220792b01a97bf Mon Sep 17 00:00:00 2001
|
||||||
|
From: Daniel Stenberg <daniel@haxx.se>
|
||||||
|
Date: Mon, 24 Apr 2023 21:07:02 +0200
|
||||||
|
Subject: [PATCH] hostcheck: fix host name wildcard checking
|
||||||
|
|
||||||
|
The leftmost "label" of the host name can now only match against single
|
||||||
|
'*'. Like the browsers have worked for a long time.
|
||||||
|
|
||||||
|
- extended unit test 1397 for this
|
||||||
|
- move some SOURCE variables from unit/Makefile.am to unit/Makefile.inc
|
||||||
|
|
||||||
|
Reported-by: Hiroki Kurosawa
|
||||||
|
Closes #11018
|
||||||
|
---
|
||||||
|
lib/hostcheck.c | 50 +++++++--------
|
||||||
|
tests/data/test1397 | 10 ++-
|
||||||
|
tests/unit/Makefile.am | 94 ----------------------------
|
||||||
|
tests/unit/Makefile.inc | 94 ++++++++++++++++++++++++++++
|
||||||
|
tests/unit/unit1397.c | 134 ++++++++++++++++++++++++----------------
|
||||||
|
5 files changed, 202 insertions(+), 180 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/hostcheck.c b/lib/hostcheck.c
|
||||||
|
index e827dc58f378c..d061c6356f97f 100644
|
||||||
|
--- a/lib/hostcheck.c
|
||||||
|
+++ b/lib/hostcheck.c
|
||||||
|
@@ -43,6 +43,17 @@
|
||||||
|
/* The last #include file should be: */
|
||||||
|
#include "memdebug.h"
|
||||||
|
|
||||||
|
+/* check the two input strings with given length, but do not
|
||||||
|
+ assume they end in nul-bytes */
|
||||||
|
+static int pmatch(const char *hostname, size_t hostlen,
|
||||||
|
+ const char *pattern, size_t patternlen)
|
||||||
|
+{
|
||||||
|
+ if(hostlen != patternlen)
|
||||||
|
+ return CURL_HOST_NOMATCH;
|
||||||
|
+ return strncasecompare(hostname, pattern, hostlen) ?
|
||||||
|
+ CURL_HOST_MATCH : CURL_HOST_NOMATCH;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* Match a hostname against a wildcard pattern.
|
||||||
|
* E.g.
|
||||||
|
@@ -65,26 +76,27 @@
|
||||||
|
|
||||||
|
static int hostmatch(char *hostname, char *pattern)
|
||||||
|
{
|
||||||
|
- const char *pattern_label_end, *pattern_wildcard, *hostname_label_end;
|
||||||
|
- int wildcard_enabled;
|
||||||
|
- size_t prefixlen, suffixlen;
|
||||||
|
+ size_t hostlen, patternlen;
|
||||||
|
+ const char *pattern_label_end;
|
||||||
|
struct in_addr ignored;
|
||||||
|
#ifdef ENABLE_IPV6
|
||||||
|
struct sockaddr_in6 si6;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+ DEBUGASSERT(pattern);
|
||||||
|
+ DEBUGASSERT(hostname);
|
||||||
|
+
|
||||||
|
+ hostlen = strlen(hostname);
|
||||||
|
+ patternlen = strlen(pattern);
|
||||||
|
+
|
||||||
|
/* normalize pattern and hostname by stripping off trailing dots */
|
||||||
|
- size_t len = strlen(hostname);
|
||||||
|
- if(hostname[len-1]=='.')
|
||||||
|
- hostname[len-1] = 0;
|
||||||
|
- len = strlen(pattern);
|
||||||
|
- if(pattern[len-1]=='.')
|
||||||
|
- pattern[len-1] = 0;
|
||||||
|
-
|
||||||
|
- pattern_wildcard = strchr(pattern, '*');
|
||||||
|
- if(pattern_wildcard == NULL)
|
||||||
|
- return strcasecompare(pattern, hostname) ?
|
||||||
|
- CURL_HOST_MATCH : CURL_HOST_NOMATCH;
|
||||||
|
+ if(hostname[hostlen-1]=='.')
|
||||||
|
+ hostname[hostlen-1] = 0;
|
||||||
|
+ if(pattern[patternlen-1]=='.')
|
||||||
|
+ pattern[patternlen-1] = 0;
|
||||||
|
+
|
||||||
|
+ if(strncmp(pattern, "*.", 2))
|
||||||
|
+ return pmatch(hostname, hostlen, pattern, patternlen);
|
||||||
|
|
||||||
|
/* detect IP address as hostname and fail the match if so */
|
||||||
|
if(Curl_inet_pton(AF_INET, hostname, &ignored) > 0)
|
||||||
|
@@ -96,34 +108,20 @@ static int hostmatch(char *hostname, char *pattern)
|
||||||
|
|
||||||
|
/* We require at least 2 dots in pattern to avoid too wide wildcard
|
||||||
|
match. */
|
||||||
|
- wildcard_enabled = 1;
|
||||||
|
pattern_label_end = strchr(pattern, '.');
|
||||||
|
- if(pattern_label_end == NULL || strchr(pattern_label_end + 1, '.') == NULL ||
|
||||||
|
- pattern_wildcard > pattern_label_end ||
|
||||||
|
- strncasecompare(pattern, "xn--", 4)) {
|
||||||
|
- wildcard_enabled = 0;
|
||||||
|
+ if(pattern_label_end == NULL ||
|
||||||
|
+ (strrchr(pattern, '.') == pattern_label_end))
|
||||||
|
+ return pmatch(pattern, patternlen, hostname, hostlen);
|
||||||
|
+
|
||||||
|
+ const char *hostname_label_end = strchr(hostname, '.');
|
||||||
|
+ if(hostname_label_end != NULL) {
|
||||||
|
+ size_t skiphost = hostname_label_end - hostname;
|
||||||
|
+ size_t skiplen = pattern_label_end - pattern;
|
||||||
|
+ return pmatch(hostname_label_end, hostlen - skiphost,
|
||||||
|
+ pattern_label_end, patternlen - skiplen);
|
||||||
|
}
|
||||||
|
- if(!wildcard_enabled)
|
||||||
|
- return strcasecompare(pattern, hostname) ?
|
||||||
|
- CURL_HOST_MATCH : CURL_HOST_NOMATCH;
|
||||||
|
-
|
||||||
|
- hostname_label_end = strchr(hostname, '.');
|
||||||
|
- if(hostname_label_end == NULL ||
|
||||||
|
- !strcasecompare(pattern_label_end, hostname_label_end))
|
||||||
|
- return CURL_HOST_NOMATCH;
|
||||||
|
|
||||||
|
- /* The wildcard must match at least one character, so the left-most
|
||||||
|
- label of the hostname is at least as large as the left-most label
|
||||||
|
- of the pattern. */
|
||||||
|
- if(hostname_label_end - hostname < pattern_label_end - pattern)
|
||||||
|
- return CURL_HOST_NOMATCH;
|
||||||
|
-
|
||||||
|
- prefixlen = pattern_wildcard - pattern;
|
||||||
|
- suffixlen = pattern_label_end - (pattern_wildcard + 1);
|
||||||
|
- return strncasecompare(pattern, hostname, prefixlen) &&
|
||||||
|
- strncasecompare(pattern_wildcard + 1, hostname_label_end - suffixlen,
|
||||||
|
- suffixlen) ?
|
||||||
|
- CURL_HOST_MATCH : CURL_HOST_NOMATCH;
|
||||||
|
+ return CURL_HOST_NOMATCH;
|
||||||
|
}
|
||||||
|
|
||||||
|
int Curl_cert_hostcheck(const char *match_pattern, const char *hostname)
|
||||||
|
diff --git a/tests/data/test1397 b/tests/data/test1397
|
||||||
|
index 84f962abebee3..f31b2c2a3f330 100644
|
||||||
|
--- a/tests/data/test1397
|
||||||
|
+++ b/tests/data/test1397
|
||||||
|
@@ -2,8 +2,7 @@
|
||||||
|
<info>
|
||||||
|
<keywords>
|
||||||
|
unittest
|
||||||
|
-ssl
|
||||||
|
-wildcard
|
||||||
|
+Curl_cert_hostcheck
|
||||||
|
</keywords>
|
||||||
|
</info>
|
||||||
|
|
||||||
|
@@ -15,9 +14,9 @@ none
|
||||||
|
<features>
|
||||||
|
unittest
|
||||||
|
</features>
|
||||||
|
- <name>
|
||||||
|
-Check wildcard certificate matching function Curl_cert_hostcheck
|
||||||
|
- </name>
|
||||||
|
+<name>
|
||||||
|
+Curl_cert_hostcheck unit tests
|
||||||
|
+</name>
|
||||||
|
</client>
|
||||||
|
|
||||||
|
</testcase>
|
||||||
|
diff --git a/tests/unit/unit1397.c b/tests/unit/unit1397.c
|
||||||
|
index 2f3d3aa4d09e1..3ae75618d5d10 100644
|
||||||
|
--- a/tests/unit/unit1397.c
|
||||||
|
+++ b/tests/unit/unit1397.c
|
||||||
|
@@ -21,8 +21,6 @@
|
||||||
|
***************************************************************************/
|
||||||
|
#include "curlcheck.h"
|
||||||
|
|
||||||
|
-#include "hostcheck.h" /* from the lib dir */
|
||||||
|
-
|
||||||
|
static CURLcode unit_setup(void)
|
||||||
|
{
|
||||||
|
return CURLE_OK;
|
||||||
|
@@ -30,50 +28,93 @@ static CURLcode unit_setup(void)
|
||||||
|
|
||||||
|
static void unit_stop(void)
|
||||||
|
{
|
||||||
|
- /* done before shutting down and exiting */
|
||||||
|
}
|
||||||
|
|
||||||
|
-UNITTEST_START
|
||||||
|
-
|
||||||
|
/* only these backends define the tested functions */
|
||||||
|
-#if defined(USE_OPENSSL) || defined(USE_GSKIT)
|
||||||
|
-
|
||||||
|
- /* here you start doing things and checking that the results are good */
|
||||||
|
+#if defined(USE_OPENSSL) || defined(USE_GSKIT) || defined(USE_SCHANNEL)
|
||||||
|
+#include "hostcheck.h"
|
||||||
|
+struct testcase {
|
||||||
|
+ const char *host;
|
||||||
|
+ const char *pattern;
|
||||||
|
+ bool match;
|
||||||
|
+};
|
||||||
|
|
||||||
|
-fail_unless(Curl_cert_hostcheck("www.example.com", "www.example.com"),
|
||||||
|
- "good 1");
|
||||||
|
-fail_unless(Curl_cert_hostcheck("*.example.com", "www.example.com"),
|
||||||
|
- "good 2");
|
||||||
|
-fail_unless(Curl_cert_hostcheck("xxx*.example.com", "xxxwww.example.com"),
|
||||||
|
- "good 3");
|
||||||
|
-fail_unless(Curl_cert_hostcheck("f*.example.com", "foo.example.com"),
|
||||||
|
- "good 4");
|
||||||
|
-fail_unless(Curl_cert_hostcheck("192.168.0.0", "192.168.0.0"),
|
||||||
|
- "good 5");
|
||||||
|
-
|
||||||
|
-fail_if(Curl_cert_hostcheck("xxx.example.com", "www.example.com"), "bad 1");
|
||||||
|
-fail_if(Curl_cert_hostcheck("*", "www.example.com"), "bad 2");
|
||||||
|
-fail_if(Curl_cert_hostcheck("*.*.com", "www.example.com"), "bad 3");
|
||||||
|
-fail_if(Curl_cert_hostcheck("*.example.com", "baa.foo.example.com"), "bad 4");
|
||||||
|
-fail_if(Curl_cert_hostcheck("f*.example.com", "baa.example.com"), "bad 5");
|
||||||
|
-fail_if(Curl_cert_hostcheck("*.com", "example.com"), "bad 6");
|
||||||
|
-fail_if(Curl_cert_hostcheck("*fail.com", "example.com"), "bad 7");
|
||||||
|
-fail_if(Curl_cert_hostcheck("*.example.", "www.example."), "bad 8");
|
||||||
|
-fail_if(Curl_cert_hostcheck("*.example.", "www.example"), "bad 9");
|
||||||
|
-fail_if(Curl_cert_hostcheck("", "www"), "bad 10");
|
||||||
|
-fail_if(Curl_cert_hostcheck("*", "www"), "bad 11");
|
||||||
|
-fail_if(Curl_cert_hostcheck("*.168.0.0", "192.168.0.0"), "bad 12");
|
||||||
|
-fail_if(Curl_cert_hostcheck("www.example.com", "192.168.0.0"), "bad 13");
|
||||||
|
-
|
||||||
|
-#ifdef ENABLE_IPV6
|
||||||
|
-fail_if(Curl_cert_hostcheck("*::3285:a9ff:fe46:b619",
|
||||||
|
- "fe80::3285:a9ff:fe46:b619"), "bad 14");
|
||||||
|
-fail_unless(Curl_cert_hostcheck("fe80::3285:a9ff:fe46:b619",
|
||||||
|
- "fe80::3285:a9ff:fe46:b619"), "good 6");
|
||||||
|
-#endif
|
||||||
|
+static struct testcase tests[] = {
|
||||||
|
+ {"", "", FALSE},
|
||||||
|
+ {"a", "", FALSE},
|
||||||
|
+ {"", "b", FALSE},
|
||||||
|
+ {"a", "b", FALSE},
|
||||||
|
+ {"aa", "bb", FALSE},
|
||||||
|
+ {"\xff", "\xff", TRUE},
|
||||||
|
+ {"aa.aa.aa", "aa.aa.bb", FALSE},
|
||||||
|
+ {"aa.aa.aa", "aa.aa.aa", TRUE},
|
||||||
|
+ {"aa.aa.aa", "*.aa.bb", FALSE},
|
||||||
|
+ {"aa.aa.aa", "*.aa.aa", TRUE},
|
||||||
|
+ {"192.168.0.1", "192.168.0.1", TRUE},
|
||||||
|
+ {"192.168.0.1", "*.168.0.1", FALSE},
|
||||||
|
+ {"192.168.0.1", "*.0.1", FALSE},
|
||||||
|
+ {"h.ello", "*.ello", FALSE},
|
||||||
|
+ {"h.ello.", "*.ello", FALSE},
|
||||||
|
+ {"h.ello", "*.ello.", FALSE},
|
||||||
|
+ {"h.e.llo", "*.e.llo", TRUE},
|
||||||
|
+ {"h.e.llo", " *.e.llo", FALSE},
|
||||||
|
+ {" h.e.llo", "*.e.llo", TRUE},
|
||||||
|
+ {"h.e.llo.", "*.e.llo", TRUE},
|
||||||
|
+ {"*.e.llo.", "*.e.llo", TRUE},
|
||||||
|
+ {"************.e.llo.", "*.e.llo", TRUE},
|
||||||
|
+ {"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
|
||||||
|
+ "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB"
|
||||||
|
+ "CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC"
|
||||||
|
+ "DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD"
|
||||||
|
+ "EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE"
|
||||||
|
+ ".e.llo.", "*.e.llo", TRUE},
|
||||||
|
+ {"\xfe\xfe.e.llo.", "*.e.llo", TRUE},
|
||||||
|
+ {"h.e.llo.", "*.e.llo.", TRUE},
|
||||||
|
+ {"h.e.llo", "*.e.llo.", TRUE},
|
||||||
|
+ {".h.e.llo", "*.e.llo.", FALSE},
|
||||||
|
+ {"h.e.llo", "*.*.llo.", FALSE},
|
||||||
|
+ {"h.e.llo", "h.*.llo", FALSE},
|
||||||
|
+ {"h.e.llo", "h.e.*", FALSE},
|
||||||
|
+ {"hello", "*.ello", FALSE},
|
||||||
|
+ {"hello", "**llo", FALSE},
|
||||||
|
+ {"bar.foo.example.com", "*.example.com", FALSE},
|
||||||
|
+ {"foo.example.com", "*.example.com", TRUE},
|
||||||
|
+ {"baz.example.net", "b*z.example.net", FALSE},
|
||||||
|
+ {"foobaz.example.net", "*baz.example.net", FALSE},
|
||||||
|
+ {"xn--l8j.example.local", "x*.example.local", FALSE},
|
||||||
|
+ {"xn--l8j.example.net", "*.example.net", TRUE},
|
||||||
|
+ {"xn--l8j.example.net", "*j.example.net", FALSE},
|
||||||
|
+ {"xn--l8j.example.net", "xn--l8j.example.net", TRUE},
|
||||||
|
+ {"xn--l8j.example.net", "xn--l8j.*.net", FALSE},
|
||||||
|
+ {"xl8j.example.net", "*.example.net", TRUE},
|
||||||
|
+ {"fe80::3285:a9ff:fe46:b619", "*::3285:a9ff:fe46:b619", FALSE},
|
||||||
|
+ {"fe80::3285:a9ff:fe46:b619", "fe80::3285:a9ff:fe46:b619", TRUE},
|
||||||
|
+ {NULL, NULL, FALSE}
|
||||||
|
+};
|
||||||
|
|
||||||
|
-#endif
|
||||||
|
+UNITTEST_START
|
||||||
|
+{
|
||||||
|
+ int i;
|
||||||
|
+ for(i = 0; tests[i].host; i++) {
|
||||||
|
+ if(tests[i].match != Curl_cert_hostcheck(tests[i].pattern,
|
||||||
|
+ strlen(tests[i].pattern),
|
||||||
|
+ tests[i].host,
|
||||||
|
+ strlen(tests[i].host))) {
|
||||||
|
+ fprintf(stderr,
|
||||||
|
+ "HOST: %s\n"
|
||||||
|
+ "PTRN: %s\n"
|
||||||
|
+ "did %sMATCH\n",
|
||||||
|
+ tests[i].host,
|
||||||
|
+ tests[i].pattern,
|
||||||
|
+ tests[i].match ? "NOT ": "");
|
||||||
|
+ unitfail++;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+UNITTEST_STOP
|
||||||
|
+#else
|
||||||
|
|
||||||
|
- /* you end the test code like this: */
|
||||||
|
+UNITTEST_START
|
||||||
|
|
||||||
|
UNITTEST_STOP
|
||||||
|
+#endif
|
Loading…
Reference in new issue