aboutsummaryrefslogtreecommitdiff
path: root/lib/ftp.c
AgeCommit message (Collapse)Author
2018-03-12FTP: reject path components with control codesDaniel Stenberg
Refuse to operate when given path components featuring byte values lower than 32. Previously, inserting a %00 sequence early in the directory part when using the 'singlecwd' ftp method could make curl write a zero byte outside of the allocated buffer. Test case 340 verifies. CVE-2018-1000120 Reported-by: Duy Phan Thanh Bug: https://curl.haxx.se/docs/adv_2018-9cd6.html
2018-02-23spelling fixesViktor Szakats
Detected using the `codespell` tool. Also contains one URL protocol upgrade. Closes https://github.com/curl/curl/pull/2334
2018-02-15TODO fixed: Detect when called from within callbacksBjörn Stenberg
Closes #2302
2018-02-01time_t-fixes: remove typecasts to 'long' for info.filetimeDaniel Stenberg
They're now wrong. Reported-by: Michael Kaufmann Closes #2277
2018-01-30Curl_range: commonize FTP and FILE range handlingMax Dymond
Closes #2205
2017-10-28Curl_timeleft: change return type to timediff_tDaniel Stenberg
returning 'time_t' is problematic when that type is unsigned and we return values less than zero to signal "already expired", used in several places in the code. Closes #2021
2017-10-26wildcards: don't use with non-supported protocolsMax Dymond
Fixes timeouts in the fuzzing tests for non-FTP protocols. Closes #2016
2017-10-25time: rename Curl_tvnow to Curl_nowDaniel Stenberg
... since the 'tv' stood for timeval and this function does not return a timeval struct anymore. Also, cleaned up the Curl_timediff*() functions to avoid typecasts and clean up the descriptive comments. Closes #2011
2017-10-25timediff: return timediff_t from the time diff functionsDaniel Stenberg
... to cater for systems with unsigned time_t variables. - Renamed the functions to curlx_timediff and Curl_timediff_us. - Added overflow protection for both of them in either direction for both 32 bit and 64 bit time_ts - Reprefixed the curlx_time functions to use Curl_* Reported-by: Peter Piekarski Fixes #2004 Closes #2005
2017-10-20ftp: reject illegal IP/port in PASV 227 responseDaniel Stenberg
... by using range checks. Among other things, this avoids an undefined behavior for a left shift that could happen on negative or very large values. Closes #1997 Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694
2017-10-10FTP: URL decode path for dir listing in nocwd modeDaniel Stenberg
Reported-by: Zenju on github Test 244 added to verify Fixes #1974 Closes #1976
2017-10-04ftp: UBsan fixup 'pointer index expression overflowed'Daniel Stenberg
Closes #1939
2017-10-02FTP: zero terminate the entry path even on bad inputDaniel Stenberg
... a single double quote could leave the entry path buffer without a zero terminating byte. CVE-2017-1000254 Test 1152 added to verify. Reported-by: Max Dymond Bug: https://curl.haxx.se/docs/adv_20171004.html
2017-09-12code style: remove wrong uses of multiple spacesDaniel Stenberg
Closes #1878
2017-09-11code style: use spaces around plusesDaniel Stenberg
2017-09-11code style: use spaces around equals signsDaniel Stenberg
2017-08-17ftp: fix CWD when doing multicwd then nocwd on same connectionDaniel Stenberg
Fixes #1782 Closes #1787 Reported-by: Peter Lamare
2017-08-14strtoofft: reduce integer overflow risks globallyDaniel Stenberg
... make sure we bail out on overflows. Reported-by: Brian Carpenter Closes #1758
2017-08-04FTP: skip unnecessary CWD when in nocwd modeDaniel Stenberg
... when reusing a connection. If it didn't do any CWD previously. Fixes #1718
2017-07-28timeval: struct curltime is a struct timeval replacementDaniel Stenberg
... to make all libcurl internals able to use the same data types for the struct members. The timeval struct differs subtly on several platforms so it makes it cumbersome to use everywhere. Ref: #1652 Closes #1693
2017-06-30handler: refactor connection checkingMax Dymond
Add a new type of callback to Curl_handler which performs checks on the connection. Alter RTSP so that it uses this callback to do its own check on connection health.
2017-06-15http-proxy: only attempt FTP over HTTP proxyDaniel Stenberg
... all other non-HTTP protocol schemes are now defaulting to "tunnel trough" mode if a HTTP proxy is specified. In reality there are no HTTP proxies out there that allow those other schemes. Assisted-by: Ray Satiro, Michael Kaufmann Closes #1505
2017-06-14http-proxy: do the HTTP CONNECT process entirely non-blockingDaniel Stenberg
Mentioned as a problem since 2007 (8f87c15bdac63) and of course it existed even before that. Closes #1547
2017-05-10multi: assign IDs to all timers and make each timer singletonDaniel Stenberg
A) reduces the timeout lists drastically B) prevents a lot of superfluous loops for timers that expires "in vain" when it has actually already been extended to fire later on
2017-05-01buffer: use data->set.buffer_size instead of BUFSIZEDaniel Stenberg
... to properly use the dynamically set buffer size!
2017-05-01buffer_size: make sure it always has the correct sizeDaniel Stenberg
Removes the need for CURL_BUFSIZE
2017-05-01ftp: use private buffer for temp storage, not receive bufferDaniel Stenberg
2017-04-26http-proxy: remove unused argument from Curl_proxyCONNECT()Daniel Stenberg
2017-04-04llist: replace Curl_llist_alloc with Curl_llist_initDaniel Stenberg
No longer allocate the curl_llist head struct for lists separately. Removes 17 (15%) tiny allocations in a normal "curl localhost" invoke. closes #1381
2017-03-26spelling fixesklemens
Closes #1356
2017-03-13Improve code readbilitySylvestre Ledru
... by removing the else branch after a return, break or continue. Closes #1310
2017-03-03build: fix gcc7 implicit fallthrough warningsAlexis La Goutte
Mark intended fallthroughs with /* FALLTHROUGH */ so that gcc will know it's expected and won't warn on [-Wimplicit-fallthrough=]. Closes https://github.com/curl/curl/pull/1297
2017-02-25ftp: fixed a NULL pointer dereference on OOMDan Fandrich
2017-02-25ftp: removed an erroneous free in an OOM pathDan Fandrich
2017-01-19CURLOPT_BUFFERSIZE: support enlarging receive bufferRichy Kim
Replace use of fixed macro BUFSIZE to define the size of the receive buffer. Reappropriate CURLOPT_BUFFERSIZE to include enlarging receive buffer size. Upon setting, resize buffer if larger than the current default size up to a MAX_BUFSIZE (512KB). This can benefit protocols like SFTP. Closes #1222
2016-12-25ftp: failure to resolve proxy should return that error codeDaniel Stenberg
2016-12-19http_proxy: Fix proxy CONNECT hang on pending dataJay Satiro
- Check for pending data before waiting on the socket. Bug: https://github.com/curl/curl/issues/1156 Reported-by: Adam Langley
2016-12-14checksrc: warn for assignments within if() expressionsDaniel Stenberg
... they're already frowned upon in our source code style guide, this now enforces the rule harder.
2016-12-13checksrc: stricter no-space-before-paren enforcementDaniel Stenberg
In order to make the code style more uniform everywhere
2016-11-24proxy: Support HTTPS proxy and SOCKS+HTTP(s)Alex Rousskov
* HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-18lib: fix compiler warnings after de4de4e3c7cMarcel Raad
Visual C++ now complains about implicitly casting time_t (64-bit) to long (32-bit). Fix this by changing some variables from long to time_t, or explicitly casting to long where the public interface would be affected. Closes #1131
2016-11-02ftp_done: don't clobber the passed in error codeDaniel Stenberg
Coverity CID 1374359 pointed out the unused result value.
2016-11-02ftp: remove dead code in ftp_doneDaniel Stenberg
Coverity CID 1374358
2016-10-31strcasecompare: all case insensitive string compares ignore locale nowDaniel Stenberg
We had some confusions on when each function was used. We should not act differently on different locales anyway.
2016-10-31strcasecompare: is the new name for strequal()Daniel Stenberg
... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the function with a plain strcmp when case sensitivity is not an issue (like comparing with "-").
2016-10-31ftp: check for previous patch must be case sensitive!Daniel Stenberg
... otherwise example.com/PATH and example.com/path would be assumed to be the same and they usually aren't!
2016-10-31escape: avoid using curl_easy_unescape() internallyDaniel Stenberg
Since the internal Curl_urldecode() function has a better API.
2016-10-18select: switch to macros in uppercaseDaniel Stenberg
Curl_select_ready() was the former API that was replaced with Curl_select_check() a while back and the former arg setup was provided with a define (in order to leave existing code unmodified). Now we instead offer SOCKET_READABLE and SOCKET_WRITABLE for the most common shortcuts where only one socket is checked. They're also more visibly macros.
2016-10-08ftp: fix Curl_ftpsendf()Daniel Stenberg
... it no longer takes printf() arguments since it was only really taken advantage by one user and it was not written and used in a safe way. Thus the 'f' is removed from the function name and the proto is changed. Although the current code wouldn't end up in badness, it was a risk that future changes could end up springf()ing too large data or passing in a format string inadvertently.
2016-09-07errors: new alias CURLE_WEIRD_SERVER_REPLY (8)Jay Satiro
Since we're using CURLE_FTP_WEIRD_SERVER_REPLY in imap, pop3 and smtp as more of a generic "failed to parse" introduce an alias without FTP in the name. Closes https://github.com/curl/curl/pull/975