Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

make curl_easy_duphandle() handle HSTS correctly #12315

Closed
wants to merge 3 commits into from
Closed

make curl_easy_duphandle() handle HSTS correctly #12315

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d4bfb7c
test1900: verify duphandle with HSTS using multiple files
bagder Nov 13, 2023
3ea422b
urldata: move hstslist from 'set' to 'state'
bagder Nov 13, 2023
840b6da
curl_easy_duphandle.3: clarify how HSTS and alt-svc are duped
bagder Nov 13, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 3 additions & 0 deletions docs/libcurl/curl_easy_duphandle.3
View file
Open in desktop
Expand Up @@ -45,6 +45,9 @@ The new handle does \fBnot\fP inherit any state information, no connections,
no SSL sessions and no cookies. It also does not inherit any share object
states or options (created as if \fICURLOPT_SHARE(3)\fP was set to NULL).

If the source handle has HSTS or alt-svc enabled, the duplicate gets data read
data from the main file name to populate the cache.

In multi-threaded programs, this function must be called in a synchronous way,
the input handle may not be in use when cloned.
.SH EXAMPLE
Expand Down
2 changes: 1 addition & 1 deletion lib/hsts.c
View file
Open in desktop
Expand Up @@ -572,7 +572,7 @@ CURLcode Curl_hsts_loadcb(struct Curl_easy *data, struct hsts *h)

void Curl_hsts_loadfiles(struct Curl_easy *data)
{
struct curl_slist *l = data->set.hstslist;
struct curl_slist *l = data->state.hstslist;
if(l) {
Curl_share_lock(data, CURL_LOCK_DATA_HSTS, CURL_LOCK_ACCESS_SINGLE);

Expand Down
12 changes: 6 additions & 6 deletions lib/setopt.c
View file
Open in desktop
Expand Up @@ -3066,18 +3066,18 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
/* this needs to build a list of file names to read from, so that it can
read them later, as we might get a shared HSTS handle to load them
into */
h = curl_slist_append(data->set.hstslist, argptr);
h = curl_slist_append(data->state.hstslist, argptr);
if(!h) {
curl_slist_free_all(data->set.hstslist);
data->set.hstslist = NULL;
curl_slist_free_all(data->state.hstslist);
data->state.hstslist = NULL;
return CURLE_OUT_OF_MEMORY;
}
data->set.hstslist = h; /* store the list for later use */
data->state.hstslist = h; /* store the list for later use */
}
else {
/* clear the list of HSTS files */
curl_slist_free_all(data->set.hstslist);
data->set.hstslist = NULL;
curl_slist_free_all(data->state.hstslist);
data->state.hstslist = NULL;
if(!data->share || !data->share->hsts)
/* throw away the HSTS cache unless shared */
Curl_hsts_cleanup(&data->hsts);
Expand Down
2 changes: 1 addition & 1 deletion lib/url.c
View file
Open in desktop
Expand Up @@ -412,7 +412,7 @@ CURLcode Curl_close(struct Curl_easy **datap)
#ifndef CURL_DISABLE_HSTS
if(!data->share || !data->share->hsts)
Curl_hsts_cleanup(&data->hsts);
curl_slist_free_all(data->set.hstslist); /* clean up list */
curl_slist_free_all(data->state.hstslist); /* clean up list */
#endif
#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_DIGEST_AUTH)
Curl_http_auth_cleanup_digest(data);
Expand Down
5 changes: 2 additions & 3 deletions lib/urldata.h
View file
Open in desktop
Expand Up @@ -1344,7 +1344,8 @@ struct UrlState {
curl_off_t recent_conn_id; /* The most recent connection used, might no
* longer exist */
struct dynbuf headerb; /* buffer to store headers in */

struct curl_slist *hstslist; /* list of HSTS files set by
curl_easy_setopt(HSTS) calls */
char *buffer; /* download buffer */
char *ulbuf; /* allocated upload buffer or NULL */
curl_off_t current_speed; /* the ProgressShow() function sets this,
Expand Down Expand Up @@ -1698,8 +1699,6 @@ struct UserDefined {
curl_easy_setopt(COOKIEFILE) calls */
#endif
#ifndef CURL_DISABLE_HSTS
struct curl_slist *hstslist; /* list of HSTS files set by
curl_easy_setopt(HSTS) calls */
curl_hstsread_callback hsts_read;
void *hsts_read_userp;
curl_hstswrite_callback hsts_write;
Expand Down
2 changes: 1 addition & 1 deletion tests/data/Makefile.inc
View file
Open in desktop
Expand Up @@ -219,7 +219,7 @@ test1700 test1701 test1702 test1703 \
\
test1800 test1801 \
\
test1903 test1904 test1905 test1906 test1907 \
test1900 test1903 test1904 test1905 test1906 test1907 \
test1908 test1909 test1910 test1911 test1912 test1913 test1914 test1915 \
test1916 test1917 test1918 test1919 \
\
Expand Down
38 changes: 38 additions & 0 deletions tests/data/test1900
View file
Open in desktop
@@ -0,0 +1,38 @@
<testcase>
<info>
<keywords>
HTTP
HSTS
</keywords>
</info>

# Server-side
<reply>
</reply>

# Client-side
<client>
<features>
HSTS
http
</features>
<server>
none
</server>

<name>
HSTS curl_easy_duphandle
</name>
<tool>
lib%TESTNUMBER
</tool>

<command>
http://%HOSTIP:%NOLISTENPORT/not-there/%TESTNUMBER
</command>
</client>

# Verify data after the test has been "shot"
<verify>
</verify>
</testcase>
3 changes: 3 additions & 0 deletions tests/libtest/Makefile.inc
View file
Open in desktop
Expand Up @@ -65,6 +65,7 @@ noinst_PROGRAMS = chkhostname libauthretry libntlmconnect libprereq \
\
lib1662 \
\
lib1900 \
lib1903 lib1905 lib1906 lib1907 lib1908 lib1910 lib1911 lib1912 lib1913 \
lib1915 lib1916 lib1917 lib1918 lib1919 \
lib1933 lib1934 lib1935 lib1936 lib1937 lib1938 lib1939 lib1940 \
Expand Down Expand Up @@ -530,6 +531,8 @@ lib1597_LDADD = $(TESTUTIL_LIBS)
lib1662_SOURCES = lib1662.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib1662_LDADD = $(TESTUTIL_LIBS)

lib1900_SOURCES = lib1900.c $(SUPPORTFILES)

lib1903_SOURCES = lib1903.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
lib1903_LDADD = $(TESTUTIL_LIBS)

Expand Down
55 changes: 55 additions & 0 deletions tests/libtest/lib1900.c
View file
Open in desktop
@@ -0,0 +1,55 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at https://curl.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
* SPDX-License-Identifier: curl
*
***************************************************************************/
#include "test.h"

#include "testutil.h"
#include "warnless.h"
#include "memdebug.h"

int test(char *URL)
{
CURLcode res = CURLE_OK;
CURL *hnd = NULL;
CURL *second = NULL;

global_init(CURL_GLOBAL_ALL);

easy_init(hnd);
easy_setopt(hnd, CURLOPT_URL, URL);
easy_setopt(hnd, CURLOPT_HSTS, "first-hsts.txt");
easy_setopt(hnd, CURLOPT_HSTS, "second-hsts.txt");

second = curl_easy_duphandle(hnd);

curl_easy_cleanup(hnd);
curl_easy_cleanup(second);
curl_global_cleanup();
return 0;

test_cleanup:
curl_easy_cleanup(hnd);
curl_easy_cleanup(second);
curl_global_cleanup();
return (int)res;
}