Commit Graph

81 Commits

Author SHA1 Message Date
Juan RP
46b7057d91
Fix signed vs unsigned char issues found by NetBSD. 2021-06-26 17:13:01 +02:00
Érico Rolim
9c5443d134
fetch/http: add missing case when treating status code.
The HTTP_REDIRECT() macro already included this case, but the
switch-case with the return value of http_get_reply(conn) didn't. This
made it so that a server returning HTTP_TEMP_REDIRECT (307) would
generate a failure, unless libfetch was used in verbose mode, in which
case the headers would be parsed (in order to report errors), then the
'Location' header would be found and a new connection would be made.

Fixes #348
2021-02-04 23:14:34 +01:00
Érico Rolim
0b23de1bec
__UNCONST: use uintptr_t instead of unsigned long.
The width of unsigned long matching the width of a pointer isn't
guaranteed by any standard, though it is a requirement of the Linux
syscall API. Using uintptr_t directly is always correct.
2021-02-04 23:04:59 +01:00
Duncan Overbruck
51b39002e5
Revert "Move all external code to lib/external."
This reverts commit 9effec0c4e.
2021-02-04 22:42:57 +01:00
Juan RP
9effec0c4e
Move all external code to lib/external. 2020-04-24 12:32:09 +02:00
Juan RP
35ae128826
lib/fetch: fix CID 284966 in a different way.
Hopefully this fixes it for real.
2020-04-20 10:31:13 +02:00
Juan RP
8663c3bd75
lib/fetch/common.c: fix CID 284959 (NULL returns).
Also fix previous CID.
2020-04-19 11:53:28 +02:00
Juan RP
359721baa6
lib/fetch/common.c: fix CID 284966 (Resource leak). 2020-04-19 11:43:54 +02:00
Piotr Wójcik
5737d9a941 xbps-fetch: TIMEOUT_CONNECTION to customize time waiting for response 2020-03-03 08:15:00 +01:00
Duncan Overbruck
57675c7dfc
lib/fetch: fix CVE-2020-7450
https://www.freebsd.org/security/advisories/FreeBSD-SA-20:01.libfetch.asc
2020-01-28 20:29:39 +01:00
Juan RP
d6aebd45f0
fetch/http.c: fix tcc build failure.
fetch/http.c:1475: warning: function might return no value: 'parse_index'

The code uses abort() before returning anything; return a proper
return value instead.
2019-06-26 14:57:39 +02:00
Johannes Brechtmann
11e5190a36 lib/fetch: happy_eyeballs_connect check for waiting connections before
decrementing them, remove dead code
2019-06-23 12:14:21 +02:00
Duncaen
7e762cc357 lib/fetch.c: ignore EADDRNOTAVAIL and try next ip 2019-06-21 20:23:55 +02:00
Duncaen
093950dba2 lib/fetch: remove port from happy eyeballs verbose logs, wrong cast and redundant 2019-06-20 13:28:14 +02:00
Duncaen
81a736a5ac lib/fetch: cleanup happy eyeballs and add verbose logging 2019-06-20 12:15:30 +02:00
Duncaen
a3af0e5559 lib/fetch: remember if ipv6 or ipv4 are unreachable and don't try to connect again 2019-06-20 11:32:12 +02:00
Duncaen
3527a1374a lib/fetch: set connect timeout to 300 seconds 2019-06-20 11:32:12 +02:00
Juan RP
fd88298755 lib/fetch/common.c: fix memleak in happy_eyeballs_connect.
Found by clang-analyzer.

Bug Summary

File: lib/fetch/common.c
Warning: line 587, column 4
Potential leak of memory pointed to by 'pfd'
2019-06-18 18:49:29 +02:00
Duncaen
104e8393f3 lib/fetch: fix happy eyeballs without any usable addresses and catch more errors 2019-06-15 19:19:40 +02:00
Duncaen
8018833010 lib/fetch: add FORCE_IPV{4,6} environment variables 2019-06-15 19:19:40 +02:00
Juan RP
71775950e8 lib/fetch/http.c: fix https->http redirection via proxy.
See https://github.com/void-linux/xbps/issues/52

Thanks @jschultz

Closes: #79 [via git-merge-pr]
2019-04-22 14:49:54 +02:00
Andreas Kempe
0c657582f2 lib/fetch/common.c: send socks5 request as a single transaction
Splitting the socks5 request is causing issues when running against Tor.
It causes Tor to fail with an address unknown error. Assembling the
request and sending it in its entirety solves the issue.

An strace of torsocks, that functions correctly when used with xbps, shows
that the request is being sent all at once:

        recvfrom(3, "\5\0", 2, 0, NULL, NULL)
        sendto(3, "\5\1\0\3>lysator7eknrfl47rlyxvgeamrv7ucefgrrlhk7rouv3sna25asetwid.onion\0P", 69, 0, NULL, 0)
        recvfrom(3, "\5\0\0\1\0\0\0\0\0\0", 10, 0, NULL, NULL)

Closes: #54 [via git-merge-pr]
2019-04-20 11:11:40 +02:00
Duncaen
9f52a7837f lib/fetch: add happy eyeballs connect algorithm (RFC6555/RFC8305)
Connect to the addresses from `getaddrinfo(3)`,
alternating between address family,
starting with ipv6 and wait `fetchConnDelay`
between each connection attempt.

If a connection is established within the attempts,
use this connection and close all others.

If `connect(3)` returns `ENETUNREACH`, don't attempt more
connections with the failing address family.

If there are no more addresses to attempt,
wait for `fetchConnTimeout` and return the first established
connection.

If no connection was established within the timeouts,
close all sockets and return -1 and set errno to
`ETIMEDOUT`.
2019-04-19 22:58:50 +02:00
Duncaen
07ec982b07 lib/fetch/http.c: ignore headers after CONNECT response 2019-04-08 13:34:23 +02:00
wuhanck
b4eebafa6d upgrade to openssl 1.1.x. 2019-01-24 14:57:50 -05:00
Agustin Chiappe Berrini
be5277591f Fix compilation in ftp.c
When trying to compile the file ftp.c, I get errors related with
warnings that were marked to be reported as error.

This was the original message:

```
fetch/ftp.c:444:8: error: this statement may fall through [-Werror=implicit-fallthrough=]
   type = 'D';
   ~~~~~^~~~~
fetch/ftp.c:445:2: note: here
  case 'D':
  ^~~~
fetch/ftp.c: In function ‘ftp_request’:
fetch/ftp.c:342:3: error: missed loop optimization, the loop counter may overflow [-Werror=unsafe-loop-optimizations]
   for (i = 0; i <= len && i <= end - dst; ++i)
   ^~~
fetch/ftp.c:342:24: error: missed loop optimization, the loop counter may overflow [-Werror=unsafe-loop-optimizations]
   for (i = 0; i <= len && i <= end - dst; ++i)
               ~~~~~~~~~^~~~~~~~~~~~~~~~~
```
2017-08-22 18:03:32 -04:00
Duncaen
08b9ed878f lib/fetch: default port, error checks and authentication support 2016-09-02 17:50:05 +02:00
Duncaen
30ace44394 lib/fetch: add socks5 support 2016-09-01 00:38:55 +02:00
Enno Boland
934a59ecd9 lib/fetch/http.c: send proxy auth on https as connect header.
fixes #185
2016-07-08 08:24:14 +02:00
Michael Gehring
46744c412d lib/fetch/common.c: fix build with -Werror=misleading-indentation
Fixes #179
2016-06-03 20:26:52 +02:00
Enno Boland
7c8b1d7aaa lib/fetch/http.c: HTTP CONNECT needs two \r\ns 2016-04-27 11:04:14 +02:00
Enno Boland
3a5c1f3a71 lib/fetch/http.c: fix EOL at HTTP CONNECT
fixes #172.
2016-04-26 13:59:49 +02:00
Juan RP
adcc6d16a4 lib/fetch/common.c: simplify ssl_init(). 2016-04-24 19:20:54 +02:00
Juan RP
eb3d227d61 lib/fetch: check that SSL_CTX_new() does not fail and print its errors (#170).
Thanks @ebfe.
2016-04-24 08:42:32 +02:00
Juan RP
b810c25601 lib/fetch/common.c: dup pthread.h inclusion. 2016-04-23 07:04:25 +02:00
Juan RP
e2e8eea490 lib/fetch: also call SSL_load_error_strings() once (#167).
Close #168
2016-04-22 11:38:01 +02:00
Juan RP
228a89d51e Use pthread_once(3) to initialize openssl/libressl just once.
Fixes openssl initialization concurrently by multiple threads.
Close #167
2016-04-22 11:32:34 +02:00
Michael Gehring
0f56b68eac add HAVE_STRNSTR 2016-02-08 15:09:33 +01:00
Juan RP
9e524d831c fetch/common.c: fix a memleak found by clang-analyzer. 2015-12-21 17:12:14 +01:00
Juan RP
f4cb178f6c libfetch: use default CA path rather than default CA file.
The default CA file set by FreeBSD is only available when using the
LibreSSL provided CA file, and we've decided to use the CA path
by default.

Discussed with @dominikh.
2015-10-28 07:31:26 +01:00
Juan RP
90eb1d9433 libfetch: merge some features from FreeBSD:
- Supports HTTP/1.1 308 redirect.
- SSLv[23] HTTPS connections are forbidden by default.
- TLS client certificate validation thru OpenSSL.
- Fixes for user/password encoding, misc.
2015-10-24 07:52:30 +02:00
Juan RP
a7378f70de fetch: fix regression introduced in 791e683e.
us->size and us->{a,m}time must be set after there's real data.
2015-06-30 21:48:21 +02:00
Juan RP
791e683e01 fetch: handle GET with offset == length.
While xbps_fetch_file() creates the .part file and for whatever reason
it did not finish properly to rename the file, it could request the server
to restart the download with offset set to file size, resulting in HTTP 416
return code.

Handle this case by checking if the server returns 416 and then checking
if the returned file size matches the requested offset and just rename
the file.

Thanks to @beefcurtains for the test case.
2015-06-28 04:28:55 +02:00
Juan RP
15893caf0b fetch: support keep-alive even if the HTTP server returns 304 (Not-Modified). 2015-04-13 12:05:40 +02:00
Juan RP
b513a5e15e libfetch: misc cleanups due to nbcompat removal. 2014-12-28 03:34:36 +01:00
Juan RP
4ee6f943dd libfetch: fix races in the cache connection code.
Tested by @Gottox.
2014-12-23 10:52:54 +01:00
Juan RP
967acd82b0 lib/fetch/http.c: CID 62725 (NULL pointer dereference) 2014-10-07 11:12:04 +02:00
Juan RP
a6cdd9a698 lib/fetch/common.c: CID 62709 (NULL pointer dereference) 2014-10-07 11:07:24 +02:00
Juan RP
6e7c160195 lib/fetch/file.c: CID 62701 (NULL pointer dereference) 2014-10-07 11:02:12 +02:00
Juan RP
d434b44cfc lib/fetch/http.c: CID 62698 (NULL pointer dereference) 2014-10-07 10:51:37 +02:00