mirror of
https://github.com/curl/curl.git
synced 2026-04-25 01:22:13 +03:00
22652a5a4c
Add `CURL_CA_SEARCH_SAFE` build-time option to enable CA bundle search
in the `curl` tool directory. The lookup method was already used to find
`.curlrc` and `_curlrc` (on Windows). On Windows it overrides the unsafe
default `SearchPath()` method.
Enable with:
- cmake: `-DCURL_CA_SEARCH_SAFE=ON`
- autotools: `--enable-ca-search-safe`
- raw: `CPPFLAGS=-DCURL_CA_SEARCH_SAFE`
On Windows, before this patch the whole `PATH` was searched for
a CA bundle. `PATH` may contain unwanted or world-writable locations,
including the current directory. Searching them all is convenient to
pick up any CA bundle, but not secure.
The Muldersoft curl distro implements such CA search via a custom
patch for Windows:
cd652d4792/patch/curl_tool_doswin.diff (L50)
MSYS2/mingw-w64 distro has also been rolling a patch solving this:
https://github.com/msys2/MINGW-packages/blob/master/mingw-w64-curl/0001-Make-cURL-relocatable.patch
https://github.com/msys2/MINGW-packages/blob/master/mingw-w64-curl/pathtools.c
Also add option to fully disable Windows CA search:
- cmake: `-DCURL_DISABLE_CA_SEARCH=ON`
- autotools: `--disable-ca-search`
- raw: `CPPFLAGS=-DCURL_DISABLE_CA_SEARCH`.
Both options are considered EXPERIMENTAL, with possible incompatible
changes or even (partial) removal in the future, depending on feedback.
An alternative, secure option is to embed the CA bundle into the binary.
Safe search can be extended to other platforms if necessary or useful,
by using `_NSGetExecutablePath()` (macOS),
`/proc/self/exe` (Linux/Cygwin), or `argv[0]`.
Closes #14582
221 lines
5.8 KiB
C
221 lines
5.8 KiB
C
/***************************************************************************
|
|
* _ _ ____ _
|
|
* Project ___| | | | _ \| |
|
|
* / __| | | | |_) | |
|
|
* | (__| |_| | _ <| |___
|
|
* \___|\___/|_| \_\_____|
|
|
*
|
|
* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
*
|
|
* This software is licensed as described in the file COPYING, which
|
|
* you should have received as part of this distribution. The terms
|
|
* are also available at https://curl.se/docs/copyright.html.
|
|
*
|
|
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|
* copies of the Software, and permit persons to whom the Software is
|
|
* furnished to do so, under the terms of the COPYING file.
|
|
*
|
|
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|
* KIND, either express or implied.
|
|
*
|
|
* SPDX-License-Identifier: curl
|
|
*
|
|
***************************************************************************/
|
|
#include "tool_setup.h"
|
|
|
|
#if defined(HAVE_STRCASECMP) && defined(HAVE_STRINGS_H)
|
|
#include <strings.h>
|
|
#endif
|
|
|
|
#include "tool_util.h"
|
|
|
|
#include "curlx.h"
|
|
#include "memdebug.h" /* keep this as LAST include */
|
|
|
|
#if defined(_WIN32)
|
|
|
|
/* In case of bug fix this function has a counterpart in timeval.c */
|
|
struct timeval tvnow(void)
|
|
{
|
|
struct timeval now;
|
|
if(tool_isVistaOrGreater) { /* QPC timer might have issues pre-Vista */
|
|
LARGE_INTEGER count;
|
|
QueryPerformanceCounter(&count);
|
|
now.tv_sec = (long)(count.QuadPart / tool_freq.QuadPart);
|
|
now.tv_usec = (long)((count.QuadPart % tool_freq.QuadPart) * 1000000 /
|
|
tool_freq.QuadPart);
|
|
}
|
|
else {
|
|
/* Disable /analyze warning that GetTickCount64 is preferred */
|
|
#if defined(_MSC_VER)
|
|
#pragma warning(push)
|
|
#pragma warning(disable:28159)
|
|
#endif
|
|
DWORD milliseconds = GetTickCount();
|
|
#if defined(_MSC_VER)
|
|
#pragma warning(pop)
|
|
#endif
|
|
|
|
now.tv_sec = (long)(milliseconds / 1000);
|
|
now.tv_usec = (long)((milliseconds % 1000) * 1000);
|
|
}
|
|
return now;
|
|
}
|
|
|
|
#elif defined(HAVE_CLOCK_GETTIME_MONOTONIC)
|
|
|
|
struct timeval tvnow(void)
|
|
{
|
|
/*
|
|
** clock_gettime() is granted to be increased monotonically when the
|
|
** monotonic clock is queried. Time starting point is unspecified, it
|
|
** could be the system start-up time, the Epoch, or something else,
|
|
** in any case the time starting point does not change once that the
|
|
** system has started up.
|
|
*/
|
|
struct timeval now;
|
|
struct timespec tsnow;
|
|
if(0 == clock_gettime(CLOCK_MONOTONIC, &tsnow)) {
|
|
now.tv_sec = tsnow.tv_sec;
|
|
now.tv_usec = (int)(tsnow.tv_nsec / 1000);
|
|
}
|
|
/*
|
|
** Even when the configure process has truly detected monotonic clock
|
|
** availability, it might happen that it is not actually available at
|
|
** runtime. When this occurs simply fallback to other time source.
|
|
*/
|
|
#ifdef HAVE_GETTIMEOFDAY
|
|
else
|
|
(void)gettimeofday(&now, NULL);
|
|
#else
|
|
else {
|
|
now.tv_sec = time(NULL);
|
|
now.tv_usec = 0;
|
|
}
|
|
#endif
|
|
return now;
|
|
}
|
|
|
|
#elif defined(HAVE_GETTIMEOFDAY)
|
|
|
|
struct timeval tvnow(void)
|
|
{
|
|
/*
|
|
** gettimeofday() is not granted to be increased monotonically, due to
|
|
** clock drifting and external source time synchronization it can jump
|
|
** forward or backward in time.
|
|
*/
|
|
struct timeval now;
|
|
(void)gettimeofday(&now, NULL);
|
|
return now;
|
|
}
|
|
|
|
#else
|
|
|
|
struct timeval tvnow(void)
|
|
{
|
|
/*
|
|
** time() returns the value of time in seconds since the Epoch.
|
|
*/
|
|
struct timeval now;
|
|
now.tv_sec = time(NULL);
|
|
now.tv_usec = 0;
|
|
return now;
|
|
}
|
|
|
|
#endif
|
|
|
|
/*
|
|
* Make sure that the first argument is the more recent time, as otherwise
|
|
* we will get a weird negative time-diff back...
|
|
*
|
|
* Returns: the time difference in number of milliseconds.
|
|
*/
|
|
long tvdiff(struct timeval newer, struct timeval older)
|
|
{
|
|
return (long)(newer.tv_sec-older.tv_sec)*1000+
|
|
(long)(newer.tv_usec-older.tv_usec)/1000;
|
|
}
|
|
|
|
/* Case insensitive compare. Accept NULL pointers. */
|
|
int struplocompare(const char *p1, const char *p2)
|
|
{
|
|
if(!p1)
|
|
return p2 ? -1 : 0;
|
|
if(!p2)
|
|
return 1;
|
|
#ifdef HAVE_STRCASECMP
|
|
return strcasecmp(p1, p2);
|
|
#elif defined(HAVE_STRCMPI)
|
|
return strcmpi(p1, p2);
|
|
#elif defined(HAVE_STRICMP)
|
|
return stricmp(p1, p2);
|
|
#else
|
|
return strcmp(p1, p2);
|
|
#endif
|
|
}
|
|
|
|
/* Indirect version to use as qsort callback. */
|
|
int struplocompare4sort(const void *p1, const void *p2)
|
|
{
|
|
return struplocompare(* (char * const *) p1, * (char * const *) p2);
|
|
}
|
|
|
|
#ifdef USE_TOOL_FTRUNCATE
|
|
|
|
#ifdef _WIN32_WCE
|
|
/* 64-bit lseek-like function unavailable */
|
|
# undef _lseeki64
|
|
# define _lseeki64(hnd,ofs,whence) lseek(hnd,ofs,whence)
|
|
# undef _get_osfhandle
|
|
# define _get_osfhandle(fd) (fd)
|
|
#endif
|
|
|
|
/*
|
|
* Truncate a file handle at a 64-bit position 'where'.
|
|
*/
|
|
|
|
int tool_ftruncate64(int fd, curl_off_t where)
|
|
{
|
|
intptr_t handle = _get_osfhandle(fd);
|
|
|
|
if(_lseeki64(fd, where, SEEK_SET) < 0)
|
|
return -1;
|
|
|
|
if(!SetEndOfFile((HANDLE)handle))
|
|
return -1;
|
|
|
|
return 0;
|
|
}
|
|
|
|
#endif /* USE_TOOL_FTRUNCATE */
|
|
|
|
#ifdef _WIN32
|
|
FILE *Curl_execpath(const char *filename, char **pathp)
|
|
{
|
|
static char filebuffer[512];
|
|
unsigned long len;
|
|
/* Get the filename of our executable. GetModuleFileName is already declared
|
|
* via inclusions done in setup header file. We assume that we are using
|
|
* the ASCII version here.
|
|
*/
|
|
len = GetModuleFileNameA(0, filebuffer, sizeof(filebuffer));
|
|
if(len > 0 && len < sizeof(filebuffer)) {
|
|
/* We got a valid filename - get the directory part */
|
|
char *lastdirchar = strrchr(filebuffer, DIR_CHAR[0]);
|
|
if(lastdirchar) {
|
|
size_t remaining;
|
|
*lastdirchar = 0;
|
|
/* If we have enough space, build the RC filename */
|
|
remaining = sizeof(filebuffer) - strlen(filebuffer);
|
|
if(strlen(filename) < remaining - 1) {
|
|
msnprintf(lastdirchar, remaining, "%s%s", DIR_CHAR, filename);
|
|
*pathp = filebuffer;
|
|
return fopen(filebuffer, FOPEN_READTEXT);
|
|
}
|
|
}
|
|
}
|
|
|
|
return NULL;
|
|
}
|
|
#endif
|