ftp: fix error message for partial file upload

- Show the count of bytes written on partial file upload.

Prior to this change the error message mistakenly showed the count of
by

ftp: fix error message for partial file upload

- Show the count of bytes written on partial file upload.

Prior to this change the error message mistakenly showed the count of
bytes read, not written.

Bug: https://github.com/curl/curl/discussions/8637
Reported-by: Taras Kushnir

Closes https://github.com/curl/curl/pull/8649

show more ...

ftp: provide error message for control bytes in path

Closes #8460

misc: remove unused data when IPv6 is not supported

Closes #8430

lib: remove support for CURL_DOES_CONVERSIONS

TPF was the only user and support for that was dropped.

Closes #8378

ftp: disable warning 4706 in MSVC

Follow-up to 21248e052d

Disabling "assignment within conditional expression" for MSVC needs to
be done before the function starts, for it to ta

ftp: disable warning 4706 in MSVC

Follow-up to 21248e052d

Disabling "assignment within conditional expression" for MSVC needs to
be done before the function starts, for it to take effect.

Closes #8218

show more ...

checksrc: detect more kinds of NULL comparisons we avoid

Co-authored-by: Jay Satiro
Closes #8180

ftp: make the MKD retry to retry once per directory

Reported-by: Roger Young
Fixes #7967
Closes #7976

ftp,imap,pop3,smtp: reject STARTTLS server response pipelining

If a server pipelines future responses within the STARTTLS response, the
former are preserved in the pingpong cache across

ftp,imap,pop3,smtp: reject STARTTLS server response pipelining

If a server pipelines future responses within the STARTTLS response, the
former are preserved in the pingpong cache across TLS negotiation and
used as responses to the encrypted commands.

This fix detects pipelined STARTTLS responses and rejects them with an
error.

CVE-2021-22947

Bug: https://curl.se/docs/CVE-2021-22947.html

show more ...

ftp,imap,pop3: do not ignore --ssl-reqd

In imap and pop3, check if TLS is required even when capabilities
request has failed.

In ftp, ignore preauthentication (230 status of ser

ftp,imap,pop3: do not ignore --ssl-reqd

In imap and pop3, check if TLS is required even when capabilities
request has failed.

In ftp, ignore preauthentication (230 status of server greeting) if TLS
is required.

Bug: https://curl.se/docs/CVE-2021-22946.html

CVE-2021-22946

show more ...

Revert "ftp: Expression 'ftpc->wait_data_conn' is always false"

The reverted commit introduced a logic error in code that was
correct.

The client using libcurl would notice the

Revert "ftp: Expression 'ftpc->wait_data_conn' is always false"

The reverted commit introduced a logic error in code that was
correct.

The client using libcurl would notice the error since FTP file
uploads in active transfer mode would somtimes complete with
success despite no transfer having been performed and the
"uploaded" file thus not being on the remote server afterwards.

The FTP server would notice the error because it receives a
RST on the data connection it has established with the client
before any data was transferred at all.

The logic error happens if the STOR response from the server have
arrived by the time ftp_multi_statemach() in the affected code path
is called, but the incoming data connection have not arrived yet.
In that case, the processing of the STOR response will cause
'ftpc->wait_data_conn' to be set to TRUE, contradicting the comment
in the code. Since 'complete' will also be set, later logic would
believe the transfer was done.

In most cases, the STOR response will not have arrived yet when
the affected code path is executed, or the incoming connection will
also have arrived, and thus the error would not express itself.
But if the speed difference of the device using libcurl and the
FTP server is exactly right, the error may happen as often as in
one out of hundred file transfers.

This reverts commit 49f3117a238b6eac0e22a32f50699a9eddcb66ab.

Bug: https://curl.se/mail/lib-2021-07/0025.html
Closes #7362

show more ...

infof: remove newline from format strings, always append it

- the data needs to be "line-based" anyway since it's also passed to the
debug callback/application

- it makes info

infof: remove newline from format strings, always append it

- the data needs to be "line-based" anyway since it's also passed to the
debug callback/application

- it makes infof() work like failf() and consistency is good

- there's an assert that triggers on newlines in the format string

- Also removes a few instances of "..."

- Removes the code that would append "..." to the end of the data *iff*
it was truncated in infof()

Closes #7357

show more ...

conn: add 'attach' to protocol handler, make libssh2 use it

The libssh2 backend has SSH session associated with the connection but
the callback context is the easy handle, so when a conn

conn: add 'attach' to protocol handler, make libssh2 use it

The libssh2 backend has SSH session associated with the connection but
the callback context is the easy handle, so when a connection gets
attached to a transfer, the protocol handler now allows for a custom
function to get used to set things up correctly.

Reported-by: Michael O'Farrell
Fixes #6898
Closes #7078

show more ...

lib: remove strlen call from Curl_client_write

At all call sites with an explicit 0 len, pass an appropriate nonzero
len.

Closes #6954

tidy-up: make conditional checks more consistent

... remove '== NULL' and '!= 0'

Closes #6912

ftp: fix memory leak in ftp_done

If after a transfer is complete Curl_GetFTPResponse() returns an error,
curl would not free the ftp->pathalloc block.

Found by torture-testing t

ftp: fix memory leak in ftp_done

If after a transfer is complete Curl_GetFTPResponse() returns an error,
curl would not free the ftp->pathalloc block.

Found by torture-testing test 576

Closes #6737

show more ...

FTP: allow SIZE to fail when doing (resumed) upload

Added test 362 to verify.

Reported-by: Jordan Brown
Regression since 7ea2e1d0c5a7f (7.73.0)
Fixes #6715
Closes #6725

ftp: fix Codacy/cppcheck warning about null pointer arithmetic

Increment `bytes` only if it is non-null.

Closes https://github.com/curl/curl/pull/6576

ftp: add 'list_only' to the transfer state struct

and rename it from 'ftp_list_only' since it is also used for SSH and
POP3. The state is updated internally for 'type=D' FTP URLs.

ftp: add 'list_only' to the transfer state struct

and rename it from 'ftp_list_only' since it is also used for SSH and
POP3. The state is updated internally for 'type=D' FTP URLs.

Added test case 1570 to verify.

Closes #6578

show more ...

ftp: add 'prefer_ascii' to the transfer state struct

... and make sure the code never updates 'set.prefer_ascii' as it breaks
handle reuse which should use the setting as the user specif

ftp: add 'prefer_ascii' to the transfer state struct

... and make sure the code never updates 'set.prefer_ascii' as it breaks
handle reuse which should use the setting as the user specified it.

Added test 1569 to verify: it first makes an FTP transfer with ';type=A'
and then another without type on the same handle and the second should
then use binary. Previously, curl failed this.

Closes #6578

show more ...

ftp: never set data->set.ftp_append outside setopt

Since the set value then risks getting used like that when the easy
handle is reused by the application.

Also: renamed the str

ftp: never set data->set.ftp_append outside setopt

Since the set value then risks getting used like that when the easy
handle is reused by the application.

Also: renamed the struct field from 'ftp_append' to 'remote_append'
since it is also used for SSH protocols.

Closes #6579

show more ...

ftp: avoid SIZE when asking for a TYPE A file

... as we ignore it anyway because servers don't report the correct size
and proftpd even blatantly returns a 550.

Updates a set of

ftp: avoid SIZE when asking for a TYPE A file

... as we ignore it anyway because servers don't report the correct size
and proftpd even blatantly returns a 550.

Updates a set of tests accordingly.

Reported-by: awesomenode on github
Fixes #6564
Closes #6565

show more ...

pingpong: rename the curl_pp_transfer enum to use PP prefix

Using an FTP prefix for PP provided functionality was misleading.

urldata: remove the duplicate 'ip_addr_str' field

... as the numerical IP address is already stored and kept in 'primary_ip'.

Closes #6534

lib: remove conn->data uses

Closes #6515

pingpong: remove the 'conn' struct member

... as it's superfluous now when Curl_easy is passed in and we can
derive the connection from that instead and avoid the duplicate copy.

pingpong: remove the 'conn' struct member

... as it's superfluous now when Curl_easy is passed in and we can
derive the connection from that instead and avoid the duplicate copy.

Closes #6525

show more ...