luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

openssl: don't leak the SRP credentials in redirects either

Browse Source 
Follow-up to 620ea21410

Reported-by: Harry Sintonen
Closes #8751
This commit is contained in:
Daniel Stenberg 2022-04-25 17:59:15 +02:00
parent aad7d9f9a6
commit 139a54ed0a
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
3 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/http.c
View File

@ -776,10 +776,10 @@ output_auth_headers(struct Curl_easy *data,
} }
/* /*
* allow_auth_to_host() tells if autentication, cookies or other "sensitive * Curl_allow_auth_to_host() tells if authentication, cookies or other
* data" can (still) be sent to this host. * "sensitive data" can (still) be sent to this host.
*/ */
static bool allow_auth_to_host(struct Curl_easy *data) bool Curl_allow_auth_to_host(struct Curl_easy *data)
{ {
struct connectdata *conn = data->conn; struct connectdata *conn = data->conn;
return (!data->state.this_is_a_follow || return (!data->state.this_is_a_follow ||
@ -864,7 +864,7 @@ Curl_http_output_auth(struct Curl_easy *data,
/* To prevent the user+password to get sent to other than the original host /* To prevent the user+password to get sent to other than the original host
due to a location-follow */ due to a location-follow */
if(allow_auth_to_host(data) if(Curl_allow_auth_to_host(data)
#ifndef CURL_DISABLE_NETRC #ifndef CURL_DISABLE_NETRC
|| conn->bits.netrc || conn->bits.netrc
#endif #endif
@ -1917,7 +1917,7 @@ CURLcode Curl_add_custom_headers(struct Curl_easy *data,
checkprefix("Cookie:", compare)) && checkprefix("Cookie:", compare)) &&
/* be careful of sending this potentially sensitive header to /* be careful of sending this potentially sensitive header to
other hosts */ other hosts */
!allow_auth_to_host(data)) !Curl_allow_auth_to_host(data))
; ;
else { else {
#ifdef USE_HYPER #ifdef USE_HYPER

6
lib/http.h
View File

@ -364,4 +364,10 @@ Curl_http_output_auth(struct Curl_easy *data,
bool proxytunnel); /* TRUE if this is the request setting bool proxytunnel); /* TRUE if this is the request setting
up the proxy tunnel */ up the proxy tunnel */
/*
* Curl_allow_auth_to_host() tells if authentication, cookies or other
* "sensitive data" can (still) be sent to this host.
*/
bool Curl_allow_auth_to_host(struct Curl_easy *data);
#endif /* HEADER_CURL_HTTP_H */ #endif /* HEADER_CURL_HTTP_H */

3
lib/vtls/openssl.c
View File

@ -2924,7 +2924,8 @@ static CURLcode ossl_connect_step1(struct Curl_easy *data,
#endif #endif
#ifdef USE_OPENSSL_SRP #ifdef USE_OPENSSL_SRP
if(ssl_authtype == CURL_TLSAUTH_SRP) { if((ssl_authtype == CURL_TLSAUTH_SRP) &&
Curl_allow_auth_to_host(data)) {
char * const ssl_username = SSL_SET_OPTION(username); char * const ssl_username = SSL_SET_OPTION(username);
infof(data, "Using TLS-SRP username: %s", ssl_username); infof(data, "Using TLS-SRP username: %s", ssl_username);