src/patches/squid/squid-3.5-14115.patch

   1 ------------------------------------------------------------
   2 revno: 14115
   3 revision-id: squid3@treenet.co.nz-20161130215630-c42qucqar9bi9a1k
   4 parent: squid3@treenet.co.nz-20161130154205-c9z1bhqzuh3rafl3
   5 fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4004
   6 author: Christos Tsantilas <chtsanti@users.sourceforge.net>
   7 committer: Amos Jeffries <squid3@treenet.co.nz>
   8 branch nick: 3.5
   9 timestamp: Thu 2016-12-01 10:56:30 +1300
  10 message:
  11   Bug 4004 partial: Fix segfault via Ftp::Client::readControlReply
  12
  13   Added nil dereference checks for Ftp::Client::ctrl.conn, including:
  14   - Ftp::Client::handlePasvReply() and handleEpsvReply() that dereference
  15     ctrl.conn in DBG_IMPORTANT messages.
  16   - Many functions inside FtpClient.cc and FtpGateway.cc files.
  17
  18   TODO: We need to find a better way to handle nil ctrl.conn. It is only
  19   a matter of time when we forget to add another dereference check or
  20   discover a place we missed during this change.
  21
  22   Also disabled forwarding of EPRT and PORT commands to origin servers.
  23   Squid support for those commands is broken and their forwarding may
  24   cause segfaults (bug #4004). Active FTP is still supported, of course.
  25
  26   This is a Measurement Factory project
  27 ------------------------------------------------------------
  28 # Bazaar merge directive format 2 (Bazaar 0.90)
  29 # revision_id: squid3@treenet.co.nz-20161130215630-c42qucqar9bi9a1k
  30 # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
  31 # testament_sha1: 345883c1b5a5cd221e9d0e68b254df7d955372ad
  32 # timestamp: 2016-11-30 22:42:02 +0000
  33 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
  34 # base_revision_id: squid3@treenet.co.nz-20161130154205-\
  35 #   c9z1bhqzuh3rafl3
  36 #
  37 # Begin patch
  38 === modified file 'src/clients/FtpClient.cc'
  39 --- src/clients/FtpClient.cc    2016-08-05 14:59:33 +0000
  40 +++ src/clients/FtpClient.cc    2016-11-30 21:56:30 +0000
  41 @@ -442,6 +442,11 @@
  42      char *buf;
  43      debugs(9, 3, status());
  44
  45 +    if (!Comm::IsConnOpen(ctrl.conn)) {
  46 +        debugs(9, 5, "The control connection to the remote end is closed");
  47 +        return false;
  48 +    }
  49 +
  50      if (code != 227) {
  51          debugs(9, 2, "PASV not supported by remote end");
  52          return false;
  53 @@ -473,6 +478,11 @@
  54      char *buf;
  55      debugs(9, 3, status());
  56
  57 +    if (!Comm::IsConnOpen(ctrl.conn)) {
  58 +        debugs(9, 5, "The control connection to the remote end is closed");
  59 +        return false;
  60 +    }
  61 +
  62      if (code != 229 && code != 522) {
  63          if (code == 200) {
  64              /* handle broken servers (RFC 2428 says OK code for EPSV MUST be 229 not 200) */
  65 @@ -733,6 +743,11 @@
  66  void
  67  Ftp::Client::connectDataChannel()
  68  {
  69 +    if (!Comm::IsConnOpen(ctrl.conn)) {
  70 +        debugs(9, 5, "The control connection to the remote end is closed");
  71 +        return;
  72 +    }
  73 +
  74      safe_free(ctrl.last_command);
  75
  76      safe_free(ctrl.last_reply);
  77
  78 === modified file 'src/clients/FtpGateway.cc'
  79 --- src/clients/FtpGateway.cc   2016-01-31 05:39:09 +0000
  80 +++ src/clients/FtpGateway.cc   2016-11-30 21:56:30 +0000
  81 @@ -212,7 +212,9 @@
  82  static FTPSM ftpReadMdtm;
  83  static FTPSM ftpSendSize;
  84  static FTPSM ftpReadSize;
  85 +#if 0
  86  static FTPSM ftpSendEPRT;
  87 +#endif
  88  static FTPSM ftpReadEPRT;
  89  static FTPSM ftpSendPORT;
  90  static FTPSM ftpReadPORT;
  91 @@ -450,6 +452,11 @@
  92  void
  93  Ftp::Gateway::listenForDataChannel(const Comm::ConnectionPointer &conn)
  94  {
  95 +    if (!Comm::IsConnOpen(ctrl.conn)) {
  96 +        debugs(9, 5, "The control connection to the remote end is closed");
  97 +        return;
  98 +    }
  99 +
 100      assert(!Comm::IsConnOpen(data.conn));
 101
 102      typedef CommCbMemFunT<Gateway, CommAcceptCbParams> AcceptDialer;
 103 @@ -1183,7 +1190,7 @@
 104
 105      checkUrlpath();
 106      buildTitleUrl();
 107 -    debugs(9, 5, HERE << "FD " << ctrl.conn->fd << " : host=" << request->GetHost() <<
 108 +    debugs(9, 5, "FD " << (ctrl.conn != NULL ? ctrl.conn->fd : -1) << " : host=" << request->GetHost() <<
 109             ", path=" << request->urlpath << ", user=" << user << ", passwd=" << password);
 110      state = BEGIN;
 111      Ftp::Client::start();
 112 @@ -1750,7 +1757,9 @@
 113      if (ftpState->handlePasvReply(srvAddr))
 114          ftpState->connectDataChannel();
 115      else {
 116 -        ftpSendEPRT(ftpState);
 117 +        ftpFail(ftpState);
 118 +        // Currently disabled, does not work correctly:
 119 +        // ftpSendEPRT(ftpState);
 120          return;
 121      }
 122  }
 123 @@ -1790,6 +1799,11 @@
 124      }
 125      safe_free(ftpState->data.host);
 126
 127 +    if (!Comm::IsConnOpen(ftpState->ctrl.conn)) {
 128 +        debugs(9, 5, "The control connection to the remote end is closed");
 129 +        return;
 130 +    }
 131 +
 132      /*
 133       * Set up a listen socket on the same local address as the
 134       * control connection.
 135 @@ -1875,9 +1889,14 @@
 136      ftpRestOrList(ftpState);
 137  }
 138
 139 +#if 0
 140  static void
 141  ftpSendEPRT(Ftp::Gateway * ftpState)
 142  {
 143 +    /* check the server control channel is still available */
 144 +    if (!ftpState || !ftpState->haveControlChannel("ftpSendEPRT"))
 145 +        return;
 146 +
 147      if (Config.Ftp.epsv_all && ftpState->flags.epsv_all_sent) {
 148          debugs(9, DBG_IMPORTANT, "FTP does not allow EPRT method after 'EPSV ALL' has been sent.");
 149          return;
 150 @@ -1913,6 +1932,7 @@
 151      ftpState->writeCommand(cbuf);
 152      ftpState->state = Ftp::Client::SENT_EPRT;
 153  }
 154 +#endif
 155
 156  static void
 157  ftpReadEPRT(Ftp::Gateway * ftpState)
 158 @@ -1939,10 +1959,8 @@
 159  {
 160      debugs(9, 3, HERE);
 161
 162 -    if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) {
 163 -        abortAll("entry aborted when accepting data conn");
 164 -        data.listenConn->close();
 165 -        data.listenConn = NULL;
 166 +    if (!Comm::IsConnOpen(ctrl.conn)) { /*Close handlers will cleanup*/
 167 +        debugs(9, 5, "The control connection to the remote end is closed");
 168          return;
 169      }
 170
 171 @@ -1955,6 +1973,14 @@
 172          return;
 173      }
 174
 175 +    if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) {
 176 +        abortAll("entry aborted when accepting data conn");
 177 +        data.listenConn->close();
 178 +        data.listenConn = NULL;
 179 +        io.conn->close();
 180 +        return;
 181 +    }
 182 +
 183      /* data listening conn is no longer even open. abort. */
 184      if (!Comm::IsConnOpen(data.listenConn)) {
 185          data.listenConn = NULL; // ensure that it's cleared and not just closed.
 186 @@ -2705,8 +2731,8 @@
 187  Ftp::Gateway::completeForwarding()
 188  {
 189      if (fwd == NULL || flags.completed_forwarding) {
 190 -        debugs(9, 3, HERE << "completeForwarding avoids " <<
 191 -               "double-complete on FD " << ctrl.conn->fd << ", Data FD " << data.conn->fd <<
 192 +        debugs(9, 3, "avoid double-complete on FD " <<
 193 +               (ctrl.conn != NULL ? ctrl.conn->fd : -1) << ", Data FD " << data.conn->fd <<
 194                 ", this " << this << ", fwd " << fwd);
 195          return;
 196      }
 197