protcol.h: fix the CURLPROTO_MASK

It had an 'f' too few. Also provide CURLPROTO_WS* unconditionally
internally, so that code can depend on them in all builds.

Follow-up to cd5ca80f00d2d9f0fe7

Spotted by Codex Security

Test case 3219 added to catch this next time.

Closes #21031

diff --git a/lib/protocol.h b/lib/protocol.h
index 0d41b8616cae51a2abcab997e65f5432efb0994c..c7bd1ac4bc896b0c52d781c49c9a1428f9162067 100644 (file)
--- a/lib/protocol.h
+++ b/lib/protocol.h
@@ -57,7 +57,6 @@ struct easy_pollset;
 #define PORT_MQTT   1883
 #define PORT_MQTTS  8883
 
-#ifndef CURL_DISABLE_WEBSOCKETS
 /* CURLPROTO_GOPHERS (29) is the highest publicly used protocol bit number,
  * the rest are internal information. If we use higher bits we only do this on
  * platforms that have a >= 64-bit type and then we use such a type for the
@@ -65,11 +64,6 @@ struct easy_pollset;
  */
 #define CURLPROTO_WS     (1L << 30)
 #define CURLPROTO_WSS    ((curl_prot_t)1 << 31)
-#else
-#define CURLPROTO_WS     0L
-#define CURLPROTO_WSS    0L
-#endif
-
 #define CURLPROTO_MQTTS  (1LL << 32)
 
 #define CURLPROTO_64ALL ((uint64_t)0xffffffffffffffff)
@@ -83,7 +77,7 @@ typedef curl_off_t curl_prot_t;
 /* This mask is for all the old protocols that are provided and defined in the
    public header and shall exclude protocols added since which are not exposed
    in the API */
-#define CURLPROTO_MASK   0x3ffffff
+#define CURLPROTO_MASK   0x3fffffff
 
 /* Convenience defines for checking protocols or their SSL based version. Each
    protocol scheme should only ever have a single CURLPROTO_ in its protocol

diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index d54f10863176f9e291da43d6fa1c4a6ff091e6b7..34eb547d9c6adfdd7023647e801c315b0382fc8e 100644 (file)
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -282,9 +282,10 @@ test3032 test3033 test3034 test3035 test3036 \
 \
 test3100 test3101 test3102 test3103 test3104 test3105 \
 \
-test3200 test3201 test3202 test3203 test3204 test3205 test3206 test3207 test3208 \
-test3209 test3210 test3211 test3212 test3213 test3214 test3215 test3216 test3217 \
-test3218 \
+test3200 test3201 test3202 test3203 test3204 test3205 test3206 test3207 \
+test3208 test3209 test3210 test3211 test3212 test3213 test3214 test3215 \
+test3216 test3217 test3218 test3219 \
+\
 test4000 test4001
 
 EXTRA_DIST = $(TESTCASES) DISABLED data-xml1 data320.html \

diff --git a/tests/data/test3219 b/tests/data/test3219
new file mode 100644 (file)
index 0000000..27015e0
--- /dev/null
+++ b/tests/data/test3219
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="US-ASCII"?>
+<testcase>
+<info>
+<keywords>
+unittest
+define
+</keywords>
+</info>
+
+<client>
+<features>
+unittest
+</features>
+<name>
+CURLPROTO_MASK checks
+</name>
+</client>
+
+</testcase>

diff --git a/tests/unit/Makefile.inc b/tests/unit/Makefile.inc
index 91b380a03749d0144391aaf4c048e83c37f475ee..72d4dd21260650db023c98e78dbeb24512dae6c2 100644 (file)
--- a/tests/unit/Makefile.inc
+++ b/tests/unit/Makefile.inc
@@ -45,4 +45,4 @@ TESTS_C = \
   unit1979.c unit1980.c \
   unit2600.c unit2601.c unit2602.c unit2603.c unit2604.c unit2605.c \
   unit3200.c                                             unit3205.c \
-  unit3211.c unit3212.c unit3213.c unit3214.c            unit3216.c
+  unit3211.c unit3212.c unit3213.c unit3214.c            unit3216.c unit3219.c

diff --git a/tests/unit/unit3219.c b/tests/unit/unit3219.c
new file mode 100644 (file)
index 0000000..2d3be5d
--- /dev/null
+++ b/tests/unit/unit3219.c
@@ -0,0 +1,43 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+#include "unitcheck.h"
+#include "protocol.h"
+
+static CURLcode test_unit3219(const char *arg)
+{
+  UNITTEST_BEGIN_SIMPLE
+
+  fail_unless((CURLPROTO_MASK & CURLPROTO_HTTP) == CURLPROTO_HTTP,
+              "mask should include HTTP");
+  fail_unless((CURLPROTO_MASK & CURLPROTO_GOPHERS) == CURLPROTO_GOPHERS,
+              "mask should include the highest public protocol bit");
+  fail_unless((CURLPROTO_MASK & CURLPROTO_WS) == 0,
+              "mask should exclude websocket protocol bits");
+  fail_unless((CURLPROTO_MASK & CURLPROTO_WSS) == 0,
+              "mask should exclude secure websocket protocol bits");
+  fail_unless((CURLPROTO_MASK & CURLPROTO_MQTTS) == 0,
+              "mask should exclude internal-only protocols");
+
+  UNITTEST_END_SIMPLE
+}