10697 lines
300 KiB
Plaintext
10697 lines
300 KiB
Plaintext
|
_ _ ____ _
|
|||
|
___| | | | _ \| |
|
|||
|
/ __| | | | |_) | |
|
|||
|
| (__| |_| | _ <| |___
|
|||
|
\___|\___/|_| \_\_____|
|
|||
|
|
|||
|
Changelog
|
|||
|
|
|||
|
Version 8.6.0 (31 Jan 2024)
|
|||
|
|
|||
|
Daniel Stenberg (31 Jan 2024)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
curl 8.6.0
|
|||
|
|
|||
|
- THANKS: new contributors from 8.5.0
|
|||
|
|
|||
|
Jay Satiro (31 Jan 2024)
|
|||
|
|
|||
|
- cd2nroff: use perl 'strict' and 'warnings'
|
|||
|
|
|||
|
- Use strict and warnings pragmas.
|
|||
|
|
|||
|
- If open() fails then show the reason.
|
|||
|
|
|||
|
- Set STDIN io layer :crlf so that input is properly read on Windows.
|
|||
|
|
|||
|
- When STDIN is used as input, the filename $f is now set to "STDIN".
|
|||
|
|
|||
|
Various error messages in single() use $f for the filename and this way
|
|||
|
it is not undefined when STDIN.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12819
|
|||
|
|
|||
|
Daniel Stenberg (30 Jan 2024)
|
|||
|
|
|||
|
- cd2nroff: fix duplicate output issue
|
|||
|
|
|||
|
Assisted-by: Jay Satiro
|
|||
|
Fixes https://github.com/curl/curl-www/issues/321
|
|||
|
Closes #12818
|
|||
|
|
|||
|
- lib: error out on multissl + http3
|
|||
|
|
|||
|
Since the QUIC/h3 code has no knowledge or handling of multissl it might
|
|||
|
bring unintended consequences if we allow it.
|
|||
|
|
|||
|
configure, cmake and curl_setup.h all now reject this combination.
|
|||
|
|
|||
|
Assisted-by: Viktor Szakats
|
|||
|
Assisted-by: Gisle Vanem
|
|||
|
Ref: #12806
|
|||
|
Closes #12807
|
|||
|
|
|||
|
Patrick Monnerat (29 Jan 2024)
|
|||
|
|
|||
|
- OS400: sync ILE/RPG binding
|
|||
|
|
|||
|
Also do not force git CRLF line endings on *.cmd files for OS400.
|
|||
|
|
|||
|
Closes #12815
|
|||
|
|
|||
|
Viktor Szakats (28 Jan 2024)
|
|||
|
|
|||
|
- build: delete/replace 3 more clang warning pragmas
|
|||
|
|
|||
|
- tool_msgs: delete redundant `-Wformat-nonliteral` suppression pragma.
|
|||
|
|
|||
|
- whitespace formatting in `mprintf.h`, lib518, lib537.
|
|||
|
|
|||
|
- lib518: fix wrong variable in `sizeof()`.
|
|||
|
|
|||
|
- lib518: bump variables to `rlim_t`.
|
|||
|
Follow-up to e2b394106d543c4615a60795b7fdce04bd4e5090 #1469
|
|||
|
|
|||
|
- lib518: sync error message with lib537
|
|||
|
Follow-up to 365322b8bcf9efb6a361473d227b70f2032212ce
|
|||
|
|
|||
|
- lib518, lib537: replace `-Wformat-nonliteral` suppression pragmas
|
|||
|
by reworking test code.
|
|||
|
|
|||
|
Follow-up to 5b286c250829e06a135a6ba998e80beb7f43a734 #12812
|
|||
|
Follow-up to aee4ebe59161d0a5281743f96e7738ad97fe1cd4 #12803
|
|||
|
Follow-up to 09230127589eccc7e01c1a7217787ef8e64f3328 #12540
|
|||
|
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12814
|
|||
|
|
|||
|
Richard Levitte (27 Jan 2024)
|
|||
|
|
|||
|
- cmake: freshen up docs/INSTALL.cmake
|
|||
|
|
|||
|
- Turn docs/INSTALL.cmake into a proper markdown file,
|
|||
|
docs/INSTALL-CMAKE.md
|
|||
|
- Move things around to divide the description into configuration,
|
|||
|
building and installing sections
|
|||
|
- Mention the more modern cmake options to configure, build and install,
|
|||
|
but also retain the older variants as fallbacks
|
|||
|
|
|||
|
Closes #12772
|
|||
|
|
|||
|
Viktor Szakats (27 Jan 2024)
|
|||
|
|
|||
|
- build: delete/replace clang warning pragmas
|
|||
|
|
|||
|
- delete redundant warning suppressions for `-Wformat-nonliteral`.
|
|||
|
This now relies on `CURL_PRINTF()` and it's theoratically possible
|
|||
|
that this macro isn't active but the warning is. We're ignoring this
|
|||
|
as a corner-case here.
|
|||
|
|
|||
|
- replace two pragmas with code changes to avoid the warnings.
|
|||
|
|
|||
|
Follow-up to aee4ebe59161d0a5281743f96e7738ad97fe1cd4 #12803
|
|||
|
Follow-up to 09230127589eccc7e01c1a7217787ef8e64f3328 #12540
|
|||
|
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12812
|
|||
|
|
|||
|
Daniel Stenberg (27 Jan 2024)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- http: only act on 101 responses when they are HTTP/1.1
|
|||
|
|
|||
|
For 101 responses claiming to be any other protocol, bail out. This
|
|||
|
would previously trigger an assert.
|
|||
|
|
|||
|
Add test 1704 to verify.
|
|||
|
|
|||
|
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66184
|
|||
|
Closes #12811
|
|||
|
|
|||
|
Scarlett McAllister (27 Jan 2024)
|
|||
|
|
|||
|
- _VARIABLES.md: add missing 'be' into the sentence
|
|||
|
|
|||
|
Closes #12809
|
|||
|
|
|||
|
Stefan Eissing (27 Jan 2024)
|
|||
|
|
|||
|
- mqtt, remove remaining use of data->state.buffer
|
|||
|
|
|||
|
Closes #12799
|
|||
|
|
|||
|
Daniel Stenberg (27 Jan 2024)
|
|||
|
|
|||
|
- x509asn1: switch from malloc to dynbuf
|
|||
|
|
|||
|
Closes #12808
|
|||
|
|
|||
|
- x509asn1: make utf8asn1str() use dynbuf instead of malloc + memcpy
|
|||
|
|
|||
|
Closes #12808
|
|||
|
|
|||
|
- x509asn1: reduce malloc in Curl_extract_certinfo
|
|||
|
|
|||
|
Using dynbuf
|
|||
|
|
|||
|
Closes #12808
|
|||
|
|
|||
|
Jay Satiro (27 Jan 2024)
|
|||
|
|
|||
|
- THANKS: add Alexander Bartel and Brennan Kinney
|
|||
|
|
|||
|
They reported and investigated #10259 which was fixed by 7b2d98df.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/issues/10259
|
|||
|
|
|||
|
Daniel Stenberg (26 Jan 2024)
|
|||
|
|
|||
|
- krb5: add prototype to silence clang warnings on mvsnprintf()
|
|||
|
|
|||
|
"error: format string is not a string literal"
|
|||
|
|
|||
|
Follow-up to 09230127589eccc7 which made the warning appear
|
|||
|
|
|||
|
Assisted-by: Viktor Szakats
|
|||
|
Closes #12803
|
|||
|
|
|||
|
- x509asn1: remove code for WANT_VERIFYHOST
|
|||
|
|
|||
|
No code ever sets this anymore since we dropped gskit
|
|||
|
|
|||
|
Follow-up to 78d6232f1f326b9ab4d
|
|||
|
|
|||
|
Closes #12804
|
|||
|
|
|||
|
- socks: reduce the buffer size to 600 (from 8K)
|
|||
|
|
|||
|
This is malloc'ed memory and it does not more. Test 742 helps us verify
|
|||
|
this.
|
|||
|
|
|||
|
Closes #12789
|
|||
|
|
|||
|
Stefan Eissing (26 Jan 2024)
|
|||
|
|
|||
|
- file+ftp: use stack buffers instead of data->state.buffer
|
|||
|
|
|||
|
Closes #12789
|
|||
|
|
|||
|
- vtls: receive max buffer
|
|||
|
|
|||
|
- do not only receive one TLS record, but try to fill
|
|||
|
the passed buffer
|
|||
|
- consider <4K remaning space is "filled".
|
|||
|
|
|||
|
Closes #12801
|
|||
|
|
|||
|
Daniel Stenberg (26 Jan 2024)
|
|||
|
|
|||
|
- docs: do not start lines/sentences with So, But nor And
|
|||
|
|
|||
|
Closes #12802
|
|||
|
|
|||
|
- docs: remove spurious ampersands from markdown
|
|||
|
|
|||
|
They were leftovers from the nroff conversion.
|
|||
|
|
|||
|
Follow-up to eefcc1bda4bccd800f5a5
|
|||
|
|
|||
|
Closes #12800
|
|||
|
|
|||
|
Patrick Monnerat (26 Jan 2024)
|
|||
|
|
|||
|
- sasl: make login option string override http auth
|
|||
|
|
|||
|
- Use http authentication mechanisms as a default, not a preset.
|
|||
|
|
|||
|
Consider http authentication options which are mapped to SASL options as
|
|||
|
a default (overriding the hardcoded default mask for the protocol) that
|
|||
|
is ignored if a login option string is given.
|
|||
|
|
|||
|
Prior to this change, if some HTTP auth options were given, sasl mapped
|
|||
|
http authentication options to sasl ones but merged them with the login
|
|||
|
options.
|
|||
|
|
|||
|
That caused problems with the cli tool that sets the http login option
|
|||
|
CURLAUTH_BEARER as a side-effect of --oauth2-bearer, because this flag
|
|||
|
maps to more than one sasl mechanisms and the latter cannot be cleared
|
|||
|
individually by the login options string.
|
|||
|
|
|||
|
New test 992 checks this.
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/10259
|
|||
|
Closes https://github.com/curl/curl/pull/12790
|
|||
|
|
|||
|
Stefan Eissing (26 Jan 2024)
|
|||
|
|
|||
|
- socks: use own buffer instead of data->state.buffer
|
|||
|
|
|||
|
Closes #12788
|
|||
|
|
|||
|
Daniel Stenberg (26 Jan 2024)
|
|||
|
|
|||
|
- socks: fix generic output string to say SOCKS instead of SOCKS4
|
|||
|
|
|||
|
... since it was also logged for SOCKS5.
|
|||
|
|
|||
|
Closes #12797
|
|||
|
|
|||
|
- test742: test SOCKS5 with max length user, password and hostname
|
|||
|
|
|||
|
Adjusted the socksd server accordingly to allow for configuring that
|
|||
|
long user name and password.
|
|||
|
|
|||
|
Closes #12797
|
|||
|
|
|||
|
Stefan Eissing (25 Jan 2024)
|
|||
|
|
|||
|
- ssh: use stack scratch buffer for seeks
|
|||
|
|
|||
|
- instead of data->state.buffer
|
|||
|
|
|||
|
Closes #12794
|
|||
|
|
|||
|
Daniel Stenberg (25 Jan 2024)
|
|||
|
|
|||
|
- krb5: access the response buffer correctly
|
|||
|
|
|||
|
As the pingpong code no longer uses the download buffer.
|
|||
|
|
|||
|
Folllow-up to c2d973627bab12ab
|
|||
|
Pointed-out-by: Stefan Eissing
|
|||
|
Closes #12796
|
|||
|
|
|||
|
Stefan Eissing (25 Jan 2024)
|
|||
|
|
|||
|
- mqtt: use stack scratch buffer for recv+publish
|
|||
|
|
|||
|
- instead of data->state.buffer
|
|||
|
|
|||
|
Closes #12792
|
|||
|
|
|||
|
- telnet, use stack scratch buffer for do
|
|||
|
|
|||
|
- instead of data->state.buffer
|
|||
|
|
|||
|
Closes #12793
|
|||
|
|
|||
|
- http, use stack scratch buffer
|
|||
|
|
|||
|
- instead of data->state.buffer
|
|||
|
|
|||
|
Closes #12791
|
|||
|
|
|||
|
- ntlm_wb: do not use data->state.buf any longer
|
|||
|
|
|||
|
Closes #12787
|
|||
|
|
|||
|
- gitignore: the generated `libcurl-symbols.md`
|
|||
|
|
|||
|
Closes #12795
|
|||
|
|
|||
|
Daniel Stenberg (25 Jan 2024)
|
|||
|
|
|||
|
- tool: fix the listhelp generation command
|
|||
|
|
|||
|
The previous command line to generate the tool_listhelp.c source file
|
|||
|
broke with 2494b8dd5175cee7.
|
|||
|
|
|||
|
Make 'make listhelp' invoked in src/ generate it. Also update the
|
|||
|
comment in the file to mention the right procedure.
|
|||
|
|
|||
|
Closes #12786
|
|||
|
|
|||
|
- http: check for "Host:" case insensitively
|
|||
|
|
|||
|
When checking if the user wants to replace the header, the check should
|
|||
|
be case insensitive.
|
|||
|
|
|||
|
Adding test 461 to verify
|
|||
|
|
|||
|
Found-by: Dan Fandrich
|
|||
|
Ref: #12782
|
|||
|
Closes #12784
|
|||
|
|
|||
|
Tatsuhiro Tsujikawa (25 Jan 2024)
|
|||
|
|
|||
|
- configure: add libngtcp2_crypto_boringssl detection
|
|||
|
|
|||
|
If OpenSSL is found to be BoringSSL or AWS-LC, and ngtcp2 is requested,
|
|||
|
try to detect libngtcp2_crypto_boringssl.
|
|||
|
|
|||
|
Reported-by: ウさん
|
|||
|
Fixes #12724
|
|||
|
Closes #12769
|
|||
|
|
|||
|
Daniel Stenberg (25 Jan 2024)
|
|||
|
|
|||
|
- http: remove comment reference to a removed solution
|
|||
|
|
|||
|
Follow-up to 58974d25d
|
|||
|
|
|||
|
Closes #12785
|
|||
|
|
|||
|
Stefan Eissing (25 Jan 2024)
|
|||
|
|
|||
|
- pytest: Scorecard tracking CPU and RSS
|
|||
|
|
|||
|
Closes #12765
|
|||
|
|
|||
|
Graham Campbell (25 Jan 2024)
|
|||
|
|
|||
|
- GHA: bump ngtcp2, gnutls, mod_h2, quiche
|
|||
|
|
|||
|
- ngtcp2 to v1.2.0
|
|||
|
- gnutls to 3.8.3
|
|||
|
- mod_h2 to 2.0.26
|
|||
|
- quiche to 0.20.0
|
|||
|
|
|||
|
Closes #12778
|
|||
|
Closes #12779
|
|||
|
Closes #12780
|
|||
|
Closes #12781
|
|||
|
|
|||
|
Daniel Stenberg (25 Jan 2024)
|
|||
|
|
|||
|
- ftpserver.pl: send 213 SIZE response without spurious newline
|
|||
|
|
|||
|
- pingpong: stop using the download buffer
|
|||
|
|
|||
|
The pingpong logic now uses its own dynbuf for receiving command
|
|||
|
response data.
|
|||
|
|
|||
|
When the "final" response header for a commanad has been received, that
|
|||
|
final line is left first in the recvbuf for the protocols to parse at
|
|||
|
will. If there is additional data behind the final response line, the
|
|||
|
'overflow' counter is indicate how many bytes.
|
|||
|
|
|||
|
Closes #12757
|
|||
|
|
|||
|
- gen.pl: remove bold from .IP used for ##
|
|||
|
|
|||
|
Reported-by: Viktor Szakats
|
|||
|
Fixes #12776
|
|||
|
Closes #12777
|
|||
|
|
|||
|
Viktor Szakats (24 Jan 2024)
|
|||
|
|
|||
|
- cmake: rework options to enable curl and libcurl docs
|
|||
|
|
|||
|
Rework CMake options for building/using curl tool and libcurl manuals.
|
|||
|
|
|||
|
- rename `ENABLE_MANUAL` to `ENABLE_CURL_MANUAL`, meaning:
|
|||
|
to build man page and built-in manual for curl tool.
|
|||
|
|
|||
|
- rename `BUILD_DOCS` to `BUILD_LIBCURL_DOCS`, meaning:
|
|||
|
to build man pages for libcurl.
|
|||
|
|
|||
|
- `BUILD_LIBCURL_DOCS` now works without having to enable
|
|||
|
`ENABLE_CURL_MANUAL` too.
|
|||
|
|
|||
|
- drop support for existing CMake-level `USE_MANUAL` option to avoid
|
|||
|
confusion. (It used to work with the effect of current
|
|||
|
`ENABLE_CURL_MANUAL`, but only by accident.)
|
|||
|
|
|||
|
Assisted-by: Richard Levitte
|
|||
|
Ref: #12771
|
|||
|
Closes #12773
|
|||
|
|
|||
|
Daniel Stenberg (24 Jan 2024)
|
|||
|
|
|||
|
- urlapi: remove assert
|
|||
|
|
|||
|
This assert triggers wrongly when CURLU_GUESS_SCHEME and
|
|||
|
CURLU_NO_AUTHORITY are both set and the URL is a single path.
|
|||
|
|
|||
|
I think this assert has played out its role. It was introduced in a
|
|||
|
rather big refactor.
|
|||
|
|
|||
|
Follow-up to 4cfa5bcc9a
|
|||
|
|
|||
|
Reported-by: promptfuzz_ on hackerone
|
|||
|
Closes #12775
|
|||
|
|
|||
|
Patrick Monnerat (24 Jan 2024)
|
|||
|
|
|||
|
- tests: avoid int/size_t conversion size/sign warnings
|
|||
|
|
|||
|
Closes #12768
|
|||
|
|
|||
|
Daniel Stenberg (24 Jan 2024)
|
|||
|
|
|||
|
- GHA: add a job scanning for "bad words" in markdown
|
|||
|
|
|||
|
This means words, phrases or things we have decided not to use - words that
|
|||
|
are spelled right according to the dictionary but we want to avoid. In the
|
|||
|
name of consistency and better documentation.
|
|||
|
|
|||
|
Closes #12764
|
|||
|
|
|||
|
Viktor Szakats (23 Jan 2024)
|
|||
|
|
|||
|
- cmake: speed up curldown processing, enable by default
|
|||
|
|
|||
|
- cmake: enable `BUILD_DOCS` by default (this controls converting and
|
|||
|
installing `.3` files from `.md` sources)
|
|||
|
|
|||
|
- cmake: speed up generating `.3` files by using a single command per
|
|||
|
directory, instead of a single command per file. This reduces external
|
|||
|
commands by about a thousand. (There remains some CMake logic kicking
|
|||
|
in resulting in 500 -one per file- external `-E touch_nocreate` calls.)
|
|||
|
|
|||
|
- cd2nroff: add ability to process multiple input files.
|
|||
|
|
|||
|
- cd2nroff: add `-k` option to use the source filename to form the
|
|||
|
output filename. (instead of the default in-file `Title:` line.)
|
|||
|
|
|||
|
Follow-up to 3f08d80b2244524646ce86915c585509ac54fb4c
|
|||
|
Follow-up to ea0b575dab86a3c44dd1d547dc500276266aa382 #12753
|
|||
|
Follow-up to eefcc1bda4bccd800f5a56a0fe17a2f44a96e88b #12730
|
|||
|
|
|||
|
Closes #12762
|
|||
|
|
|||
|
Richard Levitte (23 Jan 2024)
|
|||
|
|
|||
|
- docs: install curl.1 with cmake as well
|
|||
|
|
|||
|
Closes #12759
|
|||
|
|
|||
|
Daniel Stenberg (23 Jan 2024)
|
|||
|
|
|||
|
- osslq: remove the TLS library from the version output
|
|||
|
|
|||
|
Since we only support using a single TLS library at any one time, we
|
|||
|
know that the TLS library for QUIC is the same that is also shown for
|
|||
|
regular TLS.
|
|||
|
|
|||
|
Fixes #12763
|
|||
|
Reported-by: Viktor Szakats
|
|||
|
Closes #12767
|
|||
|
|
|||
|
Stefan Eissing (23 Jan 2024)
|
|||
|
|
|||
|
- CI: remove unnecessary OpenSSL 3 option `enable-tls1_3`
|
|||
|
|
|||
|
.. and switch OpenSSL 3 libdir from lib64 to lib for consistency.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12758
|
|||
|
|
|||
|
- GHA: bump nghttp2 version to v1.59.0
|
|||
|
|
|||
|
- Switch to v1.59.0 for GHA CI jobs that use a specific nghttp2-version.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12766
|
|||
|
|
|||
|
Daniel Stenberg (23 Jan 2024)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- docs/cmdline: change to .md for cmdline docs
|
|||
|
|
|||
|
- switch all invidual files documenting command line options into .md,
|
|||
|
as the documentation is now markdown-looking.
|
|||
|
|
|||
|
- made the parser treat 4-space indents as quotes
|
|||
|
|
|||
|
- switch to building the curl.1 manpage using the "mainpage.idx" file,
|
|||
|
which lists the files to include to generate it, instead of using the
|
|||
|
previous page-footer/headers. Also, those files are now also .md
|
|||
|
ones, using the same format. I gave them underscore prefixes to make
|
|||
|
them sort separately:
|
|||
|
_NAME.md, _SYNOPSIS.md, _DESCRIPTION.md, _URL.md, _GLOBBING.md,
|
|||
|
_VARIABLES.md, _OUTPUT.md, _PROTOCOLS.md, _PROGRESS.md, _VERSION.md,
|
|||
|
_OPTIONS.md, _FILES.md, _ENVIRONMENT.md, _PROXYPREFIX.md,
|
|||
|
_EXITCODES.md, _BUGS.md, _AUTHORS.md, _WWW.md, _SEEALSO.md
|
|||
|
|
|||
|
- updated test cases accordingly
|
|||
|
|
|||
|
Closes #12751
|
|||
|
|
|||
|
dependabot[bot] (23 Jan 2024)
|
|||
|
|
|||
|
- CI: bump actions/cache from 3 to 4
|
|||
|
|
|||
|
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
|
|||
|
- [Release notes](https://github.com/actions/cache/releases)
|
|||
|
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
|
|||
|
- [Commits](https://github.com/actions/cache/compare/v3...v4)
|
|||
|
|
|||
|
---
|
|||
|
updated-dependencies:
|
|||
|
- dependency-name: actions/cache
|
|||
|
dependency-type: direct:production
|
|||
|
update-type: version-update:semver-major
|
|||
|
...
|
|||
|
|
|||
|
Signed-off-by: dependabot[bot] <support@github.com>
|
|||
|
Closes #12756
|
|||
|
|
|||
|
Daniel Stenberg (23 Jan 2024)
|
|||
|
|
|||
|
- openssl: when verifystatus fails, remove session id from cache
|
|||
|
|
|||
|
To prevent that it gets used in a subsequent transfer that skips the
|
|||
|
verifystatus check since that check can't be done when the session id is
|
|||
|
reused.
|
|||
|
|
|||
|
Reported-by: Hiroki Kurosawa
|
|||
|
Closes #12760
|
|||
|
|
|||
|
Viktor Szakats (23 Jan 2024)
|
|||
|
|
|||
|
- cmake: add option to disable building docs
|
|||
|
|
|||
|
Richard Levitte (23 Jan 2024)
|
|||
|
|
|||
|
- cmake: use curldown to build man pages
|
|||
|
|
|||
|
This throws away the previous HTML and PDF producers, to mimic what
|
|||
|
Makefile.am does as faithfully as possible.
|
|||
|
|
|||
|
Closes #12753
|
|||
|
|
|||
|
Daniel Stenberg (23 Jan 2024)
|
|||
|
|
|||
|
- mksymbolsmanpage.pl: provide references to where the symbol is used
|
|||
|
|
|||
|
- docs: introduce "curldown" for libcurl man page format
|
|||
|
|
|||
|
curldown is this new file format for libcurl man pages. It is markdown
|
|||
|
inspired with differences:
|
|||
|
|
|||
|
- Each file has a set of leading headers with meta-data
|
|||
|
- Supports a small subset of markdown
|
|||
|
- Uses .md file extensions for editors/IDE/GitHub to treat them nicely
|
|||
|
- Generates man pages very similar to the previous ones
|
|||
|
- Generates man pages that still convert nicely to HTML on the website
|
|||
|
- Detects and highlights mentions of curl symbols automatically (when
|
|||
|
their man page section is specified)
|
|||
|
|
|||
|
tools:
|
|||
|
|
|||
|
- cd2nroff: converts from curldown to nroff man page
|
|||
|
- nroff2cd: convert an (old) nroff man page to curldown
|
|||
|
- cdall: convert many nroff pages to curldown versions
|
|||
|
- cd2cd: verifies and updates a curldown to latest curldown
|
|||
|
|
|||
|
This setup generates .3 versions of all the curldown versions at build time.
|
|||
|
|
|||
|
CI:
|
|||
|
|
|||
|
Since the documentation is now technically markdown in the eyes of many
|
|||
|
things, the CI runs many more tests and checks on this documentation,
|
|||
|
including proselint, link checkers and tests that make sure we capitalize the
|
|||
|
first letter after a period...
|
|||
|
|
|||
|
Closes #12730
|
|||
|
|
|||
|
Viktor Szakats (22 Jan 2024)
|
|||
|
|
|||
|
- libssh2: use `libssh2_session_callback_set2()` with v1.11.1
|
|||
|
|
|||
|
To avoid a local hack to pass function pointers and to avoid
|
|||
|
deprecation warnings when building with libssh2 v1.11.1 or newer:
|
|||
|
```
|
|||
|
lib/vssh/libssh2.c:3324:5: warning: 'libssh2_session_callback_set' is depreca
|
|||
|
ted: since libssh2 1.11.1. Use libssh2_session_callback_set2() [-Wdeprecated-
|
|||
|
declarations]
|
|||
|
lib/vssh/libssh2.c:3326:5: warning: 'libssh2_session_callback_set' is depreca
|
|||
|
ted: since libssh2 1.11.1. Use libssh2_session_callback_set2() [-Wdeprecated-
|
|||
|
declarations]
|
|||
|
```
|
|||
|
Ref: https://github.com/curl/curl-for-win/actions/runs/7609484879/job/2072082
|
|||
|
1100#step:3:4982
|
|||
|
|
|||
|
Ref: https://github.com/libssh2/libssh2/pull/1285
|
|||
|
Ref: https://github.com/libssh2/libssh2/commit/c0f69548be902147ce014ffa40b8db
|
|||
|
3cf1d4b0b4
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12754
|
|||
|
|
|||
|
Daniel Stenberg (22 Jan 2024)
|
|||
|
|
|||
|
- transfer: make the select_bits_paused condition check both directions
|
|||
|
|
|||
|
If there is activity in a direction that is not paused, return false.
|
|||
|
|
|||
|
Reported-by: Sergey Bronnikov
|
|||
|
Bug: https://curl.se/mail/lib-2024-01/0049.html
|
|||
|
Closes #12740
|
|||
|
|
|||
|
Stefan Eissing (22 Jan 2024)
|
|||
|
|
|||
|
- http3: initial support for OpenSSL 3.2 QUIC stack
|
|||
|
|
|||
|
- HTTP/3 for curl using OpenSSL's own QUIC stack together
|
|||
|
with nghttp3
|
|||
|
- configure with `--with-openssl-quic` to enable curl to
|
|||
|
build this. This requires the nghttp3 library
|
|||
|
- implementation with the following restrictions:
|
|||
|
* macOS has to use an unconnected UDP socket due to an
|
|||
|
issue in OpenSSL's datagram implementation
|
|||
|
See https://github.com/openssl/openssl/issues/23251
|
|||
|
This makes connections to non-reponsive servers hang.
|
|||
|
* GET requests will send the indicator that they have
|
|||
|
no body in a separate QUIC packet. This may result
|
|||
|
in processing delays or Transfer-Encodings on proxied
|
|||
|
requests
|
|||
|
* uploads that encounter blocks will use 100% cpu as
|
|||
|
detection of these flow control issue is not working
|
|||
|
(we have not figured out to pry that from OpenSSL).
|
|||
|
|
|||
|
Closes #12734
|
|||
|
|
|||
|
Viktor Szakats (22 Jan 2024)
|
|||
|
|
|||
|
- cmake: fix `ENABLE_MANUAL` option
|
|||
|
|
|||
|
Fix the `ENABLE_MANUAL` option. Set it to default to `OFF`.
|
|||
|
|
|||
|
Before this patch `ENABLE_MANUAL=ON` was a no-op, even though it was the
|
|||
|
option designed to enable building and using the built-in curl manual.
|
|||
|
(`USE_MANUAL=ON` option worked for this instead, by accident).
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/pull/12730#issuecomment-1902572409
|
|||
|
Closes #12749
|
|||
|
|
|||
|
Mohammadreza Hendiani (19 Jan 2024)
|
|||
|
|
|||
|
- TODO: update broken link to ratelimit-headers draft
|
|||
|
|
|||
|
Closes #12741
|
|||
|
|
|||
|
Daniel Stenberg (19 Jan 2024)
|
|||
|
|
|||
|
- cmake: when USE_MANUAL=YES, build the curl.1 man page
|
|||
|
|
|||
|
Fixes KNOWN_BUG 15.4
|
|||
|
|
|||
|
Closes #12742
|
|||
|
|
|||
|
- cmdline-opts/write-out.d: remove spurious double quotes
|
|||
|
|
|||
|
Stefan Eissing (19 Jan 2024)
|
|||
|
|
|||
|
- rtsp: Convert assertion into debug log
|
|||
|
|
|||
|
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65934
|
|||
|
|
|||
|
- write excess bytes to the client where the standard excess bytes
|
|||
|
checks will report any wrongness and fail the transfer
|
|||
|
|
|||
|
Fixes #12738
|
|||
|
Closes #12739
|
|||
|
|
|||
|
Daniel Stenberg (19 Jan 2024)
|
|||
|
|
|||
|
- headers: remove assert from Curl_headers_push
|
|||
|
|
|||
|
The fuzzer managed to reach the function without a terminating CR or LF
|
|||
|
so let's handle it normally. While there, remove the goto.
|
|||
|
|
|||
|
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65839
|
|||
|
|
|||
|
Closes #12721
|
|||
|
|
|||
|
- curl_easy_getinfo.3: remove the wrong time value count
|
|||
|
|
|||
|
It said "six" time values but they are eight by now. Remove the mention
|
|||
|
of the amount.
|
|||
|
|
|||
|
Closes #12727
|
|||
|
|
|||
|
Viktor Szakats (18 Jan 2024)
|
|||
|
|
|||
|
- mbedtls: fix `-Wnull-dereference` and `-Wredundant-decls`
|
|||
|
|
|||
|
- Silence warning in mbedTLS v3.5.1 public headers:
|
|||
|
```
|
|||
|
./mbedtls/_x64-linux-musl/usr/include/psa/crypto_extra.h:489:14: warning: r
|
|||
|
edundant redeclaration of 'psa_set_key_domain_parameters' [-Wredundant-decls]
|
|||
|
./mbedtls/_x64-linux-musl/usr/include/psa/crypto_struct.h:354:14: note: pre
|
|||
|
vious declaration of 'psa_set_key_domain_parameters' was here
|
|||
|
```
|
|||
|
Ref: https://github.com/libssh2/libssh2/commit/ecec68a2c13a9c63fe8c2dc457ae
|
|||
|
785a513e157c
|
|||
|
Ref: https://github.com/libssh2/libssh2/pull/1226
|
|||
|
|
|||
|
- Fix compiler warnings seen with gcc 9.2.0 + cmake unity:
|
|||
|
```
|
|||
|
./curl/lib/vtls/mbedtls.c: In function 'mbedtls_bio_cf_read':
|
|||
|
./curl/lib/vtls/mbedtls.c:189:11: warning: null pointer dereference [-Wnull
|
|||
|
-dereference]
|
|||
|
189 | nread = Curl_conn_cf_recv(cf->next, data, (char *)buf, blen, &res
|
|||
|
ult);
|
|||
|
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
~~~~
|
|||
|
./curl/lib/vtls/mbedtls.c: In function 'mbedtls_bio_cf_write':
|
|||
|
./curl/lib/vtls/mbedtls.c:168:14: warning: null pointer dereference [-Wnull
|
|||
|
-dereference]
|
|||
|
168 | nwritten = Curl_conn_cf_send(cf->next, data, (char *)buf, blen, &
|
|||
|
result);
|
|||
|
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
~~~~~~~
|
|||
|
```
|
|||
|
|
|||
|
- delete stray `#else`.
|
|||
|
|
|||
|
Closes #12720
|
|||
|
|
|||
|
Daniel Stenberg (17 Jan 2024)
|
|||
|
|
|||
|
- docs: cleanup nroff format use
|
|||
|
|
|||
|
- remove use of .BI for code snippet
|
|||
|
- stop using .br, just do a blank line
|
|||
|
- remove use of .PP
|
|||
|
- remove use for .sp
|
|||
|
- remove backslash in .IP
|
|||
|
- use .IP instead of .TP
|
|||
|
|
|||
|
Closes #12731
|
|||
|
|
|||
|
Stefan Eissing (17 Jan 2024)
|
|||
|
|
|||
|
- test2307: fix expected failure code after ws refactoring
|
|||
|
|
|||
|
Fixes #12722
|
|||
|
Closes #12728
|
|||
|
|
|||
|
Jay Satiro (17 Jan 2024)
|
|||
|
|
|||
|
- cf-socket: show errno in tcpkeepalive error messages
|
|||
|
|
|||
|
- If the socket keepalive options (TCP_KEEPIDLE, etc) cannot be set
|
|||
|
then show the errno in the verbose error messages.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/discussions/12715#discussioncomment-8151652
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12726
|
|||
|
|
|||
|
- tool_getparam: stop supporting `@filename` style for --cookie
|
|||
|
|
|||
|
The `@filename` style was never documented for --cookie <data|filename>
|
|||
|
but prior to this change curl would accept it anyway and always treat a
|
|||
|
@ prefixed string as a filename.
|
|||
|
|
|||
|
That's a problem if the string also contains a = sign because then it is
|
|||
|
documented to be interpreted as a cookie string and not a filename.
|
|||
|
|
|||
|
Example:
|
|||
|
|
|||
|
`--cookie @foo=bar`
|
|||
|
|
|||
|
Before: Interpreted as load cookies from filename foo=bar.
|
|||
|
|
|||
|
After: Interpreted as cookie `@foo=bar` (name `@foo` and value `bar`).
|
|||
|
|
|||
|
Other curl options with a data/filename option-value use the `@filename`
|
|||
|
to distinguish filenames which is probably how this happened. The
|
|||
|
--cookie option has never been documented that way.
|
|||
|
|
|||
|
Ref: https://curl.se/docs/manpage.html#-b
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12645
|
|||
|
|
|||
|
Stefan Eissing (16 Jan 2024)
|
|||
|
|
|||
|
- websockets: refactor decode chain
|
|||
|
|
|||
|
- use client writer stack for decoding frames
|
|||
|
- move websocket protocol handler to ws.c
|
|||
|
|
|||
|
Closes #12713
|
|||
|
|
|||
|
- websockets: check for negative payload lengths
|
|||
|
|
|||
|
- in en- and decoding, check the websocket frame payload lengths for
|
|||
|
negative values (from curl_off_t) and error the operation in that case
|
|||
|
- add test 2307 to verify
|
|||
|
|
|||
|
Closes #12707
|
|||
|
|
|||
|
Daniel Stenberg (16 Jan 2024)
|
|||
|
|
|||
|
- docs: mention env vars not used by schannel
|
|||
|
|
|||
|
Ref: #12704
|
|||
|
|
|||
|
Co-authored-by: Jay Satiro <raysatiro@yahoo.com>
|
|||
|
|
|||
|
Closes #12711
|
|||
|
|
|||
|
- tool_operate: make --remove-on-error only remove "real" files
|
|||
|
|
|||
|
Reported-by: Harry Sintonen
|
|||
|
Assisted-by: Dan Fandrich
|
|||
|
|
|||
|
Closes #12710
|
|||
|
|
|||
|
Jay Wu (16 Jan 2024)
|
|||
|
|
|||
|
- url: don't set default CA paths for Secure Transport backend
|
|||
|
|
|||
|
As the default for this backend is the native CA store.
|
|||
|
|
|||
|
Closes #12704
|
|||
|
|
|||
|
Lin Sun (16 Jan 2024)
|
|||
|
|
|||
|
- asyn-ares: with modern c-ares, use its default timeout
|
|||
|
|
|||
|
Closes #12703
|
|||
|
|
|||
|
Daniel Stenberg (15 Jan 2024)
|
|||
|
|
|||
|
- tool_operate: stop setting the file comment on Amiga
|
|||
|
|
|||
|
- the URL is capped at 80 cols, which ruins it if longer
|
|||
|
- it does not strip off URL credentials
|
|||
|
- it is done unconditonally, not on --xattr
|
|||
|
- we don't have Amiga in the CI which makes fixing it blindly fragile
|
|||
|
|
|||
|
Someone who builds and tests on Amiga can add it back correctly in a
|
|||
|
future if there is a desire.
|
|||
|
|
|||
|
Reported-by: Harry Sintonen
|
|||
|
Closes #12709
|
|||
|
|
|||
|
Stefan Eissing (15 Jan 2024)
|
|||
|
|
|||
|
- rtsp: deal with borked server responses
|
|||
|
|
|||
|
- enforce a response body length of 0, if the
|
|||
|
response has no Content-lenght. This is according
|
|||
|
to the RTSP spec.
|
|||
|
- excess bytes in a response body are forwarded to
|
|||
|
the client writers which will report and fail the
|
|||
|
transfer
|
|||
|
|
|||
|
Follow-up to d7b6ce6
|
|||
|
Fixes #12701
|
|||
|
Closes #12706
|
|||
|
|
|||
|
Daniel Stenberg (14 Jan 2024)
|
|||
|
|
|||
|
- version: show only the libpsl version, not its dependencies
|
|||
|
|
|||
|
The libpsl version output otherwise also includes version number for its
|
|||
|
dependencies, like IDN lib, but since libcurl does not use libpsl's IDN
|
|||
|
functionality those components are not important.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl-for-win/issues/63
|
|||
|
Closes #12700
|
|||
|
|
|||
|
Brad Harder (14 Jan 2024)
|
|||
|
|
|||
|
- curl.h: CURLOPT_DNS_SERVERS is only available with c-ares
|
|||
|
|
|||
|
Closes #12695
|
|||
|
|
|||
|
Daniel Stenberg (14 Jan 2024)
|
|||
|
|
|||
|
- cmdline-opts/gen.pl: error on initital blank line
|
|||
|
|
|||
|
After the "---" separator, there should be no blank line and this script
|
|||
|
now errors out if one is detected.
|
|||
|
|
|||
|
Ref: #12696
|
|||
|
Closes #12698
|
|||
|
|
|||
|
- cf-h1-proxy: no CURLOPT_USERAGENT in CONNECT with hyper
|
|||
|
|
|||
|
Follow-up to 693cd1679361828a which was incomplete
|
|||
|
|
|||
|
Ref #12680
|
|||
|
Closes #12697
|
|||
|
|
|||
|
- curl_multi_fdset.3: remove mention of null pointer support
|
|||
|
|
|||
|
... since this funtion has not supported null pointer fd_set arguments since
|
|||
|
at least 2006. (That's when I stopped my git blame journey)
|
|||
|
|
|||
|
Fixes #12691
|
|||
|
Reported-by: sfan5 on github
|
|||
|
Closes #12692
|
|||
|
|
|||
|
Mark Huang (14 Jan 2024)
|
|||
|
|
|||
|
- docs/cmdline: remove unnecessary line breaks
|
|||
|
|
|||
|
Closes #12696
|
|||
|
|
|||
|
Daniel Stenberg (14 Jan 2024)
|
|||
|
|
|||
|
- transfer: remove warning: Value stored to 'blen' is never read
|
|||
|
|
|||
|
Detected by scan-build
|
|||
|
|
|||
|
Follow-up from 1cd2f0072f
|
|||
|
|
|||
|
Closes #12693
|
|||
|
|
|||
|
Stefan Eissing (13 Jan 2024)
|
|||
|
|
|||
|
- lib: replace readwrite with write_resp
|
|||
|
|
|||
|
This clarifies the handling of server responses by folding the code for
|
|||
|
the complicated protocols into their protocol handlers. This concerns
|
|||
|
mainly HTTP and its bastard sibling RTSP.
|
|||
|
|
|||
|
The terms "read" and "write" are often used without clear context if
|
|||
|
they refer to the connect or the client/application side of a
|
|||
|
transfer. This PR uses "read/write" for operations on the client side
|
|||
|
and "send/receive" for the connection, e.g. server side. If this is
|
|||
|
considered useful, we can revisit renaming of further methods in another
|
|||
|
PR.
|
|||
|
|
|||
|
Curl's protocol handler `readwrite()` method been changed:
|
|||
|
|
|||
|
```diff
|
|||
|
- CURLcode (*readwrite)(struct Curl_easy *data, struct connectdata *conn,
|
|||
|
- const char *buf, size_t blen,
|
|||
|
- size_t *pconsumed, bool *readmore);
|
|||
|
+ CURLcode (*write_resp)(struct Curl_easy *data, const char *buf, size_t ble
|
|||
|
n,
|
|||
|
+ bool is_eos, bool *done);
|
|||
|
```
|
|||
|
|
|||
|
The name was changed to clarify that this writes reponse data to the
|
|||
|
client side. The parameter changes are:
|
|||
|
|
|||
|
* `conn` removed as it always operates on `data->conn`
|
|||
|
* `pconsumed` removed as the method needs to handle all data on success
|
|||
|
* `readmore` removed as no longer necessary
|
|||
|
* `is_eos` as indicator that this is the last call for the transfer
|
|||
|
response (end-of-stream).
|
|||
|
* `done` TRUE on return iff the transfer response is to be treated as
|
|||
|
finished
|
|||
|
|
|||
|
This change affects many files only because of updated comments in
|
|||
|
handlers that provide no implementation. The real change is that the
|
|||
|
HTTP protocol handlers now provide an implementation.
|
|||
|
|
|||
|
The HTTP protocol handlers `write_resp()` implementation will get passed
|
|||
|
**all** raw data of a server response for the transfer. The HTTP/1.x
|
|||
|
formatted status and headers, as well as the undecoded response
|
|||
|
body. `Curl_http_write_resp_hds()` is used internally to parse the
|
|||
|
response headers and pass them on. This method is public as the RTSP
|
|||
|
protocol handler also uses it.
|
|||
|
|
|||
|
HTTP/1.1 "chunked" transport encoding is now part of the general
|
|||
|
*content encoding* writer stack, just like other encodings. A new flag
|
|||
|
`CLIENTWRITE_EOS` was added for the last client write. This allows
|
|||
|
writers to verify that they are in a valid end state. The chunked
|
|||
|
decoder will check if it indeed has seen the last chunk.
|
|||
|
|
|||
|
The general response handling in `transfer.c:466` happens in function
|
|||
|
`readwrite_data()`. This mainly operates now like:
|
|||
|
|
|||
|
```
|
|||
|
static CURLcode readwrite_data(data, ...)
|
|||
|
{
|
|||
|
do {
|
|||
|
Curl_xfer_recv_resp(data, buf)
|
|||
|
...
|
|||
|
Curl_xfer_write_resp(data, buf)
|
|||
|
...
|
|||
|
} while(interested);
|
|||
|
...
|
|||
|
}
|
|||
|
```
|
|||
|
|
|||
|
All the response data handling is implemented in
|
|||
|
`Curl_xfer_write_resp()`. It calls the protocol handler's `write_resp()`
|
|||
|
implementation if available, or does the default behaviour.
|
|||
|
|
|||
|
All raw response data needs to pass through this function. Which also
|
|||
|
means that anyone in possession of such data may call
|
|||
|
`Curl_xfer_write_resp()`.
|
|||
|
|
|||
|
Closes #12480
|
|||
|
|
|||
|
Daniel Stenberg (13 Jan 2024)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- TODO: TFTP doesn't convert LF to CRLF for mode=netascii
|
|||
|
|
|||
|
Closes #12655
|
|||
|
Closes #12690
|
|||
|
|
|||
|
- gen: do italics/bold for a range of letters, not just single word
|
|||
|
|
|||
|
Previously it would match only on a sequence of non-space, which made it
|
|||
|
miss to highlight for example "public suffix list".
|
|||
|
|
|||
|
Updated the recent cookie.d edit from 5da57193b732 to use bold instead
|
|||
|
of italics.
|
|||
|
|
|||
|
Closes #12689
|
|||
|
|
|||
|
- docs: describe and highlight super cookies
|
|||
|
|
|||
|
Reported-by: Yadhu Krishna M
|
|||
|
|
|||
|
Closes #12687
|
|||
|
|
|||
|
- configure: when enabling QUIC, check that TLS supports QUIC
|
|||
|
|
|||
|
Most importantly perhaps is when using OpenSSL that the used
|
|||
|
build/flavor has the QUIC API: the vanilla OpenSSL does not, only
|
|||
|
BoringSSL, libressl, AWS-LC and quictls do.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/commit/5d044ad9480a9f556f4b6a252d7533b1ba7f
|
|||
|
e57e#r136780413
|
|||
|
|
|||
|
Closes #12683
|
|||
|
|
|||
|
Stefan Eissing (11 Jan 2024)
|
|||
|
|
|||
|
- vquic: extract TLS setup into own source
|
|||
|
|
|||
|
- separate ngtcp2 specific parts out
|
|||
|
- provide callback during init to allow ngtcp2 to apply its defaults
|
|||
|
|
|||
|
Closes #12678
|
|||
|
|
|||
|
Sergey Markelov (11 Jan 2024)
|
|||
|
|
|||
|
- multi: remove total timer reset in file_do() while fetching file://
|
|||
|
|
|||
|
The total timer is properly reset in MSTATE_INIT. MSTATE_CONNECT starts
|
|||
|
with resetting the timer that is a start point for further multi states.
|
|||
|
If file://, MSTATE_DO calls file_do() that should not reset the total
|
|||
|
timer. Otherwise, the total time is always less than the pre-transfer
|
|||
|
and the start transfer times.
|
|||
|
|
|||
|
Closes #12682
|
|||
|
|
|||
|
Daniel Stenberg (11 Jan 2024)
|
|||
|
|
|||
|
- http_proxy: a blank CURLOPT_USERAGENT should not be used in CONNECT
|
|||
|
|
|||
|
Extended test 80 to verify this.
|
|||
|
|
|||
|
Reported-by: Stefan Eissing
|
|||
|
Fixes #12680
|
|||
|
Closes #12681
|
|||
|
|
|||
|
- sectransp: do verify_cert without memdup for blobs
|
|||
|
|
|||
|
Since the information is then already stored in memory, this can avoid
|
|||
|
an extra set of malloc + free calls.
|
|||
|
|
|||
|
Closes #12679
|
|||
|
|
|||
|
- hsts: remove assert for zero length domain
|
|||
|
|
|||
|
A zero length domain can happen if the HSTS parser is given invalid
|
|||
|
input data which is not unheard of and is done by the fuzzer.
|
|||
|
|
|||
|
Follow-up from cfe7902111ae547873
|
|||
|
|
|||
|
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65661
|
|||
|
|
|||
|
Closes #12676
|
|||
|
|
|||
|
- headers: make sure the trailing newline is not stored
|
|||
|
|
|||
|
extended test1940 to verify blank header fields too
|
|||
|
|
|||
|
Bug: https://curl.se/mail/lib-2024-01/0019.html
|
|||
|
Reported-by: Dmitry Karpov
|
|||
|
Closes #12675
|
|||
|
|
|||
|
- curl_easy_header.3: tiny language fix
|
|||
|
|
|||
|
Closes #12672
|
|||
|
|
|||
|
- examples/range.c: add
|
|||
|
|
|||
|
Closes #12671
|
|||
|
|
|||
|
- examples/netrc.c: add
|
|||
|
|
|||
|
Closes #12671
|
|||
|
|
|||
|
- examples/ipv6.c: new example showing IPv6-only internet transfer
|
|||
|
|
|||
|
Closes #12671
|
|||
|
|
|||
|
- examples/address-scope.c: renamed from ipv6.c
|
|||
|
|
|||
|
It shows address scope use really
|
|||
|
|
|||
|
Closes #12671
|
|||
|
|
|||
|
Stefan Eissing (9 Jan 2024)
|
|||
|
|
|||
|
- multi: pollset adjust, init with FIRSTSOCKET during connect
|
|||
|
|
|||
|
- `conn->sockfd` is set by `Curl_setup_transfer()`, but that
|
|||
|
is called *after* the connection has been established
|
|||
|
- use `conn->sock[FIRSTSOCKET]` instead
|
|||
|
|
|||
|
Follow-up to a0f94800d507de
|
|||
|
Closes #12664
|
|||
|
|
|||
|
Daniel Stenberg (9 Jan 2024)
|
|||
|
|
|||
|
- WEBSOCKET.md: remove dead link
|
|||
|
|
|||
|
- CI: spellcheck/appveyor: invoke configure --without-libpsl
|
|||
|
|
|||
|
Follow-up to 2998874bb61ac6
|
|||
|
|
|||
|
- cmdline/docs/*.d: switch to using ## instead of .IP
|
|||
|
|
|||
|
To make the editing easier. To write and to read.
|
|||
|
|
|||
|
Closes #12667
|
|||
|
|
|||
|
- gen.pl: support ## for doing .IP in table-like lists
|
|||
|
|
|||
|
Warn on use of .RS/.IP/.RE
|
|||
|
|
|||
|
Closes #12667
|
|||
|
|
|||
|
Jay Satiro (9 Jan 2024)
|
|||
|
|
|||
|
- cookie.d: Document use of empty string to enable cookie engine
|
|||
|
|
|||
|
- Explain that --cookie "" can be used to enable the cookie engine
|
|||
|
without reading any initial cookies.
|
|||
|
|
|||
|
As is documented in CURLOPT_COOKIEFILE.
|
|||
|
|
|||
|
Ref: https://curl.se/libcurl/c/CURLOPT_COOKIEFILE.html
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/issues/12643#issuecomment-1879844420
|
|||
|
Reported-by: janko-js@users.noreply.github.com
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12646
|
|||
|
|
|||
|
Daniel Stenberg (9 Jan 2024)
|
|||
|
|
|||
|
- setopt: use memdup0 when cloning COPYPOSTFIELDS
|
|||
|
|
|||
|
Closes #12651
|
|||
|
|
|||
|
- telnet: use dynbuf instad of malloc for escape buffer
|
|||
|
|
|||
|
Previously, send_telnet_data() would malloc + free a buffer every time
|
|||
|
for escaping IAC codes. Now, it reuses a dynbuf for this purpose.
|
|||
|
|
|||
|
Closes #12652
|
|||
|
|
|||
|
- CI: install libpsl or configure --without-libpsl in builds
|
|||
|
|
|||
|
As a follow-up to the stricted libpsl check in configure
|
|||
|
|
|||
|
- configure: make libpsl detection failure cause error
|
|||
|
|
|||
|
To force users to explictily disable it if they really don't want it
|
|||
|
used and make it harder to accidentally miss it.
|
|||
|
|
|||
|
--without-libpsl is the option to use if PSL is not wanted.
|
|||
|
|
|||
|
Closes #12661
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- pop3: replace calloc + memcpy with memdup0
|
|||
|
|
|||
|
... and make sure to return error on out of memory.
|
|||
|
|
|||
|
Closes #12650
|
|||
|
|
|||
|
- lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT
|
|||
|
|
|||
|
Closes #12658
|
|||
|
|
|||
|
- mime: use memdup0 instead of malloc + memcpy
|
|||
|
|
|||
|
Closes #12649
|
|||
|
|
|||
|
- tool_getparam: move the --rate logic into set_rate()
|
|||
|
|
|||
|
- tool_getparam: switch to an enum for every option
|
|||
|
|
|||
|
To make the big switch much easier to read/understand and to make it
|
|||
|
easier to add new options.
|
|||
|
|
|||
|
- tool_getparam: build post data using dynbuf (more)
|
|||
|
|
|||
|
- tool_getparam: replace malloc + copy by dynbuf for --data
|
|||
|
|
|||
|
- tool_getparam: make data_urlencode avoid direct malloc
|
|||
|
|
|||
|
use aprintf() instead
|
|||
|
|
|||
|
- tool_getparam: move the --url-query logic into url_query()
|
|||
|
|
|||
|
This function is not doing post at all so it was always weirdly placed.
|
|||
|
|
|||
|
- tool_getparam: move the --data logic into set_data()
|
|||
|
|
|||
|
- tool_getparam: unify the cmdline switch() into a single one
|
|||
|
|
|||
|
- easier to follow, easier to modify, easier to extend, possibly slightly
|
|||
|
faster
|
|||
|
|
|||
|
- each case now has the long option as a comment
|
|||
|
|
|||
|
- tool_getparam: bsearch cmdline options
|
|||
|
|
|||
|
- the option names are now alpha sorted and lookup is a lot faster
|
|||
|
|
|||
|
- use case sensitive matching. It was previously case insensitive, but that
|
|||
|
was not documented nor tested.
|
|||
|
|
|||
|
- remove "partial match" feature. It was not documented, not tested and
|
|||
|
was always fragile as existing use could break when we add a new
|
|||
|
option
|
|||
|
|
|||
|
- lookup short options via a table
|
|||
|
|
|||
|
Closes #12631
|
|||
|
|
|||
|
Gabe (8 Jan 2024)
|
|||
|
|
|||
|
- COPYING: update copyright year
|
|||
|
|
|||
|
Closes #12654
|
|||
|
|
|||
|
Stefan Eissing (8 Jan 2024)
|
|||
|
|
|||
|
- url: init conn->sockfd and writesockfd to CURL_SOCKET_BAD
|
|||
|
|
|||
|
Also add more tracing to test 19
|
|||
|
|
|||
|
Follow-up to a0f9480
|
|||
|
|
|||
|
Fixes #12657
|
|||
|
Closes #12659
|
|||
|
|
|||
|
Daniel Stenberg (8 Jan 2024)
|
|||
|
|
|||
|
- connect: remove margin from eyeballer alloc
|
|||
|
|
|||
|
Presumably leftovers from debugging
|
|||
|
|
|||
|
Closes #12647
|
|||
|
|
|||
|
- ftp: only consider entry path if it has a length
|
|||
|
|
|||
|
Follow-up from 8edcfedc1a144f438bd1cdf814a0016cb
|
|||
|
|
|||
|
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65631
|
|||
|
|
|||
|
Avoids a NULL pointer deref.
|
|||
|
|
|||
|
Closes #12648
|
|||
|
|
|||
|
Stefan Eissing (7 Jan 2024)
|
|||
|
|
|||
|
- transfer: adjust_pollset improvements
|
|||
|
|
|||
|
- let `multi_getsock()` initialize the pollset in what the
|
|||
|
transfer state requires in regards to SEND/RECV
|
|||
|
- change connection filters `adjust_pollset()` implementation
|
|||
|
to react on the presence of POLLIN/-OUT in the pollset and
|
|||
|
no longer check CURL_WANT_SEND/CURL_WANT_RECV
|
|||
|
- cf-socket will no longer add POLLIN on its own
|
|||
|
- http2 and http/3 filters will only do adjustments if the
|
|||
|
passed pollset wants to POLLIN/OUT for the transfer on
|
|||
|
the socket. This is similar to the HTTP/2 proxy filter
|
|||
|
and works in stacked filters.
|
|||
|
|
|||
|
Closes #12640
|
|||
|
|
|||
|
Daniel Stenberg (6 Jan 2024)
|
|||
|
|
|||
|
- ftp: use memdup0 to store the OS from a SYST 215 response
|
|||
|
|
|||
|
avoid malloc + direct buffer fiddle
|
|||
|
|
|||
|
Closes #12639
|
|||
|
|
|||
|
- ftp: use dynbuf to store entrypath
|
|||
|
|
|||
|
avoid direct malloc
|
|||
|
|
|||
|
Closes #12638
|
|||
|
|
|||
|
Lealem Amedie (6 Jan 2024)
|
|||
|
|
|||
|
- wolfssl: load certificate *chain* for PEM client certs
|
|||
|
|
|||
|
Closes #12634
|
|||
|
|
|||
|
Stefan Eissing (4 Jan 2024)
|
|||
|
|
|||
|
- http: adjust_pollset fix
|
|||
|
|
|||
|
do not add a socket for POLLIN when the transfer does not want to send
|
|||
|
(for example is paused).
|
|||
|
|
|||
|
Follow-up to 47f5b1a
|
|||
|
|
|||
|
Reported-by: bubbleguuum on github
|
|||
|
Fixes #12632
|
|||
|
Closes #12633
|
|||
|
|
|||
|
Daniel Stenberg (3 Jan 2024)
|
|||
|
|
|||
|
- tool: make parser reject blank arguments if not supported
|
|||
|
|
|||
|
Already in the getstr() function that clones the input argument.
|
|||
|
|
|||
|
Closes #12620
|
|||
|
|
|||
|
dependabot[bot] (3 Jan 2024)
|
|||
|
|
|||
|
- build(deps): bump github/codeql-action from 2 to 3
|
|||
|
|
|||
|
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2
|
|||
|
to 3.
|
|||
|
- [Release notes](https://github.com/github/codeql-action/releases)
|
|||
|
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
|
|||
|
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)
|
|||
|
|
|||
|
---
|
|||
|
updated-dependencies:
|
|||
|
- dependency-name: github/codeql-action
|
|||
|
dependency-type: direct:production
|
|||
|
update-type: version-update:semver-major
|
|||
|
...
|
|||
|
|
|||
|
Signed-off-by: dependabot[bot] <support@github.com>
|
|||
|
|
|||
|
Closes #12625
|
|||
|
|
|||
|
- build(deps): bump actions/checkout from 3 to 4
|
|||
|
|
|||
|
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
|
|||
|
- [Release notes](https://github.com/actions/checkout/releases)
|
|||
|
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
|
|||
|
- [Commits](https://github.com/actions/checkout/compare/v3...v4)
|
|||
|
|
|||
|
---
|
|||
|
updated-dependencies:
|
|||
|
- dependency-name: actions/checkout
|
|||
|
dependency-type: direct:production
|
|||
|
update-type: version-update:semver-major
|
|||
|
...
|
|||
|
|
|||
|
Signed-off-by: dependabot[bot] <support@github.com>
|
|||
|
|
|||
|
Closes #12624
|
|||
|
|
|||
|
- build(deps): bump actions/upload-artifact from 3 to 4
|
|||
|
|
|||
|
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) f
|
|||
|
rom 3 to 4.
|
|||
|
- [Release notes](https://github.com/actions/upload-artifact/releases)
|
|||
|
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)
|
|||
|
|
|||
|
---
|
|||
|
updated-dependencies:
|
|||
|
- dependency-name: actions/upload-artifact
|
|||
|
dependency-type: direct:production
|
|||
|
update-type: version-update:semver-major
|
|||
|
...
|
|||
|
|
|||
|
Signed-off-by: dependabot[bot] <support@github.com>
|
|||
|
|
|||
|
Closes #12627
|
|||
|
|
|||
|
- build(deps): bump actions/download-artifact from 3 to 4
|
|||
|
|
|||
|
Bumps [actions/download-artifact](https://github.com/actions/download-artifac
|
|||
|
t) from 3 to 4.
|
|||
|
- [Release notes](https://github.com/actions/download-artifact/releases)
|
|||
|
- [Commits](https://github.com/actions/download-artifact/compare/v3...v4)
|
|||
|
|
|||
|
---
|
|||
|
updated-dependencies:
|
|||
|
- dependency-name: actions/download-artifact
|
|||
|
dependency-type: direct:production
|
|||
|
update-type: version-update:semver-major
|
|||
|
...
|
|||
|
|
|||
|
Signed-off-by: dependabot[bot] <support@github.com>
|
|||
|
|
|||
|
Closes #12626
|
|||
|
|
|||
|
Stefan Eissing (3 Jan 2024)
|
|||
|
|
|||
|
- http3/quiche: fix result code on a stream reset
|
|||
|
|
|||
|
- fixes pytest failures in test 07_22
|
|||
|
- aligns CURLcode values on stream reset with ngtcp2
|
|||
|
|
|||
|
Closes #12629
|
|||
|
|
|||
|
Daniel Stenberg (2 Jan 2024)
|
|||
|
|
|||
|
- setopt: clear mimepost when formp is freed
|
|||
|
|
|||
|
A precaution to avoid a possibly dangling pointer left behind.
|
|||
|
|
|||
|
Reported-by: Thomas Ferguson
|
|||
|
Fixes #12608
|
|||
|
Closes #12621
|
|||
|
|
|||
|
Andy Alt (2 Jan 2024)
|
|||
|
|
|||
|
- CI: Add dependabot.yml
|
|||
|
|
|||
|
This will cause dependabot to open a PR when various actions are
|
|||
|
updated, provided that the action maintainer has issued a release.
|
|||
|
|
|||
|
Closes #12623
|
|||
|
|
|||
|
Gisle Vanem (2 Jan 2024)
|
|||
|
|
|||
|
- content_encoding: change return code to typedef'ed enum
|
|||
|
|
|||
|
... to work around a clang ubsan warning.
|
|||
|
|
|||
|
Fixes #12618
|
|||
|
Closes #12622
|
|||
|
|
|||
|
Daniel Stenberg (2 Jan 2024)
|
|||
|
|
|||
|
- tool: prepend output_dir in header callback
|
|||
|
|
|||
|
When Content-Disposition parsing is used and an output dir is prepended,
|
|||
|
make sure to store that new file name correctly so that it can be used
|
|||
|
for setting the file timestamp when --remote-time is used.
|
|||
|
|
|||
|
Extended test 3012 to verify.
|
|||
|
|
|||
|
Co-Authored-by: Jay Satiro
|
|||
|
Reported-by: hgdagon on github
|
|||
|
Fixes #12614
|
|||
|
Closes #12617
|
|||
|
|
|||
|
- test1254: fix typo in name plus shorten it
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Viktor Szakats (2 Jan 2024)
|
|||
|
|
|||
|
- schannel: fix `-Warith-conversion` gcc 13 warning
|
|||
|
|
|||
|
```
|
|||
|
lib/vtls/schannel.c:1201:22: warning: conversion to 'unsigned int' from 'int'
|
|||
|
may change the sign of the result [-Warith-conversion]
|
|||
|
1201 | *extension_len = *list_len +
|
|||
|
| ^
|
|||
|
```
|
|||
|
|
|||
|
Closes #12616
|
|||
|
|
|||
|
- asyn-thread: silence `-Wcast-align` warning for Windows
|
|||
|
|
|||
|
Seen with llvm/clang 17:
|
|||
|
```
|
|||
|
lib/asyn-thread.c:310:5: warning: cast from 'PCHAR' (aka 'char *') to 'struct
|
|||
|
thread_sync_data *' increases required alignment from 1 to 8 [-Wcast-align]
|
|||
|
310 | CONTAINING_RECORD(overlapped, struct thread_sync_data, w8.overlap
|
|||
|
ped);
|
|||
|
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
~~~~
|
|||
|
.../llvm-mingw/aarch64-w64-mingw32/include/winnt.h:717:48: note: expanded fro
|
|||
|
m macro 'CONTAINING_RECORD'
|
|||
|
717 | #define CONTAINING_RECORD(address,type,field) ((type *)((PCHAR)(addre
|
|||
|
ss) - (ULONG_PTR)(&((type *)0)->field)))
|
|||
|
| ^~~~~~~~~~~~~~~~~~~~~~
|
|||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
```
|
|||
|
|
|||
|
Follow-up to a6bbc87f9e9ffb46a1801dfb983e7534825ed56b #12482
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/pull/12482#issuecomment-1873017261
|
|||
|
Closes #12615
|
|||
|
|
|||
|
Daniel Stenberg (2 Jan 2024)
|
|||
|
|
|||
|
- tool_listhelp: regenerate after recent .d updates
|
|||
|
|
|||
|
Makes it survive test 1478
|
|||
|
|
|||
|
Closes #12612
|
|||
|
|
|||
|
- test1478: verify src/tool_listhelp.c
|
|||
|
|
|||
|
Verify that the source file on disk is identical to the output of gen.pl
|
|||
|
listhelp, as otherwise they are out of sync and need attention.
|
|||
|
|
|||
|
Closes #12612
|
|||
|
|
|||
|
- testutil: make runtests support %include
|
|||
|
|
|||
|
Using this instruction, a test case can include the contents of a file
|
|||
|
into the test during the preprocessing.
|
|||
|
|
|||
|
Closes #12612
|
|||
|
|
|||
|
- runtests: for mode="text" on <stdout>, fix newlines on both parts
|
|||
|
|
|||
|
Closes #12612
|
|||
|
|
|||
|
Jay Satiro (2 Jan 2024)
|
|||
|
|
|||
|
- quiche: return CURLE_HTTP3 on send to invalid stream
|
|||
|
|
|||
|
Prior to this change if a send failed on a stream in an invalid state
|
|||
|
(according to quiche) and not marked as closed (according to libcurl)
|
|||
|
then the send function would return CURLE_SEND_ERROR.
|
|||
|
|
|||
|
We already have similar code for ngtcp2 to return CURLE_HTTP3 in this
|
|||
|
case.
|
|||
|
|
|||
|
Caught by test test_07_upload.py: test_07_22_upload_parallel_fail.
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/12590
|
|||
|
Closes https://github.com/curl/curl/pull/12597
|
|||
|
|
|||
|
Daniel Stenberg (1 Jan 2024)
|
|||
|
|
|||
|
- cmdline-opts: update availability for the *-ca-native options
|
|||
|
|
|||
|
Closes #12613
|
|||
|
|
|||
|
Patrick Monnerat (31 Dec 2023)
|
|||
|
|
|||
|
- openldap: fix STARTTLS
|
|||
|
|
|||
|
It was not working anymore since introduction of connection filters.
|
|||
|
|
|||
|
Also do not attempt to recover from a failing TLS negotiation with
|
|||
|
CURLUSESSL_TRY.
|
|||
|
|
|||
|
Closes #12610
|
|||
|
|
|||
|
Daniel Stenberg (31 Dec 2023)
|
|||
|
|
|||
|
- haproxy-clientip.d: document the arg
|
|||
|
|
|||
|
The arg keyword was missing and therefore not present in the man page.
|
|||
|
|
|||
|
Closes #12611
|
|||
|
|
|||
|
annalee (29 Dec 2023)
|
|||
|
|
|||
|
- configure: fix no default int compile error in ipv6 detection
|
|||
|
|
|||
|
Closes #12607
|
|||
|
|
|||
|
Dan Fandrich (28 Dec 2023)
|
|||
|
|
|||
|
- CI: Fix use of any-glob-to-all-files in the labeler
|
|||
|
|
|||
|
Despite its name, this atom acts like one-glob-to-all-files and a
|
|||
|
different syntax with braces must be used to get
|
|||
|
any-glob-to-all-files semantics. Unfortunately, this makes the file
|
|||
|
completely unreadable.
|
|||
|
|
|||
|
Ref: https://github.com/actions/labeler/issues/731
|
|||
|
|
|||
|
Daniel Stenberg (29 Dec 2023)
|
|||
|
|
|||
|
- CURLOPT_AUTOREFERER.3: mention CURLINFO_REFERER
|
|||
|
|
|||
|
- CURLINFO_REFERER.3: clarify that it is the *request* header
|
|||
|
|
|||
|
That libcurl itself sent in the most recent request
|
|||
|
|
|||
|
Closes #12605
|
|||
|
|
|||
|
Jay Satiro (28 Dec 2023)
|
|||
|
|
|||
|
- system_win32: fix a function pointer assignment warning
|
|||
|
|
|||
|
- Use CURLX_FUNCTION_CAST to suppress a function pointer assignment
|
|||
|
warning.
|
|||
|
|
|||
|
a6bbc87f added lookups of some Windows API functions and then cast them
|
|||
|
like `*(FARPROC*)&Curl_funcname = address`. Some versions of gcc warn
|
|||
|
about that as breaking strict-aliasing rules so this PR changes those
|
|||
|
assignments to use CURLX_FUNCTION_CAST.
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/pull/12581#issuecomment-1869804317
|
|||
|
Reported-by: Marcel Raad
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12602
|
|||
|
|
|||
|
- verify-examples.pl: fail verification on unescaped backslash
|
|||
|
|
|||
|
- Check that all backslashes in EXAMPLE are properly escaped.
|
|||
|
|
|||
|
eg manpage must always use `\\n` never `\n`.
|
|||
|
|
|||
|
This is because the manpage requires we always double blackslash to show
|
|||
|
a single backslash. Prior to this change an erroneous single backslash
|
|||
|
would pass through and compile even though it would not show correctly
|
|||
|
in the manpage.
|
|||
|
|
|||
|
Co-authored-by: Daniel Stenberg
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/pull/12588
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12589
|
|||
|
|
|||
|
- vtls: fix missing multissl version info
|
|||
|
|
|||
|
- Fix erroneous buffer copy logic from ff74cef5.
|
|||
|
|
|||
|
Prior to this change the MultiSSL version info returned to the user
|
|||
|
was empty.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12599
|
|||
|
|
|||
|
Daniel Stenberg (27 Dec 2023)
|
|||
|
|
|||
|
- KNOWN_BUGS: [RTSP] Some methods do not support response bodies
|
|||
|
|
|||
|
Closes #12414
|
|||
|
|
|||
|
Patrick Monnerat (27 Dec 2023)
|
|||
|
|
|||
|
- openldap: fix an LDAP crash
|
|||
|
|
|||
|
Reported-by: Ozan Cansel
|
|||
|
Fixes #12593
|
|||
|
Closes #12600
|
|||
|
|
|||
|
Daniel Stenberg (27 Dec 2023)
|
|||
|
|
|||
|
- getinfo: CURLINFO_QUEUE_TIME_T
|
|||
|
|
|||
|
Returns the time, in microseconds, during which this transfer was held
|
|||
|
in a waiting queue before it started "for real". A transfer might be put
|
|||
|
in a queue if after getting started, it cannot create a new connection
|
|||
|
etc due to set conditions and limits imposed by the application.
|
|||
|
|
|||
|
Ref: #12293
|
|||
|
Closes #12368
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Jay Satiro (26 Dec 2023)
|
|||
|
|
|||
|
- examples/sendrecv: fix comment line length
|
|||
|
|
|||
|
Caught by checksrc.
|
|||
|
|
|||
|
Haydar Alaidrus (23 Dec 2023)
|
|||
|
|
|||
|
- CURLOPT_POSTFIELDS.3: fix incorrect C string escape in example
|
|||
|
|
|||
|
- Escape inner quotes with two backslashes.
|
|||
|
|
|||
|
Two backslashes escapes the backslash for the man page and will show as
|
|||
|
a single backslash.
|
|||
|
|
|||
|
eg: "{\\"name\\": \\"daniel\\"}" shows as "{\"name\": \"daniel\"}".
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12588
|
|||
|
|
|||
|
Viktor Szakats (23 Dec 2023)
|
|||
|
|
|||
|
- appveyor: tidy-ups
|
|||
|
|
|||
|
- replace two remaining backslashes with forward slashes.
|
|||
|
- tidy up the way we form and pass `TFLAGS`.
|
|||
|
|
|||
|
Follow-up to 2d4d0c1fd32f5cc3f946c407c8eccd5477b287df #12572
|
|||
|
|
|||
|
Closes #12582
|
|||
|
|
|||
|
Stefan Eissing (22 Dec 2023)
|
|||
|
|
|||
|
- transfer: fix upload rate limiting, add test cases
|
|||
|
|
|||
|
- add test cases for rate limiting uploads for all
|
|||
|
http versions
|
|||
|
- fix transfer loop handling of limits. Signal a re-receive
|
|||
|
attempt only on exhausting maxloops without an EAGAIN
|
|||
|
- fix `data->state.selectbits` forcing re-receive to also
|
|||
|
set re-sending when transfer is doing this.
|
|||
|
|
|||
|
Reported-by: Karthikdasari0423 on github
|
|||
|
Fixes #12559
|
|||
|
Closes #12586
|
|||
|
|
|||
|
Daniel Stenberg (22 Dec 2023)
|
|||
|
|
|||
|
- mbedtls: free the entropy when threaded
|
|||
|
|
|||
|
The entropy_free was never done for threaded builds, causing a small
|
|||
|
(fixed) memory leak.
|
|||
|
|
|||
|
Reported-by: RevaliQaQ on github
|
|||
|
Fixes #12584
|
|||
|
Closes #12585
|
|||
|
|
|||
|
Stefan Eissing (22 Dec 2023)
|
|||
|
|
|||
|
- http2: improved on_stream_close/data_done handling
|
|||
|
|
|||
|
- there seems to be a code path that cleans up easy handles without
|
|||
|
triggering DONE or DETACH events to the connection filters. This
|
|||
|
would explain wh nghttp2 still holds stream user data
|
|||
|
- add GOOD check to easy handle used in on_close_callback to
|
|||
|
prevent crashes, ASSERTs in debug builds.
|
|||
|
- NULL the stream user data early before submitting RST
|
|||
|
- add checks in on_stream_close() to identify UNGOOD easy handles
|
|||
|
|
|||
|
Reported-by: Hans-Christian Egtvedt
|
|||
|
Fixes #10936
|
|||
|
Closes #12562
|
|||
|
|
|||
|
Daniel Stenberg (22 Dec 2023)
|
|||
|
|
|||
|
- mprintf: overhaul and bugfixes
|
|||
|
|
|||
|
In a test case using lots of snprintf() calls using many commonly used
|
|||
|
%-codes per call, this version is around 30% faster than previous
|
|||
|
version.
|
|||
|
|
|||
|
It also fixes the #12561 bug which made it not behave correctly when
|
|||
|
given unknown %-sequences. Fixing that flaw required a different take on
|
|||
|
the problem, which resulted in the new two-arrays model.
|
|||
|
|
|||
|
lib557: extended - Verify the #12561 fix and test more printf features
|
|||
|
|
|||
|
unit1398: fix test: It used a <num>$ only for one argument, which is not
|
|||
|
supported.
|
|||
|
|
|||
|
Fixes #12561
|
|||
|
Closes #12563
|
|||
|
|
|||
|
Viktor Szakats (21 Dec 2023)
|
|||
|
|
|||
|
- appveyor: replace PowerShell with bash + parallel autotools
|
|||
|
|
|||
|
PowerShell works (after a steep development curve), but one property of
|
|||
|
it stuck and kept causing unresolvable usability issues: With
|
|||
|
`$ErrorActionPreference=Stop`, it does abort on failures, but shows only
|
|||
|
the first line of the error message. In `Continue` mode, it shows the
|
|||
|
full error message, but doesn't stop on all errors. Another issue is
|
|||
|
PowerShell considering any stderr output as if the command failed (this
|
|||
|
has been improved in 7.2 (2021-Nov), but fixed versions aren't running
|
|||
|
in CI and will not be for a long time in all test images.)
|
|||
|
|
|||
|
Thus, we're going with bash.
|
|||
|
|
|||
|
Also:
|
|||
|
- use `-j2` with autotools tests, making them finish 5-15 minutes per
|
|||
|
job faster.
|
|||
|
- omit `POSIX_PATH_PREFIX`.
|
|||
|
- use `WINDIR`.
|
|||
|
- prefer forward slashes.
|
|||
|
|
|||
|
Follow-up to: 75078a415d9c769419aed4153d3d525a8eba95af #11999
|
|||
|
Ref: #12444
|
|||
|
|
|||
|
Fixes #12560
|
|||
|
Closes #12572
|
|||
|
|
|||
|
Pavel Pavlov (21 Dec 2023)
|
|||
|
|
|||
|
- asyn-thread: use GetAddrInfoExW on >= Windows 8
|
|||
|
|
|||
|
For doing async DNS resolution instead of starting a thread for each
|
|||
|
request.
|
|||
|
|
|||
|
Fixes #12481
|
|||
|
Closes #12482
|
|||
|
|
|||
|
Daniel Stenberg (21 Dec 2023)
|
|||
|
|
|||
|
- strerror: repair get_winsock_error()
|
|||
|
|
|||
|
It would try to read longer than the provided string and crash.
|
|||
|
|
|||
|
Follow-up to ff74cef5d4a0cf60106517a1c7384
|
|||
|
Reported-by: calvin2021y on github
|
|||
|
Fixes #12578
|
|||
|
Closes #12579
|
|||
|
|
|||
|
- CURLOPT_SSH_*_KEYFILE: clarify
|
|||
|
|
|||
|
Closes #12554
|
|||
|
|
|||
|
ivanfywang (21 Dec 2023)
|
|||
|
|
|||
|
- ngtcp2: put h3 at the front of alpn
|
|||
|
|
|||
|
Closes #12576
|
|||
|
|
|||
|
Daniel Stenberg (21 Dec 2023)
|
|||
|
|
|||
|
- test460: verify a command line using --expand with no argument
|
|||
|
|
|||
|
This verifies the fix for #12565
|
|||
|
|
|||
|
- tool_getparam: do not try to expand without an argument
|
|||
|
|
|||
|
This would lead to a segfault.
|
|||
|
|
|||
|
Fixes #12565
|
|||
|
Reported-by: Geeknik Labs
|
|||
|
Closes #12575
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Bumped version to 8.6.0 because of changes
|
|||
|
|
|||
|
- Makefile.am: fix the MSVC project generation
|
|||
|
|
|||
|
It made the vcxproj files not get included in dist tarballs.
|
|||
|
|
|||
|
Regression since 74423b5df4c8117891eb89 (8.5.0)
|
|||
|
|
|||
|
Reported-by: iAroc on github
|
|||
|
Fixes #12564
|
|||
|
Closes #12567
|
|||
|
|
|||
|
zengwei2000 (21 Dec 2023)
|
|||
|
|
|||
|
- altsvc: free 'as' when returning error
|
|||
|
|
|||
|
Closes #12570
|
|||
|
|
|||
|
Signed-off-by: zengwei <zengwei1@uniontech.com>
|
|||
|
|
|||
|
Viktor Szakats (20 Dec 2023)
|
|||
|
|
|||
|
- build: fix `-Wconversion`/`-Wsign-conversion` warnings
|
|||
|
|
|||
|
Fix remaining warnings in examples and tests which are not suppressed
|
|||
|
by the pragma in `lib/curl_setup.h`.
|
|||
|
|
|||
|
Silence a toolchain issue causing warnings in `FD_SET()` calls with
|
|||
|
older Cygwin/MSYS2 builds. Likely fixed on 2020-08-03 by:
|
|||
|
https://cygwin.com/git/?p=newlib-cygwin.git;a=commitdiff;h=5717262b8ecfed0f7f
|
|||
|
ab63e2c09c78991e36f9dd
|
|||
|
|
|||
|
Follow-up to 2dbe75bd7f3c36837aa06fd87a442bdf3fb7faef #12492
|
|||
|
|
|||
|
Closes #12557
|
|||
|
|
|||
|
- build: fix some `-Wsign-conversion`/`-Warith-conversion` warnings
|
|||
|
|
|||
|
- enable `-Wsign-conversion` warnings, but also setting them to not
|
|||
|
raise errors.
|
|||
|
- fix `-Warith-conversion` warnings seen in CI.
|
|||
|
These are triggered by `-Wsign-converion` and causing errors unless
|
|||
|
explicitly silenced. It makes more sense to fix them, there just a few
|
|||
|
of them.
|
|||
|
- fix some `-Wsign-conversion` warnings.
|
|||
|
- hide `-Wsign-conversion` warnings with a `#pragma`.
|
|||
|
- add macro `CURL_WARN_SIGN_CONVERSION` to unhide them on a per-build
|
|||
|
basis.
|
|||
|
- update a CI job to unhide them with the above macro:
|
|||
|
https://github.com/curl/curl/actions/workflows/linux.yml -> OpenSSL -O3
|
|||
|
|
|||
|
Closes #12492
|
|||
|
|
|||
|
- cmake: tidy-up `OtherTests.cmake`
|
|||
|
|
|||
|
- make more obvious which detection uses which prep steps.
|
|||
|
- merge and streamline conditions.
|
|||
|
- these should not alter detection results.
|
|||
|
|
|||
|
Also align log output messages from
|
|||
|
`Macros.cmake` / `curl_internal_test` with rest of the build.
|
|||
|
|
|||
|
Closes #12551
|
|||
|
|
|||
|
- appveyor: switch to out-of-tree builds
|
|||
|
|
|||
|
With cmake and autotools.
|
|||
|
|
|||
|
Closes #12550
|
|||
|
|
|||
|
Daniel Stenberg (19 Dec 2023)
|
|||
|
|
|||
|
- DEPRECATE.md: mention that NTLM_WB no longer works
|
|||
|
|
|||
|
Ref: #12479
|
|||
|
Closes #12553
|
|||
|
|
|||
|
- CURLOPT_SERVER_RESPONSE_TIMEOUT_MS: add
|
|||
|
|
|||
|
Proposed-by: Yifei Kong
|
|||
|
Ref: https://curl.se/mail/lib-2023-11/0023.html
|
|||
|
Closes #12369
|
|||
|
|
|||
|
Viktor Szakats (18 Dec 2023)
|
|||
|
|
|||
|
- build: more `-Wformat` fixes
|
|||
|
|
|||
|
- memdebug: update to not trigger `-Wformat-nonliteral` warnings.
|
|||
|
- imap: mark `imap_sendf()` with `CURL_PRINTF()`.
|
|||
|
- tool_msgs: mark static function with `CURL_PRINTF()`.
|
|||
|
|
|||
|
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
|
|||
|
|
|||
|
Closes #12540
|
|||
|
|
|||
|
- windows: delete redundant headers
|
|||
|
|
|||
|
`winsock2.h` pulls in `windows.h`. `ws2tcpip.h` pulls in `winsock2.h`.
|
|||
|
`winsock2.h` and `ws2tcpip.h` are also pulled by `curl/curl.h`.
|
|||
|
|
|||
|
Keep only those headers that are not already included, or the code under
|
|||
|
it uses something from that specific header.
|
|||
|
|
|||
|
Closes #12539
|
|||
|
|
|||
|
- cmake: prefill/cache `HAVE_STRUCT_SOCKADDR_STORAGE`
|
|||
|
|
|||
|
Also add missing include to `OtherTests.cmake`. It didn't cause an issue
|
|||
|
because the parent already included this earlier by chance.
|
|||
|
|
|||
|
Closes #12537
|
|||
|
|
|||
|
Daniel Stenberg (18 Dec 2023)
|
|||
|
|
|||
|
- runner.pm: fix perl warning when running tests
|
|||
|
|
|||
|
Use of uninitialized value $runner::gdbthis in numeric eq (==) at runner.
|
|||
|
pm
|
|||
|
|
|||
|
Follow-up from 3dcf301752a09d9
|
|||
|
|
|||
|
Closes #12549
|
|||
|
|
|||
|
- runtests: support -gl. Like -g but for lldb.
|
|||
|
|
|||
|
Follow-up to 63b5748
|
|||
|
|
|||
|
Invokes the test case via lldb instead of gdb. Since using gdb is such a
|
|||
|
pain on mac, using lldb is sometimes less quirky.
|
|||
|
|
|||
|
Closes #12547
|
|||
|
|
|||
|
- curl.h: add CURLE_TOO_LARGE
|
|||
|
|
|||
|
A new error code to be used when an internal field grows too large, like
|
|||
|
when a dynbuf reaches its maximum. Previously it would return
|
|||
|
CURLE_OUT_OF_MEMORY for this, which is highly misleading.
|
|||
|
|
|||
|
Ref: #12268
|
|||
|
Closes #12269
|
|||
|
|
|||
|
- CI/circleci: disable MQTT in the HTTP-only build
|
|||
|
|
|||
|
And remove the use of configure options that don't actually exist
|
|||
|
|
|||
|
Closes #12546
|
|||
|
|
|||
|
Yedaya Katsman (18 Dec 2023)
|
|||
|
|
|||
|
- tests: respect $TMPDIR when creating unix domain sockets
|
|||
|
|
|||
|
When running on termux, where $TMPDIR isn't /tmp, running the tests
|
|||
|
failed, since the server config tried creating sockets in /tmp, without
|
|||
|
checking the temp dir config. Use the TMPDIR variable that makes it find
|
|||
|
the correct directory everywhere [0]
|
|||
|
|
|||
|
[0] https://perldoc.perl.org/File::Temp#tempfile
|
|||
|
|
|||
|
Closes #12545
|
|||
|
|
|||
|
Viktor Szakats (17 Dec 2023)
|
|||
|
|
|||
|
- ssh: fix namespace of two local macros
|
|||
|
|
|||
|
Avoid using the libssh and libssh2 macro namespaces by prefixing
|
|||
|
these local macro names with `CURL_`.
|
|||
|
|
|||
|
Follow-up to 413a0fedd02c8c6df1d294534b8c6e306fcca7a2 #12346
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12544
|
|||
|
|
|||
|
- cmake: whitespace tidy-up in `OtherTests.cmake`
|
|||
|
|
|||
|
Closes #12538
|
|||
|
|
|||
|
Mark Sinkovics (16 Dec 2023)
|
|||
|
|
|||
|
- cmake: fix generation for system name iOS
|
|||
|
|
|||
|
This PR fixes a problem that happens during CMake configuration when
|
|||
|
the `CMAKE_SYSTEM_NAME` set to `iOS` and not `Darwin`. This value is
|
|||
|
available (as far as I remember) version 3.14. The final solution
|
|||
|
(thanks to @vszakats) is to use `APPLE` which contains all the Apple
|
|||
|
platforms https://cmake.org/cmake/help/latest/variable/APPLE.html.
|
|||
|
|
|||
|
This issue was found when during vcpkg installation. Running command
|
|||
|
`vcpkg install curl:arm64-ios` and `vcpkg install curl:x64-ios` failed
|
|||
|
with message:
|
|||
|
```
|
|||
|
CMake Error: try_run() invoked in cross-compiling mode, please set the follow
|
|||
|
ing cache variables appropriately:
|
|||
|
HAVE_H_ERRNO_ASSIGNABLE_EXITCODE (advanced)
|
|||
|
```
|
|||
|
After this fix, I was able to compile the compile the binary without
|
|||
|
any issue.
|
|||
|
|
|||
|
In addition to that fix, this PR also contains an simplification to
|
|||
|
check if the platform is not APPLE.
|
|||
|
|
|||
|
Co-authored-by: Viktor Szakats
|
|||
|
Closes #12515
|
|||
|
|
|||
|
Daniel Stenberg (16 Dec 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Baruch Siach (16 Dec 2023)
|
|||
|
|
|||
|
- gnutls: fix build with --disable-verbose
|
|||
|
|
|||
|
infof() parameters must be defined event with --disable-verbose since
|
|||
|
commit dac293cfb702 ("lib: apache style infof and trace
|
|||
|
macros/functions").
|
|||
|
|
|||
|
Move also 'ptr' definition under !CURL_DISABLE_VERBOSE_STRINGS.
|
|||
|
|
|||
|
Fixes the following build failure:
|
|||
|
|
|||
|
In file included from ../lib/sendf.h:29,
|
|||
|
from vtls/gtls.c:44:
|
|||
|
vtls/gtls.c: In function 'Curl_gtls_verifyserver':
|
|||
|
vtls/gtls.c:841:34: error: 'version' undeclared (first use in this function);
|
|||
|
did you mean 'session'?
|
|||
|
841 | gnutls_protocol_get_name(version), ptr);
|
|||
|
| ^~~~~~~
|
|||
|
|
|||
|
Closes #12505
|
|||
|
|
|||
|
Viktor Szakats (16 Dec 2023)
|
|||
|
|
|||
|
- build: delete unused `HAVE_{GSSHEIMDAL,GSSMIT,HEIMDAL}`
|
|||
|
|
|||
|
Stop setting `HAVE_GSSHEIMDAL`, `HAVE_GSSMIT` and `HAVE_HEIMDAL`.
|
|||
|
There was no place in the build system or source code that used them.
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12506
|
|||
|
|
|||
|
- build: remove redundant `CURL_PULL_*` settings
|
|||
|
|
|||
|
These macros were not propagated to the source code from CMake.
|
|||
|
|
|||
|
autotools set only one of them (`CURL_PULL_SYS_POLL_H`), initially to
|
|||
|
address an AIX issue [1]. This later broke when introducing `system.h`
|
|||
|
[2] without the logic it enabled. A subsequent fix [3] re-added the
|
|||
|
logic, and also enabled it for AIX before its use, directly in
|
|||
|
`system.h`.
|
|||
|
|
|||
|
[1] 2012-11-23: 665adcd4b7bcdb7deb638cdc499fbe71f8d777f2
|
|||
|
[2] 2017-03-29: 9506d01ee50d5908138ebad0fd9fbd39b66bd64d #1373
|
|||
|
[3] 2017-08-25: 8a84fcc4b59e8b78d2acc6febf44a43d6bc81b59 #1828 #1833
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12502
|
|||
|
|
|||
|
- system.h: sync mingw `CURL_TYPEOF_CURL_SOCKLEN_T` with other compilers
|
|||
|
|
|||
|
Align mingw with the other Windows compilers and use the `int` type for
|
|||
|
`CURL_TYPEOF_CURL_SOCKLEN_T` (and thus for `curl_socklent_t`). This
|
|||
|
makes it unnecessary to make a mingw-specific trick and pull all Windows
|
|||
|
headers early just for this type definition. This type is specific to
|
|||
|
Windows, not to the compiler. mingw-w64's Windows header maps it to
|
|||
|
`int` too.
|
|||
|
|
|||
|
With this we also delete all remaining uses of `CURL_PULL_WS2TCPIP_H`.
|
|||
|
|
|||
|
[ The official solution is to use `socklen_t` for all Windows compilers.
|
|||
|
In this case we may want to update `curl/curl.h` to pull in Windows
|
|||
|
headers before `system.h`. ]
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Reviewed-by: Jay Satiro
|
|||
|
Closes #12501
|
|||
|
|
|||
|
- windows: simplify detecting and using system headers
|
|||
|
|
|||
|
- autotools, cmake: assume that if we detect Windows, `windows.h`,
|
|||
|
`winsock2.h` and `ws2tcpip.h` do exist.
|
|||
|
- lib: fix 3 outlier `#if` conditions to use `USE_WINSOCK` instead of
|
|||
|
looking for `winsock2.h`.
|
|||
|
- autotools: merge 3 Windows check methods into one.
|
|||
|
- move Watt-32 and lwIP socket support to `setup-win32.h` from
|
|||
|
`config-win32.h`. It opens up using these with all build tools. Also
|
|||
|
merge logic with Windows Sockets.
|
|||
|
- fix to assume Windows sockets with the mingw32ce toolchain.
|
|||
|
Follow-up to: 2748c64d605b19fb419ae56810ad8da36487a2d4
|
|||
|
- cmake: delete unused variable `signature_call_conv` since
|
|||
|
eb33ccd5332435fa50f1758e5debb869c6942b7f.
|
|||
|
- autotools: simplify `CURL_CHECK_WIN32_LARGEFILE` detection.
|
|||
|
- examples/externalsocket: fix header order.
|
|||
|
- cmake/OtherTests.cmake: delete Windows-specific `_source_epilogue`
|
|||
|
that wasn't used anymore.
|
|||
|
- cmake/OtherTests.cmake: set `WIN32_LEAN_AND_MEAN` for test
|
|||
|
`SIZEOF_STRUCT_SOCKADDR_STORAGE`.
|
|||
|
|
|||
|
After this patch curl universally uses `_WIN32` to guard
|
|||
|
Windows-specific logic. It guards Windows Sockets-specific logic with
|
|||
|
`USE_WINSOCK` (this might need further work).
|
|||
|
|
|||
|
Reviewed-by: Jay Satiro
|
|||
|
Closes #12495
|
|||
|
|
|||
|
- build: enable missing OpenSSF-recommended warnings, with fixes
|
|||
|
|
|||
|
https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening
|
|||
|
-Guide-for-C-and-C++.html
|
|||
|
as of 2023-11-29 [1].
|
|||
|
|
|||
|
Enable new recommended warnings (except `-Wsign-conversion`):
|
|||
|
|
|||
|
- enable `-Wformat=2` for clang (in both cmake and autotools).
|
|||
|
- add `CURL_PRINTF()` internal attribute and mark functions accepting
|
|||
|
printf arguments with it. This is a copy of existing
|
|||
|
`CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible
|
|||
|
with redefinting the `printf` symbol:
|
|||
|
https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94
|
|||
|
- fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for
|
|||
|
mingw-w64 and enable it on this platform.
|
|||
|
- enable `-Wimplicit-fallthrough`.
|
|||
|
- enable `-Wtrampolines`.
|
|||
|
- add `-Wsign-conversion` commented with a FIXME.
|
|||
|
- cmake: enable `-pedantic-errors` the way we do it with autotools.
|
|||
|
Follow-up to d5c0351055d5709da8f3e16c91348092fdb481aa #2747
|
|||
|
- lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format
|
|||
|
checks. Previously it was always disabled due to the internal `printf`
|
|||
|
macro.
|
|||
|
|
|||
|
Fix them:
|
|||
|
|
|||
|
- fix bug where an `set_ipv6_v6only()` call was missed in builds with
|
|||
|
`--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`.
|
|||
|
- add internal `FALLTHROUGH()` macro.
|
|||
|
- replace obsolete fall-through comments with `FALLTHROUGH()`.
|
|||
|
- fix fallthrough markups: Delete redundant ones (showing up as
|
|||
|
warnings in most cases). Add missing ones. Fix indentation.
|
|||
|
- silence `-Wformat-nonliteral` warnings with llvm/clang.
|
|||
|
- fix one `-Wformat-nonliteral` warning.
|
|||
|
- fix new `-Wformat` and `-Wformat-security` warnings.
|
|||
|
- fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its
|
|||
|
definition to `lib/curl_setup.h` allowing use in `tests/server`.
|
|||
|
- lib: fix two wrongly passed string arguments in log outputs.
|
|||
|
Co-authored-by: Jay Satiro
|
|||
|
- fix new `-Wformat` warnings on mingw-w64.
|
|||
|
|
|||
|
[1] https://github.com/ossf/wg-best-practices-os-developers/blob/56c0fde3895b
|
|||
|
fc55c8a973ef49a2572c507b2ae1/docs/Compiler-Hardening-Guides/Compiler-Options-
|
|||
|
Hardening-Guide-for-C-and-C%2B%2B.md
|
|||
|
|
|||
|
Closes #12489
|
|||
|
|
|||
|
- Makefile.mk: drop Windows support
|
|||
|
|
|||
|
And DLL-support with it. This leaves `Makefile.mk` for MS-DOS and Amiga.
|
|||
|
|
|||
|
We recommend CMake instead. With unity mode it's much faster, and about
|
|||
|
the same without.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/pull/12221#issuecomment-1783761806
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12224
|
|||
|
|
|||
|
Daniel Stenberg (16 Dec 2023)
|
|||
|
|
|||
|
- cmdline-docs: use .IP consistently
|
|||
|
|
|||
|
Remove use of .TP and some .B. The idea is to reduce nroff syntax as
|
|||
|
much as possible and to use it consistently. Ultimately, we should be
|
|||
|
able to introduce our own easier-to-use-and-read syntax/formatting and
|
|||
|
convert on generation time.
|
|||
|
|
|||
|
Closes #12535
|
|||
|
|
|||
|
Tatsuhiko Miyagawa (16 Dec 2023)
|
|||
|
|
|||
|
- http: fix off-by-one error in request method length check
|
|||
|
|
|||
|
It should allow one more byte.
|
|||
|
|
|||
|
Closes #12534
|
|||
|
|
|||
|
Daniel Stenberg (15 Dec 2023)
|
|||
|
|
|||
|
- curl: show ipfs and ipns as supported "protocols"
|
|||
|
|
|||
|
They are accepted schemes in URLs passed to curl (the tool, not the
|
|||
|
library).
|
|||
|
|
|||
|
Also makes curl-config show the same list.
|
|||
|
|
|||
|
Co-Authored-by: Jay Satiro
|
|||
|
Reported-by: Chara White
|
|||
|
Bug: https://curl.se/mail/archive-2023-12/0026.html
|
|||
|
Closes #12508
|
|||
|
|
|||
|
- Revert "urldata: move async resolver state from easy handle to connectdata"
|
|||
|
|
|||
|
This reverts commit 56a4db2e4e2bcb9a0dcb75b83560a78ef231fcc8 (#12198)
|
|||
|
|
|||
|
We want the c-ares channel to be held in the easy handle, not per
|
|||
|
connection - for performance.
|
|||
|
|
|||
|
Closes #12524
|
|||
|
|
|||
|
Viktor Szakats (15 Dec 2023)
|
|||
|
|
|||
|
- openssl: re-match LibreSSL deinit with init
|
|||
|
|
|||
|
Earlier we switched to use modern initialization with LibreSSL v2.7.0
|
|||
|
and up, but did not touch deinitialization [1]. Fix it in this patch.
|
|||
|
|
|||
|
Regression from bec0c5bbf34369920598678161d2df8bea0e243b #11611
|
|||
|
|
|||
|
[1] https://github.com/curl/curl/pull/11611#issuecomment-1668654014
|
|||
|
|
|||
|
Reported-by: Mike Hommey
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Fixes #12525
|
|||
|
Closes #12526
|
|||
|
|
|||
|
Daniel Stenberg (14 Dec 2023)
|
|||
|
|
|||
|
- libssh: supress warnings without version check
|
|||
|
|
|||
|
Define unconditionally.
|
|||
|
|
|||
|
Follow-up from d21bd2190c46ad7fa
|
|||
|
|
|||
|
Closes #12523
|
|||
|
|
|||
|
- hostip: return error immediately when Curl_ip2addr() fails
|
|||
|
|
|||
|
Closes #12522
|
|||
|
|
|||
|
Theo (14 Dec 2023)
|
|||
|
|
|||
|
- libssh: improve the deprecation warning dismissal
|
|||
|
|
|||
|
Previous code was compiler dependant, and dismissed all deprecation warnings
|
|||
|
indiscriminately.
|
|||
|
|
|||
|
libssh provides a way to disable the deprecation warnings for libssh only, an
|
|||
|
d
|
|||
|
naturally this is the preferred way.
|
|||
|
|
|||
|
This commit uses that, to prevent the erroneous hiding of potential, unrelate
|
|||
|
d
|
|||
|
deprecation warnings.
|
|||
|
|
|||
|
Fixes #12519
|
|||
|
Closes #12520
|
|||
|
|
|||
|
Daniel Stenberg (14 Dec 2023)
|
|||
|
|
|||
|
- test1474: removed
|
|||
|
|
|||
|
The test was already somewhat flaky and disabled on several platforms,
|
|||
|
and after 1da640abb688 even more unstable.
|
|||
|
|
|||
|
- readwrite_data: loop less
|
|||
|
|
|||
|
This function is made to loop in order to drain incoming data
|
|||
|
faster. Completely removing the loop has a measerably negative impact on
|
|||
|
transfer speeds.
|
|||
|
|
|||
|
Downsides with the looping include
|
|||
|
|
|||
|
- it might call the progress callback much more seldom. Especially if
|
|||
|
the write callback is slow.
|
|||
|
|
|||
|
- rate limiting becomes less exact
|
|||
|
|
|||
|
- a single transfer might "starve out" other parallel transfers
|
|||
|
|
|||
|
- QUIC timers for other connections can't be maintained correctly
|
|||
|
|
|||
|
The long term fix should be to remove the loop and optimize coming back
|
|||
|
to avoid the transfer speed penalty.
|
|||
|
|
|||
|
This fix lower the max loop count to reduce the starvation problem, and
|
|||
|
avoids the loop completely for when rate-limiting is in progress.
|
|||
|
|
|||
|
Ref: #12488
|
|||
|
Ref: https://curl.se/mail/lib-2023-12/0012.html
|
|||
|
Closes #12504
|
|||
|
|
|||
|
Stefan Eissing (14 Dec 2023)
|
|||
|
|
|||
|
- lib: eliminate `conn->cselect_bits`
|
|||
|
|
|||
|
- use `data->state.dselect_bits` everywhere instead
|
|||
|
- remove `bool *comeback` parameter as non-zero
|
|||
|
`data->state.dselect_bits` will indicate that IO is
|
|||
|
incomplete.
|
|||
|
|
|||
|
Closes #12512
|
|||
|
|
|||
|
- connect: refactor `Curl_timeleft()`
|
|||
|
|
|||
|
- less local vars, "better" readability
|
|||
|
- added documentation
|
|||
|
|
|||
|
Closes #12518
|
|||
|
|
|||
|
Dmitry Karpov (14 Dec 2023)
|
|||
|
|
|||
|
- cookie: avoid fopen with empty file name
|
|||
|
|
|||
|
Closes #12514
|
|||
|
|
|||
|
Viktor Szakats (13 Dec 2023)
|
|||
|
|
|||
|
- tests/server: delete workaround for old-mingw
|
|||
|
|
|||
|
mingw-w64 1.0 comes with w32api v3.12, thus doesn't need this.
|
|||
|
|
|||
|
Follow-up to 38029101e2d78ba125732b3bab6ec267b80a0e72 #11625
|
|||
|
|
|||
|
Reviewed-by: Jay Satiro
|
|||
|
Closes #12510
|
|||
|
|
|||
|
- cmake: delete obsolete TODOs more [ci skip]
|
|||
|
|
|||
|
- manual completed: 898b012a9bf388590c4be7f526815b5ab74feca1 #1288
|
|||
|
- soname completed: 5de6848f104d7cb0017080e31216265ac19d0dde #10023
|
|||
|
- bunch of others that are completed
|
|||
|
- `NTLM_WB_ENABLED` is implemented in a basic form, and now also
|
|||
|
scheduled for removal, so a TODO at this point isn't useful.
|
|||
|
|
|||
|
And this 'to-check' item:
|
|||
|
|
|||
|
Q: "The cmake build selected to run gcc with -fPIC on my box while the
|
|||
|
plain configure script did not."
|
|||
|
|
|||
|
A: With CMake, since 2ebc74c36a19a1700af394c16855ce144d9878e3 #11546
|
|||
|
and fc9bfb14520712672b4784e8b48256fb29204011 #11627, we explicitly
|
|||
|
enable PIC for libcurl shared lib. Or when building libcurl for
|
|||
|
shared and static lib in a single pass. We do this by default for
|
|||
|
Windows or when enabled by the user via `SHARE_LIB_OBJECT`.
|
|||
|
Otherwise we don't touch this setting. Meaning the default set by
|
|||
|
CMake (if any) or the toolchain is used. On Debian Bookworm, this
|
|||
|
means that PIC is disabled for static libs by default. Some platforms
|
|||
|
(like macOS), has PIC enabled by default.
|
|||
|
autotools supports the double-pass mode only, and in that case
|
|||
|
CMake seems to match PIC behaviour now (as tested on Linux with gcc.)
|
|||
|
|
|||
|
Follow-up to 5d5dfdbd1a6c40bd75e982b66f49e1fa3a7eeae7 #12500
|
|||
|
|
|||
|
Reviewed-by: Jay Satiro
|
|||
|
Closes #12509
|
|||
|
|
|||
|
Stefan Eissing (12 Dec 2023)
|
|||
|
|
|||
|
- CLIENT-WRITERS: design and use documentation
|
|||
|
|
|||
|
Closes #12507
|
|||
|
|
|||
|
Viktor Szakats (12 Dec 2023)
|
|||
|
|
|||
|
- cmake: delete obsolete TODO items [ci skip]
|
|||
|
|
|||
|
There is always room for improvement, but CMake is up to par now with
|
|||
|
autotools, so there is no longer a good reason to keep around these
|
|||
|
inline TODO items.
|
|||
|
|
|||
|
Answering one of questions:
|
|||
|
|
|||
|
Q: "The gcc command line use neither -g nor any -O options. As a
|
|||
|
developer, I also treasure our configure scripts's --enable-debug
|
|||
|
option that sets a long range of "picky" compiler options."
|
|||
|
|
|||
|
A: CMake offers the `CMAKE_BUILD_TYPE` variable to control debug info
|
|||
|
and optimization level. E.g.:
|
|||
|
- `Release` = `-O3` + no debug info
|
|||
|
- `MinSizeRel` = `-Os` + no debug info
|
|||
|
- `Debug` = `-O0` + debug info
|
|||
|
|
|||
|
https://stackoverflow.com/questions/48754619/what-are-cmake-build-type-deb
|
|||
|
ug-release-relwithdebinfo-and-minsizerel/59314670#59314670
|
|||
|
https://cmake.org/cmake/help/latest/manual/cmake-buildsystem.7.html#defaul
|
|||
|
t-and-custom-configurations
|
|||
|
|
|||
|
For picky warnings we have the `PICKY_COMPILER` options, enabled by
|
|||
|
default.
|
|||
|
|
|||
|
Closes #12500
|
|||
|
|
|||
|
Stefan Eissing (11 Dec 2023)
|
|||
|
|
|||
|
- CONNECTION-FILTERS: update documentation
|
|||
|
|
|||
|
Closes #12497
|
|||
|
|
|||
|
Daniel Stenberg (11 Dec 2023)
|
|||
|
|
|||
|
- lib: reduce use of strncpy
|
|||
|
|
|||
|
- bearssl: select cipher without buffer copies
|
|||
|
- http_aws_sigv4: avoid strncpy, require exact timestamp length
|
|||
|
- http_aws_sigv4: use memcpy isntead of strncpy
|
|||
|
- openssl: avoid strncpy calls
|
|||
|
- schannel: check for 1.3 algos without buffer copies
|
|||
|
- strerror: avoid strncpy calls
|
|||
|
- telnet: avoid strncpy, return error on too long inputs
|
|||
|
- vtls: avoid strncpy in multissl_version()
|
|||
|
|
|||
|
Closes #12499
|
|||
|
|
|||
|
- CI/distcheck: run full tests
|
|||
|
|
|||
|
To be able to detect missing files better, this now runs the full CI
|
|||
|
test suite. If done before, it would have detected #12462 before
|
|||
|
release.
|
|||
|
|
|||
|
Closes #12503
|
|||
|
|
|||
|
- docs: clean up Protocols: for cmdline options
|
|||
|
|
|||
|
... and some other minor polish.
|
|||
|
|
|||
|
Closes #12496
|
|||
|
|
|||
|
- cmdline/gen: fix the sorting of the man page options
|
|||
|
|
|||
|
They were previously sorted based on the file names, which use a .d
|
|||
|
extension, making "data" get placed after "data-binary" etc. Making the
|
|||
|
sort ignore the extention fixes the ordering.
|
|||
|
|
|||
|
Reported-by: Boris Verkhovskiy
|
|||
|
Bug: https://curl.se/mail/archive-2023-12/0014.html
|
|||
|
Closes #12494
|
|||
|
|
|||
|
Daniel Gustafsson (9 Dec 2023)
|
|||
|
|
|||
|
- doh: remove unused local variable
|
|||
|
|
|||
|
The nurl variable is no longer used during probing following
|
|||
|
a refactoring, so remove.
|
|||
|
|
|||
|
Closes #12491
|
|||
|
|
|||
|
Jay Satiro (8 Dec 2023)
|
|||
|
|
|||
|
- build: fix Windows ADDRESS_FAMILY detection
|
|||
|
|
|||
|
- Include winsock2.h for Windows ADDRESS_FAMILY detection.
|
|||
|
|
|||
|
Prior to this change cmake detection didn't work because it included
|
|||
|
ws2def.h by itself, which is missing needed types from winsock2.h.
|
|||
|
|
|||
|
Prior to this change autotools detection didn't work because it did not
|
|||
|
include any Windows header.
|
|||
|
|
|||
|
In both cases libcurl would fall back on unsigned short as the address
|
|||
|
family type, which is the same as ADDRESS_FAMILY.
|
|||
|
|
|||
|
Co-authored-by: Viktor Szakats
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12441
|
|||
|
|
|||
|
Daniel Stenberg (8 Dec 2023)
|
|||
|
|
|||
|
- lib: rename Curl_strndup to Curl_memdup0 to avoid misunderstanding
|
|||
|
|
|||
|
Since the copy does not stop at a null byte, let's not call it anything
|
|||
|
that makes you think it works like the common strndup() function.
|
|||
|
|
|||
|
Based on feedback from Jay Satiro, Stefan Eissing and Patrick Monnerat
|
|||
|
|
|||
|
Closes #12490
|
|||
|
|
|||
|
- convsrctest.pl: removed: not used, not shipped in tarballs
|
|||
|
|
|||
|
- tests: rename tests scripts to the test number
|
|||
|
|
|||
|
It is hard to name the scripts sensibly. Lots of them are similarly
|
|||
|
named and the name did not tell which test that used them.
|
|||
|
|
|||
|
The new approach is rather to name them based on the test number that
|
|||
|
runs them. Also helps us see which scripts are for individual tests
|
|||
|
rather than for general test infra.
|
|||
|
|
|||
|
- badsymbols.pl -> test1167.pl
|
|||
|
- check-deprecated.pl -> test1222.pl
|
|||
|
- check-translatable-options.pl -> test1544.pl
|
|||
|
- disable-scan.pl -> test1165.pl
|
|||
|
- error-codes.pl -> test1175.pl
|
|||
|
- errorcodes.pl -> test1477.pl
|
|||
|
- extern-scan.pl -> test1135.pl
|
|||
|
- manpage-scan.pl -> test1139.pl
|
|||
|
- manpage-syntax.pl -> test1173.pl
|
|||
|
- markdown-uppercase.pl -> test1275.pl
|
|||
|
- mem-include-scan.pl -> test1132.pl
|
|||
|
- nroff-scan.pl -> test1140.pl
|
|||
|
- option-check.pl -> test1276.pl
|
|||
|
- options-scan.pl -> test971.pl
|
|||
|
- symbol-scan.pl -> test1119.pl
|
|||
|
- version-scan.pl -> test1177.pl
|
|||
|
|
|||
|
Closes #12487
|
|||
|
|
|||
|
Michał Antoniak (8 Dec 2023)
|
|||
|
|
|||
|
- sendf: fix compiler warning with CURL_DISABLE_HEADERS_API
|
|||
|
|
|||
|
fix MSVC warning C4189: 'htype': local variable is initialized but not
|
|||
|
referenced - when CURL_DISABLE_HEADERS_API is defined.
|
|||
|
|
|||
|
Closes #12485
|
|||
|
|
|||
|
Viktor Szakats (8 Dec 2023)
|
|||
|
|
|||
|
- tidy-up: whitespace
|
|||
|
|
|||
|
Closes #12484
|
|||
|
|
|||
|
Stefan Eissing (7 Dec 2023)
|
|||
|
|
|||
|
- test_02_download: fix paramters to test_02_27
|
|||
|
|
|||
|
- it is a special client that only ever uses http/2
|
|||
|
|
|||
|
Closes #12467
|
|||
|
|
|||
|
Michał Antoniak (7 Dec 2023)
|
|||
|
|
|||
|
- vtls: remove the Curl_cft_ssl_proxy object if CURL_DISABLE_PROXY
|
|||
|
|
|||
|
Closes #12459
|
|||
|
|
|||
|
Daniel Stenberg (7 Dec 2023)
|
|||
|
|
|||
|
- lib: strndup/memdup instead of malloc, memcpy and null-terminate
|
|||
|
|
|||
|
- bufref: use strndup
|
|||
|
- cookie: use strndup
|
|||
|
- formdata: use strndup
|
|||
|
- ftp: use strndup
|
|||
|
- gtls: use aprintf instead of malloc + strcpy * 2
|
|||
|
- http: use strndup
|
|||
|
- mbedtls: use strndup
|
|||
|
- md4: use memdup
|
|||
|
- ntlm: use memdup
|
|||
|
- ntlm_sspi: use strndup
|
|||
|
- pingpong: use memdup
|
|||
|
- rtsp: use strndup instead of malloc, memcpy and null-terminate
|
|||
|
- sectransp: use strndup
|
|||
|
- socks_gssapi.c: use memdup
|
|||
|
- vtls: use dynbuf instead of malloc, snprintf and memcpy
|
|||
|
- vtls: use strdup instead of malloc + memcpy
|
|||
|
- wolfssh: use strndup
|
|||
|
|
|||
|
Closes #12453
|
|||
|
|
|||
|
- strdup: remove the memchr check from Curl_strndup
|
|||
|
|
|||
|
It makes it possible to clone a binary chunk of data.
|
|||
|
|
|||
|
Closes #12453
|
|||
|
|
|||
|
- ftp: handle the PORT parsing without allocation
|
|||
|
|
|||
|
Also reduces amount of *cpy() calls.
|
|||
|
|
|||
|
Closes #12456
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Bumped to 8.5.1
|
|||
|
|
|||
|
- url: for disabled protocols, mention if found in redirect
|
|||
|
|
|||
|
To help users better understand where the URL (and denied scheme) comes
|
|||
|
from. Also removed "in libcurl" from the message, since the disabling
|
|||
|
can be done by the application.
|
|||
|
|
|||
|
The error message now says "not supported" or "disabled" depending on
|
|||
|
why it was denied:
|
|||
|
|
|||
|
Protocol "hej" not supported
|
|||
|
Protocol "http" disabled
|
|||
|
|
|||
|
And in redirects:
|
|||
|
|
|||
|
Protocol "hej" not supported (in redirect)
|
|||
|
Protocol "http" disabled (in redirect)
|
|||
|
|
|||
|
Reported-by: Mauricio Scheffer
|
|||
|
Fixes #12465
|
|||
|
Closes #12469
|
|||
|
|
|||
|
Stefan Eissing (6 Dec 2023)
|
|||
|
|
|||
|
- sectransp_ make TLSCipherNameForNumber() available in non-verbose config
|
|||
|
|
|||
|
Reported-by: Cajus Pollmeier
|
|||
|
Closes #12476
|
|||
|
Fixes #12474
|
|||
|
|
|||
|
YX Hao (6 Dec 2023)
|
|||
|
|
|||
|
- lib: fix variable undeclared error caused by `infof` changes
|
|||
|
|
|||
|
`--disable-verbose` yields `CURL_DISABLE_VERBOSE_STRINGS` defined.
|
|||
|
`infof` isn't `Curl_nop_stmt` anymore: dac293c.
|
|||
|
|
|||
|
Follow-up to dac293c
|
|||
|
|
|||
|
Closes #12470
|
|||
|
|
|||
|
Viktor Szakats (6 Dec 2023)
|
|||
|
|
|||
|
- tidy-up: fix yamllint whitespace issues in labeler.yml
|
|||
|
|
|||
|
Follow-up to bda212911457c6fadfbba50be61afc4ca513fa56 #12466
|
|||
|
|
|||
|
Reviewed-by: Dan Fandrich
|
|||
|
Closes #12475
|
|||
|
|
|||
|
- tidy-up: fix yamllint whitespace issues
|
|||
|
|
|||
|
Closes #12466
|
|||
|
|
|||
|
Chris Sauer (6 Dec 2023)
|
|||
|
|
|||
|
- cmake: fix typo
|
|||
|
|
|||
|
Follow-up to aace27b
|
|||
|
Closes #12464
|
|||
|
|
|||
|
Daniel Stenberg (6 Dec 2023)
|
|||
|
|
|||
|
- dist: add tests/errorcodes.pl to the tarball
|
|||
|
|
|||
|
Used by test 1477
|
|||
|
|
|||
|
Reported-by: Xi Ruoyao
|
|||
|
Follow-up to 0ca3a4ec9a7
|
|||
|
Fixes #12462
|
|||
|
Closes #12463
|
|||
|
|
|||
|
Dan Fandrich (6 Dec 2023)
|
|||
|
|
|||
|
- github/labeler: update a missed key in the v5 upgrade
|
|||
|
|
|||
|
Follow-up to ce03fe3ba
|
|||
|
|
|||
|
Version 8.5.0 (6 Dec 2023)
|
|||
|
|
|||
|
Daniel Stenberg (6 Dec 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
The curl 8.5.0 release.
|
|||
|
|
|||
|
Dan Fandrich (5 Dec 2023)
|
|||
|
|
|||
|
- github/labeler: switch from the beta to labeler v5
|
|||
|
|
|||
|
Some keys were renamed and the dot option was made default.
|
|||
|
|
|||
|
Closes #12458
|
|||
|
|
|||
|
Daniel Stenberg (5 Dec 2023)
|
|||
|
|
|||
|
- DEPRECATE: remove NTLM_WB in June 2024
|
|||
|
|
|||
|
Ref: https://curl.se/mail/lib-2023-12/0010.html
|
|||
|
|
|||
|
Closes #12451
|
|||
|
|
|||
|
Jacob Hoffman-Andrews (4 Dec 2023)
|
|||
|
|
|||
|
- rustls: implement connect_blocking
|
|||
|
|
|||
|
Closes #11647
|
|||
|
|
|||
|
Daniel Stenberg (4 Dec 2023)
|
|||
|
|
|||
|
- examples/rtsp-options.c: add
|
|||
|
|
|||
|
Just a bare bones RTSP example using CURLOPT_RTSP_SESSION_ID and
|
|||
|
CURLOPT_RTSP_REQUEST set to CURL_RTSPREQ_OPTIONS.
|
|||
|
|
|||
|
Closes #12452
|
|||
|
|
|||
|
Stefan Eissing (4 Dec 2023)
|
|||
|
|
|||
|
- ngtcp2: ignore errors on unknown streams
|
|||
|
|
|||
|
- expecially in is_alive checks on connections, we might
|
|||
|
see incoming packets on streams already forgotten and closed,
|
|||
|
leading to errors reported by nghttp3. Ignore those.
|
|||
|
|
|||
|
Closes #12449
|
|||
|
|
|||
|
Daniel Stenberg (4 Dec 2023)
|
|||
|
|
|||
|
- docs: make all examples in all libcurl man pages compile
|
|||
|
|
|||
|
Closes #12448
|
|||
|
|
|||
|
- checksrc.pl: support #line instructions
|
|||
|
|
|||
|
makes it identify the correct source file and line
|
|||
|
|
|||
|
- GHA/man-examples: verify libcurl man page examples
|
|||
|
|
|||
|
- verify-examples.pl: verify that all man page examples compile clean
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Graham Campbell (2 Dec 2023)
|
|||
|
|
|||
|
- http3: bump ngtcp2 and nghttp3 versions
|
|||
|
|
|||
|
nghttp3 v1.1.0
|
|||
|
ngtcp2 v1.1.0
|
|||
|
|
|||
|
In docs and CI
|
|||
|
|
|||
|
Closes #12446
|
|||
|
|
|||
|
- CI/quiche: use `3.1.4+quic` consistently in CI workflows
|
|||
|
|
|||
|
Closes #12447
|
|||
|
|
|||
|
Viktor Szakats (2 Dec 2023)
|
|||
|
|
|||
|
- test1545: disable deprecation warnings
|
|||
|
|
|||
|
Fixes:
|
|||
|
https://ci.appveyor.com/project/curlorg/curl/builds/48631551/job/bhx74e0i66yr
|
|||
|
p6pk#L1205
|
|||
|
|
|||
|
Same with details:
|
|||
|
https://ci.appveyor.com/project/curlorg/curl/builds/48662893/job/ol8a78q9gmil
|
|||
|
b6wt#L1263
|
|||
|
```
|
|||
|
tests/libtest/lib1545.c:38:3: error: 'curl_formadd' is deprecated: since 7.56
|
|||
|
.0. Use curl_mime_init() [-Werror=deprecated-declarations]
|
|||
|
38 | curl_formadd(&m_formpost, &lastptr, CURLFORM_COPYNAME, "file",
|
|||
|
| ^~~~~~~~~~~~
|
|||
|
[...]
|
|||
|
```
|
|||
|
|
|||
|
Follow-up to 07a3cd83e0456ca17dfd8c3104af7cf45b7a1ff5 #12421
|
|||
|
|
|||
|
Fixes #12445
|
|||
|
Closes #12444
|
|||
|
|
|||
|
Daniel Stenberg (2 Dec 2023)
|
|||
|
|
|||
|
- INSTALL: update list of ports and CPU archs
|
|||
|
|
|||
|
- symbols-in-versions: the CLOSEPOLICY options are deprecated
|
|||
|
|
|||
|
The were used with the CURLOPT_CLOSEPOLICY option, which *never* worked.
|
|||
|
|
|||
|
z2_ (1 Dec 2023)
|
|||
|
|
|||
|
- build: fix builds that disable protocols but not digest auth
|
|||
|
|
|||
|
- Build base64 functions if digest auth is not disabled.
|
|||
|
|
|||
|
Prior to this change if some protocols were disabled but not digest auth
|
|||
|
then a build error would occur due to missing base64 functions.
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/12440
|
|||
|
Closes https://github.com/curl/curl/pull/12442
|
|||
|
|
|||
|
Michał Antoniak (1 Dec 2023)
|
|||
|
|
|||
|
- connect: reduce number of transportation providers
|
|||
|
|
|||
|
Use only the ones necessary - the ones that are built-in. Saves a few
|
|||
|
bytes in the resulting code.
|
|||
|
|
|||
|
Closes #12438
|
|||
|
|
|||
|
David Benjamin (1 Dec 2023)
|
|||
|
|
|||
|
- vtls: consistently use typedef names for OpenSSL structs
|
|||
|
|
|||
|
The foo_st names don't appear in OpenSSL public API documentation. The
|
|||
|
FOO typedefs are more common. This header was already referencing
|
|||
|
SSL_CTX via <openssl/ssl.h>. There is a comment about avoiding
|
|||
|
<openssl/x509v3.h>, but OpenSSL actually declares all the typedefs in
|
|||
|
<openssl/ossl_typ.h>, which is already included by <openssl/ssl.h> (and
|
|||
|
every other OpenSSL header), so just use that. Though I've included it
|
|||
|
just to be explicit.
|
|||
|
|
|||
|
(I'm also fairly sure including <openssl/ssl.h> already triggers the
|
|||
|
Schannel conflicts anyway. The comment was probably just out of date.)
|
|||
|
|
|||
|
Closes #12439
|
|||
|
|
|||
|
Lau (1 Dec 2023)
|
|||
|
|
|||
|
- libcurl-security.3: fix typo
|
|||
|
|
|||
|
Fixed minimal typo.
|
|||
|
|
|||
|
Closes #12437
|
|||
|
|
|||
|
Stefan Eissing (1 Dec 2023)
|
|||
|
|
|||
|
- ngtcp2: fix races in stream handling
|
|||
|
|
|||
|
- fix cases where ngtcp2 invokes callbacks on streams that
|
|||
|
nghttp3 has already forgotten. Ignore the NGHTTP3_ERR_STREAM_NOT_FOUND
|
|||
|
in these cases as it is normal behaviour.
|
|||
|
|
|||
|
Closes #12435
|
|||
|
|
|||
|
Emanuele Torre (1 Dec 2023)
|
|||
|
|
|||
|
- tool_writeout_json: fix JSON encoding of non-ascii bytes
|
|||
|
|
|||
|
char variables if unspecified can be either signed or unsigned depending
|
|||
|
on the platform according to the C standard; in most platforms, they are
|
|||
|
signed.
|
|||
|
|
|||
|
This meant that the *i<32 waas always true for bytes with the top bit
|
|||
|
set. So they were always getting encoded as \uXXXX, and then since they
|
|||
|
were also signed negative, they were getting extended with 1s causing
|
|||
|
'\xe2' to be expanded to \uffffffe2, for example:
|
|||
|
|
|||
|
$ curl --variable 'v=“' --expand-write-out '{{v:json}}\n' file:///dev/nul
|
|||
|
l
|
|||
|
\uffffffe2\uffffff80\uffffff9c
|
|||
|
|
|||
|
I fixed this bug by making the code use explicitly unsigned char*
|
|||
|
variables instead of char* variables.
|
|||
|
|
|||
|
Test 268 verifies
|
|||
|
|
|||
|
Reported-by: iconoclasthero
|
|||
|
Closes #12434
|
|||
|
|
|||
|
Stefan Eissing (1 Dec 2023)
|
|||
|
|
|||
|
- cf-socket: TCP trace output local address used in connect
|
|||
|
|
|||
|
Closes #12427
|
|||
|
|
|||
|
Jay Satiro (1 Dec 2023)
|
|||
|
|
|||
|
- CURLINFO_PRETRANSFER_TIME_T.3: fix time explanation
|
|||
|
|
|||
|
- Change CURLINFO_PRETRANSFER_TIME_T explanation to say that it
|
|||
|
includes protocol-specific instructions that trigger a transfer.
|
|||
|
|
|||
|
Prior to this change it explicitly said that it did not include those
|
|||
|
instructions in the time, but that is incorrect.
|
|||
|
|
|||
|
The change is a copy of the fixed explanation already in
|
|||
|
CURLINFO_PRETRANSFER_TIME, fixed by ec8dcd7b.
|
|||
|
|
|||
|
Reported-by: eeverettrbx@users.noreply.github.com
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/12431
|
|||
|
Closes https://github.com/curl/curl/pull/12432
|
|||
|
|
|||
|
Daniel Stenberg (30 Nov 2023)
|
|||
|
|
|||
|
- multi: during ratelimit multi_getsock should return no sockets
|
|||
|
|
|||
|
... as there is nothing to wait for then, it just waits. Otherwise, this
|
|||
|
causes much more CPU work and updates than necessary during ratelimit
|
|||
|
periods.
|
|||
|
|
|||
|
Ref: https://curl.se/mail/lib-2023-11/0056.html
|
|||
|
Closes #12430
|
|||
|
|
|||
|
Dmitry Karpov (30 Nov 2023)
|
|||
|
|
|||
|
- transfer: abort pause send when connection is marked for closing
|
|||
|
|
|||
|
This handles cases of some bi-directional "upgrade" scenarios
|
|||
|
(i.e. WebSockets) where sending is paused until some "upgrade" handshake
|
|||
|
is completed, but server rejects the handshake and closes the
|
|||
|
connection.
|
|||
|
|
|||
|
Closes #12428
|
|||
|
|
|||
|
Daniel Stenberg (28 Nov 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- openssl: when a session-ID is reused, skip OCSP stapling
|
|||
|
|
|||
|
Fixes #12399
|
|||
|
Reported-by: Alexey Larikov
|
|||
|
Closes #12418
|
|||
|
|
|||
|
- test1545: test doing curl_formadd twice with missing file
|
|||
|
|
|||
|
Reproduces #12410
|
|||
|
Verifies the fix
|
|||
|
Closes #12421
|
|||
|
|
|||
|
- Curl_http_body: cleanup properly when Curl_getformdata errors
|
|||
|
|
|||
|
Reported-by: yushicheng7788 on github
|
|||
|
Based-on-work-by: yushicheng7788 on github
|
|||
|
Fixes #12410
|
|||
|
Closes #12421
|
|||
|
|
|||
|
- test1477: verify that libcurl-errors.3 and public headers are synced
|
|||
|
|
|||
|
The script errorcodes.pl extracts all error codes from all headers and
|
|||
|
checks that they are all documented, then checks that all documented
|
|||
|
error codes are also specified in a header file.
|
|||
|
|
|||
|
Closes #12424
|
|||
|
|
|||
|
- libcurl-errors.3: sync with current public headers
|
|||
|
|
|||
|
Closes #12424
|
|||
|
|
|||
|
Stefan Eissing (28 Nov 2023)
|
|||
|
|
|||
|
- test459: fix for parallel runs
|
|||
|
|
|||
|
- change warniing message to work better with varying filename
|
|||
|
length.
|
|||
|
- adapt test output check to new formatting
|
|||
|
|
|||
|
Follow-up to 97ccc4479f77ba3191c6
|
|||
|
Closes #12423
|
|||
|
|
|||
|
Daniel Stenberg (27 Nov 2023)
|
|||
|
|
|||
|
- tool_cb_prg: make the carriage return fit for wide progress bars
|
|||
|
|
|||
|
When the progress bar was made max width (256 columns), the fly()
|
|||
|
function attempted to generate its output buffer too long so that the
|
|||
|
trailing carriage return would not fit and then the output would show
|
|||
|
wrongly. The fly function is called when the expected total transfer is
|
|||
|
unknown, which could be one or more progress calls before the actual
|
|||
|
progress meter get shown when the expected transfer size is provided.
|
|||
|
|
|||
|
This new take also replaces the msnprintf() call with a much simpler
|
|||
|
memset() for speed.
|
|||
|
|
|||
|
Reported-by: Tim Hill
|
|||
|
Fixes #12407
|
|||
|
Closes #12415
|
|||
|
|
|||
|
- tool_parsecfg: make warning output propose double-quoting
|
|||
|
|
|||
|
When the config file parser detects a word that *probably* should be
|
|||
|
quoted, mention double-quotes as a possible remedy.
|
|||
|
|
|||
|
Test 459 verifies.
|
|||
|
|
|||
|
Proposed-by: Jiehong on github
|
|||
|
Fixes #12409
|
|||
|
Closes #12412
|
|||
|
|
|||
|
Jay Satiro (26 Nov 2023)
|
|||
|
|
|||
|
- curl.rc: switch out the copyright symbol for plain ASCII
|
|||
|
|
|||
|
.. like we already do for libcurl.rc.
|
|||
|
|
|||
|
libcurl.rc copyright symbol used to cause a "non-ascii 8-bit codepoint"
|
|||
|
warning so it was switched to ascii.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/commit/1ca62bb5#commitcomment-133474972
|
|||
|
|
|||
|
Suggested-by: Robert Southee
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12403
|
|||
|
|
|||
|
Daniel Stenberg (26 Nov 2023)
|
|||
|
|
|||
|
- conncache: use the closure handle when disconnecting surplus connections
|
|||
|
|
|||
|
Use the closure handle for disconnecting connection cache entries so
|
|||
|
that anything that happens during the disconnect is not stored and
|
|||
|
associated with the 'data' handle which already just finished a transfer
|
|||
|
and it is important that details from the unrelated disconnect does not
|
|||
|
taint meta-data in the data handle.
|
|||
|
|
|||
|
Like storing the response code.
|
|||
|
|
|||
|
This also adjust test 1506. Unfortunately it also removes a key part of
|
|||
|
the test that verifies that a connection is closed since when this
|
|||
|
output vanishes (because the closure handle is used), we don't know
|
|||
|
exactly that the connection actually gets closed in this test...
|
|||
|
|
|||
|
Reported-by: ohyeaah on github
|
|||
|
Fixes #12367
|
|||
|
Closes #12405
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Stefan Eissing (24 Nov 2023)
|
|||
|
|
|||
|
- quic: make eyeballers connect retries stop at weird replies
|
|||
|
|
|||
|
- when a connect immediately goes into DRAINING state, do
|
|||
|
not attempt retries in the QUIC connection filter. Instead,
|
|||
|
return CURLE_WEIRD_SERVER_REPLY
|
|||
|
- When eyeballing, interpret CURLE_WEIRD_SERVER_REPLY as an
|
|||
|
inconclusive answer. When all addresses have been attempted,
|
|||
|
rewind the address list once on an inconclusive answer.
|
|||
|
- refs #11832 where connects were retried indefinitely until
|
|||
|
the overall timeout fired
|
|||
|
|
|||
|
Closes #12400
|
|||
|
|
|||
|
Daniel Stenberg (24 Nov 2023)
|
|||
|
|
|||
|
- CI: verify libcurl function SYNPOSIS sections
|
|||
|
|
|||
|
With the .github/scripits/verify-synopsis.pl script
|
|||
|
|
|||
|
Closes #12402
|
|||
|
|
|||
|
- docs/libcurl: SYNSOPSIS cleanup
|
|||
|
|
|||
|
- use the correct include file
|
|||
|
- make sure they are declared as in the header file
|
|||
|
- fix minor nroff syntax mistakes (missing .fi)
|
|||
|
|
|||
|
These are verified by verify-synopsis.pl, which extracts the SYNPOSIS
|
|||
|
code and runs it through gcc.
|
|||
|
|
|||
|
Closes #12402
|
|||
|
|
|||
|
- sendf: fix comment typo
|
|||
|
|
|||
|
- fopen: allocate the dir after fopen
|
|||
|
|
|||
|
Move the allocation of the directory name down to after the fopen() call
|
|||
|
to allow that shortcut code path to avoid a superfluous malloc+free
|
|||
|
cycle.
|
|||
|
|
|||
|
Follow-up to 73b65e94f35311
|
|||
|
|
|||
|
Closes #12398
|
|||
|
|
|||
|
Stefan Eissing (24 Nov 2023)
|
|||
|
|
|||
|
- transfer: cleanup done+excess handling
|
|||
|
|
|||
|
- add `SingleRequest->download_done` as indicator that
|
|||
|
all download bytes have been received
|
|||
|
- remove `stop_reading` bool from readwrite functions
|
|||
|
- move excess body handling into client download writer
|
|||
|
|
|||
|
Closes #12371
|
|||
|
|
|||
|
Daniel Stenberg (23 Nov 2023)
|
|||
|
|
|||
|
- fopen: create new file using old file's mode
|
|||
|
|
|||
|
Because the function renames the temp file to the target name as a last
|
|||
|
step, if the file was previously owned by a different user, not ORing
|
|||
|
the old mode could otherwise end up creating a file that was no longer
|
|||
|
readable by the original owner after save.
|
|||
|
|
|||
|
Reported-by: Loïc Yhuel
|
|||
|
Fixes #12299
|
|||
|
Closes #12395
|
|||
|
|
|||
|
- test1476: require proxy
|
|||
|
|
|||
|
Follow-up from 323df4261c3542
|
|||
|
|
|||
|
Closes #12394
|
|||
|
|
|||
|
- fopen: create short(er) temporary file name
|
|||
|
|
|||
|
Only using random letters in the name plus a ".tmp" extension. Not by
|
|||
|
appending characters to the final file name.
|
|||
|
|
|||
|
Reported-by: Maksymilian Arciemowicz
|
|||
|
|
|||
|
Closes #12388
|
|||
|
|
|||
|
Stefan Eissing (23 Nov 2023)
|
|||
|
|
|||
|
- tests: git ignore generated second-hsts.txt file
|
|||
|
|
|||
|
File is generated in test lib1900
|
|||
|
|
|||
|
Follow-up to 7cb03229d9e9c5
|
|||
|
|
|||
|
Closes #12393
|
|||
|
|
|||
|
Viktor Szakats (23 Nov 2023)
|
|||
|
|
|||
|
- openssl: enable `infof_certstack` for 1.1 and LibreSSL 3.6
|
|||
|
|
|||
|
Lower the barrier to enable `infof_certstack()` from OpenSSL 3 to
|
|||
|
OpenSSL 1.1.x, and LibreSSL 3.6 or upper.
|
|||
|
|
|||
|
With the caveat, that "group name" and "type name" are missing from
|
|||
|
the log output with these TLS backends.
|
|||
|
|
|||
|
Follow-up to b6e6d4ff8f253c8b8055bab9d4d6a10f9be109f3 #12030
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12385
|
|||
|
|
|||
|
Daniel Stenberg (23 Nov 2023)
|
|||
|
|
|||
|
- urldata: fix typo in comment
|
|||
|
|
|||
|
- CI: codespell
|
|||
|
|
|||
|
The list of words to ignore is in the file
|
|||
|
.github/scripts/codespell-ignore.txt
|
|||
|
|
|||
|
Closes #12390
|
|||
|
|
|||
|
- lib: fix comment typos
|
|||
|
|
|||
|
Five separate ones, found by codespell
|
|||
|
|
|||
|
Closes #12390
|
|||
|
|
|||
|
- test1476: verify cookie PSL mixed case
|
|||
|
|
|||
|
- cookie: lowercase the domain names before PSL checks
|
|||
|
|
|||
|
Reported-by: Harry Sintonen
|
|||
|
|
|||
|
Closes #12387
|
|||
|
|
|||
|
Viktor Szakats (23 Nov 2023)
|
|||
|
|
|||
|
- openssl: fix building with v3 `no-deprecated` + add CI test
|
|||
|
|
|||
|
- build quictls with `no-deprecated` in CI to have test coverage for
|
|||
|
this OpenSSL 3 configuration.
|
|||
|
|
|||
|
- don't call `OpenSSL_add_all_algorithms()`, `OpenSSL_add_all_digests()`.
|
|||
|
The caller code is meant for OpenSSL 3, while these two functions were
|
|||
|
only necessary before OpenSSL 1.1.0. They are missing from OpenSSL 3
|
|||
|
if built with option `no-deprecated`, causing build errors:
|
|||
|
```
|
|||
|
vtls/openssl.c:4097:3: error: call to undeclared function 'OpenSSL_add_all_
|
|||
|
algorithms'; ISO C99 and later do not support implicit function declaration
|
|||
|
s [-Wimplicit-function-declaration]
|
|||
|
vtls/openssl.c:4098:3: error: call to undeclared function 'OpenSSL_add_all_
|
|||
|
digests'; ISO C99 and later do not support implicit function declarations [
|
|||
|
-Wimplicit-function-declaration]
|
|||
|
```
|
|||
|
Ref: https://ci.appveyor.com/project/curlorg/curl-for-win/builds/48587418?f
|
|||
|
ullLog=true#L7667
|
|||
|
|
|||
|
Regression from b6e6d4ff8f253c8b8055bab9d4d6a10f9be109f3 #12030
|
|||
|
Bug: https://github.com/curl/curl/issues/12380#issuecomment-1822944669
|
|||
|
Reviewed-by: Alex Bozarth
|
|||
|
|
|||
|
- vquic/curl_ngtcp2: fix using `SSL_get_peer_certificate` with
|
|||
|
`no-deprecated` quictls 3 builds.
|
|||
|
Do it by moving an existing solution for this from `vtls/openssl.c`
|
|||
|
to `vtls/openssl.h` and adjusting caller code.
|
|||
|
```
|
|||
|
vquic/curl_ngtcp2.c:1950:19: error: implicit declaration of function 'SSL_g
|
|||
|
et_peer_certificate'; did you mean 'SSL_get1_peer_certificate'? [-Wimplicit
|
|||
|
-function-declaration]
|
|||
|
```
|
|||
|
Ref: https://github.com/curl/curl/actions/runs/6960723097/job/18940818625#s
|
|||
|
tep:24:1178
|
|||
|
|
|||
|
- curl_ntlm_core: fix `-Wunused-parameter`, `-Wunused-variable` and
|
|||
|
`-Wunused-function` when trying to build curl with NTLM enabled but
|
|||
|
without the necessary TLS backend (with DES) support.
|
|||
|
|
|||
|
Closes #12384
|
|||
|
|
|||
|
- curl.h: delete Symbian OS references
|
|||
|
|
|||
|
curl deprecated Symbian OS in 3d64031fa7a80ac4ae3fd09a5939196268b92f81
|
|||
|
via #5989. Delete references to it from public headers, because there
|
|||
|
is no fresh release to use those headers with.
|
|||
|
|
|||
|
Reviewed-by: Dan Fandrich
|
|||
|
Reviewed-by: Jay Satiro
|
|||
|
Closes #12378
|
|||
|
|
|||
|
- windows: use built-in `_WIN32` macro to detect Windows
|
|||
|
|
|||
|
Windows compilers define `_WIN32` automatically. Windows SDK headers
|
|||
|
or build env defines `WIN32`, or we have to take care of it. The
|
|||
|
agreement seems to be that `_WIN32` is the preferred practice here.
|
|||
|
Make the source code rely on that to detect we're building for Windows.
|
|||
|
|
|||
|
Public `curl.h` was using `WIN32`, `__WIN32__` and `CURL_WIN32` for
|
|||
|
Windows detection, next to the official `_WIN32`. After this patch it
|
|||
|
only uses `_WIN32` for this. Also, make it stop defining `CURL_WIN32`.
|
|||
|
|
|||
|
There is a slight chance these break compatibility with Windows
|
|||
|
compilers that fail to define `_WIN32`. I'm not aware of any obsolete
|
|||
|
or modern compiler affected, but in case there is one, one possible
|
|||
|
solution is to define this macro manually.
|
|||
|
|
|||
|
grepping for `WIN32` remains useful to discover Windows-specific code.
|
|||
|
|
|||
|
Also:
|
|||
|
|
|||
|
- extend `checksrc` to ensure we're not using `WIN32` anymore.
|
|||
|
|
|||
|
- apply minor formatting here and there.
|
|||
|
|
|||
|
- delete unnecessary checks for `!MSDOS` when `_WIN32` is present.
|
|||
|
|
|||
|
Co-authored-by: Jay Satiro
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
|
|||
|
Closes #12376
|
|||
|
|
|||
|
Stefan Eissing (22 Nov 2023)
|
|||
|
|
|||
|
- url: ConnectionExists revisited
|
|||
|
|
|||
|
- have common pattern of `if not match, continue`
|
|||
|
- revert pages long if()s to return early
|
|||
|
- move dead connection check to later since it may
|
|||
|
be relatively expensive
|
|||
|
- check multiuse also when NOT building with NGHTTP2
|
|||
|
- for MULTIUSE bundles, verify that the inspected
|
|||
|
connection indeed supports multiplexing when in use
|
|||
|
(bundles may contain a mix of connection, afaict)
|
|||
|
|
|||
|
Closes #12373
|
|||
|
|
|||
|
Daniel Stenberg (22 Nov 2023)
|
|||
|
|
|||
|
- CURLMOPT_MAX_CONCURRENT_STREAMS: make sure the set value is within range
|
|||
|
|
|||
|
... or use the default value.
|
|||
|
|
|||
|
Also clarify the documentation language somewhat.
|
|||
|
|
|||
|
Closes #12382
|
|||
|
|
|||
|
- urldata: make maxconnects a 32 bit value
|
|||
|
|
|||
|
"2^32 idle connections ought to be enough for anybody"
|
|||
|
|
|||
|
Closes #12375
|
|||
|
|
|||
|
- FEATURES: update the URL phrasing
|
|||
|
|
|||
|
The URL is length limited since a while back so "no limit" simply is not
|
|||
|
true anymore. Mention the URL RFC standard used instead.
|
|||
|
|
|||
|
Closes #12383
|
|||
|
|
|||
|
- wolfssh: remove redundant static prototypes
|
|||
|
|
|||
|
vssh/wolfssh.c:346:18: error: redundant redeclaration of ‘wscp_recv’ [-We
|
|||
|
rror=redundant-decls]
|
|||
|
|
|||
|
Closes #12381
|
|||
|
|
|||
|
- setopt: remove superfluous use of ternary expressions
|
|||
|
|
|||
|
Closes #12374
|
|||
|
|
|||
|
- mime: store "form escape" as a single bit
|
|||
|
|
|||
|
Closes #12374
|
|||
|
|
|||
|
- setopt: check CURLOPT_TFTP_BLKSIZE range on set
|
|||
|
|
|||
|
... instead of later when the transfer is about to happen.
|
|||
|
|
|||
|
Closes #12374
|
|||
|
|
|||
|
Viktor Szakats (21 Nov 2023)
|
|||
|
|
|||
|
- build: add more picky warnings and fix them
|
|||
|
|
|||
|
Enable more picky compiler warnings. I've found these options in the
|
|||
|
nghttp3 project when implementing the CMake quick picky warning
|
|||
|
functionality for it [1].
|
|||
|
|
|||
|
`-Wunused-macros` was too noisy to keep around, but fixed a few issues
|
|||
|
it revealed while testing.
|
|||
|
|
|||
|
- autotools: reflect the more precisely-versioned clang warnings.
|
|||
|
Follow-up to 033f8e2a08eb1d3102f08c4d8c8e85470f8b460e #12324
|
|||
|
- autotools: sync between clang and gcc the way we set `no-multichar`.
|
|||
|
- autotools: avoid setting `-Wstrict-aliasing=3` twice.
|
|||
|
- autotools: disable `-Wmissing-noreturn` for MSYS gcc targets [2].
|
|||
|
It triggers in libtool-generated stub code.
|
|||
|
|
|||
|
- lib/timeval: delete a redundant `!MSDOS` guard from a `WIN32` branch.
|
|||
|
|
|||
|
- lib/curl_setup.h: delete duplicate declaration for `fileno`.
|
|||
|
Added in initial commit ae1912cb0d494b48d514d937826c9fe83ec96c4d
|
|||
|
(1999-12-29). This suggests this may not be needed anymore, but if
|
|||
|
it does, we may restore this for those specific (non-Windows) systems.
|
|||
|
- lib: delete unused macro `FTP_BUFFER_ALLOCSIZE` since
|
|||
|
c1d6fe2aaa5a26e49a69a4f2495b3cc7a24d9394.
|
|||
|
- lib: delete unused macro `isxdigit_ascii` since
|
|||
|
f65f750742068f579f4ee6d8539ed9d5f0afcb85.
|
|||
|
- lib/mqtt: delete unused macro `MQTT_HEADER_LEN`.
|
|||
|
- lib/multi: delete unused macro `SH_READ`/`SH_WRITE`.
|
|||
|
- lib/hostip: add `noreturn` function attribute via new `CURL_NORETURN`
|
|||
|
macro.
|
|||
|
- lib/mprintf: delete duplicate declaration for `Curl_dyn_vprintf`.
|
|||
|
- lib/rand: fix `-Wunreachable-code` and related fallouts [3].
|
|||
|
- lib/setopt: fix `-Wunreachable-code-break`.
|
|||
|
- lib/system_win32 and lib/timeval: fix double declarations for
|
|||
|
`Curl_freq` and `Curl_isVistaOrGreater` in CMake UNITY mode [4].
|
|||
|
- lib/warnless: fix double declarations in CMake UNITY mode [5].
|
|||
|
This was due to force-disabling the header guard of `warnless.h` to
|
|||
|
to reapply it to source code coming after `warnless.c` in UNITY
|
|||
|
builds. This reapplied declarations too, causing the warnings.
|
|||
|
Solved by adding a header guard for the lines that actually need
|
|||
|
to be reapplied.
|
|||
|
- lib/vauth/digest: fix `-Wunreachable-code-break` [6].
|
|||
|
- lib/vssh/libssh2: fix `-Wunreachable-code-break` and delete redundant
|
|||
|
block.
|
|||
|
- lib/vtls/sectransp: fix `-Wunreachable-code-break` [7].
|
|||
|
- lib/vtls/sectransp: suppress `-Wunreachable-code`.
|
|||
|
Detected in `else` branches of dynamic feature checks, with results
|
|||
|
known at compile-time, e.g.
|
|||
|
```c
|
|||
|
if(SecCertificateCopySubjectSummary) /* -> true */
|
|||
|
```
|
|||
|
Likely fixable as a separate micro-project, but given SecureTransport
|
|||
|
is deprecated anyway, let's just silence these locally.
|
|||
|
- src/tool_help: delete duplicate declaration for `helptext`.
|
|||
|
- src/tool_xattr: fix `-Wunreachable-code`.
|
|||
|
- tests: delete duplicate declaration for `unitfail` [8].
|
|||
|
- tests: delete duplicate declaration for `strncasecompare`.
|
|||
|
- tests/libtest: delete duplicate declaration for `gethostname`.
|
|||
|
Originally added in 687df5c8c39c370a59999b9afc0917d808d978b7
|
|||
|
(2010-08-02).
|
|||
|
Got complicated later: c49e9683b85ba9d12cbb6eebc4ab2c8dba68fbdc
|
|||
|
If there are still systems around with warnings, we may restore the
|
|||
|
prototype, but limited for those systems.
|
|||
|
- tests/lib2305: delete duplicate declaration for
|
|||
|
`libtest_debug_config`.
|
|||
|
- tests/h2-download: fix `-Wunreachable-code-break`.
|
|||
|
|
|||
|
[1] https://github.com/ngtcp2/nghttp3/blob/a70edb08e954d690e8fb2c1df999b5a056
|
|||
|
f8bf9f/cmake/PickyWarningsC.cmake
|
|||
|
[2] https://ci.appveyor.com/project/curlorg/curl/builds/48553586/job/3qkgjaui
|
|||
|
qla5fj45?fullLog=true#L1675
|
|||
|
[3] https://github.com/curl/curl/actions/runs/6880886309/job/18716044703?pr=1
|
|||
|
2331#step:7:72
|
|||
|
https://github.com/curl/curl/actions/runs/6883016087/job/18722707368?pr=1
|
|||
|
2331#step:7:109
|
|||
|
[4] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrr
|
|||
|
iklpf1ut#L204
|
|||
|
[5] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrr
|
|||
|
iklpf1ut#L218
|
|||
|
[6] https://github.com/curl/curl/actions/runs/6880886309/job/18716042927?pr=1
|
|||
|
2331#step:7:290
|
|||
|
[7] https://github.com/curl/curl/actions/runs/6891484996/job/18746659406?pr=1
|
|||
|
2331#step:9:1193
|
|||
|
[8] https://github.com/curl/curl/actions/runs/6882803986/job/18722082562?pr=1
|
|||
|
2331#step:33:1870
|
|||
|
|
|||
|
Closes #12331
|
|||
|
|
|||
|
Daniel Stenberg (21 Nov 2023)
|
|||
|
|
|||
|
- transfer: avoid unreachable expression
|
|||
|
|
|||
|
If curl_off_t and size_t have the same size (which is common on modern
|
|||
|
64 bit systems), a condition cannot occur which Coverity pointed
|
|||
|
out. Avoid the warning by having the code conditionally only used if
|
|||
|
curl_off_t actually is larger.
|
|||
|
|
|||
|
Follow-up to 1cd2f0072fa482e25baa2
|
|||
|
|
|||
|
Closes #12370
|
|||
|
|
|||
|
Stefan Eissing (21 Nov 2023)
|
|||
|
|
|||
|
- transfer: readwrite improvements
|
|||
|
|
|||
|
- changed header/chunk/handler->readwrite prototypes to accept `buf`,
|
|||
|
`blen` and a `pconsumed` pointer. They now get the buffer to work on
|
|||
|
and report back how many bytes they consumed
|
|||
|
- eliminated `k->str` in SingleRequest
|
|||
|
- improved excess data handling to properly calculate with any body data
|
|||
|
left in the headerb buffer
|
|||
|
- eliminated `k->badheader` enum to only be a bool
|
|||
|
|
|||
|
Closes #12283
|
|||
|
|
|||
|
Daniel Stenberg (21 Nov 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Jiří Hruška (21 Nov 2023)
|
|||
|
|
|||
|
- transfer: avoid calling the read callback again after EOF
|
|||
|
|
|||
|
Regression since 7f43f3dc5994d01b12 (7.84.0)
|
|||
|
|
|||
|
Bug: https://curl.se/mail/lib-2023-11/0017.html
|
|||
|
|
|||
|
Closes #12363
|
|||
|
|
|||
|
Daniel Stenberg (21 Nov 2023)
|
|||
|
|
|||
|
- doh: provide better return code for responses w/o addresses
|
|||
|
|
|||
|
Previously it was wrongly returning CURLE_OUT_OF_MEMORY when the
|
|||
|
response did not contain any addresses. Now it more accurately returns
|
|||
|
CURLE_COULDNT_RESOLVE_HOST.
|
|||
|
|
|||
|
Reported-by: lRoccoon on github
|
|||
|
|
|||
|
Fixes #12365
|
|||
|
Closes #12366
|
|||
|
|
|||
|
Stefan Eissing (21 Nov 2023)
|
|||
|
|
|||
|
- HTTP/2, HTTP/3: handle detach of onoing transfers
|
|||
|
|
|||
|
- refs #12356 where a UAF is reported when closing a connection
|
|||
|
with a stream whose easy handle was cleaned up already
|
|||
|
- handle DETACH events same as DONE events in h2/h3 filters
|
|||
|
|
|||
|
Fixes #12356
|
|||
|
Reported-by: Paweł Wegner
|
|||
|
Closes #12364
|
|||
|
|
|||
|
Viktor Szakats (20 Nov 2023)
|
|||
|
|
|||
|
- autotools: stop setting `-std=gnu89` with `--enable-warnings`
|
|||
|
|
|||
|
Do not alter the C standard when building with `--enable-warnings` when
|
|||
|
building with gcc.
|
|||
|
|
|||
|
On one hand this alters warning results compared to a default build.
|
|||
|
On the other, it may produce different binaries, which is unexpected.
|
|||
|
|
|||
|
Also fix new warnings that appeared after removing `-std=gnu89`:
|
|||
|
|
|||
|
- include: fix public curl headers to use the correct printf mask for
|
|||
|
`CURL_FORMAT_CURL_OFF_T` and `CURL_FORMAT_CURL_OFF_TU` with mingw-w64
|
|||
|
and Visual Studio 2013 and newer. This fixes the printf mask warnings
|
|||
|
in examples and tests. E.g. [1]
|
|||
|
|
|||
|
- conncache: fix printf format string [2].
|
|||
|
|
|||
|
- http2: fix potential null pointer dereference [3].
|
|||
|
(seen on Slackware with gcc 11.)
|
|||
|
|
|||
|
- libssh: fix printf format string in SFTP code [4].
|
|||
|
Also make MSVC builds compatible with old CRT versions.
|
|||
|
|
|||
|
- libssh2: fix printf format string in SFTP code for MSVC.
|
|||
|
Applying the same fix as for libssh above.
|
|||
|
|
|||
|
- unit1395: fix `argument is null` and related issues [5]:
|
|||
|
- stop calling `strcmp()` with NULL to avoid undefined behaviour.
|
|||
|
- fix checking results if some of them were NULL.
|
|||
|
- do not pass NULL to printf `%s`.
|
|||
|
|
|||
|
- ci: keep a build job with `-std=gnu89` to continue testing for
|
|||
|
C89-compliance. We can apply this to other gcc jobs as needed.
|
|||
|
Ref: b23ce2cee7329bbf425f18b49973b7a5f23dfcb4 (2022-09-23) #9542
|
|||
|
|
|||
|
[1] https://dev.azure.com/daniel0244/curl/_build/results?buildId=18581&view=l
|
|||
|
ogs&jobId=ccf9cc6d-2ef1-5cf2-2c09-30f0c14f923b
|
|||
|
[2] https://github.com/curl/curl/actions/runs/6896854263/job/18763831142?pr=1
|
|||
|
2346#step:6:67
|
|||
|
[3] https://github.com/curl/curl/actions/runs/6896854253/job/18763839238?pr=1
|
|||
|
2346#step:30:214
|
|||
|
[4] https://github.com/curl/curl/actions/runs/6896854253/job/18763838007?pr=1
|
|||
|
2346#step:29:895
|
|||
|
[5] https://github.com/curl/curl/actions/runs/6896854253/job/18763836775?pr=1
|
|||
|
2346#step:33:1689
|
|||
|
|
|||
|
Closes #12346
|
|||
|
|
|||
|
- autotools: fix/improve gcc and Apple clang version detection
|
|||
|
|
|||
|
- Before this patch we expected `n.n` `-dumpversion` output, but Ubuntu
|
|||
|
may return `n-win32` (also with `-dumpfullversion`). Causing these
|
|||
|
errors and failing to enable picky warnings:
|
|||
|
```
|
|||
|
../configure: line 23845: test: : integer expression expected
|
|||
|
```
|
|||
|
Ref: https://github.com/libssh2/libssh2/actions/runs/6263453828/job/1700789
|
|||
|
3718#step:5:143
|
|||
|
|
|||
|
Fix that by stripping any dash-suffix and handling a dotless (major-only)
|
|||
|
version number by assuming `.0` in that case.
|
|||
|
|
|||
|
`9.3-posix`, `9.3-win32`, `6`, `9.3.0`, `11`, `11.2`, `11.2.0`
|
|||
|
Ref: https://github.com/mamedev/mame/pull/9767
|
|||
|
|
|||
|
- fix Apple clang version detection for releases between
|
|||
|
'Apple LLVM version 7.3.0' and 'Apple LLVM version 10.0.1' where the
|
|||
|
version was under-detected as 3.7 llvm/clang equivalent.
|
|||
|
|
|||
|
- fix Apple clang version detection for 'Apple clang version 11.0.0'
|
|||
|
and newer where the Apple clang version was detected, instead of its
|
|||
|
llvm/clang equivalent.
|
|||
|
|
|||
|
- display detected clang/gcc/icc compiler version.
|
|||
|
|
|||
|
Via libssh2:
|
|||
|
- https://github.com/libssh2/libssh2/commit/00a3b88c51cdb407fbbb347a2e38c5c7d
|
|||
|
89875ad
|
|||
|
https://github.com/libssh2/libssh2/pull/1187
|
|||
|
- https://github.com/libssh2/libssh2/commit/89ccc83c7da73e7ca3a112e3500081319
|
|||
|
42b592e
|
|||
|
https://github.com/libssh2/libssh2/pull/1232
|
|||
|
|
|||
|
Closes #12362
|
|||
|
|
|||
|
- autotools: delete LCC compiler support bits
|
|||
|
|
|||
|
Follow-up to fd7ef00f4305a2919e6950def1cf83d0110a4acd #12222
|
|||
|
|
|||
|
Closes #12357
|
|||
|
|
|||
|
- cmake: add test for `DISABLE` options, add `CURL_DISABLE_HEADERS_API`
|
|||
|
|
|||
|
- tests: verify CMake `DISABLE` options.
|
|||
|
|
|||
|
Make an exception for 2 CMake-only ones, and one more that's
|
|||
|
using a different naming scheme, also in autotools and source.
|
|||
|
|
|||
|
- cmake: add support for `CURL_DISABLE_HEADERS_API`.
|
|||
|
|
|||
|
Suggested-by: Daniel Stenberg
|
|||
|
Ref: https://github.com/curl/curl/pull/12345#pullrequestreview-1736238641
|
|||
|
|
|||
|
Closes #12353
|
|||
|
|
|||
|
Jacob Hoffman-Andrews (20 Nov 2023)
|
|||
|
|
|||
|
- hyper: temporarily remove HTTP/2 support
|
|||
|
|
|||
|
The current design of the Hyper integration requires rebuilding the
|
|||
|
Hyper clientconn for each request. However, building the clientconn
|
|||
|
requires resending the HTTP/2 connection preface, which is incorrect
|
|||
|
from a protocol perspective. That in turn causes servers to send GOAWAY
|
|||
|
frames, effectively degrading performance to "no connection reuse" in
|
|||
|
the best case. It may also be triggering some bugs where requests get
|
|||
|
dropped entirely and reconnects take too long.
|
|||
|
|
|||
|
This doesn't rule out HTTP/2 support with Hyper, but it may take a
|
|||
|
redesign of the Hyper integration in order to make things work.
|
|||
|
|
|||
|
Closes #12191
|
|||
|
|
|||
|
Jay Satiro (20 Nov 2023)
|
|||
|
|
|||
|
- schannel: fix unused variable warning
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/pull/12349#issuecomment-1818000846
|
|||
|
Reported-by: Viktor Szakats
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12361
|
|||
|
|
|||
|
Daniel Stenberg (19 Nov 2023)
|
|||
|
|
|||
|
- url: find scheme with a "perfect hash"
|
|||
|
|
|||
|
Instead of a loop to scan over the potentially 30+ scheme names, this
|
|||
|
uses a "perfect hash" table. This works fine because the set of schemes
|
|||
|
is known and cannot change in a build. The hash algorithm and table size
|
|||
|
is made to only make a single scheme index per table entry.
|
|||
|
|
|||
|
The perfect hash is generated by a separate tool (scripts/schemetable.c)
|
|||
|
|
|||
|
Closes #12347
|
|||
|
|
|||
|
- scripts: add schemetable.c
|
|||
|
|
|||
|
This tool generates a scheme-matching table.
|
|||
|
|
|||
|
It iterates over a number of different initial and shift values in order
|
|||
|
to find the hash algorithm that needs the smallest possible table.
|
|||
|
|
|||
|
The generated hash function, table and table size then needs to be used
|
|||
|
by the url.c:Curl_getn_scheme_handler() function.
|
|||
|
|
|||
|
Stefan Eissing (19 Nov 2023)
|
|||
|
|
|||
|
- vtls/vquic, keep peer name information together
|
|||
|
|
|||
|
- add `struct ssl_peer` to keep hostname, dispname and sni
|
|||
|
for a filter
|
|||
|
- allocate `sni` for use in VTLS backend
|
|||
|
- eliminate `Curl_ssl_snihost()` and its use of the download buffer
|
|||
|
- use ssl_peer in SSL and QUIC filters
|
|||
|
|
|||
|
Closes #12349
|
|||
|
|
|||
|
Viktor Szakats (18 Nov 2023)
|
|||
|
|
|||
|
- build: always revert `#pragma GCC diagnostic` after use
|
|||
|
|
|||
|
Before this patch some source files were overriding gcc warning options,
|
|||
|
but without restoring them at the end of the file. In CMake UNITY builds
|
|||
|
these options spilled over to the remainder of the source code,
|
|||
|
effecitvely disabling them for a larger portion of the codebase than
|
|||
|
intended.
|
|||
|
|
|||
|
`#pragma clang diagnostic` didn't have such issue in the codebase.
|
|||
|
|
|||
|
Reviewed-by: Marcel Raad
|
|||
|
Closes #12352
|
|||
|
|
|||
|
- tidy-up: casing typos, delete unused Windows version aliases
|
|||
|
|
|||
|
- cmake: fix casing of `UnixSockets` to match the rest of the codebase.
|
|||
|
|
|||
|
- curl-compilers.m4: fix casing in a comment.
|
|||
|
|
|||
|
- setup-win32: delete unused Windows version constant aliases.
|
|||
|
|
|||
|
Reviewed-by: Marcel Raad
|
|||
|
Closes #12351
|
|||
|
|
|||
|
- keylog: disable if unused
|
|||
|
|
|||
|
Fully disable keylog code if there is no TLS or QUIC subsystem using it.
|
|||
|
|
|||
|
Closes #12350
|
|||
|
|
|||
|
- cmake: add `CURL_DISABLE_BINDLOCAL` option
|
|||
|
|
|||
|
To match similar autotools option.
|
|||
|
|
|||
|
Default is `ON`.
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12345
|
|||
|
|
|||
|
- url: fix `-Wzero-length-array` with no protocols
|
|||
|
|
|||
|
Fixes:
|
|||
|
```
|
|||
|
./lib/url.c:178:56: warning: use of an empty initializer is a C2x extension [
|
|||
|
-Wc2x-extensions]
|
|||
|
178 | static const struct Curl_handler * const protocols[] = {
|
|||
|
| ^
|
|||
|
./lib/url.c:178:56: warning: zero size arrays are an extension [-Wzero-length
|
|||
|
-array]
|
|||
|
```
|
|||
|
|
|||
|
Closes #12344
|
|||
|
|
|||
|
- url: fix builds with `CURL_DISABLE_HTTP`
|
|||
|
|
|||
|
Fixes:
|
|||
|
```
|
|||
|
./lib/url.c:456:35: error: no member named 'formp' in 'struct UrlState'
|
|||
|
456 | Curl_mime_cleanpart(data->state.formp);
|
|||
|
| ~~~~~~~~~~~ ^
|
|||
|
```
|
|||
|
|
|||
|
Regression from 74b87a8af13a155c659227f5acfa78243a8b2aa6 #11682
|
|||
|
|
|||
|
Closes #12343
|
|||
|
|
|||
|
- http: fix `-Wunused-parameter` with no auth and no proxy
|
|||
|
|
|||
|
```
|
|||
|
lib/http.c:734:26: warning: unused parameter 'proxy' [-Wunused-parameter]
|
|||
|
bool proxy)
|
|||
|
^
|
|||
|
```
|
|||
|
|
|||
|
Reviewed-by: Marcel Raad
|
|||
|
Closes #12338
|
|||
|
|
|||
|
Daniel Stenberg (16 Nov 2023)
|
|||
|
|
|||
|
- TODO: Some TLS options are not offered for HTTPS proxies
|
|||
|
|
|||
|
Closes #12286
|
|||
|
Closes #12342
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- duphandle: make dupset() not return with pointers to old alloced data
|
|||
|
|
|||
|
As the blob pointers are to be duplicated, the function must not return
|
|||
|
mid-function with lingering pointers to the old handle's allocated data,
|
|||
|
as that would lead to double-free in OOM situations.
|
|||
|
|
|||
|
Make sure to clear all destination pointers first to avoid this risk.
|
|||
|
|
|||
|
Closes #12337
|
|||
|
|
|||
|
Viktor Szakats (16 Nov 2023)
|
|||
|
|
|||
|
- http: fix `-Wunused-variable` compiler warning
|
|||
|
|
|||
|
Fix compiler warnings in builds with disabled auths, NTLM and SPNEGO.
|
|||
|
|
|||
|
E.g. with `CURL_DISABLE_BASIC_AUTH` + `CURL_DISABLE_BEARER_AUTH` +
|
|||
|
`CURL_DISABLE_DIGEST_AUTH` + `CURL_DISABLE_NEGOTIATE_AUTH` +
|
|||
|
`CURL_DISABLE_NTLM` on non-Windows.
|
|||
|
|
|||
|
```
|
|||
|
./curl/lib/http.c:737:12: warning: unused variable 'result' [-Wunused-variabl
|
|||
|
e]
|
|||
|
CURLcode result = CURLE_OK;
|
|||
|
^
|
|||
|
./curl/lib/http.c:995:18: warning: variable 'availp' set but not used [-Wunus
|
|||
|
ed-but-set-variable]
|
|||
|
unsigned long *availp;
|
|||
|
^
|
|||
|
./curl/lib/http.c:996:16: warning: variable 'authp' set but not used [-Wunuse
|
|||
|
d-but-set-variable]
|
|||
|
struct auth *authp;
|
|||
|
^
|
|||
|
```
|
|||
|
|
|||
|
Regression from e92edfbef64448ef461117769881f3ed776dec4e #11490
|
|||
|
|
|||
|
Fixes #12228
|
|||
|
Closes #12335
|
|||
|
|
|||
|
Jay Satiro (16 Nov 2023)
|
|||
|
|
|||
|
- tool: support bold headers in Windows
|
|||
|
|
|||
|
- If virtual terminal processing is enabled in Windows then use ANSI
|
|||
|
escape codes Esc[1m and Esc[22m to turn bold on and off.
|
|||
|
|
|||
|
Suggested-by: Gisle Vanem
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/discussions/11770
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12321
|
|||
|
|
|||
|
Viktor Szakats (15 Nov 2023)
|
|||
|
|
|||
|
- build: fix libssh2 + `CURL_DISABLE_DIGEST_AUTH` + `CURL_DISABLE_AWS`
|
|||
|
|
|||
|
Builds with libssh2 + `-DCURL_DISABLE_DIGEST_AUTH=ON` +
|
|||
|
`-DCURL_DISABLE_AWS=ON` in combination with either Schannel on Windows,
|
|||
|
or `-DCURL_DISABLE_NTLM=ON` on other operating systems failed while
|
|||
|
compiling due to a missing HMAC declaration.
|
|||
|
|
|||
|
The reason is that HMAC is required by `lib/sha256.c` which publishes
|
|||
|
`Curl_sha256it()` which is required by `lib/vssh/libssh2.c` when
|
|||
|
building for libssh2 v1.8.2 (2019-05-25) or older.
|
|||
|
|
|||
|
Make sure to compile the HMAC bits for a successful build.
|
|||
|
|
|||
|
Both HMAC and `Curl_sha256it()` rely on the same internals, so splitting
|
|||
|
them into separate sources isn't practical.
|
|||
|
|
|||
|
Fixes:
|
|||
|
```
|
|||
|
[...]
|
|||
|
In file included from ./curl/_x64-win-ucrt-cmake-llvm-bld/lib/CMakeFiles/libc
|
|||
|
url_object.dir/Unity/unity_0_c.c:310:
|
|||
|
./curl/lib/sha256.c:527:42: error: array has incomplete element type 'const s
|
|||
|
truct HMAC_params'
|
|||
|
527 | const struct HMAC_params Curl_HMAC_SHA256[] = {
|
|||
|
| ^
|
|||
|
./curl/lib/curl_sha256.h:34:21: note: forward declaration of 'struct HMAC_par
|
|||
|
ams'
|
|||
|
[...]
|
|||
|
```
|
|||
|
|
|||
|
Regression from e92edfbef64448ef461117769881f3ed776dec4e #11490
|
|||
|
|
|||
|
Fixes #12273
|
|||
|
Closes #12332
|
|||
|
|
|||
|
Daniel Stenberg (15 Nov 2023)
|
|||
|
|
|||
|
- duphandle: also free 'outcurl->cookies' in error path
|
|||
|
|
|||
|
Fixes memory-leak when OOM mid-function
|
|||
|
|
|||
|
Use plain free instead of safefree, since the entire struct is
|
|||
|
freed below.
|
|||
|
|
|||
|
Remove some free calls that is already freed in Curl_freeset()
|
|||
|
|
|||
|
Closes #12329
|
|||
|
|
|||
|
Viktor Szakats (15 Nov 2023)
|
|||
|
|
|||
|
- config-win32: set `HAVE_SNPRINTF` for mingw-w64
|
|||
|
|
|||
|
It's available in all mingw-w64 releases. We already pre-fill this
|
|||
|
detection in CMake.
|
|||
|
|
|||
|
Closes #12325
|
|||
|
|
|||
|
- sasl: fix `-Wunused-function` compiler warning
|
|||
|
|
|||
|
In builds with disabled auths.
|
|||
|
|
|||
|
```
|
|||
|
lib/curl_sasl.c:266:17: warning: unused function 'get_server_message' [-Wunus
|
|||
|
ed-function]
|
|||
|
static CURLcode get_server_message(struct SASL *sasl, struct Curl_easy *data,
|
|||
|
^
|
|||
|
1 warning generated.
|
|||
|
```
|
|||
|
Ref: https://github.com/curl/trurl/actions/runs/6871732122/job/18689066151#st
|
|||
|
ep:3:3822
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12326
|
|||
|
|
|||
|
- build: picky warning updates
|
|||
|
|
|||
|
- cmake: sync some picky gcc warnings with autotools.
|
|||
|
- cmake, autotools: add `-Wold-style-definition` for clang too.
|
|||
|
- cmake: more precise version info for old clang options.
|
|||
|
- cmake: use `IN LISTS` syntax in `foreach()`.
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Reviewed-by: Marcel Raad
|
|||
|
Closes #12324
|
|||
|
|
|||
|
Daniel Stenberg (15 Nov 2023)
|
|||
|
|
|||
|
- urldata: move cookielist from UserDefined to UrlState
|
|||
|
|
|||
|
1. Because the value is not strictly set with a setopt option.
|
|||
|
|
|||
|
2. Because otherwise when duping a handle when all the set.* fields are
|
|||
|
first copied and an error happens (think out of memory mid-function),
|
|||
|
the function would easily free the list *before* it was deep-copied,
|
|||
|
which could lead to a double-free.
|
|||
|
|
|||
|
Closes #12323
|
|||
|
|
|||
|
Viktor Szakats (14 Nov 2023)
|
|||
|
|
|||
|
- autotools: avoid passing `LDFLAGS` twice to libcurl
|
|||
|
|
|||
|
autotools passes `LDFLAGS` automatically linker commands. curl's
|
|||
|
`lib/Makefile.am` customizes libcurl linker flags. In that
|
|||
|
customization, it added `LDFLAGS` to the custom flags. This resulted in
|
|||
|
passing `LDFLAGS` _twice_ to the `libtool` command.
|
|||
|
|
|||
|
Most of the time this is benign, but some `LDFLAGS` options can break
|
|||
|
the build when passed twice. One such example is passing `.o` files,
|
|||
|
e.g. `crt*.o` files necessary when customizing the C runtime, e.g. for
|
|||
|
MUSL builds.
|
|||
|
|
|||
|
Passing them twice resulted in duplicate symbol errors:
|
|||
|
```
|
|||
|
libtool: link: clang-15 --target=aarch64-unknown-linux-musl [...] /usr/lib/a
|
|||
|
arch64-linux-musl/crt1.o [...] /usr/lib/aarch64-linux-musl/crt1.o [...]
|
|||
|
ld.lld-15: error: duplicate symbol: _start
|
|||
|
>>> defined at crt1.c
|
|||
|
>>> /usr/lib/aarch64-linux-musl/crt1.o:(.text+0x0)
|
|||
|
>>> defined at crt1.c
|
|||
|
>>> /usr/lib/aarch64-linux-musl/crt1.o:(.text+0x0)
|
|||
|
[...]
|
|||
|
clang: error: linker command failed with exit code 1 (use -v to see invocatio
|
|||
|
n)
|
|||
|
```
|
|||
|
|
|||
|
This behaviour came with commit 1a593191c2769a47b8c3e4d9715ec9f6dddf5e36
|
|||
|
(2013-07-23) as a fix for bug https://curl.haxx.se/bug/view.cgi?id=1217.
|
|||
|
The patch was a works-for-me hack that ended up merged in curl:
|
|||
|
https://sourceforge.net/p/curl/bugs/1217/#06ef
|
|||
|
With the root cause remaining unclear.
|
|||
|
|
|||
|
Perhaps the SUNPro 12 linker was sensitive to `-L` `-l` order, requiring
|
|||
|
`-L` first? This would be unusual and suggests a bug in either the
|
|||
|
linker or in `libtool`.
|
|||
|
|
|||
|
The curl build does pass the list of detected libs via its own
|
|||
|
`LIBCURL_LIBS` variable, which ends up before `LDFLAGS` on the `libtool`
|
|||
|
command line, but it's the job of `libtool` to ensure that even
|
|||
|
a peculiar linker gets the options in the expected order. Also because
|
|||
|
autotools passes `LDFLAGS` last, making it hardly possible to pass
|
|||
|
anything after it.
|
|||
|
|
|||
|
Perhaps in the 10 years since this issue, this already got a fix
|
|||
|
upstream.
|
|||
|
|
|||
|
This patch deletes `LDFLAGS` from our customized libcurl options,
|
|||
|
leaving a single copy of them as passed by autotools automatically.
|
|||
|
|
|||
|
Reverts 1a593191c2769a47b8c3e4d9715ec9f6dddf5e36
|
|||
|
Closes #12310
|
|||
|
|
|||
|
- autotools: accept linker flags via `CURL_LDFLAGS_{LIB,BIN}`
|
|||
|
|
|||
|
To allow passing `LDFLAGS` specific to libcurl (`CURL_LDFLAGS_LIB`) and
|
|||
|
curl tool (`CURL_LDFLAGS_BIN`).
|
|||
|
|
|||
|
This makes it possible to build libcurl and curl with a single
|
|||
|
invocation with lib- and tool-specific custom linker flags.
|
|||
|
|
|||
|
Such flag can be enabling `.map` files, a `.def` file for libcurl DLL,
|
|||
|
controlling static/shared, incl. requesting a static curl tool (with
|
|||
|
`-static-libtool-libs`) while building both shared and static libcurl.
|
|||
|
|
|||
|
curl-for-win uses the above and some more.
|
|||
|
|
|||
|
These options are already supported in `Makefile.mk`. CMake has built-in
|
|||
|
variables for this.
|
|||
|
|
|||
|
Closes #12312
|
|||
|
|
|||
|
Jay Satiro (14 Nov 2023)
|
|||
|
|
|||
|
- tool_cb_hdr: add an additional parsing check
|
|||
|
|
|||
|
- Don't dereference the past-the-end element when parsing the server's
|
|||
|
Content-disposition header.
|
|||
|
|
|||
|
As 'p' is advanced it can point to the past-the-end element and prior
|
|||
|
to this change 'p' could be dereferenced in that case.
|
|||
|
|
|||
|
Technically the past-the-end element is not out of bounds because dynbuf
|
|||
|
(which manages the header line) automatically adds a null terminator to
|
|||
|
every buffer and that is not included in the buffer length passed to
|
|||
|
the header callback.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12320
|
|||
|
|
|||
|
Philip Heiduck (14 Nov 2023)
|
|||
|
|
|||
|
- .cirrus.yml: freebsd 14
|
|||
|
|
|||
|
ensure curl works on latest freebsd version
|
|||
|
|
|||
|
Closes #12053
|
|||
|
|
|||
|
Daniel Stenberg (13 Nov 2023)
|
|||
|
|
|||
|
- easy: in duphandle, init the cookies for the new handle
|
|||
|
|
|||
|
... not the source handle.
|
|||
|
|
|||
|
Closes #12318
|
|||
|
|
|||
|
- duphandle: use strdup to clone *COPYPOSTFIELDS if size is not set
|
|||
|
|
|||
|
Previously it would unconditionally use the size, which is set to -1
|
|||
|
when strlen is requested.
|
|||
|
|
|||
|
Updated test 544 to verify.
|
|||
|
|
|||
|
Closes #12317
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- curl_easy_duphandle.3: clarify how HSTS and alt-svc are duped
|
|||
|
|
|||
|
Closes #12315
|
|||
|
|
|||
|
- urldata: move hstslist from 'set' to 'state'
|
|||
|
|
|||
|
To make it work properly with curl_easy_duphandle(). This, because
|
|||
|
duphandle duplicates the entire 'UserDefined' struct by plain copy while
|
|||
|
'hstslist' is a linked curl_list of file names. This would lead to a
|
|||
|
double-free when the second of the two involved easy handles were
|
|||
|
closed.
|
|||
|
|
|||
|
Closes #12315
|
|||
|
|
|||
|
- test1900: verify duphandle with HSTS using multiple files
|
|||
|
|
|||
|
Closes #12315
|
|||
|
|
|||
|
Goro FUJI (13 Nov 2023)
|
|||
|
|
|||
|
- http: allow longer HTTP/2 request method names
|
|||
|
|
|||
|
- Increase the maximum request method name length from 11 to 23.
|
|||
|
|
|||
|
For HTTP/1.1 and earlier there's not a specific limit in libcurl for
|
|||
|
method length except that it is limited by the initial HTTP request
|
|||
|
limit (DYN_HTTP_REQUEST). Prior to fc2f1e54 HTTP/2 was treated the same
|
|||
|
and there was no specific limit.
|
|||
|
|
|||
|
According to Internet Assigned Numbers Authority (IANA) the longest
|
|||
|
registered method is UPDATEREDIRECTREF which is 17 characters.
|
|||
|
|
|||
|
Also there are unregistered methods used by some companies that are
|
|||
|
longer than 11 characters.
|
|||
|
|
|||
|
The limit was originally added by 61f52a97 but not used until fc2f1e54.
|
|||
|
|
|||
|
Ref: https://www.iana.org/assignments/http-methods/http-methods.xhtml
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12311
|
|||
|
|
|||
|
Jay Satiro (12 Nov 2023)
|
|||
|
|
|||
|
- CURLOPT_CAINFO_BLOB.3: explain what CURL_BLOB_COPY does
|
|||
|
|
|||
|
- Add an explanation of the CURL_BLOB_COPY flag to CURLOPT_CAINFO_BLOB
|
|||
|
and CURLOPT_PROXY_CAINFO_BLOB docs.
|
|||
|
|
|||
|
All the other _BLOB option docs already have the same explanation.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12277
|
|||
|
|
|||
|
Viktor Szakats (11 Nov 2023)
|
|||
|
|
|||
|
- tidy-up: dedupe Windows system libs in cmake
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12307
|
|||
|
|
|||
|
Junho Choi (11 Nov 2023)
|
|||
|
|
|||
|
- ci: test with latest quiche release (0.19.0)
|
|||
|
|
|||
|
Closes #12180
|
|||
|
|
|||
|
- quiche: use quiche_conn_peer_transport_params()
|
|||
|
|
|||
|
In recent quiche, transport parameter API is separated
|
|||
|
with quiche_conn_peer_transport_params().
|
|||
|
(https://github.com/cloudflare/quiche/pull/1575)
|
|||
|
It breaks with bulding with latest(post 0.18.0) quiche.
|
|||
|
|
|||
|
Closes #12180
|
|||
|
|
|||
|
Daniel Stenberg (11 Nov 2023)
|
|||
|
|
|||
|
- Makefile: generate the VC 14.20 project files at dist-time
|
|||
|
|
|||
|
Follow-up to 28287092cc5a6d6ef8 (#12282)
|
|||
|
|
|||
|
Closes #12290
|
|||
|
|
|||
|
Sam James (11 Nov 2023)
|
|||
|
|
|||
|
- misc: fix -Walloc-size warnings
|
|||
|
|
|||
|
GCC 14 introduces a new -Walloc-size included in -Wextra which gives:
|
|||
|
|
|||
|
```
|
|||
|
src/tool_operate.c: In function ‘add_per_transfer’:
|
|||
|
src/tool_operate.c:213:5: warning: allocation of insufficient size ‘1’ fo
|
|||
|
r type ‘struct per_transfer’ with size ‘480’ [-Walloc-size]
|
|||
|
213 | p = calloc(sizeof(struct per_transfer), 1);
|
|||
|
| ^
|
|||
|
src/var.c: In function ‘addvariable’:
|
|||
|
src/var.c:361:5: warning: allocation of insufficient size ‘1’ for type <20><>
|
|||
|
<20>struct var’ with size ‘32’ [-Walloc-size]
|
|||
|
361 | p = calloc(sizeof(struct var), 1);
|
|||
|
| ^
|
|||
|
```
|
|||
|
|
|||
|
The calloc prototype is:
|
|||
|
```
|
|||
|
void *calloc(size_t nmemb, size_t size);
|
|||
|
```
|
|||
|
|
|||
|
So, just swap the number of members and size arguments to match the
|
|||
|
prototype, as we're initialising 1 struct of size `sizeof(struct
|
|||
|
...)`. GCC then sees we're not doing anything wrong.
|
|||
|
|
|||
|
Closes #12292
|
|||
|
|
|||
|
Mark Gaiser (11 Nov 2023)
|
|||
|
|
|||
|
- IPFS: bugfixes
|
|||
|
|
|||
|
- Fixed endianness bug in gateway file parsing
|
|||
|
- Use IPFS_PATH in tests where IPFS_DATA was used
|
|||
|
- Fixed typos from traling -> trailing
|
|||
|
- Fixed broken link in IPFS.md
|
|||
|
|
|||
|
Follow-up to 859e88f6533f9e
|
|||
|
|
|||
|
Reported-by: Michael Kaufmann
|
|||
|
Bug: https://github.com/curl/curl/pull/12152#issuecomment-1798214137
|
|||
|
Closes #12305
|
|||
|
|
|||
|
Daniel Stenberg (11 Nov 2023)
|
|||
|
|
|||
|
- VULN-DISCLOSURE-POLIC: remove broken link to hackerone
|
|||
|
|
|||
|
It should ideally soon not be done from hackerone anyway
|
|||
|
|
|||
|
Closes #12308
|
|||
|
|
|||
|
Andrew Kurushin (11 Nov 2023)
|
|||
|
|
|||
|
- schannel: add CA cache support for files and memory blobs
|
|||
|
|
|||
|
- Support CA bundle and blob caching.
|
|||
|
|
|||
|
Cache timeout is 24 hours or can be set via CURLOPT_CA_CACHE_TIMEOUT.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12261
|
|||
|
|
|||
|
Daniel Stenberg (10 Nov 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Charlie C (10 Nov 2023)
|
|||
|
|
|||
|
- cmake: option to disable install & drop `curlu` target when unused
|
|||
|
|
|||
|
This patch makes the following changes:
|
|||
|
- adds the option `CURL_DISABLE_INSTALL` - to disable 'install' targets.
|
|||
|
- Removes the target `curlu` when the option `BUILD_TESTING` is set to
|
|||
|
`OFF` - to prevent it from being loaded in Visual Studio.
|
|||
|
|
|||
|
Closes #12287
|
|||
|
|
|||
|
Kai Pastor (10 Nov 2023)
|
|||
|
|
|||
|
- cmake: fix multiple include of CURL package
|
|||
|
|
|||
|
Fixes errors on second `find_package(CURL)`. This is a frequent case
|
|||
|
with transitive dependencies:
|
|||
|
```
|
|||
|
CMake Error at ...:
|
|||
|
add_library cannot create ALIAS target "CURL::libcurl" because another
|
|||
|
target with the same name already exists.
|
|||
|
```
|
|||
|
|
|||
|
Test to reproduce:
|
|||
|
```cmake
|
|||
|
cmake_minimum_required(VERSION 3.27) # must be 3.18 or higher
|
|||
|
|
|||
|
project(curl)
|
|||
|
|
|||
|
set(CURL_DIR "example/lib/cmake/CURL/")
|
|||
|
find_package(CURL CONFIG REQUIRED)
|
|||
|
find_package(CURL CONFIG REQUIRED) # fails
|
|||
|
|
|||
|
add_executable(main main.c)
|
|||
|
target_link_libraries(main CURL::libcurl)
|
|||
|
```
|
|||
|
|
|||
|
Ref: https://cmake.org/cmake/help/latest/release/3.18.html#other-changes
|
|||
|
Ref: https://cmake.org/cmake/help/v3.18/policy/CMP0107.html
|
|||
|
Ref: #12300
|
|||
|
Assisted-by: Harry Mallon
|
|||
|
Closes #11913
|
|||
|
|
|||
|
Viktor Szakats (8 Nov 2023)
|
|||
|
|
|||
|
- tidy-up: use `OPENSSL_VERSION_NUMBER`
|
|||
|
|
|||
|
Uniformly use `OPENSSL_VERSION_NUMBER` to check for OpenSSL version.
|
|||
|
Before this patch some places used `OPENSSL_VERSION_MAJOR`.
|
|||
|
|
|||
|
Also fix `lib/md4.c`, which included `opensslconf.h`, but that doesn't
|
|||
|
define any version number in these implementations: BoringSSL, AWS-LC,
|
|||
|
LibreSSL, wolfSSL. (Only in mainline OpenSSL/quictls). Switch that to
|
|||
|
`opensslv.h`. This wasn't causing a deeper problem because the code is
|
|||
|
looking for v3, which is only provided by OpenSSL/quictls as of now.
|
|||
|
|
|||
|
According to https://github.com/openssl/openssl/issues/17517, the macro
|
|||
|
`OPENSSL_VERSION_NUMBER` is safe to use and not deprecated.
|
|||
|
|
|||
|
Reviewed-by: Marcel Raad
|
|||
|
Closes #12298
|
|||
|
|
|||
|
Daniel Stenberg (8 Nov 2023)
|
|||
|
|
|||
|
- resolve.d: drop a multi use-sentence
|
|||
|
|
|||
|
Since the `multi:` keyword adds that message.
|
|||
|
|
|||
|
Reported-by: 積丹尼 Dan Jacobson
|
|||
|
Fixes https://github.com/curl/curl/discussions/12294
|
|||
|
Closes #12295
|
|||
|
|
|||
|
- content_encoding: make Curl_all_content_encodings allocless
|
|||
|
|
|||
|
- Fixes a memory leak pointed out by Coverity
|
|||
|
- Also found by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?
|
|||
|
id=63947
|
|||
|
- Avoids unncessary allocations
|
|||
|
|
|||
|
Follow-up ad051e1cbec68b2456a22661b
|
|||
|
|
|||
|
Closes #12289
|
|||
|
|
|||
|
Michael Kaufmann (7 Nov 2023)
|
|||
|
|
|||
|
- vtls: use ALPN "http/1.1" for HTTP/1.x, including HTTP/1.0
|
|||
|
|
|||
|
Some servers don't support the ALPN protocol "http/1.0" (e.g. IIS 10),
|
|||
|
avoid it and use "http/1.1" instead.
|
|||
|
|
|||
|
This reverts commit df856cb5c9 (#10183).
|
|||
|
|
|||
|
Fixes #12259
|
|||
|
Closes #12285
|
|||
|
|
|||
|
Daniel Stenberg (7 Nov 2023)
|
|||
|
|
|||
|
- Makefile.am: drop vc10, vc11 and vc12 projects from dist
|
|||
|
|
|||
|
They are end of life products. Support for generating them remain in the
|
|||
|
repo for a while but this change drops them from distribution.
|
|||
|
|
|||
|
Closes #12288
|
|||
|
|
|||
|
David Suter (7 Nov 2023)
|
|||
|
|
|||
|
- projects: add VC14.20 project files
|
|||
|
|
|||
|
Windows projects included VC14, VC14.10, VC14.30 but not VC14.20.
|
|||
|
OpenSSL and Wolf SSL scripts mention VC14.20 so I don't see a reason why
|
|||
|
this is missing. Updated the templates to produce a VC14.20 project.
|
|||
|
Project opens in Visual Studio 2019 as expected.
|
|||
|
|
|||
|
Closes #12282
|
|||
|
|
|||
|
Daniel Stenberg (7 Nov 2023)
|
|||
|
|
|||
|
- curl: move IPFS code into src/tool_ipfs.[ch]
|
|||
|
|
|||
|
- convert ensure_trailing into ensure_trailing_slash
|
|||
|
- strdup the URL string to own it proper
|
|||
|
- use shorter variable names
|
|||
|
- combine some expressions
|
|||
|
- simplify error handling in ipfs_gateway()
|
|||
|
- add MAX_GATEWAY_URL_LEN + proper bailout if maximum is reached
|
|||
|
- ipfs-gateway.d polish and simplification
|
|||
|
- shorten ipfs error message + make them "synthetic"
|
|||
|
|
|||
|
Closes #12281
|
|||
|
|
|||
|
Viktor Szakats (6 Nov 2023)
|
|||
|
|
|||
|
- build: delete support bits for obsolete Windows compilers
|
|||
|
|
|||
|
- Pelles C: Unclear status, failed to obtain a fresh copy a few months
|
|||
|
ago. Possible website is HTTP-only. ~10 years ago I left this compiler
|
|||
|
dealing with crashes and other issues with no response on the forum
|
|||
|
for years. It has seen some activity in curl back in 2021.
|
|||
|
- LCC: Last stable release in September 2002.
|
|||
|
- Salford C: Misses winsock2 support, possibly abandoned? Last mentioned
|
|||
|
in 2006.
|
|||
|
- Borland C++: We dropped Borland C++ support in 2018.
|
|||
|
- MS Visual C++ 6.0: Released in 1998. curl already requires VS 2010
|
|||
|
(or possibly 2008) as a minimum.
|
|||
|
|
|||
|
Closes #12222
|
|||
|
|
|||
|
- build: delete `HAVE_STDINT_H` and `HAVE_INTTYPES_H`
|
|||
|
|
|||
|
We use `stdint.h` unconditionally in all places except one. These uses
|
|||
|
are imposed by external dependencies / features. nghttp2, quic, wolfSSL
|
|||
|
and `HAVE_MACH_ABSOLUTE_TIME` do require this C99 header. It means that
|
|||
|
any of these features make curl require a C99 compiler. (In case of
|
|||
|
MSVC, this means Visual Studio 2010 or newer.)
|
|||
|
|
|||
|
This patch changes the single use of `stdint.h` guarded by
|
|||
|
`HAVE_STDINT_H` to use `stdint.h` unconditionally. Also stop using
|
|||
|
`inttypes.h` as an alternative there. `HAVE_INTTYPES_H` wasn't used
|
|||
|
anywhere else, allowing to delete this feature check as well.
|
|||
|
|
|||
|
Closes #12275
|
|||
|
|
|||
|
Daniel Stenberg (6 Nov 2023)
|
|||
|
|
|||
|
- tool_operate: do not mix memory models
|
|||
|
|
|||
|
Make sure 'inputpath' only points to memory allocated by libcurl so that
|
|||
|
curl_free works correctly.
|
|||
|
|
|||
|
Pointed out by Coverity
|
|||
|
|
|||
|
Follow-up to 859e88f6533f9e1f890
|
|||
|
|
|||
|
Closes #12280
|
|||
|
|
|||
|
Stefan Eissing (6 Nov 2023)
|
|||
|
|
|||
|
- lib: client writer, part 2, accounting + logging
|
|||
|
|
|||
|
This PR has these changes:
|
|||
|
|
|||
|
Renaming of unencode_* to cwriter, e.g. client writers
|
|||
|
- documentation of sendf.h functions
|
|||
|
- move max decode stack checks back to content_encoding.c
|
|||
|
- define writer phase which was used as order before
|
|||
|
- introduce phases for monitoring inbetween decode phases
|
|||
|
- offering default implementations for init/write/close
|
|||
|
|
|||
|
Add type paramter to client writer's do_write()
|
|||
|
- always pass all writes through the writer stack
|
|||
|
- writers who only care about BODY data will pass other writes unchanged
|
|||
|
|
|||
|
add RAW and PROTOCOL client writers
|
|||
|
- RAW used for Curl_debug() logging of CURLINFO_DATA_IN
|
|||
|
- PROTOCOL used for updates to data->req.bytecount, max_filesize checks and
|
|||
|
Curl_pgrsSetDownloadCounter()
|
|||
|
- remove all updates of data->req.bytecount and calls to
|
|||
|
Curl_pgrsSetDownloadCounter() and Curl_debug() from other code
|
|||
|
- adjust test457 expected output to no longer see the excess write
|
|||
|
|
|||
|
Closes #12184
|
|||
|
|
|||
|
Daniel Stenberg (6 Nov 2023)
|
|||
|
|
|||
|
- VULN-DISCLOSURE-POLICY: escape sequences are not a security flaw
|
|||
|
|
|||
|
Closes #12278
|
|||
|
|
|||
|
Viktor Szakats (6 Nov 2023)
|
|||
|
|
|||
|
- rand: fix build error with autotools + LibreSSL
|
|||
|
|
|||
|
autotools unexpectedly detects `arc4random` because it is also looking
|
|||
|
into dependency libs. One dependency, LibreSSL, happens to publish an
|
|||
|
`arc4random` function (via its shared lib before v3.7, also via static
|
|||
|
lib as of v3.8.2). When trying to use this function in `lib/rand.c`,
|
|||
|
its protoype is missing. To fix that, curl included a prototype, but
|
|||
|
that used a C99 type without including `stdint.h`, causing:
|
|||
|
|
|||
|
```
|
|||
|
../../lib/rand.c:37:1: error: unknown type name 'uint32_t'
|
|||
|
37 | uint32_t arc4random(void);
|
|||
|
| ^
|
|||
|
1 error generated.
|
|||
|
```
|
|||
|
|
|||
|
This patch improves this by dropping the local prototype and instead
|
|||
|
limiting `arc4random` use for non-OpenSSL builds. OpenSSL builds provide
|
|||
|
their own random source anyway.
|
|||
|
|
|||
|
The better fix would be to teach autotools to not link dependency libs
|
|||
|
while detecting `arc4random`.
|
|||
|
|
|||
|
LibreSSL publishing a non-namespaced `arc4random` tracked here:
|
|||
|
https://github.com/libressl/portable/issues/928
|
|||
|
|
|||
|
Regression from 755ddbe901cd0c921fbc3ac5b3775c0dc683bc73 #10672
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Fixes #12257
|
|||
|
Closes #12274
|
|||
|
|
|||
|
Daniel Stenberg (5 Nov 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- strdup: do Curl_strndup without strncpy
|
|||
|
|
|||
|
To avoid (false positive) gcc-13 compiler warnings.
|
|||
|
|
|||
|
Follow-up to 4855debd8a2c1cb
|
|||
|
|
|||
|
Assisted-by: Jay Satiro
|
|||
|
Reported-by: Viktor Szakats
|
|||
|
Fixes #12258
|
|||
|
|
|||
|
Enno Boland (5 Nov 2023)
|
|||
|
|
|||
|
- HTTP: fix empty-body warning
|
|||
|
|
|||
|
This change fixes a compiler warning with gcc-12.2.0 when
|
|||
|
`-DCURL_DISABLE_BEARER_AUTH=ON` is used.
|
|||
|
|
|||
|
/home/tox/src/curl/lib/http.c: In function 'Curl_http_input_auth':
|
|||
|
/home/tox/src/curl/lib/http.c:1147:12: warning: suggest braces around emp
|
|||
|
ty body in an 'else' statement [-Wempty-body]
|
|||
|
1147 | ;
|
|||
|
| ^
|
|||
|
|
|||
|
Closes #12262
|
|||
|
|
|||
|
Daniel Stenberg (5 Nov 2023)
|
|||
|
|
|||
|
- openssl: identify the "quictls" backend correctly
|
|||
|
|
|||
|
Since vanilla OpenSSL does not support the QUIC API I think it helps
|
|||
|
users to identify the correct OpenSSL fork in version output. The best
|
|||
|
(crude) way to do that right now seems to be to check if ngtcp2 support
|
|||
|
is enabled.
|
|||
|
|
|||
|
Closes #12270
|
|||
|
|
|||
|
Mark Gaiser (5 Nov 2023)
|
|||
|
|
|||
|
- curl: improved IPFS and IPNS URL support
|
|||
|
|
|||
|
Previously just ipfs://<cid> and ipns://<cid> was supported, which is
|
|||
|
too strict for some usecases.
|
|||
|
|
|||
|
This patch allows paths and query arguments to be used too.
|
|||
|
Making this work according to normal http semantics:
|
|||
|
|
|||
|
ipfs://<cid>/foo/bar?key=val
|
|||
|
ipns://<cid>/foo/bar?key=val
|
|||
|
|
|||
|
The gateway url support is changed.
|
|||
|
It now only supports gateways in the form of:
|
|||
|
|
|||
|
http://<gateway>/foo/bar
|
|||
|
http://<gateway>
|
|||
|
|
|||
|
Query arguments here are explicitly not allowed and trigger an intended
|
|||
|
malformed url error.
|
|||
|
|
|||
|
There also was a crash when IPFS_PATH was set with a non trailing
|
|||
|
forward slash. This has been fixed.
|
|||
|
|
|||
|
Lastly, a load of test cases have been added to verify the above.
|
|||
|
|
|||
|
Reported-by: Steven Allen
|
|||
|
Fixes #12148
|
|||
|
Closes #12152
|
|||
|
|
|||
|
Harry Mallon (5 Nov 2023)
|
|||
|
|
|||
|
- docs: KNOWN_BUGS cleanup
|
|||
|
|
|||
|
* Remove other mention of hyper memory-leaks from `KNOWN_BUGS`.
|
|||
|
Should have been removed in 629723ecf22a8eae78d64cceec2f3bdae703ec95
|
|||
|
|
|||
|
* Remove mention of aws-sigv4 sort query string from `KNOWN_BUGS`.
|
|||
|
Fixed in #11806
|
|||
|
|
|||
|
* Remove mention of aws-sigv4 query empty value problems
|
|||
|
|
|||
|
* Remove mention of aws-sigv4 missing amz-content-sha256
|
|||
|
Fixed in #9995
|
|||
|
|
|||
|
- http_aws_sigv4: canonicalise valueless query params
|
|||
|
|
|||
|
Fixes #8107
|
|||
|
Closes #12244
|
|||
|
|
|||
|
Michael Kaufmann (4 Nov 2023)
|
|||
|
|
|||
|
- docs: preserve the modification date when copying the prebuilt man page
|
|||
|
|
|||
|
The previously built man page "curl.1" must be copied with the original
|
|||
|
modification date, otherwise the man page is never updated.
|
|||
|
|
|||
|
This fixes a bug that has been introduced with commit 2568441cab.
|
|||
|
|
|||
|
Reviewed-by: Dan Fandrich
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
|
|||
|
Closes #12199
|
|||
|
|
|||
|
Daniel Stenberg (4 Nov 2023)
|
|||
|
|
|||
|
- docs: remove bold from some man page SYNOPSIS sections
|
|||
|
|
|||
|
In the name of consistency
|
|||
|
|
|||
|
Closes #12267
|
|||
|
|
|||
|
- openssl: two multi pointer checks should probably rather be asserts
|
|||
|
|
|||
|
... so add the asserts now and consider removing the dynamic checks in a
|
|||
|
future.
|
|||
|
|
|||
|
Ref: #12261
|
|||
|
Closes #12264
|
|||
|
|
|||
|
boilingoden (4 Nov 2023)
|
|||
|
|
|||
|
- docs: add supported version for the json write-out
|
|||
|
|
|||
|
xref: https://curl.se/changes.html#7_70_0
|
|||
|
|
|||
|
Closes #12266
|
|||
|
|
|||
|
Viktor Szakats (3 Nov 2023)
|
|||
|
|
|||
|
- appveyor: make VS2008-built curl tool runnable
|
|||
|
|
|||
|
By linking the CRT statically. This avoids the error about missing
|
|||
|
runtime DLL `MSVCR90.dll` when running the freshly built `curl.exe`.
|
|||
|
|
|||
|
Closes #12263
|
|||
|
|
|||
|
Stefan Eissing (3 Nov 2023)
|
|||
|
|
|||
|
- url: proxy ssl connection reuse fix
|
|||
|
|
|||
|
- tunnel https proxy used for http: transfers does
|
|||
|
no check if proxy-ssl configuration matches
|
|||
|
- test cases added, test_10_12 fails on 8.4.0
|
|||
|
|
|||
|
Closes #12255
|
|||
|
|
|||
|
Jay Satiro (3 Nov 2023)
|
|||
|
|
|||
|
- curl_sspi: support more revocation error names in error messages
|
|||
|
|
|||
|
- Add these revocation errors to sspi error list:
|
|||
|
CRYPT_E_NO_REVOCATION_DLL, CRYPT_E_NO_REVOCATION_CHECK,
|
|||
|
CRYPT_E_REVOCATION_OFFLINE and CRYPT_E_NOT_IN_REVOCATION_DATABASE.
|
|||
|
|
|||
|
Prior to this change those error codes were not matched to their macro
|
|||
|
name and instead shown as "unknown error".
|
|||
|
|
|||
|
Before:
|
|||
|
|
|||
|
schannel: next InitializeSecurityContext failed:
|
|||
|
Unknown error (0x80092013) - The revocation function was
|
|||
|
unable to check revocation because the revocation server was offline.
|
|||
|
|
|||
|
After:
|
|||
|
|
|||
|
schannel: next InitializeSecurityContext failed:
|
|||
|
CRYPT_E_REVOCATION_OFFLINE (0x80092013) - The revocation function was
|
|||
|
unable to check revocation because the revocation server was offline.
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/issues/12239
|
|||
|
Reported-by: Niracler Li
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12241
|
|||
|
|
|||
|
- strdup: don't allow Curl_strndup to read past a null terminator
|
|||
|
|
|||
|
- Use malloc + strncpy instead of Curl_memdup to dupe the string before
|
|||
|
null terminating it.
|
|||
|
|
|||
|
Prior to this change if Curl_strndup was passed a length longer than
|
|||
|
the allocated string then it could copy out of bounds.
|
|||
|
|
|||
|
This change is for posterity. Curl_strndup was added in the parent
|
|||
|
commit and currently none of the calls to it pass a length that would
|
|||
|
cause it to read past the allocated length of the input.
|
|||
|
|
|||
|
Follow-up to d3b3ba35.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12254
|
|||
|
|
|||
|
Daniel Stenberg (2 Nov 2023)
|
|||
|
|
|||
|
- lib: add and use Curl_strndup()
|
|||
|
|
|||
|
The Curl_strndup() function is similar to memdup(), but copies 'n' bytes
|
|||
|
then adds a terminating null byte ('\0').
|
|||
|
|
|||
|
Closes #12251
|
|||
|
|
|||
|
- CURPOST_POSTFIELDS.3: add CURLOPT_COPYPOSTFIELDS in SEE ALSO
|
|||
|
|
|||
|
Stefan Eissing (2 Nov 2023)
|
|||
|
|
|||
|
- pytest: use lower count in repeat tests
|
|||
|
|
|||
|
- lower large iteration counts in some tests somewhat for
|
|||
|
the same coverage with less duration
|
|||
|
|
|||
|
Closes #12248
|
|||
|
|
|||
|
Daniel Stenberg (2 Nov 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- docs: clarify that curl passes on input unfiltered
|
|||
|
|
|||
|
... for several options.
|
|||
|
|
|||
|
Reported-by: Ophir Lojkine
|
|||
|
|
|||
|
Closes #12249
|
|||
|
|
|||
|
- urlapi: when URL encoding the fragment, pass in the right length
|
|||
|
|
|||
|
A benign bug because it would only add an extra null terminator.
|
|||
|
|
|||
|
Made lib1560 get a test that runs this code.
|
|||
|
|
|||
|
Closes #12250
|
|||
|
|
|||
|
Stefan Eissing (2 Nov 2023)
|
|||
|
|
|||
|
- vtls: late clone of connection ssl config
|
|||
|
|
|||
|
- perform connection cache matching against `data->set.ssl.primary`
|
|||
|
and proxy counterpart
|
|||
|
- fully clone connection ssl config only when connection is used
|
|||
|
|
|||
|
Closes #12237
|
|||
|
|
|||
|
- msh3: error when built with CURL_DISABLE_SOCKETPAIR set
|
|||
|
|
|||
|
Reported-by: Gisle Vanem
|
|||
|
Closes #12252
|
|||
|
Fixes #12213
|
|||
|
|
|||
|
Daniel Stenberg (2 Nov 2023)
|
|||
|
|
|||
|
- hsts: skip single-dot hostname
|
|||
|
|
|||
|
Reported-by: Maksymilian Arciemowicz
|
|||
|
|
|||
|
Closes #12247
|
|||
|
|
|||
|
- vtls: fix build without proxy
|
|||
|
|
|||
|
Follow-up to bf0e278a3c54bc7fee7360da17c
|
|||
|
|
|||
|
closes #12243
|
|||
|
|
|||
|
- docs/example/keepalive.c: show TCP keep-alive options
|
|||
|
|
|||
|
Closes #12242
|
|||
|
|
|||
|
- lib1560: verify appending blank URL encoded query string
|
|||
|
|
|||
|
- urlapi: skip appending NULL pointer query
|
|||
|
|
|||
|
Reported-by: kirbyn17 on hackerone
|
|||
|
|
|||
|
Closes #12240
|
|||
|
|
|||
|
- lib1560: verify setting host to "" with and without URL encode
|
|||
|
|
|||
|
- urlapi: avoid null deref if setting blank host to url encode
|
|||
|
|
|||
|
Reported-by: kirbyn17 on hackerone
|
|||
|
|
|||
|
Closes #12240
|
|||
|
|
|||
|
- dynbuf: assert for NULL pointer inputs
|
|||
|
|
|||
|
Help us catch more mistakes.
|
|||
|
|
|||
|
Closes #12238
|
|||
|
|
|||
|
- HTTP3: ngtcp2 builds are no longer experimental
|
|||
|
|
|||
|
The other HTTP/3 backends are still experimental.
|
|||
|
|
|||
|
Closes #12235
|
|||
|
|
|||
|
Stefan Eissing (31 Oct 2023)
|
|||
|
|
|||
|
- vtls: cleanup SSL config management
|
|||
|
|
|||
|
- remove `Curl_ssl_get_config()`, no longer needed
|
|||
|
|
|||
|
Closes #12204
|
|||
|
|
|||
|
Daniel Stenberg (31 Oct 2023)
|
|||
|
|
|||
|
- libcurl-thread.3: simplify the TLS section
|
|||
|
|
|||
|
All TLS libraries curl can use are threadsafe since OpenSSL 1.1.x, August
|
|||
|
2016.
|
|||
|
|
|||
|
Closes #12233
|
|||
|
|
|||
|
- configure: better --disable-http
|
|||
|
|
|||
|
- disable HTTPS-proxy as well, since it can't work without HTTP
|
|||
|
|
|||
|
- curl_setup: when HTTP is disabled, also disable all features that are
|
|||
|
HTTP-only
|
|||
|
|
|||
|
- version: HTTPS-proxy only exists if HTTP support exists
|
|||
|
|
|||
|
Closes #12223
|
|||
|
|
|||
|
- http: consider resume with CURLOPT_FAILONERRROR and 416 to be fine
|
|||
|
|
|||
|
Finding a 'Content-Range:' in the response changed the handling.
|
|||
|
|
|||
|
Add test case 1475 to verify -C - with 416 and Content-Range: header,
|
|||
|
which is almost exactly like test 194 which instead uses a fixed -C
|
|||
|
offset. Adjusted test 194 to also be considered fine.
|
|||
|
|
|||
|
Fixes #10521
|
|||
|
Reported-by: Smackd0wn
|
|||
|
Fixes #12174
|
|||
|
Reported-by: Anubhav Rai
|
|||
|
Closes #12176
|
|||
|
|
|||
|
Stefan Eissing (30 Oct 2023)
|
|||
|
|
|||
|
- GHA: fix checkout of quictls repository to use correct branch name
|
|||
|
|
|||
|
Follow-up to c868b0e30f10cd0ac7
|
|||
|
|
|||
|
Closes #12232
|
|||
|
|
|||
|
Daniel Stenberg (30 Oct 2023)
|
|||
|
|
|||
|
- docs/example/localport.c: show off CURLOPT_LOCALPORT
|
|||
|
|
|||
|
Closes #12230
|
|||
|
|
|||
|
- docs/examples/interface.c: show CURLOPT_INTERFACE use
|
|||
|
|
|||
|
Although super simple.
|
|||
|
|
|||
|
Closes #12229
|
|||
|
|
|||
|
Viktor Szakats (30 Oct 2023)
|
|||
|
|
|||
|
- build: fix compiler warning with auths disabled
|
|||
|
|
|||
|
```
|
|||
|
./curl/lib/http.c:979:12: warning: unused function 'is_valid_auth_separator'
|
|||
|
[-Wunused-function]
|
|||
|
static int is_valid_auth_separator(char ch)
|
|||
|
^
|
|||
|
5 warnings generated.
|
|||
|
```
|
|||
|
|
|||
|
Follow-up to e92edfbef64448ef461117769881f3ed776dec4e #11490
|
|||
|
|
|||
|
Closes #12227
|
|||
|
|
|||
|
- build: require Windows XP or newer
|
|||
|
|
|||
|
After this patch we assume availability of `getaddrinfo` and
|
|||
|
`freeaddrinfo`, first introduced in Windows XP. Meaning curl
|
|||
|
now requires building for Windows XP as a minimum.
|
|||
|
|
|||
|
TODO: assume these also in autotools.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/pull/12221#issuecomment-1783761806
|
|||
|
Closes #12225
|
|||
|
|
|||
|
- appveyor: bump one job to OpenSSL 3.1 (was 1.1.1)
|
|||
|
|
|||
|
Use 3.1 with the modern runner image.
|
|||
|
|
|||
|
We still use 1.1.1 in 8 jobs.
|
|||
|
|
|||
|
1.1.1 is EOL since 2023-09-11:
|
|||
|
https://www.openssl.org/blog/blog/2023/03/28/1.1.1-EOL/
|
|||
|
|
|||
|
Also:
|
|||
|
- add missing SSL-backend to job descriptions.
|
|||
|
- tidy up CPU in job descriptions.
|
|||
|
|
|||
|
Closes #12226
|
|||
|
|
|||
|
Daniel Stenberg (30 Oct 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- GHA: bump ngtcp2, nghttp3, nghttp2 and quictls versions
|
|||
|
|
|||
|
ngtcp2 1.0.1
|
|||
|
nghttp3 1.0.0
|
|||
|
nghttp2 1.58.0
|
|||
|
quictls 3.1.4+quic
|
|||
|
|
|||
|
also sync HTTP3.md with these changes
|
|||
|
|
|||
|
Closes #12132
|
|||
|
|
|||
|
Kareem (29 Oct 2023)
|
|||
|
|
|||
|
- wolfssl: add default case for wolfssl_connect_step1 switch
|
|||
|
|
|||
|
Closes #12218
|
|||
|
|
|||
|
Jay Satiro (29 Oct 2023)
|
|||
|
|
|||
|
- curl_setup: disallow Windows IPv6 builds missing getaddrinfo
|
|||
|
|
|||
|
- On Windows if IPv6 is enabled but getaddrinfo is missing then #error
|
|||
|
the build.
|
|||
|
|
|||
|
curl can be built with IPv6 support (ENABLE_IPV6) but without the
|
|||
|
ability to resolve hosts to IPv6 addresses (HAVE_GETADDRINFO). On
|
|||
|
Windows this is highly unlikely and should be considered a bad build
|
|||
|
configuration.
|
|||
|
|
|||
|
Such a bad configuration has already given us a bug that was hard to
|
|||
|
diagnose. See #12134 and #12136 for discussion.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/issues/12134
|
|||
|
Ref: https://github.com/curl/curl/pull/12136
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12221
|
|||
|
|
|||
|
Nico Rieck (29 Oct 2023)
|
|||
|
|
|||
|
- openssl: make CURLSSLOPT_NATIVE_CA import Windows intermediate CAs
|
|||
|
|
|||
|
- If CURLSSLOPT_NATIVE_CA on Windows then import from intermediate CA
|
|||
|
"CA" store after importing from root CA "ROOT" store.
|
|||
|
|
|||
|
This change allows curl to work in situations where a server does not
|
|||
|
send all intermediate certs and they are present in the "CA" store (the
|
|||
|
store with intermediate CAs). This is already allowed by the Schannel
|
|||
|
backend.
|
|||
|
|
|||
|
Also this change makes partial chain verification possible for those
|
|||
|
certs since we allow partial chain verification by default for OpenSSL
|
|||
|
(unless CURLSSLOPT_NO_PARTIALCHAIN). This is not allowed by the Schannel
|
|||
|
backend.
|
|||
|
|
|||
|
Prior to this change CURLSSLOPT_NATIVE_CA only imported "ROOT" certs.
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/12155
|
|||
|
Closes https://github.com/curl/curl/pull/12185
|
|||
|
|
|||
|
Viktor Szakats (28 Oct 2023)
|
|||
|
|
|||
|
- Makefile.mk: fix `-rtmp` option for non-Windows [ci skip]
|
|||
|
|
|||
|
Daniel Stenberg (28 Oct 2023)
|
|||
|
|
|||
|
- asyn-ares: handle no connection in the addrinfo callback
|
|||
|
|
|||
|
To avoid crashing.
|
|||
|
|
|||
|
Follow-up from 56a4db2
|
|||
|
Closes #12219
|
|||
|
|
|||
|
Jay Satiro (28 Oct 2023)
|
|||
|
|
|||
|
- hostip6: fix DEBUG_ADDRINFO builds
|
|||
|
|
|||
|
- Removed unused and incorrect parameter from dump_addrinfo().
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/commit/56a4db2e#commitcomment-131050442
|
|||
|
Reported-by: Gisle Vanem
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12212
|
|||
|
|
|||
|
Viktor Szakats (28 Oct 2023)
|
|||
|
|
|||
|
- Makefile.mk: restore `_mingw.h` for default `_WIN32_WINNT`
|
|||
|
|
|||
|
In 8.4.0 we deleted `_mingw.h` as part of purging old-mingw support.
|
|||
|
Turns out `_mingw.h` had the side-effect of setting a default
|
|||
|
`_WIN32_WINNT` value expected by `lib/config-win32.h` to enable
|
|||
|
`getaddrinfo` support in `Makefile.mk` mingw-w64 builds. This caused
|
|||
|
disabling support for this unless specifying the value manually.
|
|||
|
|
|||
|
Restore this header and update its comment to tell why we continue
|
|||
|
to need it.
|
|||
|
|
|||
|
This triggered a regression in official Windows curl builds starting
|
|||
|
with 8.4.0_1. Fixed in 8.4.0_6. (8.5.0 will be using CMake.)
|
|||
|
|
|||
|
Regression from 38029101e2d78ba125732b3bab6ec267b80a0e72 #11625
|
|||
|
|
|||
|
Reported-by: zhengqwe on github
|
|||
|
Helped-by: Nico Rieck
|
|||
|
Fixes #12134
|
|||
|
Fixes #12136
|
|||
|
Closes #12217
|
|||
|
|
|||
|
- hostip: silence compiler warning `-Wparentheses-equality`
|
|||
|
|
|||
|
Seen with LLVM 17.
|
|||
|
|
|||
|
```
|
|||
|
hostip.c:1336:22: warning: equality comparison with extraneous parentheses [-
|
|||
|
Wparentheses-equality]
|
|||
|
1336 | (a->ai_family == PF_INET)) {
|
|||
|
| ~~~~~~~~~~~~~^~~~~~~~~~
|
|||
|
hostip.c:1336:22: note: remove extraneous parentheses around the comparison t
|
|||
|
o silence this warning
|
|||
|
1336 | (a->ai_family == PF_INET)) {
|
|||
|
| ~ ^ ~
|
|||
|
hostip.c:1336:22: note: use '=' to turn this equality comparison into an assi
|
|||
|
gnment
|
|||
|
1336 | (a->ai_family == PF_INET)) {
|
|||
|
| ^~
|
|||
|
| =
|
|||
|
1 warning generated.
|
|||
|
```
|
|||
|
|
|||
|
Follow-up to b651aba0962bb31353f55de4dc35f745952a1b10 #12145
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12215
|
|||
|
|
|||
|
Stefan Eissing (27 Oct 2023)
|
|||
|
|
|||
|
- doh: use PIPEWAIT when HTTP/2 is attempted
|
|||
|
|
|||
|
Closes #12214
|
|||
|
|
|||
|
Daniel Stenberg (27 Oct 2023)
|
|||
|
|
|||
|
- setopt: remove outdated cookie comment
|
|||
|
|
|||
|
Closes #12206
|
|||
|
|
|||
|
Stefan Eissing (27 Oct 2023)
|
|||
|
|
|||
|
- cfilter: provide call to tell connection to forget a socket
|
|||
|
|
|||
|
- fixed libssh.c workaround for a socket being closed by
|
|||
|
the library
|
|||
|
- eliminate the terrible hack in cf-socket.c to guess when
|
|||
|
this happened and try not closing the socket again.
|
|||
|
- fixes race in eyeballing when socket could have failed to
|
|||
|
be closed for a discarded connect attempt
|
|||
|
|
|||
|
Closes #12207
|
|||
|
|
|||
|
- url: protocol handler lookup tidy-up
|
|||
|
|
|||
|
- rename lookup to what it does
|
|||
|
- use ARRAYSIZE instead of NULL check for end
|
|||
|
- offer alternate lookup for 0-terminated strings
|
|||
|
|
|||
|
Closes #12216
|
|||
|
|
|||
|
Viktor Szakats (27 Oct 2023)
|
|||
|
|
|||
|
- build: variadic macro tidy-ups
|
|||
|
|
|||
|
- delete unused `HAVE_VARIADIC_MACROS_C99/GCC` feature checks.
|
|||
|
(both autotools and CMake.)
|
|||
|
- delete duplicate `NULL` check in `Curl_trc_cf_infof()`.
|
|||
|
- fix compiler warning in `CURL_DISABLE_VERBOSE_STRINGS` builds.
|
|||
|
```
|
|||
|
./lib/cf-socket.c:122:41: warning: unused parameter 'data' [-Wunused-parame
|
|||
|
ter]
|
|||
|
static void nosigpipe(struct Curl_easy *data,
|
|||
|
^
|
|||
|
```
|
|||
|
- fix `#ifdef` comments in `lib/curl_trc.{c,h}`.
|
|||
|
- fix indentation in some `infof()` calls.
|
|||
|
|
|||
|
Follow-up to dac293cfb7026b1ca4175d88b80f1432d3d3c684 #12167
|
|||
|
|
|||
|
Cherry-picked from #12105
|
|||
|
Closes #12210
|
|||
|
|
|||
|
- cmake: speed up threads setup for Windows
|
|||
|
|
|||
|
Win32 threads are always available. We enabled them unconditionally
|
|||
|
(with `ENABLE_THREADED_RESOLVER`). CMake built-in thread detection
|
|||
|
logic has this condition hard-coded for Windows as well (since at least
|
|||
|
2007).
|
|||
|
|
|||
|
Instead of doing all the work of detecting pthread combinations on
|
|||
|
Windows, then discarding those results, skip these efforts and assume
|
|||
|
built-in thread support when building for Windows.
|
|||
|
|
|||
|
This saves 1-3 slow CMake configuration steps.
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12202
|
|||
|
|
|||
|
- cmake: speed up zstd detection
|
|||
|
|
|||
|
Before this patch we detected the presence of a specific zstd API to
|
|||
|
see if we can use the library. zstd published that API in its first
|
|||
|
stable release: v1.0.0 (2016-08-31).
|
|||
|
|
|||
|
Replace that method by detecting the zstd library version instead and
|
|||
|
accepting if it's v1.0.0 or newer. Also display this detected version
|
|||
|
and display a warning if the zstd found is unfit for curl.
|
|||
|
|
|||
|
We use the same version detection method as zstd itself, via its public
|
|||
|
C header.
|
|||
|
|
|||
|
This deviates from autotools which keeps using the slow method of
|
|||
|
looking for the API by building a test program. The outcome is the same
|
|||
|
as long as zstd keeps offering this API.
|
|||
|
|
|||
|
Ref: https://github.com/facebook/zstd/commit/5a0c8e24395079f8e8cdc90aa1659cd5
|
|||
|
ab1b7427 (2016-08-12, committed)
|
|||
|
Ref: https://github.com/facebook/zstd/releases/tag/v0.8.1 (2016-08-18, first
|
|||
|
released)
|
|||
|
Ref: https://github.com/facebook/zstd/releases/tag/v1.0.0
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12200
|
|||
|
|
|||
|
Daniel Stenberg (26 Oct 2023)
|
|||
|
|
|||
|
- openssl: fix infof() to avoid compiler warning for %s with null
|
|||
|
|
|||
|
vtls/openssl.c: In function ‘ossl_connect_step2’:
|
|||
|
../lib/curl_trc.h:120:10: error: ‘%s’ directive argument is null [-Werror
|
|||
|
=format-overflow=]
|
|||
|
120 | Curl_infof(data, __VA_ARGS__); } while(0)
|
|||
|
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
vtls/openssl.c:4008:5: note: in expansion of macro ‘infof’
|
|||
|
4008 | infof(data, "SSL connection using %s / %s / %s / %s",
|
|||
|
| ^~~~~
|
|||
|
vtls/openssl.c:4008:49: note: format string is defined here
|
|||
|
4008 | infof(data, "SSL connection using %s / %s / %s / %s",
|
|||
|
| ^~
|
|||
|
|
|||
|
Follow-up to b6e6d4ff8f253c8b8055bab
|
|||
|
Closes #12196
|
|||
|
|
|||
|
Stefan Eissing (26 Oct 2023)
|
|||
|
|
|||
|
- lib: apache style infof and trace macros/functions
|
|||
|
|
|||
|
- test for a simplified C99 variadic check
|
|||
|
- args to infof() in --disable-verbose are no longer disregarded but
|
|||
|
must compile.
|
|||
|
|
|||
|
Closes #12167
|
|||
|
Fixes #12083
|
|||
|
Fixes #11880
|
|||
|
Fixes #11891
|
|||
|
|
|||
|
Daniel Stenberg (26 Oct 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Stefan Eissing (26 Oct 2023)
|
|||
|
|
|||
|
- urldata: move async resolver state from easy handle to connectdata
|
|||
|
|
|||
|
- resolving is done for a connection, not for every transfer
|
|||
|
- save create/dup/free of a cares channel for each transfer
|
|||
|
- check values of setopt calls against a local channel if no
|
|||
|
connection has been attached yet, when needed.
|
|||
|
|
|||
|
Closes #12198
|
|||
|
|
|||
|
Daniel Stenberg (26 Oct 2023)
|
|||
|
|
|||
|
- CURLOPT_WRITEFUNCTION.3: clarify what libcurl returns for CURL_WRITEFUNC_ERRO
|
|||
|
R
|
|||
|
|
|||
|
It returns CURLE_WRITE_ERROR. It was not previously stated clearly.
|
|||
|
|
|||
|
Reported-by: enWILLYado on github
|
|||
|
Fixes #12201
|
|||
|
Closes #12203
|
|||
|
|
|||
|
Viktor Szakats (25 Oct 2023)
|
|||
|
|
|||
|
- autotools: update references to deleted `crypt-auth` option
|
|||
|
|
|||
|
Delete leftovers of the `crypt-auth` `./configure` option and
|
|||
|
add the new ones that replaced them.
|
|||
|
|
|||
|
Follow-up to e92edfbef64448ef461117769881f3ed776dec4e #11490
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12194
|
|||
|
|
|||
|
Stefan Eissing (25 Oct 2023)
|
|||
|
|
|||
|
- lib: introduce struct easy_poll_set for poll information
|
|||
|
|
|||
|
Connection filter had a `get_select_socks()` method, inspired by the
|
|||
|
various `getsocks` functions involved during the lifetime of a
|
|||
|
transfer. These, depending on transfer state (CONNECT/DO/DONE/ etc.),
|
|||
|
return sockets to monitor and flag if this shall be done for POLLIN
|
|||
|
and/or POLLOUT.
|
|||
|
|
|||
|
Due to this design, sockets and flags could only be added, not
|
|||
|
removed. This led to problems in filters like HTTP/2 where flow control
|
|||
|
prohibits the sending of data until the peer increases the flow
|
|||
|
window. The general transfer loop wants to write, adds POLLOUT, the
|
|||
|
socket is writeable but no data can be written.
|
|||
|
|
|||
|
This leads to cpu busy loops. To prevent that, HTTP/2 did set the
|
|||
|
`SEND_HOLD` flag of such a blocked transfer, so the transfer loop cedes
|
|||
|
further attempts. This works if only one such filter is involved. If a
|
|||
|
HTTP/2 transfer goes through a HTTP/2 proxy, two filters are
|
|||
|
setting/clearing this flag and may step on each other's toes.
|
|||
|
|
|||
|
Connection filters `get_select_socks()` is replaced by
|
|||
|
`adjust_pollset()`. They get passed a `struct easy_pollset` that keeps
|
|||
|
up to `MAX_SOCKSPEREASYHANDLE` sockets and their `POLLIN|POLLOUT`
|
|||
|
flags. This struct is initialized in `multi_getsock()` by calling the
|
|||
|
various `getsocks()` implementations based on transfer state, as before.
|
|||
|
|
|||
|
After protocol handlers/transfer loop have set the sockets and flags
|
|||
|
they want, the `easy_pollset` is *always* passed to the filters. Filters
|
|||
|
"higher" in the chain are called first, starting at the first
|
|||
|
not-yet-connection one. Each filter may add sockets and/or change
|
|||
|
flags. When all flags are removed, the socket itself is removed from the
|
|||
|
pollset.
|
|||
|
|
|||
|
Example:
|
|||
|
|
|||
|
* transfer wants to send, adds POLLOUT
|
|||
|
* http/2 filter has a flow control block, removes POLLOUT and adds
|
|||
|
POLLIN (it is waiting on a WINDOW_UPDATE from the server)
|
|||
|
* TLS filter is connected and changes nothing
|
|||
|
* h2-proxy filter also has a flow control block on its tunnel stream,
|
|||
|
removes POLLOUT and adds POLLIN also.
|
|||
|
* socket filter is connected and changes nothing
|
|||
|
* The resulting pollset is then mixed together with all other transfers
|
|||
|
and their pollsets, just as before.
|
|||
|
|
|||
|
Use of `SEND_HOLD` is no longer necessary in the filters.
|
|||
|
|
|||
|
All filters are adapted for the changed method. The handling in
|
|||
|
`multi.c` has been adjusted, but its state handling the the protocol
|
|||
|
handlers' `getsocks` method are untouched.
|
|||
|
|
|||
|
The most affected filters are http/2, ngtcp2, quiche and h2-proxy. TLS
|
|||
|
filters needed to be adjusted for the connecting handshake read/write
|
|||
|
handling.
|
|||
|
|
|||
|
No noticeable difference in performance was detected in local scorecard
|
|||
|
runs.
|
|||
|
|
|||
|
Closes #11833
|
|||
|
|
|||
|
Daniel Stenberg (25 Oct 2023)
|
|||
|
|
|||
|
- tests/README: SOCKS tests are not using OpenSSH, it has its own server
|
|||
|
|
|||
|
Follow-up to 04fd67555cc
|
|||
|
|
|||
|
Closes #12195
|
|||
|
|
|||
|
Jacob Hoffman-Andrews (25 Oct 2023)
|
|||
|
|
|||
|
- tets: make test documentation more user-friendly
|
|||
|
|
|||
|
Put the instructions to run tests right at the top of tests/README.md.
|
|||
|
|
|||
|
Give instructions to read the runtests.1 man page for information
|
|||
|
about flags. Delete redundant copy of the flags documentation in the
|
|||
|
README.
|
|||
|
|
|||
|
Add a mention in README.md of the important parallelism flag, to make
|
|||
|
test runs go much faster.
|
|||
|
|
|||
|
Move documentation of output line format into the runtests.1 man page,
|
|||
|
and update it with missing flags.
|
|||
|
|
|||
|
Fix the order of two flags in the man page.
|
|||
|
|
|||
|
Closes #12193
|
|||
|
|
|||
|
Viktor Szakats (24 Oct 2023)
|
|||
|
|
|||
|
- cmake: pre-fill rest of detection values for Windows
|
|||
|
|
|||
|
The goal of this patch is to avoid unnecessary feature detection work
|
|||
|
when doing Windows builds with CMake. Do this by pre-filling well-known
|
|||
|
detection results for Windows and specifically for mingw-w64 and MSVC
|
|||
|
compilers. Also limit feature checks to platforms where the results are
|
|||
|
actually used. Drop a few redundant ones. And some tidying up.
|
|||
|
|
|||
|
- pre-fill remaining detection values in Windows CMake builds.
|
|||
|
|
|||
|
Based on actual detection results observed in CI runs, preceding
|
|||
|
similar work over libssh2 and matching up values with
|
|||
|
`lib/config-win32.h`.
|
|||
|
|
|||
|
This brings down CMake configuration time from 58 to 14 seconds on the
|
|||
|
same local machine.
|
|||
|
|
|||
|
On AppVeyor CI this translates to:
|
|||
|
- 128 seconds -> 50 seconds VS2022 MSVC with OpenSSL (per CMake job):
|
|||
|
https://ci.appveyor.com/project/curlorg/curl/builds/48208419/job/4gw66ecr
|
|||
|
jpy7necb#L296
|
|||
|
https://ci.appveyor.com/project/curlorg/curl/builds/48217440/job/8m4fwrr2
|
|||
|
fe249uo8#L186
|
|||
|
- 62 seconds -> 16 seconds VS2017 MINGW (per CMake job):
|
|||
|
https://ci.appveyor.com/project/curlorg/curl/builds/48208419/job/s1y8q5iv
|
|||
|
lcs7ub29?fullLog=true#L290
|
|||
|
https://ci.appveyor.com/project/curlorg/curl/builds/48217440/job/pchpxyjs
|
|||
|
yc9kl13a?fullLog=true#L194
|
|||
|
|
|||
|
The formula is about 1-3 seconds delay for each detection. Almost all
|
|||
|
of these trigger a full compile-link cycle behind the scenes, slow
|
|||
|
even today, both cross and native, mingw-w64 and apparently MSVC too.
|
|||
|
Enabling .map files or other custom build features slows it down
|
|||
|
further. (Similar is expected for autotools configure.)
|
|||
|
|
|||
|
- stop detecting `idn2.h` if idn2 was deselected.
|
|||
|
autotools does this.
|
|||
|
|
|||
|
- stop detecting `idn2.h` if idn2 was not found.
|
|||
|
This deviates from autotools. Source code requires both header and
|
|||
|
lib, so this is still correct, but faster.
|
|||
|
|
|||
|
- limit `ADDRESS_FAMILY` detection to Windows.
|
|||
|
|
|||
|
- normalize `HAVE_WIN32_WINNT` value to lowercase `0x0a12` format.
|
|||
|
|
|||
|
- pre-fill `HAVE_WIN32_WINNT`-dependent detection results.
|
|||
|
Saving 4 (slow) feature-detections in most builds: `getaddrinfo`,
|
|||
|
`freeaddrinfo`, `inet_ntop`, `inet_pton`
|
|||
|
|
|||
|
- fix pre-filled `HAVE_SYS_TIME_H`, `HAVE_SYS_PARAM_H`,
|
|||
|
`HAVE_GETTIMEOFDAY` for mingw-w64.
|
|||
|
Luckily this do not change build results, as `WIN32` took
|
|||
|
priority over `HAVE_GETTIMEOFDAY` with the current source
|
|||
|
code.
|
|||
|
|
|||
|
- limit `HAVE_CLOCK_GETTIME_MONOTONIC_RAW` and
|
|||
|
`HAVE_CLOCK_GETTIME_MONOTONIC` detections to non-Windows.
|
|||
|
We're not using these in the source code for Windows.
|
|||
|
|
|||
|
- reduce compiler warning noise in CMake internal logs:
|
|||
|
- fix to include `winsock2.h` before `windows.h`.
|
|||
|
Apply it to autotools test snippets too.
|
|||
|
- delete previous `-D_WINSOCKAPI_=` hack that aimed to fix the above.
|
|||
|
- cleanup `CMake/CurlTests.c` to emit less warnings.
|
|||
|
|
|||
|
- delete redundant `HAVE_MACRO_SIGSETJMP` feature check.
|
|||
|
It was the same check as `HAVE_SIGSETJMP`.
|
|||
|
|
|||
|
- delete 'experimental' marking from `CURL_USE_OPENSSL`.
|
|||
|
|
|||
|
- show CMake version via `CMakeLists.txt`.
|
|||
|
Credit to the `zlib-ng` project for the idea:
|
|||
|
https://github.com/zlib-ng/zlib-ng/blob/61e181c8ae93dbf56040336179c9954078b
|
|||
|
d1399/CMakeLists.txt#L7
|
|||
|
|
|||
|
- make `CMake/CurlTests.c` pass `checksrc`.
|
|||
|
|
|||
|
- `CMake/WindowsCache.cmake` tidy-ups.
|
|||
|
|
|||
|
- replace `WIN32` guard with `_WIN32` in `CMake/CurlTests.c`.
|
|||
|
|
|||
|
Closes #12044
|
|||
|
|
|||
|
Jay Satiro (24 Oct 2023)
|
|||
|
|
|||
|
- page-footer: clarify exit code 25
|
|||
|
|
|||
|
- Clarify that curl tool exit code 25 means an upload failed to start.
|
|||
|
|
|||
|
Exit code 25 is equivalent to CURLE_UPLOAD_FAILED (25). Prior to this
|
|||
|
change the documentation only mentioned the case of FTP STOR failing.
|
|||
|
|
|||
|
Reported-by: Emanuele Torre
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/blob/curl-8_4_0/docs/libcurl/libcurl-errors
|
|||
|
.3#L113-L115
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/12189
|
|||
|
Closes https://github.com/curl/curl/pull/12190
|
|||
|
|
|||
|
Daniel Stenberg (24 Oct 2023)
|
|||
|
|
|||
|
- scripts/cijobs.pl: adjust for appveyor
|
|||
|
|
|||
|
Follow-up to a1d73a6bb
|
|||
|
|
|||
|
Alex Bozarth (24 Oct 2023)
|
|||
|
|
|||
|
- OpenSSL: Include SIG and KEM algorithms in verbose
|
|||
|
|
|||
|
Currently the verbose output does not include which algorithms are used
|
|||
|
for the signature and key exchange when using OpenSSL. Including the
|
|||
|
algorithms used will enable better debugging when working on using new
|
|||
|
algorithm implementations. Know what algorithms are used has become more
|
|||
|
important with the fast growing research into new quantum-safe
|
|||
|
algorithms.
|
|||
|
|
|||
|
This implementation includes a build time check for the OpenSSL version
|
|||
|
to use a new function that will be included in OpenSSL 3.2 that was
|
|||
|
introduced in openssl/openssl@6866824
|
|||
|
|
|||
|
Based-on-patch-by: Martin Schmatz <mrt@zurich.ibm.com>
|
|||
|
Closes #12030
|
|||
|
|
|||
|
Daniel Stenberg (23 Oct 2023)
|
|||
|
|
|||
|
- http2: provide an error callback and failf the message
|
|||
|
|
|||
|
Getting nghttp2's error message helps users understand what's going
|
|||
|
on. For example when the connection is brought down due a forbidden
|
|||
|
header is used - as that header is then not displayed by curl itself.
|
|||
|
|
|||
|
Example:
|
|||
|
|
|||
|
curl: (92) Invalid HTTP header field was received: frame type: 1,
|
|||
|
stream: 1, name: [upgrade], value: [h2,h2c]
|
|||
|
|
|||
|
Ref: #12172
|
|||
|
Closes #12179
|
|||
|
|
|||
|
Turiiya (23 Oct 2023)
|
|||
|
|
|||
|
- BINDINGS: add V binding
|
|||
|
|
|||
|
Closes #12182
|
|||
|
|
|||
|
Daniel Stenberg (22 Oct 2023)
|
|||
|
|
|||
|
- configure: check for the fseeko declaration too
|
|||
|
|
|||
|
... and make the code require both symbol and declaration.
|
|||
|
|
|||
|
This is because for Android, the symbol is always present in the lib at
|
|||
|
build-time even when not actually available in run-time.
|
|||
|
|
|||
|
Assisted-by: Viktor Szakats
|
|||
|
Reported-by: 12932 on github
|
|||
|
Fixes #12086
|
|||
|
Closes #12158
|
|||
|
|
|||
|
Viktor Szakats (22 Oct 2023)
|
|||
|
|
|||
|
- cmake: fix OpenSSL quic detection in quiche builds
|
|||
|
|
|||
|
An orphan call to `CheckQuicSupportInOpenSSL()` remained after a recent
|
|||
|
update when checking QUIC for quiche. Move back QUIC detection to
|
|||
|
a function and fixup callers to use that. Also make sure that quiche
|
|||
|
gets QUIC from BoringSSL, because it doesn't support other forks at this
|
|||
|
time.
|
|||
|
|
|||
|
Regression from dee310d54261f9a8416e87d50bccfe2cbe404949 #11555
|
|||
|
|
|||
|
Reported-by: Casey Bodley <cbodley@redhat.com>
|
|||
|
Fixes #12160
|
|||
|
Closes #12162
|
|||
|
|
|||
|
Daniel Stenberg (22 Oct 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
bump to 8.5.0 for pending release
|
|||
|
|
|||
|
Dan Fandrich (21 Oct 2023)
|
|||
|
|
|||
|
- test3103: add missing quotes around a test tag attribute
|
|||
|
|
|||
|
Loïc Yhuel (21 Oct 2023)
|
|||
|
|
|||
|
- tool: fix --capath when proxy support is disabled
|
|||
|
|
|||
|
After 95e8515ca0, --capath always sets CURLOPT_PROXY_CAPATH, which fails
|
|||
|
with CURLE_UNKNOWN_OPTION when proxy support is disabled.
|
|||
|
|
|||
|
Closes #12089
|
|||
|
|
|||
|
Daniel Stenberg (21 Oct 2023)
|
|||
|
|
|||
|
- openldap: move the alloc of ldapconninfo to *connect()
|
|||
|
|
|||
|
Fixes a minor memory leak on LDAP connection reuse.
|
|||
|
|
|||
|
Doing the allocation already in *setup_connection() is wrong since that
|
|||
|
connect struct might get discarded early when an existing connection is
|
|||
|
reused instead.
|
|||
|
|
|||
|
Closes #12166
|
|||
|
|
|||
|
- openldap: set the callback argument in oldap_do
|
|||
|
|
|||
|
... to make sure it has the current 'data' pointer and not a stale old
|
|||
|
one.
|
|||
|
|
|||
|
Reported-by: Dan Fandrich
|
|||
|
Closes #12166
|
|||
|
|
|||
|
- gnutls: support CURLSSLOPT_NATIVE_CA
|
|||
|
|
|||
|
Remove the CURL_CA_FALLBACK logic. That build option was added to allow
|
|||
|
primarily OpenSSL to use the default paths for loading the CA certs. For
|
|||
|
GnuTLS it was instead made to load the "system certs", which is
|
|||
|
different and not desirable.
|
|||
|
|
|||
|
The native CA store loading is now asked for with this option.
|
|||
|
|
|||
|
Follow-up to 7b55279d1d856
|
|||
|
|
|||
|
Co-authored-by: Jay Satiro
|
|||
|
|
|||
|
Closes #12137
|
|||
|
|
|||
|
Stefan Eissing (21 Oct 2023)
|
|||
|
|
|||
|
- RTSP: improved RTP parser
|
|||
|
|
|||
|
- fix HTTP header parsing to report incomplete
|
|||
|
lines it buffers as consumed!
|
|||
|
- re-implement the RTP parser for interleave RTP
|
|||
|
messages for robustness. It is now keeping its
|
|||
|
state at the connection
|
|||
|
- RTSP protocol handler "readwrite" implementation
|
|||
|
now tracks if the response is before/in/after
|
|||
|
header parsing or "in" a bod by calling
|
|||
|
"Curl_http_readwrite_headers()" itself. This
|
|||
|
allows it to know when non-RTP bytes are "junk"
|
|||
|
or HEADER or BODY.
|
|||
|
- tested with #12035 and various small receive
|
|||
|
sizes where current master fails
|
|||
|
|
|||
|
Closes #12052
|
|||
|
|
|||
|
- http2: header conversion tightening
|
|||
|
|
|||
|
- fold the code to convert dynhds to the nghttp2 structs
|
|||
|
into a dynhds internal method
|
|||
|
- saves code duplication
|
|||
|
- pacifies compiler analyzers
|
|||
|
|
|||
|
Closes #12097
|
|||
|
|
|||
|
Daniel Stenberg (21 Oct 2023)
|
|||
|
|
|||
|
- curl_ntlm_wb: fix elif typo
|
|||
|
|
|||
|
Reported-by: Manfred Schwarb
|
|||
|
Follow-up to d4314cdf65ae
|
|||
|
Bug: https://github.com/curl/curl/commit/d4314cdf65aee295db627016934bd9eb621a
|
|||
|
b077#r130551295
|
|||
|
|
|||
|
Dan Fandrich (20 Oct 2023)
|
|||
|
|
|||
|
- test1683: remove commented-out check alternatives
|
|||
|
|
|||
|
Python precheck/postcheck alternatives were included but commented out.
|
|||
|
Since these are not used and perl is guaranteed to be available to run
|
|||
|
the perl versions anyway, the Python ones are removed.
|
|||
|
|
|||
|
Daniel Stenberg (20 Oct 2023)
|
|||
|
|
|||
|
- hostip: show the list of IPs when resolving is done
|
|||
|
|
|||
|
Getting 'curl.se' today then gets this verbose output which might help
|
|||
|
debugging connectivity related matters.
|
|||
|
|
|||
|
* Host curl.se:80 was resolved.
|
|||
|
* IPv6: 2a04:4e42::347, 2a04:4e42:200::347, 2a04:4e42:400::347,
|
|||
|
2a04:4e42:600::347, 2a04:4e42:800::347, 2a04:4e42:a00::347,
|
|||
|
2a04:4e42:c00::347, 2a04:4e42:e00::347
|
|||
|
* IPv4: 151.101.193.91, 151.101.1.91, 151.101.65.91, 151.101.129.91
|
|||
|
|
|||
|
Co-authored-by: Jay Satiro
|
|||
|
Closes #12145
|
|||
|
|
|||
|
rilysh (20 Oct 2023)
|
|||
|
|
|||
|
- docs: fix function typo in curl_easy_option_next.3
|
|||
|
|
|||
|
Closes #12170
|
|||
|
|
|||
|
Daniel Stenberg (20 Oct 2023)
|
|||
|
|
|||
|
- vssh: remove the #ifdef for Curl_ssh_init, use empty macro
|
|||
|
|
|||
|
In the same style as other init calls
|
|||
|
|
|||
|
- easy: remove duplicate wolfSSH init call
|
|||
|
|
|||
|
It is already done in Curl_ssh_init() where it belongs.
|
|||
|
|
|||
|
Closes #12168
|
|||
|
|
|||
|
- socks: make SOCKS5 use the CURLOPT_IPRESOLVE choice
|
|||
|
|
|||
|
Fixes #11949
|
|||
|
Reported-by: Ammar Faizi
|
|||
|
Closes #12163
|
|||
|
|
|||
|
- urldata: move the 'internal' boolean to the state struct
|
|||
|
|
|||
|
... where all the other state bits for the easy handles live.
|
|||
|
|
|||
|
Closes #12165
|
|||
|
|
|||
|
- url: don't touch the multi handle when closing internal handles
|
|||
|
|
|||
|
Reported-by: Maksymilian Arciemowicz
|
|||
|
Closes #12165
|
|||
|
|
|||
|
Faraz Fallahi (19 Oct 2023)
|
|||
|
|
|||
|
- getenv: PlayStation doesn't have getenv()
|
|||
|
|
|||
|
Closes #12140
|
|||
|
|
|||
|
Daniel Stenberg (19 Oct 2023)
|
|||
|
|
|||
|
- transfer: only reset the FTP wildcard engine in CLEAR state
|
|||
|
|
|||
|
To avoid the state machine to start over and redownload all the files
|
|||
|
*again*.
|
|||
|
|
|||
|
Reported-by: lkordos on github
|
|||
|
Regression from 843b3baa3e3cb228 (shipped in 8.1.0)
|
|||
|
Bisect-by: Dan Fandrich
|
|||
|
Fixes #11775
|
|||
|
Closes #12156
|
|||
|
|
|||
|
Stefan Eissing (19 Oct 2023)
|
|||
|
|
|||
|
- GHA: move mod_h2 version in CI to v2.0.25
|
|||
|
|
|||
|
Closes #12157
|
|||
|
|
|||
|
Daniel Stenberg (19 Oct 2023)
|
|||
|
|
|||
|
- ntlm_wb: use pipe instead of socketpair when possible
|
|||
|
|
|||
|
Closes #12149
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- asyn-thread: use pipe instead of socketpair for IPC when available
|
|||
|
|
|||
|
If pipe() is present. Less overhead.
|
|||
|
|
|||
|
Helped-by: Viktor Szakats
|
|||
|
Closes #12146
|
|||
|
|
|||
|
Dan Fandrich (17 Oct 2023)
|
|||
|
|
|||
|
- tests: Fix Windows test helper tool search & use it for handle64
|
|||
|
|
|||
|
The checkcmd() and checktestcmd() functions would not have worked on
|
|||
|
Windows due to hard-coding the UNIX PATH separator character and not
|
|||
|
adding .exe file extension. This meant that tools like stunnel, valgrind
|
|||
|
and nghttpx would not have been found and used on Windows, and
|
|||
|
inspection of previous test runs show none of those being found in pure
|
|||
|
Windows CI builds.
|
|||
|
|
|||
|
With this fixed, they can be used to detect the handle64.exe program
|
|||
|
before attempting to use it. When handle64.exe was called
|
|||
|
unconditionally without it existing, it caused perl to abort the test
|
|||
|
run with the error
|
|||
|
|
|||
|
The running command stopped because the preference variable
|
|||
|
"ErrorActionPreference" or common parameter is set to Stop:
|
|||
|
sh: handle64.exe: command not found
|
|||
|
|
|||
|
Closes #12115
|
|||
|
|
|||
|
Daniel Stenberg (17 Oct 2023)
|
|||
|
|
|||
|
- multi: use pipe instead of socketpair to *wakeup()
|
|||
|
|
|||
|
If pipe() is present. Less overhead.
|
|||
|
|
|||
|
Closes #12142
|
|||
|
|
|||
|
Jay Satiro (17 Oct 2023)
|
|||
|
|
|||
|
- build: fix 'threadsafe' feature detection for older gcc
|
|||
|
|
|||
|
- Add 'threadsafe' to the feature list shown during build if POSIX
|
|||
|
threads are being used.
|
|||
|
|
|||
|
This is a follow-up to 5adb6000 which added support for building a
|
|||
|
thread-safe libcurl with older versions of gcc where atomic is not
|
|||
|
available but pthread is.
|
|||
|
|
|||
|
Reported-by: Dan Fandrich
|
|||
|
Co-authored-by: Dan Fandrich
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/12125
|
|||
|
Closes https://github.com/curl/curl/pull/12127
|
|||
|
|
|||
|
Daniel Stenberg (16 Oct 2023)
|
|||
|
|
|||
|
- test729: verify socks4a with excessive proxy user name length
|
|||
|
|
|||
|
- socks: better buffer size checks for socks4a user and hostname
|
|||
|
|
|||
|
Also limit the proxy user name to 255 bytes, which is the same limit as
|
|||
|
in SOCKS5.
|
|||
|
|
|||
|
Reported-by: sd0 on hackerone
|
|||
|
Closes #12139
|
|||
|
|
|||
|
- curl.h: on FreeBSD include sys/param.h instead of osreldate.h
|
|||
|
|
|||
|
Should things build on Playstation as well
|
|||
|
|
|||
|
Fixes #12107
|
|||
|
Reported-by: Faraz Fallahi
|
|||
|
Closes #12123
|
|||
|
|
|||
|
Marcin Rataj (16 Oct 2023)
|
|||
|
|
|||
|
- tool_operate: fix links in ipfs errors
|
|||
|
|
|||
|
URL fragment links generated from headers in
|
|||
|
https://curl.se/docs/ipfs.html are lowercase.
|
|||
|
|
|||
|
Closes #12133
|
|||
|
|
|||
|
Viktor Szakats (15 Oct 2023)
|
|||
|
|
|||
|
- cmake: replace `check_library_exists_concat()`
|
|||
|
|
|||
|
The idea of `check_library_exists_concat()` is that it detects an
|
|||
|
optional component and adds it to the list of libs that we also use in
|
|||
|
subsequent component checks. This caused problems when detecting
|
|||
|
components with unnecessary dependencies that were not yet built.
|
|||
|
|
|||
|
CMake offers the `CMAKE_REQUIRED_LIBRARIES` variable to set libs used
|
|||
|
for component checks, which we already use in most cases. That left 4
|
|||
|
uses of `check_library_exists_concat()`. Only one of these actually
|
|||
|
needed the 'concat' feature (ldap/lber).
|
|||
|
|
|||
|
Delete this function and replace it with standard
|
|||
|
`check_library_exists()` and manual management of our `CURL_LIBS`
|
|||
|
list we use when linking build targets. And special logic to handle the
|
|||
|
ldap/lber case.
|
|||
|
|
|||
|
(We have a similar function for headers: `check_include_file_concat()`.
|
|||
|
It works, but problematic for performance reasons and because it hides
|
|||
|
the actual headers required in `check_symbol_exists()` calls.)
|
|||
|
|
|||
|
Ref: #11537 #11558
|
|||
|
Fixes #11285
|
|||
|
Fixes #11648
|
|||
|
Closes #12070
|
|||
|
|
|||
|
LoRd_MuldeR (15 Oct 2023)
|
|||
|
|
|||
|
- tool_cb_wrt: fix write output for very old Windows versions
|
|||
|
|
|||
|
- Pass missing parameter for 'lpNumberOfCharsWritten' to WriteConsoleW()
|
|||
|
function.
|
|||
|
|
|||
|
Apparently this parameter was *not* optional on older Windows versions.
|
|||
|
|
|||
|
Issue observed on Windows XP SP2. Issue not observed on Windows 7 SP1.
|
|||
|
So at some point between those two Microsoft changed the behavior.
|
|||
|
|
|||
|
Prior to this change, on those versions if parameter is NULL then the
|
|||
|
function call fails with error ERROR_INVALID_ACCESS.
|
|||
|
|
|||
|
Regression since af3f4e41.
|
|||
|
|
|||
|
Ref: https://github.com/MicrosoftDocs/Console-Docs/issues/299
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/12131
|
|||
|
Closes https://github.com/curl/curl/pull/12130
|
|||
|
|
|||
|
Jay Satiro (15 Oct 2023)
|
|||
|
|
|||
|
- tool_urlglob: fix build for old gcc versions
|
|||
|
|
|||
|
- Don't use __builtin_mul_overflow for GCC 4 and earlier.
|
|||
|
|
|||
|
The function was added in GCC 5.
|
|||
|
|
|||
|
Ref: https://gcc.gnu.org/gcc-5/changes.html
|
|||
|
|
|||
|
Reported-by: Dan Fandrich
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/12124
|
|||
|
Closes https://github.com/curl/curl/pull/12128
|
|||
|
|
|||
|
Carlos Henrique Lima Melara (14 Oct 2023)
|
|||
|
|
|||
|
- docs/libcurl: fix three minor man page format mistakes
|
|||
|
|
|||
|
Reported-by: Samuel Henrique
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12126
|
|||
|
|
|||
|
Jay Satiro (14 Oct 2023)
|
|||
|
|
|||
|
- tests/server: add more SOCKS5 handshake error checking
|
|||
|
|
|||
|
- Add additional checking for missing and too-short SOCKS5 handshake
|
|||
|
messages.
|
|||
|
|
|||
|
Prior to this change the SOCKS5 test server did not check that all parts
|
|||
|
of the handshake were received successfully. If those parts were missing
|
|||
|
or too short then the server would access uninitialized memory.
|
|||
|
|
|||
|
This issue was discovered in CI job 'memory-sanitizer' test results.
|
|||
|
Test 2055 was failing due to the SOCKS5 test server not running. It was
|
|||
|
not running because either it crashed or memory sanitizer aborted it
|
|||
|
during Test 728. Test 728 connects to the SOCKS5 test server on a
|
|||
|
redirect but does not send any data on purpose. The test server was not
|
|||
|
prepared for that.
|
|||
|
|
|||
|
Reported-by: Dan Fandrich
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/12117
|
|||
|
Closes https://github.com/curl/curl/pull/12118
|
|||
|
|
|||
|
Daniel Stenberg (14 Oct 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Sohom Datta (14 Oct 2023)
|
|||
|
|
|||
|
- tool_getparam: limit --rate to be smaller than number of ms
|
|||
|
|
|||
|
Currently, curl allows users to specify absurd request rates that might
|
|||
|
be higher than the number of milliseconds in the unit (ex: curl --rate
|
|||
|
3600050/h http://localhost:8080 does not error out despite there being
|
|||
|
only 3600000ms in a hour).
|
|||
|
|
|||
|
This change adds a conditional check before the millisecond calculation
|
|||
|
making sure that the number is not higher than the numerator (the unit)
|
|||
|
If the number is higher, curl errors out with PARAM_NUMBER_TOO_LARGE
|
|||
|
|
|||
|
Closes #12116
|
|||
|
|
|||
|
Daniel Stenberg (14 Oct 2023)
|
|||
|
|
|||
|
- opts: fix two minor man page format mistakes
|
|||
|
|
|||
|
Jay Satiro (14 Oct 2023)
|
|||
|
|
|||
|
- curl_trc: remove a bad assertion
|
|||
|
|
|||
|
- Remove DEBUGASSERT that an internal handle must not have user
|
|||
|
private_data set before calling the user's debug callback.
|
|||
|
|
|||
|
This is a follow-up to 0dc40b2a. The user can distinguish their easy
|
|||
|
handle from an internal easy handle by setting CURLOPT_PRIVATE on their
|
|||
|
easy handle. I had wrongly assumed that meant the user couldn't then
|
|||
|
set CURLOPT_PRIVATE on an internal handle as well.
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/pull/12060#issuecomment-1754594697
|
|||
|
Reported-by: Daniel Stenberg
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12104
|
|||
|
|
|||
|
Dan Fandrich (13 Oct 2023)
|
|||
|
|
|||
|
- test613: stop showing an error on missing output file
|
|||
|
|
|||
|
This test would show an error message if the output was missing during
|
|||
|
the log post-processing step, but the message was not captured by the
|
|||
|
test harness and wasn't useful since the normal golden log file
|
|||
|
comparison would the problem more clearly.
|
|||
|
|
|||
|
Stefan Eissing (13 Oct 2023)
|
|||
|
|
|||
|
- quic: manage connection idle timeouts
|
|||
|
|
|||
|
- configure a 120s idle timeout on our side of the connection
|
|||
|
- track the timestamp when actual socket IO happens
|
|||
|
- check IO timestamp to our *and* the peer's idle timeouts
|
|||
|
in "is this connection alive" checks
|
|||
|
|
|||
|
Reported-by: calvin2021y on github
|
|||
|
Fixes #12064
|
|||
|
Closes #12077
|
|||
|
|
|||
|
Dan Fandrich (13 Oct 2023)
|
|||
|
|
|||
|
- CI: ignore test 286 on Appveyor gcc 9 build
|
|||
|
|
|||
|
This test fails sometimes with a super fast retry loop due to what may
|
|||
|
just be a compiler bug. The test results are ignored on the one CI job
|
|||
|
where it occurs because there seems to be nothing we can do to fix it.
|
|||
|
|
|||
|
Fixes #12040
|
|||
|
Closes #12106
|
|||
|
|
|||
|
Viktor Szakats (13 Oct 2023)
|
|||
|
|
|||
|
- lib: fix gcc warning in printf call
|
|||
|
|
|||
|
Do not pass NULL to printf %s.
|
|||
|
|
|||
|
Seen with gcc 13.2.0 on Debian:
|
|||
|
```
|
|||
|
.../curl/lib/connect.c:696:27: warning: '%s' directive argument is null [-Wfo
|
|||
|
rmat-overflow=]
|
|||
|
```
|
|||
|
Ref: https://github.com/curl/curl-for-win/actions/runs/6476161689/job/1758442
|
|||
|
6483#step:3:11104
|
|||
|
|
|||
|
Ref: #10284
|
|||
|
Co-authored-by: Jay Satiro
|
|||
|
Closes #12082
|
|||
|
|
|||
|
Alex Klyubin (13 Oct 2023)
|
|||
|
|
|||
|
- http2: safer invocation of populate_binsettings
|
|||
|
|
|||
|
populate_binsettings now returns a negative value on error, instead of a
|
|||
|
huge positive value. Both places which call this function have been
|
|||
|
updated to handle this change in its contract.
|
|||
|
|
|||
|
The way populate_binsettings had been used prior to this change the huge
|
|||
|
positive values -- due to signed->unsigned conversion of the potentially
|
|||
|
negative result of nghttp2_pack_settings_payload which returns negative
|
|||
|
values on error -- are not possible. But only because http2.c currently
|
|||
|
always provides a large enough output buffer and provides H2 SETTINGS
|
|||
|
IVs which pass the verification logic inside nghttp2. If the
|
|||
|
verification logic were to change or if http2.c started passing in more
|
|||
|
IVs without increasing the output buffer size, the overflow could become
|
|||
|
reachable, and libcurl/curl might start leaking memory contents to
|
|||
|
servers/proxies...
|
|||
|
|
|||
|
Closes #12101
|
|||
|
|
|||
|
Daniel Stenberg (13 Oct 2023)
|
|||
|
|
|||
|
- openssl: avoid BN_num_bits() NULL pointer derefs
|
|||
|
|
|||
|
Reported-by: icy17 on github
|
|||
|
Fixes #12099
|
|||
|
Closes #12100
|
|||
|
|
|||
|
- wolfssl: require WOLFSSL_SYS_CA_CERTS for loading system CA
|
|||
|
|
|||
|
This define is set in wolfssl's options.h file when this function and
|
|||
|
feature is present. Handles both builds with the feature explicitly
|
|||
|
disabled and wolfSSL versions before 5.5.2 - which introduced this API
|
|||
|
call.
|
|||
|
|
|||
|
Closes #12108
|
|||
|
|
|||
|
- tool_urlglob: make multiply() bail out on negative values
|
|||
|
|
|||
|
- Does not work correctly with negative values
|
|||
|
- use __builtin_mul_overflow() on gcc
|
|||
|
|
|||
|
Reported-by: Torben Dury
|
|||
|
Closes #12102
|
|||
|
|
|||
|
Loïc Yhuel (13 Oct 2023)
|
|||
|
|
|||
|
- cmake: fix CURL_DISABLE_GETOPTIONS
|
|||
|
|
|||
|
- Add CURL_DISABLE_GETOPTIONS to curl_config.h.cmake.
|
|||
|
|
|||
|
Prior to this change the option had no effect because it was missing
|
|||
|
from that file.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12091
|
|||
|
|
|||
|
- easy_lock: add a pthread_mutex_t fallback
|
|||
|
|
|||
|
This allows to keep the init threadsafe with gcc < 4.9.0 (no C11
|
|||
|
atomics).
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12090
|
|||
|
|
|||
|
Viktor Szakats (12 Oct 2023)
|
|||
|
|
|||
|
- CI: add autotools, out-of-tree, debug build to distro check job
|
|||
|
|
|||
|
Add a job that builds curl from a generated source tarball sample, with
|
|||
|
autotools, out-of-tree, in debug mode.
|
|||
|
|
|||
|
Ref: #12085
|
|||
|
Closes #12088
|
|||
|
|
|||
|
Daniel Stenberg (12 Oct 2023)
|
|||
|
|
|||
|
- http: avoid Expect: 100-continue if Upgrade: is used
|
|||
|
|
|||
|
Reported-by: Daniel Jelinski
|
|||
|
Fixes #12022
|
|||
|
Closes #12062
|
|||
|
|
|||
|
Jan Alexander Steffens (heftig) (12 Oct 2023)
|
|||
|
|
|||
|
- docs: use SOURCE_DATE_EPOCH for generated manpages
|
|||
|
|
|||
|
This should make builds from Git reproducible.
|
|||
|
|
|||
|
Closes #12092
|
|||
|
|
|||
|
Daniel Stenberg (12 Oct 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Bumped to 8.4.1
|
|||
|
|
|||
|
Viktor Szakats (12 Oct 2023)
|
|||
|
|
|||
|
- cmake: fix `HAVE_H_ERRNO_ASSIGNABLE` detection
|
|||
|
|
|||
|
Fix `HAVE_H_ERRNO_ASSIGNABLE` to not run, only compile its test snippet,
|
|||
|
aligning this with autotools. This fixes an error when doing
|
|||
|
cross-builds and also actually detects this feature. It affected systems
|
|||
|
not allowlisted into this, e.g. SerenityOS.
|
|||
|
|
|||
|
We used this detection result to enable `HAVE_GETADDRINFO_THREADSAFE`.
|
|||
|
|
|||
|
Follow-up to 04a3a377d83fd72c4cf7a96c9cb6d44785e33264 #11979
|
|||
|
Ref: #12095 (closed in favour of this patch)
|
|||
|
Ref: #11964 (effort to sync cmake detections with autotools)
|
|||
|
|
|||
|
Reported-by: Kartatz on Github
|
|||
|
Assisted-by: Kartatz on Github
|
|||
|
Fixes #12093
|
|||
|
Closes #12094
|
|||
|
|
|||
|
- build: add `src/.checksrc` to source tarball
|
|||
|
|
|||
|
Regression from e5bb88b8f824ed87620bd923552534c83c2a516e #11958
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/pull/11958#issuecomment-1757079071
|
|||
|
Reported-by: Romain Geissler
|
|||
|
Fixes #12084
|
|||
|
Closes #12085
|
|||
|
|
|||
|
Version 8.4.0 (11 Oct 2023)
|
|||
|
|
|||
|
Daniel Stenberg (11 Oct 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- THANKS: add contributors from 8.4.0
|
|||
|
|
|||
|
Jay Satiro (11 Oct 2023)
|
|||
|
|
|||
|
- socks: return error if hostname too long for remote resolve
|
|||
|
|
|||
|
Prior to this change the state machine attempted to change the remote
|
|||
|
resolve to a local resolve if the hostname was longer than 255
|
|||
|
characters. Unfortunately that did not work as intended and caused a
|
|||
|
security issue.
|
|||
|
|
|||
|
Bug: https://curl.se/docs/CVE-2023-38545.html
|
|||
|
|
|||
|
Stefan Eissing (10 Oct 2023)
|
|||
|
|
|||
|
- CI: remove slowed-network tests
|
|||
|
|
|||
|
- remove these tests as they are currently not reliable in our CI
|
|||
|
setups.
|
|||
|
|
|||
|
curl handles the test cases, but CI sometimes fails on these due to
|
|||
|
additional conditions. Rather than mix them in, an additional CI job
|
|||
|
will be added in the future that is specific to them.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12075
|
|||
|
|
|||
|
Jay Satiro (10 Oct 2023)
|
|||
|
|
|||
|
- libcurl-env-dbg.3: move debug variables from libcurl-env.3
|
|||
|
|
|||
|
- Move documentation of libcurl environment variables used only in debug
|
|||
|
builds from libcurl-env into a separate document libcurl-env-dbg.
|
|||
|
|
|||
|
- Document more debug environment variables.
|
|||
|
|
|||
|
Previously undocumented or missing a description:
|
|||
|
|
|||
|
CURL_ALTSVC_HTTP, CURL_DBG_SOCK_WBLOCK, CURL_DBG_SOCK_WPARTIAL,
|
|||
|
CURL_DBG_QUIC_WBLOCK, CURL_DEBUG, CURL_DEBUG_SIZE, CURL_GETHOSTNAME,
|
|||
|
CURL_HSTS_HTTP, CURL_FORCETIME, CURL_SMALLREQSEND, CURL_SMALLSENDS,
|
|||
|
CURL_TIME.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11811
|
|||
|
|
|||
|
Dan Fandrich (9 Oct 2023)
|
|||
|
|
|||
|
- test670: increase the test timeout
|
|||
|
|
|||
|
This should make it more immune to loaded servers.
|
|||
|
|
|||
|
Ref: #11328
|
|||
|
|
|||
|
Stefan Eissing (9 Oct 2023)
|
|||
|
|
|||
|
- MQTT: improve receive of ACKs
|
|||
|
|
|||
|
- add `mq->recvbuf` to provide buffering of incomplete
|
|||
|
ACK responses
|
|||
|
- continue ACK reading until sufficient bytes available
|
|||
|
- fixes test failures on low network receives
|
|||
|
|
|||
|
Closes #12071
|
|||
|
|
|||
|
Viktor Szakats (9 Oct 2023)
|
|||
|
|
|||
|
- quic: fix BoringSSL build
|
|||
|
|
|||
|
Add guard around `SSL_CTX_set_ciphersuites()` use.
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/pull/12065#issuecomment-1752171885
|
|||
|
|
|||
|
Follow-up to aa9a6a177017e4b74d33cdf85a3594900f4a7f81
|
|||
|
|
|||
|
Co-authored-by: Jay Satiro
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12067
|
|||
|
|
|||
|
Stefan Eissing (9 Oct 2023)
|
|||
|
|
|||
|
- test1540: improve reliability
|
|||
|
|
|||
|
- print that bytes have been received on pausing, but not how many
|
|||
|
|
|||
|
Closes #12069
|
|||
|
|
|||
|
- test2302: improve reliability
|
|||
|
|
|||
|
- make result print collected write data, unless
|
|||
|
change in meta flags is detected
|
|||
|
- will show same result even when data arrives via
|
|||
|
several writecb invocations
|
|||
|
|
|||
|
Closes #12068
|
|||
|
|
|||
|
Daniel Stenberg (9 Oct 2023)
|
|||
|
|
|||
|
- curl_easy_pause: set "in callback" true on exit if true
|
|||
|
|
|||
|
Because it might have called another callback in the mean time that then
|
|||
|
set the bit FALSE on exit.
|
|||
|
|
|||
|
Reported-by: Jay Satiro
|
|||
|
Fixes #12059
|
|||
|
Closes #12061
|
|||
|
|
|||
|
Viktor Szakats (8 Oct 2023)
|
|||
|
|
|||
|
- h3: add support for ngtcp2 with AWS-LC builds
|
|||
|
|
|||
|
```
|
|||
|
curl 8.4.0-DEV (x86_64-apple-darwin) libcurl/8.4.0-DEV (SecureTransport) AWS-
|
|||
|
LC/1.15.0 nghttp2/1.56.0 ngtcp2/0.19.1 nghttp3/0.15.0
|
|||
|
Release-Date: [unreleased]
|
|||
|
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps
|
|||
|
mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp ws wss
|
|||
|
Features: alt-svc AsynchDNS HSTS HTTP2 HTTP3 HTTPS-proxy IPv6 Largefile Multi
|
|||
|
SSL NTLM SSL threadsafe UnixSockets
|
|||
|
```
|
|||
|
|
|||
|
Also delete an obsolete GnuTLS TODO and update the header comment in
|
|||
|
`FindNGTCP2.cmake`.
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #12066
|
|||
|
|
|||
|
- build: do not publish `HAVE_BORINGSSL`, `HAVE_AWSLC` macros
|
|||
|
|
|||
|
Syncing this up with CMake.
|
|||
|
|
|||
|
Source code uses the built-in `OPENSSL_IS_AWSLC` and
|
|||
|
`OPENSSL_IS_BORINSSL` macros to detect BoringSSL and AWS-LC. No help is
|
|||
|
necessary from the build tools.
|
|||
|
|
|||
|
The one use of `HAVE_BORINGSSL` in the source turned out to be no longer
|
|||
|
necessary for warning-free BoringSSL + Schannel builds. Ref: #1610 #2634
|
|||
|
|
|||
|
autotools detects this anyway for display purposes.
|
|||
|
CMake detects this to decide whether to use the BoringSSL-specific
|
|||
|
crypto lib with ngtcp2. It detects AWS-LC, but doesn't use the detection
|
|||
|
result just yet (planned in #12066).
|
|||
|
|
|||
|
Ref: #11964
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Reviewed-by: Jay Satiro
|
|||
|
Closes #12065
|
|||
|
|
|||
|
Marc Hoersken (8 Oct 2023)
|
|||
|
|
|||
|
- CI: move distcheck job from Azure Pipelines to GitHub Actions
|
|||
|
|
|||
|
This will allow for more trigger excludes within Azure Pipelines.
|
|||
|
|
|||
|
Also fixes seemingly broken check with scripts/installcheck.sh.
|
|||
|
Ref: 190374c74ec4e5247d9066544c86e8d095e1d7b5
|
|||
|
|
|||
|
Assisted-by: Philip Heiduck
|
|||
|
Closes #9532
|
|||
|
|
|||
|
Daniel Stenberg (8 Oct 2023)
|
|||
|
|
|||
|
- url: fall back to http/https proxy env-variable if ws/wss not set
|
|||
|
|
|||
|
Reported-by: Craig Andrews
|
|||
|
Fixes #12031
|
|||
|
Closes #12058
|
|||
|
|
|||
|
Stefan Eissing (8 Oct 2023)
|
|||
|
|
|||
|
- cf-socket: simulate slow/blocked receives in debug
|
|||
|
|
|||
|
add 2 env variables for non-UDP sockets:
|
|||
|
1. CURL_DBG_SOCK_RBLOCK: percentage of receive calls that randomly
|
|||
|
should return EAGAIN
|
|||
|
2. CURL_DBG_SOCK_RMAX: max amount of bytes read from socket
|
|||
|
|
|||
|
Closes #12035
|
|||
|
|
|||
|
- http2: refused stream handling for retry
|
|||
|
|
|||
|
- answer HTTP/2 streams refused via a GOAWAY from the server to
|
|||
|
respond with CURLE_RECV_ERROR in order to trigger a retry
|
|||
|
on another connection
|
|||
|
|
|||
|
Reported-by: black-desk on github
|
|||
|
Ref #11859
|
|||
|
Closes #12054
|
|||
|
|
|||
|
Jay Satiro (8 Oct 2023)
|
|||
|
|
|||
|
- CURLOPT_DEBUGFUNCTION.3: warn about internal handles
|
|||
|
|
|||
|
- Warn that the user's debug callback may be called with the handle
|
|||
|
parameter set to an internal handle.
|
|||
|
|
|||
|
Without this warning the user may assume that the only handles their
|
|||
|
debug callback receives are the easy handles on which they set
|
|||
|
CURLOPT_DEBUGFUNCTION.
|
|||
|
|
|||
|
This is a follow-up to f8cee8cc which changed DoH handles to inherit
|
|||
|
the debug callback function set in the user's easy handle. As a result
|
|||
|
those handles are now passed to the user's debug callback function.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/12034
|
|||
|
|
|||
|
- url: fix typo
|
|||
|
|
|||
|
Daniel Stenberg (8 Oct 2023)
|
|||
|
|
|||
|
- test458: verify --expand-output, expanding a file name accepting option
|
|||
|
|
|||
|
Verifies the fix in #12055 (commit f2c8086ff15e6e995e1)
|
|||
|
|
|||
|
- tool_getparam: accept variable expansion on file names too
|
|||
|
|
|||
|
Reported-by: PBudmark on github
|
|||
|
Fixes #12048
|
|||
|
Closes #12055
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- multi: do CURLM_CALL_MULTI_PERFORM at two more places
|
|||
|
|
|||
|
... when it does a state transition but there is no particular socket or
|
|||
|
timer activity. This was made apparent when commit b5bb84c removed a
|
|||
|
superfluous timer expiry.
|
|||
|
|
|||
|
Reported-by: Dan Fandrich.
|
|||
|
Fixes #12033
|
|||
|
Closes #12056
|
|||
|
|
|||
|
Viktor Szakats (7 Oct 2023)
|
|||
|
|
|||
|
- GHA/linux: mbedtls 3.5.0 + minor dep bumps
|
|||
|
|
|||
|
Closes #12057
|
|||
|
|
|||
|
Dan Fandrich (7 Oct 2023)
|
|||
|
|
|||
|
- CI: bump OpenLDAP package version on FreeBSD
|
|||
|
|
|||
|
The old one is no longer available.
|
|||
|
|
|||
|
Marc Hoersken (7 Oct 2023)
|
|||
|
|
|||
|
- docs/libcurl/opts/Makefile.inc: add missing manpage files
|
|||
|
|
|||
|
Detected with #9532
|
|||
|
|
|||
|
Dan Fandrich (7 Oct 2023)
|
|||
|
|
|||
|
- tests: fix a race condition in ftp server disconnect
|
|||
|
|
|||
|
If a client disconnected and reconnected quickly, before the ftp server
|
|||
|
had a chance to respond, the protocol message/ack (ping/pong) sequence
|
|||
|
got out of sync, causing messages sent to the old client to be delivered
|
|||
|
to the new. A disconnect must now be acknowledged and intermediate
|
|||
|
requests thrown out until it is, which ensures that such synchronization
|
|||
|
problems can't occur. This problem could affect ftp, pop3, imap and smtp
|
|||
|
tests.
|
|||
|
|
|||
|
Fixes #12002
|
|||
|
Closes #12049
|
|||
|
|
|||
|
Viktor Szakats (7 Oct 2023)
|
|||
|
|
|||
|
- appveyor: bump mingw-w64 job to gcc 13 (was: 8)
|
|||
|
|
|||
|
This sets gcc 6, 7, 9, 13 in our test mix (was: 6, 7, 8, 9).
|
|||
|
Adding a modern gcc version to the tests.
|
|||
|
|
|||
|
(The gcc 8 job used to take around 50 minutes. The new image with gcc 13
|
|||
|
finished in 32, 35, 34 minutes in the 3 test runs so far.)
|
|||
|
|
|||
|
It also adds a modern CMake version and OS env to our mingw-w64 builds.
|
|||
|
|
|||
|
Closes #12051
|
|||
|
|
|||
|
David Benjamin (6 Oct 2023)
|
|||
|
|
|||
|
- openssl: use X509_ALGOR_get0 instead of reaching into X509_ALGOR
|
|||
|
|
|||
|
While the struct is still public in OpenSSL, there is a (somewhat
|
|||
|
inconvenient) accessor. Use it to remain compatible if it becomes opaque
|
|||
|
in the future.
|
|||
|
|
|||
|
Closes #12038
|
|||
|
|
|||
|
Daniel Stenberg (6 Oct 2023)
|
|||
|
|
|||
|
- curl_easy_pause.3: mention it works within callbacks
|
|||
|
|
|||
|
Reported-by: Maxim Dzhura
|
|||
|
Bug: https://curl.se/mail/lib-2023-10/0010.html
|
|||
|
Closes #12046
|
|||
|
|
|||
|
- curl_easy_pause.3: mention h2/h3 buffering
|
|||
|
|
|||
|
Asked-by: Maxim Dzhura
|
|||
|
Ref: https://curl.se/mail/lib-2023-10/0011.html
|
|||
|
|
|||
|
Closes #12045
|
|||
|
|
|||
|
Viktor Szakats (6 Oct 2023)
|
|||
|
|
|||
|
- cmake: re-add missed C89 headers for specific detections
|
|||
|
|
|||
|
We removed C89 `setjmp.h` and `signal.h` detections and excluded them
|
|||
|
from the global header list we use when detecting functions [1]. Then
|
|||
|
missed to re-add these headers to the specific functions which need
|
|||
|
them to be detected [2]. Fix this omission in this patch.
|
|||
|
|
|||
|
[1] Follow-up to 3795fcde995d96db641ddbcc8a04f9f0f03bef9f #11951
|
|||
|
[2] Follow-up to 96c29900bcec32dd6bc8e9857c8871ff4b8b8ed9 #11940
|
|||
|
|
|||
|
Closes #12043
|
|||
|
|
|||
|
Daniel Stenberg (6 Oct 2023)
|
|||
|
|
|||
|
- multi: set CURLM_CALL_MULTI_PERFORM after switch to DOING_MORE
|
|||
|
|
|||
|
Since there is nothing to wait for there. Avoids the test 1233 hang
|
|||
|
reported in #12033.
|
|||
|
|
|||
|
Reported-by: Dan Fandrich
|
|||
|
Closes #12042
|
|||
|
|
|||
|
Dan Fandrich (5 Oct 2023)
|
|||
|
|
|||
|
- test1903: actually verify the cookies after the test
|
|||
|
|
|||
|
The test otherwise could do just about anything (except leak memory in
|
|||
|
debug mode) and its bad behaviour wouldn't be detected. Now, check the
|
|||
|
resulting cookie file to ensure the cookies are still there.
|
|||
|
|
|||
|
Closes #12041
|
|||
|
|
|||
|
- test: add missing <feature>s
|
|||
|
|
|||
|
The tests will otherwise fail if curl has them disabled.
|
|||
|
|
|||
|
- test1906: set a lower timeout since it's hit on Windows
|
|||
|
|
|||
|
msys2 builds actually hit the connect timeout in normal operation, so
|
|||
|
lower the timeout from 5 minutes to 5 seconds to reduce test time.
|
|||
|
|
|||
|
Ref: #11328
|
|||
|
Closes #12036
|
|||
|
|
|||
|
Daniel Stenberg (5 Oct 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Jay Satiro (5 Oct 2023)
|
|||
|
|
|||
|
- idn: fix WinIDN null ptr deref on bad host
|
|||
|
|
|||
|
- Return CURLE_URL_MALFORMAT if IDN hostname cannot be converted from
|
|||
|
UTF-8 to UTF-16.
|
|||
|
|
|||
|
Prior to this change a failed conversion erroneously returned CURLE_OK
|
|||
|
which meant 'decoded' pointer (what would normally point to the
|
|||
|
punycode) would not be written to, remain NULL and be dereferenced
|
|||
|
causing an access violation.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11983
|
|||
|
|
|||
|
Dan Fandrich (4 Oct 2023)
|
|||
|
|
|||
|
- tests: close the shell used to start sshd
|
|||
|
|
|||
|
This shell isn't needed once sshd starts, so use "exec" so it doesn't
|
|||
|
stick around.
|
|||
|
|
|||
|
Closes #12032
|
|||
|
|
|||
|
Daniel Stenberg (4 Oct 2023)
|
|||
|
|
|||
|
- base64: also build for curl
|
|||
|
|
|||
|
Since the tool itself now uses the base64 code using the curlx way, it
|
|||
|
needs to build also when the tool needs it. Starting now, the tool build
|
|||
|
defines BULDING_CURL to allow lib-side code to use it.
|
|||
|
|
|||
|
Follow-up to 2e160c9c6525
|
|||
|
|
|||
|
Closes #12010
|
|||
|
|
|||
|
Eduard Strehlau (4 Oct 2023)
|
|||
|
|
|||
|
- tests: Fix zombie processes left behind by FTP tests.
|
|||
|
|
|||
|
ftpserver.pl correctly cleans up spawned server processes,
|
|||
|
but forgets to wait for the shell used to spawn them.
|
|||
|
This is barely noticeable during a normal testrun,
|
|||
|
but causes process exhaustion and test failure
|
|||
|
during a complete torture run of the FTP tests.
|
|||
|
|
|||
|
Fixes #12018
|
|||
|
Closes #12020
|
|||
|
|
|||
|
Dan Fandrich (4 Oct 2023)
|
|||
|
|
|||
|
- github/labeler: improve labeler matches
|
|||
|
|
|||
|
- test574: add a timeout to the test
|
|||
|
|
|||
|
This one hangs occasionally, so this will speed up a test run and allow
|
|||
|
logs to be seen when it does.
|
|||
|
|
|||
|
Closes #12025
|
|||
|
|
|||
|
- tests: propagate errors in libtests
|
|||
|
|
|||
|
Use the test macros to automatically propagate some errors, and check
|
|||
|
and log others while running the tests. This can help in debugging
|
|||
|
exactly why a test has failed.
|
|||
|
|
|||
|
- tests: set --expect100-timeout to improve test reliability
|
|||
|
|
|||
|
On an overloaded server, the default 1 second timeout can go by without
|
|||
|
the test server having a chance to respond with the expected headers,
|
|||
|
causing tests to fail. Increase the 1 second timeout to 99 seconds so
|
|||
|
this failure mode is no longer a problem on test 1129. Some other tests
|
|||
|
already set a high value, but make them consistently 99 seconds so if
|
|||
|
something goes wrong the test is stalled for less time.
|
|||
|
|
|||
|
Ref: #11328
|
|||
|
|
|||
|
- CI: ignore the "flaky" and "timing-dependent" test results in CMake
|
|||
|
|
|||
|
This was already done for automake builds but CMake builds were missed.
|
|||
|
Test 1086 actually causes the test harness to crash with:
|
|||
|
|
|||
|
Warning: unable to close filehandle DWRITE properly: Broken pipe at C:/projec
|
|||
|
ts/curl/tests/ftpserver.pl line 527
|
|||
|
|
|||
|
Rather than fix it now, this change leaves test 1086 entirely skipped on
|
|||
|
those builds that show this problem.
|
|||
|
|
|||
|
Follow-up to 589dca761
|
|||
|
|
|||
|
Ref: #11865
|
|||
|
|
|||
|
Viktor Szakats (4 Oct 2023)
|
|||
|
|
|||
|
- cmake: improve OpenLDAP builds
|
|||
|
|
|||
|
- cmake: detect OpenLDAP based on function `ldap_init_fd`.
|
|||
|
autotools does this. autotools also publishes this detection result
|
|||
|
in `HAVE_LDAP_INIT_FD`. We don't mimic that with CMake as the source
|
|||
|
doesn't use this value. (it might need to be remove-listed in
|
|||
|
`scripts/cmp-config.pl` for future OpenLDAP test builds.)
|
|||
|
This also deletes existing self-declaration method via the
|
|||
|
CMake-specific `CURL_USE_OPENLDAP` configuration.
|
|||
|
|
|||
|
- cmake: define `LDAP_DEPRECATED=1` for OpenLDAP.
|
|||
|
Like autotools does. This fixes a long list of these warnings:
|
|||
|
```
|
|||
|
/usr/local/opt/openldap/include/ldap.h:1049:5: warning: 'LDAP_DEPRECATED' i
|
|||
|
s not defined, evaluates to 0 [-Wundef]
|
|||
|
```
|
|||
|
|
|||
|
- cmake: delete LDAP TODO comment no longer relevant.
|
|||
|
|
|||
|
Also:
|
|||
|
|
|||
|
- autotools: replace domain name `dummy` with `0.0.0.0` in LDAP feature
|
|||
|
detection functions.
|
|||
|
|
|||
|
Ref: #11964 (effort to sync cmake detections with autotools)
|
|||
|
|
|||
|
Closes #12024
|
|||
|
|
|||
|
- cmake: fix unity builds for more build combinations
|
|||
|
|
|||
|
By using unique static function/variable names in source files
|
|||
|
implementing these interfaces.
|
|||
|
|
|||
|
- OpenLDAP combined with any SSH backend.
|
|||
|
|
|||
|
- MultiSSL with mbedTLS, OpenSSL, wolfSSL, SecureTransport.
|
|||
|
|
|||
|
Closes #12027
|
|||
|
|
|||
|
Daniel Stenberg (4 Oct 2023)
|
|||
|
|
|||
|
- tests: remove leading spaces from some tags
|
|||
|
|
|||
|
The threee tags `<name>`, `</name>` and `<command>` were frequently used
|
|||
|
with a leading space that this removes. The reason this habbit is so
|
|||
|
widespread in testcases is probably that they have been copy and pasted.
|
|||
|
|
|||
|
Hence, fixing them all now might curb this practice from now on.
|
|||
|
|
|||
|
Closes #12028
|
|||
|
|
|||
|
Viktor Szakats (4 Oct 2023)
|
|||
|
|
|||
|
- GHA: bump actions/checkout
|
|||
|
|
|||
|
Follow-up to 2e0fa50fc16b9339f51e0a7bfff0352829323acb #11964
|
|||
|
Follow-up to c39585d9b7ef3cbfc1380812dec60e7b275b6af3 #12000
|
|||
|
|
|||
|
Closes #12023
|
|||
|
|
|||
|
- spelling: fix codespell 2.2.6 typos
|
|||
|
|
|||
|
Closes #12019
|
|||
|
|
|||
|
Daniel Stenberg (3 Oct 2023)
|
|||
|
|
|||
|
- GHA: add workflow to compare configure vs cmake outputs
|
|||
|
|
|||
|
Uses scripts/cmp-config.pl two compare two curl_config.h files,
|
|||
|
presumbly generated with configure and cmake. It displays the
|
|||
|
differences and filters out a lot of known lines we ignore.
|
|||
|
|
|||
|
The script also shows the matches that were *not* used. Possibly
|
|||
|
subjects for removal.
|
|||
|
|
|||
|
Closes #11964
|
|||
|
|
|||
|
- appveyor: enable test 571
|
|||
|
|
|||
|
Follow-up from 8a940fd55c175f7 / #12013
|
|||
|
|
|||
|
Closes #12017
|
|||
|
|
|||
|
Viktor Szakats (3 Oct 2023)
|
|||
|
|
|||
|
- build: alpha-sort source files for lib and src
|
|||
|
|
|||
|
Closes #12014
|
|||
|
|
|||
|
- cmake: delete old `HAVE_LDAP_URL_PARSE` logic
|
|||
|
|
|||
|
Left there by accident after adding proper detection for this.
|
|||
|
|
|||
|
Follow-up to 772f0d8edf1c3c2745543f42388ccec5a16ee2c0 #12006
|
|||
|
|
|||
|
Ref: #11964 (effort to sync cmake detections with autotools)
|
|||
|
|
|||
|
Closes #12015
|
|||
|
|
|||
|
Stefan Eissing (3 Oct 2023)
|
|||
|
|
|||
|
- tests: increase lib571 timeout from 3s to 30s
|
|||
|
|
|||
|
- 3s is too short for our CI, making this test fail occasionally
|
|||
|
- test usually experiences no delay run locally, so 30s wont hurt
|
|||
|
|
|||
|
Closes #12013
|
|||
|
|
|||
|
Viktor Szakats (3 Oct 2023)
|
|||
|
|
|||
|
- cmake: fix unity with Windows Unicode + TrackMemory
|
|||
|
|
|||
|
Found the root cause of the startup crash in unity builds with Unicode
|
|||
|
and TrackMemory enabled at the same time.
|
|||
|
|
|||
|
We must make sure that the `memdebug.h` header doesn't apply to
|
|||
|
`lib/curl_multibyte.c` (as even noted in a comment there.) In unity
|
|||
|
builds all headers apply to all sources, including `curl_multibyte.c`.
|
|||
|
This probably resulted in an infinite loop on startup.
|
|||
|
|
|||
|
Exclude this source from unity compilation with TrackMemory enabled,
|
|||
|
in both libcurl and curl tool. Enable unity mode for a debug Unicode
|
|||
|
CI job to keep it tested. Also delete the earlier workaround that
|
|||
|
fully disabled unity for affected builds.
|
|||
|
|
|||
|
Follow-up to d82b080f6374433ce7c98241329189ad2d3976f8 #12005
|
|||
|
Follow-up to 3f8fc25720900b14b7432f4bd93407ca15311719 #11095
|
|||
|
|
|||
|
Closes #11928
|
|||
|
|
|||
|
- cmake: disable unity mode with Windows Unicode + TrackMemory
|
|||
|
|
|||
|
"TrackMemory" is `ENABLE_DEBUG=ON` (aka `ENABLE_CURLDEBUG=ON`,
|
|||
|
aka `-DCURLDEBUG`).
|
|||
|
|
|||
|
There is an issue with memory tracking and Unicode when built in "unity"
|
|||
|
mode, which results in the curl tool crashing right on startup, even
|
|||
|
without any command-line option. Interestingly this doesn't happen under
|
|||
|
WINE (at least on the system I tested this on), but consistenly happens
|
|||
|
on real Windows machines. Crash is 0xC0000374 heap corruption. Both
|
|||
|
shared and static curl executables are affected.
|
|||
|
|
|||
|
This limitation probably won't hit too many people, but it remains
|
|||
|
a TODO to find and fix the root cause and drop this workaround.
|
|||
|
|
|||
|
Example builds and runs:
|
|||
|
https://ci.appveyor.com/project/curlorg/curl/builds/48169111/job/17cptxhtpubd
|
|||
|
7iwj#L313 (static)
|
|||
|
https://ci.appveyor.com/project/curlorg/curl/builds/48169111/job/76e1ge758tby
|
|||
|
qu9c#L317 (shared)
|
|||
|
|
|||
|
Follow-up to 3f8fc25720900b14b7432f4bd93407ca15311719 #11095
|
|||
|
|
|||
|
Ref: #11928
|
|||
|
Closes #12005
|
|||
|
|
|||
|
- cmake: tidy-up `NOT_NEED_LBER_H` detection
|
|||
|
|
|||
|
Follow-up to 772f0d8edf1c3c2745543f42388ccec5a16ee2c0 #12006
|
|||
|
|
|||
|
- appveyor: rewrite batch in PowerShell + CI improvements
|
|||
|
|
|||
|
1. Rewrite in PowerShell:
|
|||
|
|
|||
|
- rewrite MS-DOS batch build script in PowerShell.
|
|||
|
- move some bash operations into native PowerShell.
|
|||
|
- fixups for PowerShell insisting on failure when a command outputs
|
|||
|
something to stderr.
|
|||
|
- fix to actually run `curl -V` after every build.
|
|||
|
(and exclude ARM64 builds.)
|
|||
|
- also say why we skipped `curl -V` if we had to skip.
|
|||
|
- fix CMake warnings about unused configuration variables, by adapting
|
|||
|
these dynamically for build cases.
|
|||
|
- dedupe OpenSSL path into a variable.
|
|||
|
- disable `test1451` failing with a warning anyway due to missing python
|
|||
|
impacket. (after trying and failing to install impacket)
|
|||
|
PowerShell promotes these warnings to errors by PowerShell. We can also
|
|||
|
suppress they wholesale if they start causing issues in the future,
|
|||
|
like we already to with `autoreconf` and `./configure`.
|
|||
|
|
|||
|
PowerShell is better than MS-DOS batches, so the hope is this makes it
|
|||
|
easier to extend and maintain the AppVeyor build logic. POSIX/bash isn't
|
|||
|
supported inline by AppVeyor on Windows build machines, but we are okay
|
|||
|
to keep it in an external script, so it's also an option.
|
|||
|
|
|||
|
2. CI improvements:
|
|||
|
|
|||
|
- enable tests for a "unity" build job.
|
|||
|
- speed-up CI initialization by using shallow clones of the curl repo.
|
|||
|
- speed-up CMake MSVC jobs with `TrackFileAccess=false`.
|
|||
|
- enable parallelism in `VisualStudioSolution` builds.
|
|||
|
- display CMake version before builds.
|
|||
|
- always show the CPU in job names.
|
|||
|
- tell which jobs are build-only in job names.
|
|||
|
- move `TESTING:` value next to `DISABLED_TESTS:` in two jobs.
|
|||
|
- add `config.log` (autotools) to dumped logs (need to enable manually).
|
|||
|
|
|||
|
3. Style:
|
|||
|
|
|||
|
- use single-quotes in YAML like we do in other CI YAML files.
|
|||
|
It also allows to drop quoting characters and lighter to write/read.
|
|||
|
(keep double quotes for PowerShell strings needing expansion.)
|
|||
|
|
|||
|
Closes #11999
|
|||
|
|
|||
|
- cmake: fix `HAVE_LDAP_SSL`, `HAVE_LDAP_URL_PARSE` on non-Windows
|
|||
|
|
|||
|
- set `HAVE_LDAP_URL_PARSE` if `ldap_url_parse` function exists.
|
|||
|
Before this patch we set it based it on the presence of `stricmp`,
|
|||
|
which correctly enabled it on e.g. Windows, but was inaccurate for
|
|||
|
other platforms.
|
|||
|
|
|||
|
- always set `HAVE_LDAP_SSL` if an LDAP backend is detected and
|
|||
|
LDAPS is not explicitly disabled. This mimics autotools behaviour.
|
|||
|
Previously we set it only for Windows LDAP. After this fix, LDAPS is
|
|||
|
correctly enabled in default macOS builds.
|
|||
|
|
|||
|
- enable LDAP[S] for a CMake macOS CI job. Target OS X 10.9 (Mavericks)
|
|||
|
to avoid deprecation warnings for LDAP API.
|
|||
|
|
|||
|
- always detect `HAVE_LDAP_SSL_H`, even with LDAPS explicitly disabled.
|
|||
|
This doesn't make much sense, but let's do it to sync behaviour with
|
|||
|
autotools.
|
|||
|
|
|||
|
- fix benign typo in variable name.
|
|||
|
|
|||
|
Ref: #11964 (effort to sync cmake detections with autotools)
|
|||
|
|
|||
|
Closes #12006
|
|||
|
|
|||
|
- autotools: restore `HAVE_IOCTL_*` detections
|
|||
|
|
|||
|
This restores `CURL_CHECK_FUNC_IOCTL` detection. I deleted it in
|
|||
|
4d73854462f30948acab12984b611e9e33ee41e6 and
|
|||
|
c3456652a0c72d1845d08df9769667db7e159949 (2022-08), because the
|
|||
|
`HAVE_IOCTL` result it generated was unused in the source. But,
|
|||
|
I did miss the fact that this had two dependent checks:
|
|||
|
`CURL_CHECK_FUNC_IOCTL_FIONBIO`,
|
|||
|
`CURL_CHECK_FUNC_IOCTL_SIOCGIFADDR` that we do actually need:
|
|||
|
`HAVE_IOCTL_FIONBIO`, `HAVE_IOCTL_SIOCGIFADDR`.
|
|||
|
|
|||
|
Regression from 4d73854462f30948acab12984b611e9e33ee41e6
|
|||
|
|
|||
|
Ref: #11964 (effort to sync cmake detections with autotools)
|
|||
|
|
|||
|
Closes #12008
|
|||
|
|
|||
|
Daniel Stenberg (2 Oct 2023)
|
|||
|
|
|||
|
- RELEASE-PROCEDURE.md: updated coming release dates
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Viktor Szakats (1 Oct 2023)
|
|||
|
|
|||
|
- cmake: pre-cache `HAVE_POLL_FINE` on Windows
|
|||
|
|
|||
|
Windows doesn't support `poll()`, so we can safely skip checking for
|
|||
|
fine poll.
|
|||
|
|
|||
|
Closes #12003
|
|||
|
|
|||
|
- gha: bump actions to latest versions
|
|||
|
|
|||
|
- actions@checkout@v4 (from v3 and v2)
|
|||
|
|
|||
|
- fsfe/reuse-action@v2 (from v1)
|
|||
|
|
|||
|
Closes #12000
|
|||
|
|
|||
|
Stefan Eissing (30 Sep 2023)
|
|||
|
|
|||
|
- h2: testcase and fix for pausing h2 streams
|
|||
|
|
|||
|
- refs #11982 where it was noted that paused transfers may
|
|||
|
close successfully without delivering the complete data
|
|||
|
- made sample poc into tests/http/client/h2-pausing.c and
|
|||
|
added test_02_27 to reproduce
|
|||
|
|
|||
|
Closes #11989
|
|||
|
Fixes #11982
|
|||
|
Reported-by: Harry Sintonen
|
|||
|
|
|||
|
Viktor Szakats (30 Sep 2023)
|
|||
|
|
|||
|
- cmake: validate `CURL_DEFAULT_SSL_BACKEND` config value
|
|||
|
|
|||
|
Before this patch CMake builds accepted any value and it was used at
|
|||
|
runtime as-is. This patch make sure that the selected default backend
|
|||
|
is also enabled in the build. It also enforces a full lowercase value.
|
|||
|
|
|||
|
This improves reproducibility and brings CMake in sync with autotools
|
|||
|
which already worked like described above.
|
|||
|
|
|||
|
Follow-up to 26c7feb8b9d51a57fab3325571b4bbfa03b11af0 #11774
|
|||
|
|
|||
|
Closes #11998
|
|||
|
|
|||
|
- autotools: adjust `CURL_CA_PATH` value to CMake
|
|||
|
|
|||
|
autotools was using the same value as CMake, but with an ending
|
|||
|
slash. Delete the ending slash to match configurations.
|
|||
|
|
|||
|
Ref: #11964 (effort to sync cmake detections with autotools)
|
|||
|
|
|||
|
Closes #11997
|
|||
|
|
|||
|
- cmake: detect `sys/wait.h` and `netinet/udp.h`
|
|||
|
|
|||
|
Ref: #11964 (effort to sync cmake detections with autotools)
|
|||
|
|
|||
|
Closes #11996
|
|||
|
|
|||
|
Daniel Stenberg (30 Sep 2023)
|
|||
|
|
|||
|
- lib: provide and use Curl_hexencode
|
|||
|
|
|||
|
Generates a lower case ASCII hex output from a binary input.
|
|||
|
|
|||
|
Closes #11990
|
|||
|
|
|||
|
- configure: check for the capath by default
|
|||
|
|
|||
|
... if the chosen TLS backend supports it: OpenSSL, GnuTLS, mbedTLS or wolfSS
|
|||
|
L
|
|||
|
|
|||
|
cmake: synced
|
|||
|
|
|||
|
Assisted-by: Viktor Szakats
|
|||
|
Closes #11987
|
|||
|
|
|||
|
- wolfssl: ignore errors in CA path
|
|||
|
|
|||
|
The default wolfSSL_CTX_load_verify_locations() function is quite picky
|
|||
|
with the certificates it loads and will for example return error if just
|
|||
|
one of the certs has expired.
|
|||
|
|
|||
|
With the *_ex() function and its WOLFSSL_LOAD_FLAG_IGNORE_ERR flag, it
|
|||
|
behaves more similar to what OpenSSL does by default.
|
|||
|
|
|||
|
Even the set of default certs on my Debian unstable has several expired
|
|||
|
ones.
|
|||
|
|
|||
|
Assisted-by: Juliusz Sosinowicz
|
|||
|
Assisted-by: Michael Osipov
|
|||
|
|
|||
|
Closes #11987
|
|||
|
|
|||
|
- create-dirs.d: clarify it also uses --output-dirs
|
|||
|
|
|||
|
Reported-by: Robert Simpson
|
|||
|
Fixes #11991
|
|||
|
Closes #11995
|
|||
|
|
|||
|
Viktor Szakats (30 Sep 2023)
|
|||
|
|
|||
|
- appveyor: fix yamlint issues, indent
|
|||
|
|
|||
|
Also:
|
|||
|
- use double quotes in all batch if statements.
|
|||
|
|
|||
|
Closes #11994
|
|||
|
|
|||
|
- cmake: detect `HAVE_CLOCK_GETTIME_MONOTONIC_RAW`
|
|||
|
|
|||
|
Based on existing autotools logic.
|
|||
|
|
|||
|
Ref: #11964 (effort to sync cmake detections with autotools)
|
|||
|
|
|||
|
Closes #11981
|
|||
|
|
|||
|
- cmake: detect `HAVE_GETADDRINFO_THREADSAFE`
|
|||
|
|
|||
|
Based on existing autotools logic.
|
|||
|
|
|||
|
autotools checks for old versions of the allowlisted target OSes and
|
|||
|
disables this feature when seeing them. In CMake we assume we're running
|
|||
|
on newer systems and enable regardless of OS version.
|
|||
|
|
|||
|
autotools always runs all 3 probes for non-fast-tracked systems and
|
|||
|
enables this feature if any one of them was successful. To save
|
|||
|
configuration time, CMake stops at the first successful check.
|
|||
|
|
|||
|
OpenBSD is not fast-tracked and then gets blocklisted as a generic BSD
|
|||
|
system. I haven't double-checked if this is correct, but looks odd.
|
|||
|
|
|||
|
Ref: #11964 (effort to sync cmake detections with autotools)
|
|||
|
|
|||
|
Closes #11979
|
|||
|
|
|||
|
- cmake: fix `HAVE_WRITABLE_ARGV` detection
|
|||
|
|
|||
|
Move detection before the creation of detection results in
|
|||
|
`curl_config.h`.
|
|||
|
|
|||
|
Ref: #11964 (effort to sync cmake detections with autotools)
|
|||
|
|
|||
|
Closes #11978
|
|||
|
|
|||
|
- appveyor: minor improvements
|
|||
|
|
|||
|
- run `curl -V` after builds to see if they run and with what features.
|
|||
|
Except for one job where a CRT DLL is missing. And ARM64 which should
|
|||
|
fail, but is silently not launched instead.
|
|||
|
|
|||
|
- copy libcurl DLL next to curl tool and tests binaries in shared mode.
|
|||
|
This makes it possible to run the tests. (We don't run tests after
|
|||
|
these builds yet.)
|
|||
|
|
|||
|
- list the DLLs and EXEs present after the builds.
|
|||
|
|
|||
|
- add `DEBUG` variable for CMake builds to allow disabling it, for
|
|||
|
testing non-debug builds. (currently enabled for all)
|
|||
|
|
|||
|
- add commented lines that dump CMake configuration logs for debugging
|
|||
|
build/auto-detection issues.
|
|||
|
|
|||
|
- add gcc version to jobs where missing.
|
|||
|
|
|||
|
- switch a job to the native MSYS2 mingw-w64 toolchain. This adds gcc 9
|
|||
|
to the build mix.
|
|||
|
|
|||
|
- make `SHARED=OFF` and `OPENSSL=OFF` defaults global.
|
|||
|
|
|||
|
- delete a duplicate backslash.
|
|||
|
|
|||
|
Closes #11976
|
|||
|
|
|||
|
- configure: replace adhoc domain with `localhost` in tests
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #11988
|
|||
|
|
|||
|
- tidy-up: use more example domains
|
|||
|
|
|||
|
Also make use of the example TLD:
|
|||
|
https://en.wikipedia.org/wiki/.example
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #11992
|
|||
|
|
|||
|
Dan Fandrich (29 Sep 2023)
|
|||
|
|
|||
|
- runtests: display the test status if tests appear hung
|
|||
|
|
|||
|
It sometimes happens that a test hangs during a test run and never
|
|||
|
returns. The test harness will wait indefinitely for the results and on
|
|||
|
CI servers the CI job will eventually be killed after an hour or two.
|
|||
|
At the end of a test run, if results haven't come in within a couple of
|
|||
|
minutes, display the status of all test runners and what tests they're
|
|||
|
running to help in debugging the problem.
|
|||
|
|
|||
|
This feature is really only kick in with parallel testing enabled, which
|
|||
|
is fine because without parallel testing it's usually easy to tell what
|
|||
|
test has hung.
|
|||
|
|
|||
|
Closes #11980
|
|||
|
|
|||
|
- github/labeler: remove workaround for labeler
|
|||
|
|
|||
|
This was added due to what seemed to be a bug regarding the sync-labels:
|
|||
|
config option, but it looks like it wasn't necessary.
|
|||
|
|
|||
|
Follow-up to b2b0534e7
|
|||
|
|
|||
|
Viktor Szakats (29 Sep 2023)
|
|||
|
|
|||
|
- docs: upgrade an URL to HTTPS in `BINDINGS.md` [ci skip]
|
|||
|
|
|||
|
Daniel Stenberg (29 Sep 2023)
|
|||
|
|
|||
|
- docs: replace made up domains with example.com
|
|||
|
|
|||
|
in FAQ and MANUAL.md
|
|||
|
|
|||
|
- example.com was made for this purpose.
|
|||
|
|
|||
|
- reduces the risk that one of those domains suddenly start hosting
|
|||
|
something nasty and we provide links to them
|
|||
|
|
|||
|
Closes #11986
|
|||
|
|
|||
|
Michael Osipov (29 Sep 2023)
|
|||
|
|
|||
|
- acinclude.m4: Document proper system truststore on FreeBSD
|
|||
|
|
|||
|
The default system truststore on FreeBSD has been /etc/ssl/certs for many
|
|||
|
years now. It is managed canonically through certctl(8) and contains hashed
|
|||
|
symlinks for OpenSSL and other TLS providers.
|
|||
|
The previous ones require security/ca_root_nss which might not be installed o
|
|||
|
r
|
|||
|
will not contain any custom CA certificates.
|
|||
|
|
|||
|
Closes #11985
|
|||
|
|
|||
|
Daniel Stenberg (29 Sep 2023)
|
|||
|
|
|||
|
- FAQ: How do I upgrade curl.exe in Windows?
|
|||
|
|
|||
|
This is a growing question, better answer it here to get somewhere to
|
|||
|
point users to.
|
|||
|
|
|||
|
Closes #11984
|
|||
|
|
|||
|
Viktor Szakats (28 Sep 2023)
|
|||
|
|
|||
|
- cmake: pre-cache `HAVE_BASENAME` for mingw-w64 and MSVC
|
|||
|
|
|||
|
`basename` is present in mingw-w64, missing from MSVC. Pre-cache
|
|||
|
accordingly to make configure faster.
|
|||
|
|
|||
|
Notice that `basename` has a bug so we later disable it even with
|
|||
|
mingw-w64:
|
|||
|
https://github.com/curl/curl/blob/781242ffa44a9f9b95b6da5ac5a1bf6372ec6257/li
|
|||
|
b/curl_setup.h#L820-L825
|
|||
|
|
|||
|
Closes #11974
|
|||
|
|
|||
|
Daniel Stenberg (28 Sep 2023)
|
|||
|
|
|||
|
- cmake: add missing checks
|
|||
|
|
|||
|
- check for arc4random. To make rand.c use it accordingly.
|
|||
|
- check for fcntl
|
|||
|
- fix fseek detection
|
|||
|
- add SIZEOF_CURL_SOCKET_T
|
|||
|
- fix USE_UNIX_SOCKETS
|
|||
|
- define HAVE_SNPRINTF to 1
|
|||
|
- check for fnmatch
|
|||
|
- check for sched_yield
|
|||
|
- remove HAVE_GETPPID duplicate from curl_config.h
|
|||
|
- add HAVE_SENDMSG
|
|||
|
|
|||
|
Ref: #11964
|
|||
|
|
|||
|
Co-authored-by: Viktor Szakats
|
|||
|
Closes #11973
|
|||
|
|
|||
|
- configure: remove unused checks
|
|||
|
|
|||
|
- for sys/uio.h
|
|||
|
- for fork
|
|||
|
- for connect
|
|||
|
|
|||
|
Ref: #11964
|
|||
|
|
|||
|
Closes #11973
|
|||
|
|
|||
|
- lib: remove TIME_WITH_SYS_TIME
|
|||
|
|
|||
|
It is not used in any code anywhere.
|
|||
|
|
|||
|
Ref: #11964
|
|||
|
Closes #11975
|
|||
|
|
|||
|
- docs: update curl man page references
|
|||
|
|
|||
|
Detected by the manpage-syntax update
|
|||
|
|
|||
|
Closes #11963
|
|||
|
|
|||
|
- manpage-syntax: verify curl man page references
|
|||
|
|
|||
|
1. References to curl symbols are now checked that they indeed exist as
|
|||
|
man pages. This for \f references as well as the names referenced in the
|
|||
|
SEE ALSO section.
|
|||
|
|
|||
|
Allowlist curl.1 since it is not always built in builds
|
|||
|
|
|||
|
2. References to curl symbols that lack section now causes warning, since tha
|
|||
|
t
|
|||
|
will prevent them from getting linked properly
|
|||
|
|
|||
|
3. Check for "bare" references to curl functions and warn, they should be
|
|||
|
references
|
|||
|
|
|||
|
Closes #11963
|
|||
|
|
|||
|
- cmake: add check for suseconds_t
|
|||
|
|
|||
|
And fix the HAVE_LONGLONG define
|
|||
|
|
|||
|
Ref: #11964
|
|||
|
Closes #11977
|
|||
|
|
|||
|
Viktor Szakats (28 Sep 2023)
|
|||
|
|
|||
|
- tidy-up: whitespace fixes
|
|||
|
|
|||
|
Closes #11972
|
|||
|
|
|||
|
- cmake: detect TLS-SRP in OpenSSL/wolfSSL/GnuTLS
|
|||
|
|
|||
|
With new option `CURL_DISABLE_SRP=ON` to force-disable it.
|
|||
|
To match existing option and detection logic in autotools.
|
|||
|
|
|||
|
Also:
|
|||
|
- fix detecting GnuTLS.
|
|||
|
We assume `nettle` as a GnuTLS dependency.
|
|||
|
- add CMake GnuTLS CI job.
|
|||
|
- bump AppVeyor CMake OpenSSL MSVC job to OpenSSL 1.1.1 (from 1.0.2)
|
|||
|
TLS-SRP fails to detect with 1.0.2 due to an OpenSSL header bug.
|
|||
|
- fix compiler warning when building with GnuTLS and disabled TLS-SRP.
|
|||
|
- fix comment typos, whitespace.
|
|||
|
|
|||
|
Ref: #11964
|
|||
|
|
|||
|
Closes #11967
|
|||
|
|
|||
|
- tool: use our own stderr variable
|
|||
|
|
|||
|
Earlier this year we changed our own stderr variable to use the standard
|
|||
|
name `stderr` (to avoid bugs where someone is using `stderr` instead of
|
|||
|
the curl-tool specific variable). This solution needed to override the
|
|||
|
standard `stderr` symbol via the preprocessor. This in turn didn't play
|
|||
|
well with unity builds and caused curl tool to crash or stay silent due
|
|||
|
to an uninitialized stderr. This was a hard to find issue, fixed by
|
|||
|
manually breaking out one file from the unity sources.
|
|||
|
|
|||
|
To avoid two these two tricks, this patch implements a different
|
|||
|
solution: Restore using our own local variable for our stderr output and
|
|||
|
leave `stderr` as-is. To avoid using `stderr` by mistake, add a
|
|||
|
`checksrc` rule (based on logic we already used in lib for `strerror`)
|
|||
|
that detects any `stderr` use in `src` and points to using our own
|
|||
|
variable instead: `tool_stderr`.
|
|||
|
|
|||
|
Follow-up to 06133d3e9b8aeb9e9ca0b3370c246bdfbfc8619e
|
|||
|
Follow-up to 2f17a9b654121dd1ecf4fc043c6d08a9da3522db
|
|||
|
|
|||
|
Closes #11958
|
|||
|
|
|||
|
Loïc Yhuel (28 Sep 2023)
|
|||
|
|
|||
|
- connect: only start the happy eyeballs timer when needed
|
|||
|
|
|||
|
The timeout is only used when there is a second address family, for the
|
|||
|
delayed eyeballer.
|
|||
|
|
|||
|
Closes #11939
|
|||
|
|
|||
|
Daniel Stenberg (28 Sep 2023)
|
|||
|
|
|||
|
- tool_operate: free 'gateway' correctly
|
|||
|
|
|||
|
Pointed out by Coverity. The fix in 93885cf3a8d4e was incomplete.
|
|||
|
|
|||
|
Also removed repeated wording in IPFS related error messages.
|
|||
|
|
|||
|
Closes #11969
|
|||
|
|
|||
|
Stefan Eissing (28 Sep 2023)
|
|||
|
|
|||
|
- lib: move handling of `data->req.writer_stack` into Curl_client_write()
|
|||
|
|
|||
|
- move definitions from content_encoding.h to sendf.h
|
|||
|
- move create/cleanup/add code into sendf.c
|
|||
|
- installed content_encoding writers will always be called
|
|||
|
on Curl_client_write(CLIENTWRITE_BODY)
|
|||
|
- Curl_client_cleanup() frees writers and tempbuffers from
|
|||
|
paused transfers, irregardless of protocol
|
|||
|
|
|||
|
Closes #11908
|
|||
|
|
|||
|
Loïc Yhuel (28 Sep 2023)
|
|||
|
|
|||
|
- multi: round the timeout up to prevent early wakeups
|
|||
|
|
|||
|
Curl_timediff rounds down to the millisecond, so curl_multi_perform can
|
|||
|
be called too early, then we get a timeout of 0 and call it again.
|
|||
|
|
|||
|
The code already handled the case of timeouts which expired less than
|
|||
|
1ms in the future. By rounding up, we make sure we will never ask the
|
|||
|
platform to wake up too early.
|
|||
|
|
|||
|
Closes #11938
|
|||
|
|
|||
|
Daniel Stenberg (28 Sep 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: spell out that IPFS is via gateway
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- tool_operate: avoid strlen() -1 on zero length content from file
|
|||
|
|
|||
|
Follow-up to 65b563a96a226649ba12cb1e
|
|||
|
|
|||
|
Closes #11959
|
|||
|
|
|||
|
- tool_operate: fix memory mixups
|
|||
|
|
|||
|
Switch to plain getenv() from curl_getenv() to avoid the allocation and
|
|||
|
having to keep track of which free() or curl_free() that need to be
|
|||
|
used.
|
|||
|
|
|||
|
Coverity found issues and a memory leak.
|
|||
|
|
|||
|
Follow-up to 65b563a96a226649ba12cb1e
|
|||
|
|
|||
|
Closes #11959
|
|||
|
|
|||
|
Viktor Szakats (27 Sep 2023)
|
|||
|
|
|||
|
- curl-functions.m4: fixup recent bad edits
|
|||
|
|
|||
|
Follow-up to 96c29900bcec32dd6bc8e9857c8871ff4b8b8ed9 #11940
|
|||
|
|
|||
|
Closes #11966
|
|||
|
|
|||
|
Daniel Stenberg (27 Sep 2023)
|
|||
|
|
|||
|
- curl-functions.m4: fix include line
|
|||
|
|
|||
|
This made the getaddrinfo detection fail, but we did not spot it in the
|
|||
|
CI because it graciously falled back to using legacy functions instead!
|
|||
|
|
|||
|
Follow-up to 96c29900bcec (#11940)
|
|||
|
|
|||
|
Closes #11965
|
|||
|
|
|||
|
- inet_ntop: add typecast to silence Coverity
|
|||
|
|
|||
|
CID 1024653: Integer handling issues (SIGN_EXTENSION)
|
|||
|
|
|||
|
Suspicious implicit sign extension: "src[i]" with type "unsigned char
|
|||
|
const" (8 bits, unsigned) is promoted in "src[i] << (1 - i % 2 << 3)" to
|
|||
|
type "int" (32 bits, signed), then sign-extended to type "unsigned long"
|
|||
|
(64 bits, unsigned). If "src[i] << (1 - i % 2 << 3)" is greater than
|
|||
|
0x7FFFFFFF, the upper bits of the result will all be 1.
|
|||
|
|
|||
|
111 words[i/2] |= (src[i] << ((1 - (i % 2)) << 3));
|
|||
|
|
|||
|
The value will not be greater than 0x7FFFFFFF so this still cannot
|
|||
|
happen.
|
|||
|
|
|||
|
Also, switch to ints here instead of longs. The values stored are 16 bit
|
|||
|
so at least no need to use 64 bit variables. Also, longs are 32 bit on
|
|||
|
some platforms so this logic still needs to work with 32 bits.
|
|||
|
|
|||
|
Closes #11960
|
|||
|
|
|||
|
- docs: adapt SEE ALSO sections to new requirements
|
|||
|
|
|||
|
To please manpage-syntax.pl used by test 1173
|
|||
|
|
|||
|
Closes #11957
|
|||
|
|
|||
|
- manpage-syntax.pl: verify SEE ALSO syntax
|
|||
|
|
|||
|
- Enforce a single reference per .BR line
|
|||
|
- Skip the quotes around the section number for example (3)
|
|||
|
- Insist on trailing commas on all lines except the last
|
|||
|
- Error on comma on the last SEE ALSO entry
|
|||
|
|
|||
|
- List the entries alpha-sorted, not enforced just recommended
|
|||
|
|
|||
|
Closes #11957
|
|||
|
|
|||
|
- connect: expire the timeout when trying next
|
|||
|
|
|||
|
... so that it gets called again immediately and can continue trying
|
|||
|
addresses to connect to. Otherwise it might unnecessarily wait for a
|
|||
|
while there.
|
|||
|
|
|||
|
Fixes #11920
|
|||
|
Reported-by: Loïc Yhuel
|
|||
|
Closes #11935
|
|||
|
|
|||
|
- http: remove wrong comment for http_should_fail
|
|||
|
|
|||
|
Reported-by: Christian Schmitz
|
|||
|
Ref: #11936
|
|||
|
Closes #11941
|
|||
|
|
|||
|
Dan Fandrich (26 Sep 2023)
|
|||
|
|
|||
|
- tool_setopt: remove unused function tool_setopt_flags
|
|||
|
|
|||
|
This function is identical to tool_setopt_bitmask except that it treats
|
|||
|
the argument as unsigned.
|
|||
|
|
|||
|
Closes #11943
|
|||
|
|
|||
|
Viktor Szakats (26 Sep 2023)
|
|||
|
|
|||
|
- cmake: add feature checks for `memrchr` and `getifaddrs`
|
|||
|
|
|||
|
- `HAVE_MEMRCHR` for `memrchr`.
|
|||
|
- `HAVE_GETIFADDRS` for `getifaddrs`.
|
|||
|
This was present in `lib/curl_config.h.cmake` but missed the detection
|
|||
|
logic.
|
|||
|
|
|||
|
To match existing autotools feature checks.
|
|||
|
|
|||
|
Closes #11954
|
|||
|
|
|||
|
- cmake: move global headers to specific checks
|
|||
|
|
|||
|
Before this patch we added standard headers unconditionally to the
|
|||
|
global list of headers used for feature checks. This is unnecessary
|
|||
|
and also doesn't help CMake 'Generate' performance. This patch moves
|
|||
|
these headers to each feature check where they are actually needed.
|
|||
|
Stop using `stddef.h`, as it seems unnecessary.
|
|||
|
|
|||
|
I've used autotools' `m4/curl-functions.m4` to figure out these
|
|||
|
dependencies.
|
|||
|
|
|||
|
Also delete checking for the C89 standard header `time.h`, that I
|
|||
|
missed in the earlier commit.
|
|||
|
|
|||
|
Ref: 96c29900bcec32dd6bc8e9857c8871ff4b8b8ed9 #11940
|
|||
|
|
|||
|
Closes #11951
|
|||
|
|
|||
|
- src/mkhelp: make generated code pass `checksrc`
|
|||
|
|
|||
|
Closes #11955
|
|||
|
|
|||
|
- tests: show which curl tool `runtests.pl` is using
|
|||
|
|
|||
|
To help debugging when there is issue finding or running it.
|
|||
|
|
|||
|
Closes #11953
|
|||
|
|
|||
|
- CI/azure: make `MAKEFLAGS` global to parallelize all jobs
|
|||
|
|
|||
|
https://dev.azure.com/daniel0244/curl/_build/results?buildId=17528 (before)
|
|||
|
https://dev.azure.com/daniel0244/curl/_build/results?buildId=17545 (after, wi
|
|||
|
th -j3)
|
|||
|
|
|||
|
Closes #11952
|
|||
|
|
|||
|
- CI/azure: migrate old mingw MSYS1 jobs to MSYS2
|
|||
|
|
|||
|
Also delete an accidental variable reference.
|
|||
|
|
|||
|
Follow-up to 38029101e2d78ba125732b3bab6ec267b80a0e72
|
|||
|
|
|||
|
Closes #11945
|
|||
|
|
|||
|
Daniel Stenberg (26 Sep 2023)
|
|||
|
|
|||
|
- docs: add see also curl_multi_get_handles to some man pages
|
|||
|
|
|||
|
Assisted-by: Jay Satiro
|
|||
|
|
|||
|
Closes #11942
|
|||
|
|
|||
|
Viktor Szakats (26 Sep 2023)
|
|||
|
|
|||
|
- cmake: assume `_fseeki64` and no `fseeko` on Windows
|
|||
|
|
|||
|
`_fseeki64` is present in mingw-w64 1.0 (2011-09-26) headers, and
|
|||
|
at least Watcom C 1.9 (2010) headers and MSVS 2008 [1].
|
|||
|
|
|||
|
`fseeko` is not present in any of these.
|
|||
|
|
|||
|
(mingw-w64 1.0 also offers `fseeko64`.)
|
|||
|
|
|||
|
[1] https://github.com/curl/curl/pull/11944#issuecomment-1734995004
|
|||
|
|
|||
|
Follow-up to 9c7165e96a3a9a2d0b7059c87c699b5ca8cdae93 #11918
|
|||
|
|
|||
|
Closes #11950
|
|||
|
|
|||
|
- build: delete checks for C89 standard headers
|
|||
|
|
|||
|
Delete checks and guards for standard C89 headers and assume these are
|
|||
|
available: `stdio.h`, `string.h`, `time.h`, `setjmp.h`, `stdlib.h`,
|
|||
|
`stddef.h`, `signal.h`.
|
|||
|
|
|||
|
Some of these we already used unconditionally, some others we only used
|
|||
|
for feature checks.
|
|||
|
|
|||
|
Follow-up to 9c7165e96a3a9a2d0b7059c87c699b5ca8cdae93 #11918 (for `stdio.h` i
|
|||
|
n CMake)
|
|||
|
|
|||
|
Closes #11940
|
|||
|
|
|||
|
Stefan Eissing (26 Sep 2023)
|
|||
|
|
|||
|
- multiif.h: remove Curl_multi_dump declaration
|
|||
|
|
|||
|
Follow-up to d850eea2 which removed the Curl_multi_dump definition.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11946
|
|||
|
|
|||
|
Jay Satiro (26 Sep 2023)
|
|||
|
|
|||
|
- config-win32: define HAVE__FSEEKI64
|
|||
|
|
|||
|
Follow-up to 9c7165e9 which added an fseeko wrapper to the lib that
|
|||
|
calls _fseeki64 if it is available.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11944
|
|||
|
|
|||
|
- docs: explain how PINNEDPUBLICKEY is independent of VERIFYPEER
|
|||
|
|
|||
|
- Explain that peer verification via CURLOPT_PINNEDPUBLICKEY takes place
|
|||
|
even if peer verification via CURLOPT_SSL_VERIFYPEER is turned off.
|
|||
|
|
|||
|
The behavior is verified by test2048.
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/issues/2935#issuecomment-418371872
|
|||
|
Reported-by: claudiusaiz@users.noreply.github.com
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/discussions/11910
|
|||
|
Reported-by: Hakan Sunay Halil
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11930
|
|||
|
|
|||
|
Stefan Eissing (26 Sep 2023)
|
|||
|
|
|||
|
- openssl: improve ssl shutdown handling
|
|||
|
|
|||
|
- If SSL shutdown is not finished then make an additional call to
|
|||
|
SSL_read to gather additional tracing.
|
|||
|
|
|||
|
- Fix http2 and h2-proxy filters to forward do_close() calls to the next
|
|||
|
filter.
|
|||
|
|
|||
|
For example h2 and SSL shutdown before and after this change:
|
|||
|
|
|||
|
Before:
|
|||
|
|
|||
|
Curl_conn_close -> cf_hc_close -> Curl_conn_cf_discard_chain ->
|
|||
|
ssl_cf_destroy
|
|||
|
|
|||
|
After:
|
|||
|
|
|||
|
Curl_conn_close -> cf_hc_close -> cf_h2_close -> cf_setup_close ->
|
|||
|
ssl_cf_close
|
|||
|
|
|||
|
Note that currently the tracing does not show output on the connection
|
|||
|
closure handle. Refer to discussion in #11878.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/discussions/11878
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11858
|
|||
|
|
|||
|
Loïc Yhuel (26 Sep 2023)
|
|||
|
|
|||
|
- multi: fix small timeouts
|
|||
|
|
|||
|
Since Curl_timediff rounds down to the millisecond, timeouts which
|
|||
|
expire in less than 1ms are considered as outdated and removed from the
|
|||
|
list. We can use Curl_timediff_us instead, big timeouts could saturate
|
|||
|
but this is not an issue.
|
|||
|
|
|||
|
Closes #11937
|
|||
|
|
|||
|
Viktor Szakats (25 Sep 2023)
|
|||
|
|
|||
|
- cmake: fix stderr initialization in unity builds
|
|||
|
|
|||
|
Before this patch, in certain build configurations the curl tool may
|
|||
|
not have displayed anything (debug, macOS), or crashed at startup
|
|||
|
(debug, Windows).
|
|||
|
|
|||
|
Follow-up to 3f8fc25720900b14b7432f4bd93407ca15311719
|
|||
|
Necessary after 2f17a9b654121dd1ecf4fc043c6d08a9da3522db
|
|||
|
|
|||
|
Closes #11929
|
|||
|
|
|||
|
- cmake: fix missing `zlib.h` when compiling `libcurltool`
|
|||
|
|
|||
|
Came up while testing debug/testing build for Windows. I'm not sure why
|
|||
|
it didn't come up in earlier tests with similar config.
|
|||
|
`tool_hugehelp.c` might indeed require `zlib.h` and without linking
|
|||
|
`CURL_LIBS` to the `curltool` target, CMake doesn't seem to add detected
|
|||
|
dependency headers to the compiler command.
|
|||
|
|
|||
|
```
|
|||
|
[ 25%] Building C object src/CMakeFiles/curltool.dir/tool_hugehelp.c.obj
|
|||
|
cd .../curl/bld-cmake-llvm-x64/src && /usr/local/opt/llvm/bin/clang
|
|||
|
--target=x86_64-w64-mingw32 --sysroot=/usr/local/opt/mingw-w64/toolchain-x8
|
|||
|
6_64
|
|||
|
-DCURLDEBUG -DCURL_STATICLIB -DHAVE_CONFIG_H -DUNICODE -DUNITTESTS -D_UNICO
|
|||
|
DE
|
|||
|
-I.../curl/include -I.../curl/lib -I.../curl/bld-cmake-llvm-x64/lib
|
|||
|
-I.../curl/bld-cmake-llvm-x64/include -I.../curl/src -Wno-unused-command-li
|
|||
|
ne-argument
|
|||
|
-D_UCRT -DDEBUGBUILD -DHAS_ALPN -DUSE_MANUAL=1 -fuse-ld=lld -Wl,-s -static
|
|||
|
-libgcc
|
|||
|
-lucrt [...] -O3 -DNDEBUG -municode -MD
|
|||
|
-MT src/CMakeFiles/curltool.dir/tool_hugehelp.c.obj
|
|||
|
-MF CMakeFiles/curltool.dir/tool_hugehelp.c.obj.d
|
|||
|
-o CMakeFiles/curltool.dir/tool_hugehelp.c.obj -c .../curl/bld-cmake-llvm-x
|
|||
|
64/src/tool_hugehelp.c
|
|||
|
.../curl/bld-cmake-llvm-x64/src/tool_hugehelp.c:6:10: fatal error: 'zlib.h' f
|
|||
|
ile not found
|
|||
|
6 | #include <zlib.h>
|
|||
|
| ^~~~~~~~
|
|||
|
```
|
|||
|
|
|||
|
Follow-up to 39e7c22bb459c2e818f079984989a26a09741860
|
|||
|
|
|||
|
Closes #11927
|
|||
|
|
|||
|
- cmake: fix duplicate symbols when linking tests
|
|||
|
|
|||
|
The linker resolves this automatically in non-unity builds. In unity
|
|||
|
builds the linker cannot drop a single object with the duplicates,
|
|||
|
resulting in these errors. The root issue is that we started including
|
|||
|
certain objects both via both libcurlu and libcurltool libs.
|
|||
|
|
|||
|
Regression from 39e7c22bb459c2e818f079984989a26a09741860
|
|||
|
|
|||
|
Windows errors:
|
|||
|
```
|
|||
|
[ 3%] Linking C executable unit1303.exe
|
|||
|
[ 3%] Building C object tests/server/CMakeFiles/rtspd.dir/__/__/lib/curl_mul
|
|||
|
tibyte.c.obj
|
|||
|
../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_convert_UTF8_to_wch
|
|||
|
ar':
|
|||
|
C:/projects/curl/lib/curl_multibyte.c:44: multiple definition of `curlx_conve
|
|||
|
rt_UTF8_to_wchar'
|
|||
|
../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
|
|||
|
c:44: first defined here
|
|||
|
../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_convert_wchar_to_UT
|
|||
|
F8':
|
|||
|
C:/projects/curl/lib/curl_multibyte.c:66: multiple definition of `curlx_conve
|
|||
|
rt_wchar_to_UTF8'
|
|||
|
../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
|
|||
|
c:66: first defined here
|
|||
|
../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_win32_open':
|
|||
|
C:/projects/curl/lib/curl_multibyte.c:92: multiple definition of `curlx_win32
|
|||
|
_open'
|
|||
|
../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
|
|||
|
c:92: first defined here
|
|||
|
../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_win32_fopen':
|
|||
|
C:/projects/curl/lib/curl_multibyte.c:120: multiple definition of `curlx_win3
|
|||
|
2_fopen'
|
|||
|
../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
|
|||
|
c:120: first defined here
|
|||
|
../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_win32_stat':
|
|||
|
[...]
|
|||
|
```
|
|||
|
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/48110107/job/nvlhpt9
|
|||
|
aa4ehny5q#L247
|
|||
|
|
|||
|
macOS errors:
|
|||
|
```
|
|||
|
[ 56%] Linking C executable unit1302
|
|||
|
duplicate symbol '_curlx_sotouz' in:
|
|||
|
../../lib/libcurlu.a(unity_0_c.c.o)
|
|||
|
../../src/libcurltool.a(unity_0_c.c.o)
|
|||
|
duplicate symbol '_curlx_sitouz' in:
|
|||
|
../../lib/libcurlu.a(unity_0_c.c.o)
|
|||
|
../../src/libcurltool.a(unity_0_c.c.o)
|
|||
|
duplicate symbol '_curlx_uztosz' in:
|
|||
|
../../lib/libcurlu.a(unity_0_c.c.o)
|
|||
|
../../src/libcurltool.a(unity_0_c.c.o)
|
|||
|
[...]
|
|||
|
```
|
|||
|
with config:
|
|||
|
```
|
|||
|
-DCMAKE_UNITY_BUILD=ON \
|
|||
|
-DENABLE_DEBUG=ON -DBUILD_TESTING=ON -DCMAKE_C_FLAGS=-DDEBUGBUILD \
|
|||
|
-DBUILD_SHARED_LIBS=ON \
|
|||
|
-DBUILD_STATIC_LIBS=OFF
|
|||
|
```
|
|||
|
|
|||
|
Closes #11926
|
|||
|
|
|||
|
- cmake: lib `CURL_STATICLIB` fixes (Windows)
|
|||
|
|
|||
|
- always define `CURL_STATICLIB` when building libcurl for Windows.
|
|||
|
|
|||
|
This disables `__declspec(dllexport)` for exported libcurl symbols.
|
|||
|
In normal mode (hide symbols) these exported symbols are specified
|
|||
|
via `libcurl.def`. When not hiding symbols, all symbols are exported
|
|||
|
by default.
|
|||
|
|
|||
|
Regression from 1199308dbc902c52be67fc805c72dd2582520d30
|
|||
|
|
|||
|
Fixes #11844
|
|||
|
|
|||
|
- fix to omit `libcurl.def` when not hiding private symbols.
|
|||
|
|
|||
|
Regression from 2ebc74c36a19a1700af394c16855ce144d9878e3
|
|||
|
|
|||
|
- fix `ENABLED_DEBUG=ON` + shared curl tool Windows builds by also
|
|||
|
omitting `libcurl.def` in this case, and exporting all symbols
|
|||
|
instead. This ensures that a shared curl tool can access all debug
|
|||
|
functions which are not normally exported from libcurl DLL.
|
|||
|
|
|||
|
- delete `INTERFACE_COMPILE_DEFINITIONS "CURL_STATICLIB"` for "objects"
|
|||
|
target.
|
|||
|
|
|||
|
Follow-up to 2ebc74c36a19a1700af394c16855ce144d9878e3
|
|||
|
|
|||
|
- delete duplicate `BUILDING_LIBCURL` definitions.
|
|||
|
|
|||
|
- fix `HIDES_CURL_PRIVATE_SYMBOLS` to not overwrite earlier build settings.
|
|||
|
|
|||
|
Follow-up to 1199308dbc902c52be67fc805c72dd2582520d30
|
|||
|
|
|||
|
Closes #11914
|
|||
|
|
|||
|
Daniel Stenberg (25 Sep 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Dan Fandrich (25 Sep 2023)
|
|||
|
|
|||
|
- tests: fix log directory path in IPFS tests
|
|||
|
|
|||
|
Hard-coding the log directory name fails with parallel tests.
|
|||
|
|
|||
|
Follow-up to 65b563a96
|
|||
|
|
|||
|
Ref: #8805
|
|||
|
|
|||
|
Daniel Stenberg (25 Sep 2023)
|
|||
|
|
|||
|
- curl_multi_get_handles: get easy handles from a multi handle
|
|||
|
|
|||
|
Closes #11750
|
|||
|
|
|||
|
Stefan Eissing (25 Sep 2023)
|
|||
|
|
|||
|
- http: h1/h2 proxy unification
|
|||
|
|
|||
|
- use shared code for setting up the CONNECT request
|
|||
|
when tunneling, used in HTTP/1.x and HTTP/2 proxying
|
|||
|
- eliminate use of Curl_buffer_send() and other manipulations
|
|||
|
of `data->req` or `data->state.ulbuf`
|
|||
|
|
|||
|
Closes #11808
|
|||
|
|
|||
|
Natanael Copa (25 Sep 2023)
|
|||
|
|
|||
|
- lib: use wrapper for curl_mime_data fseek callback
|
|||
|
|
|||
|
fseek uses long offset which does not match with curl_off_t. This leads
|
|||
|
to undefined behavior when calling the callback and caused failure on
|
|||
|
arm 32 bit.
|
|||
|
|
|||
|
Use a wrapper to solve this and use fseeko which uses off_t instead of
|
|||
|
long.
|
|||
|
|
|||
|
Thanks to the nice people at Libera IRC #musl for helping finding this
|
|||
|
out.
|
|||
|
|
|||
|
Fixes #11882
|
|||
|
Fixes #11900
|
|||
|
Closes #11918
|
|||
|
|
|||
|
- configure: sort AC_CHECK_FUNCS
|
|||
|
|
|||
|
No functional changes.
|
|||
|
|
|||
|
Daniel Stenberg (25 Sep 2023)
|
|||
|
|
|||
|
- warnless: remove unused functions
|
|||
|
|
|||
|
Previously put there for use with the intel compiler
|
|||
|
|
|||
|
Closes #11932
|
|||
|
|
|||
|
- GHA/linux: run singleuse to detect single-use global functions
|
|||
|
|
|||
|
Use --unit for configure --enable-debug builds
|
|||
|
|
|||
|
Closes #11932
|
|||
|
|
|||
|
- singleuse: add scan for use in other source codes
|
|||
|
|
|||
|
This should reduce false-positive to almost zero. Checks for presence in
|
|||
|
unit tests if --unit is specified, which is intended for debug builds
|
|||
|
where unit testing is enabled.
|
|||
|
|
|||
|
Closes #11932
|
|||
|
|
|||
|
- multi: remove Curl_multi_dump
|
|||
|
|
|||
|
A debug-only function that is basically never used. Removed to ease the
|
|||
|
use of the singleuse script to detect non-static functions not used
|
|||
|
outside the file where it is defined.
|
|||
|
|
|||
|
Closes #11931
|
|||
|
|
|||
|
Viktor Szakats (24 Sep 2023)
|
|||
|
|
|||
|
- tests: fix compiler warnings
|
|||
|
|
|||
|
Seen with llvm 17 on Windows x64.
|
|||
|
|
|||
|
```
|
|||
|
.../curl/tests/server/rtspd.c:136:13: warning: no previous extern declaration
|
|||
|
for non-static variable 'logdir' [-Wmissing-variable-declarations]
|
|||
|
136 | const char *logdir = "log";
|
|||
|
| ^
|
|||
|
.../curl/tests/server/rtspd.c:136:7: note: declare 'static' if the variable i
|
|||
|
s not intended to be used outside of this translation unit
|
|||
|
136 | const char *logdir = "log";
|
|||
|
| ^
|
|||
|
.../curl/tests/server/rtspd.c:137:6: warning: no previous extern declaration
|
|||
|
for non-static variable 'loglockfile' [-Wmissing-variable-declarations]
|
|||
|
137 | char loglockfile[256];
|
|||
|
| ^
|
|||
|
.../curl/tests/server/rtspd.c:137:1: note: declare 'static' if the variable i
|
|||
|
s not intended to be used outside of this translation unit
|
|||
|
137 | char loglockfile[256];
|
|||
|
| ^
|
|||
|
.../curl/tests/server/fake_ntlm.c:43:13: warning: no previous extern declarat
|
|||
|
ion for non-static variable 'logdir' [-Wmissing-variable-declarations]
|
|||
|
43 | const char *logdir = "log";
|
|||
|
| ^
|
|||
|
.../curl/tests/server/fake_ntlm.c:43:7: note: declare 'static' if the variabl
|
|||
|
e is not intended to be used outside of this translation unit
|
|||
|
43 | const char *logdir = "log";
|
|||
|
| ^
|
|||
|
.../curl/src/tool_doswin.c:350:8: warning: possible misuse of comma operator
|
|||
|
here [-Wcomma]
|
|||
|
350 | ++d, ++s;
|
|||
|
| ^
|
|||
|
.../curl/src/tool_doswin.c:350:5: note: cast expression to void to silence wa
|
|||
|
rning
|
|||
|
350 | ++d, ++s;
|
|||
|
| ^~~
|
|||
|
| (void)( )
|
|||
|
```
|
|||
|
|
|||
|
```
|
|||
|
.../curl/tests/libtest/lib540.c:146:27: warning: result of comparison 'long'
|
|||
|
> 2147483647 is always false [-Wtautological-type-limit-compare]
|
|||
|
146 | int itimeout = (L > (long)INT_MAX) ? INT_MAX : (int)L;
|
|||
|
| ~ ^ ~~~~~~~~~~~~~
|
|||
|
1 warning generated.
|
|||
|
|
|||
|
.../curl/tests/libtest/libntlmconnect.c:195:31: warning: result of comparison
|
|||
|
'long' > 2147483647 is always false [-Wtautological-type-limit-compare]
|
|||
|
195 | int itimeout = (timeout > (long)INT_MAX) ? INT_MAX : (int)timeo
|
|||
|
ut;
|
|||
|
| ~~~~~~~ ^ ~~~~~~~~~~~~~
|
|||
|
1 warning generated.
|
|||
|
|
|||
|
.../curl/tests/libtest/lib591.c:117:31: warning: result of comparison 'long'
|
|||
|
> 2147483647 is always false [-Wtautological-type-limit-compare]
|
|||
|
117 | int itimeout = (timeout > (long)INT_MAX) ? INT_MAX : (int)timeo
|
|||
|
ut;
|
|||
|
| ~~~~~~~ ^ ~~~~~~~~~~~~~
|
|||
|
1 warning generated.
|
|||
|
.../curl/tests/libtest/lib597.c:99:31: warning: result of comparison 'long' >
|
|||
|
2147483647 is always false [-Wtautological-type-limit-compare]
|
|||
|
99 | int itimeout = (timeout > (long)INT_MAX) ? INT_MAX : (int)timeo
|
|||
|
ut;
|
|||
|
| ~~~~~~~ ^ ~~~~~~~~~~~~~
|
|||
|
1 warning generated.
|
|||
|
```
|
|||
|
|
|||
|
Seen on macOS Intel:
|
|||
|
```
|
|||
|
.../curl/tests/server/sws.c:440:64: warning: field precision should have type
|
|||
|
'int', but argument has type 'size_t' (aka 'unsigned long') [-Wformat]
|
|||
|
msnprintf(logbuf, sizeof(logbuf), "Got request: %s %.*s HTTP/%d.%d"
|
|||
|
,
|
|||
|
~~^~
|
|||
|
1 warning generated.
|
|||
|
```
|
|||
|
|
|||
|
Closes #11925
|
|||
|
|
|||
|
Jay Satiro (24 Sep 2023)
|
|||
|
|
|||
|
- url: fix netrc info message
|
|||
|
|
|||
|
- Fix netrc info message to use the generic ".netrc" filename if the
|
|||
|
user did not specify a netrc location.
|
|||
|
|
|||
|
- Update --netrc doc to add that recent versions of curl on Windows
|
|||
|
prefer .netrc over _netrc.
|
|||
|
|
|||
|
Before:
|
|||
|
* Couldn't find host google.com in the (nil) file; using defaults
|
|||
|
|
|||
|
After:
|
|||
|
* Couldn't find host google.com in the .netrc file; using defaults
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11904
|
|||
|
|
|||
|
Dan Fandrich (23 Sep 2023)
|
|||
|
|
|||
|
- wolfssh: do cleanup in Curl_ssh_cleanup
|
|||
|
|
|||
|
Closes: #11921
|
|||
|
|
|||
|
Daniel Stenberg (24 Sep 2023)
|
|||
|
|
|||
|
- tool_listhelp: regenerated
|
|||
|
|
|||
|
Polished the --ipfs-gateway description
|
|||
|
|
|||
|
Fixed the --trace-config description
|
|||
|
|
|||
|
The script also fixed some other small mistakes
|
|||
|
|
|||
|
Closes #11923
|
|||
|
|
|||
|
Viktor Szakats (23 Sep 2023)
|
|||
|
|
|||
|
- Makefile.mk: always set `CURL_STATICLIB` for lib (Windows)
|
|||
|
|
|||
|
Also fix to export all symbols in Windows debug builds, making
|
|||
|
`-debug-dyn` builds work with `-DCURL_STATICLIB` set.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/pull/11914 (same for CMake)
|
|||
|
|
|||
|
Closes #11924
|
|||
|
|
|||
|
Daniel Stenberg (23 Sep 2023)
|
|||
|
|
|||
|
- quic: set ciphers/curves the same way regular TLS does
|
|||
|
|
|||
|
for OpenSSL/BoringSSL
|
|||
|
|
|||
|
Fixes #11796
|
|||
|
Reported-by: Karthikdasari0423 on github
|
|||
|
Assisted-by: Jay Satiro
|
|||
|
Closes #11836
|
|||
|
|
|||
|
- test457: verify --max-filesize with chunked encoding
|
|||
|
|
|||
|
- lib: let the max filesize option stop too big transfers too
|
|||
|
|
|||
|
Previously it would only stop them from getting started if the size is
|
|||
|
known to be too big then.
|
|||
|
|
|||
|
Update the libcurl and curl docs accordingly.
|
|||
|
|
|||
|
Fixes #11810
|
|||
|
Reported-by: Elliot Killick
|
|||
|
Assisted-by: Jay Satiro
|
|||
|
Closes #11820
|
|||
|
|
|||
|
Viktor Szakats (23 Sep 2023)
|
|||
|
|
|||
|
- mingw: delete support for legacy mingw.org toolchain
|
|||
|
|
|||
|
Drop support for "old" / "legacy" / "classic" / "v1" / "mingw32" MinGW:
|
|||
|
https://en.wikipedia.org/wiki/MinGW, https://osdn.net/projects/mingw/
|
|||
|
Its homepage used to be http://mingw.org/ [no HTTPS], and broken now.
|
|||
|
It supported the x86 CPU only and used a old Windows API header and
|
|||
|
implib set, often causing issues. It also misses most modern Windows
|
|||
|
features, offering old versions of both binutils and gcc (no llvm/clang
|
|||
|
support). It was last updated 2 years ago.
|
|||
|
|
|||
|
curl now relies on toolchains based on the mingw-w64 project:
|
|||
|
https://www.mingw-w64.org/ https://sourceforge.net/projects/mingw-w64/
|
|||
|
https://www.msys2.org/ https://github.com/msys2/msys2
|
|||
|
https://github.com/mstorsjo/llvm-mingw
|
|||
|
(Also available via Linux and macOS package managers.)
|
|||
|
|
|||
|
Closes #11625
|
|||
|
|
|||
|
Mark Gaiser (23 Sep 2023)
|
|||
|
|
|||
|
- curl: add support for the IPFS protocols:
|
|||
|
|
|||
|
- ipfs://<cid>
|
|||
|
- ipns://<cid>
|
|||
|
|
|||
|
This allows you tu use ipfs in curl like:
|
|||
|
curl ipfs://<cid>
|
|||
|
and
|
|||
|
curl ipns://<cid>
|
|||
|
|
|||
|
For more information consult the readme at:
|
|||
|
https://curl.se/docs/ipfs.html
|
|||
|
|
|||
|
Closes #8805
|
|||
|
|
|||
|
Daniel Stenberg (23 Sep 2023)
|
|||
|
|
|||
|
- bufq: remove Curl_bufq_skip_and_shift (unused)
|
|||
|
|
|||
|
Closes #11915
|
|||
|
|
|||
|
- scripts/singleuse.pl: add curl_global_trace
|
|||
|
|
|||
|
Viktor Szakats (22 Sep 2023)
|
|||
|
|
|||
|
- cmake: fix unity symbol collisions in h2 builds
|
|||
|
|
|||
|
Regression from 331b89a319d0067fa1e6441719307cfef9c7960f
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Reviewed-by: Jay Satiro
|
|||
|
Closes #11912
|
|||
|
|
|||
|
Daniel Stenberg (22 Sep 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Dan Fandrich (21 Sep 2023)
|
|||
|
|
|||
|
- github/labeler: improve the match patterns
|
|||
|
|
|||
|
This includes new rules for setting the appleOS and logging labels and
|
|||
|
matches on some example files. Also, enable dot mode for wildcard
|
|||
|
matches in the .github directory.
|
|||
|
|
|||
|
Daniel Stenberg (21 Sep 2023)
|
|||
|
|
|||
|
- upload-file.d: describe the file name slash/backslash handling
|
|||
|
|
|||
|
Closes #11911
|
|||
|
|
|||
|
Jakub Jelen (21 Sep 2023)
|
|||
|
|
|||
|
- libssh: cap SFTP packet size sent
|
|||
|
|
|||
|
Due to libssh limitations
|
|||
|
|
|||
|
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|||
|
|
|||
|
Closes #11804
|
|||
|
|
|||
|
Daniel Stenberg (21 Sep 2023)
|
|||
|
|
|||
|
- curl.h: mark CURLSSLBACKEND_NSS as deprecated since 8.3.0
|
|||
|
|
|||
|
Closes #11905
|
|||
|
|
|||
|
- mailmap: unify Michael Osipov under a single email
|
|||
|
|
|||
|
Ted Lyngmo (21 Sep 2023)
|
|||
|
|
|||
|
- docs: use CURLSSLBACKEND_NONE
|
|||
|
|
|||
|
[ssl] use CURLSSLBACKEND_NONE instead of (curl_sslbackend)-1 in
|
|||
|
documentation and examples.
|
|||
|
|
|||
|
Signed-off-by: Ted Lyngmo <ted@lyncon.se>
|
|||
|
|
|||
|
Closes #11909
|
|||
|
|
|||
|
Dan Fandrich (21 Sep 2023)
|
|||
|
|
|||
|
- github/labeler: give the sync-labels config item a default value
|
|||
|
|
|||
|
This shouldn't be necessary and is likely a bug with this beta version
|
|||
|
of the labeller.
|
|||
|
|
|||
|
Also, fix the negative matches for the documentation label.
|
|||
|
|
|||
|
Follow-up to dd12b452a
|
|||
|
Closes #11907
|
|||
|
|
|||
|
- github/labeler: fix up more the labeler config format
|
|||
|
|
|||
|
The new version didn't like the workaround we had for a bug in the
|
|||
|
previous labeler version, and it should no longer be needed.
|
|||
|
|
|||
|
Follow-up to dd12b452a
|
|||
|
Closes #11906
|
|||
|
|
|||
|
- github/labeler: fix indenting to try to appease labeller
|
|||
|
|
|||
|
Follow-up to dd12b452a
|
|||
|
|
|||
|
Jay Satiro (21 Sep 2023)
|
|||
|
|
|||
|
- libssh2: fix error message on failed pubkey-from-file
|
|||
|
|
|||
|
- If libssh2_userauth_publickey_fromfile_ex returns -1 then show error
|
|||
|
message "SSH public key authentication failed: Reason unknown (-1)".
|
|||
|
|
|||
|
When libssh2_userauth_publickey_fromfile_ex returns -1 it does so as a
|
|||
|
generic error and therefore doesn't set an error message. AFAICT that is
|
|||
|
not documented behavior.
|
|||
|
|
|||
|
Prior to this change libcurl retrieved the last set error message which
|
|||
|
would be from a previous function failing. That resulted in misleading
|
|||
|
auth failed error messages in verbose mode.
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/issues/11837#issue-1891827355
|
|||
|
Reported-by: consulion@users.noreply.github.com
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11881
|
|||
|
|
|||
|
Stefan Eissing (21 Sep 2023)
|
|||
|
|
|||
|
- pytest: exclude test_03_goaway in CI runs due to timing dependency
|
|||
|
|
|||
|
Closes #11860
|
|||
|
|
|||
|
- lib: disambiguate Curl_client_write flag semantics
|
|||
|
|
|||
|
- use CLIENTWRITE_BODY *only* when data is actually body data
|
|||
|
- add CLIENTWRITE_INFO for meta data that is *not* a HEADER
|
|||
|
- debug assertions that BODY/INFO/HEADER is not used mixed
|
|||
|
- move `data->set.include_header` check into Curl_client_write
|
|||
|
so protocol handlers no longer have to care
|
|||
|
- add special in FTP for `data->set.include_header` for historic,
|
|||
|
backward compatible reasons
|
|||
|
- move unpausing of client writes from easy.c to sendf.c, so that
|
|||
|
code is in one place and can forward flags correctly
|
|||
|
|
|||
|
Closes #11885
|
|||
|
|
|||
|
Patrick Monnerat (21 Sep 2023)
|
|||
|
|
|||
|
- tftpd: always use curl's own tftp.h
|
|||
|
|
|||
|
Using the system's provided arpa/tftp.h and optimizing, GCC 12 detects
|
|||
|
and reports a stringop-overread warning:
|
|||
|
|
|||
|
tftpd.c: In function ‘write_behind.isra’:
|
|||
|
tftpd.c:485:12: warning: ‘write’ reading between 1 and 2147483647 bytes f
|
|||
|
rom a region of size 0 [-Wstringop-overread]
|
|||
|
485 | return write(test->ofile, writebuf, count);
|
|||
|
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|||
|
In file included from tftpd.c:71:
|
|||
|
/usr/include/arpa/tftp.h:58:30: note: source object ‘tu_data’ of size 0
|
|||
|
58 | char tu_data[0]; /* data or error stri
|
|||
|
ng */
|
|||
|
| ^~~~~~~
|
|||
|
|
|||
|
This occurs because writebuf points to this field and the latter
|
|||
|
cannot be considered as being of dynamic length because it is not
|
|||
|
the last field in the structure. Thus it is bound to its declared
|
|||
|
size.
|
|||
|
|
|||
|
This commit always uses curl's own version of tftp.h where the
|
|||
|
target field is last in its structure, effectively avoiding the
|
|||
|
warning.
|
|||
|
|
|||
|
As HAVE_ARPA_TFTP_H is not used anymore, cmake/configure checks for
|
|||
|
arpa/tftp.h are removed.
|
|||
|
|
|||
|
Closes #11897
|
|||
|
|
|||
|
Dan Fandrich (20 Sep 2023)
|
|||
|
|
|||
|
- test1474: make precheck more robust on non-Solaris systems
|
|||
|
|
|||
|
If uname -r returns something odd, perl could return an error code and
|
|||
|
the test would be erroneously skipped. The qx// syntax avoid this.
|
|||
|
|
|||
|
Followup to 08f9b2148
|
|||
|
|
|||
|
- github/labeler: switch to the 5 beta version
|
|||
|
|
|||
|
This version adds an important feature that will allow more PRs to be
|
|||
|
labelled. Rather than being limited to labeling PRs with files that
|
|||
|
match a single glob, it can now label them if multiple changed files
|
|||
|
match any one of a number of globs.
|
|||
|
|
|||
|
Daniel Stenberg (20 Sep 2023)
|
|||
|
|
|||
|
- lib: enable hmac for digest as well
|
|||
|
|
|||
|
Previously a build that disabled NTLM and aws-sigv4 would fail to build
|
|||
|
since the hmac was disabled, but it is also needed for digest auth.
|
|||
|
|
|||
|
Follow-up to e92edfbef64448ef
|
|||
|
|
|||
|
Fixes #11890
|
|||
|
Reported-by: Aleksander Mazur
|
|||
|
Closes #11896
|
|||
|
|
|||
|
- idn: if idn2_check_version returns NULL, return error
|
|||
|
|
|||
|
... this avoids a NULL dereference for this unusual case.
|
|||
|
|
|||
|
Reported-by: s0urc3_ on hackerone
|
|||
|
Closes #11898
|
|||
|
|
|||
|
- http: fix CURL_DISABLE_BEARER_AUTH breakage
|
|||
|
|
|||
|
When bearer auth was disabled, the if/else logic got wrong and caused
|
|||
|
problems.
|
|||
|
|
|||
|
Follow-up to e92edfbef64448ef461
|
|||
|
Fixes #11892
|
|||
|
Reported-by: Aleksander Mazur
|
|||
|
Closes #11895
|
|||
|
|
|||
|
Michael Osipov (20 Sep 2023)
|
|||
|
|
|||
|
- wolfssl: allow capath with CURLOPT_CAINFO_BLOB
|
|||
|
|
|||
|
Remain consistent with OpenSSL. While CAfile is nulled as documented
|
|||
|
with CURLOPT_CAINFO_BLOB, CApath remains intact.
|
|||
|
|
|||
|
Closes #11886
|
|||
|
|
|||
|
- wolfssl: use ssl_cafile/ssl_capath variables consistent with openssl.c
|
|||
|
|
|||
|
Closes #11886
|
|||
|
|
|||
|
Dan Fandrich (19 Sep 2023)
|
|||
|
|
|||
|
- test1474: disable test on NetBSD, OpenBSD and Solaris 10
|
|||
|
|
|||
|
These kernels only send a fraction of the requested amount of the first
|
|||
|
large block, invalidating the assumptions of the test and causing it to
|
|||
|
fail.
|
|||
|
|
|||
|
Assisted-by: Christian Weisgerber
|
|||
|
Ref: https://curl.se/mail/lib-2023-09/0021.html
|
|||
|
Closes #11888
|
|||
|
|
|||
|
Ryan Schmidt (20 Sep 2023)
|
|||
|
|
|||
|
- cmake, configure: also link with CoreServices
|
|||
|
|
|||
|
When linking with CoreFoundation, also link with CoreServices which is
|
|||
|
apparently required to avoid an NSInvalidArgumentException in software
|
|||
|
linking with libcurl on macOS Sonoma 14 and later.
|
|||
|
|
|||
|
Fixes #11893
|
|||
|
Closes #11894
|
|||
|
|
|||
|
Marc Hoersken (19 Sep 2023)
|
|||
|
|
|||
|
- CI/azure: remove pip, wheel, cryptography, pyopenssl and impacket
|
|||
|
|
|||
|
These dependencies are now already included in the Docker image.
|
|||
|
|
|||
|
Ref: https://github.com/mback2k/curl-docker-winbuildenv/commit/2607a31bcab544
|
|||
|
b41d15606e97f38cf312c1ce56
|
|||
|
|
|||
|
Closes #11889
|
|||
|
|
|||
|
Daniel Stenberg (19 Sep 2023)
|
|||
|
|
|||
|
- wolfssl: if CURLOPT_CAINFO_BLOB is set, ignore the CA files
|
|||
|
|
|||
|
Ref: #11883
|
|||
|
Reported-by: Michael Osipov
|
|||
|
Closes #11884
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- test3103: CURLOPT_COOKIELIST test
|
|||
|
|
|||
|
- cookie: set ->running in cookie_init even if data is NULL
|
|||
|
|
|||
|
This is a regression introduced in b1b326ec500 (shipped in curl 8.1.0)
|
|||
|
|
|||
|
Test 3103 verifies.
|
|||
|
|
|||
|
Fixes #11875
|
|||
|
Reported-by: wangp on github
|
|||
|
Closes #11876
|
|||
|
|
|||
|
- test498: total header size for all redirects is larger than accepted
|
|||
|
|
|||
|
- http: use per-request counter to check too large headers
|
|||
|
|
|||
|
Not the counter that accumulates all headers over all redirects.
|
|||
|
|
|||
|
Follow-up to 3ee79c1674fd6
|
|||
|
|
|||
|
Do a second check for 20 times the limit for the accumulated size for
|
|||
|
all headers.
|
|||
|
|
|||
|
Fixes #11871
|
|||
|
Reported-by: Joshix-1 on github
|
|||
|
Closes #11872
|
|||
|
|
|||
|
Jay Satiro (18 Sep 2023)
|
|||
|
|
|||
|
- THANKS: add Eric Murphy
|
|||
|
|
|||
|
He reported #11850 (quiche build error) but I forgot to add a
|
|||
|
'reported-by' entry in the fix 267e14f1.
|
|||
|
|
|||
|
Daniel Stenberg (18 Sep 2023)
|
|||
|
|
|||
|
- h2-proxy: remove left-over mistake in drain_tunnel()
|
|||
|
|
|||
|
Left-over from 331b89a319
|
|||
|
|
|||
|
Reported-by: 南宫雪珊
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11877
|
|||
|
|
|||
|
vvb2060 (18 Sep 2023)
|
|||
|
|
|||
|
- lib: failf/infof compiler warnings
|
|||
|
|
|||
|
Closes #11874
|
|||
|
|
|||
|
Daniel Stenberg (17 Sep 2023)
|
|||
|
|
|||
|
- rand: fix 'alnum': array is too small to include a terminating null character
|
|||
|
|
|||
|
It was that small on purpose, but this change now adds the null byte to
|
|||
|
avoid the error.
|
|||
|
|
|||
|
Follow-up to 3aa3cc9b052353b1
|
|||
|
|
|||
|
Reported-by: Dan Fandrich
|
|||
|
Ref: #11838
|
|||
|
Closes #11870
|
|||
|
|
|||
|
Mathias Fuchs (16 Sep 2023)
|
|||
|
|
|||
|
- cmake: fix the help text to the static build option in CMakeLists.txt
|
|||
|
|
|||
|
Closes #11843
|
|||
|
|
|||
|
John Haugabook (16 Sep 2023)
|
|||
|
|
|||
|
- MANUAL.md: change domain to example.com
|
|||
|
|
|||
|
Closes #11866
|
|||
|
|
|||
|
Daniel Stenberg (16 Sep 2023)
|
|||
|
|
|||
|
- doh: inherit DEBUGFUNCTION/DATA
|
|||
|
|
|||
|
When creating new transfers for doing DoH, they now inherit the debug
|
|||
|
settings from the initiating transfer, so that the application can
|
|||
|
redirect and handle the verbose output correctly even for the DoH
|
|||
|
transfers.
|
|||
|
|
|||
|
Reported-by: calvin2021y on github
|
|||
|
Fixes #11864
|
|||
|
Closes #11869
|
|||
|
|
|||
|
Dan Fandrich (16 Sep 2023)
|
|||
|
|
|||
|
- http_aws_sigv4: fix sorting with empty parts
|
|||
|
|
|||
|
When comparing with an empty part, the non-empty one is always
|
|||
|
considered greater-than. Previously, the two would be considered equal
|
|||
|
which would randomly place empty parts amongst non-empty ones. This
|
|||
|
showed as a test 439 failure on Solaris as it uses a different
|
|||
|
implementation of qsort() that compares parts differently.
|
|||
|
|
|||
|
Fixes #11855
|
|||
|
Closes #11868
|
|||
|
|
|||
|
- CI: ignore the "flaky" and "timing-dependent" test results
|
|||
|
|
|||
|
CI builds will now run these tests, but will ignore the results if they
|
|||
|
fail. The relevant tests are ones that are sensitive to timing or
|
|||
|
have edge conditions that make them more likely to fail on CI servers,
|
|||
|
which are often heavily overloaded and slow.
|
|||
|
|
|||
|
This change only adds two additional tests to be ignored, since the
|
|||
|
others already had the flaky keyword.
|
|||
|
|
|||
|
Closes #11865
|
|||
|
|
|||
|
- runtests: eliminate a warning on old perl versions
|
|||
|
|
|||
|
The warning "Use of implicit split to @_ is deprecated" showed between
|
|||
|
perl versions about 5.8 through 5.11.
|
|||
|
|
|||
|
- tests: log the test result code after each libtest
|
|||
|
|
|||
|
This makes it easier to determine the test status. Also, capitalize
|
|||
|
FAILURE and ABORT messages in log lines to make them easier to spot.
|
|||
|
|
|||
|
Harry Sintonen (16 Sep 2023)
|
|||
|
|
|||
|
- misc: better random strings
|
|||
|
|
|||
|
Generate alphanumerical random strings.
|
|||
|
|
|||
|
Prior this change curl used to create random hex strings. This was
|
|||
|
mostly okay, but having alphanumerical random strings is better: The
|
|||
|
strings have more entropy in the same space.
|
|||
|
|
|||
|
The MIME multipart boundary used to be mere 64-bits of randomness due
|
|||
|
to being 16 hex chars. With these changes the boundary is 22
|
|||
|
alphanumerical chars, or little over 130 bits of randomness.
|
|||
|
|
|||
|
Closes #11838
|
|||
|
|
|||
|
Daniel Stenberg (15 Sep 2023)
|
|||
|
|
|||
|
- cookie: reduce variable scope, add const
|
|||
|
|
|||
|
- cookie: do not store the expire or max-age strings
|
|||
|
|
|||
|
Convert it to an expire time at once and save memory.
|
|||
|
|
|||
|
Closes #11862
|
|||
|
|
|||
|
- cookie: remove unnecessary struct fields
|
|||
|
|
|||
|
Plus: reduce the hash table size from 256 to 63. It seems unlikely to
|
|||
|
make much of a speed difference for most use cases but saves 1.5KB of
|
|||
|
data per instance.
|
|||
|
|
|||
|
Closes #11862
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Bumped to 8.4.0, the next presumed version
|
|||
|
|
|||
|
Dan Fandrich (14 Sep 2023)
|
|||
|
|
|||
|
- test2600: remove special case handling for USE_ALARM_TIMEOUT
|
|||
|
|
|||
|
This was originally added to handle platforms that supported only 1
|
|||
|
second granularity in connect timeouts, but after some recent changes
|
|||
|
the test currently permafails on several Windows platforms.
|
|||
|
|
|||
|
The need for this special-case was removed in commit 8627416, which
|
|||
|
increased the connect timeout in all cases to well above 1 second.
|
|||
|
|
|||
|
Fixes #11767
|
|||
|
Closes #11849
|
|||
|
|
|||
|
Daniel Stenberg (14 Sep 2023)
|
|||
|
|
|||
|
- SECURITY-PROCESS.md. call it vulnerability disclosure policy
|
|||
|
|
|||
|
SECURITY-PROCESS.md -> VULN-DISCLOSURE-POLICY.md
|
|||
|
|
|||
|
This a name commonly used for a document like this. This name helps
|
|||
|
users find it.
|
|||
|
|
|||
|
Closes #11852
|
|||
|
|
|||
|
Junho Choi (14 Sep 2023)
|
|||
|
|
|||
|
- quiche: fix build error with --with-ca-fallback
|
|||
|
|
|||
|
- Fix build error when curl is built with --with-quiche
|
|||
|
and --with-ca-fallback.
|
|||
|
|
|||
|
- Add --with-ca-fallback to the quiche CI job.
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/11850
|
|||
|
Closes https://github.com/curl/curl/pull/11847
|
|||
|
|
|||
|
Jay Satiro (14 Sep 2023)
|
|||
|
|
|||
|
- escape: replace Curl_isunreserved with ISUNRESERVED
|
|||
|
|
|||
|
- Use the ALLCAPS version of the macro so that it is clear a macro is
|
|||
|
being called that evaluates the variable multiple times.
|
|||
|
|
|||
|
- Also capitalize macro isurlpuntcs => ISURLPUNTCS since it evaluates
|
|||
|
a variable multiple times.
|
|||
|
|
|||
|
This is a follow-up to 291d225a which changed Curl_isunreserved into an
|
|||
|
alias macro for ISUNRESERVED. The problem is the former is not easily
|
|||
|
identified as a macro by the caller, which could lead to a bug.
|
|||
|
|
|||
|
For example, ISUNRESERVED(*foo++) is easily identifiable as wrong but
|
|||
|
Curl_isunreserved(*foo++) is not even though they both are the same.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11846
|
|||
|
|
|||
|
Dan Fandrich (13 Sep 2023)
|
|||
|
|
|||
|
- tests: increase the default server logs lock timeout
|
|||
|
|
|||
|
This timeout is used to wait for the server to finish writing its logs
|
|||
|
before checking them against the expected values. An overloaded machine
|
|||
|
could take more than the two seconds previously allocated, so increase
|
|||
|
the timeout to 5 seconds.
|
|||
|
|
|||
|
Ref: #11328
|
|||
|
Closes #11834
|
|||
|
|
|||
|
- tests: increase TEST_HANG_TIMEOUT in two tests
|
|||
|
|
|||
|
These tests had a 5 second timeout compared to 60 seconds for all other
|
|||
|
tests. Make these consistent with the others for more reliability on
|
|||
|
heavily-loaded machines.
|
|||
|
|
|||
|
Ref: #11328
|
|||
|
|
|||
|
- test1056: disable on Windows
|
|||
|
|
|||
|
This test relies on the IPv6 scope field being ignored when connecting to
|
|||
|
ipv6-localhost (i.e. [::1%259999] is treated as [::1]). Maybe this is a bit
|
|||
|
dodgy, but it works on all our test platforms except Windows. This
|
|||
|
test was disabled manually on all Windows CI builds already, so instead
|
|||
|
add an incompatible feature and precheck so it's skipped on Windows
|
|||
|
everywhere automatically.
|
|||
|
|
|||
|
- test587: add a slight delay after test
|
|||
|
|
|||
|
This test is designed to connect to the server, then immediately send a
|
|||
|
few bytes and disconnect. In some situations, such as on a loaded
|
|||
|
server, this doesn't give the server enough time to write its lock file
|
|||
|
before its existence is checked. The test harness then fails to find the
|
|||
|
server's input log file (because it hasn't been written yet) and fails
|
|||
|
the test. By adding a short delay after the test, the HTTP server has
|
|||
|
enough time to write its lock file which gives itself more time to write
|
|||
|
its remaining files.
|
|||
|
|
|||
|
Ref: #11328
|
|||
|
|
|||
|
- tests: stop overriding the lock timeout
|
|||
|
|
|||
|
These tests reduce the server lock wait timeout which can increase
|
|||
|
flakiness on loaded machines. Since this is merely an optimization,
|
|||
|
eliminate them in favour of reliability.
|
|||
|
|
|||
|
Ref: #11328
|
|||
|
|
|||
|
- tests: add some --expect100-timeout to reduce timing dependencies
|
|||
|
|
|||
|
These tests can fail when the test machine is so slow that the test HTTP
|
|||
|
server didn't get a chance to complete before the client's one second
|
|||
|
100-continue timeout triggered. Increase that 1 second to 999 seconds so
|
|||
|
this situation doesn't happen.
|
|||
|
|
|||
|
Ref: #11328
|
|||
|
|
|||
|
- test661: return from test early in case of curl error
|
|||
|
|
|||
|
- tests: add the timing-dependent keyword on several tests
|
|||
|
|
|||
|
These are ones likely to fail on heavily-loaded machines that alter the
|
|||
|
normal test timing. Most of these tests already had the flaky keyword
|
|||
|
since this condition makes them more likely to fail on CI.
|
|||
|
|
|||
|
- test1592: greatly increase the maximum test timeout
|
|||
|
|
|||
|
It was too short to be reliable on heavily loaded CI machines, and
|
|||
|
as a fail-safe only, it didn't need to be short.
|
|||
|
|
|||
|
Ref: #11328
|
|||
|
|
|||
|
- test: minor test cleanups
|
|||
|
|
|||
|
Remove an obsolete block of code in tests 2032 & 576.
|
|||
|
Add a comment in test 1474.
|
|||
|
|
|||
|
- tests: quadruple the %FTPTIME2 and %FTPTIME3 timeouts
|
|||
|
|
|||
|
This gives more of a margin for error when running on overloaded CI
|
|||
|
servers.
|
|||
|
|
|||
|
Ref: #11328
|
|||
|
|
|||
|
- tests: improve SLOWDOWN test reliability by reducing sent data
|
|||
|
|
|||
|
These tests are run in SLOWDOWN mode which adds a 10 msec delay after
|
|||
|
each character output, which means it takes at least 1.6 seconds (and
|
|||
|
320 kernel calls) just to get through the long welcome banner. On an
|
|||
|
overloaded system, this can end up taking much more than 1.6 seconds,
|
|||
|
and even more than the 7 or 16 second curl timeout that the tests rely
|
|||
|
on, causing them to fail. Reducing the size of the welcome banner drops
|
|||
|
the total number of characters sent before the transfer starts by more
|
|||
|
than half, which reduces the opportunity for test-breaking slowdowns by
|
|||
|
the same amount.
|
|||
|
|
|||
|
Ref: #11328
|
|||
|
|
|||
|
- test650: fix an end tag typo
|
|||
|
|
|||
|
Jay Satiro (13 Sep 2023)
|
|||
|
|
|||
|
- tool_cb_wrt: fix debug assertion
|
|||
|
|
|||
|
- Fix off-by-one out-of-bounds array index in Windows debug assertion.
|
|||
|
|
|||
|
Bug: https://github.com/curl/curl/commit/af3f4e41#r127212213
|
|||
|
Reported-by: Gisle Vanem
|
|||
|
|
|||
|
Daniel Stenberg (13 Sep 2023)
|
|||
|
|
|||
|
- ctype: add ISUNRESERVED()
|
|||
|
|
|||
|
... and make Curl_isunreserved() use that macro instead of providing a
|
|||
|
separate funtion for the purpose.
|
|||
|
|
|||
|
Closes #11840
|
|||
|
|
|||
|
Version 8.3.0 (13 Sep 2023)
|
|||
|
|
|||
|
Daniel Stenberg (13 Sep 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: syn ced
|
|||
|
|
|||
|
curl 8.3.0 release
|
|||
|
|
|||
|
- THANKS: contributors from 8.3.0
|
|||
|
|
|||
|
Thorsten Klein (12 Sep 2023)
|
|||
|
|
|||
|
- cmake: set SIZEOF_LONG_LONG in curl_config.h
|
|||
|
|
|||
|
in order to support 32bit builds regarding wolfssl CTC_SETTINGS
|
|||
|
|
|||
|
Closes #11839
|
|||
|
|
|||
|
Jay Satiro (12 Sep 2023)
|
|||
|
|
|||
|
- curl_ngtcp2: fix error message
|
|||
|
|
|||
|
- http_aws_sigv4: handle no-value user header entries
|
|||
|
|
|||
|
- Handle user headers in format 'name:' and 'name;' with no value.
|
|||
|
|
|||
|
The former is used when the user wants to remove an internal libcurl
|
|||
|
header and the latter is used when the user actually wants to send a
|
|||
|
no-value header in the format 'name:' (note the semi-colon is converted
|
|||
|
by libcurl to a colon).
|
|||
|
|
|||
|
Prior to this change the AWS header import code did not special case
|
|||
|
either of those and the generated AWS SignedHeaders would be incorrect.
|
|||
|
|
|||
|
Reported-by: apparentorder@users.noreply.github.com
|
|||
|
|
|||
|
Ref: https://curl.se/docs/manpage.html#-H
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/11664
|
|||
|
Closes https://github.com/curl/curl/pull/11668
|
|||
|
|
|||
|
Dan Fandrich (11 Sep 2023)
|
|||
|
|
|||
|
- CI: run pytest with the -v option
|
|||
|
|
|||
|
This lists of the test cases being run so it can be tracked over time.
|
|||
|
|
|||
|
Closes #11824
|
|||
|
|
|||
|
Daniel Stenberg (11 Sep 2023)
|
|||
|
|
|||
|
- HTTP3: the msquic backend is not functional
|
|||
|
|
|||
|
I ask that we do not submit bugs for this backend just yet as we know it
|
|||
|
does not fully work.
|
|||
|
|
|||
|
Closes #11831
|
|||
|
Closes #11819
|
|||
|
|
|||
|
- aws_sigv4: the query canon code miscounted URL encoded input
|
|||
|
|
|||
|
Added some extra ampersands to test 439 to verify "blank" query parts
|
|||
|
|
|||
|
Follow-up to fc76a24c53b08cdf
|
|||
|
|
|||
|
Closes #11829
|
|||
|
|
|||
|
vvb2060 (11 Sep 2023)
|
|||
|
|
|||
|
- quic: don't set SNI if hostname is an IP address
|
|||
|
|
|||
|
We already do this for TLS connections.
|
|||
|
|
|||
|
RFC 6066 says: Literal IPv4 and IPv6 addresses are not permitted in
|
|||
|
"HostName".
|
|||
|
|
|||
|
Ref: https://www.rfc-editor.org/rfc/rfc6066#section-3
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/11827
|
|||
|
Closes https://github.com/curl/curl/pull/11828
|
|||
|
|
|||
|
Daniel Stenberg (10 Sep 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Benoit Pierre (10 Sep 2023)
|
|||
|
|
|||
|
- configure: fix `HAVE_TIME_T_UNSIGNED` check
|
|||
|
|
|||
|
The syntax was incorrect (need a proper main body), and the test
|
|||
|
condition was wrong (resulting in a signed `time_t` detected as
|
|||
|
unsigned).
|
|||
|
|
|||
|
Closes #11825
|
|||
|
|
|||
|
Daniel Stenberg (9 Sep 2023)
|
|||
|
|
|||
|
- THANKS-filter: pszlazak on github
|
|||
|
|
|||
|
pszlazak (9 Sep 2023)
|
|||
|
|
|||
|
- include.d: explain headers not printed with --fail before 7.75.0
|
|||
|
|
|||
|
Prior to 7.75.0 response headers were not printed if -f/--fail was used
|
|||
|
and an error was reported by server. This was fixed in ab525c0
|
|||
|
(precedes 7.75.0).
|
|||
|
|
|||
|
Closes #11822
|
|||
|
|
|||
|
Daniel Stenberg (8 Sep 2023)
|
|||
|
|
|||
|
- http_aws_sigv4: skip the op if the query pair is zero bytes
|
|||
|
|
|||
|
Follow-up to fc76a24c53b08cdf
|
|||
|
|
|||
|
Spotted by OSS-Fuzz
|
|||
|
|
|||
|
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62175
|
|||
|
Closes #11823
|
|||
|
|
|||
|
- cmdline-docs: use present tense, not future
|
|||
|
|
|||
|
+ some smaller cleanups
|
|||
|
|
|||
|
Closes #11821
|
|||
|
|
|||
|
- cmdline-docs: make sure to phrase it as "added in ...."
|
|||
|
|
|||
|
References to things that were added or changed in a specific version
|
|||
|
should be specified as "(added in [version]) for two reasons:
|
|||
|
|
|||
|
1 - consistency
|
|||
|
|
|||
|
2 - to allow gen.pl to strip them out if deemed referring to too old
|
|||
|
versions
|
|||
|
|
|||
|
Closes #11821
|
|||
|
|
|||
|
Jay Satiro (8 Sep 2023)
|
|||
|
|
|||
|
- docs: mark --ssl-revoke-best-effort as Schannel specific
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11760
|
|||
|
|
|||
|
Nathan Moinvaziri (8 Sep 2023)
|
|||
|
|
|||
|
- schannel: fix ordering of cert chain info
|
|||
|
|
|||
|
- Use CERT_CONTEXT's pbCertEncoded to determine chain order.
|
|||
|
|
|||
|
CERT_CONTEXT from SECPKG_ATTR_REMOTE_CERT_CONTEXT contains
|
|||
|
end-entity/server certificate in pbCertEncoded. We can use this pointer
|
|||
|
to determine the order of certificates when enumerating hCertStore using
|
|||
|
CertEnumCertificatesInStore.
|
|||
|
|
|||
|
This change is to help ensure that the ordering of the certificate chain
|
|||
|
requested by the user via CURLINFO_CERTINFO has the same ordering on all
|
|||
|
versions of Windows.
|
|||
|
|
|||
|
Prior to this change Schannel certificate order was reversed in 8986df80
|
|||
|
but that was later reverted in f540a39b when it was discovered that
|
|||
|
Windows 11 22H2 does the reversal on its own.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/issues/9706
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11632
|
|||
|
|
|||
|
Chris Talbot (8 Sep 2023)
|
|||
|
|
|||
|
- digest: Use hostname to generate spn instead of realm
|
|||
|
|
|||
|
In https://www.rfc-editor.org/rfc/rfc2831#section-2.1.2
|
|||
|
|
|||
|
digest-uri-value should be serv-type "/" host , where host is:
|
|||
|
|
|||
|
The DNS host name or IP address for the service requested. The
|
|||
|
DNS host name must be the fully-qualified canonical name of the
|
|||
|
host. The DNS host name is the preferred form; see notes on server
|
|||
|
processing of the digest-uri.
|
|||
|
|
|||
|
Realm may not be the host, so we must specify the host explicitly.
|
|||
|
|
|||
|
Note this change only affects the non-SSPI digest code. The digest code
|
|||
|
used by SSPI builds already uses the hostname to generate the spn.
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/issues/11369
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11395
|
|||
|
|
|||
|
Daniel Stenberg (7 Sep 2023)
|
|||
|
|
|||
|
- docs: remove use of the word 'very'
|
|||
|
|
|||
|
It is mostly superfluous. proselint would complain.
|
|||
|
|
|||
|
Closes #11818
|
|||
|
|
|||
|
- curl_multi_remove_handle.3: clarify what happens with connection
|
|||
|
|
|||
|
Closes #11817
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- test439: verify query canonization for aws-sigv4
|
|||
|
|
|||
|
- tool_operate: make aws-sigv4 not require TLS to be used
|
|||
|
|
|||
|
Maybe not used too often, but we want it for testing and it should work.
|
|||
|
|
|||
|
- http_aws_sigv4: canonicalize the query
|
|||
|
|
|||
|
Percent encoding needs to be done using uppercase, and most
|
|||
|
non-alphanumerical must be percent-encoded.
|
|||
|
|
|||
|
Fixes #11794
|
|||
|
Reported-by: John Walker
|
|||
|
Closes #11806
|
|||
|
|
|||
|
Wyatt O'Day (7 Sep 2023)
|
|||
|
|
|||
|
- lib: add ability to disable auths individually
|
|||
|
|
|||
|
Both with configure and cmake
|
|||
|
|
|||
|
Closes #11490
|
|||
|
|
|||
|
Stefan Eissing (7 Sep 2023)
|
|||
|
|
|||
|
- ngtcp2: fix handling of large requests
|
|||
|
|
|||
|
- requests >64K are send in parts to the filter
|
|||
|
- fix parsing of the request to assemble it correctly
|
|||
|
from several sends
|
|||
|
- open a QUIC stream only when the complete request has
|
|||
|
been collected
|
|||
|
|
|||
|
Closes #11815
|
|||
|
|
|||
|
- openssl: when CURLOPT_SSL_CTX_FUNCTION is registered, init x509 store before
|
|||
|
|
|||
|
- we delay loading the x509 store to shorten the handshake time.
|
|||
|
However an application callback installed via CURLOPT_SSL_CTX_FUNCTION
|
|||
|
may need to have the store loaded and try to manipulate it.
|
|||
|
- load the x509 store before invoking the app callback
|
|||
|
|
|||
|
Fixes #11800
|
|||
|
Reported-by: guoxinvmware on github
|
|||
|
Cloes #11805
|
|||
|
|
|||
|
Daniel Stenberg (7 Sep 2023)
|
|||
|
|
|||
|
- krb5: fix "implicit conversion loses integer precision" warnings
|
|||
|
|
|||
|
conversions to/from enum and unsigned chars
|
|||
|
|
|||
|
Closes #11814
|
|||
|
|
|||
|
Stefan Eissing (7 Sep 2023)
|
|||
|
|
|||
|
- pytest: improvements
|
|||
|
|
|||
|
- set CURL_CI for pytest runs in CI environments
|
|||
|
- exclude timing sensitive tests from CI runs
|
|||
|
- for failed results, list only the log and stat of
|
|||
|
the failed transfer
|
|||
|
|
|||
|
- fix type in http.c comment
|
|||
|
|
|||
|
Closes #11812
|
|||
|
|
|||
|
- CI: move on to ngtcp2 v0.19.1
|
|||
|
|
|||
|
Closes #11809
|
|||
|
|
|||
|
Dan Fandrich (5 Sep 2023)
|
|||
|
|
|||
|
- CI: run Circle macOS builds on x86 for now
|
|||
|
|
|||
|
The ARM machines aren't ready for us and requesting them now causes
|
|||
|
warnings e-mails to be sent to some PR pushers.
|
|||
|
|
|||
|
Ref: #11771
|
|||
|
|
|||
|
Viktor Szakats (5 Sep 2023)
|
|||
|
|
|||
|
- http3: adjust cast for ngtcp2 v0.19.0
|
|||
|
|
|||
|
ngtcp2 v0.19.0 made size of `ecn` member of `ngtcp2_pkt_info`
|
|||
|
an `uint8_t` (was: `uint32_t`). Adjust our local cast accordingly.
|
|||
|
|
|||
|
Fixes:
|
|||
|
```
|
|||
|
./curl/lib/vquic/curl_ngtcp2.c:1912:12: warning: implicit conversion loses in
|
|||
|
teger precision: 'uint32_t' (aka 'unsigned int') to 'uint8_t' (aka 'unsigned
|
|||
|
char') [-Wimplicit-int-conversion]
|
|||
|
pi.ecn = (uint32_t)ecn;
|
|||
|
~ ^~~~~~~~~~~~~
|
|||
|
```
|
|||
|
|
|||
|
Also bump ngtcp2, nghttp3 and nghttp2 to their latest versions in our
|
|||
|
docs and CI.
|
|||
|
|
|||
|
Ref: https://github.com/ngtcp2/ngtcp2/commit/80447281bbc94af53f8aa7a4cfc19175
|
|||
|
782894a3
|
|||
|
Ref: https://github.com/ngtcp2/ngtcp2/pull/877
|
|||
|
Closes #11798
|
|||
|
|
|||
|
Stefan Eissing (5 Sep 2023)
|
|||
|
|
|||
|
- http: fix sending of large requests
|
|||
|
|
|||
|
- refs #11342 where errors with git https interactions
|
|||
|
were observed
|
|||
|
- problem was caused by 1st sends of size larger than 64KB
|
|||
|
which resulted in later retries of 64KB only
|
|||
|
- limit sending of 1st block to 64KB
|
|||
|
- adjust h2/h3 filters to cope with parsing the HTTP/1.1
|
|||
|
formatted request in chunks
|
|||
|
|
|||
|
- introducing Curl_nwrite() as companion to Curl_write()
|
|||
|
for the many cases where the sockindex is already known
|
|||
|
|
|||
|
Fixes #11342 (again)
|
|||
|
Closes #11803
|
|||
|
|
|||
|
- pytest: fix check for slow_network skips to only apply when intended
|
|||
|
|
|||
|
Closes #11801
|
|||
|
|
|||
|
Daniel Stenberg (5 Sep 2023)
|
|||
|
|
|||
|
- curl_url_get/set.3: add missing semicolon in SYNOPSIS
|
|||
|
|
|||
|
- CURLOPT_URL.3: explain curl_url_set() uses the same parser
|
|||
|
|
|||
|
- CURLOPT_URL.3: add two URL API calls in the see-also section
|
|||
|
|
|||
|
Dan Fandrich (4 Sep 2023)
|
|||
|
|
|||
|
- CI: add a 32-bit i686 Linux build
|
|||
|
|
|||
|
This is done by cross-compiling under regular x86_64 Linux. Since the
|
|||
|
kernel offers backwards compatibility, the binaries can be tested as
|
|||
|
normal.
|
|||
|
|
|||
|
Closes #11799
|
|||
|
|
|||
|
- tests: fix a type warning on 32-bit x86
|
|||
|
|
|||
|
Viktor Szakats (4 Sep 2023)
|
|||
|
|
|||
|
- tests: delete stray `.orig` file
|
|||
|
|
|||
|
Follow-up to 331b89a319d0067fa1e6441719307cfef9c7960f
|
|||
|
Closes #11797
|
|||
|
|
|||
|
Daniel Stenberg (4 Sep 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Viktor Szakats (4 Sep 2023)
|
|||
|
|
|||
|
- lib: silence compiler warning in inet_ntop6
|
|||
|
|
|||
|
```
|
|||
|
./curl/lib/inet_ntop.c:121:21: warning: possible misuse of comma operator her
|
|||
|
e [-Wcomma]
|
|||
|
cur.base = i, cur.len = 1;
|
|||
|
^
|
|||
|
./curl/lib/inet_ntop.c:121:9: note: cast expression to void to silence warnin
|
|||
|
g
|
|||
|
cur.base = i, cur.len = 1;
|
|||
|
^~~~~~~~~~~~
|
|||
|
(void)( )
|
|||
|
```
|
|||
|
|
|||
|
Closes #11790
|
|||
|
|
|||
|
Daniel Stenberg (4 Sep 2023)
|
|||
|
|
|||
|
- transfer: also stop the sending on closed connection
|
|||
|
|
|||
|
Previously this cleared the receiving bit only but in some cases it is
|
|||
|
also still sending (like a request-body) when disconnected and neither
|
|||
|
direction can continue then.
|
|||
|
|
|||
|
Fixes #11769
|
|||
|
Reported-by: Oleg Jukovec
|
|||
|
Closes #11795
|
|||
|
|
|||
|
John Bampton (4 Sep 2023)
|
|||
|
|
|||
|
- docs: change `sub-domain` to `subdomain`
|
|||
|
|
|||
|
https://en.wikipedia.org/wiki/Subdomain
|
|||
|
|
|||
|
Closes #11793
|
|||
|
|
|||
|
Stefan Eissing (4 Sep 2023)
|
|||
|
|
|||
|
- multi: more efficient pollfd count for poll
|
|||
|
|
|||
|
- do not use separate pollfds for sockets that have POLLIN+POLLOUT
|
|||
|
|
|||
|
Closes #11792
|
|||
|
|
|||
|
- http2: polish things around POST
|
|||
|
|
|||
|
- added test cases for various code paths
|
|||
|
- fixed handling of blocked write when stream had
|
|||
|
been closed inbetween attempts
|
|||
|
- re-enabled DEBUGASSERT on send with smaller data size
|
|||
|
|
|||
|
- in debug builds, environment variables can be set to simulate a slow
|
|||
|
network when sending data. cf-socket.c and vquic.c support
|
|||
|
* CURL_DBG_SOCK_WBLOCK: percentage of send() calls that should be
|
|||
|
answered with a EAGAIN. TCP/UNIX sockets.
|
|||
|
This is chosen randomly.
|
|||
|
* CURL_DBG_SOCK_WPARTIAL: percentage of data that shall be written
|
|||
|
to the network. TCP/UNIX sockets.
|
|||
|
Example: 80 means a send with 1000 bytes would only send 800
|
|||
|
This is applied to every send.
|
|||
|
* CURL_DBG_QUIC_WBLOCK: percentage of send() calls that should be
|
|||
|
answered with EAGAIN. QUIC only.
|
|||
|
This is chosen randomly.
|
|||
|
|
|||
|
Closes #11756
|
|||
|
|
|||
|
Daniel Stenberg (4 Sep 2023)
|
|||
|
|
|||
|
- docs: add curl_global_trace to some SEE ALSO sections
|
|||
|
|
|||
|
Closes #11791
|
|||
|
|
|||
|
- os400: fix checksrc nits
|
|||
|
|
|||
|
Closes #11789
|
|||
|
|
|||
|
Nicholas Nethercote (3 Sep 2023)
|
|||
|
|
|||
|
- hyper: remove `hyptransfer->endtask`
|
|||
|
|
|||
|
`Curl_hyper_stream` needs to distinguish between two kinds of
|
|||
|
`HYPER_TASK_EMPTY` tasks: (a) the `foreach` tasks it creates itself, and
|
|||
|
(b) background tasks that hyper produces. It does this by recording the
|
|||
|
address of any `foreach` task in `hyptransfer->endtask` before pushing
|
|||
|
it into the executor, and then comparing that against the address of
|
|||
|
tasks later polled out of the executor.
|
|||
|
|
|||
|
This works right now, but there is no guarantee from hyper that the
|
|||
|
addresses are stable. `hyper_executor_push` says "The executor takes
|
|||
|
ownership of the task, which should not be accessed again unless
|
|||
|
returned back to the user with `hyper_executor_poll`". That wording is a
|
|||
|
bit ambiguous but with my Rust programmer's hat on I read it as meaning
|
|||
|
the task returned with `hyper_executor_poll` may be conceptually the
|
|||
|
same as a task that was pushed, but that there are no other guarantees
|
|||
|
and comparing addresses is a bad idea.
|
|||
|
|
|||
|
This commit instead uses `hyper_task_set_userdata` to mark the `foreach`
|
|||
|
task with a `USERDATA_RESP_BODY` value which can then be checked for,
|
|||
|
removing the need for `hyptransfer->endtask`. This makes the code look
|
|||
|
more like that hyper C API examples, which use userdata for every task
|
|||
|
and never look at task addresses.
|
|||
|
|
|||
|
Closes #11779
|
|||
|
|
|||
|
Dave Cottlehuber (3 Sep 2023)
|
|||
|
|
|||
|
- ws: fix spelling mistakes in examples and tests
|
|||
|
|
|||
|
Closes #11784
|
|||
|
|
|||
|
Daniel Stenberg (3 Sep 2023)
|
|||
|
|
|||
|
- tool_filetime: make -z work with file dates before 1970
|
|||
|
|
|||
|
Fixes #11785
|
|||
|
Reported-by: Harry Sintonen
|
|||
|
Closes #11786
|
|||
|
|
|||
|
Dan Fandrich (1 Sep 2023)
|
|||
|
|
|||
|
- build: fix portability of mancheck and checksrc targets
|
|||
|
|
|||
|
At least FreeBSD preserves cwd across makefile lines, so rules
|
|||
|
consisting of more than one "cd X; do_something" must be explicitly run
|
|||
|
in a subshell to avoid this. This problem caused the Cirrus FreeBSD
|
|||
|
build to fail when parallel make jobs were enabled.
|
|||
|
|
|||
|
- CI: adjust labeler match patterns for new & obsolete files
|
|||
|
|
|||
|
- configure: trust pkg-config when it's used for zlib
|
|||
|
|
|||
|
The library flags retrieved from pkg-config were later thrown out and
|
|||
|
harded-coded, which negates the whole reason to use pkg-config.
|
|||
|
Also, previously, the assumption was made that --libs-only-l and
|
|||
|
--libs-only-L are the full decomposition of --libs, which is untrue and
|
|||
|
would not allow linking against a static zlib. The new approach is
|
|||
|
better in that it uses --libs, although only if --libs-only-l returns
|
|||
|
nothing.
|
|||
|
|
|||
|
Bug: https://curl.se/mail/lib-2023-08/0081.html
|
|||
|
Reported-by: Randall
|
|||
|
Closes #11778
|
|||
|
|
|||
|
Stefan Eissing (1 Sep 2023)
|
|||
|
|
|||
|
- CI/ngtcp2: clear wolfssl for when cache is ignored
|
|||
|
|
|||
|
Closes #11783
|
|||
|
|
|||
|
Daniel Stenberg (1 Sep 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Nicholas Nethercote (1 Sep 2023)
|
|||
|
|
|||
|
- hyper: fix a progress upload counter bug
|
|||
|
|
|||
|
`Curl_pgrsSetUploadCounter` should be a passed a total count, not an
|
|||
|
increment.
|
|||
|
|
|||
|
This changes the failing diff for test 579 with hyper from this:
|
|||
|
```
|
|||
|
Progress callback called with UL 0 out of 0[LF]
|
|||
|
-Progress callback called with UL 8 out of 0[LF]
|
|||
|
-Progress callback called with UL 16 out of 0[LF]
|
|||
|
-Progress callback called with UL 26 out of 0[LF]
|
|||
|
-Progress callback called with UL 61 out of 0[LF]
|
|||
|
-Progress callback called with UL 66 out of 0[LF]
|
|||
|
+Progress callback called with UL 29 out of 0[LF]
|
|||
|
```
|
|||
|
to this:
|
|||
|
```
|
|||
|
Progress callback called with UL 0 out of 0[LF]
|
|||
|
-Progress callback called with UL 8 out of 0[LF]
|
|||
|
-Progress callback called with UL 16 out of 0[LF]
|
|||
|
-Progress callback called with UL 26 out of 0[LF]
|
|||
|
-Progress callback called with UL 61 out of 0[LF]
|
|||
|
-Progress callback called with UL 66 out of 0[LF]
|
|||
|
+Progress callback called with UL 40 out of 0[LF]
|
|||
|
```
|
|||
|
Presumably a step in the right direction.
|
|||
|
|
|||
|
Closes #11780
|
|||
|
|
|||
|
Daniel Stenberg (1 Sep 2023)
|
|||
|
|
|||
|
- awssiv4: avoid freeing the date pointer on error
|
|||
|
|
|||
|
Since it was not allocated, don't free it even if it was wrong syntax
|
|||
|
|
|||
|
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61908
|
|||
|
|
|||
|
Follow-up to b137634ba3adb
|
|||
|
|
|||
|
Closes #11782
|
|||
|
|
|||
|
Stefan Eissing (1 Sep 2023)
|
|||
|
|
|||
|
- CI: ngtcp2-linux: use separate caches for tls libraries
|
|||
|
|
|||
|
allow ever changing master for wolfssl
|
|||
|
|
|||
|
Closes #11766
|
|||
|
|
|||
|
- replace `master` as wolfssl-version with recent commit
|
|||
|
|
|||
|
- wolfssl, use master again in CI
|
|||
|
|
|||
|
- with the shared session update fix landed in master, it
|
|||
|
is time to use that in our CI again
|
|||
|
|
|||
|
Nicholas Nethercote (31 Aug 2023)
|
|||
|
|
|||
|
- tests: fix formatting errors in `FILEFORMAT.md`.
|
|||
|
|
|||
|
Without the surrounding backticks, these tags get swallowed when the
|
|||
|
markdown is rendered.
|
|||
|
|
|||
|
Closes #11777
|
|||
|
|
|||
|
Viktor Szakats (31 Aug 2023)
|
|||
|
|
|||
|
- cmake: add support for `CURL_DEFAULT_SSL_BACKEND`
|
|||
|
|
|||
|
Allow overriding the default TLS backend via a CMake setting.
|
|||
|
|
|||
|
E.g.:
|
|||
|
`cmake [...] -DCURL_DEFAULT_SSL_BACKEND=mbedtls`
|
|||
|
|
|||
|
Accepted values: bearssl, gnutls, mbedtls, openssl, rustls,
|
|||
|
schannel, secure-transport, wolfssl
|
|||
|
|
|||
|
The passed string is baked into the curl/libcurl binaries.
|
|||
|
The value is case-insensitive.
|
|||
|
|
|||
|
We added a similar option to autotools in 2017 via
|
|||
|
c7170e20d0a18ec8a514b4daa53bcdbb4dcb3a05.
|
|||
|
|
|||
|
TODO: Convert to lowercase to improve reproducibility.
|
|||
|
|
|||
|
Closes #11774
|
|||
|
|
|||
|
- sectransp: fix compiler warnings
|
|||
|
|
|||
|
https://github.com/curl/curl-for-win/actions/runs/6037489221/job/16381860220#
|
|||
|
step:3:11046
|
|||
|
```
|
|||
|
/Users/runner/work/curl-for-win/curl-for-win/curl/lib/vtls/sectransp.c:2435:1
|
|||
|
4: warning: unused variable 'success' [-Wunused-variable]
|
|||
|
OSStatus success;
|
|||
|
^
|
|||
|
/Users/runner/work/curl-for-win/curl-for-win/curl/lib/vtls/sectransp.c:3300:4
|
|||
|
4: warning: unused parameter 'sha256len' [-Wunused-parameter]
|
|||
|
size_t sha256len)
|
|||
|
^
|
|||
|
```
|
|||
|
|
|||
|
Closes #11773
|
|||
|
|
|||
|
- tidy-up: mostly whitespace nits
|
|||
|
|
|||
|
- delete completed TODO from `./CMakeLists.txt`.
|
|||
|
- convert a C++ comment to C89 in `./CMake/CurlTests.c`.
|
|||
|
- delete duplicate EOLs from EOF.
|
|||
|
- add missing EOL at EOF.
|
|||
|
- delete whitespace at EOL (except from expected test results).
|
|||
|
- convert tabs to spaces.
|
|||
|
- convert CRLF EOLs to LF in GHA yaml.
|
|||
|
- text casing fixes in `./CMakeLists.txt`.
|
|||
|
- fix a codespell typo in `packages/OS400/initscript.sh`.
|
|||
|
|
|||
|
Closes #11772
|
|||
|
|
|||
|
Dan Fandrich (31 Aug 2023)
|
|||
|
|
|||
|
- CI: remove Windows builds from Cirrus, without replacement
|
|||
|
|
|||
|
If we don't do this, all coverage on Cirrus will cease in a few days. By
|
|||
|
removing the Windows builds, the FreeBSD one should still continue
|
|||
|
as before. The Windows builds will need be moved to another service to
|
|||
|
maintain test coverage.
|
|||
|
|
|||
|
Closes #11771
|
|||
|
|
|||
|
- CI: switch macOS ARM build from Cirrus to Circle CI
|
|||
|
|
|||
|
Cirrus is drastically reducing their free tier on Sept. 1, so they will
|
|||
|
no longer perform all these builds for us. All but one build has been
|
|||
|
moved, with the LibreSSL one being dropped because of linking problems
|
|||
|
on Circle.
|
|||
|
|
|||
|
One important note about this change is that Circle CI is currently
|
|||
|
directing all these builds to x86_64 hardware, despite them requesting
|
|||
|
ARM. This is because ARM nodes are scheduled to be available on the
|
|||
|
free tier only in December. This reduces our architectural diversity
|
|||
|
until then but it should automatically come back once those machines are
|
|||
|
enabled.
|
|||
|
|
|||
|
- CI: use the right variable for BSD make
|
|||
|
|
|||
|
BSD uses MAKEFLAGS instead of MAKE_FLAGS so it wasn't doing parallel
|
|||
|
builds before.
|
|||
|
|
|||
|
- CI: drop the FreeBSD 12.X build
|
|||
|
|
|||
|
Cirrus' new free tier won't let us have many builds, so drop the
|
|||
|
nonessential ones. The FreeBSD 13.X build will still give us the most
|
|||
|
relevant FreeBSD coverage.
|
|||
|
|
|||
|
- CI: move the Alpine build from Cirrus to GHA
|
|||
|
|
|||
|
Cirrus is reducing their free tier to next to nothing, so we must move
|
|||
|
builds elsewhere.
|
|||
|
|
|||
|
Stefan Eissing (30 Aug 2023)
|
|||
|
|
|||
|
- test_07_upload.py: fix test_07_34 curl args
|
|||
|
|
|||
|
- Pass correct filename to --data-binary.
|
|||
|
|
|||
|
Prior to this change --data-binary was passed an incorrect filename due
|
|||
|
to a missing separator in the arguments list. Since aacbeae7 curl will
|
|||
|
error on incorrect filenames for POST.
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/11761
|
|||
|
Closes https://github.com/curl/curl/pull/11763
|
|||
|
|
|||
|
Nicholas Nethercote (30 Aug 2023)
|
|||
|
|
|||
|
- tests: document which tests fail due to hyper's lack of trailer support.
|
|||
|
|
|||
|
Closes #11762
|
|||
|
|
|||
|
- docs: removing "pausing transfers" from HYPER.md.
|
|||
|
|
|||
|
It's a reference to #8600, which was fixed by #9070.
|
|||
|
|
|||
|
Closes #11764
|
|||
|
|
|||
|
Patrick Monnerat (30 Aug 2023)
|
|||
|
|
|||
|
- os400: handle CURL_TEMP_PRINTF() while building bind source
|
|||
|
|
|||
|
Closes #11547
|
|||
|
|
|||
|
- os400: build test servers
|
|||
|
|
|||
|
Also fix a non-compliant main prototype in disabled.c.
|
|||
|
|
|||
|
Closes #11547
|
|||
|
|
|||
|
- tests: fix compilation error for os400
|
|||
|
|
|||
|
OS400 uses BSD 4.3 setsockopt() prototype by default: this does not
|
|||
|
define parameter as const, resulting in an error if actual parameter is
|
|||
|
const. Remove the const keyword from the actual parameter cast: this
|
|||
|
works in all conditions, even if the formal parameter uses it.
|
|||
|
|
|||
|
Closes #11547
|
|||
|
|
|||
|
- os400: make programs and command name configurable
|
|||
|
|
|||
|
Closes #11547
|
|||
|
|
|||
|
- os400: move build configuration parameters to a separate script
|
|||
|
|
|||
|
They can then easily be overriden in a script named "config400.override"
|
|||
|
that is not part of the distribution.
|
|||
|
|
|||
|
Closes #11547
|
|||
|
|
|||
|
- os400: implement CLI tool
|
|||
|
|
|||
|
This is provided as a QADRT (ascii) program, a link to it in the IFS and
|
|||
|
a minimal CL command.
|
|||
|
|
|||
|
Closes #11547
|
|||
|
|
|||
|
Matthias Gatto (30 Aug 2023)
|
|||
|
|
|||
|
- lib: fix aws-sigv4 having date header twice in some cases
|
|||
|
|
|||
|
When the user was providing the header X-XXX-Date, the header was
|
|||
|
re-added during signature computation, and we had it twice in the
|
|||
|
request.
|
|||
|
|
|||
|
Reported-by: apparentorder@users.noreply.github.com
|
|||
|
|
|||
|
Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
|
|||
|
|
|||
|
Fixes: https://github.com/curl/curl/issues/11738
|
|||
|
Closes: https://github.com/curl/curl/pull/11754
|
|||
|
|
|||
|
Jay Satiro (30 Aug 2023)
|
|||
|
|
|||
|
- multi: remove 'processing: <url>' debug message
|
|||
|
|
|||
|
- Remove debug message added by e024d566.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11759
|
|||
|
|
|||
|
- ftp: fix temp write of ipv6 address
|
|||
|
|
|||
|
- During the check to differentiate between a port and IPv6 address
|
|||
|
without brackets, write the binary IPv6 address to an in6_addr.
|
|||
|
|
|||
|
Prior to this change the binary IPv6 address was erroneously written to
|
|||
|
a sockaddr_in6 'sa6' when it should have been written to its in6_addr
|
|||
|
member 'sin6_addr'. There's no fallout because no members of 'sa6' are
|
|||
|
accessed before it is later overwritten.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11747
|
|||
|
|
|||
|
- tool: change some fopen failures from warnings to errors
|
|||
|
|
|||
|
- Error on missing input file for --data, --data-binary,
|
|||
|
--data-urlencode, --header, --variable, --write-out.
|
|||
|
|
|||
|
Prior to this change if a user of the curl tool specified an input file
|
|||
|
for one of the above options and that file could not be opened then it
|
|||
|
would be treated as zero length data instead of an error. For example, a
|
|||
|
POST using `--data @filenametypo` would cause a zero length POST which
|
|||
|
is probably not what the user intended.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11677
|
|||
|
|
|||
|
- hostip: fix typo
|
|||
|
|
|||
|
Davide Masserut (29 Aug 2023)
|
|||
|
|
|||
|
- tool: avoid including leading spaces in the Location hyperlink
|
|||
|
|
|||
|
Co-authored-by: Dan Fandrich <dan@coneharvesters.com>
|
|||
|
|
|||
|
Closes #11735
|
|||
|
|
|||
|
Daniel Stenberg (29 Aug 2023)
|
|||
|
|
|||
|
- SECURITY-PROCESS.md: not a sec issue: Tricking user to run a cmdline
|
|||
|
|
|||
|
Closes #11757
|
|||
|
|
|||
|
- connect: stop halving the remaining timeout when less than 600 ms left
|
|||
|
|
|||
|
When curl wants to connect to a host, it always has a TIMEOUT. The
|
|||
|
maximum time it is allowed to spend until a connect is confirmed.
|
|||
|
|
|||
|
curl will try to connect to each of the IP adresses returned for the
|
|||
|
host. Two loops, one for each IP family.
|
|||
|
|
|||
|
During the connect loop, while curl has more than one IP address left to
|
|||
|
try within a single address family, curl has traditionally allowed (time
|
|||
|
left/2) for *this* connect attempt. This, to not get stuck on the
|
|||
|
initial addresses in case the timeout but still allow later addresses to
|
|||
|
get attempted.
|
|||
|
|
|||
|
This has the downside that when users set a very short timeout and the
|
|||
|
host has a large number of IP addresses, the effective result might be
|
|||
|
that every attempt gets a little too short time.
|
|||
|
|
|||
|
This change stop doing the divided-by-two if the total time left is
|
|||
|
below a threshold. This threshold is 600 milliseconds.
|
|||
|
|
|||
|
Closes #11693
|
|||
|
|
|||
|
- asyn-ares: reduce timeout to 2000ms
|
|||
|
|
|||
|
When UDP packets get lost this makes for slightly faster retries. This
|
|||
|
lower timeout is used by @c-ares itself by default starting next
|
|||
|
release.
|
|||
|
|
|||
|
Closes #11753
|
|||
|
|
|||
|
John Bampton (29 Aug 2023)
|
|||
|
|
|||
|
- misc: remove duplicate words
|
|||
|
|
|||
|
Closes #11740
|
|||
|
|
|||
|
Daniel Stenberg (29 Aug 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- wolfSSL: avoid the OpenSSL compat API when not needed
|
|||
|
|
|||
|
... and instead call wolfSSL functions directly.
|
|||
|
|
|||
|
Closes #11752
|
|||
|
|
|||
|
Viktor Szakats (28 Aug 2023)
|
|||
|
|
|||
|
- lib: fix null ptr derefs and uninitialized vars (h2/h3)
|
|||
|
|
|||
|
Fixing compiler warnings with gcc 13.2.0 in unity builds.
|
|||
|
|
|||
|
Assisted-by: Jay Satiro
|
|||
|
Assisted-by: Stefan Eissing
|
|||
|
Closes #11739
|
|||
|
|
|||
|
Jay Satiro (28 Aug 2023)
|
|||
|
|
|||
|
- secureserver.pl: fix stunnel version parsing
|
|||
|
|
|||
|
- Allow the stunnel minor-version version part to be zero.
|
|||
|
|
|||
|
Prior to this change with the stunnel version scheme of <major>.<minor>
|
|||
|
if either part was 0 then version parsing would fail, causing
|
|||
|
secureserver.pl to fail with error "No stunnel", causing tests that use
|
|||
|
the SSL protocol to be skipped. As a practical matter this bug can only
|
|||
|
be caused by a minor-version part of 0, since the major-version part is
|
|||
|
always greater than 0.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11722
|
|||
|
|
|||
|
- secureserver.pl: fix stunnel path quoting
|
|||
|
|
|||
|
- Store the stunnel path in the private variable $stunnel unquoted and
|
|||
|
instead quote it in the command strings.
|
|||
|
|
|||
|
Prior to this change the quoted stunnel path was passed to perl's file
|
|||
|
operators which cannot handle quoted paths. For example:
|
|||
|
|
|||
|
$stunnel = "\"/C/Program Files (x86)/stunnel/bin/tstunnel\"";
|
|||
|
if(-x $stunnel or -x "$stunnel")
|
|||
|
# false even if path exists and is executable
|
|||
|
|
|||
|
Our other test scripts written in perl, unlike this one, use servers.pm
|
|||
|
which has a global $stunnel variable with the path stored unquoted and
|
|||
|
therefore those scripts don't have this problem.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11721
|
|||
|
|
|||
|
Daniel Stenberg (28 Aug 2023)
|
|||
|
|
|||
|
- altsvc: accept and parse IPv6 addresses in response headers
|
|||
|
|
|||
|
Store numerical IPv6 addresses in the alt-svc file with the brackets
|
|||
|
present.
|
|||
|
|
|||
|
Verify with test 437 and 438
|
|||
|
|
|||
|
Fixes #11737
|
|||
|
Reported-by: oliverpool on github
|
|||
|
Closes #11743
|
|||
|
|
|||
|
- libtest: use curl_free() to free libcurl allocated data
|
|||
|
|
|||
|
In several test programs. These mistakes are not detected or a problem
|
|||
|
as long as memdebug.h is included, as that provides the debug wrappers
|
|||
|
for all memory functions in the same style libcurl internals do it,
|
|||
|
which makes curl_free and free effectively the same call.
|
|||
|
|
|||
|
Reported-by: Nicholas Nethercote
|
|||
|
Closes #11746
|
|||
|
|
|||
|
Jay Satiro (28 Aug 2023)
|
|||
|
|
|||
|
- disable.d: explain --disable not implemented prior to 7.50.0
|
|||
|
|
|||
|
Option -q/--disable was added in 5.0 but only -q was actually
|
|||
|
implemented. Later --disable was implemented in e200034 (precedes
|
|||
|
7.49.0), but incorrectly, and fixed in 6dbc23c (precedes 7.50.0).
|
|||
|
|
|||
|
Reported-by: pszlazak@users.noreply.github.com
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/11710
|
|||
|
Closes #11712
|
|||
|
|
|||
|
Nicholas Nethercote (28 Aug 2023)
|
|||
|
|
|||
|
- hyper: fix ownership problems
|
|||
|
|
|||
|
Some of these changes come from comparing `Curl_http` and
|
|||
|
`start_CONNECT`, which are similar, and adding things to them that are
|
|||
|
present in one and missing in another.
|
|||
|
|
|||
|
The most important changes:
|
|||
|
- In `start_CONNECT`, add a missing `hyper_clientconn_free` call on the
|
|||
|
happy path.
|
|||
|
- In `start_CONNECT`, add a missing `hyper_request_free` on the error
|
|||
|
path.
|
|||
|
- In `bodysend`, add a missing `hyper_body_free` on an early-exit path.
|
|||
|
- In `bodysend`, remove an unnecessary `hyper_body_free` on a different
|
|||
|
error path that would cause a double-free.
|
|||
|
https://docs.rs/hyper/latest/hyper/ffi/fn.hyper_request_set_body.html
|
|||
|
says of `hyper_request_set_body`: "This takes ownership of the
|
|||
|
hyper_body *, you must not use it or free it after setting it on the
|
|||
|
request." This is true even if `hyper_request_set_body` returns an
|
|||
|
error; I confirmed this by looking at the hyper source code.
|
|||
|
|
|||
|
Other changes are minor but make things slightly nicer.
|
|||
|
|
|||
|
Closes #11745
|
|||
|
|
|||
|
Daniel Stenberg (28 Aug 2023)
|
|||
|
|
|||
|
- multi.h: the 'revents' field of curl_waitfd is supported
|
|||
|
|
|||
|
Since 6d30f8ebed34e7276
|
|||
|
|
|||
|
Reported-by: Nicolás Ojeda Bär
|
|||
|
Ref: #11748
|
|||
|
Closes #11749
|
|||
|
|
|||
|
Gerome Fournier (27 Aug 2023)
|
|||
|
|
|||
|
- tool_paramhlp: improve str2num(): avoid unnecessary call to strlen()
|
|||
|
|
|||
|
Closes #11742
|
|||
|
|
|||
|
Daniel Stenberg (27 Aug 2023)
|
|||
|
|
|||
|
- docs: mention critical files in same directories as curl saves
|
|||
|
|
|||
|
... cannot be fully protected. Don't do it.
|
|||
|
|
|||
|
Co-authored-by: Jay Satiro
|
|||
|
Reported-by: Harry Sintonen
|
|||
|
Fixes #11530
|
|||
|
Closes #11701
|
|||
|
|
|||
|
John Hawthorn (26 Aug 2023)
|
|||
|
|
|||
|
- OpenSSL: clear error queue after SSL_shutdown
|
|||
|
|
|||
|
We've seen errors left in the OpenSSL error queue (specifically,
|
|||
|
"shutdown while in init") by adding some logging it revealed that the
|
|||
|
source was this file.
|
|||
|
|
|||
|
Since we call SSL_read and SSL_shutdown here, but don't check the return
|
|||
|
code for an error, we should clear the OpenSSL error queue in case one
|
|||
|
was raised.
|
|||
|
|
|||
|
This didn't affect curl because we call ERR_clear_error before every
|
|||
|
write operation (a0dd9df9ab35528eb9eb669e741a5df4b1fb833c), but when
|
|||
|
libcurl is used in a process with other OpenSSL users, they may detect
|
|||
|
an OpenSSL error pushed by libcurl's SSL_shutdown as if it was their
|
|||
|
own.
|
|||
|
|
|||
|
Co-authored-by: Satana de Sant'Ana <satana@skylittlesystem.org>
|
|||
|
|
|||
|
Closes #11736
|
|||
|
|
|||
|
Alexander Kanavin (25 Aug 2023)
|
|||
|
|
|||
|
- tests: update cookie expiry dates to far in the future
|
|||
|
|
|||
|
This allows testing Y2038 with system time set to after that, so that
|
|||
|
actual Y2038 issues can be exposed, and not masked by expiry errors.
|
|||
|
|
|||
|
Fixes #11576
|
|||
|
Closes #11610
|
|||
|
|
|||
|
John Bampton (25 Aug 2023)
|
|||
|
|
|||
|
- misc: fix spelling
|
|||
|
|
|||
|
Closes #11733
|
|||
|
|
|||
|
Daniel Stenberg (25 Aug 2023)
|
|||
|
|
|||
|
- cmdline-opts/page-header: clarify stronger that !opt == URL
|
|||
|
|
|||
|
Everything provided on the command line that is not an option (or an
|
|||
|
argument to an option) is treated as a URL.
|
|||
|
|
|||
|
Closes #11734
|
|||
|
|
|||
|
- tests/runner: fix %else handling
|
|||
|
|
|||
|
Getting the show state proper for %else and %endif did not properly work
|
|||
|
in nested cases.
|
|||
|
|
|||
|
Follow-up to 3d089c41ea9
|
|||
|
|
|||
|
Closes #11731
|
|||
|
|
|||
|
Nicholas Nethercote (25 Aug 2023)
|
|||
|
|
|||
|
- docs: Remove mention of #10803 from `KNOWN_BUGS`.
|
|||
|
|
|||
|
Because the leaks have been fixed.
|
|||
|
|
|||
|
- c-hyper: fix another memory leak in `Curl_http`.
|
|||
|
|
|||
|
There is a `hyper_clientconn_free` call on the happy path, but not one
|
|||
|
on the error path. This commit adds one.
|
|||
|
|
|||
|
Fixes the second memory leak reported by Valgrind in #10803.
|
|||
|
|
|||
|
Fixes #10803
|
|||
|
Closes #11729
|
|||
|
|
|||
|
- c-hyper: fix a memory leak in `Curl_http`.
|
|||
|
|
|||
|
A request created with `hyper_request_new` must be consumed by either
|
|||
|
`hyper_clientconn_send` or `hyper_request_free`.
|
|||
|
|
|||
|
This is not terrifically clear from the hyper docs --
|
|||
|
`hyper_request_free` is documented only with "Free an HTTP request if
|
|||
|
not going to send it on a client" -- but a perusal of the hyper code
|
|||
|
confirms it.
|
|||
|
|
|||
|
This commit adds a `hyper_request_free` to the `error:` path in
|
|||
|
`Curl_http` so that the request is consumed when an error occurs after
|
|||
|
the request is created but before it is sent.
|
|||
|
|
|||
|
Fixes the first memory leak reported by Valgrind in #10803.
|
|||
|
|
|||
|
Closes #11729
|
|||
|
|
|||
|
Daniel Stenberg (25 Aug 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
John Bampton (25 Aug 2023)
|
|||
|
|
|||
|
- misc: spellfixes
|
|||
|
|
|||
|
Closes #11730
|
|||
|
|
|||
|
Daniel Stenberg (25 Aug 2023)
|
|||
|
|
|||
|
- tests: add support for nested %if conditions
|
|||
|
|
|||
|
Provides more flexiblity to test cases.
|
|||
|
|
|||
|
Also warn and bail out if there is an '%else' or %endif' without a
|
|||
|
preceeding '%if'.
|
|||
|
|
|||
|
Ref: #11610
|
|||
|
Closes #11728
|
|||
|
|
|||
|
- time-cond.d: mention what happens on a missing file
|
|||
|
|
|||
|
Closes #11727
|
|||
|
|
|||
|
Christian Hesse (24 Aug 2023)
|
|||
|
|
|||
|
- docs/cmdline-opts: match the current output
|
|||
|
|
|||
|
The release date has been added in output, reflect that in documentation.
|
|||
|
|
|||
|
Closes #11723
|
|||
|
|
|||
|
Daniel Stenberg (24 Aug 2023)
|
|||
|
|
|||
|
- lib: minor comment corrections
|
|||
|
|
|||
|
- docs: rewrite to present tense
|
|||
|
|
|||
|
... instead of using future tense.
|
|||
|
|
|||
|
+ numerous cleanups and improvements
|
|||
|
+ stick to "reuse" not "re-use"
|
|||
|
+ fewer contractions
|
|||
|
|
|||
|
Closes #11713
|
|||
|
|
|||
|
- urlapi: setting a blank URL ("") is not an ok URL
|
|||
|
|
|||
|
Test it in 1560
|
|||
|
Fixes #11714
|
|||
|
Reported-by: ad0p on github
|
|||
|
Closes #11715
|
|||
|
|
|||
|
- spelling: use 'reuse' not 're-use' in code and elsewhere
|
|||
|
|
|||
|
Unify the spelling as both versions were previously used intermittently
|
|||
|
|
|||
|
Closes #11717
|
|||
|
|
|||
|
Michael Osipov (23 Aug 2023)
|
|||
|
|
|||
|
- system.h: add CURL_OFF_T definitions on HP-UX with HP aCC
|
|||
|
|
|||
|
HP-UX on IA64 provides two modes: 32 and 64 bit while 32 bit being the
|
|||
|
default one. Use "long long" in 32 bit mode and just "long" in 64 bit
|
|||
|
mode.
|
|||
|
|
|||
|
Closes #11718
|
|||
|
|
|||
|
Dan Fandrich (22 Aug 2023)
|
|||
|
|
|||
|
- tests: don't call HTTP errors OK in test cases
|
|||
|
|
|||
|
Some HTTP errors codes were accompanied by the text OK, which causes
|
|||
|
some cognitive dissonance when reading them.
|
|||
|
|
|||
|
- http: close the connection after a late 417 is received
|
|||
|
|
|||
|
In this situation, only part of the data has been sent before aborting
|
|||
|
so the connection is no longer usable.
|
|||
|
|
|||
|
Assisted-by: Jay Satiro
|
|||
|
Fixes #11678
|
|||
|
Closes #11679
|
|||
|
|
|||
|
- runtests: slightly increase the longest log file displayed
|
|||
|
|
|||
|
The new limit provides enough space for a 64 KiB data block to be logged
|
|||
|
in a trace file, plus a few lines at the start and end for context. This
|
|||
|
happens to be the amount of data sent at a time in a PUT request.
|
|||
|
|
|||
|
- tests: add delay command to the HTTP server
|
|||
|
|
|||
|
This adds a delay after client connect.
|
|||
|
|
|||
|
Daniel Stenberg (22 Aug 2023)
|
|||
|
|
|||
|
- cirrus: install everthing with pkg, avoid pip
|
|||
|
|
|||
|
Assisted-by: Sevan Janiyan
|
|||
|
|
|||
|
Closes #11711
|
|||
|
|
|||
|
- curl_url*.3: update function descriptions
|
|||
|
|
|||
|
- expand and clarify several descriptions
|
|||
|
- avoid using future tense all over
|
|||
|
|
|||
|
Closes #11708
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Stefan Eissing (21 Aug 2023)
|
|||
|
|
|||
|
- CI/cirrus: disable python install on FreeBSD
|
|||
|
|
|||
|
- python cryptography package does not build build FreeBSD
|
|||
|
- install just mentions "error"
|
|||
|
- this gets the build and the main test suite going again
|
|||
|
|
|||
|
Closes #11705
|
|||
|
|
|||
|
- test2600: fix flakiness on low cpu
|
|||
|
|
|||
|
- refs #11355 where failures to to low cpu resources in CI
|
|||
|
are reported
|
|||
|
- vastly extend CURLOPT_CONNECTTIMEOUT_MS and max durations
|
|||
|
to test cases
|
|||
|
- trigger Curl_expire() in test filter to allow re-checks before
|
|||
|
the usual 1second interval
|
|||
|
|
|||
|
Closes #11690
|
|||
|
|
|||
|
Maksim Sciepanienka (20 Aug 2023)
|
|||
|
|
|||
|
- tool_urlglob: use the correct format specifier for curl_off_t in msnprintf
|
|||
|
|
|||
|
Closes #11698
|
|||
|
|
|||
|
Daniel Stenberg (20 Aug 2023)
|
|||
|
|
|||
|
- test687/688: two more basic --xattr tests
|
|||
|
|
|||
|
Closes #11697
|
|||
|
|
|||
|
- cmdline-opts/docs: mentioned the negative option part
|
|||
|
|
|||
|
... for --no-alpn and --no-buffer in the same style done for other --no-
|
|||
|
options:
|
|||
|
|
|||
|
"Note that this is the negated option name documented."
|
|||
|
|
|||
|
Closes #11695
|
|||
|
|
|||
|
Emanuele Torre (19 Aug 2023)
|
|||
|
|
|||
|
- tool/var: also error when expansion result starts with NUL
|
|||
|
|
|||
|
Expansions whose output starts with NUL were being expanded to the empty
|
|||
|
string, and not being recognised as values that contain a NUL byte, and
|
|||
|
should error.
|
|||
|
|
|||
|
Closes #11694
|
|||
|
|
|||
|
Daniel Stenberg (19 Aug 2023)
|
|||
|
|
|||
|
- tests: add 'large-time' as a testable feature
|
|||
|
|
|||
|
This allows test cases to require this feature to run and to be used in
|
|||
|
%if conditions.
|
|||
|
|
|||
|
Large here means larger than 32 bits. Ie does not suffer from y2038.
|
|||
|
|
|||
|
Closes #11696
|
|||
|
|
|||
|
- tests/Makefile: add check-translatable-options.pl to tarball
|
|||
|
|
|||
|
Used in test 1544
|
|||
|
|
|||
|
Follow-up to ae806395abc8c
|
|||
|
|
|||
|
- gen.pl: fix a long version generation mistake
|
|||
|
|
|||
|
Too excessive escaping made the parsing not find the correct long names
|
|||
|
later and instead add "wrong" links.
|
|||
|
|
|||
|
Follow-up to 439ff2052e219
|
|||
|
|
|||
|
Reported-by: Lukas Tribus
|
|||
|
Fixes #11688
|
|||
|
Closes #11689
|
|||
|
|
|||
|
- lib: move mimepost data from ->req.p.http to ->state
|
|||
|
|
|||
|
When the legacy CURLOPT_HTTPPOST option is used, it gets converted into
|
|||
|
the modem mimpost struct at first use. This data is (now) kept for the
|
|||
|
entire transfer and not only per single HTTP request. This re-enables
|
|||
|
rewind in the beginning of the second request instead of in end of the
|
|||
|
first, as brought by 1b39731.
|
|||
|
|
|||
|
The request struct is per-request data only.
|
|||
|
|
|||
|
Extend test 650 to verify.
|
|||
|
|
|||
|
Fixes #11680
|
|||
|
Reported-by: yushicheng7788 on github
|
|||
|
Closes #11682
|
|||
|
|
|||
|
Patrick Monnerat (17 Aug 2023)
|
|||
|
|
|||
|
- os400: do not check translatable options at build time
|
|||
|
|
|||
|
Now that there is a test for this, the build time check is not needed
|
|||
|
anymore.
|
|||
|
|
|||
|
Closes #11650
|
|||
|
|
|||
|
- test1554: check translatable string options in OS400 wrapper
|
|||
|
|
|||
|
This test runs a perl script that checks all string options are properly
|
|||
|
translated by the OS400 character code conversion wrapper. It also
|
|||
|
verifies these options are listed in alphanumeric order in the wrapper
|
|||
|
switch statement.
|
|||
|
|
|||
|
Closes #11650
|
|||
|
|
|||
|
Daniel Stenberg (17 Aug 2023)
|
|||
|
|
|||
|
- unit3200: skip testing if function is not present
|
|||
|
|
|||
|
Fake a successful run since we have no easy mechanism to skip this test
|
|||
|
for this advanced condition.
|
|||
|
|
|||
|
- unit2600: fix build warning if built without verbose messages
|
|||
|
|
|||
|
- test1608: make it build and get skipped without shuffle DNS support
|
|||
|
|
|||
|
- lib: --disable-bindlocal builds curl without local binding support
|
|||
|
|
|||
|
- test1304: build and skip without netrc support
|
|||
|
|
|||
|
- lib: build fixups when built with most things disabled
|
|||
|
|
|||
|
Closes #11687
|
|||
|
|
|||
|
- workflows/macos.yml: disable zstd and alt-svc in the http-only build
|
|||
|
|
|||
|
Closes #11683
|
|||
|
|
|||
|
Stefan Eissing (17 Aug 2023)
|
|||
|
|
|||
|
- bearssl: handshake fix, provide proper get_select_socks() implementation
|
|||
|
|
|||
|
- bring bearssl handshake times down from +200ms down to other TLS backends
|
|||
|
- vtls: improve generic get_select_socks() implementation
|
|||
|
- tests: provide Apache with a suitable ssl session cache
|
|||
|
|
|||
|
Closes #11675
|
|||
|
|
|||
|
- tests: TLS session sharing test
|
|||
|
|
|||
|
- test TLS session sharing with special test client
|
|||
|
- expect failure with wolfSSL
|
|||
|
- disable flaky wolfSSL test_02_07b
|
|||
|
|
|||
|
Closes #11675
|
|||
|
|
|||
|
Daniel Stenberg (17 Aug 2023)
|
|||
|
|
|||
|
- CURLOPT_*TIMEOUT*: extend and clarify
|
|||
|
|
|||
|
Closes #11686
|
|||
|
|
|||
|
- urlapi: return CURLUE_BAD_HOSTNAME if puny2idn encoding fails
|
|||
|
|
|||
|
And document it. Only return out of memory when it actually is a memory
|
|||
|
problem.
|
|||
|
|
|||
|
Pointed-out-by: Jacob Mealey
|
|||
|
Closes #11674
|
|||
|
|
|||
|
Mathew Benson (17 Aug 2023)
|
|||
|
|
|||
|
- cmake: add GnuTLS option
|
|||
|
|
|||
|
- Option to use GNUTLS was missing. Hence was not able to use GNUTLS
|
|||
|
with ngtcp2 for http3.
|
|||
|
|
|||
|
Closes #11685
|
|||
|
|
|||
|
Daniel Stenberg (16 Aug 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- http: remove the p_pragma struct field
|
|||
|
|
|||
|
unused since 40e8b4e52 (2008)
|
|||
|
|
|||
|
Closes #11681
|
|||
|
|
|||
|
Jay Satiro (16 Aug 2023)
|
|||
|
|
|||
|
- CURLINFO_CERTINFO.3: better explain curl_certinfo struct
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11666
|
|||
|
|
|||
|
- CURLINFO_TLS_SSL_PTR.3: clarify a recommendation
|
|||
|
|
|||
|
- Remove the out-of-date SSL backend list supported by
|
|||
|
CURLOPT_SSL_CTX_FUNCTION.
|
|||
|
|
|||
|
It makes more sense to just refer to that document instead of having
|
|||
|
a separate list that has to be kept in sync.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11665
|
|||
|
|
|||
|
- write-out.d: clarify %{time_starttransfer}
|
|||
|
|
|||
|
sync it up with CURLINFO_STARTTRANSFER_TIME_T
|
|||
|
|
|||
|
Daniel Stenberg (15 Aug 2023)
|
|||
|
|
|||
|
- transfer: don't set TIMER_STARTTRANSFER on first send
|
|||
|
|
|||
|
The time stamp is for measuring the first *received* byte
|
|||
|
|
|||
|
Fixes #11669
|
|||
|
Reported-by: JazJas on github
|
|||
|
Closes #11670
|
|||
|
|
|||
|
trrui-huawei (15 Aug 2023)
|
|||
|
|
|||
|
- quiche: enable quiche to handle timeout events
|
|||
|
|
|||
|
In parallel with ngtcp2, quiche also offers the `quiche_conn_on_timeout`
|
|||
|
interface for the application to invoke upon timer
|
|||
|
expiration. Therefore, invoking the `on_timeout` function of the
|
|||
|
Connection is crucial to ensure seamless functionality of quiche with
|
|||
|
timeout events.
|
|||
|
|
|||
|
Closes #11654
|
|||
|
|
|||
|
- quiche: adjust quiche `QUIC_IDLE_TIMEOUT` to 60s
|
|||
|
|
|||
|
Set the `QUIC_IDLE_TIMEOUT` parameter to match ngtcp2 for consistency.
|
|||
|
|
|||
|
Daniel Stenberg (15 Aug 2023)
|
|||
|
|
|||
|
- KNOWN_BUGS: LDAPS requests to ActiveDirectory server hang
|
|||
|
|
|||
|
Closes #9580
|
|||
|
|
|||
|
- imap: add a check for failing strdup()
|
|||
|
|
|||
|
- imap: remove the only sscanf() call in the IMAP code
|
|||
|
|
|||
|
Avoids the use of a stack buffer.
|
|||
|
|
|||
|
Closes #11673
|
|||
|
|
|||
|
- imap: use a dynbuf in imap_atom
|
|||
|
|
|||
|
Avoid a calculation + malloc. Build the output in a dynbuf.
|
|||
|
|
|||
|
Closes #11672
|
|||
|
|
|||
|
Marin Hannache (14 Aug 2023)
|
|||
|
|
|||
|
- http: do not require a user name when using CURLAUTH_NEGOTIATE
|
|||
|
|
|||
|
In order to get Negotiate (SPNEGO) authentication to work in HTTP you
|
|||
|
used to be required to provide a (fake) user name (this concerned both
|
|||
|
curl and the lib) because the code wrongly only considered
|
|||
|
authentication if there was a user name provided, as in:
|
|||
|
|
|||
|
curl -u : --negotiate https://example.com/
|
|||
|
|
|||
|
This commit leverages the `struct auth` want member to figure out if the
|
|||
|
user enabled CURLAUTH_NEGOTIATE, effectively removing the requirement of
|
|||
|
setting a user name both in curl and the lib.
|
|||
|
|
|||
|
Signed-off-by: Marin Hannache <git@mareo.fr>
|
|||
|
Reported-by: Enrico Scholz
|
|||
|
Fixes https://sourceforge.net/p/curl/bugs/440/
|
|||
|
Fixes #1161
|
|||
|
Closes #9047
|
|||
|
|
|||
|
Viktor Szakats (13 Aug 2023)
|
|||
|
|
|||
|
- build: streamline non-UWP wincrypt detections
|
|||
|
|
|||
|
- with CMake, use the variable `WINDOWS_STORE` to detect an UWP build
|
|||
|
and disable our non-UWP-compatible use the Windows crypto API. This
|
|||
|
allows to drop two dynamic feature checks.
|
|||
|
|
|||
|
`WINDOWS_STORE` is true when invoking CMake with
|
|||
|
`CMAKE_SYSTEM_NAME` == `WindowsStore`. Introduced in CMake v3.1.
|
|||
|
|
|||
|
Ref: https://cmake.org/cmake/help/latest/variable/WINDOWS_STORE.html
|
|||
|
|
|||
|
- with autotools, drop the separate feature check for `wincrypt.h`. On
|
|||
|
one hand this header has been present for long (even Borland C 5.5 had
|
|||
|
it from year 2000), on the other we used the check result solely to
|
|||
|
enable another check for certain crypto functions. This fails anyway
|
|||
|
with the header not present. We save one dynamic feature check at the
|
|||
|
configure stage.
|
|||
|
|
|||
|
Reviewed-by: Marcel Raad
|
|||
|
Closes #11657
|
|||
|
|
|||
|
Nicholas Nethercote (13 Aug 2023)
|
|||
|
|
|||
|
- docs/HYPER.md: update hyper build instructions
|
|||
|
|
|||
|
Nightly Rust and `-Z unstable-options` are not needed.
|
|||
|
|
|||
|
The instructions here now match the hyper docs exactly:
|
|||
|
https://github.com/hyperium/hyper/commit/bd7928f3dd6a8461f0f0fdf7ee0fd95c2f15
|
|||
|
6f88
|
|||
|
|
|||
|
Closes #11662
|
|||
|
|
|||
|
Daniel Stenberg (13 Aug 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- urlapi: CURLU_PUNY2IDN - convert from punycode to IDN name
|
|||
|
|
|||
|
Asssisted-by: Jay Satiro
|
|||
|
Closes #11655
|
|||
|
|
|||
|
- spellcheck: adapt to backslashed minuses
|
|||
|
|
|||
|
As the curl.1 has more backslashed minus, the cleanup sed lines xneed to
|
|||
|
adapt.
|
|||
|
|
|||
|
Adjusted some docs slighly.
|
|||
|
|
|||
|
Follow-up to 439ff2052e
|
|||
|
|
|||
|
Closes #11663
|
|||
|
|
|||
|
- gen: escape more minus
|
|||
|
|
|||
|
Detected since it was still hard to search for option names using dashes
|
|||
|
in the middle in the man page.
|
|||
|
|
|||
|
Closes #11660
|
|||
|
|
|||
|
- cookie-jar.d: enphasize that this option is ONLY writing cookies
|
|||
|
|
|||
|
Reported-by: Dan Jacobson
|
|||
|
Tweaked-by: Jay Satiro
|
|||
|
Ref: #11642
|
|||
|
Closes #11661
|
|||
|
|
|||
|
Nicholas Nethercote (11 Aug 2023)
|
|||
|
|
|||
|
- docs/HYPER.md: document a workaround for a link error
|
|||
|
|
|||
|
Closes #11653
|
|||
|
|
|||
|
Jay Satiro (11 Aug 2023)
|
|||
|
|
|||
|
- schannel: verify hostname independent of verify cert
|
|||
|
|
|||
|
Prior to this change when CURLOPT_SSL_VERIFYPEER (verifypeer) was off
|
|||
|
and CURLOPT_SSL_VERIFYHOST (verifyhost) was on we did not verify the
|
|||
|
hostname in schannel code.
|
|||
|
|
|||
|
This fixes KNOWN_BUG 2.8 "Schannel disable CURLOPT_SSL_VERIFYPEER and
|
|||
|
verify hostname". We discussed a fix several years ago in #3285 but it
|
|||
|
went stale.
|
|||
|
|
|||
|
Assisted-by: Daniel Stenberg
|
|||
|
|
|||
|
Bug: https://curl.haxx.se/mail/lib-2018-10/0113.html
|
|||
|
Reported-by: Martin Galvan
|
|||
|
|
|||
|
Ref: https://github.com/curl/curl/pull/3285
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/issues/3284
|
|||
|
Closes https://github.com/curl/curl/pull/10056
|
|||
|
|
|||
|
Daniel Stenberg (11 Aug 2023)
|
|||
|
|
|||
|
- curl_quiche: remove superfluous NULL check
|
|||
|
|
|||
|
'stream' is always non-NULL at this point
|
|||
|
|
|||
|
Pointed out by Coverity
|
|||
|
|
|||
|
Closes #11656
|
|||
|
|
|||
|
- curl/urlapi.h: tiny typo
|
|||
|
|
|||
|
- github/labeler: make HYPER.md set Hyper and not TLS
|
|||
|
|
|||
|
- docs/cmdline-opts/gen.pl: hide "added in" before 7.50.0
|
|||
|
|
|||
|
7.50.0 shipped on Jul 21 2016, over seven years ago. We no longer need
|
|||
|
to specify version changes for earlier releases in the generated output.
|
|||
|
|
|||
|
This ups the limit from the previous 7.30.0 (Apr 12 2013)
|
|||
|
|
|||
|
This hides roughly 35 "added in" mentions.
|
|||
|
|
|||
|
Closes #11651
|
|||
|
|
|||
|
Jay Satiro (10 Aug 2023)
|
|||
|
|
|||
|
- bug_report: require reporters to specify curl and os versions
|
|||
|
|
|||
|
- Change curl version and os sections from single-line input to
|
|||
|
multi-line textarea.
|
|||
|
|
|||
|
- Require curl version and os sections to be filled out before report
|
|||
|
can be submitted.
|
|||
|
|
|||
|
Closes https://github.com/curl/curl/pull/11636
|
|||
|
|
|||
|
Daniel Stenberg (9 Aug 2023)
|
|||
|
|
|||
|
- gen.pl: replace all single quotes with aq
|
|||
|
|
|||
|
- this prevents man from using a unicode sequence for them
|
|||
|
- which then allows search to work properly
|
|||
|
|
|||
|
Closes #11645
|
|||
|
|
|||
|
Viktor Szakats (9 Aug 2023)
|
|||
|
|
|||
|
- cmake: fix to use variable for the curl namespace
|
|||
|
|
|||
|
Replace (wrong) literal with a variable to specify the curl
|
|||
|
namespace.
|
|||
|
|
|||
|
Follow-up to 1199308dbc902c52be67fc805c72dd2582520d30 #11505
|
|||
|
|
|||
|
Reported-by: balikalina on Github
|
|||
|
Fixes https://github.com/curl/curl/commit/1199308dbc902c52be67fc805c72dd25825
|
|||
|
20d30#r123923098
|
|||
|
Closes #11629
|
|||
|
|
|||
|
- cmake: allow `SHARE_LIB_OBJECT=ON` on all platforms
|
|||
|
|
|||
|
2ebc74c36a19a1700af394c16855ce144d9878e3 #11546 introduced sharing
|
|||
|
libcurl objects for shared and static targets.
|
|||
|
|
|||
|
The above automatically enabled for Windows builds, with an option to
|
|||
|
disable with `SHARE_LIB_OBJECT=OFF`.
|
|||
|
|
|||
|
This patch extend this feature to all platforms as a manual option.
|
|||
|
You can enable it by setting `SHARE_LIB_OBJECT=ON`. Then shared objects
|
|||
|
are built in PIC mode, meaning the static lib will also have PIC code.
|
|||
|
|
|||
|
[EXPERIMENTAL]
|
|||
|
|
|||
|
Closes #11627
|
|||
|
|
|||
|
- cmake: assume `wldap32` availability on Windows
|
|||
|
|
|||
|
This system library first shipped with Windows ME, available as an extra
|
|||
|
install for some older releases (according to [1]). The import library
|
|||
|
was present already in old MinGW 3.4.2 (year 2007).
|
|||
|
|
|||
|
Drop the feature check and its associated `HAVE_WLDAP32` variable.
|
|||
|
|
|||
|
To manually disable `wldap32`, you can use the `USE_WIN32_LDAP=OFF`
|
|||
|
CMake option, like before.
|
|||
|
|
|||
|
[1]: https://dlcdn.apache.org/httpd/binaries/win32/LEGACY.html
|
|||
|
|
|||
|
Reviewed-by: Jay Satiro
|
|||
|
Closes #11624
|
|||
|
|
|||
|
Daniel Stenberg (9 Aug 2023)
|
|||
|
|
|||
|
- page-header: move up a URL paragraph from GLOBBING to URL
|
|||
|
|
|||
|
- variable.d: output the function names table style
|
|||
|
|
|||
|
Also correct the url function name in the header
|
|||
|
|
|||
|
Closes #11641
|
|||
|
|
|||
|
- haproxy-clientip.d: remove backticks
|
|||
|
|
|||
|
This is not markdown
|
|||
|
|
|||
|
Follow-up to 0a75964d0d94a4
|
|||
|
|
|||
|
Closes #11639
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- gen.pl: escape all dashes (ascii minus) to avoid unicode hyphens
|
|||
|
|
|||
|
Reported-by: FC Stegerman
|
|||
|
Fixes #11635
|
|||
|
Closes #11637
|
|||
|
|
|||
|
- cmdline-opts/page-header: reorder, clean up
|
|||
|
|
|||
|
- removed some unnecessary blurb to focus
|
|||
|
- moved up the more important URL details
|
|||
|
- put "globbing" into its own subtitle and moved down a little
|
|||
|
- mention the online man page in the version section
|
|||
|
|
|||
|
Closes #11638
|
|||
|
|
|||
|
- c-hyper: adjust the hyper to curlcode conversion
|
|||
|
|
|||
|
Closes #11621
|
|||
|
|
|||
|
- test2306: make it use a persistent connection
|
|||
|
|
|||
|
+ enable verbose already from the start
|
|||
|
|
|||
|
Closes #11621
|
|||
|
|
|||
|
eppesuig (8 Aug 2023)
|
|||
|
|
|||
|
- list-only.d: mention SFTP as supported protocol
|
|||
|
|
|||
|
Closes #11628
|
|||
|
|
|||
|
Daniel Stenberg (8 Aug 2023)
|
|||
|
|
|||
|
- request.d: use .TP for protocol "labels"
|
|||
|
|
|||
|
To render the section nicer in man page.
|
|||
|
|
|||
|
Closes #11630
|
|||
|
|
|||
|
- cf-haproxy: make CURLOPT_HAPROXY_CLIENT_IP set the *source* IP
|
|||
|
|
|||
|
... as documented.
|
|||
|
|
|||
|
Update test 3201 and 3202 accordingly.
|
|||
|
|
|||
|
Reported-by: Markus Sommer
|
|||
|
Fixes #11619
|
|||
|
Closes #11626
|
|||
|
|
|||
|
- page-footer: QLOGDIR works with ngtcp2 and quiche
|
|||
|
|
|||
|
It previously said "both" backends which is confusing as we currently
|
|||
|
have three...
|
|||
|
|
|||
|
Closes #11631
|
|||
|
|
|||
|
Stefan Eissing (8 Aug 2023)
|
|||
|
|
|||
|
- http3: quiche, handshake optimization, trace cleanup
|
|||
|
|
|||
|
- load x509 store after clienthello
|
|||
|
- cleanup of tracing
|
|||
|
|
|||
|
Closes #11618
|
|||
|
|
|||
|
Daniel Stenberg (8 Aug 2023)
|
|||
|
|
|||
|
- ngtcp2: remove dead code
|
|||
|
|
|||
|
'result' is always zero (CURLE_OK) at this point
|
|||
|
|
|||
|
Detected by Coverity
|
|||
|
|
|||
|
Closes #11622
|
|||
|
|
|||
|
Viktor Szakats (8 Aug 2023)
|
|||
|
|
|||
|
- openssl: auto-detect `SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED`
|
|||
|
|
|||
|
OpenSSL 1.1.1 defines this macro, but no ealier version, or any of the
|
|||
|
popular forks (yet). Use the macro itself to detect its presence,
|
|||
|
replacing the hard-wired fork-specific conditions.
|
|||
|
|
|||
|
This way the feature will enable automatically when forks implement it,
|
|||
|
while also shorter and possibly requiring less future maintenance.
|
|||
|
|
|||
|
Follow-up to 94241a9e78397a2aaf89a213e6ada61e7de7ee02 #6721
|
|||
|
|
|||
|
Reviewed-by: Jay Satiro
|
|||
|
Closes #11617
|
|||
|
|
|||
|
- openssl: use `SSL_CTX_set_ciphersuites` with LibreSSL 3.4.1
|
|||
|
|
|||
|
LibreSSL 3.4.1 (2021-10-14) added support for
|
|||
|
`SSL_CTX_set_ciphersuites`.
|
|||
|
|
|||
|
Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.1-relnotes.txt
|
|||
|
|
|||
|
Reviewed-by: Jay Satiro
|
|||
|
Closes #11616
|
|||
|
|
|||
|
- openssl: use `SSL_CTX_set_keylog_callback` with LibreSSL 3.5.0
|
|||
|
|
|||
|
LibreSSL 3.5.0 (2022-02-24) added support for
|
|||
|
`SSL_CTX_set_keylog_callback`.
|
|||
|
|
|||
|
Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.0-relnotes.txt
|
|||
|
|
|||
|
Reviewed-by: Jay Satiro
|
|||
|
Closes #11615
|
|||
|
|
|||
|
- cmake: drop `HAVE_LIBWINMM` and `HAVE_LIBWS2_32` feature checks
|
|||
|
|
|||
|
- `HAVE_LIBWINMM` was detected but unused. The `winmm` system library is
|
|||
|
also not used by curl, but it is by its optional dependency `librtmp`.
|
|||
|
Change the logic to always add `winmm` when `USE_LIBRTMP` is set. This
|
|||
|
library has been available since the early days of Windows.
|
|||
|
|
|||
|
- `HAVE_LIBWS2_32` detected `ws2_32` lib on Windows. This lib is present
|
|||
|
since Windows 95 OSR2 (AFAIR). Winsock1 already wasn't supported and
|
|||
|
other existing logic already assumed this lib being present, so delete
|
|||
|
the check and replace the detection variable with `WIN32` and always
|
|||
|
add `ws2_32` on Windows.
|
|||
|
|
|||
|
Closes #11612
|
|||
|
|
|||
|
Daniel Gustafsson (8 Aug 2023)
|
|||
|
|
|||
|
- crypto: ensure crypto initialization works
|
|||
|
|
|||
|
Make sure that context initialization during hash setup works to avoid
|
|||
|
going forward with the risk of a null pointer dereference.
|
|||
|
|
|||
|
Reported-by: Philippe Antoine on HackerOne
|
|||
|
Assisted-by: Jay Satiro
|
|||
|
Assisted-by: Daniel Stenberg
|
|||
|
|
|||
|
Closes #11614
|
|||
|
|
|||
|
Viktor Szakats (7 Aug 2023)
|
|||
|
|
|||
|
- openssl: switch to modern init for LibreSSL 2.7.0+
|
|||
|
|
|||
|
LibreSSL 2.7.0 (2018-03-21) introduced automatic initialization,
|
|||
|
`OPENSSL_init_ssl()` function and deprecated the old, manual init
|
|||
|
method, as seen in OpenSSL 1.1.0. Switch to the modern method when
|
|||
|
available.
|
|||
|
|
|||
|
Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.7.0-relnotes.txt
|
|||
|
|
|||
|
Reviewed-by: Daniel Stenberg
|
|||
|
Closes #11611
|
|||
|
|
|||
|
Daniel Stenberg (7 Aug 2023)
|
|||
|
|
|||
|
- gskit: remove
|
|||
|
|
|||
|
We remove support for building curl with gskit.
|
|||
|
|
|||
|
- This is a niche TLS library, only running on some IBM systems
|
|||
|
- no regular curl contributors use this backend
|
|||
|
- no CI builds use or verify this backend
|
|||
|
- gskit, or the curl adaption for it, lacks many modern TLS features
|
|||
|
making it an inferior solution
|
|||
|
- build breakages in this code take weeks or more to get detected
|
|||
|
- fixing gskit code is mostly done "flying blind"
|
|||
|
|
|||
|
This removal has been advertized in DEPRECATED in Jan 2, 2023 and it has
|
|||
|
been mentioned on the curl-library mailing list.
|
|||
|
|
|||
|
It could be brought back, this is not a ban. Given proper effort and
|
|||
|
will, gskit support is welcome back into the curl TLS backend family.
|
|||
|
|
|||
|
Closes #11460
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
Dan Fandrich (7 Aug 2023)
|
|||
|
|
|||
|
- THANKS-filter: add a name typo
|
|||
|
|
|||
|
Stefan Eissing (7 Aug 2023)
|
|||
|
|
|||
|
- http3/ngtcp2: shorten handshake, trace cleanup
|
|||
|
|
|||
|
- shorten handshake timing by delayed x509 store load (OpenSSL)
|
|||
|
as we do for HTTP/2
|
|||
|
- cleanup of trace output, align with HTTP/2 output
|
|||
|
|
|||
|
Closes #11609
|
|||
|
|
|||
|
Daniel Stenberg (7 Aug 2023)
|
|||
|
|
|||
|
- headers: accept leading whitespaces on first response header
|
|||
|
|
|||
|
This is a bad header fold but since the popular browsers accept this
|
|||
|
violation, so does curl now. Unless built with hyper.
|
|||
|
|
|||
|
Add test 1473 to verify and adjust test 2306.
|
|||
|
|
|||
|
Reported-by: junsik on github
|
|||
|
Fixes #11605
|
|||
|
Closes #11607
|
|||
|
|
|||
|
- include/curl/mprintf.h: add __attribute__ for the prototypes
|
|||
|
|
|||
|
- if gcc or clang is used
|
|||
|
- if __STDC_VERSION__ >= 199901L, which means greater than C90
|
|||
|
- if not using mingw
|
|||
|
- if CURL_NO_FMT_CHECKS is not defined
|
|||
|
|
|||
|
Closes #11589
|
|||
|
|
|||
|
- tests: fix bad printf format flags in test code
|
|||
|
|
|||
|
- tests: fix header scan tools for attribute edits in mprintf.h
|
|||
|
|
|||
|
- cf-socket: log successful interface bind
|
|||
|
|
|||
|
When the setsockopt SO_BINDTODEVICE operation succeeds, output that in
|
|||
|
the verbose output.
|
|||
|
|
|||
|
Ref: #11599
|
|||
|
Closes #11608
|
|||
|
|
|||
|
- CURLOPT_SSL_VERIFYPEER.3: mention it does not load CA certs when disabled
|
|||
|
|
|||
|
Ref: #11457
|
|||
|
Closes #11606
|
|||
|
|
|||
|
- CURLOPT_SSL_VERIFYPEER.3: add two more see also options
|
|||
|
|
|||
|
CURLINFO_CAINFO and CURLINFO_CAPATH
|
|||
|
|
|||
|
Closes #11603
|
|||
|
|
|||
|
- KNOWN_BUGS: aws-sigv4 does not behave well with AWS VPC Lattice
|
|||
|
|
|||
|
Closes #11007
|
|||
|
|
|||
|
Graham Campbell (6 Aug 2023)
|
|||
|
|
|||
|
- CI: use openssl 3.0.10+quic, nghttp3 0.14.0, ngtcp2 0.18.0
|
|||
|
|
|||
|
Closes #11585
|
|||
|
|
|||
|
Daniel Stenberg (6 Aug 2023)
|
|||
|
|
|||
|
- TODO: add *5* entries for aws-sigv4
|
|||
|
|
|||
|
Closes #7559
|
|||
|
Closes #8107
|
|||
|
Closes #8810
|
|||
|
Closes #9717
|
|||
|
Closes #10129
|
|||
|
|
|||
|
- TODO: LDAP Certificate-Based Authentication
|
|||
|
|
|||
|
Closes #9641
|
|||
|
|
|||
|
Stefan Eissing (6 Aug 2023)
|
|||
|
|
|||
|
- http2: cleanup trace messages
|
|||
|
|
|||
|
- more compact format with bracketed stream id
|
|||
|
- all frames traced in and out
|
|||
|
|
|||
|
Closes #11592
|
|||
|
|
|||
|
Daniel Stenberg (6 Aug 2023)
|
|||
|
|
|||
|
- tests/tftpd+mqttd: make variables static to silence picky warnings
|
|||
|
|
|||
|
Closes #11594
|
|||
|
|
|||
|
- docs/cmdline: remove repeated working for negotiate + ntlm
|
|||
|
|
|||
|
The extra wording is added automatically by the gen.pl tool
|
|||
|
|
|||
|
Closes #11597
|
|||
|
|
|||
|
- docs/cmdline: add small "warning" to verbose options
|
|||
|
|
|||
|
"Note that verbose output of curl activities and network traffic might
|
|||
|
contain sensitive data, including user names, credentials or secret data
|
|||
|
content. Be aware and be careful when sharing trace logs with others."
|
|||
|
|
|||
|
Closes #11596
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- pingpong: don't use *bump_headersize
|
|||
|
|
|||
|
We use that for HTTP(S) only.
|
|||
|
|
|||
|
Follow-up to 3ee79c1674fd6
|
|||
|
|
|||
|
Closes #11590
|
|||
|
|
|||
|
- urldata: remove spurious parenthesis to unbreak no-proxy build
|
|||
|
|
|||
|
Follow-up to e12b39e13382
|
|||
|
|
|||
|
Closes #11591
|
|||
|
|
|||
|
- easy: don't call Curl_trc_opt() in disabled-verbose builds
|
|||
|
|
|||
|
Follow-up to e12b39e133822c6a0
|
|||
|
|
|||
|
Closes #11588
|
|||
|
|
|||
|
- http: use %u for printfing int
|
|||
|
|
|||
|
Follow-up to 3ee79c1674fd6f99e8efca5
|
|||
|
|
|||
|
Closes #11587
|
|||
|
|
|||
|
Goro FUJI (3 Aug 2023)
|
|||
|
|
|||
|
- vquic: show stringified messages for errno
|
|||
|
|
|||
|
Closes #11584
|
|||
|
|
|||
|
Stefan Eissing (3 Aug 2023)
|
|||
|
|
|||
|
- trace: make tracing available in non-debug builds
|
|||
|
|
|||
|
Add --trace-config to curl
|
|||
|
|
|||
|
Add curl_global_trace() to libcurl
|
|||
|
|
|||
|
Closes #11421
|
|||
|
|
|||
|
Daniel Stenberg (3 Aug 2023)
|
|||
|
|
|||
|
- TODO: remove "Support intermediate & root pinning for PINNEDPUBLICKEY"
|
|||
|
|
|||
|
See also https://github.com/curl/curl/pull/7507
|
|||
|
|
|||
|
- TODO: add "WebSocket read callback"
|
|||
|
|
|||
|
remove "Upgrade to websockets" as we already have this
|
|||
|
|
|||
|
Closes #11402
|
|||
|
|
|||
|
- test497: verify rejecting too large incoming headers
|
|||
|
|
|||
|
- http: return error when receiving too large header set
|
|||
|
|
|||
|
To avoid abuse. The limit is set to 300 KB for the accumulated size of
|
|||
|
all received HTTP headers for a single response. Incomplete research
|
|||
|
suggests that Chrome uses a 256-300 KB limit, while Firefox allows up to
|
|||
|
1MB.
|
|||
|
|
|||
|
Closes #11582
|
|||
|
|
|||
|
Stefan Eissing (3 Aug 2023)
|
|||
|
|
|||
|
- http2: upgrade tests and add fix for non-existing stream
|
|||
|
|
|||
|
- check in h2 filter recv that stream actually exists
|
|||
|
and return error if not
|
|||
|
- add test for parallel, extreme h2 upgrades that fail if
|
|||
|
connections get reused before fully switched
|
|||
|
- add h2 upgrade upload test just for completeness
|
|||
|
|
|||
|
Closes #11563
|
|||
|
|
|||
|
Viktor Szakats (3 Aug 2023)
|
|||
|
|
|||
|
- tests: ensure `libcurl.def` contains all exports
|
|||
|
|
|||
|
Add `test1279` to verify that `libcurl.def` lists all exported API
|
|||
|
functions found in libcurl headers.
|
|||
|
|
|||
|
Also:
|
|||
|
|
|||
|
- extend test suite XML `stdout` tag with the `loadfile` attribute.
|
|||
|
|
|||
|
- fix `tests/extern-scan.pl` and `test1135` to include websocket API.
|
|||
|
|
|||
|
- use all headers (sorted) in `test1135` instead of a manual list.
|
|||
|
|
|||
|
- add options `--sort`, `--heading=` to `tests/extern-scan.pl`.
|
|||
|
|
|||
|
- add `libcurl.def` to the auto-labeler GHA task.
|
|||
|
|
|||
|
Follow-up to 2ebc74c36a19a1700af394c16855ce144d9878e3
|
|||
|
|
|||
|
Closes #11570
|
|||
|
|
|||
|
Daniel Stenberg (2 Aug 2023)
|
|||
|
|
|||
|
- url: change default value for CURLOPT_MAXREDIRS to 30
|
|||
|
|
|||
|
It was previously unlimited by default, but that's not a sensible
|
|||
|
default. While changing this has a remote risk of breaking an existing
|
|||
|
use case, I figure it is more likely to actually save users from loops.
|
|||
|
|
|||
|
Closes #11581
|
|||
|
|
|||
|
- lib: fix a few *printf() flag mistakes
|
|||
|
|
|||
|
Reported-by: Gisle Vanem
|
|||
|
Ref: #11574
|
|||
|
Closes #11579
|
|||
|
|
|||
|
Samuel Chiang (2 Aug 2023)
|
|||
|
|
|||
|
- openssl: make aws-lc version support OCSP
|
|||
|
|
|||
|
And bump version in CI
|
|||
|
|
|||
|
Closes #11568
|
|||
|
|
|||
|
Daniel Stenberg (2 Aug 2023)
|
|||
|
|
|||
|
- tool: make the length argument an int for printf()-.* flags
|
|||
|
|
|||
|
Closes #11578
|
|||
|
|
|||
|
- tool_operate: fix memory leak when SSL_CERT_DIR is used
|
|||
|
|
|||
|
Detected by Coverity
|
|||
|
|
|||
|
Follow-up to 29bce9857a12b6cfa726a5
|
|||
|
|
|||
|
Closes #11577
|
|||
|
|
|||
|
- tool/var: free memory on OOM
|
|||
|
|
|||
|
Coverity detected this memory leak in OOM situation
|
|||
|
|
|||
|
Follow-up to 2e160c9c652504e
|
|||
|
|
|||
|
Closes #11575
|
|||
|
|
|||
|
Viktor Szakats (2 Aug 2023)
|
|||
|
|
|||
|
- gha: bump libressl and mbedtls versions
|
|||
|
|
|||
|
Closes #11573
|
|||
|
|
|||
|
Jay Satiro (2 Aug 2023)
|
|||
|
|
|||
|
- schannel: fix user-set legacy algorithms in Windows 10 & 11
|
|||
|
|
|||
|
- If the user set a legacy algorithm list (CURLOPT_SSL_CIPHER_LIST) then
|
|||
|
use the SCHANNEL_CRED legacy structure to pass the list to Schannel.
|
|||
|
|
|||
|
- If the user set both a legacy algorithm list and a TLS 1.3 cipher list
|
|||
|
then abort.
|
|||
|
|
|||
|
Although MS doesn't document it, Schannel will not negotiate TLS 1.3
|
|||
|
when SCHANNEL_CRED is used. That means setting a legacy algorithm list
|
|||
|
limits the user to earlier versions of TLS.
|
|||
|
|
|||
|
Prior to this change, since 8beff435 (precedes 7.85.0), libcurl would
|
|||
|
ignore legacy algorithms in Windows 10 1809 and later.
|
|||
|
|
|||
|
Reported-by: zhihaoy@users.noreply.github.com
|
|||
|
|
|||
|
Fixes https://github.com/curl/curl/pull/10741
|
|||
|
Closes https://github.com/curl/curl/pull/10746
|
|||
|
|
|||
|
Daniel Stenberg (2 Aug 2023)
|
|||
|
|
|||
|
- variable.d: setting a variable again overwrites it
|
|||
|
|
|||
|
Reported-by: Niall McGee
|
|||
|
Bug: https://twitter.com/niallmcgee/status/1686523075423322113
|
|||
|
Closes #11571
|
|||
|
|
|||
|
Jay Satiro (2 Aug 2023)
|
|||
|
|
|||
|
- CURLOPT_PROXY_SSL_OPTIONS.3: sync formatting
|
|||
|
|
|||
|
- Re-wrap CURLSSLOPT_ALLOW_BEAST description.
|
|||
|
|
|||
|
Daniel Stenberg (2 Aug 2023)
|
|||
|
|
|||
|
- RELEASE-NOTES: synced
|
|||
|
|
|||
|
- resolve: use PF_INET6 family lookups when CURL_IPRESOLVE_V6 is set
|
|||
|
|
|||
|
Previously it would always do PF_UNSPEC if CURL_IPRESOLVE_V4 is not
|
|||
|
used, thus unnecessarily asking for addresses that will not be used.
|
|||
|
|
|||
|
Reported-by: Joseph Tharayil
|
|||
|
Fixes #11564
|
|||
|
Closes #11565
|
|||
|
|
|||
|
- docs: link to the website versions instead of markdowns
|
|||
|
|
|||
|
... to make the links work when the markdown is converted to webpages on
|
|||
|
https://curl.se
|
|||
|
|
|||
|
Reported-by: Maurício Meneghini Fauth
|
|||
|
Fixes https://github.com/curl/curl-www/issues/272
|
|||
|
Closes #11569
|
|||
|
|
|||
|
Viktor Szakats (1 Aug 2023)
|
|||
|
|
|||
|
- cmake: cache more config and delete unused ones
|
|||
|
|
|||
|
- cache more Windows config results for faster initialization.
|
|||
|
|
|||
|
- delete unused config macros `HAVE_SYS_UTSNAME_H`, `HAVE_SSL_H`.
|
|||
|
|
|||
|
- delete dead references to `sys/utsname.h`.
|
|||
|
|
|||
|
Closes #11551
|
|||
|
|
|||
|
- egd: delete feature detection and related source code
|
|||
|
|
|||
|
EGD is Entropy Gathering Daemon, a socket-based entropy source supported
|
|||
|
by pre-OpenSSL v1.1 versions and now deprecated. curl also deprecated it
|
|||
|
a while ago.
|
|||
|
|
|||
|
Its detection in CMake was broken all along because OpenSSL libs were
|
|||
|
not linked at the point of feature check.
|
|||
|
|
|||
|
Delete detection from both cmake and autotools, along with the related
|
|||
|
source snippet, and the `--with-egd-socket=` `./configure` option.
|
|||
|
|
|||
|
Closes #11556
|
|||
|
|
|||
|
Stefan Eissing (1 Aug 2023)
|
|||
|
|
|||
|
- tests: fix h3 server check and parallel instances
|
|||
|
|
|||
|
- fix check for availability of nghttpx server
|
|||
|
- add `tcp` frontend config for same port as quic, as
|
|||
|
without this, port 3000 is bound which clashes for parallel
|
|||
|
testing
|
|||
|
|
|||
|
Closes #11553
|
|||
|
|
|||
|
Daniel Stenberg (1 Aug 2023)
|
|||
|
|
|||
|
- docs/cmdline-opts: spellfixes, typos and polish
|
|||
|
|
|||
|
To make them accepted by the spell checker
|
|||
|
|
|||
|
Closes #11562
|
|||
|
|
|||
|
- CI/spellcheck: build curl.1 and spellcheck it
|
|||
|
|
|||
|
Added acceptable words
|
|||
|
|
|||
|
Closes #11562
|
|||
|
|
|||
|
Alexander Jaeger (1 Aug 2023)
|
|||
|
|
|||
|
- misc: fix various typos
|
|||
|
|
|||
|
Closes #11561
|
|||
|
|
|||
|
Daniel Stenberg (1 Aug 2023)
|
|||
|
|
|||
|
- http2: avoid too early connection re-use/multiplexing
|
|||
|
|
|||
|
HTTP/1 connections that are upgraded to HTTP/2 should not be picked up
|
|||
|
for reuse and multiplexing by other handles until the 101 switching
|
|||
|
process is completed.
|
|||
|
|
|||
|
Lots-of-debgging-by: Stefan Eissing
|
|||
|
Reported-by: Richard W.M. Jones
|
|||
|
Bug: https://curl.se/mail/lib-2023-07/0045.html
|
|||
|
Closes #11557
|
|||
|
|
|||
|
- Revert "KNOWN_BUGS: build for iOS simulator on macOS 13.2 with Xcode 14"
|
|||
|
|
|||
|
This reverts commit 2e8a3d7cb73c85a9aa151e263315f8a496dbb9d4.
|
|||
|
|
|||
|
It's a user error for supplying incomplete information to the build system.
|
|||
|
|
|||
|
Reported-by: Ryan Schmidt
|
|||
|
Ref: https://github.com/curl/curl/issues/11215#issuecomment-1658729367
|
|||
|
|
|||
|
Viktor Szakats (1 Aug 2023)
|
|||
|
|
|||
|
- cmake: add support for single libcurl compilation pass
|
|||
|
|
|||
|
Before this patch CMake builds used two separate compilation passes to
|
|||
|
build the shared and static libcurl respectively. This patch allows to
|
|||
|
reduce that to a single pass if the target platform and build settings
|
|||
|
allow it.
|
|||
|
|
|||
|
This reduces CMake build times when building both static and shared
|
|||
|
libcurl at the same time, making these dual builds an almost zero-cost
|
|||
|
option.
|
|||
|
|
|||
|
Enable this feature for Windows builds, where the difference between the
|
|||
|
two passes was the use of `__declspec(dllexport)` attribute for exported
|
|||
|
API functions for the shared builds. This patch replaces this method
|
|||
|
with the use of `libcurl.def` at DLL link time.
|
|||
|
|
|||
|
Also update `Makefile.mk` to use `libcurl.def` to export libcurl API
|
|||
|
symbols on Windows. This simplifies (or fixes) this build method (e.g.
|
|||
|
in curl-for-win, which generated a `libcurl.def` from `.h` files using
|
|||
|
an elaborate set of transformations).
|
|||
|
|
|||
|
`libcurl.def` has the maintenance cost of keeping the list of public
|
|||
|
libcurl API symbols up-to-date. This list seldom changes, so the cost
|
|||
|
is low.
|
|||
|
|
|||
|
Closes #11546
|
|||
|
|
|||
|
- cmake: detect `SSL_set0_wbio` in OpenSSL
|
|||
|
|
|||
|
Present in OpenSSL 1.1.0 and BoringSSL.
|
|||
|
Missing from LibreSSL 3.8.0.
|
|||
|
|
|||
|
Follow-up to f39472ea9f4f4e12cfbc0500c4580a8d52ce4a59
|
|||
|
|
|||
|
While here, also fix `RAND_egd()` detection which was broken, likely all
|
|||
|
along. This feature is probably broken with CMake builds and also
|
|||
|
requires a sufficiently obsolete OpenSSL version, so this part of the
|
|||
|
update was not tested.
|
|||
|
|
|||
|
Closes #11555
|