10697 lines
300 KiB
Plaintext
10697 lines
300 KiB
Plaintext
_ _ ____ _
|
||
___| | | | _ \| |
|
||
/ __| | | | |_) | |
|
||
| (__| |_| | _ <| |___
|
||
\___|\___/|_| \_\_____|
|
||
|
||
Changelog
|
||
|
||
Version 8.6.0 (31 Jan 2024)
|
||
|
||
Daniel Stenberg (31 Jan 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
curl 8.6.0
|
||
|
||
- THANKS: new contributors from 8.5.0
|
||
|
||
Jay Satiro (31 Jan 2024)
|
||
|
||
- cd2nroff: use perl 'strict' and 'warnings'
|
||
|
||
- Use strict and warnings pragmas.
|
||
|
||
- If open() fails then show the reason.
|
||
|
||
- Set STDIN io layer :crlf so that input is properly read on Windows.
|
||
|
||
- When STDIN is used as input, the filename $f is now set to "STDIN".
|
||
|
||
Various error messages in single() use $f for the filename and this way
|
||
it is not undefined when STDIN.
|
||
|
||
Closes https://github.com/curl/curl/pull/12819
|
||
|
||
Daniel Stenberg (30 Jan 2024)
|
||
|
||
- cd2nroff: fix duplicate output issue
|
||
|
||
Assisted-by: Jay Satiro
|
||
Fixes https://github.com/curl/curl-www/issues/321
|
||
Closes #12818
|
||
|
||
- lib: error out on multissl + http3
|
||
|
||
Since the QUIC/h3 code has no knowledge or handling of multissl it might
|
||
bring unintended consequences if we allow it.
|
||
|
||
configure, cmake and curl_setup.h all now reject this combination.
|
||
|
||
Assisted-by: Viktor Szakats
|
||
Assisted-by: Gisle Vanem
|
||
Ref: #12806
|
||
Closes #12807
|
||
|
||
Patrick Monnerat (29 Jan 2024)
|
||
|
||
- OS400: sync ILE/RPG binding
|
||
|
||
Also do not force git CRLF line endings on *.cmd files for OS400.
|
||
|
||
Closes #12815
|
||
|
||
Viktor Szakats (28 Jan 2024)
|
||
|
||
- build: delete/replace 3 more clang warning pragmas
|
||
|
||
- tool_msgs: delete redundant `-Wformat-nonliteral` suppression pragma.
|
||
|
||
- whitespace formatting in `mprintf.h`, lib518, lib537.
|
||
|
||
- lib518: fix wrong variable in `sizeof()`.
|
||
|
||
- lib518: bump variables to `rlim_t`.
|
||
Follow-up to e2b394106d543c4615a60795b7fdce04bd4e5090 #1469
|
||
|
||
- lib518: sync error message with lib537
|
||
Follow-up to 365322b8bcf9efb6a361473d227b70f2032212ce
|
||
|
||
- lib518, lib537: replace `-Wformat-nonliteral` suppression pragmas
|
||
by reworking test code.
|
||
|
||
Follow-up to 5b286c250829e06a135a6ba998e80beb7f43a734 #12812
|
||
Follow-up to aee4ebe59161d0a5281743f96e7738ad97fe1cd4 #12803
|
||
Follow-up to 09230127589eccc7e01c1a7217787ef8e64f3328 #12540
|
||
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12814
|
||
|
||
Richard Levitte (27 Jan 2024)
|
||
|
||
- cmake: freshen up docs/INSTALL.cmake
|
||
|
||
- Turn docs/INSTALL.cmake into a proper markdown file,
|
||
docs/INSTALL-CMAKE.md
|
||
- Move things around to divide the description into configuration,
|
||
building and installing sections
|
||
- Mention the more modern cmake options to configure, build and install,
|
||
but also retain the older variants as fallbacks
|
||
|
||
Closes #12772
|
||
|
||
Viktor Szakats (27 Jan 2024)
|
||
|
||
- build: delete/replace clang warning pragmas
|
||
|
||
- delete redundant warning suppressions for `-Wformat-nonliteral`.
|
||
This now relies on `CURL_PRINTF()` and it's theoratically possible
|
||
that this macro isn't active but the warning is. We're ignoring this
|
||
as a corner-case here.
|
||
|
||
- replace two pragmas with code changes to avoid the warnings.
|
||
|
||
Follow-up to aee4ebe59161d0a5281743f96e7738ad97fe1cd4 #12803
|
||
Follow-up to 09230127589eccc7e01c1a7217787ef8e64f3328 #12540
|
||
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12812
|
||
|
||
Daniel Stenberg (27 Jan 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- http: only act on 101 responses when they are HTTP/1.1
|
||
|
||
For 101 responses claiming to be any other protocol, bail out. This
|
||
would previously trigger an assert.
|
||
|
||
Add test 1704 to verify.
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66184
|
||
Closes #12811
|
||
|
||
Scarlett McAllister (27 Jan 2024)
|
||
|
||
- _VARIABLES.md: add missing 'be' into the sentence
|
||
|
||
Closes #12809
|
||
|
||
Stefan Eissing (27 Jan 2024)
|
||
|
||
- mqtt, remove remaining use of data->state.buffer
|
||
|
||
Closes #12799
|
||
|
||
Daniel Stenberg (27 Jan 2024)
|
||
|
||
- x509asn1: switch from malloc to dynbuf
|
||
|
||
Closes #12808
|
||
|
||
- x509asn1: make utf8asn1str() use dynbuf instead of malloc + memcpy
|
||
|
||
Closes #12808
|
||
|
||
- x509asn1: reduce malloc in Curl_extract_certinfo
|
||
|
||
Using dynbuf
|
||
|
||
Closes #12808
|
||
|
||
Jay Satiro (27 Jan 2024)
|
||
|
||
- THANKS: add Alexander Bartel and Brennan Kinney
|
||
|
||
They reported and investigated #10259 which was fixed by 7b2d98df.
|
||
|
||
Ref: https://github.com/curl/curl/issues/10259
|
||
|
||
Daniel Stenberg (26 Jan 2024)
|
||
|
||
- krb5: add prototype to silence clang warnings on mvsnprintf()
|
||
|
||
"error: format string is not a string literal"
|
||
|
||
Follow-up to 09230127589eccc7 which made the warning appear
|
||
|
||
Assisted-by: Viktor Szakats
|
||
Closes #12803
|
||
|
||
- x509asn1: remove code for WANT_VERIFYHOST
|
||
|
||
No code ever sets this anymore since we dropped gskit
|
||
|
||
Follow-up to 78d6232f1f326b9ab4d
|
||
|
||
Closes #12804
|
||
|
||
- socks: reduce the buffer size to 600 (from 8K)
|
||
|
||
This is malloc'ed memory and it does not more. Test 742 helps us verify
|
||
this.
|
||
|
||
Closes #12789
|
||
|
||
Stefan Eissing (26 Jan 2024)
|
||
|
||
- file+ftp: use stack buffers instead of data->state.buffer
|
||
|
||
Closes #12789
|
||
|
||
- vtls: receive max buffer
|
||
|
||
- do not only receive one TLS record, but try to fill
|
||
the passed buffer
|
||
- consider <4K remaning space is "filled".
|
||
|
||
Closes #12801
|
||
|
||
Daniel Stenberg (26 Jan 2024)
|
||
|
||
- docs: do not start lines/sentences with So, But nor And
|
||
|
||
Closes #12802
|
||
|
||
- docs: remove spurious ampersands from markdown
|
||
|
||
They were leftovers from the nroff conversion.
|
||
|
||
Follow-up to eefcc1bda4bccd800f5a5
|
||
|
||
Closes #12800
|
||
|
||
Patrick Monnerat (26 Jan 2024)
|
||
|
||
- sasl: make login option string override http auth
|
||
|
||
- Use http authentication mechanisms as a default, not a preset.
|
||
|
||
Consider http authentication options which are mapped to SASL options as
|
||
a default (overriding the hardcoded default mask for the protocol) that
|
||
is ignored if a login option string is given.
|
||
|
||
Prior to this change, if some HTTP auth options were given, sasl mapped
|
||
http authentication options to sasl ones but merged them with the login
|
||
options.
|
||
|
||
That caused problems with the cli tool that sets the http login option
|
||
CURLAUTH_BEARER as a side-effect of --oauth2-bearer, because this flag
|
||
maps to more than one sasl mechanisms and the latter cannot be cleared
|
||
individually by the login options string.
|
||
|
||
New test 992 checks this.
|
||
|
||
Fixes https://github.com/curl/curl/issues/10259
|
||
Closes https://github.com/curl/curl/pull/12790
|
||
|
||
Stefan Eissing (26 Jan 2024)
|
||
|
||
- socks: use own buffer instead of data->state.buffer
|
||
|
||
Closes #12788
|
||
|
||
Daniel Stenberg (26 Jan 2024)
|
||
|
||
- socks: fix generic output string to say SOCKS instead of SOCKS4
|
||
|
||
... since it was also logged for SOCKS5.
|
||
|
||
Closes #12797
|
||
|
||
- test742: test SOCKS5 with max length user, password and hostname
|
||
|
||
Adjusted the socksd server accordingly to allow for configuring that
|
||
long user name and password.
|
||
|
||
Closes #12797
|
||
|
||
Stefan Eissing (25 Jan 2024)
|
||
|
||
- ssh: use stack scratch buffer for seeks
|
||
|
||
- instead of data->state.buffer
|
||
|
||
Closes #12794
|
||
|
||
Daniel Stenberg (25 Jan 2024)
|
||
|
||
- krb5: access the response buffer correctly
|
||
|
||
As the pingpong code no longer uses the download buffer.
|
||
|
||
Folllow-up to c2d973627bab12ab
|
||
Pointed-out-by: Stefan Eissing
|
||
Closes #12796
|
||
|
||
Stefan Eissing (25 Jan 2024)
|
||
|
||
- mqtt: use stack scratch buffer for recv+publish
|
||
|
||
- instead of data->state.buffer
|
||
|
||
Closes #12792
|
||
|
||
- telnet, use stack scratch buffer for do
|
||
|
||
- instead of data->state.buffer
|
||
|
||
Closes #12793
|
||
|
||
- http, use stack scratch buffer
|
||
|
||
- instead of data->state.buffer
|
||
|
||
Closes #12791
|
||
|
||
- ntlm_wb: do not use data->state.buf any longer
|
||
|
||
Closes #12787
|
||
|
||
- gitignore: the generated `libcurl-symbols.md`
|
||
|
||
Closes #12795
|
||
|
||
Daniel Stenberg (25 Jan 2024)
|
||
|
||
- tool: fix the listhelp generation command
|
||
|
||
The previous command line to generate the tool_listhelp.c source file
|
||
broke with 2494b8dd5175cee7.
|
||
|
||
Make 'make listhelp' invoked in src/ generate it. Also update the
|
||
comment in the file to mention the right procedure.
|
||
|
||
Closes #12786
|
||
|
||
- http: check for "Host:" case insensitively
|
||
|
||
When checking if the user wants to replace the header, the check should
|
||
be case insensitive.
|
||
|
||
Adding test 461 to verify
|
||
|
||
Found-by: Dan Fandrich
|
||
Ref: #12782
|
||
Closes #12784
|
||
|
||
Tatsuhiro Tsujikawa (25 Jan 2024)
|
||
|
||
- configure: add libngtcp2_crypto_boringssl detection
|
||
|
||
If OpenSSL is found to be BoringSSL or AWS-LC, and ngtcp2 is requested,
|
||
try to detect libngtcp2_crypto_boringssl.
|
||
|
||
Reported-by: ウさん
|
||
Fixes #12724
|
||
Closes #12769
|
||
|
||
Daniel Stenberg (25 Jan 2024)
|
||
|
||
- http: remove comment reference to a removed solution
|
||
|
||
Follow-up to 58974d25d
|
||
|
||
Closes #12785
|
||
|
||
Stefan Eissing (25 Jan 2024)
|
||
|
||
- pytest: Scorecard tracking CPU and RSS
|
||
|
||
Closes #12765
|
||
|
||
Graham Campbell (25 Jan 2024)
|
||
|
||
- GHA: bump ngtcp2, gnutls, mod_h2, quiche
|
||
|
||
- ngtcp2 to v1.2.0
|
||
- gnutls to 3.8.3
|
||
- mod_h2 to 2.0.26
|
||
- quiche to 0.20.0
|
||
|
||
Closes #12778
|
||
Closes #12779
|
||
Closes #12780
|
||
Closes #12781
|
||
|
||
Daniel Stenberg (25 Jan 2024)
|
||
|
||
- ftpserver.pl: send 213 SIZE response without spurious newline
|
||
|
||
- pingpong: stop using the download buffer
|
||
|
||
The pingpong logic now uses its own dynbuf for receiving command
|
||
response data.
|
||
|
||
When the "final" response header for a commanad has been received, that
|
||
final line is left first in the recvbuf for the protocols to parse at
|
||
will. If there is additional data behind the final response line, the
|
||
'overflow' counter is indicate how many bytes.
|
||
|
||
Closes #12757
|
||
|
||
- gen.pl: remove bold from .IP used for ##
|
||
|
||
Reported-by: Viktor Szakats
|
||
Fixes #12776
|
||
Closes #12777
|
||
|
||
Viktor Szakats (24 Jan 2024)
|
||
|
||
- cmake: rework options to enable curl and libcurl docs
|
||
|
||
Rework CMake options for building/using curl tool and libcurl manuals.
|
||
|
||
- rename `ENABLE_MANUAL` to `ENABLE_CURL_MANUAL`, meaning:
|
||
to build man page and built-in manual for curl tool.
|
||
|
||
- rename `BUILD_DOCS` to `BUILD_LIBCURL_DOCS`, meaning:
|
||
to build man pages for libcurl.
|
||
|
||
- `BUILD_LIBCURL_DOCS` now works without having to enable
|
||
`ENABLE_CURL_MANUAL` too.
|
||
|
||
- drop support for existing CMake-level `USE_MANUAL` option to avoid
|
||
confusion. (It used to work with the effect of current
|
||
`ENABLE_CURL_MANUAL`, but only by accident.)
|
||
|
||
Assisted-by: Richard Levitte
|
||
Ref: #12771
|
||
Closes #12773
|
||
|
||
Daniel Stenberg (24 Jan 2024)
|
||
|
||
- urlapi: remove assert
|
||
|
||
This assert triggers wrongly when CURLU_GUESS_SCHEME and
|
||
CURLU_NO_AUTHORITY are both set and the URL is a single path.
|
||
|
||
I think this assert has played out its role. It was introduced in a
|
||
rather big refactor.
|
||
|
||
Follow-up to 4cfa5bcc9a
|
||
|
||
Reported-by: promptfuzz_ on hackerone
|
||
Closes #12775
|
||
|
||
Patrick Monnerat (24 Jan 2024)
|
||
|
||
- tests: avoid int/size_t conversion size/sign warnings
|
||
|
||
Closes #12768
|
||
|
||
Daniel Stenberg (24 Jan 2024)
|
||
|
||
- GHA: add a job scanning for "bad words" in markdown
|
||
|
||
This means words, phrases or things we have decided not to use - words that
|
||
are spelled right according to the dictionary but we want to avoid. In the
|
||
name of consistency and better documentation.
|
||
|
||
Closes #12764
|
||
|
||
Viktor Szakats (23 Jan 2024)
|
||
|
||
- cmake: speed up curldown processing, enable by default
|
||
|
||
- cmake: enable `BUILD_DOCS` by default (this controls converting and
|
||
installing `.3` files from `.md` sources)
|
||
|
||
- cmake: speed up generating `.3` files by using a single command per
|
||
directory, instead of a single command per file. This reduces external
|
||
commands by about a thousand. (There remains some CMake logic kicking
|
||
in resulting in 500 -one per file- external `-E touch_nocreate` calls.)
|
||
|
||
- cd2nroff: add ability to process multiple input files.
|
||
|
||
- cd2nroff: add `-k` option to use the source filename to form the
|
||
output filename. (instead of the default in-file `Title:` line.)
|
||
|
||
Follow-up to 3f08d80b2244524646ce86915c585509ac54fb4c
|
||
Follow-up to ea0b575dab86a3c44dd1d547dc500276266aa382 #12753
|
||
Follow-up to eefcc1bda4bccd800f5a56a0fe17a2f44a96e88b #12730
|
||
|
||
Closes #12762
|
||
|
||
Richard Levitte (23 Jan 2024)
|
||
|
||
- docs: install curl.1 with cmake as well
|
||
|
||
Closes #12759
|
||
|
||
Daniel Stenberg (23 Jan 2024)
|
||
|
||
- osslq: remove the TLS library from the version output
|
||
|
||
Since we only support using a single TLS library at any one time, we
|
||
know that the TLS library for QUIC is the same that is also shown for
|
||
regular TLS.
|
||
|
||
Fixes #12763
|
||
Reported-by: Viktor Szakats
|
||
Closes #12767
|
||
|
||
Stefan Eissing (23 Jan 2024)
|
||
|
||
- CI: remove unnecessary OpenSSL 3 option `enable-tls1_3`
|
||
|
||
.. and switch OpenSSL 3 libdir from lib64 to lib for consistency.
|
||
|
||
Closes https://github.com/curl/curl/pull/12758
|
||
|
||
- GHA: bump nghttp2 version to v1.59.0
|
||
|
||
- Switch to v1.59.0 for GHA CI jobs that use a specific nghttp2-version.
|
||
|
||
Closes https://github.com/curl/curl/pull/12766
|
||
|
||
Daniel Stenberg (23 Jan 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- docs/cmdline: change to .md for cmdline docs
|
||
|
||
- switch all invidual files documenting command line options into .md,
|
||
as the documentation is now markdown-looking.
|
||
|
||
- made the parser treat 4-space indents as quotes
|
||
|
||
- switch to building the curl.1 manpage using the "mainpage.idx" file,
|
||
which lists the files to include to generate it, instead of using the
|
||
previous page-footer/headers. Also, those files are now also .md
|
||
ones, using the same format. I gave them underscore prefixes to make
|
||
them sort separately:
|
||
_NAME.md, _SYNOPSIS.md, _DESCRIPTION.md, _URL.md, _GLOBBING.md,
|
||
_VARIABLES.md, _OUTPUT.md, _PROTOCOLS.md, _PROGRESS.md, _VERSION.md,
|
||
_OPTIONS.md, _FILES.md, _ENVIRONMENT.md, _PROXYPREFIX.md,
|
||
_EXITCODES.md, _BUGS.md, _AUTHORS.md, _WWW.md, _SEEALSO.md
|
||
|
||
- updated test cases accordingly
|
||
|
||
Closes #12751
|
||
|
||
dependabot[bot] (23 Jan 2024)
|
||
|
||
- CI: bump actions/cache from 3 to 4
|
||
|
||
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
|
||
- [Release notes](https://github.com/actions/cache/releases)
|
||
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
|
||
- [Commits](https://github.com/actions/cache/compare/v3...v4)
|
||
|
||
---
|
||
updated-dependencies:
|
||
- dependency-name: actions/cache
|
||
dependency-type: direct:production
|
||
update-type: version-update:semver-major
|
||
...
|
||
|
||
Signed-off-by: dependabot[bot] <support@github.com>
|
||
Closes #12756
|
||
|
||
Daniel Stenberg (23 Jan 2024)
|
||
|
||
- openssl: when verifystatus fails, remove session id from cache
|
||
|
||
To prevent that it gets used in a subsequent transfer that skips the
|
||
verifystatus check since that check can't be done when the session id is
|
||
reused.
|
||
|
||
Reported-by: Hiroki Kurosawa
|
||
Closes #12760
|
||
|
||
Viktor Szakats (23 Jan 2024)
|
||
|
||
- cmake: add option to disable building docs
|
||
|
||
Richard Levitte (23 Jan 2024)
|
||
|
||
- cmake: use curldown to build man pages
|
||
|
||
This throws away the previous HTML and PDF producers, to mimic what
|
||
Makefile.am does as faithfully as possible.
|
||
|
||
Closes #12753
|
||
|
||
Daniel Stenberg (23 Jan 2024)
|
||
|
||
- mksymbolsmanpage.pl: provide references to where the symbol is used
|
||
|
||
- docs: introduce "curldown" for libcurl man page format
|
||
|
||
curldown is this new file format for libcurl man pages. It is markdown
|
||
inspired with differences:
|
||
|
||
- Each file has a set of leading headers with meta-data
|
||
- Supports a small subset of markdown
|
||
- Uses .md file extensions for editors/IDE/GitHub to treat them nicely
|
||
- Generates man pages very similar to the previous ones
|
||
- Generates man pages that still convert nicely to HTML on the website
|
||
- Detects and highlights mentions of curl symbols automatically (when
|
||
their man page section is specified)
|
||
|
||
tools:
|
||
|
||
- cd2nroff: converts from curldown to nroff man page
|
||
- nroff2cd: convert an (old) nroff man page to curldown
|
||
- cdall: convert many nroff pages to curldown versions
|
||
- cd2cd: verifies and updates a curldown to latest curldown
|
||
|
||
This setup generates .3 versions of all the curldown versions at build time.
|
||
|
||
CI:
|
||
|
||
Since the documentation is now technically markdown in the eyes of many
|
||
things, the CI runs many more tests and checks on this documentation,
|
||
including proselint, link checkers and tests that make sure we capitalize the
|
||
first letter after a period...
|
||
|
||
Closes #12730
|
||
|
||
Viktor Szakats (22 Jan 2024)
|
||
|
||
- libssh2: use `libssh2_session_callback_set2()` with v1.11.1
|
||
|
||
To avoid a local hack to pass function pointers and to avoid
|
||
deprecation warnings when building with libssh2 v1.11.1 or newer:
|
||
```
|
||
lib/vssh/libssh2.c:3324:5: warning: 'libssh2_session_callback_set' is depreca
|
||
ted: since libssh2 1.11.1. Use libssh2_session_callback_set2() [-Wdeprecated-
|
||
declarations]
|
||
lib/vssh/libssh2.c:3326:5: warning: 'libssh2_session_callback_set' is depreca
|
||
ted: since libssh2 1.11.1. Use libssh2_session_callback_set2() [-Wdeprecated-
|
||
declarations]
|
||
```
|
||
Ref: https://github.com/curl/curl-for-win/actions/runs/7609484879/job/2072082
|
||
1100#step:3:4982
|
||
|
||
Ref: https://github.com/libssh2/libssh2/pull/1285
|
||
Ref: https://github.com/libssh2/libssh2/commit/c0f69548be902147ce014ffa40b8db
|
||
3cf1d4b0b4
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12754
|
||
|
||
Daniel Stenberg (22 Jan 2024)
|
||
|
||
- transfer: make the select_bits_paused condition check both directions
|
||
|
||
If there is activity in a direction that is not paused, return false.
|
||
|
||
Reported-by: Sergey Bronnikov
|
||
Bug: https://curl.se/mail/lib-2024-01/0049.html
|
||
Closes #12740
|
||
|
||
Stefan Eissing (22 Jan 2024)
|
||
|
||
- http3: initial support for OpenSSL 3.2 QUIC stack
|
||
|
||
- HTTP/3 for curl using OpenSSL's own QUIC stack together
|
||
with nghttp3
|
||
- configure with `--with-openssl-quic` to enable curl to
|
||
build this. This requires the nghttp3 library
|
||
- implementation with the following restrictions:
|
||
* macOS has to use an unconnected UDP socket due to an
|
||
issue in OpenSSL's datagram implementation
|
||
See https://github.com/openssl/openssl/issues/23251
|
||
This makes connections to non-reponsive servers hang.
|
||
* GET requests will send the indicator that they have
|
||
no body in a separate QUIC packet. This may result
|
||
in processing delays or Transfer-Encodings on proxied
|
||
requests
|
||
* uploads that encounter blocks will use 100% cpu as
|
||
detection of these flow control issue is not working
|
||
(we have not figured out to pry that from OpenSSL).
|
||
|
||
Closes #12734
|
||
|
||
Viktor Szakats (22 Jan 2024)
|
||
|
||
- cmake: fix `ENABLE_MANUAL` option
|
||
|
||
Fix the `ENABLE_MANUAL` option. Set it to default to `OFF`.
|
||
|
||
Before this patch `ENABLE_MANUAL=ON` was a no-op, even though it was the
|
||
option designed to enable building and using the built-in curl manual.
|
||
(`USE_MANUAL=ON` option worked for this instead, by accident).
|
||
|
||
Ref: https://github.com/curl/curl/pull/12730#issuecomment-1902572409
|
||
Closes #12749
|
||
|
||
Mohammadreza Hendiani (19 Jan 2024)
|
||
|
||
- TODO: update broken link to ratelimit-headers draft
|
||
|
||
Closes #12741
|
||
|
||
Daniel Stenberg (19 Jan 2024)
|
||
|
||
- cmake: when USE_MANUAL=YES, build the curl.1 man page
|
||
|
||
Fixes KNOWN_BUG 15.4
|
||
|
||
Closes #12742
|
||
|
||
- cmdline-opts/write-out.d: remove spurious double quotes
|
||
|
||
Stefan Eissing (19 Jan 2024)
|
||
|
||
- rtsp: Convert assertion into debug log
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65934
|
||
|
||
- write excess bytes to the client where the standard excess bytes
|
||
checks will report any wrongness and fail the transfer
|
||
|
||
Fixes #12738
|
||
Closes #12739
|
||
|
||
Daniel Stenberg (19 Jan 2024)
|
||
|
||
- headers: remove assert from Curl_headers_push
|
||
|
||
The fuzzer managed to reach the function without a terminating CR or LF
|
||
so let's handle it normally. While there, remove the goto.
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65839
|
||
|
||
Closes #12721
|
||
|
||
- curl_easy_getinfo.3: remove the wrong time value count
|
||
|
||
It said "six" time values but they are eight by now. Remove the mention
|
||
of the amount.
|
||
|
||
Closes #12727
|
||
|
||
Viktor Szakats (18 Jan 2024)
|
||
|
||
- mbedtls: fix `-Wnull-dereference` and `-Wredundant-decls`
|
||
|
||
- Silence warning in mbedTLS v3.5.1 public headers:
|
||
```
|
||
./mbedtls/_x64-linux-musl/usr/include/psa/crypto_extra.h:489:14: warning: r
|
||
edundant redeclaration of 'psa_set_key_domain_parameters' [-Wredundant-decls]
|
||
./mbedtls/_x64-linux-musl/usr/include/psa/crypto_struct.h:354:14: note: pre
|
||
vious declaration of 'psa_set_key_domain_parameters' was here
|
||
```
|
||
Ref: https://github.com/libssh2/libssh2/commit/ecec68a2c13a9c63fe8c2dc457ae
|
||
785a513e157c
|
||
Ref: https://github.com/libssh2/libssh2/pull/1226
|
||
|
||
- Fix compiler warnings seen with gcc 9.2.0 + cmake unity:
|
||
```
|
||
./curl/lib/vtls/mbedtls.c: In function 'mbedtls_bio_cf_read':
|
||
./curl/lib/vtls/mbedtls.c:189:11: warning: null pointer dereference [-Wnull
|
||
-dereference]
|
||
189 | nread = Curl_conn_cf_recv(cf->next, data, (char *)buf, blen, &res
|
||
ult);
|
||
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
~~~~
|
||
./curl/lib/vtls/mbedtls.c: In function 'mbedtls_bio_cf_write':
|
||
./curl/lib/vtls/mbedtls.c:168:14: warning: null pointer dereference [-Wnull
|
||
-dereference]
|
||
168 | nwritten = Curl_conn_cf_send(cf->next, data, (char *)buf, blen, &
|
||
result);
|
||
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
~~~~~~~
|
||
```
|
||
|
||
- delete stray `#else`.
|
||
|
||
Closes #12720
|
||
|
||
Daniel Stenberg (17 Jan 2024)
|
||
|
||
- docs: cleanup nroff format use
|
||
|
||
- remove use of .BI for code snippet
|
||
- stop using .br, just do a blank line
|
||
- remove use of .PP
|
||
- remove use for .sp
|
||
- remove backslash in .IP
|
||
- use .IP instead of .TP
|
||
|
||
Closes #12731
|
||
|
||
Stefan Eissing (17 Jan 2024)
|
||
|
||
- test2307: fix expected failure code after ws refactoring
|
||
|
||
Fixes #12722
|
||
Closes #12728
|
||
|
||
Jay Satiro (17 Jan 2024)
|
||
|
||
- cf-socket: show errno in tcpkeepalive error messages
|
||
|
||
- If the socket keepalive options (TCP_KEEPIDLE, etc) cannot be set
|
||
then show the errno in the verbose error messages.
|
||
|
||
Ref: https://github.com/curl/curl/discussions/12715#discussioncomment-8151652
|
||
|
||
Closes https://github.com/curl/curl/pull/12726
|
||
|
||
- tool_getparam: stop supporting `@filename` style for --cookie
|
||
|
||
The `@filename` style was never documented for --cookie <data|filename>
|
||
but prior to this change curl would accept it anyway and always treat a
|
||
@ prefixed string as a filename.
|
||
|
||
That's a problem if the string also contains a = sign because then it is
|
||
documented to be interpreted as a cookie string and not a filename.
|
||
|
||
Example:
|
||
|
||
`--cookie @foo=bar`
|
||
|
||
Before: Interpreted as load cookies from filename foo=bar.
|
||
|
||
After: Interpreted as cookie `@foo=bar` (name `@foo` and value `bar`).
|
||
|
||
Other curl options with a data/filename option-value use the `@filename`
|
||
to distinguish filenames which is probably how this happened. The
|
||
--cookie option has never been documented that way.
|
||
|
||
Ref: https://curl.se/docs/manpage.html#-b
|
||
|
||
Closes https://github.com/curl/curl/pull/12645
|
||
|
||
Stefan Eissing (16 Jan 2024)
|
||
|
||
- websockets: refactor decode chain
|
||
|
||
- use client writer stack for decoding frames
|
||
- move websocket protocol handler to ws.c
|
||
|
||
Closes #12713
|
||
|
||
- websockets: check for negative payload lengths
|
||
|
||
- in en- and decoding, check the websocket frame payload lengths for
|
||
negative values (from curl_off_t) and error the operation in that case
|
||
- add test 2307 to verify
|
||
|
||
Closes #12707
|
||
|
||
Daniel Stenberg (16 Jan 2024)
|
||
|
||
- docs: mention env vars not used by schannel
|
||
|
||
Ref: #12704
|
||
|
||
Co-authored-by: Jay Satiro <raysatiro@yahoo.com>
|
||
|
||
Closes #12711
|
||
|
||
- tool_operate: make --remove-on-error only remove "real" files
|
||
|
||
Reported-by: Harry Sintonen
|
||
Assisted-by: Dan Fandrich
|
||
|
||
Closes #12710
|
||
|
||
Jay Wu (16 Jan 2024)
|
||
|
||
- url: don't set default CA paths for Secure Transport backend
|
||
|
||
As the default for this backend is the native CA store.
|
||
|
||
Closes #12704
|
||
|
||
Lin Sun (16 Jan 2024)
|
||
|
||
- asyn-ares: with modern c-ares, use its default timeout
|
||
|
||
Closes #12703
|
||
|
||
Daniel Stenberg (15 Jan 2024)
|
||
|
||
- tool_operate: stop setting the file comment on Amiga
|
||
|
||
- the URL is capped at 80 cols, which ruins it if longer
|
||
- it does not strip off URL credentials
|
||
- it is done unconditonally, not on --xattr
|
||
- we don't have Amiga in the CI which makes fixing it blindly fragile
|
||
|
||
Someone who builds and tests on Amiga can add it back correctly in a
|
||
future if there is a desire.
|
||
|
||
Reported-by: Harry Sintonen
|
||
Closes #12709
|
||
|
||
Stefan Eissing (15 Jan 2024)
|
||
|
||
- rtsp: deal with borked server responses
|
||
|
||
- enforce a response body length of 0, if the
|
||
response has no Content-lenght. This is according
|
||
to the RTSP spec.
|
||
- excess bytes in a response body are forwarded to
|
||
the client writers which will report and fail the
|
||
transfer
|
||
|
||
Follow-up to d7b6ce6
|
||
Fixes #12701
|
||
Closes #12706
|
||
|
||
Daniel Stenberg (14 Jan 2024)
|
||
|
||
- version: show only the libpsl version, not its dependencies
|
||
|
||
The libpsl version output otherwise also includes version number for its
|
||
dependencies, like IDN lib, but since libcurl does not use libpsl's IDN
|
||
functionality those components are not important.
|
||
|
||
Ref: https://github.com/curl/curl-for-win/issues/63
|
||
Closes #12700
|
||
|
||
Brad Harder (14 Jan 2024)
|
||
|
||
- curl.h: CURLOPT_DNS_SERVERS is only available with c-ares
|
||
|
||
Closes #12695
|
||
|
||
Daniel Stenberg (14 Jan 2024)
|
||
|
||
- cmdline-opts/gen.pl: error on initital blank line
|
||
|
||
After the "---" separator, there should be no blank line and this script
|
||
now errors out if one is detected.
|
||
|
||
Ref: #12696
|
||
Closes #12698
|
||
|
||
- cf-h1-proxy: no CURLOPT_USERAGENT in CONNECT with hyper
|
||
|
||
Follow-up to 693cd1679361828a which was incomplete
|
||
|
||
Ref #12680
|
||
Closes #12697
|
||
|
||
- curl_multi_fdset.3: remove mention of null pointer support
|
||
|
||
... since this funtion has not supported null pointer fd_set arguments since
|
||
at least 2006. (That's when I stopped my git blame journey)
|
||
|
||
Fixes #12691
|
||
Reported-by: sfan5 on github
|
||
Closes #12692
|
||
|
||
Mark Huang (14 Jan 2024)
|
||
|
||
- docs/cmdline: remove unnecessary line breaks
|
||
|
||
Closes #12696
|
||
|
||
Daniel Stenberg (14 Jan 2024)
|
||
|
||
- transfer: remove warning: Value stored to 'blen' is never read
|
||
|
||
Detected by scan-build
|
||
|
||
Follow-up from 1cd2f0072f
|
||
|
||
Closes #12693
|
||
|
||
Stefan Eissing (13 Jan 2024)
|
||
|
||
- lib: replace readwrite with write_resp
|
||
|
||
This clarifies the handling of server responses by folding the code for
|
||
the complicated protocols into their protocol handlers. This concerns
|
||
mainly HTTP and its bastard sibling RTSP.
|
||
|
||
The terms "read" and "write" are often used without clear context if
|
||
they refer to the connect or the client/application side of a
|
||
transfer. This PR uses "read/write" for operations on the client side
|
||
and "send/receive" for the connection, e.g. server side. If this is
|
||
considered useful, we can revisit renaming of further methods in another
|
||
PR.
|
||
|
||
Curl's protocol handler `readwrite()` method been changed:
|
||
|
||
```diff
|
||
- CURLcode (*readwrite)(struct Curl_easy *data, struct connectdata *conn,
|
||
- const char *buf, size_t blen,
|
||
- size_t *pconsumed, bool *readmore);
|
||
+ CURLcode (*write_resp)(struct Curl_easy *data, const char *buf, size_t ble
|
||
n,
|
||
+ bool is_eos, bool *done);
|
||
```
|
||
|
||
The name was changed to clarify that this writes reponse data to the
|
||
client side. The parameter changes are:
|
||
|
||
* `conn` removed as it always operates on `data->conn`
|
||
* `pconsumed` removed as the method needs to handle all data on success
|
||
* `readmore` removed as no longer necessary
|
||
* `is_eos` as indicator that this is the last call for the transfer
|
||
response (end-of-stream).
|
||
* `done` TRUE on return iff the transfer response is to be treated as
|
||
finished
|
||
|
||
This change affects many files only because of updated comments in
|
||
handlers that provide no implementation. The real change is that the
|
||
HTTP protocol handlers now provide an implementation.
|
||
|
||
The HTTP protocol handlers `write_resp()` implementation will get passed
|
||
**all** raw data of a server response for the transfer. The HTTP/1.x
|
||
formatted status and headers, as well as the undecoded response
|
||
body. `Curl_http_write_resp_hds()` is used internally to parse the
|
||
response headers and pass them on. This method is public as the RTSP
|
||
protocol handler also uses it.
|
||
|
||
HTTP/1.1 "chunked" transport encoding is now part of the general
|
||
*content encoding* writer stack, just like other encodings. A new flag
|
||
`CLIENTWRITE_EOS` was added for the last client write. This allows
|
||
writers to verify that they are in a valid end state. The chunked
|
||
decoder will check if it indeed has seen the last chunk.
|
||
|
||
The general response handling in `transfer.c:466` happens in function
|
||
`readwrite_data()`. This mainly operates now like:
|
||
|
||
```
|
||
static CURLcode readwrite_data(data, ...)
|
||
{
|
||
do {
|
||
Curl_xfer_recv_resp(data, buf)
|
||
...
|
||
Curl_xfer_write_resp(data, buf)
|
||
...
|
||
} while(interested);
|
||
...
|
||
}
|
||
```
|
||
|
||
All the response data handling is implemented in
|
||
`Curl_xfer_write_resp()`. It calls the protocol handler's `write_resp()`
|
||
implementation if available, or does the default behaviour.
|
||
|
||
All raw response data needs to pass through this function. Which also
|
||
means that anyone in possession of such data may call
|
||
`Curl_xfer_write_resp()`.
|
||
|
||
Closes #12480
|
||
|
||
Daniel Stenberg (13 Jan 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- TODO: TFTP doesn't convert LF to CRLF for mode=netascii
|
||
|
||
Closes #12655
|
||
Closes #12690
|
||
|
||
- gen: do italics/bold for a range of letters, not just single word
|
||
|
||
Previously it would match only on a sequence of non-space, which made it
|
||
miss to highlight for example "public suffix list".
|
||
|
||
Updated the recent cookie.d edit from 5da57193b732 to use bold instead
|
||
of italics.
|
||
|
||
Closes #12689
|
||
|
||
- docs: describe and highlight super cookies
|
||
|
||
Reported-by: Yadhu Krishna M
|
||
|
||
Closes #12687
|
||
|
||
- configure: when enabling QUIC, check that TLS supports QUIC
|
||
|
||
Most importantly perhaps is when using OpenSSL that the used
|
||
build/flavor has the QUIC API: the vanilla OpenSSL does not, only
|
||
BoringSSL, libressl, AWS-LC and quictls do.
|
||
|
||
Ref: https://github.com/curl/curl/commit/5d044ad9480a9f556f4b6a252d7533b1ba7f
|
||
e57e#r136780413
|
||
|
||
Closes #12683
|
||
|
||
Stefan Eissing (11 Jan 2024)
|
||
|
||
- vquic: extract TLS setup into own source
|
||
|
||
- separate ngtcp2 specific parts out
|
||
- provide callback during init to allow ngtcp2 to apply its defaults
|
||
|
||
Closes #12678
|
||
|
||
Sergey Markelov (11 Jan 2024)
|
||
|
||
- multi: remove total timer reset in file_do() while fetching file://
|
||
|
||
The total timer is properly reset in MSTATE_INIT. MSTATE_CONNECT starts
|
||
with resetting the timer that is a start point for further multi states.
|
||
If file://, MSTATE_DO calls file_do() that should not reset the total
|
||
timer. Otherwise, the total time is always less than the pre-transfer
|
||
and the start transfer times.
|
||
|
||
Closes #12682
|
||
|
||
Daniel Stenberg (11 Jan 2024)
|
||
|
||
- http_proxy: a blank CURLOPT_USERAGENT should not be used in CONNECT
|
||
|
||
Extended test 80 to verify this.
|
||
|
||
Reported-by: Stefan Eissing
|
||
Fixes #12680
|
||
Closes #12681
|
||
|
||
- sectransp: do verify_cert without memdup for blobs
|
||
|
||
Since the information is then already stored in memory, this can avoid
|
||
an extra set of malloc + free calls.
|
||
|
||
Closes #12679
|
||
|
||
- hsts: remove assert for zero length domain
|
||
|
||
A zero length domain can happen if the HSTS parser is given invalid
|
||
input data which is not unheard of and is done by the fuzzer.
|
||
|
||
Follow-up from cfe7902111ae547873
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65661
|
||
|
||
Closes #12676
|
||
|
||
- headers: make sure the trailing newline is not stored
|
||
|
||
extended test1940 to verify blank header fields too
|
||
|
||
Bug: https://curl.se/mail/lib-2024-01/0019.html
|
||
Reported-by: Dmitry Karpov
|
||
Closes #12675
|
||
|
||
- curl_easy_header.3: tiny language fix
|
||
|
||
Closes #12672
|
||
|
||
- examples/range.c: add
|
||
|
||
Closes #12671
|
||
|
||
- examples/netrc.c: add
|
||
|
||
Closes #12671
|
||
|
||
- examples/ipv6.c: new example showing IPv6-only internet transfer
|
||
|
||
Closes #12671
|
||
|
||
- examples/address-scope.c: renamed from ipv6.c
|
||
|
||
It shows address scope use really
|
||
|
||
Closes #12671
|
||
|
||
Stefan Eissing (9 Jan 2024)
|
||
|
||
- multi: pollset adjust, init with FIRSTSOCKET during connect
|
||
|
||
- `conn->sockfd` is set by `Curl_setup_transfer()`, but that
|
||
is called *after* the connection has been established
|
||
- use `conn->sock[FIRSTSOCKET]` instead
|
||
|
||
Follow-up to a0f94800d507de
|
||
Closes #12664
|
||
|
||
Daniel Stenberg (9 Jan 2024)
|
||
|
||
- WEBSOCKET.md: remove dead link
|
||
|
||
- CI: spellcheck/appveyor: invoke configure --without-libpsl
|
||
|
||
Follow-up to 2998874bb61ac6
|
||
|
||
- cmdline/docs/*.d: switch to using ## instead of .IP
|
||
|
||
To make the editing easier. To write and to read.
|
||
|
||
Closes #12667
|
||
|
||
- gen.pl: support ## for doing .IP in table-like lists
|
||
|
||
Warn on use of .RS/.IP/.RE
|
||
|
||
Closes #12667
|
||
|
||
Jay Satiro (9 Jan 2024)
|
||
|
||
- cookie.d: Document use of empty string to enable cookie engine
|
||
|
||
- Explain that --cookie "" can be used to enable the cookie engine
|
||
without reading any initial cookies.
|
||
|
||
As is documented in CURLOPT_COOKIEFILE.
|
||
|
||
Ref: https://curl.se/libcurl/c/CURLOPT_COOKIEFILE.html
|
||
|
||
Bug: https://github.com/curl/curl/issues/12643#issuecomment-1879844420
|
||
Reported-by: janko-js@users.noreply.github.com
|
||
|
||
Closes https://github.com/curl/curl/pull/12646
|
||
|
||
Daniel Stenberg (9 Jan 2024)
|
||
|
||
- setopt: use memdup0 when cloning COPYPOSTFIELDS
|
||
|
||
Closes #12651
|
||
|
||
- telnet: use dynbuf instad of malloc for escape buffer
|
||
|
||
Previously, send_telnet_data() would malloc + free a buffer every time
|
||
for escaping IAC codes. Now, it reuses a dynbuf for this purpose.
|
||
|
||
Closes #12652
|
||
|
||
- CI: install libpsl or configure --without-libpsl in builds
|
||
|
||
As a follow-up to the stricted libpsl check in configure
|
||
|
||
- configure: make libpsl detection failure cause error
|
||
|
||
To force users to explictily disable it if they really don't want it
|
||
used and make it harder to accidentally miss it.
|
||
|
||
--without-libpsl is the option to use if PSL is not wanted.
|
||
|
||
Closes #12661
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- pop3: replace calloc + memcpy with memdup0
|
||
|
||
... and make sure to return error on out of memory.
|
||
|
||
Closes #12650
|
||
|
||
- lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT
|
||
|
||
Closes #12658
|
||
|
||
- mime: use memdup0 instead of malloc + memcpy
|
||
|
||
Closes #12649
|
||
|
||
- tool_getparam: move the --rate logic into set_rate()
|
||
|
||
- tool_getparam: switch to an enum for every option
|
||
|
||
To make the big switch much easier to read/understand and to make it
|
||
easier to add new options.
|
||
|
||
- tool_getparam: build post data using dynbuf (more)
|
||
|
||
- tool_getparam: replace malloc + copy by dynbuf for --data
|
||
|
||
- tool_getparam: make data_urlencode avoid direct malloc
|
||
|
||
use aprintf() instead
|
||
|
||
- tool_getparam: move the --url-query logic into url_query()
|
||
|
||
This function is not doing post at all so it was always weirdly placed.
|
||
|
||
- tool_getparam: move the --data logic into set_data()
|
||
|
||
- tool_getparam: unify the cmdline switch() into a single one
|
||
|
||
- easier to follow, easier to modify, easier to extend, possibly slightly
|
||
faster
|
||
|
||
- each case now has the long option as a comment
|
||
|
||
- tool_getparam: bsearch cmdline options
|
||
|
||
- the option names are now alpha sorted and lookup is a lot faster
|
||
|
||
- use case sensitive matching. It was previously case insensitive, but that
|
||
was not documented nor tested.
|
||
|
||
- remove "partial match" feature. It was not documented, not tested and
|
||
was always fragile as existing use could break when we add a new
|
||
option
|
||
|
||
- lookup short options via a table
|
||
|
||
Closes #12631
|
||
|
||
Gabe (8 Jan 2024)
|
||
|
||
- COPYING: update copyright year
|
||
|
||
Closes #12654
|
||
|
||
Stefan Eissing (8 Jan 2024)
|
||
|
||
- url: init conn->sockfd and writesockfd to CURL_SOCKET_BAD
|
||
|
||
Also add more tracing to test 19
|
||
|
||
Follow-up to a0f9480
|
||
|
||
Fixes #12657
|
||
Closes #12659
|
||
|
||
Daniel Stenberg (8 Jan 2024)
|
||
|
||
- connect: remove margin from eyeballer alloc
|
||
|
||
Presumably leftovers from debugging
|
||
|
||
Closes #12647
|
||
|
||
- ftp: only consider entry path if it has a length
|
||
|
||
Follow-up from 8edcfedc1a144f438bd1cdf814a0016cb
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65631
|
||
|
||
Avoids a NULL pointer deref.
|
||
|
||
Closes #12648
|
||
|
||
Stefan Eissing (7 Jan 2024)
|
||
|
||
- transfer: adjust_pollset improvements
|
||
|
||
- let `multi_getsock()` initialize the pollset in what the
|
||
transfer state requires in regards to SEND/RECV
|
||
- change connection filters `adjust_pollset()` implementation
|
||
to react on the presence of POLLIN/-OUT in the pollset and
|
||
no longer check CURL_WANT_SEND/CURL_WANT_RECV
|
||
- cf-socket will no longer add POLLIN on its own
|
||
- http2 and http/3 filters will only do adjustments if the
|
||
passed pollset wants to POLLIN/OUT for the transfer on
|
||
the socket. This is similar to the HTTP/2 proxy filter
|
||
and works in stacked filters.
|
||
|
||
Closes #12640
|
||
|
||
Daniel Stenberg (6 Jan 2024)
|
||
|
||
- ftp: use memdup0 to store the OS from a SYST 215 response
|
||
|
||
avoid malloc + direct buffer fiddle
|
||
|
||
Closes #12639
|
||
|
||
- ftp: use dynbuf to store entrypath
|
||
|
||
avoid direct malloc
|
||
|
||
Closes #12638
|
||
|
||
Lealem Amedie (6 Jan 2024)
|
||
|
||
- wolfssl: load certificate *chain* for PEM client certs
|
||
|
||
Closes #12634
|
||
|
||
Stefan Eissing (4 Jan 2024)
|
||
|
||
- http: adjust_pollset fix
|
||
|
||
do not add a socket for POLLIN when the transfer does not want to send
|
||
(for example is paused).
|
||
|
||
Follow-up to 47f5b1a
|
||
|
||
Reported-by: bubbleguuum on github
|
||
Fixes #12632
|
||
Closes #12633
|
||
|
||
Daniel Stenberg (3 Jan 2024)
|
||
|
||
- tool: make parser reject blank arguments if not supported
|
||
|
||
Already in the getstr() function that clones the input argument.
|
||
|
||
Closes #12620
|
||
|
||
dependabot[bot] (3 Jan 2024)
|
||
|
||
- build(deps): bump github/codeql-action from 2 to 3
|
||
|
||
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2
|
||
to 3.
|
||
- [Release notes](https://github.com/github/codeql-action/releases)
|
||
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
|
||
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)
|
||
|
||
---
|
||
updated-dependencies:
|
||
- dependency-name: github/codeql-action
|
||
dependency-type: direct:production
|
||
update-type: version-update:semver-major
|
||
...
|
||
|
||
Signed-off-by: dependabot[bot] <support@github.com>
|
||
|
||
Closes #12625
|
||
|
||
- build(deps): bump actions/checkout from 3 to 4
|
||
|
||
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
|
||
- [Release notes](https://github.com/actions/checkout/releases)
|
||
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
|
||
- [Commits](https://github.com/actions/checkout/compare/v3...v4)
|
||
|
||
---
|
||
updated-dependencies:
|
||
- dependency-name: actions/checkout
|
||
dependency-type: direct:production
|
||
update-type: version-update:semver-major
|
||
...
|
||
|
||
Signed-off-by: dependabot[bot] <support@github.com>
|
||
|
||
Closes #12624
|
||
|
||
- build(deps): bump actions/upload-artifact from 3 to 4
|
||
|
||
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) f
|
||
rom 3 to 4.
|
||
- [Release notes](https://github.com/actions/upload-artifact/releases)
|
||
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)
|
||
|
||
---
|
||
updated-dependencies:
|
||
- dependency-name: actions/upload-artifact
|
||
dependency-type: direct:production
|
||
update-type: version-update:semver-major
|
||
...
|
||
|
||
Signed-off-by: dependabot[bot] <support@github.com>
|
||
|
||
Closes #12627
|
||
|
||
- build(deps): bump actions/download-artifact from 3 to 4
|
||
|
||
Bumps [actions/download-artifact](https://github.com/actions/download-artifac
|
||
t) from 3 to 4.
|
||
- [Release notes](https://github.com/actions/download-artifact/releases)
|
||
- [Commits](https://github.com/actions/download-artifact/compare/v3...v4)
|
||
|
||
---
|
||
updated-dependencies:
|
||
- dependency-name: actions/download-artifact
|
||
dependency-type: direct:production
|
||
update-type: version-update:semver-major
|
||
...
|
||
|
||
Signed-off-by: dependabot[bot] <support@github.com>
|
||
|
||
Closes #12626
|
||
|
||
Stefan Eissing (3 Jan 2024)
|
||
|
||
- http3/quiche: fix result code on a stream reset
|
||
|
||
- fixes pytest failures in test 07_22
|
||
- aligns CURLcode values on stream reset with ngtcp2
|
||
|
||
Closes #12629
|
||
|
||
Daniel Stenberg (2 Jan 2024)
|
||
|
||
- setopt: clear mimepost when formp is freed
|
||
|
||
A precaution to avoid a possibly dangling pointer left behind.
|
||
|
||
Reported-by: Thomas Ferguson
|
||
Fixes #12608
|
||
Closes #12621
|
||
|
||
Andy Alt (2 Jan 2024)
|
||
|
||
- CI: Add dependabot.yml
|
||
|
||
This will cause dependabot to open a PR when various actions are
|
||
updated, provided that the action maintainer has issued a release.
|
||
|
||
Closes #12623
|
||
|
||
Gisle Vanem (2 Jan 2024)
|
||
|
||
- content_encoding: change return code to typedef'ed enum
|
||
|
||
... to work around a clang ubsan warning.
|
||
|
||
Fixes #12618
|
||
Closes #12622
|
||
|
||
Daniel Stenberg (2 Jan 2024)
|
||
|
||
- tool: prepend output_dir in header callback
|
||
|
||
When Content-Disposition parsing is used and an output dir is prepended,
|
||
make sure to store that new file name correctly so that it can be used
|
||
for setting the file timestamp when --remote-time is used.
|
||
|
||
Extended test 3012 to verify.
|
||
|
||
Co-Authored-by: Jay Satiro
|
||
Reported-by: hgdagon on github
|
||
Fixes #12614
|
||
Closes #12617
|
||
|
||
- test1254: fix typo in name plus shorten it
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Viktor Szakats (2 Jan 2024)
|
||
|
||
- schannel: fix `-Warith-conversion` gcc 13 warning
|
||
|
||
```
|
||
lib/vtls/schannel.c:1201:22: warning: conversion to 'unsigned int' from 'int'
|
||
may change the sign of the result [-Warith-conversion]
|
||
1201 | *extension_len = *list_len +
|
||
| ^
|
||
```
|
||
|
||
Closes #12616
|
||
|
||
- asyn-thread: silence `-Wcast-align` warning for Windows
|
||
|
||
Seen with llvm/clang 17:
|
||
```
|
||
lib/asyn-thread.c:310:5: warning: cast from 'PCHAR' (aka 'char *') to 'struct
|
||
thread_sync_data *' increases required alignment from 1 to 8 [-Wcast-align]
|
||
310 | CONTAINING_RECORD(overlapped, struct thread_sync_data, w8.overlap
|
||
ped);
|
||
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
~~~~
|
||
.../llvm-mingw/aarch64-w64-mingw32/include/winnt.h:717:48: note: expanded fro
|
||
m macro 'CONTAINING_RECORD'
|
||
717 | #define CONTAINING_RECORD(address,type,field) ((type *)((PCHAR)(addre
|
||
ss) - (ULONG_PTR)(&((type *)0)->field)))
|
||
| ^~~~~~~~~~~~~~~~~~~~~~
|
||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
```
|
||
|
||
Follow-up to a6bbc87f9e9ffb46a1801dfb983e7534825ed56b #12482
|
||
|
||
Ref: https://github.com/curl/curl/pull/12482#issuecomment-1873017261
|
||
Closes #12615
|
||
|
||
Daniel Stenberg (2 Jan 2024)
|
||
|
||
- tool_listhelp: regenerate after recent .d updates
|
||
|
||
Makes it survive test 1478
|
||
|
||
Closes #12612
|
||
|
||
- test1478: verify src/tool_listhelp.c
|
||
|
||
Verify that the source file on disk is identical to the output of gen.pl
|
||
listhelp, as otherwise they are out of sync and need attention.
|
||
|
||
Closes #12612
|
||
|
||
- testutil: make runtests support %include
|
||
|
||
Using this instruction, a test case can include the contents of a file
|
||
into the test during the preprocessing.
|
||
|
||
Closes #12612
|
||
|
||
- runtests: for mode="text" on <stdout>, fix newlines on both parts
|
||
|
||
Closes #12612
|
||
|
||
Jay Satiro (2 Jan 2024)
|
||
|
||
- quiche: return CURLE_HTTP3 on send to invalid stream
|
||
|
||
Prior to this change if a send failed on a stream in an invalid state
|
||
(according to quiche) and not marked as closed (according to libcurl)
|
||
then the send function would return CURLE_SEND_ERROR.
|
||
|
||
We already have similar code for ngtcp2 to return CURLE_HTTP3 in this
|
||
case.
|
||
|
||
Caught by test test_07_upload.py: test_07_22_upload_parallel_fail.
|
||
|
||
Fixes https://github.com/curl/curl/issues/12590
|
||
Closes https://github.com/curl/curl/pull/12597
|
||
|
||
Daniel Stenberg (1 Jan 2024)
|
||
|
||
- cmdline-opts: update availability for the *-ca-native options
|
||
|
||
Closes #12613
|
||
|
||
Patrick Monnerat (31 Dec 2023)
|
||
|
||
- openldap: fix STARTTLS
|
||
|
||
It was not working anymore since introduction of connection filters.
|
||
|
||
Also do not attempt to recover from a failing TLS negotiation with
|
||
CURLUSESSL_TRY.
|
||
|
||
Closes #12610
|
||
|
||
Daniel Stenberg (31 Dec 2023)
|
||
|
||
- haproxy-clientip.d: document the arg
|
||
|
||
The arg keyword was missing and therefore not present in the man page.
|
||
|
||
Closes #12611
|
||
|
||
annalee (29 Dec 2023)
|
||
|
||
- configure: fix no default int compile error in ipv6 detection
|
||
|
||
Closes #12607
|
||
|
||
Dan Fandrich (28 Dec 2023)
|
||
|
||
- CI: Fix use of any-glob-to-all-files in the labeler
|
||
|
||
Despite its name, this atom acts like one-glob-to-all-files and a
|
||
different syntax with braces must be used to get
|
||
any-glob-to-all-files semantics. Unfortunately, this makes the file
|
||
completely unreadable.
|
||
|
||
Ref: https://github.com/actions/labeler/issues/731
|
||
|
||
Daniel Stenberg (29 Dec 2023)
|
||
|
||
- CURLOPT_AUTOREFERER.3: mention CURLINFO_REFERER
|
||
|
||
- CURLINFO_REFERER.3: clarify that it is the *request* header
|
||
|
||
That libcurl itself sent in the most recent request
|
||
|
||
Closes #12605
|
||
|
||
Jay Satiro (28 Dec 2023)
|
||
|
||
- system_win32: fix a function pointer assignment warning
|
||
|
||
- Use CURLX_FUNCTION_CAST to suppress a function pointer assignment
|
||
warning.
|
||
|
||
a6bbc87f added lookups of some Windows API functions and then cast them
|
||
like `*(FARPROC*)&Curl_funcname = address`. Some versions of gcc warn
|
||
about that as breaking strict-aliasing rules so this PR changes those
|
||
assignments to use CURLX_FUNCTION_CAST.
|
||
|
||
Bug: https://github.com/curl/curl/pull/12581#issuecomment-1869804317
|
||
Reported-by: Marcel Raad
|
||
|
||
Closes https://github.com/curl/curl/pull/12602
|
||
|
||
- verify-examples.pl: fail verification on unescaped backslash
|
||
|
||
- Check that all backslashes in EXAMPLE are properly escaped.
|
||
|
||
eg manpage must always use `\\n` never `\n`.
|
||
|
||
This is because the manpage requires we always double blackslash to show
|
||
a single backslash. Prior to this change an erroneous single backslash
|
||
would pass through and compile even though it would not show correctly
|
||
in the manpage.
|
||
|
||
Co-authored-by: Daniel Stenberg
|
||
|
||
Ref: https://github.com/curl/curl/pull/12588
|
||
|
||
Closes https://github.com/curl/curl/pull/12589
|
||
|
||
- vtls: fix missing multissl version info
|
||
|
||
- Fix erroneous buffer copy logic from ff74cef5.
|
||
|
||
Prior to this change the MultiSSL version info returned to the user
|
||
was empty.
|
||
|
||
Closes https://github.com/curl/curl/pull/12599
|
||
|
||
Daniel Stenberg (27 Dec 2023)
|
||
|
||
- KNOWN_BUGS: [RTSP] Some methods do not support response bodies
|
||
|
||
Closes #12414
|
||
|
||
Patrick Monnerat (27 Dec 2023)
|
||
|
||
- openldap: fix an LDAP crash
|
||
|
||
Reported-by: Ozan Cansel
|
||
Fixes #12593
|
||
Closes #12600
|
||
|
||
Daniel Stenberg (27 Dec 2023)
|
||
|
||
- getinfo: CURLINFO_QUEUE_TIME_T
|
||
|
||
Returns the time, in microseconds, during which this transfer was held
|
||
in a waiting queue before it started "for real". A transfer might be put
|
||
in a queue if after getting started, it cannot create a new connection
|
||
etc due to set conditions and limits imposed by the application.
|
||
|
||
Ref: #12293
|
||
Closes #12368
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Jay Satiro (26 Dec 2023)
|
||
|
||
- examples/sendrecv: fix comment line length
|
||
|
||
Caught by checksrc.
|
||
|
||
Haydar Alaidrus (23 Dec 2023)
|
||
|
||
- CURLOPT_POSTFIELDS.3: fix incorrect C string escape in example
|
||
|
||
- Escape inner quotes with two backslashes.
|
||
|
||
Two backslashes escapes the backslash for the man page and will show as
|
||
a single backslash.
|
||
|
||
eg: "{\\"name\\": \\"daniel\\"}" shows as "{\"name\": \"daniel\"}".
|
||
|
||
Closes https://github.com/curl/curl/pull/12588
|
||
|
||
Viktor Szakats (23 Dec 2023)
|
||
|
||
- appveyor: tidy-ups
|
||
|
||
- replace two remaining backslashes with forward slashes.
|
||
- tidy up the way we form and pass `TFLAGS`.
|
||
|
||
Follow-up to 2d4d0c1fd32f5cc3f946c407c8eccd5477b287df #12572
|
||
|
||
Closes #12582
|
||
|
||
Stefan Eissing (22 Dec 2023)
|
||
|
||
- transfer: fix upload rate limiting, add test cases
|
||
|
||
- add test cases for rate limiting uploads for all
|
||
http versions
|
||
- fix transfer loop handling of limits. Signal a re-receive
|
||
attempt only on exhausting maxloops without an EAGAIN
|
||
- fix `data->state.selectbits` forcing re-receive to also
|
||
set re-sending when transfer is doing this.
|
||
|
||
Reported-by: Karthikdasari0423 on github
|
||
Fixes #12559
|
||
Closes #12586
|
||
|
||
Daniel Stenberg (22 Dec 2023)
|
||
|
||
- mbedtls: free the entropy when threaded
|
||
|
||
The entropy_free was never done for threaded builds, causing a small
|
||
(fixed) memory leak.
|
||
|
||
Reported-by: RevaliQaQ on github
|
||
Fixes #12584
|
||
Closes #12585
|
||
|
||
Stefan Eissing (22 Dec 2023)
|
||
|
||
- http2: improved on_stream_close/data_done handling
|
||
|
||
- there seems to be a code path that cleans up easy handles without
|
||
triggering DONE or DETACH events to the connection filters. This
|
||
would explain wh nghttp2 still holds stream user data
|
||
- add GOOD check to easy handle used in on_close_callback to
|
||
prevent crashes, ASSERTs in debug builds.
|
||
- NULL the stream user data early before submitting RST
|
||
- add checks in on_stream_close() to identify UNGOOD easy handles
|
||
|
||
Reported-by: Hans-Christian Egtvedt
|
||
Fixes #10936
|
||
Closes #12562
|
||
|
||
Daniel Stenberg (22 Dec 2023)
|
||
|
||
- mprintf: overhaul and bugfixes
|
||
|
||
In a test case using lots of snprintf() calls using many commonly used
|
||
%-codes per call, this version is around 30% faster than previous
|
||
version.
|
||
|
||
It also fixes the #12561 bug which made it not behave correctly when
|
||
given unknown %-sequences. Fixing that flaw required a different take on
|
||
the problem, which resulted in the new two-arrays model.
|
||
|
||
lib557: extended - Verify the #12561 fix and test more printf features
|
||
|
||
unit1398: fix test: It used a <num>$ only for one argument, which is not
|
||
supported.
|
||
|
||
Fixes #12561
|
||
Closes #12563
|
||
|
||
Viktor Szakats (21 Dec 2023)
|
||
|
||
- appveyor: replace PowerShell with bash + parallel autotools
|
||
|
||
PowerShell works (after a steep development curve), but one property of
|
||
it stuck and kept causing unresolvable usability issues: With
|
||
`$ErrorActionPreference=Stop`, it does abort on failures, but shows only
|
||
the first line of the error message. In `Continue` mode, it shows the
|
||
full error message, but doesn't stop on all errors. Another issue is
|
||
PowerShell considering any stderr output as if the command failed (this
|
||
has been improved in 7.2 (2021-Nov), but fixed versions aren't running
|
||
in CI and will not be for a long time in all test images.)
|
||
|
||
Thus, we're going with bash.
|
||
|
||
Also:
|
||
- use `-j2` with autotools tests, making them finish 5-15 minutes per
|
||
job faster.
|
||
- omit `POSIX_PATH_PREFIX`.
|
||
- use `WINDIR`.
|
||
- prefer forward slashes.
|
||
|
||
Follow-up to: 75078a415d9c769419aed4153d3d525a8eba95af #11999
|
||
Ref: #12444
|
||
|
||
Fixes #12560
|
||
Closes #12572
|
||
|
||
Pavel Pavlov (21 Dec 2023)
|
||
|
||
- asyn-thread: use GetAddrInfoExW on >= Windows 8
|
||
|
||
For doing async DNS resolution instead of starting a thread for each
|
||
request.
|
||
|
||
Fixes #12481
|
||
Closes #12482
|
||
|
||
Daniel Stenberg (21 Dec 2023)
|
||
|
||
- strerror: repair get_winsock_error()
|
||
|
||
It would try to read longer than the provided string and crash.
|
||
|
||
Follow-up to ff74cef5d4a0cf60106517a1c7384
|
||
Reported-by: calvin2021y on github
|
||
Fixes #12578
|
||
Closes #12579
|
||
|
||
- CURLOPT_SSH_*_KEYFILE: clarify
|
||
|
||
Closes #12554
|
||
|
||
ivanfywang (21 Dec 2023)
|
||
|
||
- ngtcp2: put h3 at the front of alpn
|
||
|
||
Closes #12576
|
||
|
||
Daniel Stenberg (21 Dec 2023)
|
||
|
||
- test460: verify a command line using --expand with no argument
|
||
|
||
This verifies the fix for #12565
|
||
|
||
- tool_getparam: do not try to expand without an argument
|
||
|
||
This would lead to a segfault.
|
||
|
||
Fixes #12565
|
||
Reported-by: Geeknik Labs
|
||
Closes #12575
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Bumped version to 8.6.0 because of changes
|
||
|
||
- Makefile.am: fix the MSVC project generation
|
||
|
||
It made the vcxproj files not get included in dist tarballs.
|
||
|
||
Regression since 74423b5df4c8117891eb89 (8.5.0)
|
||
|
||
Reported-by: iAroc on github
|
||
Fixes #12564
|
||
Closes #12567
|
||
|
||
zengwei2000 (21 Dec 2023)
|
||
|
||
- altsvc: free 'as' when returning error
|
||
|
||
Closes #12570
|
||
|
||
Signed-off-by: zengwei <zengwei1@uniontech.com>
|
||
|
||
Viktor Szakats (20 Dec 2023)
|
||
|
||
- build: fix `-Wconversion`/`-Wsign-conversion` warnings
|
||
|
||
Fix remaining warnings in examples and tests which are not suppressed
|
||
by the pragma in `lib/curl_setup.h`.
|
||
|
||
Silence a toolchain issue causing warnings in `FD_SET()` calls with
|
||
older Cygwin/MSYS2 builds. Likely fixed on 2020-08-03 by:
|
||
https://cygwin.com/git/?p=newlib-cygwin.git;a=commitdiff;h=5717262b8ecfed0f7f
|
||
ab63e2c09c78991e36f9dd
|
||
|
||
Follow-up to 2dbe75bd7f3c36837aa06fd87a442bdf3fb7faef #12492
|
||
|
||
Closes #12557
|
||
|
||
- build: fix some `-Wsign-conversion`/`-Warith-conversion` warnings
|
||
|
||
- enable `-Wsign-conversion` warnings, but also setting them to not
|
||
raise errors.
|
||
- fix `-Warith-conversion` warnings seen in CI.
|
||
These are triggered by `-Wsign-converion` and causing errors unless
|
||
explicitly silenced. It makes more sense to fix them, there just a few
|
||
of them.
|
||
- fix some `-Wsign-conversion` warnings.
|
||
- hide `-Wsign-conversion` warnings with a `#pragma`.
|
||
- add macro `CURL_WARN_SIGN_CONVERSION` to unhide them on a per-build
|
||
basis.
|
||
- update a CI job to unhide them with the above macro:
|
||
https://github.com/curl/curl/actions/workflows/linux.yml -> OpenSSL -O3
|
||
|
||
Closes #12492
|
||
|
||
- cmake: tidy-up `OtherTests.cmake`
|
||
|
||
- make more obvious which detection uses which prep steps.
|
||
- merge and streamline conditions.
|
||
- these should not alter detection results.
|
||
|
||
Also align log output messages from
|
||
`Macros.cmake` / `curl_internal_test` with rest of the build.
|
||
|
||
Closes #12551
|
||
|
||
- appveyor: switch to out-of-tree builds
|
||
|
||
With cmake and autotools.
|
||
|
||
Closes #12550
|
||
|
||
Daniel Stenberg (19 Dec 2023)
|
||
|
||
- DEPRECATE.md: mention that NTLM_WB no longer works
|
||
|
||
Ref: #12479
|
||
Closes #12553
|
||
|
||
- CURLOPT_SERVER_RESPONSE_TIMEOUT_MS: add
|
||
|
||
Proposed-by: Yifei Kong
|
||
Ref: https://curl.se/mail/lib-2023-11/0023.html
|
||
Closes #12369
|
||
|
||
Viktor Szakats (18 Dec 2023)
|
||
|
||
- build: more `-Wformat` fixes
|
||
|
||
- memdebug: update to not trigger `-Wformat-nonliteral` warnings.
|
||
- imap: mark `imap_sendf()` with `CURL_PRINTF()`.
|
||
- tool_msgs: mark static function with `CURL_PRINTF()`.
|
||
|
||
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
|
||
|
||
Closes #12540
|
||
|
||
- windows: delete redundant headers
|
||
|
||
`winsock2.h` pulls in `windows.h`. `ws2tcpip.h` pulls in `winsock2.h`.
|
||
`winsock2.h` and `ws2tcpip.h` are also pulled by `curl/curl.h`.
|
||
|
||
Keep only those headers that are not already included, or the code under
|
||
it uses something from that specific header.
|
||
|
||
Closes #12539
|
||
|
||
- cmake: prefill/cache `HAVE_STRUCT_SOCKADDR_STORAGE`
|
||
|
||
Also add missing include to `OtherTests.cmake`. It didn't cause an issue
|
||
because the parent already included this earlier by chance.
|
||
|
||
Closes #12537
|
||
|
||
Daniel Stenberg (18 Dec 2023)
|
||
|
||
- runner.pm: fix perl warning when running tests
|
||
|
||
Use of uninitialized value $runner::gdbthis in numeric eq (==) at runner.
|
||
pm
|
||
|
||
Follow-up from 3dcf301752a09d9
|
||
|
||
Closes #12549
|
||
|
||
- runtests: support -gl. Like -g but for lldb.
|
||
|
||
Follow-up to 63b5748
|
||
|
||
Invokes the test case via lldb instead of gdb. Since using gdb is such a
|
||
pain on mac, using lldb is sometimes less quirky.
|
||
|
||
Closes #12547
|
||
|
||
- curl.h: add CURLE_TOO_LARGE
|
||
|
||
A new error code to be used when an internal field grows too large, like
|
||
when a dynbuf reaches its maximum. Previously it would return
|
||
CURLE_OUT_OF_MEMORY for this, which is highly misleading.
|
||
|
||
Ref: #12268
|
||
Closes #12269
|
||
|
||
- CI/circleci: disable MQTT in the HTTP-only build
|
||
|
||
And remove the use of configure options that don't actually exist
|
||
|
||
Closes #12546
|
||
|
||
Yedaya Katsman (18 Dec 2023)
|
||
|
||
- tests: respect $TMPDIR when creating unix domain sockets
|
||
|
||
When running on termux, where $TMPDIR isn't /tmp, running the tests
|
||
failed, since the server config tried creating sockets in /tmp, without
|
||
checking the temp dir config. Use the TMPDIR variable that makes it find
|
||
the correct directory everywhere [0]
|
||
|
||
[0] https://perldoc.perl.org/File::Temp#tempfile
|
||
|
||
Closes #12545
|
||
|
||
Viktor Szakats (17 Dec 2023)
|
||
|
||
- ssh: fix namespace of two local macros
|
||
|
||
Avoid using the libssh and libssh2 macro namespaces by prefixing
|
||
these local macro names with `CURL_`.
|
||
|
||
Follow-up to 413a0fedd02c8c6df1d294534b8c6e306fcca7a2 #12346
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12544
|
||
|
||
- cmake: whitespace tidy-up in `OtherTests.cmake`
|
||
|
||
Closes #12538
|
||
|
||
Mark Sinkovics (16 Dec 2023)
|
||
|
||
- cmake: fix generation for system name iOS
|
||
|
||
This PR fixes a problem that happens during CMake configuration when
|
||
the `CMAKE_SYSTEM_NAME` set to `iOS` and not `Darwin`. This value is
|
||
available (as far as I remember) version 3.14. The final solution
|
||
(thanks to @vszakats) is to use `APPLE` which contains all the Apple
|
||
platforms https://cmake.org/cmake/help/latest/variable/APPLE.html.
|
||
|
||
This issue was found when during vcpkg installation. Running command
|
||
`vcpkg install curl:arm64-ios` and `vcpkg install curl:x64-ios` failed
|
||
with message:
|
||
```
|
||
CMake Error: try_run() invoked in cross-compiling mode, please set the follow
|
||
ing cache variables appropriately:
|
||
HAVE_H_ERRNO_ASSIGNABLE_EXITCODE (advanced)
|
||
```
|
||
After this fix, I was able to compile the compile the binary without
|
||
any issue.
|
||
|
||
In addition to that fix, this PR also contains an simplification to
|
||
check if the platform is not APPLE.
|
||
|
||
Co-authored-by: Viktor Szakats
|
||
Closes #12515
|
||
|
||
Daniel Stenberg (16 Dec 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Baruch Siach (16 Dec 2023)
|
||
|
||
- gnutls: fix build with --disable-verbose
|
||
|
||
infof() parameters must be defined event with --disable-verbose since
|
||
commit dac293cfb702 ("lib: apache style infof and trace
|
||
macros/functions").
|
||
|
||
Move also 'ptr' definition under !CURL_DISABLE_VERBOSE_STRINGS.
|
||
|
||
Fixes the following build failure:
|
||
|
||
In file included from ../lib/sendf.h:29,
|
||
from vtls/gtls.c:44:
|
||
vtls/gtls.c: In function 'Curl_gtls_verifyserver':
|
||
vtls/gtls.c:841:34: error: 'version' undeclared (first use in this function);
|
||
did you mean 'session'?
|
||
841 | gnutls_protocol_get_name(version), ptr);
|
||
| ^~~~~~~
|
||
|
||
Closes #12505
|
||
|
||
Viktor Szakats (16 Dec 2023)
|
||
|
||
- build: delete unused `HAVE_{GSSHEIMDAL,GSSMIT,HEIMDAL}`
|
||
|
||
Stop setting `HAVE_GSSHEIMDAL`, `HAVE_GSSMIT` and `HAVE_HEIMDAL`.
|
||
There was no place in the build system or source code that used them.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12506
|
||
|
||
- build: remove redundant `CURL_PULL_*` settings
|
||
|
||
These macros were not propagated to the source code from CMake.
|
||
|
||
autotools set only one of them (`CURL_PULL_SYS_POLL_H`), initially to
|
||
address an AIX issue [1]. This later broke when introducing `system.h`
|
||
[2] without the logic it enabled. A subsequent fix [3] re-added the
|
||
logic, and also enabled it for AIX before its use, directly in
|
||
`system.h`.
|
||
|
||
[1] 2012-11-23: 665adcd4b7bcdb7deb638cdc499fbe71f8d777f2
|
||
[2] 2017-03-29: 9506d01ee50d5908138ebad0fd9fbd39b66bd64d #1373
|
||
[3] 2017-08-25: 8a84fcc4b59e8b78d2acc6febf44a43d6bc81b59 #1828 #1833
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12502
|
||
|
||
- system.h: sync mingw `CURL_TYPEOF_CURL_SOCKLEN_T` with other compilers
|
||
|
||
Align mingw with the other Windows compilers and use the `int` type for
|
||
`CURL_TYPEOF_CURL_SOCKLEN_T` (and thus for `curl_socklent_t`). This
|
||
makes it unnecessary to make a mingw-specific trick and pull all Windows
|
||
headers early just for this type definition. This type is specific to
|
||
Windows, not to the compiler. mingw-w64's Windows header maps it to
|
||
`int` too.
|
||
|
||
With this we also delete all remaining uses of `CURL_PULL_WS2TCPIP_H`.
|
||
|
||
[ The official solution is to use `socklen_t` for all Windows compilers.
|
||
In this case we may want to update `curl/curl.h` to pull in Windows
|
||
headers before `system.h`. ]
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Reviewed-by: Jay Satiro
|
||
Closes #12501
|
||
|
||
- windows: simplify detecting and using system headers
|
||
|
||
- autotools, cmake: assume that if we detect Windows, `windows.h`,
|
||
`winsock2.h` and `ws2tcpip.h` do exist.
|
||
- lib: fix 3 outlier `#if` conditions to use `USE_WINSOCK` instead of
|
||
looking for `winsock2.h`.
|
||
- autotools: merge 3 Windows check methods into one.
|
||
- move Watt-32 and lwIP socket support to `setup-win32.h` from
|
||
`config-win32.h`. It opens up using these with all build tools. Also
|
||
merge logic with Windows Sockets.
|
||
- fix to assume Windows sockets with the mingw32ce toolchain.
|
||
Follow-up to: 2748c64d605b19fb419ae56810ad8da36487a2d4
|
||
- cmake: delete unused variable `signature_call_conv` since
|
||
eb33ccd5332435fa50f1758e5debb869c6942b7f.
|
||
- autotools: simplify `CURL_CHECK_WIN32_LARGEFILE` detection.
|
||
- examples/externalsocket: fix header order.
|
||
- cmake/OtherTests.cmake: delete Windows-specific `_source_epilogue`
|
||
that wasn't used anymore.
|
||
- cmake/OtherTests.cmake: set `WIN32_LEAN_AND_MEAN` for test
|
||
`SIZEOF_STRUCT_SOCKADDR_STORAGE`.
|
||
|
||
After this patch curl universally uses `_WIN32` to guard
|
||
Windows-specific logic. It guards Windows Sockets-specific logic with
|
||
`USE_WINSOCK` (this might need further work).
|
||
|
||
Reviewed-by: Jay Satiro
|
||
Closes #12495
|
||
|
||
- build: enable missing OpenSSF-recommended warnings, with fixes
|
||
|
||
https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening
|
||
-Guide-for-C-and-C++.html
|
||
as of 2023-11-29 [1].
|
||
|
||
Enable new recommended warnings (except `-Wsign-conversion`):
|
||
|
||
- enable `-Wformat=2` for clang (in both cmake and autotools).
|
||
- add `CURL_PRINTF()` internal attribute and mark functions accepting
|
||
printf arguments with it. This is a copy of existing
|
||
`CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible
|
||
with redefinting the `printf` symbol:
|
||
https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94
|
||
- fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for
|
||
mingw-w64 and enable it on this platform.
|
||
- enable `-Wimplicit-fallthrough`.
|
||
- enable `-Wtrampolines`.
|
||
- add `-Wsign-conversion` commented with a FIXME.
|
||
- cmake: enable `-pedantic-errors` the way we do it with autotools.
|
||
Follow-up to d5c0351055d5709da8f3e16c91348092fdb481aa #2747
|
||
- lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format
|
||
checks. Previously it was always disabled due to the internal `printf`
|
||
macro.
|
||
|
||
Fix them:
|
||
|
||
- fix bug where an `set_ipv6_v6only()` call was missed in builds with
|
||
`--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`.
|
||
- add internal `FALLTHROUGH()` macro.
|
||
- replace obsolete fall-through comments with `FALLTHROUGH()`.
|
||
- fix fallthrough markups: Delete redundant ones (showing up as
|
||
warnings in most cases). Add missing ones. Fix indentation.
|
||
- silence `-Wformat-nonliteral` warnings with llvm/clang.
|
||
- fix one `-Wformat-nonliteral` warning.
|
||
- fix new `-Wformat` and `-Wformat-security` warnings.
|
||
- fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its
|
||
definition to `lib/curl_setup.h` allowing use in `tests/server`.
|
||
- lib: fix two wrongly passed string arguments in log outputs.
|
||
Co-authored-by: Jay Satiro
|
||
- fix new `-Wformat` warnings on mingw-w64.
|
||
|
||
[1] https://github.com/ossf/wg-best-practices-os-developers/blob/56c0fde3895b
|
||
fc55c8a973ef49a2572c507b2ae1/docs/Compiler-Hardening-Guides/Compiler-Options-
|
||
Hardening-Guide-for-C-and-C%2B%2B.md
|
||
|
||
Closes #12489
|
||
|
||
- Makefile.mk: drop Windows support
|
||
|
||
And DLL-support with it. This leaves `Makefile.mk` for MS-DOS and Amiga.
|
||
|
||
We recommend CMake instead. With unity mode it's much faster, and about
|
||
the same without.
|
||
|
||
Ref: https://github.com/curl/curl/pull/12221#issuecomment-1783761806
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12224
|
||
|
||
Daniel Stenberg (16 Dec 2023)
|
||
|
||
- cmdline-docs: use .IP consistently
|
||
|
||
Remove use of .TP and some .B. The idea is to reduce nroff syntax as
|
||
much as possible and to use it consistently. Ultimately, we should be
|
||
able to introduce our own easier-to-use-and-read syntax/formatting and
|
||
convert on generation time.
|
||
|
||
Closes #12535
|
||
|
||
Tatsuhiko Miyagawa (16 Dec 2023)
|
||
|
||
- http: fix off-by-one error in request method length check
|
||
|
||
It should allow one more byte.
|
||
|
||
Closes #12534
|
||
|
||
Daniel Stenberg (15 Dec 2023)
|
||
|
||
- curl: show ipfs and ipns as supported "protocols"
|
||
|
||
They are accepted schemes in URLs passed to curl (the tool, not the
|
||
library).
|
||
|
||
Also makes curl-config show the same list.
|
||
|
||
Co-Authored-by: Jay Satiro
|
||
Reported-by: Chara White
|
||
Bug: https://curl.se/mail/archive-2023-12/0026.html
|
||
Closes #12508
|
||
|
||
- Revert "urldata: move async resolver state from easy handle to connectdata"
|
||
|
||
This reverts commit 56a4db2e4e2bcb9a0dcb75b83560a78ef231fcc8 (#12198)
|
||
|
||
We want the c-ares channel to be held in the easy handle, not per
|
||
connection - for performance.
|
||
|
||
Closes #12524
|
||
|
||
Viktor Szakats (15 Dec 2023)
|
||
|
||
- openssl: re-match LibreSSL deinit with init
|
||
|
||
Earlier we switched to use modern initialization with LibreSSL v2.7.0
|
||
and up, but did not touch deinitialization [1]. Fix it in this patch.
|
||
|
||
Regression from bec0c5bbf34369920598678161d2df8bea0e243b #11611
|
||
|
||
[1] https://github.com/curl/curl/pull/11611#issuecomment-1668654014
|
||
|
||
Reported-by: Mike Hommey
|
||
Reviewed-by: Daniel Stenberg
|
||
Fixes #12525
|
||
Closes #12526
|
||
|
||
Daniel Stenberg (14 Dec 2023)
|
||
|
||
- libssh: supress warnings without version check
|
||
|
||
Define unconditionally.
|
||
|
||
Follow-up from d21bd2190c46ad7fa
|
||
|
||
Closes #12523
|
||
|
||
- hostip: return error immediately when Curl_ip2addr() fails
|
||
|
||
Closes #12522
|
||
|
||
Theo (14 Dec 2023)
|
||
|
||
- libssh: improve the deprecation warning dismissal
|
||
|
||
Previous code was compiler dependant, and dismissed all deprecation warnings
|
||
indiscriminately.
|
||
|
||
libssh provides a way to disable the deprecation warnings for libssh only, an
|
||
d
|
||
naturally this is the preferred way.
|
||
|
||
This commit uses that, to prevent the erroneous hiding of potential, unrelate
|
||
d
|
||
deprecation warnings.
|
||
|
||
Fixes #12519
|
||
Closes #12520
|
||
|
||
Daniel Stenberg (14 Dec 2023)
|
||
|
||
- test1474: removed
|
||
|
||
The test was already somewhat flaky and disabled on several platforms,
|
||
and after 1da640abb688 even more unstable.
|
||
|
||
- readwrite_data: loop less
|
||
|
||
This function is made to loop in order to drain incoming data
|
||
faster. Completely removing the loop has a measerably negative impact on
|
||
transfer speeds.
|
||
|
||
Downsides with the looping include
|
||
|
||
- it might call the progress callback much more seldom. Especially if
|
||
the write callback is slow.
|
||
|
||
- rate limiting becomes less exact
|
||
|
||
- a single transfer might "starve out" other parallel transfers
|
||
|
||
- QUIC timers for other connections can't be maintained correctly
|
||
|
||
The long term fix should be to remove the loop and optimize coming back
|
||
to avoid the transfer speed penalty.
|
||
|
||
This fix lower the max loop count to reduce the starvation problem, and
|
||
avoids the loop completely for when rate-limiting is in progress.
|
||
|
||
Ref: #12488
|
||
Ref: https://curl.se/mail/lib-2023-12/0012.html
|
||
Closes #12504
|
||
|
||
Stefan Eissing (14 Dec 2023)
|
||
|
||
- lib: eliminate `conn->cselect_bits`
|
||
|
||
- use `data->state.dselect_bits` everywhere instead
|
||
- remove `bool *comeback` parameter as non-zero
|
||
`data->state.dselect_bits` will indicate that IO is
|
||
incomplete.
|
||
|
||
Closes #12512
|
||
|
||
- connect: refactor `Curl_timeleft()`
|
||
|
||
- less local vars, "better" readability
|
||
- added documentation
|
||
|
||
Closes #12518
|
||
|
||
Dmitry Karpov (14 Dec 2023)
|
||
|
||
- cookie: avoid fopen with empty file name
|
||
|
||
Closes #12514
|
||
|
||
Viktor Szakats (13 Dec 2023)
|
||
|
||
- tests/server: delete workaround for old-mingw
|
||
|
||
mingw-w64 1.0 comes with w32api v3.12, thus doesn't need this.
|
||
|
||
Follow-up to 38029101e2d78ba125732b3bab6ec267b80a0e72 #11625
|
||
|
||
Reviewed-by: Jay Satiro
|
||
Closes #12510
|
||
|
||
- cmake: delete obsolete TODOs more [ci skip]
|
||
|
||
- manual completed: 898b012a9bf388590c4be7f526815b5ab74feca1 #1288
|
||
- soname completed: 5de6848f104d7cb0017080e31216265ac19d0dde #10023
|
||
- bunch of others that are completed
|
||
- `NTLM_WB_ENABLED` is implemented in a basic form, and now also
|
||
scheduled for removal, so a TODO at this point isn't useful.
|
||
|
||
And this 'to-check' item:
|
||
|
||
Q: "The cmake build selected to run gcc with -fPIC on my box while the
|
||
plain configure script did not."
|
||
|
||
A: With CMake, since 2ebc74c36a19a1700af394c16855ce144d9878e3 #11546
|
||
and fc9bfb14520712672b4784e8b48256fb29204011 #11627, we explicitly
|
||
enable PIC for libcurl shared lib. Or when building libcurl for
|
||
shared and static lib in a single pass. We do this by default for
|
||
Windows or when enabled by the user via `SHARE_LIB_OBJECT`.
|
||
Otherwise we don't touch this setting. Meaning the default set by
|
||
CMake (if any) or the toolchain is used. On Debian Bookworm, this
|
||
means that PIC is disabled for static libs by default. Some platforms
|
||
(like macOS), has PIC enabled by default.
|
||
autotools supports the double-pass mode only, and in that case
|
||
CMake seems to match PIC behaviour now (as tested on Linux with gcc.)
|
||
|
||
Follow-up to 5d5dfdbd1a6c40bd75e982b66f49e1fa3a7eeae7 #12500
|
||
|
||
Reviewed-by: Jay Satiro
|
||
Closes #12509
|
||
|
||
Stefan Eissing (12 Dec 2023)
|
||
|
||
- CLIENT-WRITERS: design and use documentation
|
||
|
||
Closes #12507
|
||
|
||
Viktor Szakats (12 Dec 2023)
|
||
|
||
- cmake: delete obsolete TODO items [ci skip]
|
||
|
||
There is always room for improvement, but CMake is up to par now with
|
||
autotools, so there is no longer a good reason to keep around these
|
||
inline TODO items.
|
||
|
||
Answering one of questions:
|
||
|
||
Q: "The gcc command line use neither -g nor any -O options. As a
|
||
developer, I also treasure our configure scripts's --enable-debug
|
||
option that sets a long range of "picky" compiler options."
|
||
|
||
A: CMake offers the `CMAKE_BUILD_TYPE` variable to control debug info
|
||
and optimization level. E.g.:
|
||
- `Release` = `-O3` + no debug info
|
||
- `MinSizeRel` = `-Os` + no debug info
|
||
- `Debug` = `-O0` + debug info
|
||
|
||
https://stackoverflow.com/questions/48754619/what-are-cmake-build-type-deb
|
||
ug-release-relwithdebinfo-and-minsizerel/59314670#59314670
|
||
https://cmake.org/cmake/help/latest/manual/cmake-buildsystem.7.html#defaul
|
||
t-and-custom-configurations
|
||
|
||
For picky warnings we have the `PICKY_COMPILER` options, enabled by
|
||
default.
|
||
|
||
Closes #12500
|
||
|
||
Stefan Eissing (11 Dec 2023)
|
||
|
||
- CONNECTION-FILTERS: update documentation
|
||
|
||
Closes #12497
|
||
|
||
Daniel Stenberg (11 Dec 2023)
|
||
|
||
- lib: reduce use of strncpy
|
||
|
||
- bearssl: select cipher without buffer copies
|
||
- http_aws_sigv4: avoid strncpy, require exact timestamp length
|
||
- http_aws_sigv4: use memcpy isntead of strncpy
|
||
- openssl: avoid strncpy calls
|
||
- schannel: check for 1.3 algos without buffer copies
|
||
- strerror: avoid strncpy calls
|
||
- telnet: avoid strncpy, return error on too long inputs
|
||
- vtls: avoid strncpy in multissl_version()
|
||
|
||
Closes #12499
|
||
|
||
- CI/distcheck: run full tests
|
||
|
||
To be able to detect missing files better, this now runs the full CI
|
||
test suite. If done before, it would have detected #12462 before
|
||
release.
|
||
|
||
Closes #12503
|
||
|
||
- docs: clean up Protocols: for cmdline options
|
||
|
||
... and some other minor polish.
|
||
|
||
Closes #12496
|
||
|
||
- cmdline/gen: fix the sorting of the man page options
|
||
|
||
They were previously sorted based on the file names, which use a .d
|
||
extension, making "data" get placed after "data-binary" etc. Making the
|
||
sort ignore the extention fixes the ordering.
|
||
|
||
Reported-by: Boris Verkhovskiy
|
||
Bug: https://curl.se/mail/archive-2023-12/0014.html
|
||
Closes #12494
|
||
|
||
Daniel Gustafsson (9 Dec 2023)
|
||
|
||
- doh: remove unused local variable
|
||
|
||
The nurl variable is no longer used during probing following
|
||
a refactoring, so remove.
|
||
|
||
Closes #12491
|
||
|
||
Jay Satiro (8 Dec 2023)
|
||
|
||
- build: fix Windows ADDRESS_FAMILY detection
|
||
|
||
- Include winsock2.h for Windows ADDRESS_FAMILY detection.
|
||
|
||
Prior to this change cmake detection didn't work because it included
|
||
ws2def.h by itself, which is missing needed types from winsock2.h.
|
||
|
||
Prior to this change autotools detection didn't work because it did not
|
||
include any Windows header.
|
||
|
||
In both cases libcurl would fall back on unsigned short as the address
|
||
family type, which is the same as ADDRESS_FAMILY.
|
||
|
||
Co-authored-by: Viktor Szakats
|
||
|
||
Closes https://github.com/curl/curl/pull/12441
|
||
|
||
Daniel Stenberg (8 Dec 2023)
|
||
|
||
- lib: rename Curl_strndup to Curl_memdup0 to avoid misunderstanding
|
||
|
||
Since the copy does not stop at a null byte, let's not call it anything
|
||
that makes you think it works like the common strndup() function.
|
||
|
||
Based on feedback from Jay Satiro, Stefan Eissing and Patrick Monnerat
|
||
|
||
Closes #12490
|
||
|
||
- convsrctest.pl: removed: not used, not shipped in tarballs
|
||
|
||
- tests: rename tests scripts to the test number
|
||
|
||
It is hard to name the scripts sensibly. Lots of them are similarly
|
||
named and the name did not tell which test that used them.
|
||
|
||
The new approach is rather to name them based on the test number that
|
||
runs them. Also helps us see which scripts are for individual tests
|
||
rather than for general test infra.
|
||
|
||
- badsymbols.pl -> test1167.pl
|
||
- check-deprecated.pl -> test1222.pl
|
||
- check-translatable-options.pl -> test1544.pl
|
||
- disable-scan.pl -> test1165.pl
|
||
- error-codes.pl -> test1175.pl
|
||
- errorcodes.pl -> test1477.pl
|
||
- extern-scan.pl -> test1135.pl
|
||
- manpage-scan.pl -> test1139.pl
|
||
- manpage-syntax.pl -> test1173.pl
|
||
- markdown-uppercase.pl -> test1275.pl
|
||
- mem-include-scan.pl -> test1132.pl
|
||
- nroff-scan.pl -> test1140.pl
|
||
- option-check.pl -> test1276.pl
|
||
- options-scan.pl -> test971.pl
|
||
- symbol-scan.pl -> test1119.pl
|
||
- version-scan.pl -> test1177.pl
|
||
|
||
Closes #12487
|
||
|
||
Michał Antoniak (8 Dec 2023)
|
||
|
||
- sendf: fix compiler warning with CURL_DISABLE_HEADERS_API
|
||
|
||
fix MSVC warning C4189: 'htype': local variable is initialized but not
|
||
referenced - when CURL_DISABLE_HEADERS_API is defined.
|
||
|
||
Closes #12485
|
||
|
||
Viktor Szakats (8 Dec 2023)
|
||
|
||
- tidy-up: whitespace
|
||
|
||
Closes #12484
|
||
|
||
Stefan Eissing (7 Dec 2023)
|
||
|
||
- test_02_download: fix paramters to test_02_27
|
||
|
||
- it is a special client that only ever uses http/2
|
||
|
||
Closes #12467
|
||
|
||
Michał Antoniak (7 Dec 2023)
|
||
|
||
- vtls: remove the Curl_cft_ssl_proxy object if CURL_DISABLE_PROXY
|
||
|
||
Closes #12459
|
||
|
||
Daniel Stenberg (7 Dec 2023)
|
||
|
||
- lib: strndup/memdup instead of malloc, memcpy and null-terminate
|
||
|
||
- bufref: use strndup
|
||
- cookie: use strndup
|
||
- formdata: use strndup
|
||
- ftp: use strndup
|
||
- gtls: use aprintf instead of malloc + strcpy * 2
|
||
- http: use strndup
|
||
- mbedtls: use strndup
|
||
- md4: use memdup
|
||
- ntlm: use memdup
|
||
- ntlm_sspi: use strndup
|
||
- pingpong: use memdup
|
||
- rtsp: use strndup instead of malloc, memcpy and null-terminate
|
||
- sectransp: use strndup
|
||
- socks_gssapi.c: use memdup
|
||
- vtls: use dynbuf instead of malloc, snprintf and memcpy
|
||
- vtls: use strdup instead of malloc + memcpy
|
||
- wolfssh: use strndup
|
||
|
||
Closes #12453
|
||
|
||
- strdup: remove the memchr check from Curl_strndup
|
||
|
||
It makes it possible to clone a binary chunk of data.
|
||
|
||
Closes #12453
|
||
|
||
- ftp: handle the PORT parsing without allocation
|
||
|
||
Also reduces amount of *cpy() calls.
|
||
|
||
Closes #12456
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Bumped to 8.5.1
|
||
|
||
- url: for disabled protocols, mention if found in redirect
|
||
|
||
To help users better understand where the URL (and denied scheme) comes
|
||
from. Also removed "in libcurl" from the message, since the disabling
|
||
can be done by the application.
|
||
|
||
The error message now says "not supported" or "disabled" depending on
|
||
why it was denied:
|
||
|
||
Protocol "hej" not supported
|
||
Protocol "http" disabled
|
||
|
||
And in redirects:
|
||
|
||
Protocol "hej" not supported (in redirect)
|
||
Protocol "http" disabled (in redirect)
|
||
|
||
Reported-by: Mauricio Scheffer
|
||
Fixes #12465
|
||
Closes #12469
|
||
|
||
Stefan Eissing (6 Dec 2023)
|
||
|
||
- sectransp_ make TLSCipherNameForNumber() available in non-verbose config
|
||
|
||
Reported-by: Cajus Pollmeier
|
||
Closes #12476
|
||
Fixes #12474
|
||
|
||
YX Hao (6 Dec 2023)
|
||
|
||
- lib: fix variable undeclared error caused by `infof` changes
|
||
|
||
`--disable-verbose` yields `CURL_DISABLE_VERBOSE_STRINGS` defined.
|
||
`infof` isn't `Curl_nop_stmt` anymore: dac293c.
|
||
|
||
Follow-up to dac293c
|
||
|
||
Closes #12470
|
||
|
||
Viktor Szakats (6 Dec 2023)
|
||
|
||
- tidy-up: fix yamllint whitespace issues in labeler.yml
|
||
|
||
Follow-up to bda212911457c6fadfbba50be61afc4ca513fa56 #12466
|
||
|
||
Reviewed-by: Dan Fandrich
|
||
Closes #12475
|
||
|
||
- tidy-up: fix yamllint whitespace issues
|
||
|
||
Closes #12466
|
||
|
||
Chris Sauer (6 Dec 2023)
|
||
|
||
- cmake: fix typo
|
||
|
||
Follow-up to aace27b
|
||
Closes #12464
|
||
|
||
Daniel Stenberg (6 Dec 2023)
|
||
|
||
- dist: add tests/errorcodes.pl to the tarball
|
||
|
||
Used by test 1477
|
||
|
||
Reported-by: Xi Ruoyao
|
||
Follow-up to 0ca3a4ec9a7
|
||
Fixes #12462
|
||
Closes #12463
|
||
|
||
Dan Fandrich (6 Dec 2023)
|
||
|
||
- github/labeler: update a missed key in the v5 upgrade
|
||
|
||
Follow-up to ce03fe3ba
|
||
|
||
Version 8.5.0 (6 Dec 2023)
|
||
|
||
Daniel Stenberg (6 Dec 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
The curl 8.5.0 release.
|
||
|
||
Dan Fandrich (5 Dec 2023)
|
||
|
||
- github/labeler: switch from the beta to labeler v5
|
||
|
||
Some keys were renamed and the dot option was made default.
|
||
|
||
Closes #12458
|
||
|
||
Daniel Stenberg (5 Dec 2023)
|
||
|
||
- DEPRECATE: remove NTLM_WB in June 2024
|
||
|
||
Ref: https://curl.se/mail/lib-2023-12/0010.html
|
||
|
||
Closes #12451
|
||
|
||
Jacob Hoffman-Andrews (4 Dec 2023)
|
||
|
||
- rustls: implement connect_blocking
|
||
|
||
Closes #11647
|
||
|
||
Daniel Stenberg (4 Dec 2023)
|
||
|
||
- examples/rtsp-options.c: add
|
||
|
||
Just a bare bones RTSP example using CURLOPT_RTSP_SESSION_ID and
|
||
CURLOPT_RTSP_REQUEST set to CURL_RTSPREQ_OPTIONS.
|
||
|
||
Closes #12452
|
||
|
||
Stefan Eissing (4 Dec 2023)
|
||
|
||
- ngtcp2: ignore errors on unknown streams
|
||
|
||
- expecially in is_alive checks on connections, we might
|
||
see incoming packets on streams already forgotten and closed,
|
||
leading to errors reported by nghttp3. Ignore those.
|
||
|
||
Closes #12449
|
||
|
||
Daniel Stenberg (4 Dec 2023)
|
||
|
||
- docs: make all examples in all libcurl man pages compile
|
||
|
||
Closes #12448
|
||
|
||
- checksrc.pl: support #line instructions
|
||
|
||
makes it identify the correct source file and line
|
||
|
||
- GHA/man-examples: verify libcurl man page examples
|
||
|
||
- verify-examples.pl: verify that all man page examples compile clean
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Graham Campbell (2 Dec 2023)
|
||
|
||
- http3: bump ngtcp2 and nghttp3 versions
|
||
|
||
nghttp3 v1.1.0
|
||
ngtcp2 v1.1.0
|
||
|
||
In docs and CI
|
||
|
||
Closes #12446
|
||
|
||
- CI/quiche: use `3.1.4+quic` consistently in CI workflows
|
||
|
||
Closes #12447
|
||
|
||
Viktor Szakats (2 Dec 2023)
|
||
|
||
- test1545: disable deprecation warnings
|
||
|
||
Fixes:
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/48631551/job/bhx74e0i66yr
|
||
p6pk#L1205
|
||
|
||
Same with details:
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/48662893/job/ol8a78q9gmil
|
||
b6wt#L1263
|
||
```
|
||
tests/libtest/lib1545.c:38:3: error: 'curl_formadd' is deprecated: since 7.56
|
||
.0. Use curl_mime_init() [-Werror=deprecated-declarations]
|
||
38 | curl_formadd(&m_formpost, &lastptr, CURLFORM_COPYNAME, "file",
|
||
| ^~~~~~~~~~~~
|
||
[...]
|
||
```
|
||
|
||
Follow-up to 07a3cd83e0456ca17dfd8c3104af7cf45b7a1ff5 #12421
|
||
|
||
Fixes #12445
|
||
Closes #12444
|
||
|
||
Daniel Stenberg (2 Dec 2023)
|
||
|
||
- INSTALL: update list of ports and CPU archs
|
||
|
||
- symbols-in-versions: the CLOSEPOLICY options are deprecated
|
||
|
||
The were used with the CURLOPT_CLOSEPOLICY option, which *never* worked.
|
||
|
||
z2_ (1 Dec 2023)
|
||
|
||
- build: fix builds that disable protocols but not digest auth
|
||
|
||
- Build base64 functions if digest auth is not disabled.
|
||
|
||
Prior to this change if some protocols were disabled but not digest auth
|
||
then a build error would occur due to missing base64 functions.
|
||
|
||
Fixes https://github.com/curl/curl/issues/12440
|
||
Closes https://github.com/curl/curl/pull/12442
|
||
|
||
Michał Antoniak (1 Dec 2023)
|
||
|
||
- connect: reduce number of transportation providers
|
||
|
||
Use only the ones necessary - the ones that are built-in. Saves a few
|
||
bytes in the resulting code.
|
||
|
||
Closes #12438
|
||
|
||
David Benjamin (1 Dec 2023)
|
||
|
||
- vtls: consistently use typedef names for OpenSSL structs
|
||
|
||
The foo_st names don't appear in OpenSSL public API documentation. The
|
||
FOO typedefs are more common. This header was already referencing
|
||
SSL_CTX via <openssl/ssl.h>. There is a comment about avoiding
|
||
<openssl/x509v3.h>, but OpenSSL actually declares all the typedefs in
|
||
<openssl/ossl_typ.h>, which is already included by <openssl/ssl.h> (and
|
||
every other OpenSSL header), so just use that. Though I've included it
|
||
just to be explicit.
|
||
|
||
(I'm also fairly sure including <openssl/ssl.h> already triggers the
|
||
Schannel conflicts anyway. The comment was probably just out of date.)
|
||
|
||
Closes #12439
|
||
|
||
Lau (1 Dec 2023)
|
||
|
||
- libcurl-security.3: fix typo
|
||
|
||
Fixed minimal typo.
|
||
|
||
Closes #12437
|
||
|
||
Stefan Eissing (1 Dec 2023)
|
||
|
||
- ngtcp2: fix races in stream handling
|
||
|
||
- fix cases where ngtcp2 invokes callbacks on streams that
|
||
nghttp3 has already forgotten. Ignore the NGHTTP3_ERR_STREAM_NOT_FOUND
|
||
in these cases as it is normal behaviour.
|
||
|
||
Closes #12435
|
||
|
||
Emanuele Torre (1 Dec 2023)
|
||
|
||
- tool_writeout_json: fix JSON encoding of non-ascii bytes
|
||
|
||
char variables if unspecified can be either signed or unsigned depending
|
||
on the platform according to the C standard; in most platforms, they are
|
||
signed.
|
||
|
||
This meant that the *i<32 waas always true for bytes with the top bit
|
||
set. So they were always getting encoded as \uXXXX, and then since they
|
||
were also signed negative, they were getting extended with 1s causing
|
||
'\xe2' to be expanded to \uffffffe2, for example:
|
||
|
||
$ curl --variable 'v=“' --expand-write-out '{{v:json}}\n' file:///dev/nul
|
||
l
|
||
\uffffffe2\uffffff80\uffffff9c
|
||
|
||
I fixed this bug by making the code use explicitly unsigned char*
|
||
variables instead of char* variables.
|
||
|
||
Test 268 verifies
|
||
|
||
Reported-by: iconoclasthero
|
||
Closes #12434
|
||
|
||
Stefan Eissing (1 Dec 2023)
|
||
|
||
- cf-socket: TCP trace output local address used in connect
|
||
|
||
Closes #12427
|
||
|
||
Jay Satiro (1 Dec 2023)
|
||
|
||
- CURLINFO_PRETRANSFER_TIME_T.3: fix time explanation
|
||
|
||
- Change CURLINFO_PRETRANSFER_TIME_T explanation to say that it
|
||
includes protocol-specific instructions that trigger a transfer.
|
||
|
||
Prior to this change it explicitly said that it did not include those
|
||
instructions in the time, but that is incorrect.
|
||
|
||
The change is a copy of the fixed explanation already in
|
||
CURLINFO_PRETRANSFER_TIME, fixed by ec8dcd7b.
|
||
|
||
Reported-by: eeverettrbx@users.noreply.github.com
|
||
|
||
Fixes https://github.com/curl/curl/issues/12431
|
||
Closes https://github.com/curl/curl/pull/12432
|
||
|
||
Daniel Stenberg (30 Nov 2023)
|
||
|
||
- multi: during ratelimit multi_getsock should return no sockets
|
||
|
||
... as there is nothing to wait for then, it just waits. Otherwise, this
|
||
causes much more CPU work and updates than necessary during ratelimit
|
||
periods.
|
||
|
||
Ref: https://curl.se/mail/lib-2023-11/0056.html
|
||
Closes #12430
|
||
|
||
Dmitry Karpov (30 Nov 2023)
|
||
|
||
- transfer: abort pause send when connection is marked for closing
|
||
|
||
This handles cases of some bi-directional "upgrade" scenarios
|
||
(i.e. WebSockets) where sending is paused until some "upgrade" handshake
|
||
is completed, but server rejects the handshake and closes the
|
||
connection.
|
||
|
||
Closes #12428
|
||
|
||
Daniel Stenberg (28 Nov 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- openssl: when a session-ID is reused, skip OCSP stapling
|
||
|
||
Fixes #12399
|
||
Reported-by: Alexey Larikov
|
||
Closes #12418
|
||
|
||
- test1545: test doing curl_formadd twice with missing file
|
||
|
||
Reproduces #12410
|
||
Verifies the fix
|
||
Closes #12421
|
||
|
||
- Curl_http_body: cleanup properly when Curl_getformdata errors
|
||
|
||
Reported-by: yushicheng7788 on github
|
||
Based-on-work-by: yushicheng7788 on github
|
||
Fixes #12410
|
||
Closes #12421
|
||
|
||
- test1477: verify that libcurl-errors.3 and public headers are synced
|
||
|
||
The script errorcodes.pl extracts all error codes from all headers and
|
||
checks that they are all documented, then checks that all documented
|
||
error codes are also specified in a header file.
|
||
|
||
Closes #12424
|
||
|
||
- libcurl-errors.3: sync with current public headers
|
||
|
||
Closes #12424
|
||
|
||
Stefan Eissing (28 Nov 2023)
|
||
|
||
- test459: fix for parallel runs
|
||
|
||
- change warniing message to work better with varying filename
|
||
length.
|
||
- adapt test output check to new formatting
|
||
|
||
Follow-up to 97ccc4479f77ba3191c6
|
||
Closes #12423
|
||
|
||
Daniel Stenberg (27 Nov 2023)
|
||
|
||
- tool_cb_prg: make the carriage return fit for wide progress bars
|
||
|
||
When the progress bar was made max width (256 columns), the fly()
|
||
function attempted to generate its output buffer too long so that the
|
||
trailing carriage return would not fit and then the output would show
|
||
wrongly. The fly function is called when the expected total transfer is
|
||
unknown, which could be one or more progress calls before the actual
|
||
progress meter get shown when the expected transfer size is provided.
|
||
|
||
This new take also replaces the msnprintf() call with a much simpler
|
||
memset() for speed.
|
||
|
||
Reported-by: Tim Hill
|
||
Fixes #12407
|
||
Closes #12415
|
||
|
||
- tool_parsecfg: make warning output propose double-quoting
|
||
|
||
When the config file parser detects a word that *probably* should be
|
||
quoted, mention double-quotes as a possible remedy.
|
||
|
||
Test 459 verifies.
|
||
|
||
Proposed-by: Jiehong on github
|
||
Fixes #12409
|
||
Closes #12412
|
||
|
||
Jay Satiro (26 Nov 2023)
|
||
|
||
- curl.rc: switch out the copyright symbol for plain ASCII
|
||
|
||
.. like we already do for libcurl.rc.
|
||
|
||
libcurl.rc copyright symbol used to cause a "non-ascii 8-bit codepoint"
|
||
warning so it was switched to ascii.
|
||
|
||
Ref: https://github.com/curl/curl/commit/1ca62bb5#commitcomment-133474972
|
||
|
||
Suggested-by: Robert Southee
|
||
|
||
Closes https://github.com/curl/curl/pull/12403
|
||
|
||
Daniel Stenberg (26 Nov 2023)
|
||
|
||
- conncache: use the closure handle when disconnecting surplus connections
|
||
|
||
Use the closure handle for disconnecting connection cache entries so
|
||
that anything that happens during the disconnect is not stored and
|
||
associated with the 'data' handle which already just finished a transfer
|
||
and it is important that details from the unrelated disconnect does not
|
||
taint meta-data in the data handle.
|
||
|
||
Like storing the response code.
|
||
|
||
This also adjust test 1506. Unfortunately it also removes a key part of
|
||
the test that verifies that a connection is closed since when this
|
||
output vanishes (because the closure handle is used), we don't know
|
||
exactly that the connection actually gets closed in this test...
|
||
|
||
Reported-by: ohyeaah on github
|
||
Fixes #12367
|
||
Closes #12405
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Stefan Eissing (24 Nov 2023)
|
||
|
||
- quic: make eyeballers connect retries stop at weird replies
|
||
|
||
- when a connect immediately goes into DRAINING state, do
|
||
not attempt retries in the QUIC connection filter. Instead,
|
||
return CURLE_WEIRD_SERVER_REPLY
|
||
- When eyeballing, interpret CURLE_WEIRD_SERVER_REPLY as an
|
||
inconclusive answer. When all addresses have been attempted,
|
||
rewind the address list once on an inconclusive answer.
|
||
- refs #11832 where connects were retried indefinitely until
|
||
the overall timeout fired
|
||
|
||
Closes #12400
|
||
|
||
Daniel Stenberg (24 Nov 2023)
|
||
|
||
- CI: verify libcurl function SYNPOSIS sections
|
||
|
||
With the .github/scripits/verify-synopsis.pl script
|
||
|
||
Closes #12402
|
||
|
||
- docs/libcurl: SYNSOPSIS cleanup
|
||
|
||
- use the correct include file
|
||
- make sure they are declared as in the header file
|
||
- fix minor nroff syntax mistakes (missing .fi)
|
||
|
||
These are verified by verify-synopsis.pl, which extracts the SYNPOSIS
|
||
code and runs it through gcc.
|
||
|
||
Closes #12402
|
||
|
||
- sendf: fix comment typo
|
||
|
||
- fopen: allocate the dir after fopen
|
||
|
||
Move the allocation of the directory name down to after the fopen() call
|
||
to allow that shortcut code path to avoid a superfluous malloc+free
|
||
cycle.
|
||
|
||
Follow-up to 73b65e94f35311
|
||
|
||
Closes #12398
|
||
|
||
Stefan Eissing (24 Nov 2023)
|
||
|
||
- transfer: cleanup done+excess handling
|
||
|
||
- add `SingleRequest->download_done` as indicator that
|
||
all download bytes have been received
|
||
- remove `stop_reading` bool from readwrite functions
|
||
- move excess body handling into client download writer
|
||
|
||
Closes #12371
|
||
|
||
Daniel Stenberg (23 Nov 2023)
|
||
|
||
- fopen: create new file using old file's mode
|
||
|
||
Because the function renames the temp file to the target name as a last
|
||
step, if the file was previously owned by a different user, not ORing
|
||
the old mode could otherwise end up creating a file that was no longer
|
||
readable by the original owner after save.
|
||
|
||
Reported-by: Loïc Yhuel
|
||
Fixes #12299
|
||
Closes #12395
|
||
|
||
- test1476: require proxy
|
||
|
||
Follow-up from 323df4261c3542
|
||
|
||
Closes #12394
|
||
|
||
- fopen: create short(er) temporary file name
|
||
|
||
Only using random letters in the name plus a ".tmp" extension. Not by
|
||
appending characters to the final file name.
|
||
|
||
Reported-by: Maksymilian Arciemowicz
|
||
|
||
Closes #12388
|
||
|
||
Stefan Eissing (23 Nov 2023)
|
||
|
||
- tests: git ignore generated second-hsts.txt file
|
||
|
||
File is generated in test lib1900
|
||
|
||
Follow-up to 7cb03229d9e9c5
|
||
|
||
Closes #12393
|
||
|
||
Viktor Szakats (23 Nov 2023)
|
||
|
||
- openssl: enable `infof_certstack` for 1.1 and LibreSSL 3.6
|
||
|
||
Lower the barrier to enable `infof_certstack()` from OpenSSL 3 to
|
||
OpenSSL 1.1.x, and LibreSSL 3.6 or upper.
|
||
|
||
With the caveat, that "group name" and "type name" are missing from
|
||
the log output with these TLS backends.
|
||
|
||
Follow-up to b6e6d4ff8f253c8b8055bab9d4d6a10f9be109f3 #12030
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12385
|
||
|
||
Daniel Stenberg (23 Nov 2023)
|
||
|
||
- urldata: fix typo in comment
|
||
|
||
- CI: codespell
|
||
|
||
The list of words to ignore is in the file
|
||
.github/scripts/codespell-ignore.txt
|
||
|
||
Closes #12390
|
||
|
||
- lib: fix comment typos
|
||
|
||
Five separate ones, found by codespell
|
||
|
||
Closes #12390
|
||
|
||
- test1476: verify cookie PSL mixed case
|
||
|
||
- cookie: lowercase the domain names before PSL checks
|
||
|
||
Reported-by: Harry Sintonen
|
||
|
||
Closes #12387
|
||
|
||
Viktor Szakats (23 Nov 2023)
|
||
|
||
- openssl: fix building with v3 `no-deprecated` + add CI test
|
||
|
||
- build quictls with `no-deprecated` in CI to have test coverage for
|
||
this OpenSSL 3 configuration.
|
||
|
||
- don't call `OpenSSL_add_all_algorithms()`, `OpenSSL_add_all_digests()`.
|
||
The caller code is meant for OpenSSL 3, while these two functions were
|
||
only necessary before OpenSSL 1.1.0. They are missing from OpenSSL 3
|
||
if built with option `no-deprecated`, causing build errors:
|
||
```
|
||
vtls/openssl.c:4097:3: error: call to undeclared function 'OpenSSL_add_all_
|
||
algorithms'; ISO C99 and later do not support implicit function declaration
|
||
s [-Wimplicit-function-declaration]
|
||
vtls/openssl.c:4098:3: error: call to undeclared function 'OpenSSL_add_all_
|
||
digests'; ISO C99 and later do not support implicit function declarations [
|
||
-Wimplicit-function-declaration]
|
||
```
|
||
Ref: https://ci.appveyor.com/project/curlorg/curl-for-win/builds/48587418?f
|
||
ullLog=true#L7667
|
||
|
||
Regression from b6e6d4ff8f253c8b8055bab9d4d6a10f9be109f3 #12030
|
||
Bug: https://github.com/curl/curl/issues/12380#issuecomment-1822944669
|
||
Reviewed-by: Alex Bozarth
|
||
|
||
- vquic/curl_ngtcp2: fix using `SSL_get_peer_certificate` with
|
||
`no-deprecated` quictls 3 builds.
|
||
Do it by moving an existing solution for this from `vtls/openssl.c`
|
||
to `vtls/openssl.h` and adjusting caller code.
|
||
```
|
||
vquic/curl_ngtcp2.c:1950:19: error: implicit declaration of function 'SSL_g
|
||
et_peer_certificate'; did you mean 'SSL_get1_peer_certificate'? [-Wimplicit
|
||
-function-declaration]
|
||
```
|
||
Ref: https://github.com/curl/curl/actions/runs/6960723097/job/18940818625#s
|
||
tep:24:1178
|
||
|
||
- curl_ntlm_core: fix `-Wunused-parameter`, `-Wunused-variable` and
|
||
`-Wunused-function` when trying to build curl with NTLM enabled but
|
||
without the necessary TLS backend (with DES) support.
|
||
|
||
Closes #12384
|
||
|
||
- curl.h: delete Symbian OS references
|
||
|
||
curl deprecated Symbian OS in 3d64031fa7a80ac4ae3fd09a5939196268b92f81
|
||
via #5989. Delete references to it from public headers, because there
|
||
is no fresh release to use those headers with.
|
||
|
||
Reviewed-by: Dan Fandrich
|
||
Reviewed-by: Jay Satiro
|
||
Closes #12378
|
||
|
||
- windows: use built-in `_WIN32` macro to detect Windows
|
||
|
||
Windows compilers define `_WIN32` automatically. Windows SDK headers
|
||
or build env defines `WIN32`, or we have to take care of it. The
|
||
agreement seems to be that `_WIN32` is the preferred practice here.
|
||
Make the source code rely on that to detect we're building for Windows.
|
||
|
||
Public `curl.h` was using `WIN32`, `__WIN32__` and `CURL_WIN32` for
|
||
Windows detection, next to the official `_WIN32`. After this patch it
|
||
only uses `_WIN32` for this. Also, make it stop defining `CURL_WIN32`.
|
||
|
||
There is a slight chance these break compatibility with Windows
|
||
compilers that fail to define `_WIN32`. I'm not aware of any obsolete
|
||
or modern compiler affected, but in case there is one, one possible
|
||
solution is to define this macro manually.
|
||
|
||
grepping for `WIN32` remains useful to discover Windows-specific code.
|
||
|
||
Also:
|
||
|
||
- extend `checksrc` to ensure we're not using `WIN32` anymore.
|
||
|
||
- apply minor formatting here and there.
|
||
|
||
- delete unnecessary checks for `!MSDOS` when `_WIN32` is present.
|
||
|
||
Co-authored-by: Jay Satiro
|
||
Reviewed-by: Daniel Stenberg
|
||
|
||
Closes #12376
|
||
|
||
Stefan Eissing (22 Nov 2023)
|
||
|
||
- url: ConnectionExists revisited
|
||
|
||
- have common pattern of `if not match, continue`
|
||
- revert pages long if()s to return early
|
||
- move dead connection check to later since it may
|
||
be relatively expensive
|
||
- check multiuse also when NOT building with NGHTTP2
|
||
- for MULTIUSE bundles, verify that the inspected
|
||
connection indeed supports multiplexing when in use
|
||
(bundles may contain a mix of connection, afaict)
|
||
|
||
Closes #12373
|
||
|
||
Daniel Stenberg (22 Nov 2023)
|
||
|
||
- CURLMOPT_MAX_CONCURRENT_STREAMS: make sure the set value is within range
|
||
|
||
... or use the default value.
|
||
|
||
Also clarify the documentation language somewhat.
|
||
|
||
Closes #12382
|
||
|
||
- urldata: make maxconnects a 32 bit value
|
||
|
||
"2^32 idle connections ought to be enough for anybody"
|
||
|
||
Closes #12375
|
||
|
||
- FEATURES: update the URL phrasing
|
||
|
||
The URL is length limited since a while back so "no limit" simply is not
|
||
true anymore. Mention the URL RFC standard used instead.
|
||
|
||
Closes #12383
|
||
|
||
- wolfssh: remove redundant static prototypes
|
||
|
||
vssh/wolfssh.c:346:18: error: redundant redeclaration of ‘wscp_recv’ [-We
|
||
rror=redundant-decls]
|
||
|
||
Closes #12381
|
||
|
||
- setopt: remove superfluous use of ternary expressions
|
||
|
||
Closes #12374
|
||
|
||
- mime: store "form escape" as a single bit
|
||
|
||
Closes #12374
|
||
|
||
- setopt: check CURLOPT_TFTP_BLKSIZE range on set
|
||
|
||
... instead of later when the transfer is about to happen.
|
||
|
||
Closes #12374
|
||
|
||
Viktor Szakats (21 Nov 2023)
|
||
|
||
- build: add more picky warnings and fix them
|
||
|
||
Enable more picky compiler warnings. I've found these options in the
|
||
nghttp3 project when implementing the CMake quick picky warning
|
||
functionality for it [1].
|
||
|
||
`-Wunused-macros` was too noisy to keep around, but fixed a few issues
|
||
it revealed while testing.
|
||
|
||
- autotools: reflect the more precisely-versioned clang warnings.
|
||
Follow-up to 033f8e2a08eb1d3102f08c4d8c8e85470f8b460e #12324
|
||
- autotools: sync between clang and gcc the way we set `no-multichar`.
|
||
- autotools: avoid setting `-Wstrict-aliasing=3` twice.
|
||
- autotools: disable `-Wmissing-noreturn` for MSYS gcc targets [2].
|
||
It triggers in libtool-generated stub code.
|
||
|
||
- lib/timeval: delete a redundant `!MSDOS` guard from a `WIN32` branch.
|
||
|
||
- lib/curl_setup.h: delete duplicate declaration for `fileno`.
|
||
Added in initial commit ae1912cb0d494b48d514d937826c9fe83ec96c4d
|
||
(1999-12-29). This suggests this may not be needed anymore, but if
|
||
it does, we may restore this for those specific (non-Windows) systems.
|
||
- lib: delete unused macro `FTP_BUFFER_ALLOCSIZE` since
|
||
c1d6fe2aaa5a26e49a69a4f2495b3cc7a24d9394.
|
||
- lib: delete unused macro `isxdigit_ascii` since
|
||
f65f750742068f579f4ee6d8539ed9d5f0afcb85.
|
||
- lib/mqtt: delete unused macro `MQTT_HEADER_LEN`.
|
||
- lib/multi: delete unused macro `SH_READ`/`SH_WRITE`.
|
||
- lib/hostip: add `noreturn` function attribute via new `CURL_NORETURN`
|
||
macro.
|
||
- lib/mprintf: delete duplicate declaration for `Curl_dyn_vprintf`.
|
||
- lib/rand: fix `-Wunreachable-code` and related fallouts [3].
|
||
- lib/setopt: fix `-Wunreachable-code-break`.
|
||
- lib/system_win32 and lib/timeval: fix double declarations for
|
||
`Curl_freq` and `Curl_isVistaOrGreater` in CMake UNITY mode [4].
|
||
- lib/warnless: fix double declarations in CMake UNITY mode [5].
|
||
This was due to force-disabling the header guard of `warnless.h` to
|
||
to reapply it to source code coming after `warnless.c` in UNITY
|
||
builds. This reapplied declarations too, causing the warnings.
|
||
Solved by adding a header guard for the lines that actually need
|
||
to be reapplied.
|
||
- lib/vauth/digest: fix `-Wunreachable-code-break` [6].
|
||
- lib/vssh/libssh2: fix `-Wunreachable-code-break` and delete redundant
|
||
block.
|
||
- lib/vtls/sectransp: fix `-Wunreachable-code-break` [7].
|
||
- lib/vtls/sectransp: suppress `-Wunreachable-code`.
|
||
Detected in `else` branches of dynamic feature checks, with results
|
||
known at compile-time, e.g.
|
||
```c
|
||
if(SecCertificateCopySubjectSummary) /* -> true */
|
||
```
|
||
Likely fixable as a separate micro-project, but given SecureTransport
|
||
is deprecated anyway, let's just silence these locally.
|
||
- src/tool_help: delete duplicate declaration for `helptext`.
|
||
- src/tool_xattr: fix `-Wunreachable-code`.
|
||
- tests: delete duplicate declaration for `unitfail` [8].
|
||
- tests: delete duplicate declaration for `strncasecompare`.
|
||
- tests/libtest: delete duplicate declaration for `gethostname`.
|
||
Originally added in 687df5c8c39c370a59999b9afc0917d808d978b7
|
||
(2010-08-02).
|
||
Got complicated later: c49e9683b85ba9d12cbb6eebc4ab2c8dba68fbdc
|
||
If there are still systems around with warnings, we may restore the
|
||
prototype, but limited for those systems.
|
||
- tests/lib2305: delete duplicate declaration for
|
||
`libtest_debug_config`.
|
||
- tests/h2-download: fix `-Wunreachable-code-break`.
|
||
|
||
[1] https://github.com/ngtcp2/nghttp3/blob/a70edb08e954d690e8fb2c1df999b5a056
|
||
f8bf9f/cmake/PickyWarningsC.cmake
|
||
[2] https://ci.appveyor.com/project/curlorg/curl/builds/48553586/job/3qkgjaui
|
||
qla5fj45?fullLog=true#L1675
|
||
[3] https://github.com/curl/curl/actions/runs/6880886309/job/18716044703?pr=1
|
||
2331#step:7:72
|
||
https://github.com/curl/curl/actions/runs/6883016087/job/18722707368?pr=1
|
||
2331#step:7:109
|
||
[4] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrr
|
||
iklpf1ut#L204
|
||
[5] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrr
|
||
iklpf1ut#L218
|
||
[6] https://github.com/curl/curl/actions/runs/6880886309/job/18716042927?pr=1
|
||
2331#step:7:290
|
||
[7] https://github.com/curl/curl/actions/runs/6891484996/job/18746659406?pr=1
|
||
2331#step:9:1193
|
||
[8] https://github.com/curl/curl/actions/runs/6882803986/job/18722082562?pr=1
|
||
2331#step:33:1870
|
||
|
||
Closes #12331
|
||
|
||
Daniel Stenberg (21 Nov 2023)
|
||
|
||
- transfer: avoid unreachable expression
|
||
|
||
If curl_off_t and size_t have the same size (which is common on modern
|
||
64 bit systems), a condition cannot occur which Coverity pointed
|
||
out. Avoid the warning by having the code conditionally only used if
|
||
curl_off_t actually is larger.
|
||
|
||
Follow-up to 1cd2f0072fa482e25baa2
|
||
|
||
Closes #12370
|
||
|
||
Stefan Eissing (21 Nov 2023)
|
||
|
||
- transfer: readwrite improvements
|
||
|
||
- changed header/chunk/handler->readwrite prototypes to accept `buf`,
|
||
`blen` and a `pconsumed` pointer. They now get the buffer to work on
|
||
and report back how many bytes they consumed
|
||
- eliminated `k->str` in SingleRequest
|
||
- improved excess data handling to properly calculate with any body data
|
||
left in the headerb buffer
|
||
- eliminated `k->badheader` enum to only be a bool
|
||
|
||
Closes #12283
|
||
|
||
Daniel Stenberg (21 Nov 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Jiří Hruška (21 Nov 2023)
|
||
|
||
- transfer: avoid calling the read callback again after EOF
|
||
|
||
Regression since 7f43f3dc5994d01b12 (7.84.0)
|
||
|
||
Bug: https://curl.se/mail/lib-2023-11/0017.html
|
||
|
||
Closes #12363
|
||
|
||
Daniel Stenberg (21 Nov 2023)
|
||
|
||
- doh: provide better return code for responses w/o addresses
|
||
|
||
Previously it was wrongly returning CURLE_OUT_OF_MEMORY when the
|
||
response did not contain any addresses. Now it more accurately returns
|
||
CURLE_COULDNT_RESOLVE_HOST.
|
||
|
||
Reported-by: lRoccoon on github
|
||
|
||
Fixes #12365
|
||
Closes #12366
|
||
|
||
Stefan Eissing (21 Nov 2023)
|
||
|
||
- HTTP/2, HTTP/3: handle detach of onoing transfers
|
||
|
||
- refs #12356 where a UAF is reported when closing a connection
|
||
with a stream whose easy handle was cleaned up already
|
||
- handle DETACH events same as DONE events in h2/h3 filters
|
||
|
||
Fixes #12356
|
||
Reported-by: Paweł Wegner
|
||
Closes #12364
|
||
|
||
Viktor Szakats (20 Nov 2023)
|
||
|
||
- autotools: stop setting `-std=gnu89` with `--enable-warnings`
|
||
|
||
Do not alter the C standard when building with `--enable-warnings` when
|
||
building with gcc.
|
||
|
||
On one hand this alters warning results compared to a default build.
|
||
On the other, it may produce different binaries, which is unexpected.
|
||
|
||
Also fix new warnings that appeared after removing `-std=gnu89`:
|
||
|
||
- include: fix public curl headers to use the correct printf mask for
|
||
`CURL_FORMAT_CURL_OFF_T` and `CURL_FORMAT_CURL_OFF_TU` with mingw-w64
|
||
and Visual Studio 2013 and newer. This fixes the printf mask warnings
|
||
in examples and tests. E.g. [1]
|
||
|
||
- conncache: fix printf format string [2].
|
||
|
||
- http2: fix potential null pointer dereference [3].
|
||
(seen on Slackware with gcc 11.)
|
||
|
||
- libssh: fix printf format string in SFTP code [4].
|
||
Also make MSVC builds compatible with old CRT versions.
|
||
|
||
- libssh2: fix printf format string in SFTP code for MSVC.
|
||
Applying the same fix as for libssh above.
|
||
|
||
- unit1395: fix `argument is null` and related issues [5]:
|
||
- stop calling `strcmp()` with NULL to avoid undefined behaviour.
|
||
- fix checking results if some of them were NULL.
|
||
- do not pass NULL to printf `%s`.
|
||
|
||
- ci: keep a build job with `-std=gnu89` to continue testing for
|
||
C89-compliance. We can apply this to other gcc jobs as needed.
|
||
Ref: b23ce2cee7329bbf425f18b49973b7a5f23dfcb4 (2022-09-23) #9542
|
||
|
||
[1] https://dev.azure.com/daniel0244/curl/_build/results?buildId=18581&view=l
|
||
ogs&jobId=ccf9cc6d-2ef1-5cf2-2c09-30f0c14f923b
|
||
[2] https://github.com/curl/curl/actions/runs/6896854263/job/18763831142?pr=1
|
||
2346#step:6:67
|
||
[3] https://github.com/curl/curl/actions/runs/6896854253/job/18763839238?pr=1
|
||
2346#step:30:214
|
||
[4] https://github.com/curl/curl/actions/runs/6896854253/job/18763838007?pr=1
|
||
2346#step:29:895
|
||
[5] https://github.com/curl/curl/actions/runs/6896854253/job/18763836775?pr=1
|
||
2346#step:33:1689
|
||
|
||
Closes #12346
|
||
|
||
- autotools: fix/improve gcc and Apple clang version detection
|
||
|
||
- Before this patch we expected `n.n` `-dumpversion` output, but Ubuntu
|
||
may return `n-win32` (also with `-dumpfullversion`). Causing these
|
||
errors and failing to enable picky warnings:
|
||
```
|
||
../configure: line 23845: test: : integer expression expected
|
||
```
|
||
Ref: https://github.com/libssh2/libssh2/actions/runs/6263453828/job/1700789
|
||
3718#step:5:143
|
||
|
||
Fix that by stripping any dash-suffix and handling a dotless (major-only)
|
||
version number by assuming `.0` in that case.
|
||
|
||
`9.3-posix`, `9.3-win32`, `6`, `9.3.0`, `11`, `11.2`, `11.2.0`
|
||
Ref: https://github.com/mamedev/mame/pull/9767
|
||
|
||
- fix Apple clang version detection for releases between
|
||
'Apple LLVM version 7.3.0' and 'Apple LLVM version 10.0.1' where the
|
||
version was under-detected as 3.7 llvm/clang equivalent.
|
||
|
||
- fix Apple clang version detection for 'Apple clang version 11.0.0'
|
||
and newer where the Apple clang version was detected, instead of its
|
||
llvm/clang equivalent.
|
||
|
||
- display detected clang/gcc/icc compiler version.
|
||
|
||
Via libssh2:
|
||
- https://github.com/libssh2/libssh2/commit/00a3b88c51cdb407fbbb347a2e38c5c7d
|
||
89875ad
|
||
https://github.com/libssh2/libssh2/pull/1187
|
||
- https://github.com/libssh2/libssh2/commit/89ccc83c7da73e7ca3a112e3500081319
|
||
42b592e
|
||
https://github.com/libssh2/libssh2/pull/1232
|
||
|
||
Closes #12362
|
||
|
||
- autotools: delete LCC compiler support bits
|
||
|
||
Follow-up to fd7ef00f4305a2919e6950def1cf83d0110a4acd #12222
|
||
|
||
Closes #12357
|
||
|
||
- cmake: add test for `DISABLE` options, add `CURL_DISABLE_HEADERS_API`
|
||
|
||
- tests: verify CMake `DISABLE` options.
|
||
|
||
Make an exception for 2 CMake-only ones, and one more that's
|
||
using a different naming scheme, also in autotools and source.
|
||
|
||
- cmake: add support for `CURL_DISABLE_HEADERS_API`.
|
||
|
||
Suggested-by: Daniel Stenberg
|
||
Ref: https://github.com/curl/curl/pull/12345#pullrequestreview-1736238641
|
||
|
||
Closes #12353
|
||
|
||
Jacob Hoffman-Andrews (20 Nov 2023)
|
||
|
||
- hyper: temporarily remove HTTP/2 support
|
||
|
||
The current design of the Hyper integration requires rebuilding the
|
||
Hyper clientconn for each request. However, building the clientconn
|
||
requires resending the HTTP/2 connection preface, which is incorrect
|
||
from a protocol perspective. That in turn causes servers to send GOAWAY
|
||
frames, effectively degrading performance to "no connection reuse" in
|
||
the best case. It may also be triggering some bugs where requests get
|
||
dropped entirely and reconnects take too long.
|
||
|
||
This doesn't rule out HTTP/2 support with Hyper, but it may take a
|
||
redesign of the Hyper integration in order to make things work.
|
||
|
||
Closes #12191
|
||
|
||
Jay Satiro (20 Nov 2023)
|
||
|
||
- schannel: fix unused variable warning
|
||
|
||
Bug: https://github.com/curl/curl/pull/12349#issuecomment-1818000846
|
||
Reported-by: Viktor Szakats
|
||
|
||
Closes https://github.com/curl/curl/pull/12361
|
||
|
||
Daniel Stenberg (19 Nov 2023)
|
||
|
||
- url: find scheme with a "perfect hash"
|
||
|
||
Instead of a loop to scan over the potentially 30+ scheme names, this
|
||
uses a "perfect hash" table. This works fine because the set of schemes
|
||
is known and cannot change in a build. The hash algorithm and table size
|
||
is made to only make a single scheme index per table entry.
|
||
|
||
The perfect hash is generated by a separate tool (scripts/schemetable.c)
|
||
|
||
Closes #12347
|
||
|
||
- scripts: add schemetable.c
|
||
|
||
This tool generates a scheme-matching table.
|
||
|
||
It iterates over a number of different initial and shift values in order
|
||
to find the hash algorithm that needs the smallest possible table.
|
||
|
||
The generated hash function, table and table size then needs to be used
|
||
by the url.c:Curl_getn_scheme_handler() function.
|
||
|
||
Stefan Eissing (19 Nov 2023)
|
||
|
||
- vtls/vquic, keep peer name information together
|
||
|
||
- add `struct ssl_peer` to keep hostname, dispname and sni
|
||
for a filter
|
||
- allocate `sni` for use in VTLS backend
|
||
- eliminate `Curl_ssl_snihost()` and its use of the download buffer
|
||
- use ssl_peer in SSL and QUIC filters
|
||
|
||
Closes #12349
|
||
|
||
Viktor Szakats (18 Nov 2023)
|
||
|
||
- build: always revert `#pragma GCC diagnostic` after use
|
||
|
||
Before this patch some source files were overriding gcc warning options,
|
||
but without restoring them at the end of the file. In CMake UNITY builds
|
||
these options spilled over to the remainder of the source code,
|
||
effecitvely disabling them for a larger portion of the codebase than
|
||
intended.
|
||
|
||
`#pragma clang diagnostic` didn't have such issue in the codebase.
|
||
|
||
Reviewed-by: Marcel Raad
|
||
Closes #12352
|
||
|
||
- tidy-up: casing typos, delete unused Windows version aliases
|
||
|
||
- cmake: fix casing of `UnixSockets` to match the rest of the codebase.
|
||
|
||
- curl-compilers.m4: fix casing in a comment.
|
||
|
||
- setup-win32: delete unused Windows version constant aliases.
|
||
|
||
Reviewed-by: Marcel Raad
|
||
Closes #12351
|
||
|
||
- keylog: disable if unused
|
||
|
||
Fully disable keylog code if there is no TLS or QUIC subsystem using it.
|
||
|
||
Closes #12350
|
||
|
||
- cmake: add `CURL_DISABLE_BINDLOCAL` option
|
||
|
||
To match similar autotools option.
|
||
|
||
Default is `ON`.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12345
|
||
|
||
- url: fix `-Wzero-length-array` with no protocols
|
||
|
||
Fixes:
|
||
```
|
||
./lib/url.c:178:56: warning: use of an empty initializer is a C2x extension [
|
||
-Wc2x-extensions]
|
||
178 | static const struct Curl_handler * const protocols[] = {
|
||
| ^
|
||
./lib/url.c:178:56: warning: zero size arrays are an extension [-Wzero-length
|
||
-array]
|
||
```
|
||
|
||
Closes #12344
|
||
|
||
- url: fix builds with `CURL_DISABLE_HTTP`
|
||
|
||
Fixes:
|
||
```
|
||
./lib/url.c:456:35: error: no member named 'formp' in 'struct UrlState'
|
||
456 | Curl_mime_cleanpart(data->state.formp);
|
||
| ~~~~~~~~~~~ ^
|
||
```
|
||
|
||
Regression from 74b87a8af13a155c659227f5acfa78243a8b2aa6 #11682
|
||
|
||
Closes #12343
|
||
|
||
- http: fix `-Wunused-parameter` with no auth and no proxy
|
||
|
||
```
|
||
lib/http.c:734:26: warning: unused parameter 'proxy' [-Wunused-parameter]
|
||
bool proxy)
|
||
^
|
||
```
|
||
|
||
Reviewed-by: Marcel Raad
|
||
Closes #12338
|
||
|
||
Daniel Stenberg (16 Nov 2023)
|
||
|
||
- TODO: Some TLS options are not offered for HTTPS proxies
|
||
|
||
Closes #12286
|
||
Closes #12342
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- duphandle: make dupset() not return with pointers to old alloced data
|
||
|
||
As the blob pointers are to be duplicated, the function must not return
|
||
mid-function with lingering pointers to the old handle's allocated data,
|
||
as that would lead to double-free in OOM situations.
|
||
|
||
Make sure to clear all destination pointers first to avoid this risk.
|
||
|
||
Closes #12337
|
||
|
||
Viktor Szakats (16 Nov 2023)
|
||
|
||
- http: fix `-Wunused-variable` compiler warning
|
||
|
||
Fix compiler warnings in builds with disabled auths, NTLM and SPNEGO.
|
||
|
||
E.g. with `CURL_DISABLE_BASIC_AUTH` + `CURL_DISABLE_BEARER_AUTH` +
|
||
`CURL_DISABLE_DIGEST_AUTH` + `CURL_DISABLE_NEGOTIATE_AUTH` +
|
||
`CURL_DISABLE_NTLM` on non-Windows.
|
||
|
||
```
|
||
./curl/lib/http.c:737:12: warning: unused variable 'result' [-Wunused-variabl
|
||
e]
|
||
CURLcode result = CURLE_OK;
|
||
^
|
||
./curl/lib/http.c:995:18: warning: variable 'availp' set but not used [-Wunus
|
||
ed-but-set-variable]
|
||
unsigned long *availp;
|
||
^
|
||
./curl/lib/http.c:996:16: warning: variable 'authp' set but not used [-Wunuse
|
||
d-but-set-variable]
|
||
struct auth *authp;
|
||
^
|
||
```
|
||
|
||
Regression from e92edfbef64448ef461117769881f3ed776dec4e #11490
|
||
|
||
Fixes #12228
|
||
Closes #12335
|
||
|
||
Jay Satiro (16 Nov 2023)
|
||
|
||
- tool: support bold headers in Windows
|
||
|
||
- If virtual terminal processing is enabled in Windows then use ANSI
|
||
escape codes Esc[1m and Esc[22m to turn bold on and off.
|
||
|
||
Suggested-by: Gisle Vanem
|
||
|
||
Ref: https://github.com/curl/curl/discussions/11770
|
||
|
||
Closes https://github.com/curl/curl/pull/12321
|
||
|
||
Viktor Szakats (15 Nov 2023)
|
||
|
||
- build: fix libssh2 + `CURL_DISABLE_DIGEST_AUTH` + `CURL_DISABLE_AWS`
|
||
|
||
Builds with libssh2 + `-DCURL_DISABLE_DIGEST_AUTH=ON` +
|
||
`-DCURL_DISABLE_AWS=ON` in combination with either Schannel on Windows,
|
||
or `-DCURL_DISABLE_NTLM=ON` on other operating systems failed while
|
||
compiling due to a missing HMAC declaration.
|
||
|
||
The reason is that HMAC is required by `lib/sha256.c` which publishes
|
||
`Curl_sha256it()` which is required by `lib/vssh/libssh2.c` when
|
||
building for libssh2 v1.8.2 (2019-05-25) or older.
|
||
|
||
Make sure to compile the HMAC bits for a successful build.
|
||
|
||
Both HMAC and `Curl_sha256it()` rely on the same internals, so splitting
|
||
them into separate sources isn't practical.
|
||
|
||
Fixes:
|
||
```
|
||
[...]
|
||
In file included from ./curl/_x64-win-ucrt-cmake-llvm-bld/lib/CMakeFiles/libc
|
||
url_object.dir/Unity/unity_0_c.c:310:
|
||
./curl/lib/sha256.c:527:42: error: array has incomplete element type 'const s
|
||
truct HMAC_params'
|
||
527 | const struct HMAC_params Curl_HMAC_SHA256[] = {
|
||
| ^
|
||
./curl/lib/curl_sha256.h:34:21: note: forward declaration of 'struct HMAC_par
|
||
ams'
|
||
[...]
|
||
```
|
||
|
||
Regression from e92edfbef64448ef461117769881f3ed776dec4e #11490
|
||
|
||
Fixes #12273
|
||
Closes #12332
|
||
|
||
Daniel Stenberg (15 Nov 2023)
|
||
|
||
- duphandle: also free 'outcurl->cookies' in error path
|
||
|
||
Fixes memory-leak when OOM mid-function
|
||
|
||
Use plain free instead of safefree, since the entire struct is
|
||
freed below.
|
||
|
||
Remove some free calls that is already freed in Curl_freeset()
|
||
|
||
Closes #12329
|
||
|
||
Viktor Szakats (15 Nov 2023)
|
||
|
||
- config-win32: set `HAVE_SNPRINTF` for mingw-w64
|
||
|
||
It's available in all mingw-w64 releases. We already pre-fill this
|
||
detection in CMake.
|
||
|
||
Closes #12325
|
||
|
||
- sasl: fix `-Wunused-function` compiler warning
|
||
|
||
In builds with disabled auths.
|
||
|
||
```
|
||
lib/curl_sasl.c:266:17: warning: unused function 'get_server_message' [-Wunus
|
||
ed-function]
|
||
static CURLcode get_server_message(struct SASL *sasl, struct Curl_easy *data,
|
||
^
|
||
1 warning generated.
|
||
```
|
||
Ref: https://github.com/curl/trurl/actions/runs/6871732122/job/18689066151#st
|
||
ep:3:3822
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12326
|
||
|
||
- build: picky warning updates
|
||
|
||
- cmake: sync some picky gcc warnings with autotools.
|
||
- cmake, autotools: add `-Wold-style-definition` for clang too.
|
||
- cmake: more precise version info for old clang options.
|
||
- cmake: use `IN LISTS` syntax in `foreach()`.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Reviewed-by: Marcel Raad
|
||
Closes #12324
|
||
|
||
Daniel Stenberg (15 Nov 2023)
|
||
|
||
- urldata: move cookielist from UserDefined to UrlState
|
||
|
||
1. Because the value is not strictly set with a setopt option.
|
||
|
||
2. Because otherwise when duping a handle when all the set.* fields are
|
||
first copied and an error happens (think out of memory mid-function),
|
||
the function would easily free the list *before* it was deep-copied,
|
||
which could lead to a double-free.
|
||
|
||
Closes #12323
|
||
|
||
Viktor Szakats (14 Nov 2023)
|
||
|
||
- autotools: avoid passing `LDFLAGS` twice to libcurl
|
||
|
||
autotools passes `LDFLAGS` automatically linker commands. curl's
|
||
`lib/Makefile.am` customizes libcurl linker flags. In that
|
||
customization, it added `LDFLAGS` to the custom flags. This resulted in
|
||
passing `LDFLAGS` _twice_ to the `libtool` command.
|
||
|
||
Most of the time this is benign, but some `LDFLAGS` options can break
|
||
the build when passed twice. One such example is passing `.o` files,
|
||
e.g. `crt*.o` files necessary when customizing the C runtime, e.g. for
|
||
MUSL builds.
|
||
|
||
Passing them twice resulted in duplicate symbol errors:
|
||
```
|
||
libtool: link: clang-15 --target=aarch64-unknown-linux-musl [...] /usr/lib/a
|
||
arch64-linux-musl/crt1.o [...] /usr/lib/aarch64-linux-musl/crt1.o [...]
|
||
ld.lld-15: error: duplicate symbol: _start
|
||
>>> defined at crt1.c
|
||
>>> /usr/lib/aarch64-linux-musl/crt1.o:(.text+0x0)
|
||
>>> defined at crt1.c
|
||
>>> /usr/lib/aarch64-linux-musl/crt1.o:(.text+0x0)
|
||
[...]
|
||
clang: error: linker command failed with exit code 1 (use -v to see invocatio
|
||
n)
|
||
```
|
||
|
||
This behaviour came with commit 1a593191c2769a47b8c3e4d9715ec9f6dddf5e36
|
||
(2013-07-23) as a fix for bug https://curl.haxx.se/bug/view.cgi?id=1217.
|
||
The patch was a works-for-me hack that ended up merged in curl:
|
||
https://sourceforge.net/p/curl/bugs/1217/#06ef
|
||
With the root cause remaining unclear.
|
||
|
||
Perhaps the SUNPro 12 linker was sensitive to `-L` `-l` order, requiring
|
||
`-L` first? This would be unusual and suggests a bug in either the
|
||
linker or in `libtool`.
|
||
|
||
The curl build does pass the list of detected libs via its own
|
||
`LIBCURL_LIBS` variable, which ends up before `LDFLAGS` on the `libtool`
|
||
command line, but it's the job of `libtool` to ensure that even
|
||
a peculiar linker gets the options in the expected order. Also because
|
||
autotools passes `LDFLAGS` last, making it hardly possible to pass
|
||
anything after it.
|
||
|
||
Perhaps in the 10 years since this issue, this already got a fix
|
||
upstream.
|
||
|
||
This patch deletes `LDFLAGS` from our customized libcurl options,
|
||
leaving a single copy of them as passed by autotools automatically.
|
||
|
||
Reverts 1a593191c2769a47b8c3e4d9715ec9f6dddf5e36
|
||
Closes #12310
|
||
|
||
- autotools: accept linker flags via `CURL_LDFLAGS_{LIB,BIN}`
|
||
|
||
To allow passing `LDFLAGS` specific to libcurl (`CURL_LDFLAGS_LIB`) and
|
||
curl tool (`CURL_LDFLAGS_BIN`).
|
||
|
||
This makes it possible to build libcurl and curl with a single
|
||
invocation with lib- and tool-specific custom linker flags.
|
||
|
||
Such flag can be enabling `.map` files, a `.def` file for libcurl DLL,
|
||
controlling static/shared, incl. requesting a static curl tool (with
|
||
`-static-libtool-libs`) while building both shared and static libcurl.
|
||
|
||
curl-for-win uses the above and some more.
|
||
|
||
These options are already supported in `Makefile.mk`. CMake has built-in
|
||
variables for this.
|
||
|
||
Closes #12312
|
||
|
||
Jay Satiro (14 Nov 2023)
|
||
|
||
- tool_cb_hdr: add an additional parsing check
|
||
|
||
- Don't dereference the past-the-end element when parsing the server's
|
||
Content-disposition header.
|
||
|
||
As 'p' is advanced it can point to the past-the-end element and prior
|
||
to this change 'p' could be dereferenced in that case.
|
||
|
||
Technically the past-the-end element is not out of bounds because dynbuf
|
||
(which manages the header line) automatically adds a null terminator to
|
||
every buffer and that is not included in the buffer length passed to
|
||
the header callback.
|
||
|
||
Closes https://github.com/curl/curl/pull/12320
|
||
|
||
Philip Heiduck (14 Nov 2023)
|
||
|
||
- .cirrus.yml: freebsd 14
|
||
|
||
ensure curl works on latest freebsd version
|
||
|
||
Closes #12053
|
||
|
||
Daniel Stenberg (13 Nov 2023)
|
||
|
||
- easy: in duphandle, init the cookies for the new handle
|
||
|
||
... not the source handle.
|
||
|
||
Closes #12318
|
||
|
||
- duphandle: use strdup to clone *COPYPOSTFIELDS if size is not set
|
||
|
||
Previously it would unconditionally use the size, which is set to -1
|
||
when strlen is requested.
|
||
|
||
Updated test 544 to verify.
|
||
|
||
Closes #12317
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- curl_easy_duphandle.3: clarify how HSTS and alt-svc are duped
|
||
|
||
Closes #12315
|
||
|
||
- urldata: move hstslist from 'set' to 'state'
|
||
|
||
To make it work properly with curl_easy_duphandle(). This, because
|
||
duphandle duplicates the entire 'UserDefined' struct by plain copy while
|
||
'hstslist' is a linked curl_list of file names. This would lead to a
|
||
double-free when the second of the two involved easy handles were
|
||
closed.
|
||
|
||
Closes #12315
|
||
|
||
- test1900: verify duphandle with HSTS using multiple files
|
||
|
||
Closes #12315
|
||
|
||
Goro FUJI (13 Nov 2023)
|
||
|
||
- http: allow longer HTTP/2 request method names
|
||
|
||
- Increase the maximum request method name length from 11 to 23.
|
||
|
||
For HTTP/1.1 and earlier there's not a specific limit in libcurl for
|
||
method length except that it is limited by the initial HTTP request
|
||
limit (DYN_HTTP_REQUEST). Prior to fc2f1e54 HTTP/2 was treated the same
|
||
and there was no specific limit.
|
||
|
||
According to Internet Assigned Numbers Authority (IANA) the longest
|
||
registered method is UPDATEREDIRECTREF which is 17 characters.
|
||
|
||
Also there are unregistered methods used by some companies that are
|
||
longer than 11 characters.
|
||
|
||
The limit was originally added by 61f52a97 but not used until fc2f1e54.
|
||
|
||
Ref: https://www.iana.org/assignments/http-methods/http-methods.xhtml
|
||
|
||
Closes https://github.com/curl/curl/pull/12311
|
||
|
||
Jay Satiro (12 Nov 2023)
|
||
|
||
- CURLOPT_CAINFO_BLOB.3: explain what CURL_BLOB_COPY does
|
||
|
||
- Add an explanation of the CURL_BLOB_COPY flag to CURLOPT_CAINFO_BLOB
|
||
and CURLOPT_PROXY_CAINFO_BLOB docs.
|
||
|
||
All the other _BLOB option docs already have the same explanation.
|
||
|
||
Closes https://github.com/curl/curl/pull/12277
|
||
|
||
Viktor Szakats (11 Nov 2023)
|
||
|
||
- tidy-up: dedupe Windows system libs in cmake
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12307
|
||
|
||
Junho Choi (11 Nov 2023)
|
||
|
||
- ci: test with latest quiche release (0.19.0)
|
||
|
||
Closes #12180
|
||
|
||
- quiche: use quiche_conn_peer_transport_params()
|
||
|
||
In recent quiche, transport parameter API is separated
|
||
with quiche_conn_peer_transport_params().
|
||
(https://github.com/cloudflare/quiche/pull/1575)
|
||
It breaks with bulding with latest(post 0.18.0) quiche.
|
||
|
||
Closes #12180
|
||
|
||
Daniel Stenberg (11 Nov 2023)
|
||
|
||
- Makefile: generate the VC 14.20 project files at dist-time
|
||
|
||
Follow-up to 28287092cc5a6d6ef8 (#12282)
|
||
|
||
Closes #12290
|
||
|
||
Sam James (11 Nov 2023)
|
||
|
||
- misc: fix -Walloc-size warnings
|
||
|
||
GCC 14 introduces a new -Walloc-size included in -Wextra which gives:
|
||
|
||
```
|
||
src/tool_operate.c: In function ‘add_per_transfer’:
|
||
src/tool_operate.c:213:5: warning: allocation of insufficient size ‘1’ fo
|
||
r type ‘struct per_transfer’ with size ‘480’ [-Walloc-size]
|
||
213 | p = calloc(sizeof(struct per_transfer), 1);
|
||
| ^
|
||
src/var.c: In function ‘addvariable’:
|
||
src/var.c:361:5: warning: allocation of insufficient size ‘1’ for type <20><>
|
||
<20>struct var’ with size ‘32’ [-Walloc-size]
|
||
361 | p = calloc(sizeof(struct var), 1);
|
||
| ^
|
||
```
|
||
|
||
The calloc prototype is:
|
||
```
|
||
void *calloc(size_t nmemb, size_t size);
|
||
```
|
||
|
||
So, just swap the number of members and size arguments to match the
|
||
prototype, as we're initialising 1 struct of size `sizeof(struct
|
||
...)`. GCC then sees we're not doing anything wrong.
|
||
|
||
Closes #12292
|
||
|
||
Mark Gaiser (11 Nov 2023)
|
||
|
||
- IPFS: bugfixes
|
||
|
||
- Fixed endianness bug in gateway file parsing
|
||
- Use IPFS_PATH in tests where IPFS_DATA was used
|
||
- Fixed typos from traling -> trailing
|
||
- Fixed broken link in IPFS.md
|
||
|
||
Follow-up to 859e88f6533f9e
|
||
|
||
Reported-by: Michael Kaufmann
|
||
Bug: https://github.com/curl/curl/pull/12152#issuecomment-1798214137
|
||
Closes #12305
|
||
|
||
Daniel Stenberg (11 Nov 2023)
|
||
|
||
- VULN-DISCLOSURE-POLIC: remove broken link to hackerone
|
||
|
||
It should ideally soon not be done from hackerone anyway
|
||
|
||
Closes #12308
|
||
|
||
Andrew Kurushin (11 Nov 2023)
|
||
|
||
- schannel: add CA cache support for files and memory blobs
|
||
|
||
- Support CA bundle and blob caching.
|
||
|
||
Cache timeout is 24 hours or can be set via CURLOPT_CA_CACHE_TIMEOUT.
|
||
|
||
Closes https://github.com/curl/curl/pull/12261
|
||
|
||
Daniel Stenberg (10 Nov 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Charlie C (10 Nov 2023)
|
||
|
||
- cmake: option to disable install & drop `curlu` target when unused
|
||
|
||
This patch makes the following changes:
|
||
- adds the option `CURL_DISABLE_INSTALL` - to disable 'install' targets.
|
||
- Removes the target `curlu` when the option `BUILD_TESTING` is set to
|
||
`OFF` - to prevent it from being loaded in Visual Studio.
|
||
|
||
Closes #12287
|
||
|
||
Kai Pastor (10 Nov 2023)
|
||
|
||
- cmake: fix multiple include of CURL package
|
||
|
||
Fixes errors on second `find_package(CURL)`. This is a frequent case
|
||
with transitive dependencies:
|
||
```
|
||
CMake Error at ...:
|
||
add_library cannot create ALIAS target "CURL::libcurl" because another
|
||
target with the same name already exists.
|
||
```
|
||
|
||
Test to reproduce:
|
||
```cmake
|
||
cmake_minimum_required(VERSION 3.27) # must be 3.18 or higher
|
||
|
||
project(curl)
|
||
|
||
set(CURL_DIR "example/lib/cmake/CURL/")
|
||
find_package(CURL CONFIG REQUIRED)
|
||
find_package(CURL CONFIG REQUIRED) # fails
|
||
|
||
add_executable(main main.c)
|
||
target_link_libraries(main CURL::libcurl)
|
||
```
|
||
|
||
Ref: https://cmake.org/cmake/help/latest/release/3.18.html#other-changes
|
||
Ref: https://cmake.org/cmake/help/v3.18/policy/CMP0107.html
|
||
Ref: #12300
|
||
Assisted-by: Harry Mallon
|
||
Closes #11913
|
||
|
||
Viktor Szakats (8 Nov 2023)
|
||
|
||
- tidy-up: use `OPENSSL_VERSION_NUMBER`
|
||
|
||
Uniformly use `OPENSSL_VERSION_NUMBER` to check for OpenSSL version.
|
||
Before this patch some places used `OPENSSL_VERSION_MAJOR`.
|
||
|
||
Also fix `lib/md4.c`, which included `opensslconf.h`, but that doesn't
|
||
define any version number in these implementations: BoringSSL, AWS-LC,
|
||
LibreSSL, wolfSSL. (Only in mainline OpenSSL/quictls). Switch that to
|
||
`opensslv.h`. This wasn't causing a deeper problem because the code is
|
||
looking for v3, which is only provided by OpenSSL/quictls as of now.
|
||
|
||
According to https://github.com/openssl/openssl/issues/17517, the macro
|
||
`OPENSSL_VERSION_NUMBER` is safe to use and not deprecated.
|
||
|
||
Reviewed-by: Marcel Raad
|
||
Closes #12298
|
||
|
||
Daniel Stenberg (8 Nov 2023)
|
||
|
||
- resolve.d: drop a multi use-sentence
|
||
|
||
Since the `multi:` keyword adds that message.
|
||
|
||
Reported-by: 積丹尼 Dan Jacobson
|
||
Fixes https://github.com/curl/curl/discussions/12294
|
||
Closes #12295
|
||
|
||
- content_encoding: make Curl_all_content_encodings allocless
|
||
|
||
- Fixes a memory leak pointed out by Coverity
|
||
- Also found by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?
|
||
id=63947
|
||
- Avoids unncessary allocations
|
||
|
||
Follow-up ad051e1cbec68b2456a22661b
|
||
|
||
Closes #12289
|
||
|
||
Michael Kaufmann (7 Nov 2023)
|
||
|
||
- vtls: use ALPN "http/1.1" for HTTP/1.x, including HTTP/1.0
|
||
|
||
Some servers don't support the ALPN protocol "http/1.0" (e.g. IIS 10),
|
||
avoid it and use "http/1.1" instead.
|
||
|
||
This reverts commit df856cb5c9 (#10183).
|
||
|
||
Fixes #12259
|
||
Closes #12285
|
||
|
||
Daniel Stenberg (7 Nov 2023)
|
||
|
||
- Makefile.am: drop vc10, vc11 and vc12 projects from dist
|
||
|
||
They are end of life products. Support for generating them remain in the
|
||
repo for a while but this change drops them from distribution.
|
||
|
||
Closes #12288
|
||
|
||
David Suter (7 Nov 2023)
|
||
|
||
- projects: add VC14.20 project files
|
||
|
||
Windows projects included VC14, VC14.10, VC14.30 but not VC14.20.
|
||
OpenSSL and Wolf SSL scripts mention VC14.20 so I don't see a reason why
|
||
this is missing. Updated the templates to produce a VC14.20 project.
|
||
Project opens in Visual Studio 2019 as expected.
|
||
|
||
Closes #12282
|
||
|
||
Daniel Stenberg (7 Nov 2023)
|
||
|
||
- curl: move IPFS code into src/tool_ipfs.[ch]
|
||
|
||
- convert ensure_trailing into ensure_trailing_slash
|
||
- strdup the URL string to own it proper
|
||
- use shorter variable names
|
||
- combine some expressions
|
||
- simplify error handling in ipfs_gateway()
|
||
- add MAX_GATEWAY_URL_LEN + proper bailout if maximum is reached
|
||
- ipfs-gateway.d polish and simplification
|
||
- shorten ipfs error message + make them "synthetic"
|
||
|
||
Closes #12281
|
||
|
||
Viktor Szakats (6 Nov 2023)
|
||
|
||
- build: delete support bits for obsolete Windows compilers
|
||
|
||
- Pelles C: Unclear status, failed to obtain a fresh copy a few months
|
||
ago. Possible website is HTTP-only. ~10 years ago I left this compiler
|
||
dealing with crashes and other issues with no response on the forum
|
||
for years. It has seen some activity in curl back in 2021.
|
||
- LCC: Last stable release in September 2002.
|
||
- Salford C: Misses winsock2 support, possibly abandoned? Last mentioned
|
||
in 2006.
|
||
- Borland C++: We dropped Borland C++ support in 2018.
|
||
- MS Visual C++ 6.0: Released in 1998. curl already requires VS 2010
|
||
(or possibly 2008) as a minimum.
|
||
|
||
Closes #12222
|
||
|
||
- build: delete `HAVE_STDINT_H` and `HAVE_INTTYPES_H`
|
||
|
||
We use `stdint.h` unconditionally in all places except one. These uses
|
||
are imposed by external dependencies / features. nghttp2, quic, wolfSSL
|
||
and `HAVE_MACH_ABSOLUTE_TIME` do require this C99 header. It means that
|
||
any of these features make curl require a C99 compiler. (In case of
|
||
MSVC, this means Visual Studio 2010 or newer.)
|
||
|
||
This patch changes the single use of `stdint.h` guarded by
|
||
`HAVE_STDINT_H` to use `stdint.h` unconditionally. Also stop using
|
||
`inttypes.h` as an alternative there. `HAVE_INTTYPES_H` wasn't used
|
||
anywhere else, allowing to delete this feature check as well.
|
||
|
||
Closes #12275
|
||
|
||
Daniel Stenberg (6 Nov 2023)
|
||
|
||
- tool_operate: do not mix memory models
|
||
|
||
Make sure 'inputpath' only points to memory allocated by libcurl so that
|
||
curl_free works correctly.
|
||
|
||
Pointed out by Coverity
|
||
|
||
Follow-up to 859e88f6533f9e1f890
|
||
|
||
Closes #12280
|
||
|
||
Stefan Eissing (6 Nov 2023)
|
||
|
||
- lib: client writer, part 2, accounting + logging
|
||
|
||
This PR has these changes:
|
||
|
||
Renaming of unencode_* to cwriter, e.g. client writers
|
||
- documentation of sendf.h functions
|
||
- move max decode stack checks back to content_encoding.c
|
||
- define writer phase which was used as order before
|
||
- introduce phases for monitoring inbetween decode phases
|
||
- offering default implementations for init/write/close
|
||
|
||
Add type paramter to client writer's do_write()
|
||
- always pass all writes through the writer stack
|
||
- writers who only care about BODY data will pass other writes unchanged
|
||
|
||
add RAW and PROTOCOL client writers
|
||
- RAW used for Curl_debug() logging of CURLINFO_DATA_IN
|
||
- PROTOCOL used for updates to data->req.bytecount, max_filesize checks and
|
||
Curl_pgrsSetDownloadCounter()
|
||
- remove all updates of data->req.bytecount and calls to
|
||
Curl_pgrsSetDownloadCounter() and Curl_debug() from other code
|
||
- adjust test457 expected output to no longer see the excess write
|
||
|
||
Closes #12184
|
||
|
||
Daniel Stenberg (6 Nov 2023)
|
||
|
||
- VULN-DISCLOSURE-POLICY: escape sequences are not a security flaw
|
||
|
||
Closes #12278
|
||
|
||
Viktor Szakats (6 Nov 2023)
|
||
|
||
- rand: fix build error with autotools + LibreSSL
|
||
|
||
autotools unexpectedly detects `arc4random` because it is also looking
|
||
into dependency libs. One dependency, LibreSSL, happens to publish an
|
||
`arc4random` function (via its shared lib before v3.7, also via static
|
||
lib as of v3.8.2). When trying to use this function in `lib/rand.c`,
|
||
its protoype is missing. To fix that, curl included a prototype, but
|
||
that used a C99 type without including `stdint.h`, causing:
|
||
|
||
```
|
||
../../lib/rand.c:37:1: error: unknown type name 'uint32_t'
|
||
37 | uint32_t arc4random(void);
|
||
| ^
|
||
1 error generated.
|
||
```
|
||
|
||
This patch improves this by dropping the local prototype and instead
|
||
limiting `arc4random` use for non-OpenSSL builds. OpenSSL builds provide
|
||
their own random source anyway.
|
||
|
||
The better fix would be to teach autotools to not link dependency libs
|
||
while detecting `arc4random`.
|
||
|
||
LibreSSL publishing a non-namespaced `arc4random` tracked here:
|
||
https://github.com/libressl/portable/issues/928
|
||
|
||
Regression from 755ddbe901cd0c921fbc3ac5b3775c0dc683bc73 #10672
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Fixes #12257
|
||
Closes #12274
|
||
|
||
Daniel Stenberg (5 Nov 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- strdup: do Curl_strndup without strncpy
|
||
|
||
To avoid (false positive) gcc-13 compiler warnings.
|
||
|
||
Follow-up to 4855debd8a2c1cb
|
||
|
||
Assisted-by: Jay Satiro
|
||
Reported-by: Viktor Szakats
|
||
Fixes #12258
|
||
|
||
Enno Boland (5 Nov 2023)
|
||
|
||
- HTTP: fix empty-body warning
|
||
|
||
This change fixes a compiler warning with gcc-12.2.0 when
|
||
`-DCURL_DISABLE_BEARER_AUTH=ON` is used.
|
||
|
||
/home/tox/src/curl/lib/http.c: In function 'Curl_http_input_auth':
|
||
/home/tox/src/curl/lib/http.c:1147:12: warning: suggest braces around emp
|
||
ty body in an 'else' statement [-Wempty-body]
|
||
1147 | ;
|
||
| ^
|
||
|
||
Closes #12262
|
||
|
||
Daniel Stenberg (5 Nov 2023)
|
||
|
||
- openssl: identify the "quictls" backend correctly
|
||
|
||
Since vanilla OpenSSL does not support the QUIC API I think it helps
|
||
users to identify the correct OpenSSL fork in version output. The best
|
||
(crude) way to do that right now seems to be to check if ngtcp2 support
|
||
is enabled.
|
||
|
||
Closes #12270
|
||
|
||
Mark Gaiser (5 Nov 2023)
|
||
|
||
- curl: improved IPFS and IPNS URL support
|
||
|
||
Previously just ipfs://<cid> and ipns://<cid> was supported, which is
|
||
too strict for some usecases.
|
||
|
||
This patch allows paths and query arguments to be used too.
|
||
Making this work according to normal http semantics:
|
||
|
||
ipfs://<cid>/foo/bar?key=val
|
||
ipns://<cid>/foo/bar?key=val
|
||
|
||
The gateway url support is changed.
|
||
It now only supports gateways in the form of:
|
||
|
||
http://<gateway>/foo/bar
|
||
http://<gateway>
|
||
|
||
Query arguments here are explicitly not allowed and trigger an intended
|
||
malformed url error.
|
||
|
||
There also was a crash when IPFS_PATH was set with a non trailing
|
||
forward slash. This has been fixed.
|
||
|
||
Lastly, a load of test cases have been added to verify the above.
|
||
|
||
Reported-by: Steven Allen
|
||
Fixes #12148
|
||
Closes #12152
|
||
|
||
Harry Mallon (5 Nov 2023)
|
||
|
||
- docs: KNOWN_BUGS cleanup
|
||
|
||
* Remove other mention of hyper memory-leaks from `KNOWN_BUGS`.
|
||
Should have been removed in 629723ecf22a8eae78d64cceec2f3bdae703ec95
|
||
|
||
* Remove mention of aws-sigv4 sort query string from `KNOWN_BUGS`.
|
||
Fixed in #11806
|
||
|
||
* Remove mention of aws-sigv4 query empty value problems
|
||
|
||
* Remove mention of aws-sigv4 missing amz-content-sha256
|
||
Fixed in #9995
|
||
|
||
- http_aws_sigv4: canonicalise valueless query params
|
||
|
||
Fixes #8107
|
||
Closes #12244
|
||
|
||
Michael Kaufmann (4 Nov 2023)
|
||
|
||
- docs: preserve the modification date when copying the prebuilt man page
|
||
|
||
The previously built man page "curl.1" must be copied with the original
|
||
modification date, otherwise the man page is never updated.
|
||
|
||
This fixes a bug that has been introduced with commit 2568441cab.
|
||
|
||
Reviewed-by: Dan Fandrich
|
||
Reviewed-by: Daniel Stenberg
|
||
|
||
Closes #12199
|
||
|
||
Daniel Stenberg (4 Nov 2023)
|
||
|
||
- docs: remove bold from some man page SYNOPSIS sections
|
||
|
||
In the name of consistency
|
||
|
||
Closes #12267
|
||
|
||
- openssl: two multi pointer checks should probably rather be asserts
|
||
|
||
... so add the asserts now and consider removing the dynamic checks in a
|
||
future.
|
||
|
||
Ref: #12261
|
||
Closes #12264
|
||
|
||
boilingoden (4 Nov 2023)
|
||
|
||
- docs: add supported version for the json write-out
|
||
|
||
xref: https://curl.se/changes.html#7_70_0
|
||
|
||
Closes #12266
|
||
|
||
Viktor Szakats (3 Nov 2023)
|
||
|
||
- appveyor: make VS2008-built curl tool runnable
|
||
|
||
By linking the CRT statically. This avoids the error about missing
|
||
runtime DLL `MSVCR90.dll` when running the freshly built `curl.exe`.
|
||
|
||
Closes #12263
|
||
|
||
Stefan Eissing (3 Nov 2023)
|
||
|
||
- url: proxy ssl connection reuse fix
|
||
|
||
- tunnel https proxy used for http: transfers does
|
||
no check if proxy-ssl configuration matches
|
||
- test cases added, test_10_12 fails on 8.4.0
|
||
|
||
Closes #12255
|
||
|
||
Jay Satiro (3 Nov 2023)
|
||
|
||
- curl_sspi: support more revocation error names in error messages
|
||
|
||
- Add these revocation errors to sspi error list:
|
||
CRYPT_E_NO_REVOCATION_DLL, CRYPT_E_NO_REVOCATION_CHECK,
|
||
CRYPT_E_REVOCATION_OFFLINE and CRYPT_E_NOT_IN_REVOCATION_DATABASE.
|
||
|
||
Prior to this change those error codes were not matched to their macro
|
||
name and instead shown as "unknown error".
|
||
|
||
Before:
|
||
|
||
schannel: next InitializeSecurityContext failed:
|
||
Unknown error (0x80092013) - The revocation function was
|
||
unable to check revocation because the revocation server was offline.
|
||
|
||
After:
|
||
|
||
schannel: next InitializeSecurityContext failed:
|
||
CRYPT_E_REVOCATION_OFFLINE (0x80092013) - The revocation function was
|
||
unable to check revocation because the revocation server was offline.
|
||
|
||
Bug: https://github.com/curl/curl/issues/12239
|
||
Reported-by: Niracler Li
|
||
|
||
Closes https://github.com/curl/curl/pull/12241
|
||
|
||
- strdup: don't allow Curl_strndup to read past a null terminator
|
||
|
||
- Use malloc + strncpy instead of Curl_memdup to dupe the string before
|
||
null terminating it.
|
||
|
||
Prior to this change if Curl_strndup was passed a length longer than
|
||
the allocated string then it could copy out of bounds.
|
||
|
||
This change is for posterity. Curl_strndup was added in the parent
|
||
commit and currently none of the calls to it pass a length that would
|
||
cause it to read past the allocated length of the input.
|
||
|
||
Follow-up to d3b3ba35.
|
||
|
||
Closes https://github.com/curl/curl/pull/12254
|
||
|
||
Daniel Stenberg (2 Nov 2023)
|
||
|
||
- lib: add and use Curl_strndup()
|
||
|
||
The Curl_strndup() function is similar to memdup(), but copies 'n' bytes
|
||
then adds a terminating null byte ('\0').
|
||
|
||
Closes #12251
|
||
|
||
- CURPOST_POSTFIELDS.3: add CURLOPT_COPYPOSTFIELDS in SEE ALSO
|
||
|
||
Stefan Eissing (2 Nov 2023)
|
||
|
||
- pytest: use lower count in repeat tests
|
||
|
||
- lower large iteration counts in some tests somewhat for
|
||
the same coverage with less duration
|
||
|
||
Closes #12248
|
||
|
||
Daniel Stenberg (2 Nov 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- docs: clarify that curl passes on input unfiltered
|
||
|
||
... for several options.
|
||
|
||
Reported-by: Ophir Lojkine
|
||
|
||
Closes #12249
|
||
|
||
- urlapi: when URL encoding the fragment, pass in the right length
|
||
|
||
A benign bug because it would only add an extra null terminator.
|
||
|
||
Made lib1560 get a test that runs this code.
|
||
|
||
Closes #12250
|
||
|
||
Stefan Eissing (2 Nov 2023)
|
||
|
||
- vtls: late clone of connection ssl config
|
||
|
||
- perform connection cache matching against `data->set.ssl.primary`
|
||
and proxy counterpart
|
||
- fully clone connection ssl config only when connection is used
|
||
|
||
Closes #12237
|
||
|
||
- msh3: error when built with CURL_DISABLE_SOCKETPAIR set
|
||
|
||
Reported-by: Gisle Vanem
|
||
Closes #12252
|
||
Fixes #12213
|
||
|
||
Daniel Stenberg (2 Nov 2023)
|
||
|
||
- hsts: skip single-dot hostname
|
||
|
||
Reported-by: Maksymilian Arciemowicz
|
||
|
||
Closes #12247
|
||
|
||
- vtls: fix build without proxy
|
||
|
||
Follow-up to bf0e278a3c54bc7fee7360da17c
|
||
|
||
closes #12243
|
||
|
||
- docs/example/keepalive.c: show TCP keep-alive options
|
||
|
||
Closes #12242
|
||
|
||
- lib1560: verify appending blank URL encoded query string
|
||
|
||
- urlapi: skip appending NULL pointer query
|
||
|
||
Reported-by: kirbyn17 on hackerone
|
||
|
||
Closes #12240
|
||
|
||
- lib1560: verify setting host to "" with and without URL encode
|
||
|
||
- urlapi: avoid null deref if setting blank host to url encode
|
||
|
||
Reported-by: kirbyn17 on hackerone
|
||
|
||
Closes #12240
|
||
|
||
- dynbuf: assert for NULL pointer inputs
|
||
|
||
Help us catch more mistakes.
|
||
|
||
Closes #12238
|
||
|
||
- HTTP3: ngtcp2 builds are no longer experimental
|
||
|
||
The other HTTP/3 backends are still experimental.
|
||
|
||
Closes #12235
|
||
|
||
Stefan Eissing (31 Oct 2023)
|
||
|
||
- vtls: cleanup SSL config management
|
||
|
||
- remove `Curl_ssl_get_config()`, no longer needed
|
||
|
||
Closes #12204
|
||
|
||
Daniel Stenberg (31 Oct 2023)
|
||
|
||
- libcurl-thread.3: simplify the TLS section
|
||
|
||
All TLS libraries curl can use are threadsafe since OpenSSL 1.1.x, August
|
||
2016.
|
||
|
||
Closes #12233
|
||
|
||
- configure: better --disable-http
|
||
|
||
- disable HTTPS-proxy as well, since it can't work without HTTP
|
||
|
||
- curl_setup: when HTTP is disabled, also disable all features that are
|
||
HTTP-only
|
||
|
||
- version: HTTPS-proxy only exists if HTTP support exists
|
||
|
||
Closes #12223
|
||
|
||
- http: consider resume with CURLOPT_FAILONERRROR and 416 to be fine
|
||
|
||
Finding a 'Content-Range:' in the response changed the handling.
|
||
|
||
Add test case 1475 to verify -C - with 416 and Content-Range: header,
|
||
which is almost exactly like test 194 which instead uses a fixed -C
|
||
offset. Adjusted test 194 to also be considered fine.
|
||
|
||
Fixes #10521
|
||
Reported-by: Smackd0wn
|
||
Fixes #12174
|
||
Reported-by: Anubhav Rai
|
||
Closes #12176
|
||
|
||
Stefan Eissing (30 Oct 2023)
|
||
|
||
- GHA: fix checkout of quictls repository to use correct branch name
|
||
|
||
Follow-up to c868b0e30f10cd0ac7
|
||
|
||
Closes #12232
|
||
|
||
Daniel Stenberg (30 Oct 2023)
|
||
|
||
- docs/example/localport.c: show off CURLOPT_LOCALPORT
|
||
|
||
Closes #12230
|
||
|
||
- docs/examples/interface.c: show CURLOPT_INTERFACE use
|
||
|
||
Although super simple.
|
||
|
||
Closes #12229
|
||
|
||
Viktor Szakats (30 Oct 2023)
|
||
|
||
- build: fix compiler warning with auths disabled
|
||
|
||
```
|
||
./curl/lib/http.c:979:12: warning: unused function 'is_valid_auth_separator'
|
||
[-Wunused-function]
|
||
static int is_valid_auth_separator(char ch)
|
||
^
|
||
5 warnings generated.
|
||
```
|
||
|
||
Follow-up to e92edfbef64448ef461117769881f3ed776dec4e #11490
|
||
|
||
Closes #12227
|
||
|
||
- build: require Windows XP or newer
|
||
|
||
After this patch we assume availability of `getaddrinfo` and
|
||
`freeaddrinfo`, first introduced in Windows XP. Meaning curl
|
||
now requires building for Windows XP as a minimum.
|
||
|
||
TODO: assume these also in autotools.
|
||
|
||
Ref: https://github.com/curl/curl/pull/12221#issuecomment-1783761806
|
||
Closes #12225
|
||
|
||
- appveyor: bump one job to OpenSSL 3.1 (was 1.1.1)
|
||
|
||
Use 3.1 with the modern runner image.
|
||
|
||
We still use 1.1.1 in 8 jobs.
|
||
|
||
1.1.1 is EOL since 2023-09-11:
|
||
https://www.openssl.org/blog/blog/2023/03/28/1.1.1-EOL/
|
||
|
||
Also:
|
||
- add missing SSL-backend to job descriptions.
|
||
- tidy up CPU in job descriptions.
|
||
|
||
Closes #12226
|
||
|
||
Daniel Stenberg (30 Oct 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- GHA: bump ngtcp2, nghttp3, nghttp2 and quictls versions
|
||
|
||
ngtcp2 1.0.1
|
||
nghttp3 1.0.0
|
||
nghttp2 1.58.0
|
||
quictls 3.1.4+quic
|
||
|
||
also sync HTTP3.md with these changes
|
||
|
||
Closes #12132
|
||
|
||
Kareem (29 Oct 2023)
|
||
|
||
- wolfssl: add default case for wolfssl_connect_step1 switch
|
||
|
||
Closes #12218
|
||
|
||
Jay Satiro (29 Oct 2023)
|
||
|
||
- curl_setup: disallow Windows IPv6 builds missing getaddrinfo
|
||
|
||
- On Windows if IPv6 is enabled but getaddrinfo is missing then #error
|
||
the build.
|
||
|
||
curl can be built with IPv6 support (ENABLE_IPV6) but without the
|
||
ability to resolve hosts to IPv6 addresses (HAVE_GETADDRINFO). On
|
||
Windows this is highly unlikely and should be considered a bad build
|
||
configuration.
|
||
|
||
Such a bad configuration has already given us a bug that was hard to
|
||
diagnose. See #12134 and #12136 for discussion.
|
||
|
||
Ref: https://github.com/curl/curl/issues/12134
|
||
Ref: https://github.com/curl/curl/pull/12136
|
||
|
||
Closes https://github.com/curl/curl/pull/12221
|
||
|
||
Nico Rieck (29 Oct 2023)
|
||
|
||
- openssl: make CURLSSLOPT_NATIVE_CA import Windows intermediate CAs
|
||
|
||
- If CURLSSLOPT_NATIVE_CA on Windows then import from intermediate CA
|
||
"CA" store after importing from root CA "ROOT" store.
|
||
|
||
This change allows curl to work in situations where a server does not
|
||
send all intermediate certs and they are present in the "CA" store (the
|
||
store with intermediate CAs). This is already allowed by the Schannel
|
||
backend.
|
||
|
||
Also this change makes partial chain verification possible for those
|
||
certs since we allow partial chain verification by default for OpenSSL
|
||
(unless CURLSSLOPT_NO_PARTIALCHAIN). This is not allowed by the Schannel
|
||
backend.
|
||
|
||
Prior to this change CURLSSLOPT_NATIVE_CA only imported "ROOT" certs.
|
||
|
||
Fixes https://github.com/curl/curl/issues/12155
|
||
Closes https://github.com/curl/curl/pull/12185
|
||
|
||
Viktor Szakats (28 Oct 2023)
|
||
|
||
- Makefile.mk: fix `-rtmp` option for non-Windows [ci skip]
|
||
|
||
Daniel Stenberg (28 Oct 2023)
|
||
|
||
- asyn-ares: handle no connection in the addrinfo callback
|
||
|
||
To avoid crashing.
|
||
|
||
Follow-up from 56a4db2
|
||
Closes #12219
|
||
|
||
Jay Satiro (28 Oct 2023)
|
||
|
||
- hostip6: fix DEBUG_ADDRINFO builds
|
||
|
||
- Removed unused and incorrect parameter from dump_addrinfo().
|
||
|
||
Bug: https://github.com/curl/curl/commit/56a4db2e#commitcomment-131050442
|
||
Reported-by: Gisle Vanem
|
||
|
||
Closes https://github.com/curl/curl/pull/12212
|
||
|
||
Viktor Szakats (28 Oct 2023)
|
||
|
||
- Makefile.mk: restore `_mingw.h` for default `_WIN32_WINNT`
|
||
|
||
In 8.4.0 we deleted `_mingw.h` as part of purging old-mingw support.
|
||
Turns out `_mingw.h` had the side-effect of setting a default
|
||
`_WIN32_WINNT` value expected by `lib/config-win32.h` to enable
|
||
`getaddrinfo` support in `Makefile.mk` mingw-w64 builds. This caused
|
||
disabling support for this unless specifying the value manually.
|
||
|
||
Restore this header and update its comment to tell why we continue
|
||
to need it.
|
||
|
||
This triggered a regression in official Windows curl builds starting
|
||
with 8.4.0_1. Fixed in 8.4.0_6. (8.5.0 will be using CMake.)
|
||
|
||
Regression from 38029101e2d78ba125732b3bab6ec267b80a0e72 #11625
|
||
|
||
Reported-by: zhengqwe on github
|
||
Helped-by: Nico Rieck
|
||
Fixes #12134
|
||
Fixes #12136
|
||
Closes #12217
|
||
|
||
- hostip: silence compiler warning `-Wparentheses-equality`
|
||
|
||
Seen with LLVM 17.
|
||
|
||
```
|
||
hostip.c:1336:22: warning: equality comparison with extraneous parentheses [-
|
||
Wparentheses-equality]
|
||
1336 | (a->ai_family == PF_INET)) {
|
||
| ~~~~~~~~~~~~~^~~~~~~~~~
|
||
hostip.c:1336:22: note: remove extraneous parentheses around the comparison t
|
||
o silence this warning
|
||
1336 | (a->ai_family == PF_INET)) {
|
||
| ~ ^ ~
|
||
hostip.c:1336:22: note: use '=' to turn this equality comparison into an assi
|
||
gnment
|
||
1336 | (a->ai_family == PF_INET)) {
|
||
| ^~
|
||
| =
|
||
1 warning generated.
|
||
```
|
||
|
||
Follow-up to b651aba0962bb31353f55de4dc35f745952a1b10 #12145
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12215
|
||
|
||
Stefan Eissing (27 Oct 2023)
|
||
|
||
- doh: use PIPEWAIT when HTTP/2 is attempted
|
||
|
||
Closes #12214
|
||
|
||
Daniel Stenberg (27 Oct 2023)
|
||
|
||
- setopt: remove outdated cookie comment
|
||
|
||
Closes #12206
|
||
|
||
Stefan Eissing (27 Oct 2023)
|
||
|
||
- cfilter: provide call to tell connection to forget a socket
|
||
|
||
- fixed libssh.c workaround for a socket being closed by
|
||
the library
|
||
- eliminate the terrible hack in cf-socket.c to guess when
|
||
this happened and try not closing the socket again.
|
||
- fixes race in eyeballing when socket could have failed to
|
||
be closed for a discarded connect attempt
|
||
|
||
Closes #12207
|
||
|
||
- url: protocol handler lookup tidy-up
|
||
|
||
- rename lookup to what it does
|
||
- use ARRAYSIZE instead of NULL check for end
|
||
- offer alternate lookup for 0-terminated strings
|
||
|
||
Closes #12216
|
||
|
||
Viktor Szakats (27 Oct 2023)
|
||
|
||
- build: variadic macro tidy-ups
|
||
|
||
- delete unused `HAVE_VARIADIC_MACROS_C99/GCC` feature checks.
|
||
(both autotools and CMake.)
|
||
- delete duplicate `NULL` check in `Curl_trc_cf_infof()`.
|
||
- fix compiler warning in `CURL_DISABLE_VERBOSE_STRINGS` builds.
|
||
```
|
||
./lib/cf-socket.c:122:41: warning: unused parameter 'data' [-Wunused-parame
|
||
ter]
|
||
static void nosigpipe(struct Curl_easy *data,
|
||
^
|
||
```
|
||
- fix `#ifdef` comments in `lib/curl_trc.{c,h}`.
|
||
- fix indentation in some `infof()` calls.
|
||
|
||
Follow-up to dac293cfb7026b1ca4175d88b80f1432d3d3c684 #12167
|
||
|
||
Cherry-picked from #12105
|
||
Closes #12210
|
||
|
||
- cmake: speed up threads setup for Windows
|
||
|
||
Win32 threads are always available. We enabled them unconditionally
|
||
(with `ENABLE_THREADED_RESOLVER`). CMake built-in thread detection
|
||
logic has this condition hard-coded for Windows as well (since at least
|
||
2007).
|
||
|
||
Instead of doing all the work of detecting pthread combinations on
|
||
Windows, then discarding those results, skip these efforts and assume
|
||
built-in thread support when building for Windows.
|
||
|
||
This saves 1-3 slow CMake configuration steps.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12202
|
||
|
||
- cmake: speed up zstd detection
|
||
|
||
Before this patch we detected the presence of a specific zstd API to
|
||
see if we can use the library. zstd published that API in its first
|
||
stable release: v1.0.0 (2016-08-31).
|
||
|
||
Replace that method by detecting the zstd library version instead and
|
||
accepting if it's v1.0.0 or newer. Also display this detected version
|
||
and display a warning if the zstd found is unfit for curl.
|
||
|
||
We use the same version detection method as zstd itself, via its public
|
||
C header.
|
||
|
||
This deviates from autotools which keeps using the slow method of
|
||
looking for the API by building a test program. The outcome is the same
|
||
as long as zstd keeps offering this API.
|
||
|
||
Ref: https://github.com/facebook/zstd/commit/5a0c8e24395079f8e8cdc90aa1659cd5
|
||
ab1b7427 (2016-08-12, committed)
|
||
Ref: https://github.com/facebook/zstd/releases/tag/v0.8.1 (2016-08-18, first
|
||
released)
|
||
Ref: https://github.com/facebook/zstd/releases/tag/v1.0.0
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12200
|
||
|
||
Daniel Stenberg (26 Oct 2023)
|
||
|
||
- openssl: fix infof() to avoid compiler warning for %s with null
|
||
|
||
vtls/openssl.c: In function ‘ossl_connect_step2’:
|
||
../lib/curl_trc.h:120:10: error: ‘%s’ directive argument is null [-Werror
|
||
=format-overflow=]
|
||
120 | Curl_infof(data, __VA_ARGS__); } while(0)
|
||
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
vtls/openssl.c:4008:5: note: in expansion of macro ‘infof’
|
||
4008 | infof(data, "SSL connection using %s / %s / %s / %s",
|
||
| ^~~~~
|
||
vtls/openssl.c:4008:49: note: format string is defined here
|
||
4008 | infof(data, "SSL connection using %s / %s / %s / %s",
|
||
| ^~
|
||
|
||
Follow-up to b6e6d4ff8f253c8b8055bab
|
||
Closes #12196
|
||
|
||
Stefan Eissing (26 Oct 2023)
|
||
|
||
- lib: apache style infof and trace macros/functions
|
||
|
||
- test for a simplified C99 variadic check
|
||
- args to infof() in --disable-verbose are no longer disregarded but
|
||
must compile.
|
||
|
||
Closes #12167
|
||
Fixes #12083
|
||
Fixes #11880
|
||
Fixes #11891
|
||
|
||
Daniel Stenberg (26 Oct 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Stefan Eissing (26 Oct 2023)
|
||
|
||
- urldata: move async resolver state from easy handle to connectdata
|
||
|
||
- resolving is done for a connection, not for every transfer
|
||
- save create/dup/free of a cares channel for each transfer
|
||
- check values of setopt calls against a local channel if no
|
||
connection has been attached yet, when needed.
|
||
|
||
Closes #12198
|
||
|
||
Daniel Stenberg (26 Oct 2023)
|
||
|
||
- CURLOPT_WRITEFUNCTION.3: clarify what libcurl returns for CURL_WRITEFUNC_ERRO
|
||
R
|
||
|
||
It returns CURLE_WRITE_ERROR. It was not previously stated clearly.
|
||
|
||
Reported-by: enWILLYado on github
|
||
Fixes #12201
|
||
Closes #12203
|
||
|
||
Viktor Szakats (25 Oct 2023)
|
||
|
||
- autotools: update references to deleted `crypt-auth` option
|
||
|
||
Delete leftovers of the `crypt-auth` `./configure` option and
|
||
add the new ones that replaced them.
|
||
|
||
Follow-up to e92edfbef64448ef461117769881f3ed776dec4e #11490
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12194
|
||
|
||
Stefan Eissing (25 Oct 2023)
|
||
|
||
- lib: introduce struct easy_poll_set for poll information
|
||
|
||
Connection filter had a `get_select_socks()` method, inspired by the
|
||
various `getsocks` functions involved during the lifetime of a
|
||
transfer. These, depending on transfer state (CONNECT/DO/DONE/ etc.),
|
||
return sockets to monitor and flag if this shall be done for POLLIN
|
||
and/or POLLOUT.
|
||
|
||
Due to this design, sockets and flags could only be added, not
|
||
removed. This led to problems in filters like HTTP/2 where flow control
|
||
prohibits the sending of data until the peer increases the flow
|
||
window. The general transfer loop wants to write, adds POLLOUT, the
|
||
socket is writeable but no data can be written.
|
||
|
||
This leads to cpu busy loops. To prevent that, HTTP/2 did set the
|
||
`SEND_HOLD` flag of such a blocked transfer, so the transfer loop cedes
|
||
further attempts. This works if only one such filter is involved. If a
|
||
HTTP/2 transfer goes through a HTTP/2 proxy, two filters are
|
||
setting/clearing this flag and may step on each other's toes.
|
||
|
||
Connection filters `get_select_socks()` is replaced by
|
||
`adjust_pollset()`. They get passed a `struct easy_pollset` that keeps
|
||
up to `MAX_SOCKSPEREASYHANDLE` sockets and their `POLLIN|POLLOUT`
|
||
flags. This struct is initialized in `multi_getsock()` by calling the
|
||
various `getsocks()` implementations based on transfer state, as before.
|
||
|
||
After protocol handlers/transfer loop have set the sockets and flags
|
||
they want, the `easy_pollset` is *always* passed to the filters. Filters
|
||
"higher" in the chain are called first, starting at the first
|
||
not-yet-connection one. Each filter may add sockets and/or change
|
||
flags. When all flags are removed, the socket itself is removed from the
|
||
pollset.
|
||
|
||
Example:
|
||
|
||
* transfer wants to send, adds POLLOUT
|
||
* http/2 filter has a flow control block, removes POLLOUT and adds
|
||
POLLIN (it is waiting on a WINDOW_UPDATE from the server)
|
||
* TLS filter is connected and changes nothing
|
||
* h2-proxy filter also has a flow control block on its tunnel stream,
|
||
removes POLLOUT and adds POLLIN also.
|
||
* socket filter is connected and changes nothing
|
||
* The resulting pollset is then mixed together with all other transfers
|
||
and their pollsets, just as before.
|
||
|
||
Use of `SEND_HOLD` is no longer necessary in the filters.
|
||
|
||
All filters are adapted for the changed method. The handling in
|
||
`multi.c` has been adjusted, but its state handling the the protocol
|
||
handlers' `getsocks` method are untouched.
|
||
|
||
The most affected filters are http/2, ngtcp2, quiche and h2-proxy. TLS
|
||
filters needed to be adjusted for the connecting handshake read/write
|
||
handling.
|
||
|
||
No noticeable difference in performance was detected in local scorecard
|
||
runs.
|
||
|
||
Closes #11833
|
||
|
||
Daniel Stenberg (25 Oct 2023)
|
||
|
||
- tests/README: SOCKS tests are not using OpenSSH, it has its own server
|
||
|
||
Follow-up to 04fd67555cc
|
||
|
||
Closes #12195
|
||
|
||
Jacob Hoffman-Andrews (25 Oct 2023)
|
||
|
||
- tets: make test documentation more user-friendly
|
||
|
||
Put the instructions to run tests right at the top of tests/README.md.
|
||
|
||
Give instructions to read the runtests.1 man page for information
|
||
about flags. Delete redundant copy of the flags documentation in the
|
||
README.
|
||
|
||
Add a mention in README.md of the important parallelism flag, to make
|
||
test runs go much faster.
|
||
|
||
Move documentation of output line format into the runtests.1 man page,
|
||
and update it with missing flags.
|
||
|
||
Fix the order of two flags in the man page.
|
||
|
||
Closes #12193
|
||
|
||
Viktor Szakats (24 Oct 2023)
|
||
|
||
- cmake: pre-fill rest of detection values for Windows
|
||
|
||
The goal of this patch is to avoid unnecessary feature detection work
|
||
when doing Windows builds with CMake. Do this by pre-filling well-known
|
||
detection results for Windows and specifically for mingw-w64 and MSVC
|
||
compilers. Also limit feature checks to platforms where the results are
|
||
actually used. Drop a few redundant ones. And some tidying up.
|
||
|
||
- pre-fill remaining detection values in Windows CMake builds.
|
||
|
||
Based on actual detection results observed in CI runs, preceding
|
||
similar work over libssh2 and matching up values with
|
||
`lib/config-win32.h`.
|
||
|
||
This brings down CMake configuration time from 58 to 14 seconds on the
|
||
same local machine.
|
||
|
||
On AppVeyor CI this translates to:
|
||
- 128 seconds -> 50 seconds VS2022 MSVC with OpenSSL (per CMake job):
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/48208419/job/4gw66ecr
|
||
jpy7necb#L296
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/48217440/job/8m4fwrr2
|
||
fe249uo8#L186
|
||
- 62 seconds -> 16 seconds VS2017 MINGW (per CMake job):
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/48208419/job/s1y8q5iv
|
||
lcs7ub29?fullLog=true#L290
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/48217440/job/pchpxyjs
|
||
yc9kl13a?fullLog=true#L194
|
||
|
||
The formula is about 1-3 seconds delay for each detection. Almost all
|
||
of these trigger a full compile-link cycle behind the scenes, slow
|
||
even today, both cross and native, mingw-w64 and apparently MSVC too.
|
||
Enabling .map files or other custom build features slows it down
|
||
further. (Similar is expected for autotools configure.)
|
||
|
||
- stop detecting `idn2.h` if idn2 was deselected.
|
||
autotools does this.
|
||
|
||
- stop detecting `idn2.h` if idn2 was not found.
|
||
This deviates from autotools. Source code requires both header and
|
||
lib, so this is still correct, but faster.
|
||
|
||
- limit `ADDRESS_FAMILY` detection to Windows.
|
||
|
||
- normalize `HAVE_WIN32_WINNT` value to lowercase `0x0a12` format.
|
||
|
||
- pre-fill `HAVE_WIN32_WINNT`-dependent detection results.
|
||
Saving 4 (slow) feature-detections in most builds: `getaddrinfo`,
|
||
`freeaddrinfo`, `inet_ntop`, `inet_pton`
|
||
|
||
- fix pre-filled `HAVE_SYS_TIME_H`, `HAVE_SYS_PARAM_H`,
|
||
`HAVE_GETTIMEOFDAY` for mingw-w64.
|
||
Luckily this do not change build results, as `WIN32` took
|
||
priority over `HAVE_GETTIMEOFDAY` with the current source
|
||
code.
|
||
|
||
- limit `HAVE_CLOCK_GETTIME_MONOTONIC_RAW` and
|
||
`HAVE_CLOCK_GETTIME_MONOTONIC` detections to non-Windows.
|
||
We're not using these in the source code for Windows.
|
||
|
||
- reduce compiler warning noise in CMake internal logs:
|
||
- fix to include `winsock2.h` before `windows.h`.
|
||
Apply it to autotools test snippets too.
|
||
- delete previous `-D_WINSOCKAPI_=` hack that aimed to fix the above.
|
||
- cleanup `CMake/CurlTests.c` to emit less warnings.
|
||
|
||
- delete redundant `HAVE_MACRO_SIGSETJMP` feature check.
|
||
It was the same check as `HAVE_SIGSETJMP`.
|
||
|
||
- delete 'experimental' marking from `CURL_USE_OPENSSL`.
|
||
|
||
- show CMake version via `CMakeLists.txt`.
|
||
Credit to the `zlib-ng` project for the idea:
|
||
https://github.com/zlib-ng/zlib-ng/blob/61e181c8ae93dbf56040336179c9954078b
|
||
d1399/CMakeLists.txt#L7
|
||
|
||
- make `CMake/CurlTests.c` pass `checksrc`.
|
||
|
||
- `CMake/WindowsCache.cmake` tidy-ups.
|
||
|
||
- replace `WIN32` guard with `_WIN32` in `CMake/CurlTests.c`.
|
||
|
||
Closes #12044
|
||
|
||
Jay Satiro (24 Oct 2023)
|
||
|
||
- page-footer: clarify exit code 25
|
||
|
||
- Clarify that curl tool exit code 25 means an upload failed to start.
|
||
|
||
Exit code 25 is equivalent to CURLE_UPLOAD_FAILED (25). Prior to this
|
||
change the documentation only mentioned the case of FTP STOR failing.
|
||
|
||
Reported-by: Emanuele Torre
|
||
|
||
Ref: https://github.com/curl/curl/blob/curl-8_4_0/docs/libcurl/libcurl-errors
|
||
.3#L113-L115
|
||
|
||
Fixes https://github.com/curl/curl/issues/12189
|
||
Closes https://github.com/curl/curl/pull/12190
|
||
|
||
Daniel Stenberg (24 Oct 2023)
|
||
|
||
- scripts/cijobs.pl: adjust for appveyor
|
||
|
||
Follow-up to a1d73a6bb
|
||
|
||
Alex Bozarth (24 Oct 2023)
|
||
|
||
- OpenSSL: Include SIG and KEM algorithms in verbose
|
||
|
||
Currently the verbose output does not include which algorithms are used
|
||
for the signature and key exchange when using OpenSSL. Including the
|
||
algorithms used will enable better debugging when working on using new
|
||
algorithm implementations. Know what algorithms are used has become more
|
||
important with the fast growing research into new quantum-safe
|
||
algorithms.
|
||
|
||
This implementation includes a build time check for the OpenSSL version
|
||
to use a new function that will be included in OpenSSL 3.2 that was
|
||
introduced in openssl/openssl@6866824
|
||
|
||
Based-on-patch-by: Martin Schmatz <mrt@zurich.ibm.com>
|
||
Closes #12030
|
||
|
||
Daniel Stenberg (23 Oct 2023)
|
||
|
||
- http2: provide an error callback and failf the message
|
||
|
||
Getting nghttp2's error message helps users understand what's going
|
||
on. For example when the connection is brought down due a forbidden
|
||
header is used - as that header is then not displayed by curl itself.
|
||
|
||
Example:
|
||
|
||
curl: (92) Invalid HTTP header field was received: frame type: 1,
|
||
stream: 1, name: [upgrade], value: [h2,h2c]
|
||
|
||
Ref: #12172
|
||
Closes #12179
|
||
|
||
Turiiya (23 Oct 2023)
|
||
|
||
- BINDINGS: add V binding
|
||
|
||
Closes #12182
|
||
|
||
Daniel Stenberg (22 Oct 2023)
|
||
|
||
- configure: check for the fseeko declaration too
|
||
|
||
... and make the code require both symbol and declaration.
|
||
|
||
This is because for Android, the symbol is always present in the lib at
|
||
build-time even when not actually available in run-time.
|
||
|
||
Assisted-by: Viktor Szakats
|
||
Reported-by: 12932 on github
|
||
Fixes #12086
|
||
Closes #12158
|
||
|
||
Viktor Szakats (22 Oct 2023)
|
||
|
||
- cmake: fix OpenSSL quic detection in quiche builds
|
||
|
||
An orphan call to `CheckQuicSupportInOpenSSL()` remained after a recent
|
||
update when checking QUIC for quiche. Move back QUIC detection to
|
||
a function and fixup callers to use that. Also make sure that quiche
|
||
gets QUIC from BoringSSL, because it doesn't support other forks at this
|
||
time.
|
||
|
||
Regression from dee310d54261f9a8416e87d50bccfe2cbe404949 #11555
|
||
|
||
Reported-by: Casey Bodley <cbodley@redhat.com>
|
||
Fixes #12160
|
||
Closes #12162
|
||
|
||
Daniel Stenberg (22 Oct 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
bump to 8.5.0 for pending release
|
||
|
||
Dan Fandrich (21 Oct 2023)
|
||
|
||
- test3103: add missing quotes around a test tag attribute
|
||
|
||
Loïc Yhuel (21 Oct 2023)
|
||
|
||
- tool: fix --capath when proxy support is disabled
|
||
|
||
After 95e8515ca0, --capath always sets CURLOPT_PROXY_CAPATH, which fails
|
||
with CURLE_UNKNOWN_OPTION when proxy support is disabled.
|
||
|
||
Closes #12089
|
||
|
||
Daniel Stenberg (21 Oct 2023)
|
||
|
||
- openldap: move the alloc of ldapconninfo to *connect()
|
||
|
||
Fixes a minor memory leak on LDAP connection reuse.
|
||
|
||
Doing the allocation already in *setup_connection() is wrong since that
|
||
connect struct might get discarded early when an existing connection is
|
||
reused instead.
|
||
|
||
Closes #12166
|
||
|
||
- openldap: set the callback argument in oldap_do
|
||
|
||
... to make sure it has the current 'data' pointer and not a stale old
|
||
one.
|
||
|
||
Reported-by: Dan Fandrich
|
||
Closes #12166
|
||
|
||
- gnutls: support CURLSSLOPT_NATIVE_CA
|
||
|
||
Remove the CURL_CA_FALLBACK logic. That build option was added to allow
|
||
primarily OpenSSL to use the default paths for loading the CA certs. For
|
||
GnuTLS it was instead made to load the "system certs", which is
|
||
different and not desirable.
|
||
|
||
The native CA store loading is now asked for with this option.
|
||
|
||
Follow-up to 7b55279d1d856
|
||
|
||
Co-authored-by: Jay Satiro
|
||
|
||
Closes #12137
|
||
|
||
Stefan Eissing (21 Oct 2023)
|
||
|
||
- RTSP: improved RTP parser
|
||
|
||
- fix HTTP header parsing to report incomplete
|
||
lines it buffers as consumed!
|
||
- re-implement the RTP parser for interleave RTP
|
||
messages for robustness. It is now keeping its
|
||
state at the connection
|
||
- RTSP protocol handler "readwrite" implementation
|
||
now tracks if the response is before/in/after
|
||
header parsing or "in" a bod by calling
|
||
"Curl_http_readwrite_headers()" itself. This
|
||
allows it to know when non-RTP bytes are "junk"
|
||
or HEADER or BODY.
|
||
- tested with #12035 and various small receive
|
||
sizes where current master fails
|
||
|
||
Closes #12052
|
||
|
||
- http2: header conversion tightening
|
||
|
||
- fold the code to convert dynhds to the nghttp2 structs
|
||
into a dynhds internal method
|
||
- saves code duplication
|
||
- pacifies compiler analyzers
|
||
|
||
Closes #12097
|
||
|
||
Daniel Stenberg (21 Oct 2023)
|
||
|
||
- curl_ntlm_wb: fix elif typo
|
||
|
||
Reported-by: Manfred Schwarb
|
||
Follow-up to d4314cdf65ae
|
||
Bug: https://github.com/curl/curl/commit/d4314cdf65aee295db627016934bd9eb621a
|
||
b077#r130551295
|
||
|
||
Dan Fandrich (20 Oct 2023)
|
||
|
||
- test1683: remove commented-out check alternatives
|
||
|
||
Python precheck/postcheck alternatives were included but commented out.
|
||
Since these are not used and perl is guaranteed to be available to run
|
||
the perl versions anyway, the Python ones are removed.
|
||
|
||
Daniel Stenberg (20 Oct 2023)
|
||
|
||
- hostip: show the list of IPs when resolving is done
|
||
|
||
Getting 'curl.se' today then gets this verbose output which might help
|
||
debugging connectivity related matters.
|
||
|
||
* Host curl.se:80 was resolved.
|
||
* IPv6: 2a04:4e42::347, 2a04:4e42:200::347, 2a04:4e42:400::347,
|
||
2a04:4e42:600::347, 2a04:4e42:800::347, 2a04:4e42:a00::347,
|
||
2a04:4e42:c00::347, 2a04:4e42:e00::347
|
||
* IPv4: 151.101.193.91, 151.101.1.91, 151.101.65.91, 151.101.129.91
|
||
|
||
Co-authored-by: Jay Satiro
|
||
Closes #12145
|
||
|
||
rilysh (20 Oct 2023)
|
||
|
||
- docs: fix function typo in curl_easy_option_next.3
|
||
|
||
Closes #12170
|
||
|
||
Daniel Stenberg (20 Oct 2023)
|
||
|
||
- vssh: remove the #ifdef for Curl_ssh_init, use empty macro
|
||
|
||
In the same style as other init calls
|
||
|
||
- easy: remove duplicate wolfSSH init call
|
||
|
||
It is already done in Curl_ssh_init() where it belongs.
|
||
|
||
Closes #12168
|
||
|
||
- socks: make SOCKS5 use the CURLOPT_IPRESOLVE choice
|
||
|
||
Fixes #11949
|
||
Reported-by: Ammar Faizi
|
||
Closes #12163
|
||
|
||
- urldata: move the 'internal' boolean to the state struct
|
||
|
||
... where all the other state bits for the easy handles live.
|
||
|
||
Closes #12165
|
||
|
||
- url: don't touch the multi handle when closing internal handles
|
||
|
||
Reported-by: Maksymilian Arciemowicz
|
||
Closes #12165
|
||
|
||
Faraz Fallahi (19 Oct 2023)
|
||
|
||
- getenv: PlayStation doesn't have getenv()
|
||
|
||
Closes #12140
|
||
|
||
Daniel Stenberg (19 Oct 2023)
|
||
|
||
- transfer: only reset the FTP wildcard engine in CLEAR state
|
||
|
||
To avoid the state machine to start over and redownload all the files
|
||
*again*.
|
||
|
||
Reported-by: lkordos on github
|
||
Regression from 843b3baa3e3cb228 (shipped in 8.1.0)
|
||
Bisect-by: Dan Fandrich
|
||
Fixes #11775
|
||
Closes #12156
|
||
|
||
Stefan Eissing (19 Oct 2023)
|
||
|
||
- GHA: move mod_h2 version in CI to v2.0.25
|
||
|
||
Closes #12157
|
||
|
||
Daniel Stenberg (19 Oct 2023)
|
||
|
||
- ntlm_wb: use pipe instead of socketpair when possible
|
||
|
||
Closes #12149
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- asyn-thread: use pipe instead of socketpair for IPC when available
|
||
|
||
If pipe() is present. Less overhead.
|
||
|
||
Helped-by: Viktor Szakats
|
||
Closes #12146
|
||
|
||
Dan Fandrich (17 Oct 2023)
|
||
|
||
- tests: Fix Windows test helper tool search & use it for handle64
|
||
|
||
The checkcmd() and checktestcmd() functions would not have worked on
|
||
Windows due to hard-coding the UNIX PATH separator character and not
|
||
adding .exe file extension. This meant that tools like stunnel, valgrind
|
||
and nghttpx would not have been found and used on Windows, and
|
||
inspection of previous test runs show none of those being found in pure
|
||
Windows CI builds.
|
||
|
||
With this fixed, they can be used to detect the handle64.exe program
|
||
before attempting to use it. When handle64.exe was called
|
||
unconditionally without it existing, it caused perl to abort the test
|
||
run with the error
|
||
|
||
The running command stopped because the preference variable
|
||
"ErrorActionPreference" or common parameter is set to Stop:
|
||
sh: handle64.exe: command not found
|
||
|
||
Closes #12115
|
||
|
||
Daniel Stenberg (17 Oct 2023)
|
||
|
||
- multi: use pipe instead of socketpair to *wakeup()
|
||
|
||
If pipe() is present. Less overhead.
|
||
|
||
Closes #12142
|
||
|
||
Jay Satiro (17 Oct 2023)
|
||
|
||
- build: fix 'threadsafe' feature detection for older gcc
|
||
|
||
- Add 'threadsafe' to the feature list shown during build if POSIX
|
||
threads are being used.
|
||
|
||
This is a follow-up to 5adb6000 which added support for building a
|
||
thread-safe libcurl with older versions of gcc where atomic is not
|
||
available but pthread is.
|
||
|
||
Reported-by: Dan Fandrich
|
||
Co-authored-by: Dan Fandrich
|
||
|
||
Fixes https://github.com/curl/curl/issues/12125
|
||
Closes https://github.com/curl/curl/pull/12127
|
||
|
||
Daniel Stenberg (16 Oct 2023)
|
||
|
||
- test729: verify socks4a with excessive proxy user name length
|
||
|
||
- socks: better buffer size checks for socks4a user and hostname
|
||
|
||
Also limit the proxy user name to 255 bytes, which is the same limit as
|
||
in SOCKS5.
|
||
|
||
Reported-by: sd0 on hackerone
|
||
Closes #12139
|
||
|
||
- curl.h: on FreeBSD include sys/param.h instead of osreldate.h
|
||
|
||
Should things build on Playstation as well
|
||
|
||
Fixes #12107
|
||
Reported-by: Faraz Fallahi
|
||
Closes #12123
|
||
|
||
Marcin Rataj (16 Oct 2023)
|
||
|
||
- tool_operate: fix links in ipfs errors
|
||
|
||
URL fragment links generated from headers in
|
||
https://curl.se/docs/ipfs.html are lowercase.
|
||
|
||
Closes #12133
|
||
|
||
Viktor Szakats (15 Oct 2023)
|
||
|
||
- cmake: replace `check_library_exists_concat()`
|
||
|
||
The idea of `check_library_exists_concat()` is that it detects an
|
||
optional component and adds it to the list of libs that we also use in
|
||
subsequent component checks. This caused problems when detecting
|
||
components with unnecessary dependencies that were not yet built.
|
||
|
||
CMake offers the `CMAKE_REQUIRED_LIBRARIES` variable to set libs used
|
||
for component checks, which we already use in most cases. That left 4
|
||
uses of `check_library_exists_concat()`. Only one of these actually
|
||
needed the 'concat' feature (ldap/lber).
|
||
|
||
Delete this function and replace it with standard
|
||
`check_library_exists()` and manual management of our `CURL_LIBS`
|
||
list we use when linking build targets. And special logic to handle the
|
||
ldap/lber case.
|
||
|
||
(We have a similar function for headers: `check_include_file_concat()`.
|
||
It works, but problematic for performance reasons and because it hides
|
||
the actual headers required in `check_symbol_exists()` calls.)
|
||
|
||
Ref: #11537 #11558
|
||
Fixes #11285
|
||
Fixes #11648
|
||
Closes #12070
|
||
|
||
LoRd_MuldeR (15 Oct 2023)
|
||
|
||
- tool_cb_wrt: fix write output for very old Windows versions
|
||
|
||
- Pass missing parameter for 'lpNumberOfCharsWritten' to WriteConsoleW()
|
||
function.
|
||
|
||
Apparently this parameter was *not* optional on older Windows versions.
|
||
|
||
Issue observed on Windows XP SP2. Issue not observed on Windows 7 SP1.
|
||
So at some point between those two Microsoft changed the behavior.
|
||
|
||
Prior to this change, on those versions if parameter is NULL then the
|
||
function call fails with error ERROR_INVALID_ACCESS.
|
||
|
||
Regression since af3f4e41.
|
||
|
||
Ref: https://github.com/MicrosoftDocs/Console-Docs/issues/299
|
||
|
||
Fixes https://github.com/curl/curl/issues/12131
|
||
Closes https://github.com/curl/curl/pull/12130
|
||
|
||
Jay Satiro (15 Oct 2023)
|
||
|
||
- tool_urlglob: fix build for old gcc versions
|
||
|
||
- Don't use __builtin_mul_overflow for GCC 4 and earlier.
|
||
|
||
The function was added in GCC 5.
|
||
|
||
Ref: https://gcc.gnu.org/gcc-5/changes.html
|
||
|
||
Reported-by: Dan Fandrich
|
||
|
||
Fixes https://github.com/curl/curl/issues/12124
|
||
Closes https://github.com/curl/curl/pull/12128
|
||
|
||
Carlos Henrique Lima Melara (14 Oct 2023)
|
||
|
||
- docs/libcurl: fix three minor man page format mistakes
|
||
|
||
Reported-by: Samuel Henrique
|
||
|
||
Closes https://github.com/curl/curl/pull/12126
|
||
|
||
Jay Satiro (14 Oct 2023)
|
||
|
||
- tests/server: add more SOCKS5 handshake error checking
|
||
|
||
- Add additional checking for missing and too-short SOCKS5 handshake
|
||
messages.
|
||
|
||
Prior to this change the SOCKS5 test server did not check that all parts
|
||
of the handshake were received successfully. If those parts were missing
|
||
or too short then the server would access uninitialized memory.
|
||
|
||
This issue was discovered in CI job 'memory-sanitizer' test results.
|
||
Test 2055 was failing due to the SOCKS5 test server not running. It was
|
||
not running because either it crashed or memory sanitizer aborted it
|
||
during Test 728. Test 728 connects to the SOCKS5 test server on a
|
||
redirect but does not send any data on purpose. The test server was not
|
||
prepared for that.
|
||
|
||
Reported-by: Dan Fandrich
|
||
|
||
Fixes https://github.com/curl/curl/issues/12117
|
||
Closes https://github.com/curl/curl/pull/12118
|
||
|
||
Daniel Stenberg (14 Oct 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Sohom Datta (14 Oct 2023)
|
||
|
||
- tool_getparam: limit --rate to be smaller than number of ms
|
||
|
||
Currently, curl allows users to specify absurd request rates that might
|
||
be higher than the number of milliseconds in the unit (ex: curl --rate
|
||
3600050/h http://localhost:8080 does not error out despite there being
|
||
only 3600000ms in a hour).
|
||
|
||
This change adds a conditional check before the millisecond calculation
|
||
making sure that the number is not higher than the numerator (the unit)
|
||
If the number is higher, curl errors out with PARAM_NUMBER_TOO_LARGE
|
||
|
||
Closes #12116
|
||
|
||
Daniel Stenberg (14 Oct 2023)
|
||
|
||
- opts: fix two minor man page format mistakes
|
||
|
||
Jay Satiro (14 Oct 2023)
|
||
|
||
- curl_trc: remove a bad assertion
|
||
|
||
- Remove DEBUGASSERT that an internal handle must not have user
|
||
private_data set before calling the user's debug callback.
|
||
|
||
This is a follow-up to 0dc40b2a. The user can distinguish their easy
|
||
handle from an internal easy handle by setting CURLOPT_PRIVATE on their
|
||
easy handle. I had wrongly assumed that meant the user couldn't then
|
||
set CURLOPT_PRIVATE on an internal handle as well.
|
||
|
||
Bug: https://github.com/curl/curl/pull/12060#issuecomment-1754594697
|
||
Reported-by: Daniel Stenberg
|
||
|
||
Closes https://github.com/curl/curl/pull/12104
|
||
|
||
Dan Fandrich (13 Oct 2023)
|
||
|
||
- test613: stop showing an error on missing output file
|
||
|
||
This test would show an error message if the output was missing during
|
||
the log post-processing step, but the message was not captured by the
|
||
test harness and wasn't useful since the normal golden log file
|
||
comparison would the problem more clearly.
|
||
|
||
Stefan Eissing (13 Oct 2023)
|
||
|
||
- quic: manage connection idle timeouts
|
||
|
||
- configure a 120s idle timeout on our side of the connection
|
||
- track the timestamp when actual socket IO happens
|
||
- check IO timestamp to our *and* the peer's idle timeouts
|
||
in "is this connection alive" checks
|
||
|
||
Reported-by: calvin2021y on github
|
||
Fixes #12064
|
||
Closes #12077
|
||
|
||
Dan Fandrich (13 Oct 2023)
|
||
|
||
- CI: ignore test 286 on Appveyor gcc 9 build
|
||
|
||
This test fails sometimes with a super fast retry loop due to what may
|
||
just be a compiler bug. The test results are ignored on the one CI job
|
||
where it occurs because there seems to be nothing we can do to fix it.
|
||
|
||
Fixes #12040
|
||
Closes #12106
|
||
|
||
Viktor Szakats (13 Oct 2023)
|
||
|
||
- lib: fix gcc warning in printf call
|
||
|
||
Do not pass NULL to printf %s.
|
||
|
||
Seen with gcc 13.2.0 on Debian:
|
||
```
|
||
.../curl/lib/connect.c:696:27: warning: '%s' directive argument is null [-Wfo
|
||
rmat-overflow=]
|
||
```
|
||
Ref: https://github.com/curl/curl-for-win/actions/runs/6476161689/job/1758442
|
||
6483#step:3:11104
|
||
|
||
Ref: #10284
|
||
Co-authored-by: Jay Satiro
|
||
Closes #12082
|
||
|
||
Alex Klyubin (13 Oct 2023)
|
||
|
||
- http2: safer invocation of populate_binsettings
|
||
|
||
populate_binsettings now returns a negative value on error, instead of a
|
||
huge positive value. Both places which call this function have been
|
||
updated to handle this change in its contract.
|
||
|
||
The way populate_binsettings had been used prior to this change the huge
|
||
positive values -- due to signed->unsigned conversion of the potentially
|
||
negative result of nghttp2_pack_settings_payload which returns negative
|
||
values on error -- are not possible. But only because http2.c currently
|
||
always provides a large enough output buffer and provides H2 SETTINGS
|
||
IVs which pass the verification logic inside nghttp2. If the
|
||
verification logic were to change or if http2.c started passing in more
|
||
IVs without increasing the output buffer size, the overflow could become
|
||
reachable, and libcurl/curl might start leaking memory contents to
|
||
servers/proxies...
|
||
|
||
Closes #12101
|
||
|
||
Daniel Stenberg (13 Oct 2023)
|
||
|
||
- openssl: avoid BN_num_bits() NULL pointer derefs
|
||
|
||
Reported-by: icy17 on github
|
||
Fixes #12099
|
||
Closes #12100
|
||
|
||
- wolfssl: require WOLFSSL_SYS_CA_CERTS for loading system CA
|
||
|
||
This define is set in wolfssl's options.h file when this function and
|
||
feature is present. Handles both builds with the feature explicitly
|
||
disabled and wolfSSL versions before 5.5.2 - which introduced this API
|
||
call.
|
||
|
||
Closes #12108
|
||
|
||
- tool_urlglob: make multiply() bail out on negative values
|
||
|
||
- Does not work correctly with negative values
|
||
- use __builtin_mul_overflow() on gcc
|
||
|
||
Reported-by: Torben Dury
|
||
Closes #12102
|
||
|
||
Loïc Yhuel (13 Oct 2023)
|
||
|
||
- cmake: fix CURL_DISABLE_GETOPTIONS
|
||
|
||
- Add CURL_DISABLE_GETOPTIONS to curl_config.h.cmake.
|
||
|
||
Prior to this change the option had no effect because it was missing
|
||
from that file.
|
||
|
||
Closes https://github.com/curl/curl/pull/12091
|
||
|
||
- easy_lock: add a pthread_mutex_t fallback
|
||
|
||
This allows to keep the init threadsafe with gcc < 4.9.0 (no C11
|
||
atomics).
|
||
|
||
Closes https://github.com/curl/curl/pull/12090
|
||
|
||
Viktor Szakats (12 Oct 2023)
|
||
|
||
- CI: add autotools, out-of-tree, debug build to distro check job
|
||
|
||
Add a job that builds curl from a generated source tarball sample, with
|
||
autotools, out-of-tree, in debug mode.
|
||
|
||
Ref: #12085
|
||
Closes #12088
|
||
|
||
Daniel Stenberg (12 Oct 2023)
|
||
|
||
- http: avoid Expect: 100-continue if Upgrade: is used
|
||
|
||
Reported-by: Daniel Jelinski
|
||
Fixes #12022
|
||
Closes #12062
|
||
|
||
Jan Alexander Steffens (heftig) (12 Oct 2023)
|
||
|
||
- docs: use SOURCE_DATE_EPOCH for generated manpages
|
||
|
||
This should make builds from Git reproducible.
|
||
|
||
Closes #12092
|
||
|
||
Daniel Stenberg (12 Oct 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Bumped to 8.4.1
|
||
|
||
Viktor Szakats (12 Oct 2023)
|
||
|
||
- cmake: fix `HAVE_H_ERRNO_ASSIGNABLE` detection
|
||
|
||
Fix `HAVE_H_ERRNO_ASSIGNABLE` to not run, only compile its test snippet,
|
||
aligning this with autotools. This fixes an error when doing
|
||
cross-builds and also actually detects this feature. It affected systems
|
||
not allowlisted into this, e.g. SerenityOS.
|
||
|
||
We used this detection result to enable `HAVE_GETADDRINFO_THREADSAFE`.
|
||
|
||
Follow-up to 04a3a377d83fd72c4cf7a96c9cb6d44785e33264 #11979
|
||
Ref: #12095 (closed in favour of this patch)
|
||
Ref: #11964 (effort to sync cmake detections with autotools)
|
||
|
||
Reported-by: Kartatz on Github
|
||
Assisted-by: Kartatz on Github
|
||
Fixes #12093
|
||
Closes #12094
|
||
|
||
- build: add `src/.checksrc` to source tarball
|
||
|
||
Regression from e5bb88b8f824ed87620bd923552534c83c2a516e #11958
|
||
|
||
Bug: https://github.com/curl/curl/pull/11958#issuecomment-1757079071
|
||
Reported-by: Romain Geissler
|
||
Fixes #12084
|
||
Closes #12085
|
||
|
||
Version 8.4.0 (11 Oct 2023)
|
||
|
||
Daniel Stenberg (11 Oct 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- THANKS: add contributors from 8.4.0
|
||
|
||
Jay Satiro (11 Oct 2023)
|
||
|
||
- socks: return error if hostname too long for remote resolve
|
||
|
||
Prior to this change the state machine attempted to change the remote
|
||
resolve to a local resolve if the hostname was longer than 255
|
||
characters. Unfortunately that did not work as intended and caused a
|
||
security issue.
|
||
|
||
Bug: https://curl.se/docs/CVE-2023-38545.html
|
||
|
||
Stefan Eissing (10 Oct 2023)
|
||
|
||
- CI: remove slowed-network tests
|
||
|
||
- remove these tests as they are currently not reliable in our CI
|
||
setups.
|
||
|
||
curl handles the test cases, but CI sometimes fails on these due to
|
||
additional conditions. Rather than mix them in, an additional CI job
|
||
will be added in the future that is specific to them.
|
||
|
||
Closes https://github.com/curl/curl/pull/12075
|
||
|
||
Jay Satiro (10 Oct 2023)
|
||
|
||
- libcurl-env-dbg.3: move debug variables from libcurl-env.3
|
||
|
||
- Move documentation of libcurl environment variables used only in debug
|
||
builds from libcurl-env into a separate document libcurl-env-dbg.
|
||
|
||
- Document more debug environment variables.
|
||
|
||
Previously undocumented or missing a description:
|
||
|
||
CURL_ALTSVC_HTTP, CURL_DBG_SOCK_WBLOCK, CURL_DBG_SOCK_WPARTIAL,
|
||
CURL_DBG_QUIC_WBLOCK, CURL_DEBUG, CURL_DEBUG_SIZE, CURL_GETHOSTNAME,
|
||
CURL_HSTS_HTTP, CURL_FORCETIME, CURL_SMALLREQSEND, CURL_SMALLSENDS,
|
||
CURL_TIME.
|
||
|
||
Closes https://github.com/curl/curl/pull/11811
|
||
|
||
Dan Fandrich (9 Oct 2023)
|
||
|
||
- test670: increase the test timeout
|
||
|
||
This should make it more immune to loaded servers.
|
||
|
||
Ref: #11328
|
||
|
||
Stefan Eissing (9 Oct 2023)
|
||
|
||
- MQTT: improve receive of ACKs
|
||
|
||
- add `mq->recvbuf` to provide buffering of incomplete
|
||
ACK responses
|
||
- continue ACK reading until sufficient bytes available
|
||
- fixes test failures on low network receives
|
||
|
||
Closes #12071
|
||
|
||
Viktor Szakats (9 Oct 2023)
|
||
|
||
- quic: fix BoringSSL build
|
||
|
||
Add guard around `SSL_CTX_set_ciphersuites()` use.
|
||
|
||
Bug: https://github.com/curl/curl/pull/12065#issuecomment-1752171885
|
||
|
||
Follow-up to aa9a6a177017e4b74d33cdf85a3594900f4a7f81
|
||
|
||
Co-authored-by: Jay Satiro
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12067
|
||
|
||
Stefan Eissing (9 Oct 2023)
|
||
|
||
- test1540: improve reliability
|
||
|
||
- print that bytes have been received on pausing, but not how many
|
||
|
||
Closes #12069
|
||
|
||
- test2302: improve reliability
|
||
|
||
- make result print collected write data, unless
|
||
change in meta flags is detected
|
||
- will show same result even when data arrives via
|
||
several writecb invocations
|
||
|
||
Closes #12068
|
||
|
||
Daniel Stenberg (9 Oct 2023)
|
||
|
||
- curl_easy_pause: set "in callback" true on exit if true
|
||
|
||
Because it might have called another callback in the mean time that then
|
||
set the bit FALSE on exit.
|
||
|
||
Reported-by: Jay Satiro
|
||
Fixes #12059
|
||
Closes #12061
|
||
|
||
Viktor Szakats (8 Oct 2023)
|
||
|
||
- h3: add support for ngtcp2 with AWS-LC builds
|
||
|
||
```
|
||
curl 8.4.0-DEV (x86_64-apple-darwin) libcurl/8.4.0-DEV (SecureTransport) AWS-
|
||
LC/1.15.0 nghttp2/1.56.0 ngtcp2/0.19.1 nghttp3/0.15.0
|
||
Release-Date: [unreleased]
|
||
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps
|
||
mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp ws wss
|
||
Features: alt-svc AsynchDNS HSTS HTTP2 HTTP3 HTTPS-proxy IPv6 Largefile Multi
|
||
SSL NTLM SSL threadsafe UnixSockets
|
||
```
|
||
|
||
Also delete an obsolete GnuTLS TODO and update the header comment in
|
||
`FindNGTCP2.cmake`.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12066
|
||
|
||
- build: do not publish `HAVE_BORINGSSL`, `HAVE_AWSLC` macros
|
||
|
||
Syncing this up with CMake.
|
||
|
||
Source code uses the built-in `OPENSSL_IS_AWSLC` and
|
||
`OPENSSL_IS_BORINSSL` macros to detect BoringSSL and AWS-LC. No help is
|
||
necessary from the build tools.
|
||
|
||
The one use of `HAVE_BORINGSSL` in the source turned out to be no longer
|
||
necessary for warning-free BoringSSL + Schannel builds. Ref: #1610 #2634
|
||
|
||
autotools detects this anyway for display purposes.
|
||
CMake detects this to decide whether to use the BoringSSL-specific
|
||
crypto lib with ngtcp2. It detects AWS-LC, but doesn't use the detection
|
||
result just yet (planned in #12066).
|
||
|
||
Ref: #11964
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Reviewed-by: Jay Satiro
|
||
Closes #12065
|
||
|
||
Marc Hoersken (8 Oct 2023)
|
||
|
||
- CI: move distcheck job from Azure Pipelines to GitHub Actions
|
||
|
||
This will allow for more trigger excludes within Azure Pipelines.
|
||
|
||
Also fixes seemingly broken check with scripts/installcheck.sh.
|
||
Ref: 190374c74ec4e5247d9066544c86e8d095e1d7b5
|
||
|
||
Assisted-by: Philip Heiduck
|
||
Closes #9532
|
||
|
||
Daniel Stenberg (8 Oct 2023)
|
||
|
||
- url: fall back to http/https proxy env-variable if ws/wss not set
|
||
|
||
Reported-by: Craig Andrews
|
||
Fixes #12031
|
||
Closes #12058
|
||
|
||
Stefan Eissing (8 Oct 2023)
|
||
|
||
- cf-socket: simulate slow/blocked receives in debug
|
||
|
||
add 2 env variables for non-UDP sockets:
|
||
1. CURL_DBG_SOCK_RBLOCK: percentage of receive calls that randomly
|
||
should return EAGAIN
|
||
2. CURL_DBG_SOCK_RMAX: max amount of bytes read from socket
|
||
|
||
Closes #12035
|
||
|
||
- http2: refused stream handling for retry
|
||
|
||
- answer HTTP/2 streams refused via a GOAWAY from the server to
|
||
respond with CURLE_RECV_ERROR in order to trigger a retry
|
||
on another connection
|
||
|
||
Reported-by: black-desk on github
|
||
Ref #11859
|
||
Closes #12054
|
||
|
||
Jay Satiro (8 Oct 2023)
|
||
|
||
- CURLOPT_DEBUGFUNCTION.3: warn about internal handles
|
||
|
||
- Warn that the user's debug callback may be called with the handle
|
||
parameter set to an internal handle.
|
||
|
||
Without this warning the user may assume that the only handles their
|
||
debug callback receives are the easy handles on which they set
|
||
CURLOPT_DEBUGFUNCTION.
|
||
|
||
This is a follow-up to f8cee8cc which changed DoH handles to inherit
|
||
the debug callback function set in the user's easy handle. As a result
|
||
those handles are now passed to the user's debug callback function.
|
||
|
||
Closes https://github.com/curl/curl/pull/12034
|
||
|
||
- url: fix typo
|
||
|
||
Daniel Stenberg (8 Oct 2023)
|
||
|
||
- test458: verify --expand-output, expanding a file name accepting option
|
||
|
||
Verifies the fix in #12055 (commit f2c8086ff15e6e995e1)
|
||
|
||
- tool_getparam: accept variable expansion on file names too
|
||
|
||
Reported-by: PBudmark on github
|
||
Fixes #12048
|
||
Closes #12055
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- multi: do CURLM_CALL_MULTI_PERFORM at two more places
|
||
|
||
... when it does a state transition but there is no particular socket or
|
||
timer activity. This was made apparent when commit b5bb84c removed a
|
||
superfluous timer expiry.
|
||
|
||
Reported-by: Dan Fandrich.
|
||
Fixes #12033
|
||
Closes #12056
|
||
|
||
Viktor Szakats (7 Oct 2023)
|
||
|
||
- GHA/linux: mbedtls 3.5.0 + minor dep bumps
|
||
|
||
Closes #12057
|
||
|
||
Dan Fandrich (7 Oct 2023)
|
||
|
||
- CI: bump OpenLDAP package version on FreeBSD
|
||
|
||
The old one is no longer available.
|
||
|
||
Marc Hoersken (7 Oct 2023)
|
||
|
||
- docs/libcurl/opts/Makefile.inc: add missing manpage files
|
||
|
||
Detected with #9532
|
||
|
||
Dan Fandrich (7 Oct 2023)
|
||
|
||
- tests: fix a race condition in ftp server disconnect
|
||
|
||
If a client disconnected and reconnected quickly, before the ftp server
|
||
had a chance to respond, the protocol message/ack (ping/pong) sequence
|
||
got out of sync, causing messages sent to the old client to be delivered
|
||
to the new. A disconnect must now be acknowledged and intermediate
|
||
requests thrown out until it is, which ensures that such synchronization
|
||
problems can't occur. This problem could affect ftp, pop3, imap and smtp
|
||
tests.
|
||
|
||
Fixes #12002
|
||
Closes #12049
|
||
|
||
Viktor Szakats (7 Oct 2023)
|
||
|
||
- appveyor: bump mingw-w64 job to gcc 13 (was: 8)
|
||
|
||
This sets gcc 6, 7, 9, 13 in our test mix (was: 6, 7, 8, 9).
|
||
Adding a modern gcc version to the tests.
|
||
|
||
(The gcc 8 job used to take around 50 minutes. The new image with gcc 13
|
||
finished in 32, 35, 34 minutes in the 3 test runs so far.)
|
||
|
||
It also adds a modern CMake version and OS env to our mingw-w64 builds.
|
||
|
||
Closes #12051
|
||
|
||
David Benjamin (6 Oct 2023)
|
||
|
||
- openssl: use X509_ALGOR_get0 instead of reaching into X509_ALGOR
|
||
|
||
While the struct is still public in OpenSSL, there is a (somewhat
|
||
inconvenient) accessor. Use it to remain compatible if it becomes opaque
|
||
in the future.
|
||
|
||
Closes #12038
|
||
|
||
Daniel Stenberg (6 Oct 2023)
|
||
|
||
- curl_easy_pause.3: mention it works within callbacks
|
||
|
||
Reported-by: Maxim Dzhura
|
||
Bug: https://curl.se/mail/lib-2023-10/0010.html
|
||
Closes #12046
|
||
|
||
- curl_easy_pause.3: mention h2/h3 buffering
|
||
|
||
Asked-by: Maxim Dzhura
|
||
Ref: https://curl.se/mail/lib-2023-10/0011.html
|
||
|
||
Closes #12045
|
||
|
||
Viktor Szakats (6 Oct 2023)
|
||
|
||
- cmake: re-add missed C89 headers for specific detections
|
||
|
||
We removed C89 `setjmp.h` and `signal.h` detections and excluded them
|
||
from the global header list we use when detecting functions [1]. Then
|
||
missed to re-add these headers to the specific functions which need
|
||
them to be detected [2]. Fix this omission in this patch.
|
||
|
||
[1] Follow-up to 3795fcde995d96db641ddbcc8a04f9f0f03bef9f #11951
|
||
[2] Follow-up to 96c29900bcec32dd6bc8e9857c8871ff4b8b8ed9 #11940
|
||
|
||
Closes #12043
|
||
|
||
Daniel Stenberg (6 Oct 2023)
|
||
|
||
- multi: set CURLM_CALL_MULTI_PERFORM after switch to DOING_MORE
|
||
|
||
Since there is nothing to wait for there. Avoids the test 1233 hang
|
||
reported in #12033.
|
||
|
||
Reported-by: Dan Fandrich
|
||
Closes #12042
|
||
|
||
Dan Fandrich (5 Oct 2023)
|
||
|
||
- test1903: actually verify the cookies after the test
|
||
|
||
The test otherwise could do just about anything (except leak memory in
|
||
debug mode) and its bad behaviour wouldn't be detected. Now, check the
|
||
resulting cookie file to ensure the cookies are still there.
|
||
|
||
Closes #12041
|
||
|
||
- test: add missing <feature>s
|
||
|
||
The tests will otherwise fail if curl has them disabled.
|
||
|
||
- test1906: set a lower timeout since it's hit on Windows
|
||
|
||
msys2 builds actually hit the connect timeout in normal operation, so
|
||
lower the timeout from 5 minutes to 5 seconds to reduce test time.
|
||
|
||
Ref: #11328
|
||
Closes #12036
|
||
|
||
Daniel Stenberg (5 Oct 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Jay Satiro (5 Oct 2023)
|
||
|
||
- idn: fix WinIDN null ptr deref on bad host
|
||
|
||
- Return CURLE_URL_MALFORMAT if IDN hostname cannot be converted from
|
||
UTF-8 to UTF-16.
|
||
|
||
Prior to this change a failed conversion erroneously returned CURLE_OK
|
||
which meant 'decoded' pointer (what would normally point to the
|
||
punycode) would not be written to, remain NULL and be dereferenced
|
||
causing an access violation.
|
||
|
||
Closes https://github.com/curl/curl/pull/11983
|
||
|
||
Dan Fandrich (4 Oct 2023)
|
||
|
||
- tests: close the shell used to start sshd
|
||
|
||
This shell isn't needed once sshd starts, so use "exec" so it doesn't
|
||
stick around.
|
||
|
||
Closes #12032
|
||
|
||
Daniel Stenberg (4 Oct 2023)
|
||
|
||
- base64: also build for curl
|
||
|
||
Since the tool itself now uses the base64 code using the curlx way, it
|
||
needs to build also when the tool needs it. Starting now, the tool build
|
||
defines BULDING_CURL to allow lib-side code to use it.
|
||
|
||
Follow-up to 2e160c9c6525
|
||
|
||
Closes #12010
|
||
|
||
Eduard Strehlau (4 Oct 2023)
|
||
|
||
- tests: Fix zombie processes left behind by FTP tests.
|
||
|
||
ftpserver.pl correctly cleans up spawned server processes,
|
||
but forgets to wait for the shell used to spawn them.
|
||
This is barely noticeable during a normal testrun,
|
||
but causes process exhaustion and test failure
|
||
during a complete torture run of the FTP tests.
|
||
|
||
Fixes #12018
|
||
Closes #12020
|
||
|
||
Dan Fandrich (4 Oct 2023)
|
||
|
||
- github/labeler: improve labeler matches
|
||
|
||
- test574: add a timeout to the test
|
||
|
||
This one hangs occasionally, so this will speed up a test run and allow
|
||
logs to be seen when it does.
|
||
|
||
Closes #12025
|
||
|
||
- tests: propagate errors in libtests
|
||
|
||
Use the test macros to automatically propagate some errors, and check
|
||
and log others while running the tests. This can help in debugging
|
||
exactly why a test has failed.
|
||
|
||
- tests: set --expect100-timeout to improve test reliability
|
||
|
||
On an overloaded server, the default 1 second timeout can go by without
|
||
the test server having a chance to respond with the expected headers,
|
||
causing tests to fail. Increase the 1 second timeout to 99 seconds so
|
||
this failure mode is no longer a problem on test 1129. Some other tests
|
||
already set a high value, but make them consistently 99 seconds so if
|
||
something goes wrong the test is stalled for less time.
|
||
|
||
Ref: #11328
|
||
|
||
- CI: ignore the "flaky" and "timing-dependent" test results in CMake
|
||
|
||
This was already done for automake builds but CMake builds were missed.
|
||
Test 1086 actually causes the test harness to crash with:
|
||
|
||
Warning: unable to close filehandle DWRITE properly: Broken pipe at C:/projec
|
||
ts/curl/tests/ftpserver.pl line 527
|
||
|
||
Rather than fix it now, this change leaves test 1086 entirely skipped on
|
||
those builds that show this problem.
|
||
|
||
Follow-up to 589dca761
|
||
|
||
Ref: #11865
|
||
|
||
Viktor Szakats (4 Oct 2023)
|
||
|
||
- cmake: improve OpenLDAP builds
|
||
|
||
- cmake: detect OpenLDAP based on function `ldap_init_fd`.
|
||
autotools does this. autotools also publishes this detection result
|
||
in `HAVE_LDAP_INIT_FD`. We don't mimic that with CMake as the source
|
||
doesn't use this value. (it might need to be remove-listed in
|
||
`scripts/cmp-config.pl` for future OpenLDAP test builds.)
|
||
This also deletes existing self-declaration method via the
|
||
CMake-specific `CURL_USE_OPENLDAP` configuration.
|
||
|
||
- cmake: define `LDAP_DEPRECATED=1` for OpenLDAP.
|
||
Like autotools does. This fixes a long list of these warnings:
|
||
```
|
||
/usr/local/opt/openldap/include/ldap.h:1049:5: warning: 'LDAP_DEPRECATED' i
|
||
s not defined, evaluates to 0 [-Wundef]
|
||
```
|
||
|
||
- cmake: delete LDAP TODO comment no longer relevant.
|
||
|
||
Also:
|
||
|
||
- autotools: replace domain name `dummy` with `0.0.0.0` in LDAP feature
|
||
detection functions.
|
||
|
||
Ref: #11964 (effort to sync cmake detections with autotools)
|
||
|
||
Closes #12024
|
||
|
||
- cmake: fix unity builds for more build combinations
|
||
|
||
By using unique static function/variable names in source files
|
||
implementing these interfaces.
|
||
|
||
- OpenLDAP combined with any SSH backend.
|
||
|
||
- MultiSSL with mbedTLS, OpenSSL, wolfSSL, SecureTransport.
|
||
|
||
Closes #12027
|
||
|
||
Daniel Stenberg (4 Oct 2023)
|
||
|
||
- tests: remove leading spaces from some tags
|
||
|
||
The threee tags `<name>`, `</name>` and `<command>` were frequently used
|
||
with a leading space that this removes. The reason this habbit is so
|
||
widespread in testcases is probably that they have been copy and pasted.
|
||
|
||
Hence, fixing them all now might curb this practice from now on.
|
||
|
||
Closes #12028
|
||
|
||
Viktor Szakats (4 Oct 2023)
|
||
|
||
- GHA: bump actions/checkout
|
||
|
||
Follow-up to 2e0fa50fc16b9339f51e0a7bfff0352829323acb #11964
|
||
Follow-up to c39585d9b7ef3cbfc1380812dec60e7b275b6af3 #12000
|
||
|
||
Closes #12023
|
||
|
||
- spelling: fix codespell 2.2.6 typos
|
||
|
||
Closes #12019
|
||
|
||
Daniel Stenberg (3 Oct 2023)
|
||
|
||
- GHA: add workflow to compare configure vs cmake outputs
|
||
|
||
Uses scripts/cmp-config.pl two compare two curl_config.h files,
|
||
presumbly generated with configure and cmake. It displays the
|
||
differences and filters out a lot of known lines we ignore.
|
||
|
||
The script also shows the matches that were *not* used. Possibly
|
||
subjects for removal.
|
||
|
||
Closes #11964
|
||
|
||
- appveyor: enable test 571
|
||
|
||
Follow-up from 8a940fd55c175f7 / #12013
|
||
|
||
Closes #12017
|
||
|
||
Viktor Szakats (3 Oct 2023)
|
||
|
||
- build: alpha-sort source files for lib and src
|
||
|
||
Closes #12014
|
||
|
||
- cmake: delete old `HAVE_LDAP_URL_PARSE` logic
|
||
|
||
Left there by accident after adding proper detection for this.
|
||
|
||
Follow-up to 772f0d8edf1c3c2745543f42388ccec5a16ee2c0 #12006
|
||
|
||
Ref: #11964 (effort to sync cmake detections with autotools)
|
||
|
||
Closes #12015
|
||
|
||
Stefan Eissing (3 Oct 2023)
|
||
|
||
- tests: increase lib571 timeout from 3s to 30s
|
||
|
||
- 3s is too short for our CI, making this test fail occasionally
|
||
- test usually experiences no delay run locally, so 30s wont hurt
|
||
|
||
Closes #12013
|
||
|
||
Viktor Szakats (3 Oct 2023)
|
||
|
||
- cmake: fix unity with Windows Unicode + TrackMemory
|
||
|
||
Found the root cause of the startup crash in unity builds with Unicode
|
||
and TrackMemory enabled at the same time.
|
||
|
||
We must make sure that the `memdebug.h` header doesn't apply to
|
||
`lib/curl_multibyte.c` (as even noted in a comment there.) In unity
|
||
builds all headers apply to all sources, including `curl_multibyte.c`.
|
||
This probably resulted in an infinite loop on startup.
|
||
|
||
Exclude this source from unity compilation with TrackMemory enabled,
|
||
in both libcurl and curl tool. Enable unity mode for a debug Unicode
|
||
CI job to keep it tested. Also delete the earlier workaround that
|
||
fully disabled unity for affected builds.
|
||
|
||
Follow-up to d82b080f6374433ce7c98241329189ad2d3976f8 #12005
|
||
Follow-up to 3f8fc25720900b14b7432f4bd93407ca15311719 #11095
|
||
|
||
Closes #11928
|
||
|
||
- cmake: disable unity mode with Windows Unicode + TrackMemory
|
||
|
||
"TrackMemory" is `ENABLE_DEBUG=ON` (aka `ENABLE_CURLDEBUG=ON`,
|
||
aka `-DCURLDEBUG`).
|
||
|
||
There is an issue with memory tracking and Unicode when built in "unity"
|
||
mode, which results in the curl tool crashing right on startup, even
|
||
without any command-line option. Interestingly this doesn't happen under
|
||
WINE (at least on the system I tested this on), but consistenly happens
|
||
on real Windows machines. Crash is 0xC0000374 heap corruption. Both
|
||
shared and static curl executables are affected.
|
||
|
||
This limitation probably won't hit too many people, but it remains
|
||
a TODO to find and fix the root cause and drop this workaround.
|
||
|
||
Example builds and runs:
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/48169111/job/17cptxhtpubd
|
||
7iwj#L313 (static)
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/48169111/job/76e1ge758tby
|
||
qu9c#L317 (shared)
|
||
|
||
Follow-up to 3f8fc25720900b14b7432f4bd93407ca15311719 #11095
|
||
|
||
Ref: #11928
|
||
Closes #12005
|
||
|
||
- cmake: tidy-up `NOT_NEED_LBER_H` detection
|
||
|
||
Follow-up to 772f0d8edf1c3c2745543f42388ccec5a16ee2c0 #12006
|
||
|
||
- appveyor: rewrite batch in PowerShell + CI improvements
|
||
|
||
1. Rewrite in PowerShell:
|
||
|
||
- rewrite MS-DOS batch build script in PowerShell.
|
||
- move some bash operations into native PowerShell.
|
||
- fixups for PowerShell insisting on failure when a command outputs
|
||
something to stderr.
|
||
- fix to actually run `curl -V` after every build.
|
||
(and exclude ARM64 builds.)
|
||
- also say why we skipped `curl -V` if we had to skip.
|
||
- fix CMake warnings about unused configuration variables, by adapting
|
||
these dynamically for build cases.
|
||
- dedupe OpenSSL path into a variable.
|
||
- disable `test1451` failing with a warning anyway due to missing python
|
||
impacket. (after trying and failing to install impacket)
|
||
PowerShell promotes these warnings to errors by PowerShell. We can also
|
||
suppress they wholesale if they start causing issues in the future,
|
||
like we already to with `autoreconf` and `./configure`.
|
||
|
||
PowerShell is better than MS-DOS batches, so the hope is this makes it
|
||
easier to extend and maintain the AppVeyor build logic. POSIX/bash isn't
|
||
supported inline by AppVeyor on Windows build machines, but we are okay
|
||
to keep it in an external script, so it's also an option.
|
||
|
||
2. CI improvements:
|
||
|
||
- enable tests for a "unity" build job.
|
||
- speed-up CI initialization by using shallow clones of the curl repo.
|
||
- speed-up CMake MSVC jobs with `TrackFileAccess=false`.
|
||
- enable parallelism in `VisualStudioSolution` builds.
|
||
- display CMake version before builds.
|
||
- always show the CPU in job names.
|
||
- tell which jobs are build-only in job names.
|
||
- move `TESTING:` value next to `DISABLED_TESTS:` in two jobs.
|
||
- add `config.log` (autotools) to dumped logs (need to enable manually).
|
||
|
||
3. Style:
|
||
|
||
- use single-quotes in YAML like we do in other CI YAML files.
|
||
It also allows to drop quoting characters and lighter to write/read.
|
||
(keep double quotes for PowerShell strings needing expansion.)
|
||
|
||
Closes #11999
|
||
|
||
- cmake: fix `HAVE_LDAP_SSL`, `HAVE_LDAP_URL_PARSE` on non-Windows
|
||
|
||
- set `HAVE_LDAP_URL_PARSE` if `ldap_url_parse` function exists.
|
||
Before this patch we set it based it on the presence of `stricmp`,
|
||
which correctly enabled it on e.g. Windows, but was inaccurate for
|
||
other platforms.
|
||
|
||
- always set `HAVE_LDAP_SSL` if an LDAP backend is detected and
|
||
LDAPS is not explicitly disabled. This mimics autotools behaviour.
|
||
Previously we set it only for Windows LDAP. After this fix, LDAPS is
|
||
correctly enabled in default macOS builds.
|
||
|
||
- enable LDAP[S] for a CMake macOS CI job. Target OS X 10.9 (Mavericks)
|
||
to avoid deprecation warnings for LDAP API.
|
||
|
||
- always detect `HAVE_LDAP_SSL_H`, even with LDAPS explicitly disabled.
|
||
This doesn't make much sense, but let's do it to sync behaviour with
|
||
autotools.
|
||
|
||
- fix benign typo in variable name.
|
||
|
||
Ref: #11964 (effort to sync cmake detections with autotools)
|
||
|
||
Closes #12006
|
||
|
||
- autotools: restore `HAVE_IOCTL_*` detections
|
||
|
||
This restores `CURL_CHECK_FUNC_IOCTL` detection. I deleted it in
|
||
4d73854462f30948acab12984b611e9e33ee41e6 and
|
||
c3456652a0c72d1845d08df9769667db7e159949 (2022-08), because the
|
||
`HAVE_IOCTL` result it generated was unused in the source. But,
|
||
I did miss the fact that this had two dependent checks:
|
||
`CURL_CHECK_FUNC_IOCTL_FIONBIO`,
|
||
`CURL_CHECK_FUNC_IOCTL_SIOCGIFADDR` that we do actually need:
|
||
`HAVE_IOCTL_FIONBIO`, `HAVE_IOCTL_SIOCGIFADDR`.
|
||
|
||
Regression from 4d73854462f30948acab12984b611e9e33ee41e6
|
||
|
||
Ref: #11964 (effort to sync cmake detections with autotools)
|
||
|
||
Closes #12008
|
||
|
||
Daniel Stenberg (2 Oct 2023)
|
||
|
||
- RELEASE-PROCEDURE.md: updated coming release dates
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Viktor Szakats (1 Oct 2023)
|
||
|
||
- cmake: pre-cache `HAVE_POLL_FINE` on Windows
|
||
|
||
Windows doesn't support `poll()`, so we can safely skip checking for
|
||
fine poll.
|
||
|
||
Closes #12003
|
||
|
||
- gha: bump actions to latest versions
|
||
|
||
- actions@checkout@v4 (from v3 and v2)
|
||
|
||
- fsfe/reuse-action@v2 (from v1)
|
||
|
||
Closes #12000
|
||
|
||
Stefan Eissing (30 Sep 2023)
|
||
|
||
- h2: testcase and fix for pausing h2 streams
|
||
|
||
- refs #11982 where it was noted that paused transfers may
|
||
close successfully without delivering the complete data
|
||
- made sample poc into tests/http/client/h2-pausing.c and
|
||
added test_02_27 to reproduce
|
||
|
||
Closes #11989
|
||
Fixes #11982
|
||
Reported-by: Harry Sintonen
|
||
|
||
Viktor Szakats (30 Sep 2023)
|
||
|
||
- cmake: validate `CURL_DEFAULT_SSL_BACKEND` config value
|
||
|
||
Before this patch CMake builds accepted any value and it was used at
|
||
runtime as-is. This patch make sure that the selected default backend
|
||
is also enabled in the build. It also enforces a full lowercase value.
|
||
|
||
This improves reproducibility and brings CMake in sync with autotools
|
||
which already worked like described above.
|
||
|
||
Follow-up to 26c7feb8b9d51a57fab3325571b4bbfa03b11af0 #11774
|
||
|
||
Closes #11998
|
||
|
||
- autotools: adjust `CURL_CA_PATH` value to CMake
|
||
|
||
autotools was using the same value as CMake, but with an ending
|
||
slash. Delete the ending slash to match configurations.
|
||
|
||
Ref: #11964 (effort to sync cmake detections with autotools)
|
||
|
||
Closes #11997
|
||
|
||
- cmake: detect `sys/wait.h` and `netinet/udp.h`
|
||
|
||
Ref: #11964 (effort to sync cmake detections with autotools)
|
||
|
||
Closes #11996
|
||
|
||
Daniel Stenberg (30 Sep 2023)
|
||
|
||
- lib: provide and use Curl_hexencode
|
||
|
||
Generates a lower case ASCII hex output from a binary input.
|
||
|
||
Closes #11990
|
||
|
||
- configure: check for the capath by default
|
||
|
||
... if the chosen TLS backend supports it: OpenSSL, GnuTLS, mbedTLS or wolfSS
|
||
L
|
||
|
||
cmake: synced
|
||
|
||
Assisted-by: Viktor Szakats
|
||
Closes #11987
|
||
|
||
- wolfssl: ignore errors in CA path
|
||
|
||
The default wolfSSL_CTX_load_verify_locations() function is quite picky
|
||
with the certificates it loads and will for example return error if just
|
||
one of the certs has expired.
|
||
|
||
With the *_ex() function and its WOLFSSL_LOAD_FLAG_IGNORE_ERR flag, it
|
||
behaves more similar to what OpenSSL does by default.
|
||
|
||
Even the set of default certs on my Debian unstable has several expired
|
||
ones.
|
||
|
||
Assisted-by: Juliusz Sosinowicz
|
||
Assisted-by: Michael Osipov
|
||
|
||
Closes #11987
|
||
|
||
- create-dirs.d: clarify it also uses --output-dirs
|
||
|
||
Reported-by: Robert Simpson
|
||
Fixes #11991
|
||
Closes #11995
|
||
|
||
Viktor Szakats (30 Sep 2023)
|
||
|
||
- appveyor: fix yamlint issues, indent
|
||
|
||
Also:
|
||
- use double quotes in all batch if statements.
|
||
|
||
Closes #11994
|
||
|
||
- cmake: detect `HAVE_CLOCK_GETTIME_MONOTONIC_RAW`
|
||
|
||
Based on existing autotools logic.
|
||
|
||
Ref: #11964 (effort to sync cmake detections with autotools)
|
||
|
||
Closes #11981
|
||
|
||
- cmake: detect `HAVE_GETADDRINFO_THREADSAFE`
|
||
|
||
Based on existing autotools logic.
|
||
|
||
autotools checks for old versions of the allowlisted target OSes and
|
||
disables this feature when seeing them. In CMake we assume we're running
|
||
on newer systems and enable regardless of OS version.
|
||
|
||
autotools always runs all 3 probes for non-fast-tracked systems and
|
||
enables this feature if any one of them was successful. To save
|
||
configuration time, CMake stops at the first successful check.
|
||
|
||
OpenBSD is not fast-tracked and then gets blocklisted as a generic BSD
|
||
system. I haven't double-checked if this is correct, but looks odd.
|
||
|
||
Ref: #11964 (effort to sync cmake detections with autotools)
|
||
|
||
Closes #11979
|
||
|
||
- cmake: fix `HAVE_WRITABLE_ARGV` detection
|
||
|
||
Move detection before the creation of detection results in
|
||
`curl_config.h`.
|
||
|
||
Ref: #11964 (effort to sync cmake detections with autotools)
|
||
|
||
Closes #11978
|
||
|
||
- appveyor: minor improvements
|
||
|
||
- run `curl -V` after builds to see if they run and with what features.
|
||
Except for one job where a CRT DLL is missing. And ARM64 which should
|
||
fail, but is silently not launched instead.
|
||
|
||
- copy libcurl DLL next to curl tool and tests binaries in shared mode.
|
||
This makes it possible to run the tests. (We don't run tests after
|
||
these builds yet.)
|
||
|
||
- list the DLLs and EXEs present after the builds.
|
||
|
||
- add `DEBUG` variable for CMake builds to allow disabling it, for
|
||
testing non-debug builds. (currently enabled for all)
|
||
|
||
- add commented lines that dump CMake configuration logs for debugging
|
||
build/auto-detection issues.
|
||
|
||
- add gcc version to jobs where missing.
|
||
|
||
- switch a job to the native MSYS2 mingw-w64 toolchain. This adds gcc 9
|
||
to the build mix.
|
||
|
||
- make `SHARED=OFF` and `OPENSSL=OFF` defaults global.
|
||
|
||
- delete a duplicate backslash.
|
||
|
||
Closes #11976
|
||
|
||
- configure: replace adhoc domain with `localhost` in tests
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #11988
|
||
|
||
- tidy-up: use more example domains
|
||
|
||
Also make use of the example TLD:
|
||
https://en.wikipedia.org/wiki/.example
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #11992
|
||
|
||
Dan Fandrich (29 Sep 2023)
|
||
|
||
- runtests: display the test status if tests appear hung
|
||
|
||
It sometimes happens that a test hangs during a test run and never
|
||
returns. The test harness will wait indefinitely for the results and on
|
||
CI servers the CI job will eventually be killed after an hour or two.
|
||
At the end of a test run, if results haven't come in within a couple of
|
||
minutes, display the status of all test runners and what tests they're
|
||
running to help in debugging the problem.
|
||
|
||
This feature is really only kick in with parallel testing enabled, which
|
||
is fine because without parallel testing it's usually easy to tell what
|
||
test has hung.
|
||
|
||
Closes #11980
|
||
|
||
- github/labeler: remove workaround for labeler
|
||
|
||
This was added due to what seemed to be a bug regarding the sync-labels:
|
||
config option, but it looks like it wasn't necessary.
|
||
|
||
Follow-up to b2b0534e7
|
||
|
||
Viktor Szakats (29 Sep 2023)
|
||
|
||
- docs: upgrade an URL to HTTPS in `BINDINGS.md` [ci skip]
|
||
|
||
Daniel Stenberg (29 Sep 2023)
|
||
|
||
- docs: replace made up domains with example.com
|
||
|
||
in FAQ and MANUAL.md
|
||
|
||
- example.com was made for this purpose.
|
||
|
||
- reduces the risk that one of those domains suddenly start hosting
|
||
something nasty and we provide links to them
|
||
|
||
Closes #11986
|
||
|
||
Michael Osipov (29 Sep 2023)
|
||
|
||
- acinclude.m4: Document proper system truststore on FreeBSD
|
||
|
||
The default system truststore on FreeBSD has been /etc/ssl/certs for many
|
||
years now. It is managed canonically through certctl(8) and contains hashed
|
||
symlinks for OpenSSL and other TLS providers.
|
||
The previous ones require security/ca_root_nss which might not be installed o
|
||
r
|
||
will not contain any custom CA certificates.
|
||
|
||
Closes #11985
|
||
|
||
Daniel Stenberg (29 Sep 2023)
|
||
|
||
- FAQ: How do I upgrade curl.exe in Windows?
|
||
|
||
This is a growing question, better answer it here to get somewhere to
|
||
point users to.
|
||
|
||
Closes #11984
|
||
|
||
Viktor Szakats (28 Sep 2023)
|
||
|
||
- cmake: pre-cache `HAVE_BASENAME` for mingw-w64 and MSVC
|
||
|
||
`basename` is present in mingw-w64, missing from MSVC. Pre-cache
|
||
accordingly to make configure faster.
|
||
|
||
Notice that `basename` has a bug so we later disable it even with
|
||
mingw-w64:
|
||
https://github.com/curl/curl/blob/781242ffa44a9f9b95b6da5ac5a1bf6372ec6257/li
|
||
b/curl_setup.h#L820-L825
|
||
|
||
Closes #11974
|
||
|
||
Daniel Stenberg (28 Sep 2023)
|
||
|
||
- cmake: add missing checks
|
||
|
||
- check for arc4random. To make rand.c use it accordingly.
|
||
- check for fcntl
|
||
- fix fseek detection
|
||
- add SIZEOF_CURL_SOCKET_T
|
||
- fix USE_UNIX_SOCKETS
|
||
- define HAVE_SNPRINTF to 1
|
||
- check for fnmatch
|
||
- check for sched_yield
|
||
- remove HAVE_GETPPID duplicate from curl_config.h
|
||
- add HAVE_SENDMSG
|
||
|
||
Ref: #11964
|
||
|
||
Co-authored-by: Viktor Szakats
|
||
Closes #11973
|
||
|
||
- configure: remove unused checks
|
||
|
||
- for sys/uio.h
|
||
- for fork
|
||
- for connect
|
||
|
||
Ref: #11964
|
||
|
||
Closes #11973
|
||
|
||
- lib: remove TIME_WITH_SYS_TIME
|
||
|
||
It is not used in any code anywhere.
|
||
|
||
Ref: #11964
|
||
Closes #11975
|
||
|
||
- docs: update curl man page references
|
||
|
||
Detected by the manpage-syntax update
|
||
|
||
Closes #11963
|
||
|
||
- manpage-syntax: verify curl man page references
|
||
|
||
1. References to curl symbols are now checked that they indeed exist as
|
||
man pages. This for \f references as well as the names referenced in the
|
||
SEE ALSO section.
|
||
|
||
Allowlist curl.1 since it is not always built in builds
|
||
|
||
2. References to curl symbols that lack section now causes warning, since tha
|
||
t
|
||
will prevent them from getting linked properly
|
||
|
||
3. Check for "bare" references to curl functions and warn, they should be
|
||
references
|
||
|
||
Closes #11963
|
||
|
||
- cmake: add check for suseconds_t
|
||
|
||
And fix the HAVE_LONGLONG define
|
||
|
||
Ref: #11964
|
||
Closes #11977
|
||
|
||
Viktor Szakats (28 Sep 2023)
|
||
|
||
- tidy-up: whitespace fixes
|
||
|
||
Closes #11972
|
||
|
||
- cmake: detect TLS-SRP in OpenSSL/wolfSSL/GnuTLS
|
||
|
||
With new option `CURL_DISABLE_SRP=ON` to force-disable it.
|
||
To match existing option and detection logic in autotools.
|
||
|
||
Also:
|
||
- fix detecting GnuTLS.
|
||
We assume `nettle` as a GnuTLS dependency.
|
||
- add CMake GnuTLS CI job.
|
||
- bump AppVeyor CMake OpenSSL MSVC job to OpenSSL 1.1.1 (from 1.0.2)
|
||
TLS-SRP fails to detect with 1.0.2 due to an OpenSSL header bug.
|
||
- fix compiler warning when building with GnuTLS and disabled TLS-SRP.
|
||
- fix comment typos, whitespace.
|
||
|
||
Ref: #11964
|
||
|
||
Closes #11967
|
||
|
||
- tool: use our own stderr variable
|
||
|
||
Earlier this year we changed our own stderr variable to use the standard
|
||
name `stderr` (to avoid bugs where someone is using `stderr` instead of
|
||
the curl-tool specific variable). This solution needed to override the
|
||
standard `stderr` symbol via the preprocessor. This in turn didn't play
|
||
well with unity builds and caused curl tool to crash or stay silent due
|
||
to an uninitialized stderr. This was a hard to find issue, fixed by
|
||
manually breaking out one file from the unity sources.
|
||
|
||
To avoid two these two tricks, this patch implements a different
|
||
solution: Restore using our own local variable for our stderr output and
|
||
leave `stderr` as-is. To avoid using `stderr` by mistake, add a
|
||
`checksrc` rule (based on logic we already used in lib for `strerror`)
|
||
that detects any `stderr` use in `src` and points to using our own
|
||
variable instead: `tool_stderr`.
|
||
|
||
Follow-up to 06133d3e9b8aeb9e9ca0b3370c246bdfbfc8619e
|
||
Follow-up to 2f17a9b654121dd1ecf4fc043c6d08a9da3522db
|
||
|
||
Closes #11958
|
||
|
||
Loïc Yhuel (28 Sep 2023)
|
||
|
||
- connect: only start the happy eyeballs timer when needed
|
||
|
||
The timeout is only used when there is a second address family, for the
|
||
delayed eyeballer.
|
||
|
||
Closes #11939
|
||
|
||
Daniel Stenberg (28 Sep 2023)
|
||
|
||
- tool_operate: free 'gateway' correctly
|
||
|
||
Pointed out by Coverity. The fix in 93885cf3a8d4e was incomplete.
|
||
|
||
Also removed repeated wording in IPFS related error messages.
|
||
|
||
Closes #11969
|
||
|
||
Stefan Eissing (28 Sep 2023)
|
||
|
||
- lib: move handling of `data->req.writer_stack` into Curl_client_write()
|
||
|
||
- move definitions from content_encoding.h to sendf.h
|
||
- move create/cleanup/add code into sendf.c
|
||
- installed content_encoding writers will always be called
|
||
on Curl_client_write(CLIENTWRITE_BODY)
|
||
- Curl_client_cleanup() frees writers and tempbuffers from
|
||
paused transfers, irregardless of protocol
|
||
|
||
Closes #11908
|
||
|
||
Loïc Yhuel (28 Sep 2023)
|
||
|
||
- multi: round the timeout up to prevent early wakeups
|
||
|
||
Curl_timediff rounds down to the millisecond, so curl_multi_perform can
|
||
be called too early, then we get a timeout of 0 and call it again.
|
||
|
||
The code already handled the case of timeouts which expired less than
|
||
1ms in the future. By rounding up, we make sure we will never ask the
|
||
platform to wake up too early.
|
||
|
||
Closes #11938
|
||
|
||
Daniel Stenberg (28 Sep 2023)
|
||
|
||
- RELEASE-NOTES: spell out that IPFS is via gateway
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- tool_operate: avoid strlen() -1 on zero length content from file
|
||
|
||
Follow-up to 65b563a96a226649ba12cb1e
|
||
|
||
Closes #11959
|
||
|
||
- tool_operate: fix memory mixups
|
||
|
||
Switch to plain getenv() from curl_getenv() to avoid the allocation and
|
||
having to keep track of which free() or curl_free() that need to be
|
||
used.
|
||
|
||
Coverity found issues and a memory leak.
|
||
|
||
Follow-up to 65b563a96a226649ba12cb1e
|
||
|
||
Closes #11959
|
||
|
||
Viktor Szakats (27 Sep 2023)
|
||
|
||
- curl-functions.m4: fixup recent bad edits
|
||
|
||
Follow-up to 96c29900bcec32dd6bc8e9857c8871ff4b8b8ed9 #11940
|
||
|
||
Closes #11966
|
||
|
||
Daniel Stenberg (27 Sep 2023)
|
||
|
||
- curl-functions.m4: fix include line
|
||
|
||
This made the getaddrinfo detection fail, but we did not spot it in the
|
||
CI because it graciously falled back to using legacy functions instead!
|
||
|
||
Follow-up to 96c29900bcec (#11940)
|
||
|
||
Closes #11965
|
||
|
||
- inet_ntop: add typecast to silence Coverity
|
||
|
||
CID 1024653: Integer handling issues (SIGN_EXTENSION)
|
||
|
||
Suspicious implicit sign extension: "src[i]" with type "unsigned char
|
||
const" (8 bits, unsigned) is promoted in "src[i] << (1 - i % 2 << 3)" to
|
||
type "int" (32 bits, signed), then sign-extended to type "unsigned long"
|
||
(64 bits, unsigned). If "src[i] << (1 - i % 2 << 3)" is greater than
|
||
0x7FFFFFFF, the upper bits of the result will all be 1.
|
||
|
||
111 words[i/2] |= (src[i] << ((1 - (i % 2)) << 3));
|
||
|
||
The value will not be greater than 0x7FFFFFFF so this still cannot
|
||
happen.
|
||
|
||
Also, switch to ints here instead of longs. The values stored are 16 bit
|
||
so at least no need to use 64 bit variables. Also, longs are 32 bit on
|
||
some platforms so this logic still needs to work with 32 bits.
|
||
|
||
Closes #11960
|
||
|
||
- docs: adapt SEE ALSO sections to new requirements
|
||
|
||
To please manpage-syntax.pl used by test 1173
|
||
|
||
Closes #11957
|
||
|
||
- manpage-syntax.pl: verify SEE ALSO syntax
|
||
|
||
- Enforce a single reference per .BR line
|
||
- Skip the quotes around the section number for example (3)
|
||
- Insist on trailing commas on all lines except the last
|
||
- Error on comma on the last SEE ALSO entry
|
||
|
||
- List the entries alpha-sorted, not enforced just recommended
|
||
|
||
Closes #11957
|
||
|
||
- connect: expire the timeout when trying next
|
||
|
||
... so that it gets called again immediately and can continue trying
|
||
addresses to connect to. Otherwise it might unnecessarily wait for a
|
||
while there.
|
||
|
||
Fixes #11920
|
||
Reported-by: Loïc Yhuel
|
||
Closes #11935
|
||
|
||
- http: remove wrong comment for http_should_fail
|
||
|
||
Reported-by: Christian Schmitz
|
||
Ref: #11936
|
||
Closes #11941
|
||
|
||
Dan Fandrich (26 Sep 2023)
|
||
|
||
- tool_setopt: remove unused function tool_setopt_flags
|
||
|
||
This function is identical to tool_setopt_bitmask except that it treats
|
||
the argument as unsigned.
|
||
|
||
Closes #11943
|
||
|
||
Viktor Szakats (26 Sep 2023)
|
||
|
||
- cmake: add feature checks for `memrchr` and `getifaddrs`
|
||
|
||
- `HAVE_MEMRCHR` for `memrchr`.
|
||
- `HAVE_GETIFADDRS` for `getifaddrs`.
|
||
This was present in `lib/curl_config.h.cmake` but missed the detection
|
||
logic.
|
||
|
||
To match existing autotools feature checks.
|
||
|
||
Closes #11954
|
||
|
||
- cmake: move global headers to specific checks
|
||
|
||
Before this patch we added standard headers unconditionally to the
|
||
global list of headers used for feature checks. This is unnecessary
|
||
and also doesn't help CMake 'Generate' performance. This patch moves
|
||
these headers to each feature check where they are actually needed.
|
||
Stop using `stddef.h`, as it seems unnecessary.
|
||
|
||
I've used autotools' `m4/curl-functions.m4` to figure out these
|
||
dependencies.
|
||
|
||
Also delete checking for the C89 standard header `time.h`, that I
|
||
missed in the earlier commit.
|
||
|
||
Ref: 96c29900bcec32dd6bc8e9857c8871ff4b8b8ed9 #11940
|
||
|
||
Closes #11951
|
||
|
||
- src/mkhelp: make generated code pass `checksrc`
|
||
|
||
Closes #11955
|
||
|
||
- tests: show which curl tool `runtests.pl` is using
|
||
|
||
To help debugging when there is issue finding or running it.
|
||
|
||
Closes #11953
|
||
|
||
- CI/azure: make `MAKEFLAGS` global to parallelize all jobs
|
||
|
||
https://dev.azure.com/daniel0244/curl/_build/results?buildId=17528 (before)
|
||
https://dev.azure.com/daniel0244/curl/_build/results?buildId=17545 (after, wi
|
||
th -j3)
|
||
|
||
Closes #11952
|
||
|
||
- CI/azure: migrate old mingw MSYS1 jobs to MSYS2
|
||
|
||
Also delete an accidental variable reference.
|
||
|
||
Follow-up to 38029101e2d78ba125732b3bab6ec267b80a0e72
|
||
|
||
Closes #11945
|
||
|
||
Daniel Stenberg (26 Sep 2023)
|
||
|
||
- docs: add see also curl_multi_get_handles to some man pages
|
||
|
||
Assisted-by: Jay Satiro
|
||
|
||
Closes #11942
|
||
|
||
Viktor Szakats (26 Sep 2023)
|
||
|
||
- cmake: assume `_fseeki64` and no `fseeko` on Windows
|
||
|
||
`_fseeki64` is present in mingw-w64 1.0 (2011-09-26) headers, and
|
||
at least Watcom C 1.9 (2010) headers and MSVS 2008 [1].
|
||
|
||
`fseeko` is not present in any of these.
|
||
|
||
(mingw-w64 1.0 also offers `fseeko64`.)
|
||
|
||
[1] https://github.com/curl/curl/pull/11944#issuecomment-1734995004
|
||
|
||
Follow-up to 9c7165e96a3a9a2d0b7059c87c699b5ca8cdae93 #11918
|
||
|
||
Closes #11950
|
||
|
||
- build: delete checks for C89 standard headers
|
||
|
||
Delete checks and guards for standard C89 headers and assume these are
|
||
available: `stdio.h`, `string.h`, `time.h`, `setjmp.h`, `stdlib.h`,
|
||
`stddef.h`, `signal.h`.
|
||
|
||
Some of these we already used unconditionally, some others we only used
|
||
for feature checks.
|
||
|
||
Follow-up to 9c7165e96a3a9a2d0b7059c87c699b5ca8cdae93 #11918 (for `stdio.h` i
|
||
n CMake)
|
||
|
||
Closes #11940
|
||
|
||
Stefan Eissing (26 Sep 2023)
|
||
|
||
- multiif.h: remove Curl_multi_dump declaration
|
||
|
||
Follow-up to d850eea2 which removed the Curl_multi_dump definition.
|
||
|
||
Closes https://github.com/curl/curl/pull/11946
|
||
|
||
Jay Satiro (26 Sep 2023)
|
||
|
||
- config-win32: define HAVE__FSEEKI64
|
||
|
||
Follow-up to 9c7165e9 which added an fseeko wrapper to the lib that
|
||
calls _fseeki64 if it is available.
|
||
|
||
Closes https://github.com/curl/curl/pull/11944
|
||
|
||
- docs: explain how PINNEDPUBLICKEY is independent of VERIFYPEER
|
||
|
||
- Explain that peer verification via CURLOPT_PINNEDPUBLICKEY takes place
|
||
even if peer verification via CURLOPT_SSL_VERIFYPEER is turned off.
|
||
|
||
The behavior is verified by test2048.
|
||
|
||
Bug: https://github.com/curl/curl/issues/2935#issuecomment-418371872
|
||
Reported-by: claudiusaiz@users.noreply.github.com
|
||
|
||
Bug: https://github.com/curl/curl/discussions/11910
|
||
Reported-by: Hakan Sunay Halil
|
||
|
||
Closes https://github.com/curl/curl/pull/11930
|
||
|
||
Stefan Eissing (26 Sep 2023)
|
||
|
||
- openssl: improve ssl shutdown handling
|
||
|
||
- If SSL shutdown is not finished then make an additional call to
|
||
SSL_read to gather additional tracing.
|
||
|
||
- Fix http2 and h2-proxy filters to forward do_close() calls to the next
|
||
filter.
|
||
|
||
For example h2 and SSL shutdown before and after this change:
|
||
|
||
Before:
|
||
|
||
Curl_conn_close -> cf_hc_close -> Curl_conn_cf_discard_chain ->
|
||
ssl_cf_destroy
|
||
|
||
After:
|
||
|
||
Curl_conn_close -> cf_hc_close -> cf_h2_close -> cf_setup_close ->
|
||
ssl_cf_close
|
||
|
||
Note that currently the tracing does not show output on the connection
|
||
closure handle. Refer to discussion in #11878.
|
||
|
||
Ref: https://github.com/curl/curl/discussions/11878
|
||
|
||
Closes https://github.com/curl/curl/pull/11858
|
||
|
||
Loïc Yhuel (26 Sep 2023)
|
||
|
||
- multi: fix small timeouts
|
||
|
||
Since Curl_timediff rounds down to the millisecond, timeouts which
|
||
expire in less than 1ms are considered as outdated and removed from the
|
||
list. We can use Curl_timediff_us instead, big timeouts could saturate
|
||
but this is not an issue.
|
||
|
||
Closes #11937
|
||
|
||
Viktor Szakats (25 Sep 2023)
|
||
|
||
- cmake: fix stderr initialization in unity builds
|
||
|
||
Before this patch, in certain build configurations the curl tool may
|
||
not have displayed anything (debug, macOS), or crashed at startup
|
||
(debug, Windows).
|
||
|
||
Follow-up to 3f8fc25720900b14b7432f4bd93407ca15311719
|
||
Necessary after 2f17a9b654121dd1ecf4fc043c6d08a9da3522db
|
||
|
||
Closes #11929
|
||
|
||
- cmake: fix missing `zlib.h` when compiling `libcurltool`
|
||
|
||
Came up while testing debug/testing build for Windows. I'm not sure why
|
||
it didn't come up in earlier tests with similar config.
|
||
`tool_hugehelp.c` might indeed require `zlib.h` and without linking
|
||
`CURL_LIBS` to the `curltool` target, CMake doesn't seem to add detected
|
||
dependency headers to the compiler command.
|
||
|
||
```
|
||
[ 25%] Building C object src/CMakeFiles/curltool.dir/tool_hugehelp.c.obj
|
||
cd .../curl/bld-cmake-llvm-x64/src && /usr/local/opt/llvm/bin/clang
|
||
--target=x86_64-w64-mingw32 --sysroot=/usr/local/opt/mingw-w64/toolchain-x8
|
||
6_64
|
||
-DCURLDEBUG -DCURL_STATICLIB -DHAVE_CONFIG_H -DUNICODE -DUNITTESTS -D_UNICO
|
||
DE
|
||
-I.../curl/include -I.../curl/lib -I.../curl/bld-cmake-llvm-x64/lib
|
||
-I.../curl/bld-cmake-llvm-x64/include -I.../curl/src -Wno-unused-command-li
|
||
ne-argument
|
||
-D_UCRT -DDEBUGBUILD -DHAS_ALPN -DUSE_MANUAL=1 -fuse-ld=lld -Wl,-s -static
|
||
-libgcc
|
||
-lucrt [...] -O3 -DNDEBUG -municode -MD
|
||
-MT src/CMakeFiles/curltool.dir/tool_hugehelp.c.obj
|
||
-MF CMakeFiles/curltool.dir/tool_hugehelp.c.obj.d
|
||
-o CMakeFiles/curltool.dir/tool_hugehelp.c.obj -c .../curl/bld-cmake-llvm-x
|
||
64/src/tool_hugehelp.c
|
||
.../curl/bld-cmake-llvm-x64/src/tool_hugehelp.c:6:10: fatal error: 'zlib.h' f
|
||
ile not found
|
||
6 | #include <zlib.h>
|
||
| ^~~~~~~~
|
||
```
|
||
|
||
Follow-up to 39e7c22bb459c2e818f079984989a26a09741860
|
||
|
||
Closes #11927
|
||
|
||
- cmake: fix duplicate symbols when linking tests
|
||
|
||
The linker resolves this automatically in non-unity builds. In unity
|
||
builds the linker cannot drop a single object with the duplicates,
|
||
resulting in these errors. The root issue is that we started including
|
||
certain objects both via both libcurlu and libcurltool libs.
|
||
|
||
Regression from 39e7c22bb459c2e818f079984989a26a09741860
|
||
|
||
Windows errors:
|
||
```
|
||
[ 3%] Linking C executable unit1303.exe
|
||
[ 3%] Building C object tests/server/CMakeFiles/rtspd.dir/__/__/lib/curl_mul
|
||
tibyte.c.obj
|
||
../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_convert_UTF8_to_wch
|
||
ar':
|
||
C:/projects/curl/lib/curl_multibyte.c:44: multiple definition of `curlx_conve
|
||
rt_UTF8_to_wchar'
|
||
../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
|
||
c:44: first defined here
|
||
../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_convert_wchar_to_UT
|
||
F8':
|
||
C:/projects/curl/lib/curl_multibyte.c:66: multiple definition of `curlx_conve
|
||
rt_wchar_to_UTF8'
|
||
../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
|
||
c:66: first defined here
|
||
../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_win32_open':
|
||
C:/projects/curl/lib/curl_multibyte.c:92: multiple definition of `curlx_win32
|
||
_open'
|
||
../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
|
||
c:92: first defined here
|
||
../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_win32_fopen':
|
||
C:/projects/curl/lib/curl_multibyte.c:120: multiple definition of `curlx_win3
|
||
2_fopen'
|
||
../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
|
||
c:120: first defined here
|
||
../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_win32_stat':
|
||
[...]
|
||
```
|
||
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/48110107/job/nvlhpt9
|
||
aa4ehny5q#L247
|
||
|
||
macOS errors:
|
||
```
|
||
[ 56%] Linking C executable unit1302
|
||
duplicate symbol '_curlx_sotouz' in:
|
||
../../lib/libcurlu.a(unity_0_c.c.o)
|
||
../../src/libcurltool.a(unity_0_c.c.o)
|
||
duplicate symbol '_curlx_sitouz' in:
|
||
../../lib/libcurlu.a(unity_0_c.c.o)
|
||
../../src/libcurltool.a(unity_0_c.c.o)
|
||
duplicate symbol '_curlx_uztosz' in:
|
||
../../lib/libcurlu.a(unity_0_c.c.o)
|
||
../../src/libcurltool.a(unity_0_c.c.o)
|
||
[...]
|
||
```
|
||
with config:
|
||
```
|
||
-DCMAKE_UNITY_BUILD=ON \
|
||
-DENABLE_DEBUG=ON -DBUILD_TESTING=ON -DCMAKE_C_FLAGS=-DDEBUGBUILD \
|
||
-DBUILD_SHARED_LIBS=ON \
|
||
-DBUILD_STATIC_LIBS=OFF
|
||
```
|
||
|
||
Closes #11926
|
||
|
||
- cmake: lib `CURL_STATICLIB` fixes (Windows)
|
||
|
||
- always define `CURL_STATICLIB` when building libcurl for Windows.
|
||
|
||
This disables `__declspec(dllexport)` for exported libcurl symbols.
|
||
In normal mode (hide symbols) these exported symbols are specified
|
||
via `libcurl.def`. When not hiding symbols, all symbols are exported
|
||
by default.
|
||
|
||
Regression from 1199308dbc902c52be67fc805c72dd2582520d30
|
||
|
||
Fixes #11844
|
||
|
||
- fix to omit `libcurl.def` when not hiding private symbols.
|
||
|
||
Regression from 2ebc74c36a19a1700af394c16855ce144d9878e3
|
||
|
||
- fix `ENABLED_DEBUG=ON` + shared curl tool Windows builds by also
|
||
omitting `libcurl.def` in this case, and exporting all symbols
|
||
instead. This ensures that a shared curl tool can access all debug
|
||
functions which are not normally exported from libcurl DLL.
|
||
|
||
- delete `INTERFACE_COMPILE_DEFINITIONS "CURL_STATICLIB"` for "objects"
|
||
target.
|
||
|
||
Follow-up to 2ebc74c36a19a1700af394c16855ce144d9878e3
|
||
|
||
- delete duplicate `BUILDING_LIBCURL` definitions.
|
||
|
||
- fix `HIDES_CURL_PRIVATE_SYMBOLS` to not overwrite earlier build settings.
|
||
|
||
Follow-up to 1199308dbc902c52be67fc805c72dd2582520d30
|
||
|
||
Closes #11914
|
||
|
||
Daniel Stenberg (25 Sep 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Dan Fandrich (25 Sep 2023)
|
||
|
||
- tests: fix log directory path in IPFS tests
|
||
|
||
Hard-coding the log directory name fails with parallel tests.
|
||
|
||
Follow-up to 65b563a96
|
||
|
||
Ref: #8805
|
||
|
||
Daniel Stenberg (25 Sep 2023)
|
||
|
||
- curl_multi_get_handles: get easy handles from a multi handle
|
||
|
||
Closes #11750
|
||
|
||
Stefan Eissing (25 Sep 2023)
|
||
|
||
- http: h1/h2 proxy unification
|
||
|
||
- use shared code for setting up the CONNECT request
|
||
when tunneling, used in HTTP/1.x and HTTP/2 proxying
|
||
- eliminate use of Curl_buffer_send() and other manipulations
|
||
of `data->req` or `data->state.ulbuf`
|
||
|
||
Closes #11808
|
||
|
||
Natanael Copa (25 Sep 2023)
|
||
|
||
- lib: use wrapper for curl_mime_data fseek callback
|
||
|
||
fseek uses long offset which does not match with curl_off_t. This leads
|
||
to undefined behavior when calling the callback and caused failure on
|
||
arm 32 bit.
|
||
|
||
Use a wrapper to solve this and use fseeko which uses off_t instead of
|
||
long.
|
||
|
||
Thanks to the nice people at Libera IRC #musl for helping finding this
|
||
out.
|
||
|
||
Fixes #11882
|
||
Fixes #11900
|
||
Closes #11918
|
||
|
||
- configure: sort AC_CHECK_FUNCS
|
||
|
||
No functional changes.
|
||
|
||
Daniel Stenberg (25 Sep 2023)
|
||
|
||
- warnless: remove unused functions
|
||
|
||
Previously put there for use with the intel compiler
|
||
|
||
Closes #11932
|
||
|
||
- GHA/linux: run singleuse to detect single-use global functions
|
||
|
||
Use --unit for configure --enable-debug builds
|
||
|
||
Closes #11932
|
||
|
||
- singleuse: add scan for use in other source codes
|
||
|
||
This should reduce false-positive to almost zero. Checks for presence in
|
||
unit tests if --unit is specified, which is intended for debug builds
|
||
where unit testing is enabled.
|
||
|
||
Closes #11932
|
||
|
||
- multi: remove Curl_multi_dump
|
||
|
||
A debug-only function that is basically never used. Removed to ease the
|
||
use of the singleuse script to detect non-static functions not used
|
||
outside the file where it is defined.
|
||
|
||
Closes #11931
|
||
|
||
Viktor Szakats (24 Sep 2023)
|
||
|
||
- tests: fix compiler warnings
|
||
|
||
Seen with llvm 17 on Windows x64.
|
||
|
||
```
|
||
.../curl/tests/server/rtspd.c:136:13: warning: no previous extern declaration
|
||
for non-static variable 'logdir' [-Wmissing-variable-declarations]
|
||
136 | const char *logdir = "log";
|
||
| ^
|
||
.../curl/tests/server/rtspd.c:136:7: note: declare 'static' if the variable i
|
||
s not intended to be used outside of this translation unit
|
||
136 | const char *logdir = "log";
|
||
| ^
|
||
.../curl/tests/server/rtspd.c:137:6: warning: no previous extern declaration
|
||
for non-static variable 'loglockfile' [-Wmissing-variable-declarations]
|
||
137 | char loglockfile[256];
|
||
| ^
|
||
.../curl/tests/server/rtspd.c:137:1: note: declare 'static' if the variable i
|
||
s not intended to be used outside of this translation unit
|
||
137 | char loglockfile[256];
|
||
| ^
|
||
.../curl/tests/server/fake_ntlm.c:43:13: warning: no previous extern declarat
|
||
ion for non-static variable 'logdir' [-Wmissing-variable-declarations]
|
||
43 | const char *logdir = "log";
|
||
| ^
|
||
.../curl/tests/server/fake_ntlm.c:43:7: note: declare 'static' if the variabl
|
||
e is not intended to be used outside of this translation unit
|
||
43 | const char *logdir = "log";
|
||
| ^
|
||
.../curl/src/tool_doswin.c:350:8: warning: possible misuse of comma operator
|
||
here [-Wcomma]
|
||
350 | ++d, ++s;
|
||
| ^
|
||
.../curl/src/tool_doswin.c:350:5: note: cast expression to void to silence wa
|
||
rning
|
||
350 | ++d, ++s;
|
||
| ^~~
|
||
| (void)( )
|
||
```
|
||
|
||
```
|
||
.../curl/tests/libtest/lib540.c:146:27: warning: result of comparison 'long'
|
||
> 2147483647 is always false [-Wtautological-type-limit-compare]
|
||
146 | int itimeout = (L > (long)INT_MAX) ? INT_MAX : (int)L;
|
||
| ~ ^ ~~~~~~~~~~~~~
|
||
1 warning generated.
|
||
|
||
.../curl/tests/libtest/libntlmconnect.c:195:31: warning: result of comparison
|
||
'long' > 2147483647 is always false [-Wtautological-type-limit-compare]
|
||
195 | int itimeout = (timeout > (long)INT_MAX) ? INT_MAX : (int)timeo
|
||
ut;
|
||
| ~~~~~~~ ^ ~~~~~~~~~~~~~
|
||
1 warning generated.
|
||
|
||
.../curl/tests/libtest/lib591.c:117:31: warning: result of comparison 'long'
|
||
> 2147483647 is always false [-Wtautological-type-limit-compare]
|
||
117 | int itimeout = (timeout > (long)INT_MAX) ? INT_MAX : (int)timeo
|
||
ut;
|
||
| ~~~~~~~ ^ ~~~~~~~~~~~~~
|
||
1 warning generated.
|
||
.../curl/tests/libtest/lib597.c:99:31: warning: result of comparison 'long' >
|
||
2147483647 is always false [-Wtautological-type-limit-compare]
|
||
99 | int itimeout = (timeout > (long)INT_MAX) ? INT_MAX : (int)timeo
|
||
ut;
|
||
| ~~~~~~~ ^ ~~~~~~~~~~~~~
|
||
1 warning generated.
|
||
```
|
||
|
||
Seen on macOS Intel:
|
||
```
|
||
.../curl/tests/server/sws.c:440:64: warning: field precision should have type
|
||
'int', but argument has type 'size_t' (aka 'unsigned long') [-Wformat]
|
||
msnprintf(logbuf, sizeof(logbuf), "Got request: %s %.*s HTTP/%d.%d"
|
||
,
|
||
~~^~
|
||
1 warning generated.
|
||
```
|
||
|
||
Closes #11925
|
||
|
||
Jay Satiro (24 Sep 2023)
|
||
|
||
- url: fix netrc info message
|
||
|
||
- Fix netrc info message to use the generic ".netrc" filename if the
|
||
user did not specify a netrc location.
|
||
|
||
- Update --netrc doc to add that recent versions of curl on Windows
|
||
prefer .netrc over _netrc.
|
||
|
||
Before:
|
||
* Couldn't find host google.com in the (nil) file; using defaults
|
||
|
||
After:
|
||
* Couldn't find host google.com in the .netrc file; using defaults
|
||
|
||
Closes https://github.com/curl/curl/pull/11904
|
||
|
||
Dan Fandrich (23 Sep 2023)
|
||
|
||
- wolfssh: do cleanup in Curl_ssh_cleanup
|
||
|
||
Closes: #11921
|
||
|
||
Daniel Stenberg (24 Sep 2023)
|
||
|
||
- tool_listhelp: regenerated
|
||
|
||
Polished the --ipfs-gateway description
|
||
|
||
Fixed the --trace-config description
|
||
|
||
The script also fixed some other small mistakes
|
||
|
||
Closes #11923
|
||
|
||
Viktor Szakats (23 Sep 2023)
|
||
|
||
- Makefile.mk: always set `CURL_STATICLIB` for lib (Windows)
|
||
|
||
Also fix to export all symbols in Windows debug builds, making
|
||
`-debug-dyn` builds work with `-DCURL_STATICLIB` set.
|
||
|
||
Ref: https://github.com/curl/curl/pull/11914 (same for CMake)
|
||
|
||
Closes #11924
|
||
|
||
Daniel Stenberg (23 Sep 2023)
|
||
|
||
- quic: set ciphers/curves the same way regular TLS does
|
||
|
||
for OpenSSL/BoringSSL
|
||
|
||
Fixes #11796
|
||
Reported-by: Karthikdasari0423 on github
|
||
Assisted-by: Jay Satiro
|
||
Closes #11836
|
||
|
||
- test457: verify --max-filesize with chunked encoding
|
||
|
||
- lib: let the max filesize option stop too big transfers too
|
||
|
||
Previously it would only stop them from getting started if the size is
|
||
known to be too big then.
|
||
|
||
Update the libcurl and curl docs accordingly.
|
||
|
||
Fixes #11810
|
||
Reported-by: Elliot Killick
|
||
Assisted-by: Jay Satiro
|
||
Closes #11820
|
||
|
||
Viktor Szakats (23 Sep 2023)
|
||
|
||
- mingw: delete support for legacy mingw.org toolchain
|
||
|
||
Drop support for "old" / "legacy" / "classic" / "v1" / "mingw32" MinGW:
|
||
https://en.wikipedia.org/wiki/MinGW, https://osdn.net/projects/mingw/
|
||
Its homepage used to be http://mingw.org/ [no HTTPS], and broken now.
|
||
It supported the x86 CPU only and used a old Windows API header and
|
||
implib set, often causing issues. It also misses most modern Windows
|
||
features, offering old versions of both binutils and gcc (no llvm/clang
|
||
support). It was last updated 2 years ago.
|
||
|
||
curl now relies on toolchains based on the mingw-w64 project:
|
||
https://www.mingw-w64.org/ https://sourceforge.net/projects/mingw-w64/
|
||
https://www.msys2.org/ https://github.com/msys2/msys2
|
||
https://github.com/mstorsjo/llvm-mingw
|
||
(Also available via Linux and macOS package managers.)
|
||
|
||
Closes #11625
|
||
|
||
Mark Gaiser (23 Sep 2023)
|
||
|
||
- curl: add support for the IPFS protocols:
|
||
|
||
- ipfs://<cid>
|
||
- ipns://<cid>
|
||
|
||
This allows you tu use ipfs in curl like:
|
||
curl ipfs://<cid>
|
||
and
|
||
curl ipns://<cid>
|
||
|
||
For more information consult the readme at:
|
||
https://curl.se/docs/ipfs.html
|
||
|
||
Closes #8805
|
||
|
||
Daniel Stenberg (23 Sep 2023)
|
||
|
||
- bufq: remove Curl_bufq_skip_and_shift (unused)
|
||
|
||
Closes #11915
|
||
|
||
- scripts/singleuse.pl: add curl_global_trace
|
||
|
||
Viktor Szakats (22 Sep 2023)
|
||
|
||
- cmake: fix unity symbol collisions in h2 builds
|
||
|
||
Regression from 331b89a319d0067fa1e6441719307cfef9c7960f
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Reviewed-by: Jay Satiro
|
||
Closes #11912
|
||
|
||
Daniel Stenberg (22 Sep 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Dan Fandrich (21 Sep 2023)
|
||
|
||
- github/labeler: improve the match patterns
|
||
|
||
This includes new rules for setting the appleOS and logging labels and
|
||
matches on some example files. Also, enable dot mode for wildcard
|
||
matches in the .github directory.
|
||
|
||
Daniel Stenberg (21 Sep 2023)
|
||
|
||
- upload-file.d: describe the file name slash/backslash handling
|
||
|
||
Closes #11911
|
||
|
||
Jakub Jelen (21 Sep 2023)
|
||
|
||
- libssh: cap SFTP packet size sent
|
||
|
||
Due to libssh limitations
|
||
|
||
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
||
|
||
Closes #11804
|
||
|
||
Daniel Stenberg (21 Sep 2023)
|
||
|
||
- curl.h: mark CURLSSLBACKEND_NSS as deprecated since 8.3.0
|
||
|
||
Closes #11905
|
||
|
||
- mailmap: unify Michael Osipov under a single email
|
||
|
||
Ted Lyngmo (21 Sep 2023)
|
||
|
||
- docs: use CURLSSLBACKEND_NONE
|
||
|
||
[ssl] use CURLSSLBACKEND_NONE instead of (curl_sslbackend)-1 in
|
||
documentation and examples.
|
||
|
||
Signed-off-by: Ted Lyngmo <ted@lyncon.se>
|
||
|
||
Closes #11909
|
||
|
||
Dan Fandrich (21 Sep 2023)
|
||
|
||
- github/labeler: give the sync-labels config item a default value
|
||
|
||
This shouldn't be necessary and is likely a bug with this beta version
|
||
of the labeller.
|
||
|
||
Also, fix the negative matches for the documentation label.
|
||
|
||
Follow-up to dd12b452a
|
||
Closes #11907
|
||
|
||
- github/labeler: fix up more the labeler config format
|
||
|
||
The new version didn't like the workaround we had for a bug in the
|
||
previous labeler version, and it should no longer be needed.
|
||
|
||
Follow-up to dd12b452a
|
||
Closes #11906
|
||
|
||
- github/labeler: fix indenting to try to appease labeller
|
||
|
||
Follow-up to dd12b452a
|
||
|
||
Jay Satiro (21 Sep 2023)
|
||
|
||
- libssh2: fix error message on failed pubkey-from-file
|
||
|
||
- If libssh2_userauth_publickey_fromfile_ex returns -1 then show error
|
||
message "SSH public key authentication failed: Reason unknown (-1)".
|
||
|
||
When libssh2_userauth_publickey_fromfile_ex returns -1 it does so as a
|
||
generic error and therefore doesn't set an error message. AFAICT that is
|
||
not documented behavior.
|
||
|
||
Prior to this change libcurl retrieved the last set error message which
|
||
would be from a previous function failing. That resulted in misleading
|
||
auth failed error messages in verbose mode.
|
||
|
||
Bug: https://github.com/curl/curl/issues/11837#issue-1891827355
|
||
Reported-by: consulion@users.noreply.github.com
|
||
|
||
Closes https://github.com/curl/curl/pull/11881
|
||
|
||
Stefan Eissing (21 Sep 2023)
|
||
|
||
- pytest: exclude test_03_goaway in CI runs due to timing dependency
|
||
|
||
Closes #11860
|
||
|
||
- lib: disambiguate Curl_client_write flag semantics
|
||
|
||
- use CLIENTWRITE_BODY *only* when data is actually body data
|
||
- add CLIENTWRITE_INFO for meta data that is *not* a HEADER
|
||
- debug assertions that BODY/INFO/HEADER is not used mixed
|
||
- move `data->set.include_header` check into Curl_client_write
|
||
so protocol handlers no longer have to care
|
||
- add special in FTP for `data->set.include_header` for historic,
|
||
backward compatible reasons
|
||
- move unpausing of client writes from easy.c to sendf.c, so that
|
||
code is in one place and can forward flags correctly
|
||
|
||
Closes #11885
|
||
|
||
Patrick Monnerat (21 Sep 2023)
|
||
|
||
- tftpd: always use curl's own tftp.h
|
||
|
||
Using the system's provided arpa/tftp.h and optimizing, GCC 12 detects
|
||
and reports a stringop-overread warning:
|
||
|
||
tftpd.c: In function ‘write_behind.isra’:
|
||
tftpd.c:485:12: warning: ‘write’ reading between 1 and 2147483647 bytes f
|
||
rom a region of size 0 [-Wstringop-overread]
|
||
485 | return write(test->ofile, writebuf, count);
|
||
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
In file included from tftpd.c:71:
|
||
/usr/include/arpa/tftp.h:58:30: note: source object ‘tu_data’ of size 0
|
||
58 | char tu_data[0]; /* data or error stri
|
||
ng */
|
||
| ^~~~~~~
|
||
|
||
This occurs because writebuf points to this field and the latter
|
||
cannot be considered as being of dynamic length because it is not
|
||
the last field in the structure. Thus it is bound to its declared
|
||
size.
|
||
|
||
This commit always uses curl's own version of tftp.h where the
|
||
target field is last in its structure, effectively avoiding the
|
||
warning.
|
||
|
||
As HAVE_ARPA_TFTP_H is not used anymore, cmake/configure checks for
|
||
arpa/tftp.h are removed.
|
||
|
||
Closes #11897
|
||
|
||
Dan Fandrich (20 Sep 2023)
|
||
|
||
- test1474: make precheck more robust on non-Solaris systems
|
||
|
||
If uname -r returns something odd, perl could return an error code and
|
||
the test would be erroneously skipped. The qx// syntax avoid this.
|
||
|
||
Followup to 08f9b2148
|
||
|
||
- github/labeler: switch to the 5 beta version
|
||
|
||
This version adds an important feature that will allow more PRs to be
|
||
labelled. Rather than being limited to labeling PRs with files that
|
||
match a single glob, it can now label them if multiple changed files
|
||
match any one of a number of globs.
|
||
|
||
Daniel Stenberg (20 Sep 2023)
|
||
|
||
- lib: enable hmac for digest as well
|
||
|
||
Previously a build that disabled NTLM and aws-sigv4 would fail to build
|
||
since the hmac was disabled, but it is also needed for digest auth.
|
||
|
||
Follow-up to e92edfbef64448ef
|
||
|
||
Fixes #11890
|
||
Reported-by: Aleksander Mazur
|
||
Closes #11896
|
||
|
||
- idn: if idn2_check_version returns NULL, return error
|
||
|
||
... this avoids a NULL dereference for this unusual case.
|
||
|
||
Reported-by: s0urc3_ on hackerone
|
||
Closes #11898
|
||
|
||
- http: fix CURL_DISABLE_BEARER_AUTH breakage
|
||
|
||
When bearer auth was disabled, the if/else logic got wrong and caused
|
||
problems.
|
||
|
||
Follow-up to e92edfbef64448ef461
|
||
Fixes #11892
|
||
Reported-by: Aleksander Mazur
|
||
Closes #11895
|
||
|
||
Michael Osipov (20 Sep 2023)
|
||
|
||
- wolfssl: allow capath with CURLOPT_CAINFO_BLOB
|
||
|
||
Remain consistent with OpenSSL. While CAfile is nulled as documented
|
||
with CURLOPT_CAINFO_BLOB, CApath remains intact.
|
||
|
||
Closes #11886
|
||
|
||
- wolfssl: use ssl_cafile/ssl_capath variables consistent with openssl.c
|
||
|
||
Closes #11886
|
||
|
||
Dan Fandrich (19 Sep 2023)
|
||
|
||
- test1474: disable test on NetBSD, OpenBSD and Solaris 10
|
||
|
||
These kernels only send a fraction of the requested amount of the first
|
||
large block, invalidating the assumptions of the test and causing it to
|
||
fail.
|
||
|
||
Assisted-by: Christian Weisgerber
|
||
Ref: https://curl.se/mail/lib-2023-09/0021.html
|
||
Closes #11888
|
||
|
||
Ryan Schmidt (20 Sep 2023)
|
||
|
||
- cmake, configure: also link with CoreServices
|
||
|
||
When linking with CoreFoundation, also link with CoreServices which is
|
||
apparently required to avoid an NSInvalidArgumentException in software
|
||
linking with libcurl on macOS Sonoma 14 and later.
|
||
|
||
Fixes #11893
|
||
Closes #11894
|
||
|
||
Marc Hoersken (19 Sep 2023)
|
||
|
||
- CI/azure: remove pip, wheel, cryptography, pyopenssl and impacket
|
||
|
||
These dependencies are now already included in the Docker image.
|
||
|
||
Ref: https://github.com/mback2k/curl-docker-winbuildenv/commit/2607a31bcab544
|
||
b41d15606e97f38cf312c1ce56
|
||
|
||
Closes #11889
|
||
|
||
Daniel Stenberg (19 Sep 2023)
|
||
|
||
- wolfssl: if CURLOPT_CAINFO_BLOB is set, ignore the CA files
|
||
|
||
Ref: #11883
|
||
Reported-by: Michael Osipov
|
||
Closes #11884
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- test3103: CURLOPT_COOKIELIST test
|
||
|
||
- cookie: set ->running in cookie_init even if data is NULL
|
||
|
||
This is a regression introduced in b1b326ec500 (shipped in curl 8.1.0)
|
||
|
||
Test 3103 verifies.
|
||
|
||
Fixes #11875
|
||
Reported-by: wangp on github
|
||
Closes #11876
|
||
|
||
- test498: total header size for all redirects is larger than accepted
|
||
|
||
- http: use per-request counter to check too large headers
|
||
|
||
Not the counter that accumulates all headers over all redirects.
|
||
|
||
Follow-up to 3ee79c1674fd6
|
||
|
||
Do a second check for 20 times the limit for the accumulated size for
|
||
all headers.
|
||
|
||
Fixes #11871
|
||
Reported-by: Joshix-1 on github
|
||
Closes #11872
|
||
|
||
Jay Satiro (18 Sep 2023)
|
||
|
||
- THANKS: add Eric Murphy
|
||
|
||
He reported #11850 (quiche build error) but I forgot to add a
|
||
'reported-by' entry in the fix 267e14f1.
|
||
|
||
Daniel Stenberg (18 Sep 2023)
|
||
|
||
- h2-proxy: remove left-over mistake in drain_tunnel()
|
||
|
||
Left-over from 331b89a319
|
||
|
||
Reported-by: 南宫雪珊
|
||
|
||
Closes https://github.com/curl/curl/pull/11877
|
||
|
||
vvb2060 (18 Sep 2023)
|
||
|
||
- lib: failf/infof compiler warnings
|
||
|
||
Closes #11874
|
||
|
||
Daniel Stenberg (17 Sep 2023)
|
||
|
||
- rand: fix 'alnum': array is too small to include a terminating null character
|
||
|
||
It was that small on purpose, but this change now adds the null byte to
|
||
avoid the error.
|
||
|
||
Follow-up to 3aa3cc9b052353b1
|
||
|
||
Reported-by: Dan Fandrich
|
||
Ref: #11838
|
||
Closes #11870
|
||
|
||
Mathias Fuchs (16 Sep 2023)
|
||
|
||
- cmake: fix the help text to the static build option in CMakeLists.txt
|
||
|
||
Closes #11843
|
||
|
||
John Haugabook (16 Sep 2023)
|
||
|
||
- MANUAL.md: change domain to example.com
|
||
|
||
Closes #11866
|
||
|
||
Daniel Stenberg (16 Sep 2023)
|
||
|
||
- doh: inherit DEBUGFUNCTION/DATA
|
||
|
||
When creating new transfers for doing DoH, they now inherit the debug
|
||
settings from the initiating transfer, so that the application can
|
||
redirect and handle the verbose output correctly even for the DoH
|
||
transfers.
|
||
|
||
Reported-by: calvin2021y on github
|
||
Fixes #11864
|
||
Closes #11869
|
||
|
||
Dan Fandrich (16 Sep 2023)
|
||
|
||
- http_aws_sigv4: fix sorting with empty parts
|
||
|
||
When comparing with an empty part, the non-empty one is always
|
||
considered greater-than. Previously, the two would be considered equal
|
||
which would randomly place empty parts amongst non-empty ones. This
|
||
showed as a test 439 failure on Solaris as it uses a different
|
||
implementation of qsort() that compares parts differently.
|
||
|
||
Fixes #11855
|
||
Closes #11868
|
||
|
||
- CI: ignore the "flaky" and "timing-dependent" test results
|
||
|
||
CI builds will now run these tests, but will ignore the results if they
|
||
fail. The relevant tests are ones that are sensitive to timing or
|
||
have edge conditions that make them more likely to fail on CI servers,
|
||
which are often heavily overloaded and slow.
|
||
|
||
This change only adds two additional tests to be ignored, since the
|
||
others already had the flaky keyword.
|
||
|
||
Closes #11865
|
||
|
||
- runtests: eliminate a warning on old perl versions
|
||
|
||
The warning "Use of implicit split to @_ is deprecated" showed between
|
||
perl versions about 5.8 through 5.11.
|
||
|
||
- tests: log the test result code after each libtest
|
||
|
||
This makes it easier to determine the test status. Also, capitalize
|
||
FAILURE and ABORT messages in log lines to make them easier to spot.
|
||
|
||
Harry Sintonen (16 Sep 2023)
|
||
|
||
- misc: better random strings
|
||
|
||
Generate alphanumerical random strings.
|
||
|
||
Prior this change curl used to create random hex strings. This was
|
||
mostly okay, but having alphanumerical random strings is better: The
|
||
strings have more entropy in the same space.
|
||
|
||
The MIME multipart boundary used to be mere 64-bits of randomness due
|
||
to being 16 hex chars. With these changes the boundary is 22
|
||
alphanumerical chars, or little over 130 bits of randomness.
|
||
|
||
Closes #11838
|
||
|
||
Daniel Stenberg (15 Sep 2023)
|
||
|
||
- cookie: reduce variable scope, add const
|
||
|
||
- cookie: do not store the expire or max-age strings
|
||
|
||
Convert it to an expire time at once and save memory.
|
||
|
||
Closes #11862
|
||
|
||
- cookie: remove unnecessary struct fields
|
||
|
||
Plus: reduce the hash table size from 256 to 63. It seems unlikely to
|
||
make much of a speed difference for most use cases but saves 1.5KB of
|
||
data per instance.
|
||
|
||
Closes #11862
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Bumped to 8.4.0, the next presumed version
|
||
|
||
Dan Fandrich (14 Sep 2023)
|
||
|
||
- test2600: remove special case handling for USE_ALARM_TIMEOUT
|
||
|
||
This was originally added to handle platforms that supported only 1
|
||
second granularity in connect timeouts, but after some recent changes
|
||
the test currently permafails on several Windows platforms.
|
||
|
||
The need for this special-case was removed in commit 8627416, which
|
||
increased the connect timeout in all cases to well above 1 second.
|
||
|
||
Fixes #11767
|
||
Closes #11849
|
||
|
||
Daniel Stenberg (14 Sep 2023)
|
||
|
||
- SECURITY-PROCESS.md. call it vulnerability disclosure policy
|
||
|
||
SECURITY-PROCESS.md -> VULN-DISCLOSURE-POLICY.md
|
||
|
||
This a name commonly used for a document like this. This name helps
|
||
users find it.
|
||
|
||
Closes #11852
|
||
|
||
Junho Choi (14 Sep 2023)
|
||
|
||
- quiche: fix build error with --with-ca-fallback
|
||
|
||
- Fix build error when curl is built with --with-quiche
|
||
and --with-ca-fallback.
|
||
|
||
- Add --with-ca-fallback to the quiche CI job.
|
||
|
||
Fixes https://github.com/curl/curl/issues/11850
|
||
Closes https://github.com/curl/curl/pull/11847
|
||
|
||
Jay Satiro (14 Sep 2023)
|
||
|
||
- escape: replace Curl_isunreserved with ISUNRESERVED
|
||
|
||
- Use the ALLCAPS version of the macro so that it is clear a macro is
|
||
being called that evaluates the variable multiple times.
|
||
|
||
- Also capitalize macro isurlpuntcs => ISURLPUNTCS since it evaluates
|
||
a variable multiple times.
|
||
|
||
This is a follow-up to 291d225a which changed Curl_isunreserved into an
|
||
alias macro for ISUNRESERVED. The problem is the former is not easily
|
||
identified as a macro by the caller, which could lead to a bug.
|
||
|
||
For example, ISUNRESERVED(*foo++) is easily identifiable as wrong but
|
||
Curl_isunreserved(*foo++) is not even though they both are the same.
|
||
|
||
Closes https://github.com/curl/curl/pull/11846
|
||
|
||
Dan Fandrich (13 Sep 2023)
|
||
|
||
- tests: increase the default server logs lock timeout
|
||
|
||
This timeout is used to wait for the server to finish writing its logs
|
||
before checking them against the expected values. An overloaded machine
|
||
could take more than the two seconds previously allocated, so increase
|
||
the timeout to 5 seconds.
|
||
|
||
Ref: #11328
|
||
Closes #11834
|
||
|
||
- tests: increase TEST_HANG_TIMEOUT in two tests
|
||
|
||
These tests had a 5 second timeout compared to 60 seconds for all other
|
||
tests. Make these consistent with the others for more reliability on
|
||
heavily-loaded machines.
|
||
|
||
Ref: #11328
|
||
|
||
- test1056: disable on Windows
|
||
|
||
This test relies on the IPv6 scope field being ignored when connecting to
|
||
ipv6-localhost (i.e. [::1%259999] is treated as [::1]). Maybe this is a bit
|
||
dodgy, but it works on all our test platforms except Windows. This
|
||
test was disabled manually on all Windows CI builds already, so instead
|
||
add an incompatible feature and precheck so it's skipped on Windows
|
||
everywhere automatically.
|
||
|
||
- test587: add a slight delay after test
|
||
|
||
This test is designed to connect to the server, then immediately send a
|
||
few bytes and disconnect. In some situations, such as on a loaded
|
||
server, this doesn't give the server enough time to write its lock file
|
||
before its existence is checked. The test harness then fails to find the
|
||
server's input log file (because it hasn't been written yet) and fails
|
||
the test. By adding a short delay after the test, the HTTP server has
|
||
enough time to write its lock file which gives itself more time to write
|
||
its remaining files.
|
||
|
||
Ref: #11328
|
||
|
||
- tests: stop overriding the lock timeout
|
||
|
||
These tests reduce the server lock wait timeout which can increase
|
||
flakiness on loaded machines. Since this is merely an optimization,
|
||
eliminate them in favour of reliability.
|
||
|
||
Ref: #11328
|
||
|
||
- tests: add some --expect100-timeout to reduce timing dependencies
|
||
|
||
These tests can fail when the test machine is so slow that the test HTTP
|
||
server didn't get a chance to complete before the client's one second
|
||
100-continue timeout triggered. Increase that 1 second to 999 seconds so
|
||
this situation doesn't happen.
|
||
|
||
Ref: #11328
|
||
|
||
- test661: return from test early in case of curl error
|
||
|
||
- tests: add the timing-dependent keyword on several tests
|
||
|
||
These are ones likely to fail on heavily-loaded machines that alter the
|
||
normal test timing. Most of these tests already had the flaky keyword
|
||
since this condition makes them more likely to fail on CI.
|
||
|
||
- test1592: greatly increase the maximum test timeout
|
||
|
||
It was too short to be reliable on heavily loaded CI machines, and
|
||
as a fail-safe only, it didn't need to be short.
|
||
|
||
Ref: #11328
|
||
|
||
- test: minor test cleanups
|
||
|
||
Remove an obsolete block of code in tests 2032 & 576.
|
||
Add a comment in test 1474.
|
||
|
||
- tests: quadruple the %FTPTIME2 and %FTPTIME3 timeouts
|
||
|
||
This gives more of a margin for error when running on overloaded CI
|
||
servers.
|
||
|
||
Ref: #11328
|
||
|
||
- tests: improve SLOWDOWN test reliability by reducing sent data
|
||
|
||
These tests are run in SLOWDOWN mode which adds a 10 msec delay after
|
||
each character output, which means it takes at least 1.6 seconds (and
|
||
320 kernel calls) just to get through the long welcome banner. On an
|
||
overloaded system, this can end up taking much more than 1.6 seconds,
|
||
and even more than the 7 or 16 second curl timeout that the tests rely
|
||
on, causing them to fail. Reducing the size of the welcome banner drops
|
||
the total number of characters sent before the transfer starts by more
|
||
than half, which reduces the opportunity for test-breaking slowdowns by
|
||
the same amount.
|
||
|
||
Ref: #11328
|
||
|
||
- test650: fix an end tag typo
|
||
|
||
Jay Satiro (13 Sep 2023)
|
||
|
||
- tool_cb_wrt: fix debug assertion
|
||
|
||
- Fix off-by-one out-of-bounds array index in Windows debug assertion.
|
||
|
||
Bug: https://github.com/curl/curl/commit/af3f4e41#r127212213
|
||
Reported-by: Gisle Vanem
|
||
|
||
Daniel Stenberg (13 Sep 2023)
|
||
|
||
- ctype: add ISUNRESERVED()
|
||
|
||
... and make Curl_isunreserved() use that macro instead of providing a
|
||
separate funtion for the purpose.
|
||
|
||
Closes #11840
|
||
|
||
Version 8.3.0 (13 Sep 2023)
|
||
|
||
Daniel Stenberg (13 Sep 2023)
|
||
|
||
- RELEASE-NOTES: syn ced
|
||
|
||
curl 8.3.0 release
|
||
|
||
- THANKS: contributors from 8.3.0
|
||
|
||
Thorsten Klein (12 Sep 2023)
|
||
|
||
- cmake: set SIZEOF_LONG_LONG in curl_config.h
|
||
|
||
in order to support 32bit builds regarding wolfssl CTC_SETTINGS
|
||
|
||
Closes #11839
|
||
|
||
Jay Satiro (12 Sep 2023)
|
||
|
||
- curl_ngtcp2: fix error message
|
||
|
||
- http_aws_sigv4: handle no-value user header entries
|
||
|
||
- Handle user headers in format 'name:' and 'name;' with no value.
|
||
|
||
The former is used when the user wants to remove an internal libcurl
|
||
header and the latter is used when the user actually wants to send a
|
||
no-value header in the format 'name:' (note the semi-colon is converted
|
||
by libcurl to a colon).
|
||
|
||
Prior to this change the AWS header import code did not special case
|
||
either of those and the generated AWS SignedHeaders would be incorrect.
|
||
|
||
Reported-by: apparentorder@users.noreply.github.com
|
||
|
||
Ref: https://curl.se/docs/manpage.html#-H
|
||
|
||
Fixes https://github.com/curl/curl/issues/11664
|
||
Closes https://github.com/curl/curl/pull/11668
|
||
|
||
Dan Fandrich (11 Sep 2023)
|
||
|
||
- CI: run pytest with the -v option
|
||
|
||
This lists of the test cases being run so it can be tracked over time.
|
||
|
||
Closes #11824
|
||
|
||
Daniel Stenberg (11 Sep 2023)
|
||
|
||
- HTTP3: the msquic backend is not functional
|
||
|
||
I ask that we do not submit bugs for this backend just yet as we know it
|
||
does not fully work.
|
||
|
||
Closes #11831
|
||
Closes #11819
|
||
|
||
- aws_sigv4: the query canon code miscounted URL encoded input
|
||
|
||
Added some extra ampersands to test 439 to verify "blank" query parts
|
||
|
||
Follow-up to fc76a24c53b08cdf
|
||
|
||
Closes #11829
|
||
|
||
vvb2060 (11 Sep 2023)
|
||
|
||
- quic: don't set SNI if hostname is an IP address
|
||
|
||
We already do this for TLS connections.
|
||
|
||
RFC 6066 says: Literal IPv4 and IPv6 addresses are not permitted in
|
||
"HostName".
|
||
|
||
Ref: https://www.rfc-editor.org/rfc/rfc6066#section-3
|
||
|
||
Fixes https://github.com/curl/curl/issues/11827
|
||
Closes https://github.com/curl/curl/pull/11828
|
||
|
||
Daniel Stenberg (10 Sep 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Benoit Pierre (10 Sep 2023)
|
||
|
||
- configure: fix `HAVE_TIME_T_UNSIGNED` check
|
||
|
||
The syntax was incorrect (need a proper main body), and the test
|
||
condition was wrong (resulting in a signed `time_t` detected as
|
||
unsigned).
|
||
|
||
Closes #11825
|
||
|
||
Daniel Stenberg (9 Sep 2023)
|
||
|
||
- THANKS-filter: pszlazak on github
|
||
|
||
pszlazak (9 Sep 2023)
|
||
|
||
- include.d: explain headers not printed with --fail before 7.75.0
|
||
|
||
Prior to 7.75.0 response headers were not printed if -f/--fail was used
|
||
and an error was reported by server. This was fixed in ab525c0
|
||
(precedes 7.75.0).
|
||
|
||
Closes #11822
|
||
|
||
Daniel Stenberg (8 Sep 2023)
|
||
|
||
- http_aws_sigv4: skip the op if the query pair is zero bytes
|
||
|
||
Follow-up to fc76a24c53b08cdf
|
||
|
||
Spotted by OSS-Fuzz
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62175
|
||
Closes #11823
|
||
|
||
- cmdline-docs: use present tense, not future
|
||
|
||
+ some smaller cleanups
|
||
|
||
Closes #11821
|
||
|
||
- cmdline-docs: make sure to phrase it as "added in ...."
|
||
|
||
References to things that were added or changed in a specific version
|
||
should be specified as "(added in [version]) for two reasons:
|
||
|
||
1 - consistency
|
||
|
||
2 - to allow gen.pl to strip them out if deemed referring to too old
|
||
versions
|
||
|
||
Closes #11821
|
||
|
||
Jay Satiro (8 Sep 2023)
|
||
|
||
- docs: mark --ssl-revoke-best-effort as Schannel specific
|
||
|
||
Closes https://github.com/curl/curl/pull/11760
|
||
|
||
Nathan Moinvaziri (8 Sep 2023)
|
||
|
||
- schannel: fix ordering of cert chain info
|
||
|
||
- Use CERT_CONTEXT's pbCertEncoded to determine chain order.
|
||
|
||
CERT_CONTEXT from SECPKG_ATTR_REMOTE_CERT_CONTEXT contains
|
||
end-entity/server certificate in pbCertEncoded. We can use this pointer
|
||
to determine the order of certificates when enumerating hCertStore using
|
||
CertEnumCertificatesInStore.
|
||
|
||
This change is to help ensure that the ordering of the certificate chain
|
||
requested by the user via CURLINFO_CERTINFO has the same ordering on all
|
||
versions of Windows.
|
||
|
||
Prior to this change Schannel certificate order was reversed in 8986df80
|
||
but that was later reverted in f540a39b when it was discovered that
|
||
Windows 11 22H2 does the reversal on its own.
|
||
|
||
Ref: https://github.com/curl/curl/issues/9706
|
||
|
||
Closes https://github.com/curl/curl/pull/11632
|
||
|
||
Chris Talbot (8 Sep 2023)
|
||
|
||
- digest: Use hostname to generate spn instead of realm
|
||
|
||
In https://www.rfc-editor.org/rfc/rfc2831#section-2.1.2
|
||
|
||
digest-uri-value should be serv-type "/" host , where host is:
|
||
|
||
The DNS host name or IP address for the service requested. The
|
||
DNS host name must be the fully-qualified canonical name of the
|
||
host. The DNS host name is the preferred form; see notes on server
|
||
processing of the digest-uri.
|
||
|
||
Realm may not be the host, so we must specify the host explicitly.
|
||
|
||
Note this change only affects the non-SSPI digest code. The digest code
|
||
used by SSPI builds already uses the hostname to generate the spn.
|
||
|
||
Ref: https://github.com/curl/curl/issues/11369
|
||
|
||
Closes https://github.com/curl/curl/pull/11395
|
||
|
||
Daniel Stenberg (7 Sep 2023)
|
||
|
||
- docs: remove use of the word 'very'
|
||
|
||
It is mostly superfluous. proselint would complain.
|
||
|
||
Closes #11818
|
||
|
||
- curl_multi_remove_handle.3: clarify what happens with connection
|
||
|
||
Closes #11817
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- test439: verify query canonization for aws-sigv4
|
||
|
||
- tool_operate: make aws-sigv4 not require TLS to be used
|
||
|
||
Maybe not used too often, but we want it for testing and it should work.
|
||
|
||
- http_aws_sigv4: canonicalize the query
|
||
|
||
Percent encoding needs to be done using uppercase, and most
|
||
non-alphanumerical must be percent-encoded.
|
||
|
||
Fixes #11794
|
||
Reported-by: John Walker
|
||
Closes #11806
|
||
|
||
Wyatt O'Day (7 Sep 2023)
|
||
|
||
- lib: add ability to disable auths individually
|
||
|
||
Both with configure and cmake
|
||
|
||
Closes #11490
|
||
|
||
Stefan Eissing (7 Sep 2023)
|
||
|
||
- ngtcp2: fix handling of large requests
|
||
|
||
- requests >64K are send in parts to the filter
|
||
- fix parsing of the request to assemble it correctly
|
||
from several sends
|
||
- open a QUIC stream only when the complete request has
|
||
been collected
|
||
|
||
Closes #11815
|
||
|
||
- openssl: when CURLOPT_SSL_CTX_FUNCTION is registered, init x509 store before
|
||
|
||
- we delay loading the x509 store to shorten the handshake time.
|
||
However an application callback installed via CURLOPT_SSL_CTX_FUNCTION
|
||
may need to have the store loaded and try to manipulate it.
|
||
- load the x509 store before invoking the app callback
|
||
|
||
Fixes #11800
|
||
Reported-by: guoxinvmware on github
|
||
Cloes #11805
|
||
|
||
Daniel Stenberg (7 Sep 2023)
|
||
|
||
- krb5: fix "implicit conversion loses integer precision" warnings
|
||
|
||
conversions to/from enum and unsigned chars
|
||
|
||
Closes #11814
|
||
|
||
Stefan Eissing (7 Sep 2023)
|
||
|
||
- pytest: improvements
|
||
|
||
- set CURL_CI for pytest runs in CI environments
|
||
- exclude timing sensitive tests from CI runs
|
||
- for failed results, list only the log and stat of
|
||
the failed transfer
|
||
|
||
- fix type in http.c comment
|
||
|
||
Closes #11812
|
||
|
||
- CI: move on to ngtcp2 v0.19.1
|
||
|
||
Closes #11809
|
||
|
||
Dan Fandrich (5 Sep 2023)
|
||
|
||
- CI: run Circle macOS builds on x86 for now
|
||
|
||
The ARM machines aren't ready for us and requesting them now causes
|
||
warnings e-mails to be sent to some PR pushers.
|
||
|
||
Ref: #11771
|
||
|
||
Viktor Szakats (5 Sep 2023)
|
||
|
||
- http3: adjust cast for ngtcp2 v0.19.0
|
||
|
||
ngtcp2 v0.19.0 made size of `ecn` member of `ngtcp2_pkt_info`
|
||
an `uint8_t` (was: `uint32_t`). Adjust our local cast accordingly.
|
||
|
||
Fixes:
|
||
```
|
||
./curl/lib/vquic/curl_ngtcp2.c:1912:12: warning: implicit conversion loses in
|
||
teger precision: 'uint32_t' (aka 'unsigned int') to 'uint8_t' (aka 'unsigned
|
||
char') [-Wimplicit-int-conversion]
|
||
pi.ecn = (uint32_t)ecn;
|
||
~ ^~~~~~~~~~~~~
|
||
```
|
||
|
||
Also bump ngtcp2, nghttp3 and nghttp2 to their latest versions in our
|
||
docs and CI.
|
||
|
||
Ref: https://github.com/ngtcp2/ngtcp2/commit/80447281bbc94af53f8aa7a4cfc19175
|
||
782894a3
|
||
Ref: https://github.com/ngtcp2/ngtcp2/pull/877
|
||
Closes #11798
|
||
|
||
Stefan Eissing (5 Sep 2023)
|
||
|
||
- http: fix sending of large requests
|
||
|
||
- refs #11342 where errors with git https interactions
|
||
were observed
|
||
- problem was caused by 1st sends of size larger than 64KB
|
||
which resulted in later retries of 64KB only
|
||
- limit sending of 1st block to 64KB
|
||
- adjust h2/h3 filters to cope with parsing the HTTP/1.1
|
||
formatted request in chunks
|
||
|
||
- introducing Curl_nwrite() as companion to Curl_write()
|
||
for the many cases where the sockindex is already known
|
||
|
||
Fixes #11342 (again)
|
||
Closes #11803
|
||
|
||
- pytest: fix check for slow_network skips to only apply when intended
|
||
|
||
Closes #11801
|
||
|
||
Daniel Stenberg (5 Sep 2023)
|
||
|
||
- curl_url_get/set.3: add missing semicolon in SYNOPSIS
|
||
|
||
- CURLOPT_URL.3: explain curl_url_set() uses the same parser
|
||
|
||
- CURLOPT_URL.3: add two URL API calls in the see-also section
|
||
|
||
Dan Fandrich (4 Sep 2023)
|
||
|
||
- CI: add a 32-bit i686 Linux build
|
||
|
||
This is done by cross-compiling under regular x86_64 Linux. Since the
|
||
kernel offers backwards compatibility, the binaries can be tested as
|
||
normal.
|
||
|
||
Closes #11799
|
||
|
||
- tests: fix a type warning on 32-bit x86
|
||
|
||
Viktor Szakats (4 Sep 2023)
|
||
|
||
- tests: delete stray `.orig` file
|
||
|
||
Follow-up to 331b89a319d0067fa1e6441719307cfef9c7960f
|
||
Closes #11797
|
||
|
||
Daniel Stenberg (4 Sep 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Viktor Szakats (4 Sep 2023)
|
||
|
||
- lib: silence compiler warning in inet_ntop6
|
||
|
||
```
|
||
./curl/lib/inet_ntop.c:121:21: warning: possible misuse of comma operator her
|
||
e [-Wcomma]
|
||
cur.base = i, cur.len = 1;
|
||
^
|
||
./curl/lib/inet_ntop.c:121:9: note: cast expression to void to silence warnin
|
||
g
|
||
cur.base = i, cur.len = 1;
|
||
^~~~~~~~~~~~
|
||
(void)( )
|
||
```
|
||
|
||
Closes #11790
|
||
|
||
Daniel Stenberg (4 Sep 2023)
|
||
|
||
- transfer: also stop the sending on closed connection
|
||
|
||
Previously this cleared the receiving bit only but in some cases it is
|
||
also still sending (like a request-body) when disconnected and neither
|
||
direction can continue then.
|
||
|
||
Fixes #11769
|
||
Reported-by: Oleg Jukovec
|
||
Closes #11795
|
||
|
||
John Bampton (4 Sep 2023)
|
||
|
||
- docs: change `sub-domain` to `subdomain`
|
||
|
||
https://en.wikipedia.org/wiki/Subdomain
|
||
|
||
Closes #11793
|
||
|
||
Stefan Eissing (4 Sep 2023)
|
||
|
||
- multi: more efficient pollfd count for poll
|
||
|
||
- do not use separate pollfds for sockets that have POLLIN+POLLOUT
|
||
|
||
Closes #11792
|
||
|
||
- http2: polish things around POST
|
||
|
||
- added test cases for various code paths
|
||
- fixed handling of blocked write when stream had
|
||
been closed inbetween attempts
|
||
- re-enabled DEBUGASSERT on send with smaller data size
|
||
|
||
- in debug builds, environment variables can be set to simulate a slow
|
||
network when sending data. cf-socket.c and vquic.c support
|
||
* CURL_DBG_SOCK_WBLOCK: percentage of send() calls that should be
|
||
answered with a EAGAIN. TCP/UNIX sockets.
|
||
This is chosen randomly.
|
||
* CURL_DBG_SOCK_WPARTIAL: percentage of data that shall be written
|
||
to the network. TCP/UNIX sockets.
|
||
Example: 80 means a send with 1000 bytes would only send 800
|
||
This is applied to every send.
|
||
* CURL_DBG_QUIC_WBLOCK: percentage of send() calls that should be
|
||
answered with EAGAIN. QUIC only.
|
||
This is chosen randomly.
|
||
|
||
Closes #11756
|
||
|
||
Daniel Stenberg (4 Sep 2023)
|
||
|
||
- docs: add curl_global_trace to some SEE ALSO sections
|
||
|
||
Closes #11791
|
||
|
||
- os400: fix checksrc nits
|
||
|
||
Closes #11789
|
||
|
||
Nicholas Nethercote (3 Sep 2023)
|
||
|
||
- hyper: remove `hyptransfer->endtask`
|
||
|
||
`Curl_hyper_stream` needs to distinguish between two kinds of
|
||
`HYPER_TASK_EMPTY` tasks: (a) the `foreach` tasks it creates itself, and
|
||
(b) background tasks that hyper produces. It does this by recording the
|
||
address of any `foreach` task in `hyptransfer->endtask` before pushing
|
||
it into the executor, and then comparing that against the address of
|
||
tasks later polled out of the executor.
|
||
|
||
This works right now, but there is no guarantee from hyper that the
|
||
addresses are stable. `hyper_executor_push` says "The executor takes
|
||
ownership of the task, which should not be accessed again unless
|
||
returned back to the user with `hyper_executor_poll`". That wording is a
|
||
bit ambiguous but with my Rust programmer's hat on I read it as meaning
|
||
the task returned with `hyper_executor_poll` may be conceptually the
|
||
same as a task that was pushed, but that there are no other guarantees
|
||
and comparing addresses is a bad idea.
|
||
|
||
This commit instead uses `hyper_task_set_userdata` to mark the `foreach`
|
||
task with a `USERDATA_RESP_BODY` value which can then be checked for,
|
||
removing the need for `hyptransfer->endtask`. This makes the code look
|
||
more like that hyper C API examples, which use userdata for every task
|
||
and never look at task addresses.
|
||
|
||
Closes #11779
|
||
|
||
Dave Cottlehuber (3 Sep 2023)
|
||
|
||
- ws: fix spelling mistakes in examples and tests
|
||
|
||
Closes #11784
|
||
|
||
Daniel Stenberg (3 Sep 2023)
|
||
|
||
- tool_filetime: make -z work with file dates before 1970
|
||
|
||
Fixes #11785
|
||
Reported-by: Harry Sintonen
|
||
Closes #11786
|
||
|
||
Dan Fandrich (1 Sep 2023)
|
||
|
||
- build: fix portability of mancheck and checksrc targets
|
||
|
||
At least FreeBSD preserves cwd across makefile lines, so rules
|
||
consisting of more than one "cd X; do_something" must be explicitly run
|
||
in a subshell to avoid this. This problem caused the Cirrus FreeBSD
|
||
build to fail when parallel make jobs were enabled.
|
||
|
||
- CI: adjust labeler match patterns for new & obsolete files
|
||
|
||
- configure: trust pkg-config when it's used for zlib
|
||
|
||
The library flags retrieved from pkg-config were later thrown out and
|
||
harded-coded, which negates the whole reason to use pkg-config.
|
||
Also, previously, the assumption was made that --libs-only-l and
|
||
--libs-only-L are the full decomposition of --libs, which is untrue and
|
||
would not allow linking against a static zlib. The new approach is
|
||
better in that it uses --libs, although only if --libs-only-l returns
|
||
nothing.
|
||
|
||
Bug: https://curl.se/mail/lib-2023-08/0081.html
|
||
Reported-by: Randall
|
||
Closes #11778
|
||
|
||
Stefan Eissing (1 Sep 2023)
|
||
|
||
- CI/ngtcp2: clear wolfssl for when cache is ignored
|
||
|
||
Closes #11783
|
||
|
||
Daniel Stenberg (1 Sep 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Nicholas Nethercote (1 Sep 2023)
|
||
|
||
- hyper: fix a progress upload counter bug
|
||
|
||
`Curl_pgrsSetUploadCounter` should be a passed a total count, not an
|
||
increment.
|
||
|
||
This changes the failing diff for test 579 with hyper from this:
|
||
```
|
||
Progress callback called with UL 0 out of 0[LF]
|
||
-Progress callback called with UL 8 out of 0[LF]
|
||
-Progress callback called with UL 16 out of 0[LF]
|
||
-Progress callback called with UL 26 out of 0[LF]
|
||
-Progress callback called with UL 61 out of 0[LF]
|
||
-Progress callback called with UL 66 out of 0[LF]
|
||
+Progress callback called with UL 29 out of 0[LF]
|
||
```
|
||
to this:
|
||
```
|
||
Progress callback called with UL 0 out of 0[LF]
|
||
-Progress callback called with UL 8 out of 0[LF]
|
||
-Progress callback called with UL 16 out of 0[LF]
|
||
-Progress callback called with UL 26 out of 0[LF]
|
||
-Progress callback called with UL 61 out of 0[LF]
|
||
-Progress callback called with UL 66 out of 0[LF]
|
||
+Progress callback called with UL 40 out of 0[LF]
|
||
```
|
||
Presumably a step in the right direction.
|
||
|
||
Closes #11780
|
||
|
||
Daniel Stenberg (1 Sep 2023)
|
||
|
||
- awssiv4: avoid freeing the date pointer on error
|
||
|
||
Since it was not allocated, don't free it even if it was wrong syntax
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61908
|
||
|
||
Follow-up to b137634ba3adb
|
||
|
||
Closes #11782
|
||
|
||
Stefan Eissing (1 Sep 2023)
|
||
|
||
- CI: ngtcp2-linux: use separate caches for tls libraries
|
||
|
||
allow ever changing master for wolfssl
|
||
|
||
Closes #11766
|
||
|
||
- replace `master` as wolfssl-version with recent commit
|
||
|
||
- wolfssl, use master again in CI
|
||
|
||
- with the shared session update fix landed in master, it
|
||
is time to use that in our CI again
|
||
|
||
Nicholas Nethercote (31 Aug 2023)
|
||
|
||
- tests: fix formatting errors in `FILEFORMAT.md`.
|
||
|
||
Without the surrounding backticks, these tags get swallowed when the
|
||
markdown is rendered.
|
||
|
||
Closes #11777
|
||
|
||
Viktor Szakats (31 Aug 2023)
|
||
|
||
- cmake: add support for `CURL_DEFAULT_SSL_BACKEND`
|
||
|
||
Allow overriding the default TLS backend via a CMake setting.
|
||
|
||
E.g.:
|
||
`cmake [...] -DCURL_DEFAULT_SSL_BACKEND=mbedtls`
|
||
|
||
Accepted values: bearssl, gnutls, mbedtls, openssl, rustls,
|
||
schannel, secure-transport, wolfssl
|
||
|
||
The passed string is baked into the curl/libcurl binaries.
|
||
The value is case-insensitive.
|
||
|
||
We added a similar option to autotools in 2017 via
|
||
c7170e20d0a18ec8a514b4daa53bcdbb4dcb3a05.
|
||
|
||
TODO: Convert to lowercase to improve reproducibility.
|
||
|
||
Closes #11774
|
||
|
||
- sectransp: fix compiler warnings
|
||
|
||
https://github.com/curl/curl-for-win/actions/runs/6037489221/job/16381860220#
|
||
step:3:11046
|
||
```
|
||
/Users/runner/work/curl-for-win/curl-for-win/curl/lib/vtls/sectransp.c:2435:1
|
||
4: warning: unused variable 'success' [-Wunused-variable]
|
||
OSStatus success;
|
||
^
|
||
/Users/runner/work/curl-for-win/curl-for-win/curl/lib/vtls/sectransp.c:3300:4
|
||
4: warning: unused parameter 'sha256len' [-Wunused-parameter]
|
||
size_t sha256len)
|
||
^
|
||
```
|
||
|
||
Closes #11773
|
||
|
||
- tidy-up: mostly whitespace nits
|
||
|
||
- delete completed TODO from `./CMakeLists.txt`.
|
||
- convert a C++ comment to C89 in `./CMake/CurlTests.c`.
|
||
- delete duplicate EOLs from EOF.
|
||
- add missing EOL at EOF.
|
||
- delete whitespace at EOL (except from expected test results).
|
||
- convert tabs to spaces.
|
||
- convert CRLF EOLs to LF in GHA yaml.
|
||
- text casing fixes in `./CMakeLists.txt`.
|
||
- fix a codespell typo in `packages/OS400/initscript.sh`.
|
||
|
||
Closes #11772
|
||
|
||
Dan Fandrich (31 Aug 2023)
|
||
|
||
- CI: remove Windows builds from Cirrus, without replacement
|
||
|
||
If we don't do this, all coverage on Cirrus will cease in a few days. By
|
||
removing the Windows builds, the FreeBSD one should still continue
|
||
as before. The Windows builds will need be moved to another service to
|
||
maintain test coverage.
|
||
|
||
Closes #11771
|
||
|
||
- CI: switch macOS ARM build from Cirrus to Circle CI
|
||
|
||
Cirrus is drastically reducing their free tier on Sept. 1, so they will
|
||
no longer perform all these builds for us. All but one build has been
|
||
moved, with the LibreSSL one being dropped because of linking problems
|
||
on Circle.
|
||
|
||
One important note about this change is that Circle CI is currently
|
||
directing all these builds to x86_64 hardware, despite them requesting
|
||
ARM. This is because ARM nodes are scheduled to be available on the
|
||
free tier only in December. This reduces our architectural diversity
|
||
until then but it should automatically come back once those machines are
|
||
enabled.
|
||
|
||
- CI: use the right variable for BSD make
|
||
|
||
BSD uses MAKEFLAGS instead of MAKE_FLAGS so it wasn't doing parallel
|
||
builds before.
|
||
|
||
- CI: drop the FreeBSD 12.X build
|
||
|
||
Cirrus' new free tier won't let us have many builds, so drop the
|
||
nonessential ones. The FreeBSD 13.X build will still give us the most
|
||
relevant FreeBSD coverage.
|
||
|
||
- CI: move the Alpine build from Cirrus to GHA
|
||
|
||
Cirrus is reducing their free tier to next to nothing, so we must move
|
||
builds elsewhere.
|
||
|
||
Stefan Eissing (30 Aug 2023)
|
||
|
||
- test_07_upload.py: fix test_07_34 curl args
|
||
|
||
- Pass correct filename to --data-binary.
|
||
|
||
Prior to this change --data-binary was passed an incorrect filename due
|
||
to a missing separator in the arguments list. Since aacbeae7 curl will
|
||
error on incorrect filenames for POST.
|
||
|
||
Fixes https://github.com/curl/curl/issues/11761
|
||
Closes https://github.com/curl/curl/pull/11763
|
||
|
||
Nicholas Nethercote (30 Aug 2023)
|
||
|
||
- tests: document which tests fail due to hyper's lack of trailer support.
|
||
|
||
Closes #11762
|
||
|
||
- docs: removing "pausing transfers" from HYPER.md.
|
||
|
||
It's a reference to #8600, which was fixed by #9070.
|
||
|
||
Closes #11764
|
||
|
||
Patrick Monnerat (30 Aug 2023)
|
||
|
||
- os400: handle CURL_TEMP_PRINTF() while building bind source
|
||
|
||
Closes #11547
|
||
|
||
- os400: build test servers
|
||
|
||
Also fix a non-compliant main prototype in disabled.c.
|
||
|
||
Closes #11547
|
||
|
||
- tests: fix compilation error for os400
|
||
|
||
OS400 uses BSD 4.3 setsockopt() prototype by default: this does not
|
||
define parameter as const, resulting in an error if actual parameter is
|
||
const. Remove the const keyword from the actual parameter cast: this
|
||
works in all conditions, even if the formal parameter uses it.
|
||
|
||
Closes #11547
|
||
|
||
- os400: make programs and command name configurable
|
||
|
||
Closes #11547
|
||
|
||
- os400: move build configuration parameters to a separate script
|
||
|
||
They can then easily be overriden in a script named "config400.override"
|
||
that is not part of the distribution.
|
||
|
||
Closes #11547
|
||
|
||
- os400: implement CLI tool
|
||
|
||
This is provided as a QADRT (ascii) program, a link to it in the IFS and
|
||
a minimal CL command.
|
||
|
||
Closes #11547
|
||
|
||
Matthias Gatto (30 Aug 2023)
|
||
|
||
- lib: fix aws-sigv4 having date header twice in some cases
|
||
|
||
When the user was providing the header X-XXX-Date, the header was
|
||
re-added during signature computation, and we had it twice in the
|
||
request.
|
||
|
||
Reported-by: apparentorder@users.noreply.github.com
|
||
|
||
Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
|
||
|
||
Fixes: https://github.com/curl/curl/issues/11738
|
||
Closes: https://github.com/curl/curl/pull/11754
|
||
|
||
Jay Satiro (30 Aug 2023)
|
||
|
||
- multi: remove 'processing: <url>' debug message
|
||
|
||
- Remove debug message added by e024d566.
|
||
|
||
Closes https://github.com/curl/curl/pull/11759
|
||
|
||
- ftp: fix temp write of ipv6 address
|
||
|
||
- During the check to differentiate between a port and IPv6 address
|
||
without brackets, write the binary IPv6 address to an in6_addr.
|
||
|
||
Prior to this change the binary IPv6 address was erroneously written to
|
||
a sockaddr_in6 'sa6' when it should have been written to its in6_addr
|
||
member 'sin6_addr'. There's no fallout because no members of 'sa6' are
|
||
accessed before it is later overwritten.
|
||
|
||
Closes https://github.com/curl/curl/pull/11747
|
||
|
||
- tool: change some fopen failures from warnings to errors
|
||
|
||
- Error on missing input file for --data, --data-binary,
|
||
--data-urlencode, --header, --variable, --write-out.
|
||
|
||
Prior to this change if a user of the curl tool specified an input file
|
||
for one of the above options and that file could not be opened then it
|
||
would be treated as zero length data instead of an error. For example, a
|
||
POST using `--data @filenametypo` would cause a zero length POST which
|
||
is probably not what the user intended.
|
||
|
||
Closes https://github.com/curl/curl/pull/11677
|
||
|
||
- hostip: fix typo
|
||
|
||
Davide Masserut (29 Aug 2023)
|
||
|
||
- tool: avoid including leading spaces in the Location hyperlink
|
||
|
||
Co-authored-by: Dan Fandrich <dan@coneharvesters.com>
|
||
|
||
Closes #11735
|
||
|
||
Daniel Stenberg (29 Aug 2023)
|
||
|
||
- SECURITY-PROCESS.md: not a sec issue: Tricking user to run a cmdline
|
||
|
||
Closes #11757
|
||
|
||
- connect: stop halving the remaining timeout when less than 600 ms left
|
||
|
||
When curl wants to connect to a host, it always has a TIMEOUT. The
|
||
maximum time it is allowed to spend until a connect is confirmed.
|
||
|
||
curl will try to connect to each of the IP adresses returned for the
|
||
host. Two loops, one for each IP family.
|
||
|
||
During the connect loop, while curl has more than one IP address left to
|
||
try within a single address family, curl has traditionally allowed (time
|
||
left/2) for *this* connect attempt. This, to not get stuck on the
|
||
initial addresses in case the timeout but still allow later addresses to
|
||
get attempted.
|
||
|
||
This has the downside that when users set a very short timeout and the
|
||
host has a large number of IP addresses, the effective result might be
|
||
that every attempt gets a little too short time.
|
||
|
||
This change stop doing the divided-by-two if the total time left is
|
||
below a threshold. This threshold is 600 milliseconds.
|
||
|
||
Closes #11693
|
||
|
||
- asyn-ares: reduce timeout to 2000ms
|
||
|
||
When UDP packets get lost this makes for slightly faster retries. This
|
||
lower timeout is used by @c-ares itself by default starting next
|
||
release.
|
||
|
||
Closes #11753
|
||
|
||
John Bampton (29 Aug 2023)
|
||
|
||
- misc: remove duplicate words
|
||
|
||
Closes #11740
|
||
|
||
Daniel Stenberg (29 Aug 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- wolfSSL: avoid the OpenSSL compat API when not needed
|
||
|
||
... and instead call wolfSSL functions directly.
|
||
|
||
Closes #11752
|
||
|
||
Viktor Szakats (28 Aug 2023)
|
||
|
||
- lib: fix null ptr derefs and uninitialized vars (h2/h3)
|
||
|
||
Fixing compiler warnings with gcc 13.2.0 in unity builds.
|
||
|
||
Assisted-by: Jay Satiro
|
||
Assisted-by: Stefan Eissing
|
||
Closes #11739
|
||
|
||
Jay Satiro (28 Aug 2023)
|
||
|
||
- secureserver.pl: fix stunnel version parsing
|
||
|
||
- Allow the stunnel minor-version version part to be zero.
|
||
|
||
Prior to this change with the stunnel version scheme of <major>.<minor>
|
||
if either part was 0 then version parsing would fail, causing
|
||
secureserver.pl to fail with error "No stunnel", causing tests that use
|
||
the SSL protocol to be skipped. As a practical matter this bug can only
|
||
be caused by a minor-version part of 0, since the major-version part is
|
||
always greater than 0.
|
||
|
||
Closes https://github.com/curl/curl/pull/11722
|
||
|
||
- secureserver.pl: fix stunnel path quoting
|
||
|
||
- Store the stunnel path in the private variable $stunnel unquoted and
|
||
instead quote it in the command strings.
|
||
|
||
Prior to this change the quoted stunnel path was passed to perl's file
|
||
operators which cannot handle quoted paths. For example:
|
||
|
||
$stunnel = "\"/C/Program Files (x86)/stunnel/bin/tstunnel\"";
|
||
if(-x $stunnel or -x "$stunnel")
|
||
# false even if path exists and is executable
|
||
|
||
Our other test scripts written in perl, unlike this one, use servers.pm
|
||
which has a global $stunnel variable with the path stored unquoted and
|
||
therefore those scripts don't have this problem.
|
||
|
||
Closes https://github.com/curl/curl/pull/11721
|
||
|
||
Daniel Stenberg (28 Aug 2023)
|
||
|
||
- altsvc: accept and parse IPv6 addresses in response headers
|
||
|
||
Store numerical IPv6 addresses in the alt-svc file with the brackets
|
||
present.
|
||
|
||
Verify with test 437 and 438
|
||
|
||
Fixes #11737
|
||
Reported-by: oliverpool on github
|
||
Closes #11743
|
||
|
||
- libtest: use curl_free() to free libcurl allocated data
|
||
|
||
In several test programs. These mistakes are not detected or a problem
|
||
as long as memdebug.h is included, as that provides the debug wrappers
|
||
for all memory functions in the same style libcurl internals do it,
|
||
which makes curl_free and free effectively the same call.
|
||
|
||
Reported-by: Nicholas Nethercote
|
||
Closes #11746
|
||
|
||
Jay Satiro (28 Aug 2023)
|
||
|
||
- disable.d: explain --disable not implemented prior to 7.50.0
|
||
|
||
Option -q/--disable was added in 5.0 but only -q was actually
|
||
implemented. Later --disable was implemented in e200034 (precedes
|
||
7.49.0), but incorrectly, and fixed in 6dbc23c (precedes 7.50.0).
|
||
|
||
Reported-by: pszlazak@users.noreply.github.com
|
||
|
||
Fixes https://github.com/curl/curl/issues/11710
|
||
Closes #11712
|
||
|
||
Nicholas Nethercote (28 Aug 2023)
|
||
|
||
- hyper: fix ownership problems
|
||
|
||
Some of these changes come from comparing `Curl_http` and
|
||
`start_CONNECT`, which are similar, and adding things to them that are
|
||
present in one and missing in another.
|
||
|
||
The most important changes:
|
||
- In `start_CONNECT`, add a missing `hyper_clientconn_free` call on the
|
||
happy path.
|
||
- In `start_CONNECT`, add a missing `hyper_request_free` on the error
|
||
path.
|
||
- In `bodysend`, add a missing `hyper_body_free` on an early-exit path.
|
||
- In `bodysend`, remove an unnecessary `hyper_body_free` on a different
|
||
error path that would cause a double-free.
|
||
https://docs.rs/hyper/latest/hyper/ffi/fn.hyper_request_set_body.html
|
||
says of `hyper_request_set_body`: "This takes ownership of the
|
||
hyper_body *, you must not use it or free it after setting it on the
|
||
request." This is true even if `hyper_request_set_body` returns an
|
||
error; I confirmed this by looking at the hyper source code.
|
||
|
||
Other changes are minor but make things slightly nicer.
|
||
|
||
Closes #11745
|
||
|
||
Daniel Stenberg (28 Aug 2023)
|
||
|
||
- multi.h: the 'revents' field of curl_waitfd is supported
|
||
|
||
Since 6d30f8ebed34e7276
|
||
|
||
Reported-by: Nicolás Ojeda Bär
|
||
Ref: #11748
|
||
Closes #11749
|
||
|
||
Gerome Fournier (27 Aug 2023)
|
||
|
||
- tool_paramhlp: improve str2num(): avoid unnecessary call to strlen()
|
||
|
||
Closes #11742
|
||
|
||
Daniel Stenberg (27 Aug 2023)
|
||
|
||
- docs: mention critical files in same directories as curl saves
|
||
|
||
... cannot be fully protected. Don't do it.
|
||
|
||
Co-authored-by: Jay Satiro
|
||
Reported-by: Harry Sintonen
|
||
Fixes #11530
|
||
Closes #11701
|
||
|
||
John Hawthorn (26 Aug 2023)
|
||
|
||
- OpenSSL: clear error queue after SSL_shutdown
|
||
|
||
We've seen errors left in the OpenSSL error queue (specifically,
|
||
"shutdown while in init") by adding some logging it revealed that the
|
||
source was this file.
|
||
|
||
Since we call SSL_read and SSL_shutdown here, but don't check the return
|
||
code for an error, we should clear the OpenSSL error queue in case one
|
||
was raised.
|
||
|
||
This didn't affect curl because we call ERR_clear_error before every
|
||
write operation (a0dd9df9ab35528eb9eb669e741a5df4b1fb833c), but when
|
||
libcurl is used in a process with other OpenSSL users, they may detect
|
||
an OpenSSL error pushed by libcurl's SSL_shutdown as if it was their
|
||
own.
|
||
|
||
Co-authored-by: Satana de Sant'Ana <satana@skylittlesystem.org>
|
||
|
||
Closes #11736
|
||
|
||
Alexander Kanavin (25 Aug 2023)
|
||
|
||
- tests: update cookie expiry dates to far in the future
|
||
|
||
This allows testing Y2038 with system time set to after that, so that
|
||
actual Y2038 issues can be exposed, and not masked by expiry errors.
|
||
|
||
Fixes #11576
|
||
Closes #11610
|
||
|
||
John Bampton (25 Aug 2023)
|
||
|
||
- misc: fix spelling
|
||
|
||
Closes #11733
|
||
|
||
Daniel Stenberg (25 Aug 2023)
|
||
|
||
- cmdline-opts/page-header: clarify stronger that !opt == URL
|
||
|
||
Everything provided on the command line that is not an option (or an
|
||
argument to an option) is treated as a URL.
|
||
|
||
Closes #11734
|
||
|
||
- tests/runner: fix %else handling
|
||
|
||
Getting the show state proper for %else and %endif did not properly work
|
||
in nested cases.
|
||
|
||
Follow-up to 3d089c41ea9
|
||
|
||
Closes #11731
|
||
|
||
Nicholas Nethercote (25 Aug 2023)
|
||
|
||
- docs: Remove mention of #10803 from `KNOWN_BUGS`.
|
||
|
||
Because the leaks have been fixed.
|
||
|
||
- c-hyper: fix another memory leak in `Curl_http`.
|
||
|
||
There is a `hyper_clientconn_free` call on the happy path, but not one
|
||
on the error path. This commit adds one.
|
||
|
||
Fixes the second memory leak reported by Valgrind in #10803.
|
||
|
||
Fixes #10803
|
||
Closes #11729
|
||
|
||
- c-hyper: fix a memory leak in `Curl_http`.
|
||
|
||
A request created with `hyper_request_new` must be consumed by either
|
||
`hyper_clientconn_send` or `hyper_request_free`.
|
||
|
||
This is not terrifically clear from the hyper docs --
|
||
`hyper_request_free` is documented only with "Free an HTTP request if
|
||
not going to send it on a client" -- but a perusal of the hyper code
|
||
confirms it.
|
||
|
||
This commit adds a `hyper_request_free` to the `error:` path in
|
||
`Curl_http` so that the request is consumed when an error occurs after
|
||
the request is created but before it is sent.
|
||
|
||
Fixes the first memory leak reported by Valgrind in #10803.
|
||
|
||
Closes #11729
|
||
|
||
Daniel Stenberg (25 Aug 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
John Bampton (25 Aug 2023)
|
||
|
||
- misc: spellfixes
|
||
|
||
Closes #11730
|
||
|
||
Daniel Stenberg (25 Aug 2023)
|
||
|
||
- tests: add support for nested %if conditions
|
||
|
||
Provides more flexiblity to test cases.
|
||
|
||
Also warn and bail out if there is an '%else' or %endif' without a
|
||
preceeding '%if'.
|
||
|
||
Ref: #11610
|
||
Closes #11728
|
||
|
||
- time-cond.d: mention what happens on a missing file
|
||
|
||
Closes #11727
|
||
|
||
Christian Hesse (24 Aug 2023)
|
||
|
||
- docs/cmdline-opts: match the current output
|
||
|
||
The release date has been added in output, reflect that in documentation.
|
||
|
||
Closes #11723
|
||
|
||
Daniel Stenberg (24 Aug 2023)
|
||
|
||
- lib: minor comment corrections
|
||
|
||
- docs: rewrite to present tense
|
||
|
||
... instead of using future tense.
|
||
|
||
+ numerous cleanups and improvements
|
||
+ stick to "reuse" not "re-use"
|
||
+ fewer contractions
|
||
|
||
Closes #11713
|
||
|
||
- urlapi: setting a blank URL ("") is not an ok URL
|
||
|
||
Test it in 1560
|
||
Fixes #11714
|
||
Reported-by: ad0p on github
|
||
Closes #11715
|
||
|
||
- spelling: use 'reuse' not 're-use' in code and elsewhere
|
||
|
||
Unify the spelling as both versions were previously used intermittently
|
||
|
||
Closes #11717
|
||
|
||
Michael Osipov (23 Aug 2023)
|
||
|
||
- system.h: add CURL_OFF_T definitions on HP-UX with HP aCC
|
||
|
||
HP-UX on IA64 provides two modes: 32 and 64 bit while 32 bit being the
|
||
default one. Use "long long" in 32 bit mode and just "long" in 64 bit
|
||
mode.
|
||
|
||
Closes #11718
|
||
|
||
Dan Fandrich (22 Aug 2023)
|
||
|
||
- tests: don't call HTTP errors OK in test cases
|
||
|
||
Some HTTP errors codes were accompanied by the text OK, which causes
|
||
some cognitive dissonance when reading them.
|
||
|
||
- http: close the connection after a late 417 is received
|
||
|
||
In this situation, only part of the data has been sent before aborting
|
||
so the connection is no longer usable.
|
||
|
||
Assisted-by: Jay Satiro
|
||
Fixes #11678
|
||
Closes #11679
|
||
|
||
- runtests: slightly increase the longest log file displayed
|
||
|
||
The new limit provides enough space for a 64 KiB data block to be logged
|
||
in a trace file, plus a few lines at the start and end for context. This
|
||
happens to be the amount of data sent at a time in a PUT request.
|
||
|
||
- tests: add delay command to the HTTP server
|
||
|
||
This adds a delay after client connect.
|
||
|
||
Daniel Stenberg (22 Aug 2023)
|
||
|
||
- cirrus: install everthing with pkg, avoid pip
|
||
|
||
Assisted-by: Sevan Janiyan
|
||
|
||
Closes #11711
|
||
|
||
- curl_url*.3: update function descriptions
|
||
|
||
- expand and clarify several descriptions
|
||
- avoid using future tense all over
|
||
|
||
Closes #11708
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Stefan Eissing (21 Aug 2023)
|
||
|
||
- CI/cirrus: disable python install on FreeBSD
|
||
|
||
- python cryptography package does not build build FreeBSD
|
||
- install just mentions "error"
|
||
- this gets the build and the main test suite going again
|
||
|
||
Closes #11705
|
||
|
||
- test2600: fix flakiness on low cpu
|
||
|
||
- refs #11355 where failures to to low cpu resources in CI
|
||
are reported
|
||
- vastly extend CURLOPT_CONNECTTIMEOUT_MS and max durations
|
||
to test cases
|
||
- trigger Curl_expire() in test filter to allow re-checks before
|
||
the usual 1second interval
|
||
|
||
Closes #11690
|
||
|
||
Maksim Sciepanienka (20 Aug 2023)
|
||
|
||
- tool_urlglob: use the correct format specifier for curl_off_t in msnprintf
|
||
|
||
Closes #11698
|
||
|
||
Daniel Stenberg (20 Aug 2023)
|
||
|
||
- test687/688: two more basic --xattr tests
|
||
|
||
Closes #11697
|
||
|
||
- cmdline-opts/docs: mentioned the negative option part
|
||
|
||
... for --no-alpn and --no-buffer in the same style done for other --no-
|
||
options:
|
||
|
||
"Note that this is the negated option name documented."
|
||
|
||
Closes #11695
|
||
|
||
Emanuele Torre (19 Aug 2023)
|
||
|
||
- tool/var: also error when expansion result starts with NUL
|
||
|
||
Expansions whose output starts with NUL were being expanded to the empty
|
||
string, and not being recognised as values that contain a NUL byte, and
|
||
should error.
|
||
|
||
Closes #11694
|
||
|
||
Daniel Stenberg (19 Aug 2023)
|
||
|
||
- tests: add 'large-time' as a testable feature
|
||
|
||
This allows test cases to require this feature to run and to be used in
|
||
%if conditions.
|
||
|
||
Large here means larger than 32 bits. Ie does not suffer from y2038.
|
||
|
||
Closes #11696
|
||
|
||
- tests/Makefile: add check-translatable-options.pl to tarball
|
||
|
||
Used in test 1544
|
||
|
||
Follow-up to ae806395abc8c
|
||
|
||
- gen.pl: fix a long version generation mistake
|
||
|
||
Too excessive escaping made the parsing not find the correct long names
|
||
later and instead add "wrong" links.
|
||
|
||
Follow-up to 439ff2052e219
|
||
|
||
Reported-by: Lukas Tribus
|
||
Fixes #11688
|
||
Closes #11689
|
||
|
||
- lib: move mimepost data from ->req.p.http to ->state
|
||
|
||
When the legacy CURLOPT_HTTPPOST option is used, it gets converted into
|
||
the modem mimpost struct at first use. This data is (now) kept for the
|
||
entire transfer and not only per single HTTP request. This re-enables
|
||
rewind in the beginning of the second request instead of in end of the
|
||
first, as brought by 1b39731.
|
||
|
||
The request struct is per-request data only.
|
||
|
||
Extend test 650 to verify.
|
||
|
||
Fixes #11680
|
||
Reported-by: yushicheng7788 on github
|
||
Closes #11682
|
||
|
||
Patrick Monnerat (17 Aug 2023)
|
||
|
||
- os400: do not check translatable options at build time
|
||
|
||
Now that there is a test for this, the build time check is not needed
|
||
anymore.
|
||
|
||
Closes #11650
|
||
|
||
- test1554: check translatable string options in OS400 wrapper
|
||
|
||
This test runs a perl script that checks all string options are properly
|
||
translated by the OS400 character code conversion wrapper. It also
|
||
verifies these options are listed in alphanumeric order in the wrapper
|
||
switch statement.
|
||
|
||
Closes #11650
|
||
|
||
Daniel Stenberg (17 Aug 2023)
|
||
|
||
- unit3200: skip testing if function is not present
|
||
|
||
Fake a successful run since we have no easy mechanism to skip this test
|
||
for this advanced condition.
|
||
|
||
- unit2600: fix build warning if built without verbose messages
|
||
|
||
- test1608: make it build and get skipped without shuffle DNS support
|
||
|
||
- lib: --disable-bindlocal builds curl without local binding support
|
||
|
||
- test1304: build and skip without netrc support
|
||
|
||
- lib: build fixups when built with most things disabled
|
||
|
||
Closes #11687
|
||
|
||
- workflows/macos.yml: disable zstd and alt-svc in the http-only build
|
||
|
||
Closes #11683
|
||
|
||
Stefan Eissing (17 Aug 2023)
|
||
|
||
- bearssl: handshake fix, provide proper get_select_socks() implementation
|
||
|
||
- bring bearssl handshake times down from +200ms down to other TLS backends
|
||
- vtls: improve generic get_select_socks() implementation
|
||
- tests: provide Apache with a suitable ssl session cache
|
||
|
||
Closes #11675
|
||
|
||
- tests: TLS session sharing test
|
||
|
||
- test TLS session sharing with special test client
|
||
- expect failure with wolfSSL
|
||
- disable flaky wolfSSL test_02_07b
|
||
|
||
Closes #11675
|
||
|
||
Daniel Stenberg (17 Aug 2023)
|
||
|
||
- CURLOPT_*TIMEOUT*: extend and clarify
|
||
|
||
Closes #11686
|
||
|
||
- urlapi: return CURLUE_BAD_HOSTNAME if puny2idn encoding fails
|
||
|
||
And document it. Only return out of memory when it actually is a memory
|
||
problem.
|
||
|
||
Pointed-out-by: Jacob Mealey
|
||
Closes #11674
|
||
|
||
Mathew Benson (17 Aug 2023)
|
||
|
||
- cmake: add GnuTLS option
|
||
|
||
- Option to use GNUTLS was missing. Hence was not able to use GNUTLS
|
||
with ngtcp2 for http3.
|
||
|
||
Closes #11685
|
||
|
||
Daniel Stenberg (16 Aug 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- http: remove the p_pragma struct field
|
||
|
||
unused since 40e8b4e52 (2008)
|
||
|
||
Closes #11681
|
||
|
||
Jay Satiro (16 Aug 2023)
|
||
|
||
- CURLINFO_CERTINFO.3: better explain curl_certinfo struct
|
||
|
||
Closes https://github.com/curl/curl/pull/11666
|
||
|
||
- CURLINFO_TLS_SSL_PTR.3: clarify a recommendation
|
||
|
||
- Remove the out-of-date SSL backend list supported by
|
||
CURLOPT_SSL_CTX_FUNCTION.
|
||
|
||
It makes more sense to just refer to that document instead of having
|
||
a separate list that has to be kept in sync.
|
||
|
||
Closes https://github.com/curl/curl/pull/11665
|
||
|
||
- write-out.d: clarify %{time_starttransfer}
|
||
|
||
sync it up with CURLINFO_STARTTRANSFER_TIME_T
|
||
|
||
Daniel Stenberg (15 Aug 2023)
|
||
|
||
- transfer: don't set TIMER_STARTTRANSFER on first send
|
||
|
||
The time stamp is for measuring the first *received* byte
|
||
|
||
Fixes #11669
|
||
Reported-by: JazJas on github
|
||
Closes #11670
|
||
|
||
trrui-huawei (15 Aug 2023)
|
||
|
||
- quiche: enable quiche to handle timeout events
|
||
|
||
In parallel with ngtcp2, quiche also offers the `quiche_conn_on_timeout`
|
||
interface for the application to invoke upon timer
|
||
expiration. Therefore, invoking the `on_timeout` function of the
|
||
Connection is crucial to ensure seamless functionality of quiche with
|
||
timeout events.
|
||
|
||
Closes #11654
|
||
|
||
- quiche: adjust quiche `QUIC_IDLE_TIMEOUT` to 60s
|
||
|
||
Set the `QUIC_IDLE_TIMEOUT` parameter to match ngtcp2 for consistency.
|
||
|
||
Daniel Stenberg (15 Aug 2023)
|
||
|
||
- KNOWN_BUGS: LDAPS requests to ActiveDirectory server hang
|
||
|
||
Closes #9580
|
||
|
||
- imap: add a check for failing strdup()
|
||
|
||
- imap: remove the only sscanf() call in the IMAP code
|
||
|
||
Avoids the use of a stack buffer.
|
||
|
||
Closes #11673
|
||
|
||
- imap: use a dynbuf in imap_atom
|
||
|
||
Avoid a calculation + malloc. Build the output in a dynbuf.
|
||
|
||
Closes #11672
|
||
|
||
Marin Hannache (14 Aug 2023)
|
||
|
||
- http: do not require a user name when using CURLAUTH_NEGOTIATE
|
||
|
||
In order to get Negotiate (SPNEGO) authentication to work in HTTP you
|
||
used to be required to provide a (fake) user name (this concerned both
|
||
curl and the lib) because the code wrongly only considered
|
||
authentication if there was a user name provided, as in:
|
||
|
||
curl -u : --negotiate https://example.com/
|
||
|
||
This commit leverages the `struct auth` want member to figure out if the
|
||
user enabled CURLAUTH_NEGOTIATE, effectively removing the requirement of
|
||
setting a user name both in curl and the lib.
|
||
|
||
Signed-off-by: Marin Hannache <git@mareo.fr>
|
||
Reported-by: Enrico Scholz
|
||
Fixes https://sourceforge.net/p/curl/bugs/440/
|
||
Fixes #1161
|
||
Closes #9047
|
||
|
||
Viktor Szakats (13 Aug 2023)
|
||
|
||
- build: streamline non-UWP wincrypt detections
|
||
|
||
- with CMake, use the variable `WINDOWS_STORE` to detect an UWP build
|
||
and disable our non-UWP-compatible use the Windows crypto API. This
|
||
allows to drop two dynamic feature checks.
|
||
|
||
`WINDOWS_STORE` is true when invoking CMake with
|
||
`CMAKE_SYSTEM_NAME` == `WindowsStore`. Introduced in CMake v3.1.
|
||
|
||
Ref: https://cmake.org/cmake/help/latest/variable/WINDOWS_STORE.html
|
||
|
||
- with autotools, drop the separate feature check for `wincrypt.h`. On
|
||
one hand this header has been present for long (even Borland C 5.5 had
|
||
it from year 2000), on the other we used the check result solely to
|
||
enable another check for certain crypto functions. This fails anyway
|
||
with the header not present. We save one dynamic feature check at the
|
||
configure stage.
|
||
|
||
Reviewed-by: Marcel Raad
|
||
Closes #11657
|
||
|
||
Nicholas Nethercote (13 Aug 2023)
|
||
|
||
- docs/HYPER.md: update hyper build instructions
|
||
|
||
Nightly Rust and `-Z unstable-options` are not needed.
|
||
|
||
The instructions here now match the hyper docs exactly:
|
||
https://github.com/hyperium/hyper/commit/bd7928f3dd6a8461f0f0fdf7ee0fd95c2f15
|
||
6f88
|
||
|
||
Closes #11662
|
||
|
||
Daniel Stenberg (13 Aug 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- urlapi: CURLU_PUNY2IDN - convert from punycode to IDN name
|
||
|
||
Asssisted-by: Jay Satiro
|
||
Closes #11655
|
||
|
||
- spellcheck: adapt to backslashed minuses
|
||
|
||
As the curl.1 has more backslashed minus, the cleanup sed lines xneed to
|
||
adapt.
|
||
|
||
Adjusted some docs slighly.
|
||
|
||
Follow-up to 439ff2052e
|
||
|
||
Closes #11663
|
||
|
||
- gen: escape more minus
|
||
|
||
Detected since it was still hard to search for option names using dashes
|
||
in the middle in the man page.
|
||
|
||
Closes #11660
|
||
|
||
- cookie-jar.d: enphasize that this option is ONLY writing cookies
|
||
|
||
Reported-by: Dan Jacobson
|
||
Tweaked-by: Jay Satiro
|
||
Ref: #11642
|
||
Closes #11661
|
||
|
||
Nicholas Nethercote (11 Aug 2023)
|
||
|
||
- docs/HYPER.md: document a workaround for a link error
|
||
|
||
Closes #11653
|
||
|
||
Jay Satiro (11 Aug 2023)
|
||
|
||
- schannel: verify hostname independent of verify cert
|
||
|
||
Prior to this change when CURLOPT_SSL_VERIFYPEER (verifypeer) was off
|
||
and CURLOPT_SSL_VERIFYHOST (verifyhost) was on we did not verify the
|
||
hostname in schannel code.
|
||
|
||
This fixes KNOWN_BUG 2.8 "Schannel disable CURLOPT_SSL_VERIFYPEER and
|
||
verify hostname". We discussed a fix several years ago in #3285 but it
|
||
went stale.
|
||
|
||
Assisted-by: Daniel Stenberg
|
||
|
||
Bug: https://curl.haxx.se/mail/lib-2018-10/0113.html
|
||
Reported-by: Martin Galvan
|
||
|
||
Ref: https://github.com/curl/curl/pull/3285
|
||
|
||
Fixes https://github.com/curl/curl/issues/3284
|
||
Closes https://github.com/curl/curl/pull/10056
|
||
|
||
Daniel Stenberg (11 Aug 2023)
|
||
|
||
- curl_quiche: remove superfluous NULL check
|
||
|
||
'stream' is always non-NULL at this point
|
||
|
||
Pointed out by Coverity
|
||
|
||
Closes #11656
|
||
|
||
- curl/urlapi.h: tiny typo
|
||
|
||
- github/labeler: make HYPER.md set Hyper and not TLS
|
||
|
||
- docs/cmdline-opts/gen.pl: hide "added in" before 7.50.0
|
||
|
||
7.50.0 shipped on Jul 21 2016, over seven years ago. We no longer need
|
||
to specify version changes for earlier releases in the generated output.
|
||
|
||
This ups the limit from the previous 7.30.0 (Apr 12 2013)
|
||
|
||
This hides roughly 35 "added in" mentions.
|
||
|
||
Closes #11651
|
||
|
||
Jay Satiro (10 Aug 2023)
|
||
|
||
- bug_report: require reporters to specify curl and os versions
|
||
|
||
- Change curl version and os sections from single-line input to
|
||
multi-line textarea.
|
||
|
||
- Require curl version and os sections to be filled out before report
|
||
can be submitted.
|
||
|
||
Closes https://github.com/curl/curl/pull/11636
|
||
|
||
Daniel Stenberg (9 Aug 2023)
|
||
|
||
- gen.pl: replace all single quotes with aq
|
||
|
||
- this prevents man from using a unicode sequence for them
|
||
- which then allows search to work properly
|
||
|
||
Closes #11645
|
||
|
||
Viktor Szakats (9 Aug 2023)
|
||
|
||
- cmake: fix to use variable for the curl namespace
|
||
|
||
Replace (wrong) literal with a variable to specify the curl
|
||
namespace.
|
||
|
||
Follow-up to 1199308dbc902c52be67fc805c72dd2582520d30 #11505
|
||
|
||
Reported-by: balikalina on Github
|
||
Fixes https://github.com/curl/curl/commit/1199308dbc902c52be67fc805c72dd25825
|
||
20d30#r123923098
|
||
Closes #11629
|
||
|
||
- cmake: allow `SHARE_LIB_OBJECT=ON` on all platforms
|
||
|
||
2ebc74c36a19a1700af394c16855ce144d9878e3 #11546 introduced sharing
|
||
libcurl objects for shared and static targets.
|
||
|
||
The above automatically enabled for Windows builds, with an option to
|
||
disable with `SHARE_LIB_OBJECT=OFF`.
|
||
|
||
This patch extend this feature to all platforms as a manual option.
|
||
You can enable it by setting `SHARE_LIB_OBJECT=ON`. Then shared objects
|
||
are built in PIC mode, meaning the static lib will also have PIC code.
|
||
|
||
[EXPERIMENTAL]
|
||
|
||
Closes #11627
|
||
|
||
- cmake: assume `wldap32` availability on Windows
|
||
|
||
This system library first shipped with Windows ME, available as an extra
|
||
install for some older releases (according to [1]). The import library
|
||
was present already in old MinGW 3.4.2 (year 2007).
|
||
|
||
Drop the feature check and its associated `HAVE_WLDAP32` variable.
|
||
|
||
To manually disable `wldap32`, you can use the `USE_WIN32_LDAP=OFF`
|
||
CMake option, like before.
|
||
|
||
[1]: https://dlcdn.apache.org/httpd/binaries/win32/LEGACY.html
|
||
|
||
Reviewed-by: Jay Satiro
|
||
Closes #11624
|
||
|
||
Daniel Stenberg (9 Aug 2023)
|
||
|
||
- page-header: move up a URL paragraph from GLOBBING to URL
|
||
|
||
- variable.d: output the function names table style
|
||
|
||
Also correct the url function name in the header
|
||
|
||
Closes #11641
|
||
|
||
- haproxy-clientip.d: remove backticks
|
||
|
||
This is not markdown
|
||
|
||
Follow-up to 0a75964d0d94a4
|
||
|
||
Closes #11639
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- gen.pl: escape all dashes (ascii minus) to avoid unicode hyphens
|
||
|
||
Reported-by: FC Stegerman
|
||
Fixes #11635
|
||
Closes #11637
|
||
|
||
- cmdline-opts/page-header: reorder, clean up
|
||
|
||
- removed some unnecessary blurb to focus
|
||
- moved up the more important URL details
|
||
- put "globbing" into its own subtitle and moved down a little
|
||
- mention the online man page in the version section
|
||
|
||
Closes #11638
|
||
|
||
- c-hyper: adjust the hyper to curlcode conversion
|
||
|
||
Closes #11621
|
||
|
||
- test2306: make it use a persistent connection
|
||
|
||
+ enable verbose already from the start
|
||
|
||
Closes #11621
|
||
|
||
eppesuig (8 Aug 2023)
|
||
|
||
- list-only.d: mention SFTP as supported protocol
|
||
|
||
Closes #11628
|
||
|
||
Daniel Stenberg (8 Aug 2023)
|
||
|
||
- request.d: use .TP for protocol "labels"
|
||
|
||
To render the section nicer in man page.
|
||
|
||
Closes #11630
|
||
|
||
- cf-haproxy: make CURLOPT_HAPROXY_CLIENT_IP set the *source* IP
|
||
|
||
... as documented.
|
||
|
||
Update test 3201 and 3202 accordingly.
|
||
|
||
Reported-by: Markus Sommer
|
||
Fixes #11619
|
||
Closes #11626
|
||
|
||
- page-footer: QLOGDIR works with ngtcp2 and quiche
|
||
|
||
It previously said "both" backends which is confusing as we currently
|
||
have three...
|
||
|
||
Closes #11631
|
||
|
||
Stefan Eissing (8 Aug 2023)
|
||
|
||
- http3: quiche, handshake optimization, trace cleanup
|
||
|
||
- load x509 store after clienthello
|
||
- cleanup of tracing
|
||
|
||
Closes #11618
|
||
|
||
Daniel Stenberg (8 Aug 2023)
|
||
|
||
- ngtcp2: remove dead code
|
||
|
||
'result' is always zero (CURLE_OK) at this point
|
||
|
||
Detected by Coverity
|
||
|
||
Closes #11622
|
||
|
||
Viktor Szakats (8 Aug 2023)
|
||
|
||
- openssl: auto-detect `SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED`
|
||
|
||
OpenSSL 1.1.1 defines this macro, but no ealier version, or any of the
|
||
popular forks (yet). Use the macro itself to detect its presence,
|
||
replacing the hard-wired fork-specific conditions.
|
||
|
||
This way the feature will enable automatically when forks implement it,
|
||
while also shorter and possibly requiring less future maintenance.
|
||
|
||
Follow-up to 94241a9e78397a2aaf89a213e6ada61e7de7ee02 #6721
|
||
|
||
Reviewed-by: Jay Satiro
|
||
Closes #11617
|
||
|
||
- openssl: use `SSL_CTX_set_ciphersuites` with LibreSSL 3.4.1
|
||
|
||
LibreSSL 3.4.1 (2021-10-14) added support for
|
||
`SSL_CTX_set_ciphersuites`.
|
||
|
||
Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.1-relnotes.txt
|
||
|
||
Reviewed-by: Jay Satiro
|
||
Closes #11616
|
||
|
||
- openssl: use `SSL_CTX_set_keylog_callback` with LibreSSL 3.5.0
|
||
|
||
LibreSSL 3.5.0 (2022-02-24) added support for
|
||
`SSL_CTX_set_keylog_callback`.
|
||
|
||
Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.0-relnotes.txt
|
||
|
||
Reviewed-by: Jay Satiro
|
||
Closes #11615
|
||
|
||
- cmake: drop `HAVE_LIBWINMM` and `HAVE_LIBWS2_32` feature checks
|
||
|
||
- `HAVE_LIBWINMM` was detected but unused. The `winmm` system library is
|
||
also not used by curl, but it is by its optional dependency `librtmp`.
|
||
Change the logic to always add `winmm` when `USE_LIBRTMP` is set. This
|
||
library has been available since the early days of Windows.
|
||
|
||
- `HAVE_LIBWS2_32` detected `ws2_32` lib on Windows. This lib is present
|
||
since Windows 95 OSR2 (AFAIR). Winsock1 already wasn't supported and
|
||
other existing logic already assumed this lib being present, so delete
|
||
the check and replace the detection variable with `WIN32` and always
|
||
add `ws2_32` on Windows.
|
||
|
||
Closes #11612
|
||
|
||
Daniel Gustafsson (8 Aug 2023)
|
||
|
||
- crypto: ensure crypto initialization works
|
||
|
||
Make sure that context initialization during hash setup works to avoid
|
||
going forward with the risk of a null pointer dereference.
|
||
|
||
Reported-by: Philippe Antoine on HackerOne
|
||
Assisted-by: Jay Satiro
|
||
Assisted-by: Daniel Stenberg
|
||
|
||
Closes #11614
|
||
|
||
Viktor Szakats (7 Aug 2023)
|
||
|
||
- openssl: switch to modern init for LibreSSL 2.7.0+
|
||
|
||
LibreSSL 2.7.0 (2018-03-21) introduced automatic initialization,
|
||
`OPENSSL_init_ssl()` function and deprecated the old, manual init
|
||
method, as seen in OpenSSL 1.1.0. Switch to the modern method when
|
||
available.
|
||
|
||
Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.7.0-relnotes.txt
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #11611
|
||
|
||
Daniel Stenberg (7 Aug 2023)
|
||
|
||
- gskit: remove
|
||
|
||
We remove support for building curl with gskit.
|
||
|
||
- This is a niche TLS library, only running on some IBM systems
|
||
- no regular curl contributors use this backend
|
||
- no CI builds use or verify this backend
|
||
- gskit, or the curl adaption for it, lacks many modern TLS features
|
||
making it an inferior solution
|
||
- build breakages in this code take weeks or more to get detected
|
||
- fixing gskit code is mostly done "flying blind"
|
||
|
||
This removal has been advertized in DEPRECATED in Jan 2, 2023 and it has
|
||
been mentioned on the curl-library mailing list.
|
||
|
||
It could be brought back, this is not a ban. Given proper effort and
|
||
will, gskit support is welcome back into the curl TLS backend family.
|
||
|
||
Closes #11460
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Dan Fandrich (7 Aug 2023)
|
||
|
||
- THANKS-filter: add a name typo
|
||
|
||
Stefan Eissing (7 Aug 2023)
|
||
|
||
- http3/ngtcp2: shorten handshake, trace cleanup
|
||
|
||
- shorten handshake timing by delayed x509 store load (OpenSSL)
|
||
as we do for HTTP/2
|
||
- cleanup of trace output, align with HTTP/2 output
|
||
|
||
Closes #11609
|
||
|
||
Daniel Stenberg (7 Aug 2023)
|
||
|
||
- headers: accept leading whitespaces on first response header
|
||
|
||
This is a bad header fold but since the popular browsers accept this
|
||
violation, so does curl now. Unless built with hyper.
|
||
|
||
Add test 1473 to verify and adjust test 2306.
|
||
|
||
Reported-by: junsik on github
|
||
Fixes #11605
|
||
Closes #11607
|
||
|
||
- include/curl/mprintf.h: add __attribute__ for the prototypes
|
||
|
||
- if gcc or clang is used
|
||
- if __STDC_VERSION__ >= 199901L, which means greater than C90
|
||
- if not using mingw
|
||
- if CURL_NO_FMT_CHECKS is not defined
|
||
|
||
Closes #11589
|
||
|
||
- tests: fix bad printf format flags in test code
|
||
|
||
- tests: fix header scan tools for attribute edits in mprintf.h
|
||
|
||
- cf-socket: log successful interface bind
|
||
|
||
When the setsockopt SO_BINDTODEVICE operation succeeds, output that in
|
||
the verbose output.
|
||
|
||
Ref: #11599
|
||
Closes #11608
|
||
|
||
- CURLOPT_SSL_VERIFYPEER.3: mention it does not load CA certs when disabled
|
||
|
||
Ref: #11457
|
||
Closes #11606
|
||
|
||
- CURLOPT_SSL_VERIFYPEER.3: add two more see also options
|
||
|
||
CURLINFO_CAINFO and CURLINFO_CAPATH
|
||
|
||
Closes #11603
|
||
|
||
- KNOWN_BUGS: aws-sigv4 does not behave well with AWS VPC Lattice
|
||
|
||
Closes #11007
|
||
|
||
Graham Campbell (6 Aug 2023)
|
||
|
||
- CI: use openssl 3.0.10+quic, nghttp3 0.14.0, ngtcp2 0.18.0
|
||
|
||
Closes #11585
|
||
|
||
Daniel Stenberg (6 Aug 2023)
|
||
|
||
- TODO: add *5* entries for aws-sigv4
|
||
|
||
Closes #7559
|
||
Closes #8107
|
||
Closes #8810
|
||
Closes #9717
|
||
Closes #10129
|
||
|
||
- TODO: LDAP Certificate-Based Authentication
|
||
|
||
Closes #9641
|
||
|
||
Stefan Eissing (6 Aug 2023)
|
||
|
||
- http2: cleanup trace messages
|
||
|
||
- more compact format with bracketed stream id
|
||
- all frames traced in and out
|
||
|
||
Closes #11592
|
||
|
||
Daniel Stenberg (6 Aug 2023)
|
||
|
||
- tests/tftpd+mqttd: make variables static to silence picky warnings
|
||
|
||
Closes #11594
|
||
|
||
- docs/cmdline: remove repeated working for negotiate + ntlm
|
||
|
||
The extra wording is added automatically by the gen.pl tool
|
||
|
||
Closes #11597
|
||
|
||
- docs/cmdline: add small "warning" to verbose options
|
||
|
||
"Note that verbose output of curl activities and network traffic might
|
||
contain sensitive data, including user names, credentials or secret data
|
||
content. Be aware and be careful when sharing trace logs with others."
|
||
|
||
Closes #11596
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- pingpong: don't use *bump_headersize
|
||
|
||
We use that for HTTP(S) only.
|
||
|
||
Follow-up to 3ee79c1674fd6
|
||
|
||
Closes #11590
|
||
|
||
- urldata: remove spurious parenthesis to unbreak no-proxy build
|
||
|
||
Follow-up to e12b39e13382
|
||
|
||
Closes #11591
|
||
|
||
- easy: don't call Curl_trc_opt() in disabled-verbose builds
|
||
|
||
Follow-up to e12b39e133822c6a0
|
||
|
||
Closes #11588
|
||
|
||
- http: use %u for printfing int
|
||
|
||
Follow-up to 3ee79c1674fd6f99e8efca5
|
||
|
||
Closes #11587
|
||
|
||
Goro FUJI (3 Aug 2023)
|
||
|
||
- vquic: show stringified messages for errno
|
||
|
||
Closes #11584
|
||
|
||
Stefan Eissing (3 Aug 2023)
|
||
|
||
- trace: make tracing available in non-debug builds
|
||
|
||
Add --trace-config to curl
|
||
|
||
Add curl_global_trace() to libcurl
|
||
|
||
Closes #11421
|
||
|
||
Daniel Stenberg (3 Aug 2023)
|
||
|
||
- TODO: remove "Support intermediate & root pinning for PINNEDPUBLICKEY"
|
||
|
||
See also https://github.com/curl/curl/pull/7507
|
||
|
||
- TODO: add "WebSocket read callback"
|
||
|
||
remove "Upgrade to websockets" as we already have this
|
||
|
||
Closes #11402
|
||
|
||
- test497: verify rejecting too large incoming headers
|
||
|
||
- http: return error when receiving too large header set
|
||
|
||
To avoid abuse. The limit is set to 300 KB for the accumulated size of
|
||
all received HTTP headers for a single response. Incomplete research
|
||
suggests that Chrome uses a 256-300 KB limit, while Firefox allows up to
|
||
1MB.
|
||
|
||
Closes #11582
|
||
|
||
Stefan Eissing (3 Aug 2023)
|
||
|
||
- http2: upgrade tests and add fix for non-existing stream
|
||
|
||
- check in h2 filter recv that stream actually exists
|
||
and return error if not
|
||
- add test for parallel, extreme h2 upgrades that fail if
|
||
connections get reused before fully switched
|
||
- add h2 upgrade upload test just for completeness
|
||
|
||
Closes #11563
|
||
|
||
Viktor Szakats (3 Aug 2023)
|
||
|
||
- tests: ensure `libcurl.def` contains all exports
|
||
|
||
Add `test1279` to verify that `libcurl.def` lists all exported API
|
||
functions found in libcurl headers.
|
||
|
||
Also:
|
||
|
||
- extend test suite XML `stdout` tag with the `loadfile` attribute.
|
||
|
||
- fix `tests/extern-scan.pl` and `test1135` to include websocket API.
|
||
|
||
- use all headers (sorted) in `test1135` instead of a manual list.
|
||
|
||
- add options `--sort`, `--heading=` to `tests/extern-scan.pl`.
|
||
|
||
- add `libcurl.def` to the auto-labeler GHA task.
|
||
|
||
Follow-up to 2ebc74c36a19a1700af394c16855ce144d9878e3
|
||
|
||
Closes #11570
|
||
|
||
Daniel Stenberg (2 Aug 2023)
|
||
|
||
- url: change default value for CURLOPT_MAXREDIRS to 30
|
||
|
||
It was previously unlimited by default, but that's not a sensible
|
||
default. While changing this has a remote risk of breaking an existing
|
||
use case, I figure it is more likely to actually save users from loops.
|
||
|
||
Closes #11581
|
||
|
||
- lib: fix a few *printf() flag mistakes
|
||
|
||
Reported-by: Gisle Vanem
|
||
Ref: #11574
|
||
Closes #11579
|
||
|
||
Samuel Chiang (2 Aug 2023)
|
||
|
||
- openssl: make aws-lc version support OCSP
|
||
|
||
And bump version in CI
|
||
|
||
Closes #11568
|
||
|
||
Daniel Stenberg (2 Aug 2023)
|
||
|
||
- tool: make the length argument an int for printf()-.* flags
|
||
|
||
Closes #11578
|
||
|
||
- tool_operate: fix memory leak when SSL_CERT_DIR is used
|
||
|
||
Detected by Coverity
|
||
|
||
Follow-up to 29bce9857a12b6cfa726a5
|
||
|
||
Closes #11577
|
||
|
||
- tool/var: free memory on OOM
|
||
|
||
Coverity detected this memory leak in OOM situation
|
||
|
||
Follow-up to 2e160c9c652504e
|
||
|
||
Closes #11575
|
||
|
||
Viktor Szakats (2 Aug 2023)
|
||
|
||
- gha: bump libressl and mbedtls versions
|
||
|
||
Closes #11573
|
||
|
||
Jay Satiro (2 Aug 2023)
|
||
|
||
- schannel: fix user-set legacy algorithms in Windows 10 & 11
|
||
|
||
- If the user set a legacy algorithm list (CURLOPT_SSL_CIPHER_LIST) then
|
||
use the SCHANNEL_CRED legacy structure to pass the list to Schannel.
|
||
|
||
- If the user set both a legacy algorithm list and a TLS 1.3 cipher list
|
||
then abort.
|
||
|
||
Although MS doesn't document it, Schannel will not negotiate TLS 1.3
|
||
when SCHANNEL_CRED is used. That means setting a legacy algorithm list
|
||
limits the user to earlier versions of TLS.
|
||
|
||
Prior to this change, since 8beff435 (precedes 7.85.0), libcurl would
|
||
ignore legacy algorithms in Windows 10 1809 and later.
|
||
|
||
Reported-by: zhihaoy@users.noreply.github.com
|
||
|
||
Fixes https://github.com/curl/curl/pull/10741
|
||
Closes https://github.com/curl/curl/pull/10746
|
||
|
||
Daniel Stenberg (2 Aug 2023)
|
||
|
||
- variable.d: setting a variable again overwrites it
|
||
|
||
Reported-by: Niall McGee
|
||
Bug: https://twitter.com/niallmcgee/status/1686523075423322113
|
||
Closes #11571
|
||
|
||
Jay Satiro (2 Aug 2023)
|
||
|
||
- CURLOPT_PROXY_SSL_OPTIONS.3: sync formatting
|
||
|
||
- Re-wrap CURLSSLOPT_ALLOW_BEAST description.
|
||
|
||
Daniel Stenberg (2 Aug 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- resolve: use PF_INET6 family lookups when CURL_IPRESOLVE_V6 is set
|
||
|
||
Previously it would always do PF_UNSPEC if CURL_IPRESOLVE_V4 is not
|
||
used, thus unnecessarily asking for addresses that will not be used.
|
||
|
||
Reported-by: Joseph Tharayil
|
||
Fixes #11564
|
||
Closes #11565
|
||
|
||
- docs: link to the website versions instead of markdowns
|
||
|
||
... to make the links work when the markdown is converted to webpages on
|
||
https://curl.se
|
||
|
||
Reported-by: Maurício Meneghini Fauth
|
||
Fixes https://github.com/curl/curl-www/issues/272
|
||
Closes #11569
|
||
|
||
Viktor Szakats (1 Aug 2023)
|
||
|
||
- cmake: cache more config and delete unused ones
|
||
|
||
- cache more Windows config results for faster initialization.
|
||
|
||
- delete unused config macros `HAVE_SYS_UTSNAME_H`, `HAVE_SSL_H`.
|
||
|
||
- delete dead references to `sys/utsname.h`.
|
||
|
||
Closes #11551
|
||
|
||
- egd: delete feature detection and related source code
|
||
|
||
EGD is Entropy Gathering Daemon, a socket-based entropy source supported
|
||
by pre-OpenSSL v1.1 versions and now deprecated. curl also deprecated it
|
||
a while ago.
|
||
|
||
Its detection in CMake was broken all along because OpenSSL libs were
|
||
not linked at the point of feature check.
|
||
|
||
Delete detection from both cmake and autotools, along with the related
|
||
source snippet, and the `--with-egd-socket=` `./configure` option.
|
||
|
||
Closes #11556
|
||
|
||
Stefan Eissing (1 Aug 2023)
|
||
|
||
- tests: fix h3 server check and parallel instances
|
||
|
||
- fix check for availability of nghttpx server
|
||
- add `tcp` frontend config for same port as quic, as
|
||
without this, port 3000 is bound which clashes for parallel
|
||
testing
|
||
|
||
Closes #11553
|
||
|
||
Daniel Stenberg (1 Aug 2023)
|
||
|
||
- docs/cmdline-opts: spellfixes, typos and polish
|
||
|
||
To make them accepted by the spell checker
|
||
|
||
Closes #11562
|
||
|
||
- CI/spellcheck: build curl.1 and spellcheck it
|
||
|
||
Added acceptable words
|
||
|
||
Closes #11562
|
||
|
||
Alexander Jaeger (1 Aug 2023)
|
||
|
||
- misc: fix various typos
|
||
|
||
Closes #11561
|
||
|
||
Daniel Stenberg (1 Aug 2023)
|
||
|
||
- http2: avoid too early connection re-use/multiplexing
|
||
|
||
HTTP/1 connections that are upgraded to HTTP/2 should not be picked up
|
||
for reuse and multiplexing by other handles until the 101 switching
|
||
process is completed.
|
||
|
||
Lots-of-debgging-by: Stefan Eissing
|
||
Reported-by: Richard W.M. Jones
|
||
Bug: https://curl.se/mail/lib-2023-07/0045.html
|
||
Closes #11557
|
||
|
||
- Revert "KNOWN_BUGS: build for iOS simulator on macOS 13.2 with Xcode 14"
|
||
|
||
This reverts commit 2e8a3d7cb73c85a9aa151e263315f8a496dbb9d4.
|
||
|
||
It's a user error for supplying incomplete information to the build system.
|
||
|
||
Reported-by: Ryan Schmidt
|
||
Ref: https://github.com/curl/curl/issues/11215#issuecomment-1658729367
|
||
|
||
Viktor Szakats (1 Aug 2023)
|
||
|
||
- cmake: add support for single libcurl compilation pass
|
||
|
||
Before this patch CMake builds used two separate compilation passes to
|
||
build the shared and static libcurl respectively. This patch allows to
|
||
reduce that to a single pass if the target platform and build settings
|
||
allow it.
|
||
|
||
This reduces CMake build times when building both static and shared
|
||
libcurl at the same time, making these dual builds an almost zero-cost
|
||
option.
|
||
|
||
Enable this feature for Windows builds, where the difference between the
|
||
two passes was the use of `__declspec(dllexport)` attribute for exported
|
||
API functions for the shared builds. This patch replaces this method
|
||
with the use of `libcurl.def` at DLL link time.
|
||
|
||
Also update `Makefile.mk` to use `libcurl.def` to export libcurl API
|
||
symbols on Windows. This simplifies (or fixes) this build method (e.g.
|
||
in curl-for-win, which generated a `libcurl.def` from `.h` files using
|
||
an elaborate set of transformations).
|
||
|
||
`libcurl.def` has the maintenance cost of keeping the list of public
|
||
libcurl API symbols up-to-date. This list seldom changes, so the cost
|
||
is low.
|
||
|
||
Closes #11546
|
||
|
||
- cmake: detect `SSL_set0_wbio` in OpenSSL
|
||
|
||
Present in OpenSSL 1.1.0 and BoringSSL.
|
||
Missing from LibreSSL 3.8.0.
|
||
|
||
Follow-up to f39472ea9f4f4e12cfbc0500c4580a8d52ce4a59
|
||
|
||
While here, also fix `RAND_egd()` detection which was broken, likely all
|
||
along. This feature is probably broken with CMake builds and also
|
||
requires a sufficiently obsolete OpenSSL version, so this part of the
|
||
update was not tested.
|
||
|
||
Closes #11555
|